URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: orcirrus.com
Domain registrar:GoDaddy -
Domain registration date:2021-10-17 04:29:02 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2023-05-17 13:06:09 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :13

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-10-22 21:18:52 13.248.213.45a67c48129651a0940.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-10-22 21:18:52 76.223.67.189a67c48129651a0940.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2023-09-25 08:52:50 15.197.148.33a2aa9ff50de748dbe.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2023-09-25 08:52:50 3.33.130.190a2aa9ff50de748dbe.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-04-27 11:23:58 184.168.108.146146.108.168.184.host.secureserver.netNot listedAS26496 AS-26496-GO-DADDY-COM-LLC- SGno
2023-05-17 13:06:14 188.114.96.3SBL690066AS13335 CLOUDFLARENETn/ano
2023-05-17 13:06:14 188.114.97.3Not listedAS13335 CLOUDFLARENETn/ano
2023-08-17 08:50:56 188.114.96.9Not listedAS13335 CLOUDFLARENETn/ano
2023-08-17 08:50:56 188.114.97.9Not listedAS13335 CLOUDFLARENETn/ano
2023-05-18 23:49:16 104.21.8.99Not listedAS13335 CLOUDFLARENETn/ano

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-05-25 12:00:21https://orcirrus.com/rut/OfflineBB29 geofenced js Qakbot ext USA Cryptolaemus1
2023-05-17 13:06:14https://orcirrus.com/rn/?1OfflineBB28 geofenced js Qakbot ext Quakbot ext USA Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-05-27 20:28:44d75f0bcd50e06fcbe40950608726b3d9eb00d32e6d64325dad9b6087f7acaf36zip  
2023-05-27 19:26:166cafc660598f52c635b89456f8879e9c609c478f5863aa98dac35bb7e3029c4fzip  
2023-05-27 16:39:00eb28a620b127eeec16417632b62e4a33000a6a9e5b7720fd08f6b0e46ab33947zip  
2023-05-27 14:21:36e9a3845e4662486275212c47a6d9f36fcc239623edbaccdb4818eb732f2f34f8zip  
2023-05-27 14:15:57adb2010a61becdf8827cedbf7059a9628fbef9e295998f58038a80671eaece32zip  
2023-05-27 11:59:14069e5d686886895977b43113d5f48dcf14db64b7852ca8dc385d3f4fbc3c640czip  
2023-05-27 10:13:04386e6a95b28eb30f2cd995cbd6f45dff249724a9affe6acdf2869243d66a33e5zip  
2023-05-27 09:06:3493d4354431b3e348d540575eb7ca40710ec6421ca3507a753a23027dfc6fd7e7zip  
2023-05-27 07:16:28e131765d13c90243253a0d5ba09c4f90719129611a47af90b300312b917cbbf8zip  
2023-05-27 04:46:182877941a53898ed621d151c876f740a3f195e2bad9ae3b56c020bd6ff5d08be5zip  
2023-05-27 02:53:43cec74aa885f9547086aade41a64f67fb4f979cbe145434b36bd4e9586f15b25azip  
2023-05-27 01:23:33485db78b9408f0655abe9c58a9380e0b68c2b70ccf301e8a55c345924b6b1e78zip  
2023-05-26 23:57:3557679b4369cecd8dadb4a5b0f31f89674a35cd532bd04189a4cb189cb1a7b6cfzip  
2023-05-26 22:39:4176124f9b4723a0136c3104a4a4d16f1ec9940df045345e1613fedbff64c4bbb7zip  
2023-05-26 19:21:49a4e0d09c381c888b82a509413014ae11f5110ffd19026c746d9382ca7975e63dzip  
2023-05-26 19:01:11bb4bd247544d5e2a0ec8c77485881feba468dc516bebb4180d8a78f253a3b7efzip  
2023-05-26 17:05:0302dd6c1fbd56b47235090f365112b8479905a06f3d0b7d21f0f9008d6be07ed1zip  
2023-05-26 13:53:42643945c0f4575beb3aa89663d67407e128647e7864bb9e830b0877d09babd72fzip  
2023-05-26 13:44:0049136866719cae0224a9fa209c71ef3449030d6a5706eb9718bc2c18f40ef840zip  
2023-05-26 10:26:223acd27275ee88578688df3d0a548c71a6329e40cbd03aa50a7557be1585c57a7zip  
