URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: zealdemo.com
Domain registrar:GoDaddy -
Domain registration date:2019-01-03 11:03:44 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-01-11 15:08:03 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :18

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-08-08 07:45:22 13.223.25.84ec2-13-223-25-84.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USyes
2025-08-08 07:45:22 54.243.117.197ec2-54-243-117-197.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USyes
2025-07-07 00:52:27 13.216.111.180ec2-13-216-111-180.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USno
2025-05-25 19:59:52 44.213.46.149ec2-44-213-46-149.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USno
2025-04-30 21:09:00 18.119.154.66ec2-18-119-154-66.us-east-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-04-30 21:09:00 3.140.13.188ec2-3-140-13-188.us-east-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-04-28 04:18:29 3.94.41.167ec2-3-94-41-167.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES- USno
2025-04-28 04:18:29 52.86.6.113ec2-52-86-6-113.compute-1.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-05-09 06:37:11 3.18.7.81ec2-3-18-7-81.us-east-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno
2025-05-09 06:37:11 3.19.116.195ec2-3-19-116-195.us-east-2.compute.amazonaws.comNot listedAS16509 AMAZON-02- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-01-11 15:08:04http://zealdemo.com/smartschool/aaGJAMFkhP9X8bf...Offlinedoc emotet ext epoch4 heodo ext SilentBuilder Cryptolaemus1
2022-01-11 15:08:04http://zealdemo.com/smartschool/aaGJAMFkhP9X8bf/Offlineemotet ext epoch4 redir-doc xls waga_tw

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-01-12 02:20:31769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968xlsSilentBuilder
2022-01-12 01:52:48d70eea3a457a572c1ee00b87e0c62ad39c9a8307340a7bff3bae0a08ade7c556xlsSilentBuilder
2022-01-12 01:30:50b4e5abec6cda8d6601e77495e9eaf91756cfc834e816faa0fd327029da72d881xls SilentBuilder
2022-01-12 00:55:33ee39e88c3c79292adf03f167d3b538ed98543b64a867264a09a9d19b0ac28645xls Heodo
2022-01-12 00:27:22fb59d08c1c00da6e08768d759d984922ef2726cade6ed27fe5713a79e7b7022exlsSilentBuilder
2022-01-12 00:08:1105dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bxlsSilentBuilder
2022-01-11 23:48:0066f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6xls SilentBuilder
2022-01-11 23:26:24b5207887a27a42330a6b8e863e0550008a6375de1f4c9c6c0edcc7a9bb6d548fxlsSilentBuilder
2022-01-11 23:01:06d616af039b685a1e393e85dfd6d3558a0a062fc2cd776bfdbfd55dd1cca9e55exls SilentBuilder
2022-01-11 22:37:27f326b9b9af87bd43878455ac75b4e61fadd71bdfcebf5b4508525cbbb4e8038bxls Heodo
2022-01-11 22:09:15a3977aa3c358df0d9777be64e5c10b4a874fd0eac63183e92837d58038e5c4c1xls Heodo
2022-01-11 21:42:07b6221570f7605955141baf72141654a10cd2269e0c9c328fd7339bd40b4f83dcxls SilentBuilder
2022-01-11 21:25:490bce8c631bc35e734c8be9fefb75ea3ce0e66a22e217c7ff6385afb1df2d0878xls SilentBuilder
2022-01-11 21:08:451db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866bxls Heodo
2022-01-11 20:48:49b5d8116e0b4f01eb2affa09d857d1be4df2e18dd793e4ab0b6ad28e0d5eadc15xlsHeodo
2022-01-11 20:17:15d92b0ebb1f64086c8c4d5b238f3683a3319bcf041cdfc9e6736f742a260a5ce2xlsSilentBuilder
2022-01-11 19:55:32426fda840765e44250686f1102e902242babe0cea36a756beac6c0757a73c28axls SilentBuilder
2022-01-11 19:29:39e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1bxls SilentBuilder
2022-01-11 19:12:38afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292exlsSilentBuilder
2022-01-11 18:49:45fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7xlsSilentBuilder
2022-01-11 18:33:00a5a1c304ab3b2351a82da736cf9c022ea2ad1cbff6321b64b0a741b575c8a6c4xls SilentBuilder
2022-01-11 18:12:19b8600d1365521e1a2f83ae356900d38cf8c44b60594bbe30df2ac04418cd823exlsSilentBuilder
2022-01-11 17:44:021e4e0feb94cf74d61c7557fd8b7883f71b80547083bc339bc808b9703d4c03c1xlsSilentBuilder
2022-01-11 17:33:0314e585c42b502e7e5ba9cd07618751748e748fd0a938c114c51a379de2d1082bxlsSilentBuilder
2022-01-11 17:05:0737e872cc3b4e9e0f9e1472f6865ac985496582ef138fd1646fe13bd14bb92c0fxls Heodo
2022-01-11 16:48:32b68760371e947df68d4f69a1f9b43a56de082932df771b0ef088adaae130931cxls SilentBuilder
2022-01-11 16:33:03a6854cf37029a39a9a86de7f468e16d520cc046bef6fcd50290cd7c19843cd74xlsHeodo
2022-01-11 16:12:137dcde20dd26c5388d734d658830ebb48bf5c1170cf9ec39a3e084d8e728715e8xlsHeodo
2022-01-11 15:45:22e270653fb50c6dc837cf628c2bd362bcb133161ee1ff5435da60b9ac27d16033html  
2022-01-11 15:42:31dda6bd51ff45aa0e3b4e72d47460f7a78c5bb0bc0f1c43d09a20c88b01b6f851xlsSilentBuilder
2022-01-11 15:24:050a0fe064ed83d5fb4be5577a78d4659be6d7fec5ee345f01edda10c2e6221868xlsHeodo
2022-01-11 15:23:48ac81b83925dd3258b3213a7f50d82cb05dd81dd8fb5031a1a64edcab6f5a3a2ehtml  
2022-01-11 15:08:04a6d152cc2d0a8f3c80189d27d51c4e513acdbc0100d284fece3d1a98926d1fabhtml  
2022-01-11 15:08:043dbfb9a583de71af6ce19cbfb294476ab7d6fcfd2fe42c9bf38886ace35c58fbxlsSilentBuilder