URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	visaexpressbd.com
Domain registrar:	Public Domain Registry
Domain registration date:	2015-10-07 13:47:35 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-04-19 12:50:11 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 10:35:20	103.243.172.186	sgp.cloud-registrar.com	Not listed	AS59210 PHOENIXNAP-AS-SG1	SG	yes
2025-10-08 00:30:05	15.197.240.20	acf3b736b777428f5.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2023-04-19 12:50:15	68.65.122.109	server172-1.web-hosting.com	Not listed	AS22612 NAMECHEAP-NET	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-05-18 14:33:20	https://visaexpressbd.com/mmii/?1	Offline	BB28 geofenced js Qakbot USA	Cryptolaemus1
2023-05-17 13:06:13	https://visaexpressbd.com/na/?1	Offline	BB28 geofenced js Qakbot Quakbot USA	Cryptolaemus1
2023-05-10 15:38:05	https://visaexpressbd.com/qcam/	Offline	BB27 geofenced js Qakbot Quakbot USA	Cryptolaemus1
2023-04-19 12:50:15	https://visaexpressbd.com/ip/sedquas.php	Offline	921 BB24 geofenced Qakbot qbot Quakbot TR USA wsf zip	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-05-20 14:49:35	1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffc	js
2023-05-20 04:50:11	c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021a	js
2023-05-19 16:20:42	d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9f	js
2023-05-19 00:45:18	d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182e	js
2023-05-18 23:05:36	6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59d	js
2023-05-18 21:18:31	d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37a	js
2023-05-18 20:06:53	bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780	js
2023-05-18 18:28:44	1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0ee	js
2023-05-18 17:05:47	76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8	js
2023-05-18 14:33:20	7e6136edc7d78868b7fc550f4adb468e5207574401cc70a8e5e7a24752db04be	js
2023-05-18 08:05:16	229271acfd7face73c4919f8ae74ec7e9e3d276810827e045c7ee12baf2e75bf	js
2023-05-18 06:11:34	e29a41a9d60625c8b7ab2e66896cd279af26a9abe095095e8f71d39a518717db	js
2023-05-18 02:44:31	09f9e4d8ef85ba407416a7d168207db81c2000eabea300624e17d81f58bd0b18	js		Quakbot
2023-05-18 01:34:58	1518f10a4a3e1bb0772544083dd21336675b9248d73c59f8dd75068406de1474	js		Quakbot
2023-05-18 00:44:53	88f6a8cb20802cddd090c331d20f9642aed6deeda17214154bc2017f911d61c3	js		Quakbot
2023-05-17 21:55:50	fecdae98fff4b89aadb8c35ded8061bdaa126fc12f3fd482cbcecd53246c1c0a	js		Quakbot
2023-05-17 20:00:54	716b277dffdcf3099c8c86e0198ddab7a5d55627de582e5b73e900db63fed67e	js
2023-05-17 18:26:31	ccdaaebf2ae2ce525ab5ccf2b4d74cf6b58e7d9515c21c0d46e2b8e0709eefb6	js		Quakbot
2023-05-17 16:56:33	42046702c8332860c6d6224d63344bbd919246deac12c67a32bee542c7cde41c	js		Quakbot
2023-05-17 13:51:00	1023d2a3febc48f033a53509d7c13ab44b981e38169392d13c7ad15e12b37515	js		Quakbot
2023-05-17 13:06:12	abae955795961dc369ba3d41196f2f4238001efcff8a2dc429ababf4821ca7f5	js
2023-05-12 20:44:48	7b6151097ab4368a4727e1e09c4602898d7de0c5877e6e72ebded3a139d1fbfe	js		Quakbot
2023-05-12 19:33:43	419466c674529e67b1cb43c68b655c0bcf80de388a17cdc5f9c36cea2403ea4b	js		Quakbot
2023-05-12 17:31:12	e1620dee3a9b414bdcbc8f34646e6192c969edb7babd952bd29a406f0eacaf2d	js		Quakbot
