URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	batahandmadeshoes.com
Domain registrar:	Namecheap
Domain registration date:	2023-01-20 15:41:24 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-05-16 21:52:09 UTC
Total malware sites :	1
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-05-16 21:52:14	68.65.123.225	premium42-3.web-hosting.com	Not listed	AS22612 NAMECHEAP-NET	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-05-16 21:52:14	https://batahandmadeshoes.com/ulrq/?1	Offline	BB28 geofenced js Qakbot qbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-05-18 18:39:11	76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8	js
2023-05-18 17:05:59	1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffc	js
2023-05-18 14:58:35	1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0ee	js
2023-05-18 11:57:13	f37d3c915b896922eed07327ecc8b944fcab1445d20c02c26c5aab8d91473b45	js		Quakbot
2023-05-18 11:12:36	fe38571546fce56178ef24eac652a6bdb02adb17817e8381824c1e1039b5f642	js		Quakbot
2023-05-18 08:19:00	9fc5c95367df0d42df001590faddb4edf2e71a19e7159cb210d5525553462459	js		Quakbot
2023-05-18 08:08:51	97961abc6b3628852a890d9f074e8095b28bd2f9f186169b33981286e6f0529c	js		Quakbot
2023-05-18 04:33:50	a23cf11c2f986f5d2412a9c98d50dad0b0a02cd2dbbd6fdb1eb47c20cb7dd2bb	js		Quakbot
2023-05-18 03:59:57	c56bdfe438e6261fa00e5e48e3e9896927886b959c2947db67582b4cf0f08e74	js		Quakbot
2023-05-18 01:09:08	07903a989b7e8631bdf7709c9f662e13388037ed84e2a225ce9707ff6d5679a7	js		Quakbot
2023-05-18 00:07:20	bcf9e05bff1a4453dbe187a142eddb6857e41bbaf3869f7ddc598b6ddca0d276	js
2023-05-17 22:25:38	783e0a457afb1237e0956e6ff847bfcdb49ee23036f51b4621b534f54d67112c	js		Quakbot
2023-05-17 21:14:03	8ef706183443d30910cb1d411aa36e657e86119ff849b6a9edef4125b752bb92	js		Quakbot
2023-05-17 17:34:23	1226b64c5cdc915647f5412f5ca66ffeb7ac2c6e7787e3f38195da88b68ca12e	js		Quakbot
2023-05-17 17:04:38	1f26839da60e55672a1ff564cacf4050f50673ab46f7c13ece884b64e8db290e	js		Quakbot
2023-05-17 15:07:44	da4bf3b68417dffef143d4e6c343ee8adb0fc59559ccca0c4ba48cd6e3e1e5f8	js		Quakbot
2023-05-17 13:49:50	6325a36db9c4fb5af943871bce9ae9c80002f6d9379e71cd94bdefe0342b14f5	js		Quakbot
2023-05-17 12:33:15	3b521273a1f49f0fb7c2f4ea15df405e5c77af2e36c653ca0e352ada89db0c6b	js
2023-05-17 10:46:05	1376d6aa450344207b41d2bcc0b735e4d59b1488bd78237dd44400b02087f286	js		Quakbot
2023-05-17 09:05:02	6e7b90cc3633a0151d8f68dff6260654ea9c3e7bdf64824e10950acd306e0670	js		Quakbot
2023-05-17 07:08:08	cad2684c055dd42b998216c12864ba9f75fef59184897fd3c785f0b7a4c4fe5d	js		Quakbot
2023-05-17 06:01:05	bef482a668d52a30cdaabfed8c63ab529ff78191ada56dc40aab5eadac619f20	js
2023-05-17 04:08:53	cff1aea3f20511c57e3c823520577c70d71c25b3dce98fbfc89153e24d48c6b9	js		Quakbot
2023-05-17 01:05:29	34bcfcfdc82a53eed3aba04fee1ae96721c80fccd402065190e090c6e8706d17	js		Quakbot
2023-05-16 23:54:44	e4445b11568bc56bb7d954ed512299c13d2a212ac9e1a42544126836f166d02c	js		Quakbot
2023-05-16 21:52:14	229a7282d28216a73bc240ef14c266b66002240d910b71200712ef62f32c64a2	js