URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	esjpakistan.com
Domain registrar:	HostGator
Domain registration date:	2012-12-04 14:52:38 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-05-17 13:06:25 UTC
Total malware sites :	6
Online malware sites :	0 (0%)
Offline Malware sites :	6 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 13:32:45	109.201.133.168	ns61.cloudns.net	Not listed	AS43350 NFORCE	NL	no
2023-05-17 13:06:28	192.232.219.84	192-232-219-84.unifiedlayer.com	Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-02 15:37:16	https://esjpakistan.com/eru/	Offline	BB30 geofenced js Qakbot TR USA zip	Cryptolaemus1
2023-05-31 13:31:05	https://esjpakistan.com/fs/	Offline	BB30 geofenced js Qakbot Quakbot USA zip	Cryptolaemus1
2023-05-30 16:50:55	https://esjpakistan.com/cdan/?1	Offline	BB30 geofenced js Qakbot Quakbot USA zip	Cryptolaemus1
2023-05-25 12:00:11	https://esjpakistan.com/do/	Offline	BB29 geofenced js Qakbot USA	Cryptolaemus1
2023-05-18 14:33:22	https://esjpakistan.com/ndie/?1	Offline	BB28 geofenced js Qakbot USA	Cryptolaemus1
2023-05-17 13:06:28	https://esjpakistan.com/uiq/?1	Offline	BB28 geofenced GuLoader js Qakbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-06-02 06:54:35	dfc1d28dceea2238e4b6fe031f778ae5aebfd7a3de3bba129496f87b3f306b5b	zip		Quakbot
2023-06-02 02:04:58	cefa2c53569cf30ae62d95fbc25faa69a2344b87d08b74174cf6c82e82a725d4	zip		Quakbot
2023-06-01 21:45:47	213e6365e5f423d117106b1336b183c2c727d76c03fbaa79ccf1e537a4b1145c	zip		Quakbot
2023-06-01 14:25:30	b5be55bf2d2c537c05f19bb2e50f05dafb3e884991418031b2560a7c3141e7b1	zip		Quakbot
2023-06-01 09:57:32	d15fac1cddeca555a374c6f1cb8f87a37a95084a69c30170b6fd46409df54b44	zip		Quakbot
2023-06-01 07:39:31	6cb13f1a4c910fb6e87abf7a71ff1d1ece4f2dfeb08da8ed1617d8dfe22da4c7	zip		Quakbot
2023-05-30 16:50:55	7b9732c887e5a20b342ea3c0478f0b75648243a6c9a691ec22bf1ef71213fbf2	zip		Quakbot
2023-05-25 19:50:36	6e6e3aa8ddc0038572e3bb61b20e372f941d34cbee543eee7b502c3258cc1e0f	zip
2023-05-20 18:55:14	c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021a	js
2023-05-19 20:15:41	76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8	js
2023-05-19 16:22:44	6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59d	js
2023-05-19 12:50:42	1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffc	js
2023-05-19 11:48:40	d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37a	js
2023-05-19 08:34:10	d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182e	js
2023-05-19 03:45:47	51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4	js
2023-05-19 03:14:12	51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4	js
2023-05-18 14:33:22	c241a330eea718ba2a491681ba95686f95ac94260437a7eb64ac45a8e8171ced	js
2023-05-18 14:16:39	24fb2b97731593404456cfebdcd665dabbee3e57706bb51caaefceceb40e1250	js
2023-05-18 07:35:49	748288dd3065db0c33b5cd484c4347216a3780b90eedc58ea62491f9297a57d7	js		Quakbot
2023-05-18 02:42:35	2805dc9f718f68c7daf0cae2b00b6ed8bd0a6e3a957fcf340055a17cc4ef7ef9	js		GuLoader
2023-05-17 13:06:28	a0220d487566d1243b11c30ea5d37349418d84e8f6eb6013e0792aa4b11236c6	js		Quakbot