URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	zoelowney.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2018-05-29 22:36:48 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)
A record(s) observed :	11

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 09:28:53	198.185.159.144		Not listed	AS53831 SQUARESPACE	US	yes
2025-04-27 09:28:53	198.185.159.145		Not listed	AS53831 SQUARESPACE	US	yes
2025-04-27 09:28:53	198.49.23.144		Not listed	AS53831 SQUARESPACE	US	yes
2025-04-27 09:28:53	198.49.23.145		Not listed	AS53831 SQUARESPACE	US	yes
2019-09-16 07:41:52	50.63.202.62	62.202.63.50.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2019-09-16 05:11:02	50.63.202.36	36.202.63.50.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2019-09-16 10:03:41	184.168.221.48	48.221.168.184.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2019-09-15 08:57:36	50.63.202.42	42.202.63.50.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2019-09-16 05:01:01	184.168.221.35	35.221.168.184.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no
2019-05-07 04:16:07	184.168.131.241	241.131.168.184.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2018-08-14 04:32:31	http://zoelowney.com/BANKOFAMERICA/Aug-13-2018/	Offline	doc emotet heodo	Cryptolaemus1
2018-08-13 19:32:29	http://zoelowney.com/BANKOFAMERICA/Aug-13-2018	Offline	doc emotet heodo	unixronin
2018-08-08 05:08:44	http://zoelowney.com/Tb/	Offline	heodo	zbetcheckin
2018-08-07 20:58:09	http://zoelowney.com/Tb	Offline	emotet heodo payload	Cryptolaemus1
2018-06-11 17:59:15	http://zoelowney.com/IRS-Tax-Transcipts-June-20...	Offline	doc emotet epoch1 Formbook heodo	Cryptolaemus1
2018-06-08 14:08:03	http://zoelowney.com/ACCOUNT/Please-pull-invoic...	Offline	doc emotet heodo	c_APT_ure
2018-06-05 16:03:05	http://zoelowney.com/Service-Inv/	Offline	doc emotet heodo	Cryptolaemus1
2018-06-01 05:41:07	http://zoelowney.com/Fact/	Offline	doc emotet heodo	abuse_ch
2018-05-29 22:36:55	http://zoelowney.com/ups.com/WebTracking/RCI-46...	Offline	doc emotet heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2019-11-30 10:14:46	2997884f3fa4b54e5fd315a5526fb4f6708409777d7cbb0dd115af119848d42c	html
2019-11-30 10:14:45	d1bd6c1002010bee32cab68495d8e26a7411ae5cf8ac8e2fc73e7b74acca87df	html
2019-11-30 10:05:30	2997884f3fa4b54e5fd315a5526fb4f6708409777d7cbb0dd115af119848d42c	html
2019-11-30 10:03:52	10791c1e9013dbbcabe6b51ab5c5eda5070a4667e3317cd51c840f038134b0b2	html
2018-06-09 13:24:59	a8ede5b4e9ad5f52a3c28142fa26a4c2caa2d9bd9e73aead41942d31986e4abe	doc	Heodo
2018-06-01 14:26:04	3803bfbce21fffcf67582832f8292d4e40e2417463b3040e293c1938179ef9c1	doc