URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	92c49223-b37f-4157-904d-daf4679f14d5.usrfiles.com
Domain registrar:	GoDaddy
Domain registration date:	2013-05-26 10:30:54 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-10-19 09:10:04 UTC
Total malware sites :	23
Online malware sites :	0 (0%)
Offline Malware sites :	23 (100%)
A record(s) observed :	245

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-04-27 08:59:55	52.222.136.100	server-52-222-136-100.fra50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	yes
2025-04-27 08:59:55	52.222.136.105	server-52-222-136-105.fra50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	yes
2025-04-27 08:59:55	52.222.136.128	server-52-222-136-128.fra50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	yes
2025-04-27 08:59:55	52.222.136.3	server-52-222-136-3.fra50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	yes
2025-09-03 19:01:56	143.204.55.102	server-143-204-55-102.osl50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2025-09-03 19:01:56	143.204.55.17	server-143-204-55-17.osl50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2025-09-03 19:01:56	143.204.55.39	server-143-204-55-39.osl50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2025-09-03 19:01:56	143.204.55.56	server-143-204-55-56.osl50.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2025-05-16 02:28:25	18.245.31.105	server-18-245-31-105.fra56.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no
2025-05-16 02:28:25	18.245.31.36	server-18-245-31-36.fra56.r.cloudfront.net	Not listed	AS16509 AMAZON-02	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-11-15 08:07:03	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla ascii powershell ps	abuse_ch
2021-11-15 08:07:03	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla ascii powershell ps	abuse_ch
2021-11-15 08:07:03	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla ascii powershell ps	abuse_ch
2021-11-11 16:00:04	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	RemcosRAT	Anonymous
2021-11-09 03:01:04	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah hagga ps1 remcos	AndreGironda
2021-11-09 02:53:09	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah hagga ps1 remcos	AndreGironda
2021-11-09 02:48:09	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah hagga ps1 remcos	AndreGironda
2021-11-05 15:12:06	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	ascii powershell ps	abuse_ch
2021-11-05 15:12:05	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	ascii powershell ps	abuse_ch
2021-10-27 12:14:04	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla ascii	abuse_ch
2021-10-27 10:21:04	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	ascii powershell ps	abuse_ch
2021-10-27 10:21:04	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	ascii powershell ps	abuse_ch
2021-10-27 09:37:09	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla ascii	abuse_ch
2021-10-27 09:37:09	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla ascii	abuse_ch
2021-10-27 08:26:09	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline		Anonymous
2021-10-26 15:54:04	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah ascii hagga	abuse_ch
2021-10-26 15:54:03	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah ascii hagga	abuse_ch
2021-10-26 15:54:03	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah ascii hagga	abuse_ch
2021-10-26 15:54:03	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah ascii hagga	abuse_ch
2021-10-20 06:53:09	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah ascii hagga powershell ps	abuse_ch
2021-10-20 06:53:09	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah ascii hagga powershell ps	abuse_ch
2021-10-19 09:10:15	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah ascii hagga powershell ps	abuse_ch
2021-10-19 09:10:04	https://92c49223-b37f-4157-904d-daf4679f14d5.us...	Offline	AgentTesla aggah ascii hagga powershell ps	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-08-16 06:51:17	b1c7ddb915347e803f55c4f8cdb7f1021fd7b60b0d5a8ae53a4b7330fb07c441	txt
2025-08-16 00:09:05	b1c7ddb915347e803f55c4f8cdb7f1021fd7b60b0d5a8ae53a4b7330fb07c441	txt
2021-11-15 08:07:03	17da1193461bdd1c84863518cac1c4f94c044f8a7ac9fcbd0c6f1e7a23bea091	unknown
2021-11-11 16:00:04	950da5525a3b8433e7416863d655f0611e66fb7f1716893e6929600f7411395a	unknown	RemcosRAT
2021-11-09 03:01:04	f92936021fe3c7df7806029624f17c22bf8103ab3f887effa12ce72357b6b121	unknown
2021-11-09 02:53:09	97d82c995cf5b9a86792c4b115a4920ae63ccfe2f363aede44be78de634a51b2	txt
2021-11-09 02:48:09	63d20b4e1123c929cabf35a8c4b8268f0aebb98e38ccdb31918ecb9e530cdc93	txt
2021-11-05 15:12:06	380123f9b487dbd60a7c6ad3cc4b6b244734f8a505ae2fb5c0fc3e950338e4bf	txt
2021-11-05 15:12:05	cf2efc242cac3106e10cc9a240100bc25f0da9ea6c4fb26fc427c27d43834c0f	unknown
2021-10-27 12:14:04	97d82c995cf5b9a86792c4b115a4920ae63ccfe2f363aede44be78de634a51b2	txt
2021-10-27 10:21:04	aa9bb1fcc6ed58b23d2f7ff9b905ebb38540a9badcfa217fae13e91e4a380649	txt
2021-10-27 10:21:04	a26251a7f154321b56753429f85f38a33841b348b4b367fafdf67a089185c129	txt
2021-10-27 09:37:09	cf1aaf35e002b58a054e96ff6a34bdcea42fa1e938e58b4b5c448afd63501385	txt
2021-10-27 09:37:09	d1195ecb1e3c22c004fdcaf42a6f2ebddd723a6bec06d2ca133340fb44a7e2af	txt
2021-10-27 08:26:09	63d20b4e1123c929cabf35a8c4b8268f0aebb98e38ccdb31918ecb9e530cdc93	txt
2021-10-26 15:54:04	0e11354b66524c498de59efc9d95f55d3b69e48fae1f76c4f7d0f4d532c0c75d	txt
2021-10-26 15:54:03	380123f9b487dbd60a7c6ad3cc4b6b244734f8a505ae2fb5c0fc3e950338e4bf	txt
2021-10-26 15:54:03	58d418e7224184fad7b2c83a66baa3b4d3c58b217352a3176b2a1279e19c3452	txt
2021-10-26 15:54:03	f93bcd659061212bec28cbffbfabe376a07885dcd6108aa96dc628b442253ec5	txt
2021-10-20 06:53:09	bde80ed6bb5c92140fce373917454f35af6f9d0546414fe8c24d2056e544fc16	txt
2021-10-20 06:53:09	0ad70e2951f6f0ccd6215db90ee6fa57ec782b31fbe1e938c669990461f7fcac	txt
2021-10-19 10:21:31	d2606cc6318b1e0c21de14cf79f8e06652e783e9239c84eec8bd2b0582ab6cd2	txt	AgentTesla
2021-10-19 10:20:08	efe702eff8b1684d9a92b1a5f24e1f375033dd124e588ee30cc778adc16d76f1	txt	AgentTesla