URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	sagami-suisan.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2019-02-26 09:29:10 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-05-14 09:27:54	157.7.44.237	users271.vip.heteml.jp	Not listed	AS7506 MAINT-JPNIC	JP	yes
2019-09-24 19:18:31	157.7.44.220	users018.vip.heteml.jp	Not listed	AS7506 MAINT-JPNIC	JP	no
2019-02-26 09:29:12	157.7.188.209	users216.phy.heteml.jp	Not listed	AS7506 MAINT-JPNIC	JP	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2019-03-05 19:18:04	http://sagami-suisan.com/wpBK/GKPIK.zip	Offline	zip	zbetcheckin
2019-02-26 21:05:02	http://sagami-suisan.com/wpBK/msg.jpg	Offline	exe Ransomware Troldesh	abuse_ch
2019-02-26 09:29:12	http://sagami-suisan.com/wpBK/pik.zip	Offline	RUS Troldesh zipped-JS	Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2019-03-05 19:18:04	fb545627da01ab385b7d2cfbae4b892e0c7964cf6a6d731c5261d692e2ac9570	zip
2019-03-04 23:52:17	400295a3f7672579a747ee9d78dd601e023d1d5fffef4358d1473b82eac6cd92	exe	Ransomware.Troldesh
2019-03-04 20:14:27	70bedd8eddd7b0a1d49fdfe8ab46e1f95b3d62c54432b29c9ed7a6f03884902a	exe	Ransomware.Troldesh
2019-03-04 12:36:15	df4a138c802d091e14fa70817b569b2c9a242350f89adabc5677cc605bd342c5	exe	Ransomware.Troldesh
2019-03-04 06:59:24	a1271c366e91dbc3a7f0d6b4b2c1873019056786219c14ad12185ad115771632	exe	Ransomware.Troldesh
2019-03-04 00:19:48	9fd117a49c72a3a351a8ebdb81b4a4d112884fc2fcf2506910c3e353f4237f8d	exe	Ransomware.Troldesh
2019-03-01 08:12:44	391a3defc2f9ec2de3e163e6f5655e5580d8390bcc156075b6fbc7caefe131e0	exe	Ransomware.Troldesh
2019-03-01 00:39:40	80febde88e93687893fee2cc8f25b95873a6c7ea673f2cd13fa0bbbab5f7d4df	exe	Ransomware.Troldesh
2019-02-27 11:04:51	1af9ef4510971f96fc35ba88812ce33d47aa39176b52a81cf2c1c3ccba2fce19	zip
2019-02-27 10:33:07	bc10046107123510ae74a73d47c5bbc93695224da1448355f8523fc4e184923d	zip
2019-02-27 10:04:36	41ed163b301d1069678ce4ce2095d56693b3861d79d5b166465843149d9d4299	zip
2019-02-26 21:05:02	73c904d658efa66370dfe8ec83a39c3038343b03e5509fa3280c85bd76790b32	exe	Ransomware.Troldesh
2019-02-26 12:02:12	b3d6c7d90d6f87074a674fc2650b3ad72a4718a34a19053a7e948d10adb633a6	zip
2019-02-26 11:00:18	e101e8968dfdea8d87ccc7a536b4e4f05f8d89bc78cd455b31d99f9bbc41206e	zip
2019-02-26 10:29:10	7057a3b6595ad144927962fb75e2195ad3f1eff28086df31bbff518e7c5d2fa9	zip
2019-02-26 10:00:12	52edb4bbadb39f62b82befde645ba35e9c3003e56c47286ccb1cd4b4c4326e33	zip
2019-02-26 09:33:19	9168d266a7797b70dcb9b0f6de8989053c31444b4ec1e65f3dfb34a91d2e3928	zip
2019-02-26 09:29:12	24491d08d0a375b2b6f28a7ded44c8ee0e9f6e2695b274fe56fcca77f7e8ab92	zip