Help RSS API Feed Maltego Contact                        

Domain > esbook.com

More information on this domain is in AlienVault OTX

Is this malicious?
Most users have voted this as MALICIOUS

Reports
http://ransomwaretracker.abuse.ch/blocklist/    
http://ransomwaretracker.abuse.ch/feeds/csv/    
http://www.malware-traffic-analysis.net/2016/03/18...    
https://otx.alienvault.com/pulse/56e85de34637f24cb...    
https://otx.alienvault.com/pulse/56e8786d67db8c5ce...    
https://otx.alienvault.com/pulse/56ec8aff4637f2285...    
http://www.malware-traffic-analysis.net/2016/03/18...    
https://otx.alienvault.com/pulse/56f02c1967db8c5ce...    
http://ransomwaretracker.abuse.ch/blocklist/    
https://ransomwaretracker.abuse.ch/downloads/RW_UR...    
https://techhelplist.com/spam-list/1065-incoming-t...    

Files that talk to esbook.com
MD5A/V
7942739deb6053a71a4dbc6e65b7640c[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
21c656765702ed4fefa593b7b6b39841[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
8716cbdf67800269a7340c9ca623cb02[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [trojan.js.downloader.1]
a5a6cab2117270dbf360822edd1ae974
69fc8e270d10529ea9fc30ea42f27d75[Ransomware-FGN!69FC8E270D10]
af367282fedd2c2deb28a9b256d82b91[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/Nemucod.cs] [JS:Trojan.JS.Downloader.DK] [JS/TrojanDownloader.Nemucod.JM] [Js.Trojan.Raas.Auto] [JS:Trojan.JS.Downloader.DK] [Troj/JSDldr-FM] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/Obfus.S3] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [Trojan-Downloader.Script.Locky] [trojan.js.downloader.1]
f24bdeae84c941222905321cff691d93[JS:Trojan.JS.Downloader.DK] [JS.Downloader] [JS_CRYPTESLA.LC] [Js.Trojan.Raas.Auto] [JS_CRYPTESLA.LC] [Troj/JSDldr-FM] [Js.Troj.Js!c] [TrojanDownloader:JS/Nemucod.BV] [JS/Obfus.S3] [JS/Nemucod.dy] [JS/TrojanDownloader.Nemucod.JM] [Trojan-Downloader.Script.Locky] [JS/Nemucod.JM!tr] [trojan.js.downloader.1]
a2f0494843114616ff9656747f9f1216[JS/Nemucod.cs] [JS.Downloader] [JS/TrojanDownloader.Nemucod.JR] [Troj/JSDldr-FM] [JS/Locky.jwb.18] [JS/Obfus.S3] [Trojan-Downloader.Script] [JS/Nemucod.JM!tr] [trojan.js.downloader.1]
d5b74b58e9971be84aa83b2e1d46b414[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/TrojanDownloader.Nemucod.JM] [Js.Trojan.Raas.Auto] [JS:Trojan.JS.Downloader.DK] [Troj/JSDldr-FM] [JS:Trojan.JS.Downloader.DK] [JS/Dldr.Nemucod.44637] [JS:Trojan.JS.Downloader.DK] [JS/Downloader] [JS:Trojan.JS.Downloader.DK] [JS/Nemucod.cs] [Trojan-Downloader.Script.TeslaCrypt] [trojan.js.downloader.1]
715c3f4567d08818e77c54506370b1d9[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/TrojanDownloader.Nemucod.JM] [JS:Trojan.JS.Downloader.DK] [Troj/JSDldr-FM] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [Js.Troj.Js!c] [JS/Obfus.S3] [JS:Trojan.JS.Downloader.DK] [JS/Nemucod.cs] [Trojan-Downloader.Script.Locky] [trojan.js.downloader.1]
1ae0e73299dafc9fe203ee8cce7ccdce[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/Nemucod.cs] [JS:Trojan.JS.Downloader.DK] [JS/TrojanDownloader.Nemucod.JM] [JS:Trojan.JS.Downloader.DK] [Js.Troj.Js!c] [JS:Trojan.JS.Downloader.DK] [Troj/JSDldr-FM] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/Obfus.S3] [TrojanDownloader:JS/Nemucod.BV] [JS:Trojan.JS.Downloader.DK] [Js.Trojan.Raas.Auto] [Trojan-Downloader.Script.TeslaCrypt] [trojan.js.downloader.1]
