URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: book-of-spells.com
Domain registrar:Namecheap -
Domain registration date:2019-05-22 17:27:19 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2023-05-16 11:25:33 UTC
Total malware sites :3
Online malware sites :0 (0%)
Offline Malware sites :3 (100%)
A record(s) observed :8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-08-17 00:34:00 185.172.149.132Not listedAS44239 PROINITY- NLyes
2025-08-15 20:49:47 185.172.149.128Not listedAS44239 PROINITY- NLno
2025-08-12 08:18:49 104.21.70.39Not listedAS13335 CLOUDFLARENETn/ano
2025-08-12 08:18:49 172.67.219.112Not listedAS13335 CLOUDFLARENETn/ano
2025-05-23 10:07:38 199.59.243.228Not listedAS16509 AMAZON-02- USno
2023-05-16 11:25:41 185.61.152.39business26-1.web-hosting.comNot listedAS22612 NAMECHEAP-NET- GBno
2025-08-11 09:51:19 52.44.244.98ec2-52-44-244-98.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USno
2025-08-11 09:51:19 54.165.131.183ec2-54-165-131-183.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-05-18 15:37:10https://book-of-spells.com/euat/?1OfflineBB28 geofenced js Qakbot ext USA Cryptolaemus1
2023-05-17 13:06:58https://book-of-spells.com/mssp/?1OfflineBB28 geofenced js Qakbot ext Quakbot ext USA Cryptolaemus1
2023-05-16 11:25:41https://book-of-spells.com/eumc/?1OfflineBB28 geofenced js Qakbot ext Quakbot ext USA Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-05-20 12:07:17d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37ajs  
2023-05-20 09:39:21d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182ejs  
2023-05-20 00:01:316016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59djs  
2023-05-19 13:25:561a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eejs  
2023-05-19 00:38:061cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcjs 
2023-05-18 21:31:4676443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8js  
2023-05-18 20:57:02d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fjs  
2023-05-18 19:31:16d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fjs  
2023-05-18 18:21:15c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021ajs  
2023-05-18 18:16:11d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37ajs  
2023-05-18 16:49:28d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182ejs  
2023-05-18 15:37:1051ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4js 
2023-05-18 14:21:07ce77f8be19286593340f338e5e2ce6bcb6737053cf600ba09676d32f607ae3aejs  
2023-05-18 13:11:15b64790ef2bb214bf0fea83cb0aff305cd66dd38f065ab3cc62b9ddf5d3570eecjs Quakbot
2023-05-18 10:56:56649828b67fb96d9addc5f4c9518dfd03c7eaef5dfe3afd081708297f2d160360js Quakbot
2023-05-18 10:29:13654d79d5b714216fcec5efd06082250b58afb76155c0be229ba139acd68d0797js  
2023-05-18 08:35:30de40c651da56945e6aa4f1adecf9ca842f4b2c630f3e1ad45c2c02952d4578c7js Quakbot
2023-05-18 07:22:54b5e43b4ccd0107bcf4e8ce081135f2adb345ba3df9a4df5637d3cd9e08b43ba8js Quakbot
2023-05-18 06:15:42d772a62298f946a1a964db9c0e6aa23473d6590e013fb3056502ad74b75a046fjs Quakbot
2023-05-18 03:51:29f517f6e7dd7c0f029a72fe25803ac2d5c54c7abcc8e576fbf95cbe6a87759540js Quakbot
2023-05-18 02:06:1780f6fd82b28ccaacb151e0447865a17ab4711eefd8ab38eb96bff981a7077a9ejs  
2023-05-18 00:49:251c8c07d6d5454652a85d1673775e071cb4068ca92c83d2e45e4cf830d85e56b7js Quakbot
2023-05-17 21:29:1932710b418e9ddc449d0548590b62ac23975ad6efba53cc55cb1551326e182cb9js Quakbot
2023-05-17 21:12:318f360ef4554f315b708ec9a47229a77553d9764d491faaae0340e0e552551077js  
2023-05-17 19:57:467f5bfd748f09cddad1977aabe48a77b4aa3281b4bc9ac685ca0e53226b92c107js Quakbot
2023-05-17 18:16:21ba4eb74cda0088a1269ede2dd12d974109f7b392ff522322070233d302cb3d01js Quakbot
2023-05-17 17:25:37569b94ae6e9101918add0cbef52c7d0516b8faf8e79f3273d7d102982c544c18js Quakbot
2023-05-17 15:13:243d234411a958948cb4805e18eb29cd95fbd93086ffda9ed636c6d322523b5e80js Quakbot
2023-05-17 13:06:587de33bd597e2308019574ea948f706768bf2fbb89ea7392395d6cfd89909369djs Quakbot
2023-05-17 11:56:3707d1842292aa2619ebfbb551eff5580fb24f945283f3de4298dc06f9493b6b20js  
2023-05-17 11:05:30090a55e29be295f623c125ac567236b4d6e112a890fe2b0f43593d8ed78d3daejs Quakbot
2023-05-17 09:04:10c3d1ebe98c1539ba8164629ed814684e60f7781429cac4c32bd0426ba8bd6ac5js Quakbot
2023-05-17 07:34:32c84ca1d4012c6ce04e80a41a6a7016abf4b395bb85ab670e4d06ef0b02a94b6ajs Quakbot
2023-05-17 05:19:28e722b9ef6b9990adbefaef227516ccf5f985f2c6dabb7e982bf52c3f85680237js Quakbot
2023-05-17 04:13:027d34b9f353414703714bd54d97da998ed7631abc87b32a0767be646cc4edea23js  
2023-05-17 02:33:06cc882afd2e57e09fbaf7aa1d82fd84119f11ce178e2dc99ca9f8364fb03baedcjs Quakbot
2023-05-17 00:32:51a890b40ab4801b230dbfdf82e41be32c368010d0385e14baa3060c2f75ae2214js Quakbot
2023-05-16 22:19:05b4889e0b21bfa4d2919102c7063f8a39382a6ec10c36051e3611012cacea26e9js Quakbot
2023-05-16 20:59:18c79f55a17d459936aec242a0ec28c5b0503d41b4c2a66ebc79324fa34b89dfeejs Quakbot
2023-05-16 20:48:03a825a0a88075895bb87e8b39af1f262ec8beda8134c2a464a3d85219c3b9c21fjs Quakbot
2023-05-16 17:38:166533cc68bb8d7691f4a9c0b66ddb76f99bf2ffabf3724b0cf55917508ac26720js Quakbot
2023-05-16 15:58:38f786df00899a4add4efcc0de66aa5ad77966c0d6a3f37d9b8c0560b94af36d15js Quakbot
2023-05-16 15:06:3764f6560de4fb71d77759e1a770557b164a4ec925ebc9a99d13d71e3caf858438js Quakbot
2023-05-16 13:07:085eb9fcbb44c51f8f382ed4021a2cc3a365a3f4d73f49241f667a5eed8cd47c91js Quakbot
2023-05-16 11:25:35974cb2836267e34cd46007f171554e1611840f1193a07e303a08158980ecfee1js