2023-05-12 15:55:14	fa8a36dda3d3caaf1a75ac4e5ccfa901a717cd893203d34792a1c562f180eb3b	js		Quakbot
2023-05-12 14:06:47	12f64301daea1d82c13fe0c89951081ba6b1c2a473b6cba0e835ef7085f9ba97	js		Quakbot
2023-05-12 11:22:32	1e1e6cdf5521f775cc61f1dfeb4dbdf6900789bd437201e0c11c1d0bfad7585b	js
2023-05-12 10:52:41	1f9773f8db29c07e77587ab7aaaf3b9b7a1a94d1438da8c7decd593e9110b58e	js		Quakbot
2023-05-12 10:26:43	5471892d7e5f3745a036b770aa6170b37a070262a6f8b83d0b0718f3bf12c2c1	js
2023-05-12 08:47:56	07dbe487639f14acb1f62c577949e823e1977e68ce43caa2d815b4e375119d88	js		Quakbot
2023-05-12 05:50:14	ef119523601b7f078708601ff58eb221ecf84249ec63ea3dbff3d42135548bc0	js		Quakbot
2023-05-12 04:02:52	f5da44b2c9b38a43ada1e93c53c56d8253c8c083f4768fbe45a79cc6ca8d89f0	js		Quakbot
2023-05-12 02:44:01	2739ebe9bab38ea3173e21f80a6db3859750dcfc589cda4524a6bccc13a9649b	js		Quakbot
2023-05-12 01:27:54	14af4e6705fd637dad077696b5c3cf64e991a16f21a4e42b56a0d0c2002a0be0	js		Quakbot
2023-05-11 23:18:06	b3ef9764dd908a9ccf7c7ca562a2561f694aa702613c91da3c5f4b6ec7617ecc	js		Quakbot
2023-05-11 21:41:37	e34f060a285ce1eeef343ea8fd5c5f16bb2e163b27963015eb6b82df3419fc89	js		Quakbot
2023-05-11 20:11:53	1ed22d5040dcfd7cc16b09c51e580a234610ac35848421852bed91ef4e93f605	js		Quakbot
2023-05-11 18:43:05	695234ef7033c8bb4d26c5a8cbacf45e12b25236453c27c0c6fcd1783951127b	js		Quakbot
2023-05-11 16:23:01	00553f66a25622adb64371f99e3c21b4a0e642aa76c87c4aed4a04233082038f	js		Quakbot
2023-05-11 16:16:59	499a7ace20bfc9403be449a6d8486a11f8f3ce61ec2d28f18ddeb9c2ca472d09	js		Quakbot
2023-05-11 14:11:54	32bba693d1ec1984939b82adc0bc0c0cd90565bf4829264518079f05be8656d8	js		Quakbot
2023-05-11 12:17:48	65e008bd7de597db187886c4903dc4f1a96b1e1cc26b89befde503db129cb3f9	js		Quakbot
2023-05-11 08:40:22	fdc970bdb0a3194c242fe5a438f3348ed61a0a262e2fc4f6afb561fbf32bd628	js		Quakbot
2023-05-11 07:03:41	45eb45919680f5f3dffa6c3c65fb3343202e57e5aba7cf11166779d94a999c2e	js		Quakbot
2023-05-11 06:20:09	6c0cdfbedcd1c08f8035865ff8d30cd2de34c81373f4ab898bd1818bd7119462	js		Quakbot
2023-05-11 03:07:49	4a6135fa2ec467c225df5b0cc2d93112770834a8629e0eaa4cf01cf7827753b9	js		Quakbot
2023-05-11 02:42:11	8e952ba0bb3e526f6223ee7433e95727b5a0003882b9c41c813e69cbd19cca42	js		Quakbot
2023-05-11 00:17:26	a6c42e98201130c527fda2ce5865738eb930b75221a540aa3f4fef662f5c0f08	js		Quakbot
2023-05-10 23:41:58	b524231d408132e5137a70d6ee8fda97df5d536766dde4c519e6695248c51e39	js		Quakbot
2023-05-10 22:22:28	2b50082581de22d8f10a2c07a183c7a138470c9415ef928b4b00c9984484665b	js		Quakbot
2023-05-10 21:25:12	2ab425563ea882c5c2018b0e09edad3a5a6c8db427031daa9873e045dc482968	js		Quakbot
2023-05-10 18:00:59	755c1596a7c0d342c9933d7ecc7c1178ee46652413bc00b1937940760e7ac013	js		Quakbot
2023-05-10 17:30:53	1e1414d4e82ae67158c7f0c893a01a753e266bdfd803b70f533339849b2c21e3	js		Quakbot
2023-05-10 15:38:04	f63b26c43fe7f4b85b1bc4707952124d1c4b939145597fe5e3be25722e6da770	js		Quakbot
2023-04-20 01:06:39	0f2caeac1572e91b5950cdedca43afffe8f474985e3426325450fe5582d9dff0	zip
2023-04-19 12:56:49	779ff78fc2a19093527e133a9363d49428006488f87e80f73c15ab9ed8a6fc86	zip		Quakbot
2023-04-19 12:50:15	d757f9d081d47963dea0364ec0cc462d005ab22b428d86ba1046a5d32490abb6	zip		Quakbot