URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	onlinesattabazar.com
Domain registrar:	GoDaddy
Domain registration date:	2019-10-17 05:27:59 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-05-16 13:42:33 UTC
Total malware sites :	1
A record(s) observed :	16

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-05-16 13:42:35	188.114.96.3		SBL690066	AS13335 CLOUDFLARENET	n/a	yes
2023-05-16 13:42:35	188.114.97.3		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-09-10 11:14:19	104.21.26.156		Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-09-10 11:14:19	172.67.137.34		Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-10-22 23:47:16	13.248.213.45	a67c48129651a0940.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-10-22 23:47:16	76.223.67.189	a67c48129651a0940.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-04-30 23:41:58	157.245.200.110		Not listed	AS14061 DIGITALOCEAN-ASN	SG	no
2023-09-23 06:42:26	15.197.148.33	a2aa9ff50de748dbe.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2023-09-23 06:42:26	3.33.130.190	a2aa9ff50de748dbe.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2023-09-24 07:36:37	72.167.125.153	153.125.167.72.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-05-16 13:42:35	https://onlinesattabazar.com/atee/?1	Offline	BB28 geofenced js Qakbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-05-18 18:53:50	51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4	js
2023-05-18 17:26:16	c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021a	js
2023-05-18 14:18:43	ace819f2df1279100b7821ef69b6074854d5565a082b95d142eedc946bb4af70	js
2023-05-18 12:43:53	c7f9d6c56a28ecc44744a1c617778af39179d5869bca0ccd518016eae401078e	js	Quakbot
2023-05-18 11:48:30	d5e6e30f18f2d0670de3202c27c125583667cb6be60aee992f59e72d23eed864	js	Quakbot
2023-05-18 11:29:19	91bf97c2e5d25bf79ff22ef99cccd3bdb7aab412d34521e172610b16562203d8	js	Quakbot
2023-05-18 08:38:45	33e5253fc3841fb30d4467ba7144f20b94bfb5714befb85aa32837899b33859b	js	Quakbot
2023-05-18 07:26:17	8116e7914df0a4fae9adad12da668660206754557fac016131c53fcd305d537f	js	Quakbot
2023-05-18 05:56:07	0c72f8db70d3f144ec7cb21515e337377b9aa689dad88dfbf1720634c8b70453	js	Quakbot
2023-05-18 03:10:12	c6712a15900f7986ac9ad350dec34f50284b50e708bdeb42e320d99659f8d46f	js	Quakbot
2023-05-18 00:54:38	a0c936769d05f511e808dc9d178d44c1b60779ae7ad0e7424e520b2e75ce335c	js	Quakbot
2023-05-17 23:08:53	a2fee1f921c59d61590ed86bdd9e19a12b68d9722d228d0e5bef678bd31d461b	js	Quakbot
2023-05-17 22:09:37	45a695a6696ee2284f34ef03f76d7192a3829a64f1ae5f5216bfd36983231680	js	Quakbot
2023-05-17 19:55:16	106ea6e9df2db6267999fa9df4ae5950c1be2de07cbb773cd739bfaa29a806d4	js	Quakbot
2023-05-17 19:19:50	16e669d4d5391d00940846a4f52891c84d175cd3dabd4f776ef0b2b352c4f2c2	js	Quakbot
2023-05-17 15:22:18	456c54257858cdc9347b6b71444659a256ae3a000dc1c82298d0fc65ba890687	js	Quakbot
2023-05-17 13:48:53	cd8a39cd43a8cbb2e0c04b201b7df230226fe2dd696ab5c20c9ecbb16cc723f3	js	Quakbot
2023-05-17 13:35:10	fecdae98fff4b89aadb8c35ded8061bdaa126fc12f3fd482cbcecd53246c1c0a	js	Quakbot
2023-05-17 09:08:04	c22b66c0508392990ab94f573ba59b6313b04e58ee121ad596bca03710ef4dd5	js	Quakbot
2023-05-17 07:24:26	42f186bb85bd5a31e03a33f8370696b5a78d7690d54b5f53d9f95c89a47a7922	js	Quakbot
2023-05-17 04:42:36	e2e560a861de91330586cbcaf290794f2096b670f51defcc850caecd3771bcb4	js	Quakbot
2023-05-17 04:12:50	e48cfdc0ca6cc3e906b5b8ed851c12b6fd17e8ba9eae6a710893eafba1c6dd9f	js	Quakbot
2023-05-17 01:30:14	5336ab069529b27c8d58172c5e9dfec13538b2b7898bb9e785d316c330ffa4c1	js	Quakbot
2023-05-16 23:54:00	ce2aac84611423fd40afb45b950a0eaa82e81466efca65e3bc9bb7817d7d3097	js	Quakbot
2023-05-16 23:04:54	f075f5f021fa176c024dfb00fa20be5e937f75e96ce383ad00bcb9a9ceb4d574	js
2023-05-16 21:16:49	238270bdbc6eeb5bcb2f117b1ce0dde224b08383b57a8afc6d1ab7d0f2679e37	js	Quakbot
2023-05-16 18:30:55	034ac995e1406b01ca34f4243c051298499179c85466e851879e45b007987091	js	Quakbot
2023-05-16 15:49:17	bed60456c1f6b2fd0bcef665ec82b6cf0fe3f4a013453842142a2a4e82935ef7	js	Quakbot
2023-05-16 15:28:31	f0b773dad7ab590b539691f9b1a80829f8c5e8d1aa83acdd1c249a1bac53d00f	js	Quakbot
2023-05-16 14:37:27	877a6caaf95b3b60a3114f07a8755f9d24d46721db3f717aff7ebffecd590217	js	Quakbot
2023-05-16 13:42:34	f6cddc26f0002ade115007659213120bd815f80d515795b5665b5c1cb538ded1	js