a2e13e77e8728656739de52ee09e2326[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/TrojanDownloader.Nemucod.JM] [Js.Trojan.Raas.Auto] [JS:Trojan.JS.Downloader.DK] [Troj/JSDldr-FM] [JS:Trojan.JS.Downloader.DK] [JS/Dldr.Nemucod.IU.13] [JS:Trojan.JS.Downloader.DK] [Js.Troj.Js!c] [JS/Obfus.S3] [JS:Trojan.JS.Downloader.DK] [JS/Nemucod.cs] [Trojan-Downloader.Script.TeslaCrypt] [trojan.js.downloader.1]
8ada756880f684786103d59c5b9f03ed[HEUR.JS.Trojan.b] [Js.Trojan.Raas.Auto] [Win32.Outbreak] [trojan.js.downloader.1]
d148d8661d6c619fcdb055951634a9ec[JS.Downloader] [JS_NEMUCOD.YYKG] [Js.Trojan.Raas.Auto] [JS_NEMUCOD.YYKG] [Troj/JSDldr-FM] [JS/Dldr.Filecoder.asdan] [JS/Obfus.S3] [JS/Nemucod.cs] [JS/TrojanDownloader.Nemucod.JR] [Trojan-Downloader.Script] [JS/Nemucod.JM!tr] [trojan.js.downloader.1]
df7dd7725a218a40577e6054fcbafca4[JS:Trojan.JS.Downloader.DK] [Js.Trojan.Raas.Auto] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [trojan.js.downloader.1]
14fef3ecbfb613aa29395e914a751a1f[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/Nemucod.cs] [JS:Trojan.JS.Downloader.DK] [JS/TrojanDownloader.Nemucod.JM] [JS:Trojan.JS.Downloader.DK] [Troj/JSDldr-FM] [JS:Trojan.JS.Downloader.DK] [JS/Dldr.Nemucod.44733] [JS:Trojan.JS.Downloader.DK] [Js.Troj.Js!c] [JS/Obfus.S3] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [Js.Trojan.Raas.Auto] [Trojan-Downloader.Script.Locky] [trojan.js.downloader.1]
44c3f79b866c87a595aac7eb4f0df78f[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
9c131f2c7690ffe5f8bbdf10a8b0331b[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/TrojanDownloader.Nemucod.JM] [JS:Trojan.JS.Downloader.DK] [Troj/JSDldr-FM] [JS:Trojan.JS.Downloader.DK] [JS/Dldr.Nemucod.IV.7] [JS:Trojan.JS.Downloader.DK] [JS/Obfus.S3] [JS:Trojan.JS.Downloader.DK] [JS/Nemucod.cs] [Js.Trojan.Raas.Auto] [Trojan-Downloader.Script.TeslaCrypt] [trojan.js.downloader.1]
305205ac99ff8b50255d5656a6e88111[JS/TrojanDownloader.Nemucod.JR] [Js.Trojan.Raas.Auto] [Troj/JSDldr-FM] [JS/Locky.jwb.7] [JS/Obfus.S3] [JS/Nemucod.cs] [Trojan-Downloader.Script] [JS/Nemucod.JM!tr] [trojan.js.downloader.1]
8530df6cb76930e1f362256fb272b406[JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [JS/Nemucod.cs] [JS:Trojan.JS.Downloader.DK] [JS/TrojanDownloader.Nemucod.JM] [JS:Trojan.JS.Downloader.DK] [Troj/JSDldr-FM] [JS:Trojan.JS.Downloader.DK] [JS/Dldr.Nemucod.44736] [JS:Trojan.JS.Downloader.DK] [JS/Obfus.S3] [JS:Trojan.JS.Downloader.DK] [JS:Trojan.JS.Downloader.DK] [Js.Trojan.Raas.Auto] [Trojan-Downloader.Script.TeslaCrypt] [trojan.js.downloader.1]

Whois
PropertyValue
Email 480E93AC1D0749D1AC5E2A06DBB64744.PROTECT@WHOISGUARD.COM
NameServer NS2.ASMALLORANGE.COM
Created 2006-03-01 00:00:00
Changed 2016-03-05 00:00:00
Expires 2017-03-01 00:00:00
Registrar ENOM, INC.

DNS Resolutions
DateIP Address
2014-11-18174.136.12.119 (ClassC)
2017-03-01108.60.14.6 (ClassC)
2019-01-2591.195.240.240 (ClassC)
2019-02-0672.52.4.119 (ClassC)
2019-09-0691.195.240.126 (ClassC)
2020-05-1135.186.238.101 (ClassC)
2025-09-1899.83.161.153 (ClassC)
2025-09-27166.117.110.61 (ClassC)
2025-11-0713.248.169.48 (ClassC)
2025-12-1076.223.54.146 (ClassC)

Port 80

Subdomains
DateDomainIP
www.esbook.com2025-07-1776.223.54.146
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information