URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: fireclay.in
Domain registrar:Public Domain Registry -
Domain registration date:2016-10-15 09:52:08 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2022-09-22 21:21:45 UTC
Total malware sites :7
Online malware sites :0 (0%)
Offline Malware sites :7 (100%)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-09-22 21:22:16 216.10.243.17server.fireclay.inNot listedAS394695 PUBLIC-DOMAIN-REGISTRY- INyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-10-07 22:16:40http://fireclay.in/mooe/souattpibaluvutOfflinebb L375 Qakbot ext qbot ext Quakbot ext TR zip Cryptolaemus1
2022-10-07 22:16:40http://fireclay.in/mooe/orrpsecaomixmiOfflinebb L375 Qakbot ext qbot ext Quakbot ext TR zip Cryptolaemus1
2022-09-28 17:54:48https://fireclay.in/mooe/orrpsecaomixmiOfflinebb H322 H436 Qakbot ext qbot ext Quakbot ext TR U425 zip Cryptolaemus1
2022-09-28 17:54:40https://fireclay.in/mooe/etmaestOfflinebb H322 H436 Qakbot ext qbot ext Quakbot ext TR U425 zip Cryptolaemus1
2022-09-28 17:54:34https://fireclay.in/mooe/souattpibaluvutOfflinebb H322 H436 Qakbot ext qbot ext Quakbot ext TR U425 zip Cryptolaemus1
2022-09-26 18:22:11https://fireclay.in/uvt/astiicsdinebutesOfflinebb H436 Qakbot ext qbot ext Quakbot ext TR zip Cryptolaemus1
2022-09-22 21:22:16https://fireclay.in/uvt/trsucksOfflinebb encrypted iso Qakbot ext qbot ext Quakbot ext TR zip Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-10-05 20:23:160cb25b0f762c47c2add3c4d39ceb0b69b5eecd20450454bb4c6d5846eb3179d0zip Quakbot
2022-10-05 16:06:563875cca4e67b675c00709698401848011585e8a2c8598576d334ff13cd204c27zip Quakbot
2022-10-01 09:35:216fd6f1f4c9ab3384c6bf8623c655819000d84df1744121504822235f1319f563zip  
2022-10-01 01:09:465e702355670d8ec65c41e0dfe42c2f5eb0a5c53461b752b4f3db1a3809aef19dzip  
2022-09-30 19:02:34add82a374aa36a743916abf43846ef6f2e91b599282088a6c202f35c3eb17a67zip  
2022-09-30 18:47:09bc8a87966e64bea3da1b3460f9aeb6569ef7acaf0c09a7e6db1af816e08ba9dazip  
2022-09-30 13:56:29d448e7d2415c9d3a8ba752ec4d9715902e5d4979be0c155d2150514bf771cab1zip  
2022-09-30 10:03:48b9a1328f3107582e58d4fef064f2d3998b658ccc513f9e98a513f5606400d9bezipQuakbot
2022-09-30 04:26:40dc8d1655a5d4c7e798c74a4408e9caa77b6740a55eae8416ff32b7bc7d5806d8zip  
2022-09-26 18:25:1345511f24f85e96e151a54ae9e25c07ae0af9dddad86c66a40469fabff8a75423zip  
2022-09-26 12:36:0980c74215cae768ebe9d0a6b8b6f792b627f3aae2a91e74670d3773d8b3fa4e6fzip  
2022-09-26 00:34:17754a2486351a0b3e7207137bdb6b5de5b221e2f65690d745893083b0fcff0963zip  
2022-09-25 18:33:317798aa713ab7ab60af33801dfe1b80d66263da5324bb761830b92be1d9c9a555zip  
2022-09-25 00:20:38abc30fc1cd65dae8b62e8057b6e862684c01c5a1424f7d7e8de9cf5b1a6c8a4ezip  
2022-09-24 18:18:44db321bb4f533eda4fe67dd17ec9b817b1390da68da6c296d15d2b66b56f5bbd0zip  
2022-09-24 00:12:21635f641a6c65a11afd595949167e3bf5cf05d1f0ff73834c219fa901bbfa9969zip  
2022-09-23 18:11:23b2ff916ce3d6a553a38a1dbfaad62f8d2d653feb0ac460c1c350c3453ecaf098zip