URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	zamatours.net
Domain registrar:	Public Domain Registry
Domain registration date:	2009-11-13 15:31:48 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-05-17 13:06:14 UTC
Total malware sites :	1
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-07-31 02:58:54	199.103.62.206	s800.can1.mysecurecloudhost.com	Not listed	AS36218 WHG-CAN	CA	yes
2025-11-13 18:44:29	15.197.240.20	acf3b736b777428f5.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2023-07-03 13:33:19	172.105.111.160	s548.tor7.mysecurecloudhost.com	Not listed	AS63949 AKAMAI-LINODE-AP	CA	no
2023-05-17 13:06:17	50.87.154.145	50-87-154-145.unifiedlayer.com	Not listed	AS31898 ORACLE-BMC-31898	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-05-17 13:06:17	https://zamatours.net/ser/?1	Offline	BB28 geofenced js Qakbot Quakbot USA	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-05-19 19:08:51	bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780	js
2023-05-19 08:45:47	c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021a	js
2023-05-19 02:20:44	6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59d	js
2023-05-19 00:00:07	76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8	js
2023-05-18 21:00:13	d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37a	js
2023-05-18 18:27:50	51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4	js
2023-05-18 17:02:32	1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffc	js
2023-05-18 14:13:32	e5798fd239bbac12adb64fae85062a0112bd1fc851168ce75fb67246bf687ae9	js
2023-05-18 12:28:20	020f938e3e5a80465883b947cf72e1604c794e693956eee1cc4707135129fd43	js		Quakbot
2023-05-18 10:03:08	1d2471f7acbab8882ea6f628275c501f0f81e0aeab5ee16537702bd849e8ba6b	js		Quakbot
2023-05-18 07:34:39	ca0444007c6c56cf207e9de8f069644d774953d9bc532784f55d5deebc62acbf	js		Quakbot
2023-05-18 04:23:37	abc48260d90f80894b8dce196c06da33c2c84c6e28e7f70c81840bf419cf2344	js		Quakbot
2023-05-18 00:11:47	9b2f8c74295c1bedca1e85a34eca84634c652741d93c24d9c5586926552a77a5	js		Quakbot
2023-05-17 21:26:35	a64cebdd853596ce95beeb112b9dfab6eab26ff09b77eaad1c909cb1b6cff48a	js		Quakbot
2023-05-17 20:39:34	0778e11b34038a33e15f6d85dc45a87e23d2ac68fbb8e3d9c914b1edf5987187	js		Quakbot
2023-05-17 17:39:52	404e30334a58830297758dd73f2fee67f6ed0ea8c6d7fa501d7eb809925d82fc	js		Quakbot
2023-05-17 13:06:17	fceef22558799ba34afb830f44f63ff2d0386112e3506a24549d220e7ab2f4d1	js		Quakbot