URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	investmenthub.world
Domain registrar:	Namecheap
Domain registration date:	2021-10-27 14:38:55 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-12-08 22:11:08 UTC
Total malware sites :	1
A record(s) observed :	9

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-23 15:18:33	188.114.96.3		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-10-23 15:18:33	188.114.97.3		Not listed	AS13335 CLOUDFLARENET	n/a	yes
2022-10-27 21:15:46	99.83.154.118	a51062ecadbb5a26e.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2021-12-09 19:18:17	162.55.190.232	static.232.190.55.162.clients.your-server.de	Not listed	AS24940 HETZNER-AS	DE	no
2021-12-08 22:11:09	172.67.207.158		Not listed	AS13335 CLOUDFLARENET	n/a	no
2021-12-08 22:11:09	104.21.93.84		Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-11-07 09:01:19	104.21.3.20		Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-11-07 09:01:19	172.67.130.12		Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-10-21 04:58:51	199.59.243.228		Not listed	AS16509 AMAZON-02	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-12-08 22:11:09	http://investmenthub.world/shopkeepery/UGXiOMBT...	Offline	doc emotet epoch4 heodo	waga_tw

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-12-09 06:34:41	0d93a4f12d6e52dd86f8194dc522bdf7b6c4724898e929e12943c15cef4f3aa9	xlsm		Heodo
2021-12-09 02:46:26	27eb195a0ed6e64b5b3a50fd111ddd216fd6545a3b74891745c72970cad9035f	xlsm		Heodo
2021-12-09 02:18:01	72ddbbd658380e1eaca1deaf8a20ceaf53947f3f549ce84d05b3906cb13d04ee	xlsm		Heodo
2021-12-09 02:08:19	957f0fab563de48ae41da020061dc0090e02cf4eaf0b022344a742105a53be99	xlsm		Heodo
2021-12-09 01:39:18	4fb3b7dfdd32dcb5f30ce1f30529aaee5a53032f3edaeaebffec25390594a57c	xlsm		Heodo
2021-12-09 01:03:59	3f69c247692ec5db4d7bcc92ebabc9bad455e0a32f0a2d7bc3a247000cc634c7	xlsm		Heodo
2021-12-09 00:44:33	f008cd221bbf64a6901e9e67baba0f4e5c28d6f0e30e06617c8555799ba3f17c	xlsm		Heodo
2021-12-09 00:28:31	47eb41ba61a62ac3714f2a4f994111c1e7954a2c79ab44eeb784863b2eb9c67e	xlsm		Heodo
2021-12-09 00:16:34	59f510c09d494784d0266b6f5c9963b2b47590db031468749c07714441bd480a	xlsm		Heodo
2021-12-08 23:44:53	1438301d4dcd00de6de8ccb86b00e75b7f593f2ace4b8fd843c5573d4bffba2e	xlsm		Heodo
2021-12-08 23:30:30	8510a0ab3226501a044e1cc7caa1f0b23c752017b2bf7525f339f5e35bb91f96	xlsm		Heodo
2021-12-08 23:16:28	736ccd4db67873fe036199ce7eaba8d2634f53a7b78c6ad371dff2f968d7c7d2	xlsm		Heodo
2021-12-08 22:43:00	cf6930d68abc28dbe2b1177db781ba6320a7a2499da4cb80156d61127dde6b8c	xlsm		Heodo
2021-12-08 22:29:45	e5ede3165bf98efcd9d310d5d4f49782de35de80d07de2046912f3a3741424b0	xlsm		Heodo
2021-12-08 22:11:09	d36dea9571b31b8db6a31b4e95e972b5ec34b724167fd0e647479a7331a59ccc	xlsm		Heodo