URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	bet-invest.com
Domain registrar:	Public Domain Registry
Domain registration date:	2018-01-19 12:30:26 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-11-07 21:37:10 UTC
Total malware sites :	1
A record(s) observed :	17

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-08-07 18:49:33	54.243.117.197	ec2-54-243-117-197.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	yes
2025-08-07 18:49:33	13.223.25.84	ec2-13-223-25-84.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	yes
2025-05-24 11:00:24	13.216.111.180	ec2-13-216-111-180.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2025-05-20 12:50:23	3.130.204.160	ec2-3-130-204-160.us-east-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-05-20 12:50:23	3.130.253.23	ec2-3-130-253-23.us-east-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-04-30 16:06:29	52.71.57.184	ec2-52-71-57-184.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2025-04-30 16:06:29	54.209.32.212	ec2-54-209-32-212.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-04-08 22:34:19	204.11.56.48		SBL494567	AS40034 CONFLUENCE-NETWORK-INC	VG	no
2023-01-19 16:04:40	209.99.40.222	209-99-40-222.fwd.datafoundry.com	Not listed	AS23005 SWITCH-LTD	US	no
2022-11-07 21:37:11	208.91.199.87	bh-15.webhostbox.net	Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-11-07 21:37:11	http://bet-invest.com/mail/nui/	Offline	dll emotet epoch5 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-11-08 22:04:55	ea868dba95a80d9e2deb39fed585ed77cb06bc8e8278a944d6653cbdac9f7092	dll		Heodo
2022-11-08 21:26:48	a94ba8b21b2354db821833421b98dc66facfcaebe92f8e916ae874a7e63f7f1a	dll		Heodo
2022-11-08 21:16:36	4cc827fe3b0f7b912b9bd90b6395f3193905df657ee6267b4a34636697a8e1f4	dll		Heodo
2022-11-08 20:00:16	6e2d254b63f3173b948f91ebf123664fce2fefc019ffa53cb3ed0dd03d599020	dll		Heodo
2022-11-08 18:44:04	ceafb2b498fc91ea729726a5e9e65af2edd43105af76a83db9ccf52944c10503	dll		Heodo
2022-11-08 15:56:55	bac42aae0369b46b827a08da3ba8ed701f9ae7a1b7bd0bfcf924f7b088856cc4	dll		Heodo
2022-11-08 14:24:39	b8b2b26e322549cda9668bc9fc4537cf1f92e8cb52b9afe24ecf6ad14d9123de	dll		Heodo
2022-11-08 13:44:35	ffff7f5904acc95ea756eaa1d6e0461660a4c2a53a0ba4115638aac77b6bcfe6	dll		Heodo
2022-11-08 12:21:58	94561f7861a2dd3192aef946f27f8169d38fc15f67973c268ff234cc3f55851f	dll		Heodo
2022-11-08 11:06:09	9f661b3379942e3abc4b065d712688c618ee1d5c8b9300bce99a93ae30ff23b6	dll		Heodo
2022-11-08 10:21:51	bbb6470e876498bde2f54e06a2f73fa6de269ff5cc31186397ff74da0ffb81a9	dll		Heodo
2022-11-08 08:29:20	9ad4a0b13c633fb12eaa5ba48ada204d27cc154f07aa43fa73f06259bc8f2113	dll		Heodo
2022-11-08 08:03:43	92af97caa7408eab42b52053bcfb9634a41ebd837241441593889bfacefbac24	dll		Heodo
2022-11-08 07:04:54	9fa302996ebe1d1e07f7d6940acfc28aa3774986410ae68a6cf4beeb41ea31f1	dll		Heodo
2022-11-08 06:22:55	d2f74389825dc3e01aef2b9eda43697c22e69d365aef3ff1296ba2e082e1dba4	dll		Heodo
2022-11-08 05:29:51	b358bbbf409107131d2389d1f27b2935cee32e9b7bf50bdd2a8100a4cbc98ed3	dll		Heodo
2022-11-08 04:28:26	8847841a59d26e21b6d1446d9c3db4b2e84a4239db446b80d335878e84561117	dll		Heodo
2022-11-08 02:57:42	7a966f2346a3f503175de7ce0eb15a8f90d6c9d9d5f8f1d2ea4196a0fb531dc7	dll		Heodo
2022-11-08 02:17:51	59bb12f428b9b3a14b504a20019071966375e31ea1e76efb61a2ea0275288e42	dll		Heodo
2022-11-08 01:09:38	34f45d14eba2f8399c154ab424e89136e134efe87c50421ffb9ee8c85ad76717	dll		Heodo
2022-11-08 00:14:58	07a0a73198a62d8a36aa70cd4a3a0de1f43900394dbb819074cb8a51ea86bc2d	dll		Heodo
2022-11-07 23:32:22	733ede195a80131702ec20e61dbb738f5c760687601c0aecb5caeaa2d5e19135	dll		Heodo
2022-11-07 22:31:40	dde9a9966b18fe47f6332925a3958e262f8cae9764af989340fababcfca6ed9e	dll		Heodo
2022-11-07 21:37:11	a8504ecc868a84878dc152b046dfd3dbbf337a171b06ec0792ead6e3248310ca	dll		Heodo