URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	hatti.us
Domain registrar:	Namecheap
Domain registration date:	2021-09-05 00:14:58 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-06-13 17:52:12 UTC
Total malware sites :	1
A record(s) observed :	17

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-09-23 06:21:12	13.248.148.254	aba1c1ff9d2ec5376.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-09-23 06:21:12	76.223.26.96	aba1c1ff9d2ec5376.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-09-06 10:23:08	199.59.243.228		Not listed	AS16509 AMAZON-02	US	no
2025-05-04 09:08:35	172.233.219.123	viridian02.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-05-04 09:08:35	172.233.219.49	viridian01.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-05-04 09:08:35	172.233.219.78	viridian03.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-07-03 02:06:10	172.237.146.8	viridian05.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-07-03 02:06:09	172.237.146.25	viridian06.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-07-03 02:06:10	172.237.146.38	viridian04.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-07-03 02:06:09	172.237.146.49	viridian07.parklogic.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-13 17:52:17	https://hatti.us/otn/	Offline	BB32 geofenced js Qakbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-06-15 15:41:35	db93500e44a2684e71d044699c1c5270916723e212ccdb4957d1eacfb41864a8	zip		Quakbot
2023-06-15 14:56:42	397af3d2a51bf2f40bfbca016de11b6387af37aaa80babbca30568274fcb01c0	zip
2023-06-15 14:09:54	9e020cf4f0bd23ab9a48f9e4101b8a570ed72c4190fd1a0401f13b171b3a2fea	zip		Quakbot
2023-06-15 12:33:30	c6d768419a9ef82beb573581bbb7ee45574cafd8e1c58eee4ee0cc6756d28011	js
2023-06-15 11:54:17	3face16d6d4dd243c8763bc1da11ec9f1fe69d283bde2872086918d68b8ec028	js		Quakbot
2023-06-15 10:50:12	ee0f2588c4e28c9dcdaf065bedd3a273757fc68b420fda05ea5176162aa8e63f	js		Quakbot
2023-06-15 10:06:49	9ae2325a697b0cfa262d5dd6914179963f1fd62278957352dd69d24b452f6959	js		Quakbot
2023-06-15 08:36:59	3eaa5cd35f23e1c252e24c6fe93707e013aea831a8f7d1b93456a5da9f0c08d8	js		Quakbot
2023-06-14 23:40:45	6f9ab119ea99c485556404092e59d8b25555637d88ae7b38bf2a227a63ea803c	js		Quakbot
2023-06-14 13:42:49	f3a36b2caa32b9732ece59b93d2d2e8d39a4548c271c324e46f5c6560159f4d6	js		Quakbot
2023-06-14 13:04:57	a7f7edc57c3f19dffd1f41fad344e40e3428eada07d14a7aa6408314781cff7e	js		Quakbot
2023-06-14 11:27:55	b9ffb402836bd3d588877a6c08f403f6668733547cd631d175d9ff91e19e5516	js		Quakbot
2023-06-14 09:53:45	d388ac13232edae5a470d05c1344730f7dea4ecdae32a62247c4aef2caea76e0	js		Quakbot
2023-06-14 09:11:18	6e68ba473d14899006b97362c0d8ceb9c8443e93b7ed48bec6fc1ad0f3302448	js		Quakbot
2023-06-14 08:13:38	55c8be1e1a0c0810b4f4802ded6ef7c533d8b03d5e13fadb81d2a7e7a1ace963	js		Quakbot
2023-06-14 06:32:13	9efdf759a7bfbb48310e66c322b48ff213edac8fbccfa22e67e736ceaa0a79dd	js		Quakbot
2023-06-14 04:55:59	b0c70e0ff93c798e12fda4250c14f7b6ba871df13eb40e2edebf33d32f5a0187	js
2023-06-14 04:30:54	5753f55c05a68b834cdff1ebfd4d028b671668cecc8be172dfa396148308a296	js		Quakbot
2023-06-14 04:12:17	e24dae59a010130abde32f4eaff31e39090feeea4c7c45ae39cf343fccb72881	js		Quakbot
2023-06-14 03:26:03	8078300995793eb83fe4dba91216d419413da4492e3ad128102d9ee32b28c8b8	js		Quakbot
2023-06-14 02:21:13	7984a42038e2a43c962e3905e58600961abff637e8edb01191371cc1e4eb70bc	js		Quakbot
2023-06-14 01:41:16	ba6ae33aac46c547117046524d4642fde6b2bad02224fdd96966517b808ffd87	js		Quakbot
2023-06-14 00:50:21	53c1fa6e950d5688bb7ecd26f397579a37fcfb28d12869a0b7f7c4899a9d6cc8	js		Quakbot
2023-06-13 22:31:17	33cd588c4ebfa4a6ba76143306d7e61cda9250ddba43c215bd05c71dcbe42e3d	js		Quakbot
2023-06-13 21:53:12	4361924f83937cbc2c909d1cff503b72eda3e2574e3382e00be549fe31f5295b	js		Quakbot
2023-06-13 20:36:21	325e486140498c768d75e86b2139832ae5fb99960c3a5e5ab1aef3940146850a	js		Quakbot
2023-06-13 19:45:47	3052e8ce4ca4a564e8154728bbc1b20f272d4299d9b6e22b26019ac84c540f96	js		Quakbot
2023-06-13 17:52:15	0662f2e0e377b02e676e6a5a82ab0992d5aa2dcf46a99213872c8370333b8f0b	js		Quakbot