URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	egypttravelhub.com
Domain registrar:	GoDaddy
Domain registration date:	2005-09-14 04:40:29 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-10-13 06:34:05 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 17:41:04	15.197.225.128	aec037177372cc6cd.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2025-04-27 17:41:04	3.33.251.168	aec037177372cc6cd.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	yes
2023-04-20 09:57:47	15.197.142.173	a4ec4c6ea1c92e2e6.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2023-04-20 09:57:47	3.33.152.147	a4ec4c6ea1c92e2e6.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2022-10-13 06:34:10	50.87.145.9	50-87-145-9.unifiedlayer.com	Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-11-02 14:59:18	http://egypttravelhub.com/2/1.exe	Offline	a310Logger DarkCloud exe opendir	abuse_ch
2022-11-02 14:59:10	http://egypttravelhub.com/2/3.exe	Offline	AgentTesla exe opendir	abuse_ch
2022-10-14 02:18:12	http://egypttravelhub.com/1/2.exe	Offline	32 AveMariaRAT exe	zbetcheckin
2022-10-13 06:34:10	http://egypttravelhub.com/1/1.exe	Offline	a310Logger DarkCloud exe predator	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-11-03 07:29:26	dc3d344872b9ee375c27d2f86ecad0abfceac2e91eda44a47a52ec2cd509526c	exe		DarkCloud
2022-11-02 14:59:18	a155b362ccb1506dbbf3c0500b917af50e12763997b6fcacfce490cbd032c55b	exe		a310Logger
2022-11-02 14:59:10	982b6350bb158c2e96fadc0cb7a07395aa4131721117b5d884004b05dad79f1b	exe		AgentTesla
2022-10-26 23:11:28	de9004ca0ce0c1eba06c36d2fe1e467247f687241741f5eb56a3d00c141c5574	exe		AveMariaRAT
2022-10-26 06:56:37	38461e31543daade52ed3547620adb36ead9c2421537e4f2eefb500fdfc5596a	exe		DarkCloud
2022-10-24 08:46:31	ab056e9774f629ed322c924382c6cd0159aec6c0834fcd7b411c7aaa2f7d5736	exe		a310Logger
2022-10-24 01:36:24	aab8ee849b954991bcce8ce7c83f067e6d4efcae4df9a98a0640727779de1cf8	exe
2022-10-22 17:20:33	3a7bc6b1376eb90d02e7ddbcd4b66cb91393ef7110a0e71d051cfa330ff66323	exe
2022-10-21 08:21:11	fef213be52e12ace98674dbee610c178a0216a1783ca4ed967dff5af31f31819	exe
2022-10-20 14:03:00	fef213be52e12ace98674dbee610c178a0216a1783ca4ed967dff5af31f31819	exe
2022-10-18 02:51:32	3df212b13323638a741a6febc79f2e426775adde00e486bc52624a23da1c53b8	exe		AveMariaRAT
2022-10-14 06:11:03	a977b13bed320452e1e0d4377ec24af19bd009c0ddb7fb0abbdcd263d5abe78b	exe		Predator
2022-10-14 05:28:04	56e36e33d8b31a975b8e2ea606997f584a557567e45af938b66137fe1357c136	exe
2022-10-14 04:53:37	226fec5800208ea9a21d2b3a030cecf7e583cf9bc3f1517bfaa63f267e5fdd8e	exe
2022-10-14 04:34:21	b878058400111ad01eb49ef0d08404c23f42bf2f6a81bdc2f152bef1fd16462e	exe		AveMariaRAT
2022-10-14 04:22:12	0c7bbf2cbfeaa85389d31209af126cdf048176003b343483255b62c993251f7c	exe
2022-10-14 02:18:12	4d771099702b61244d44ce4d6c6ffdacd79bfead7b5774eb0ec8a1e7e9470056	exe		AveMariaRAT
2022-10-13 06:34:10	c53f7ebd83475a296ad52cd4e9c44c7eb93f0db72182e66c2816a81571400112	exe		Predator