URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	saarchitectsbd.com
Domain registrar:	Porkbun
Domain registration date:	2017-03-29 09:15:25 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-26 19:55:03 UTC
Total malware sites :	1
A record(s) observed :	20

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-11-18 19:30:18	46.202.186.189		Not listed	AS47583 AS-HOSTINGER	ID	no
2025-05-05 10:29:53	184.168.114.4	4.114.168.184.host.secureserver.net	Not listed	AS26496 AS-26496-GO-DADDY-COM-LLC	SG	no
2023-06-27 16:25:30	52.204.111.188	ec2-52-204-111-188.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-06-27 16:25:30	3.212.23.181	ec2-3-212-23-181.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-06-17 13:32:42	54.208.123.157	ec2-54-208-123-157.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-06-17 13:32:42	44.209.19.146	ec2-44-209-19-146.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-06-15 09:39:27	18.205.88.94	ec2-18-205-88-94.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2023-06-15 09:39:27	34.197.12.145	ec2-34-197-12-145.compute-1.amazonaws.com	Not listed	AS16509 AMAZON-02	US	no
2023-03-13 08:46:44	199.59.243.223		Not listed	AS16509 AMAZON-02	US	no
2022-09-07 11:40:16	199.59.243.222		Not listed	AS16509 AMAZON-02	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-26 19:55:07	http://saarchitectsbd.com/wp-admin/tWzH87/	Offline	dll emotet epoch4 heodo	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-03-10 03:19:16	6184aca9adcd839530955f4245a37b3feedb4a19d44ac802c1622841e55839a1	dll
2022-01-26 23:57:35	43e9fa52ca2fdff6590b6d5b14535a40c8429a78d6415819273cd15d2f3d6262	dll		Heodo
2022-01-26 23:43:55	20663733dd71e344b1e79138a1613916f693d352f452edb890b92c460447d20d	dll		Heodo
2022-01-26 23:26:16	fcc60d0db7216f6b790b5d613cad7bece79ff0513500ab5313b1a1a09164dcf2	dll		Heodo
2022-01-26 23:05:59	274fb45db8b7718895d21a2caa29ab1b12d5d57fbfb92ba6f4f94eee4345aadd	dll		Heodo
2022-01-26 22:52:46	a521cb0ad6fdae5c80b43649c86febae3e39003316eadec78eddf12b185a015c	dll		Heodo
2022-01-26 22:39:18	4b6e3fe3645fd0a4ac333835d71520a6f2d1fcc80e27849a50274249985d58a8	dll		Heodo
2022-01-26 22:18:14	229ee8246a71b9fb8bcb3ff887518e1dc4906b03e3fde08556f8e6d56d6afd15	dll		Heodo
2022-01-26 21:59:32	d1a9b66326ec0e791a39917e340d21ad081e4f1e246685811f89e8ace0c2ce1f	dll		Heodo
2022-01-26 21:52:51	c106d8ede079b46d4e04f0dd2fe33f8b79a1f5410942591f5b7e008825209819	dll		Heodo
2022-01-26 21:27:48	30b0b6853cbaff9745177aafc26ca0790b0a32fb973ff9a86ddd9032df537547	dll		Heodo
2022-01-26 21:17:32	94d048eaf0dd8e15cee99391906214404a2b3163552bb44da032bd6f5ac7863a	dll		Heodo
2022-01-26 21:08:23	edb668f08ee8cedf682f31e24ac87f13a3e233b58f82e2258544c531df008976	dll		Heodo
2022-01-26 20:43:47	cd2e9e4fb5bf0ab32fab483e188033a89c7838c8613b16666ca4d2760dbbba3c	dll		Heodo
2022-01-26 20:25:45	02823ad566f13bb215ccd586fc8da08462b1ca34518e0400f9017c6345dfa12d	dll		Heodo
2022-01-26 20:19:38	a11a77ffcaf0743838c662e8f5ac2693124da382b64ac863886f1f2a98af292f	dll		Heodo
2022-01-26 19:55:07	0e50bee3e05674221a89ae2b0c45c4520df7bf563f5875ef96946c72caa3fc97	dll		Heodo