2023-05-26 08:39:292aa00d299ea960a5c30a44faeedd17e9eb848d3aa04549c2dd28d8ee9643f381zip  
2023-05-26 07:59:0490b4ff4e3c9ccc24a52f8767f422ab73d9ffdd8ae0753aa166efadbafa35ff08zip  
2023-05-26 05:35:09758672a1fcf4ad51914dc6e289ec9aa714bece3e39fab71379645d55cc37cbd2zip  
2023-05-26 03:27:36ba9c1164acca83f4211100b1933dd811a2ff5e00649c2fee0df0de2bb7bb6ec5zip  
2023-05-26 02:14:082f841ea135bfea1f73f4919dea9596dfbb51629dc57e223f21369193c89016b9zip  
2023-05-26 00:35:086df1359451c0648a01dc5365262849eca6845a0b02bdefb348533602465447d8zip  
2023-05-25 22:59:58e29c80035e987b23df8ad63956044fb5395bebd590b122a972a4cf36fdf78be3zip  
2023-05-25 21:53:3639cdc2f9dcd885bcdef486eda26b500d018ac0aba85e7b076e7549ea71b81b0ezip  
2023-05-25 20:21:27cd90e4fa4e3f0281ad718c8f91d6ba764d99056d7850b1a7b3f27e0a7dd559a2zip  
2023-05-25 19:30:08fbb7d2a0a25cce5703289d971cb3bf9722be9dff055f7aae57ec0f2d55781eb6zip  
2023-05-25 18:05:47b0887ecec2ef198ba27e840d6bef13810f6e53af8376e928662f0b6584978d59zip  
2023-05-25 15:58:47d61e8aefe1de0fa7df53a790207c9b646e7740015514568d6c8f984f9a03f213zip  
2023-05-25 13:48:398d1829cb96a42da8fb5f74c0666c3c43e64e7d5b84dcf1eea19764c8682ddf69zip  
2023-05-25 12:00:2134e9912e4cc8ab441910a3298a69f9cc08e184ef7e860b4a726bb3c322f197e9zip  
2023-05-19 19:10:121cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcjs 
2023-05-19 17:28:16bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780js  
2023-05-19 13:05:4151ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4js 
2023-05-19 00:46:456016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59djs  
2023-05-18 22:36:04c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021ajs  
2023-05-18 21:10:0876443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8js  
2023-05-18 19:17:321a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eejs  
2023-05-18 16:50:12d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182ejs  
2023-05-18 14:04:121bb942c5b678094d5f59b1974a56c46a46081aa1b4a9400aa4dd3441e1f4efb4js  
2023-05-18 11:54:15e29a41a9d60625c8b7ab2e66896cd279af26a9abe095095e8f71d39a518717dbjs  
2023-05-18 11:08:515155a314d6e44ed6eb4d65e80d368d8bcd4e8674e293bce8d712b03395d22f6fjs Quakbot
2023-05-18 09:22:4402736e3801e700601d6212804b2d824ae4771d32fb369044887fdc9f2076ddfdjs  
2023-05-18 06:39:45f21a9095152b5a7124af37bde4000f76717ad002ec5e40bb2b86dc71839dabeajs Quakbot
2023-05-18 06:01:3181c46b64d5ec7559ae3287d14b77e2574baf7808d818c8b6f2375da96a544c50js  
2023-05-18 04:00:24f39cee789a4050e31f3f61e2dae48c0b5328d480424a439ba3c06fdf7d12ba43js  
2023-05-18 02:48:251226b64c5cdc915647f5412f5ca66ffeb7ac2c6e7787e3f38195da88b68ca12ejs Quakbot
2023-05-18 00:57:50f6367e6003455bd5ec09ff23726731029805bd0357bc8cd5184dfe270962601cjs Quakbot
2023-05-18 00:38:46de40c651da56945e6aa4f1adecf9ca842f4b2c630f3e1ad45c2c02952d4578c7js Quakbot
2023-05-17 22:15:20d72be2d3e9fcadaa237d2573ff95eacd51e973b70514465c8d57e7cd957769b2js Quakbot
2023-05-17 20:07:5082cd8d7b9c35490bb2685891e16cfd099b8290ad60d557532fe6ffcdc79b6b88js Quakbot
2023-05-17 18:32:33b866fb32a73c9c9a6de4c2fa92651d4d8d7f72f0fe66af797867274e8a889e85js Quakbot
2023-05-17 17:02:477b0e64b5b88495d402a11b16ad7776cc5e0d44a07992e8b9cf9c7006a92ac8bcjs Quakbot
2023-05-17 13:45:5367878c5898e4d6118aea2d8059896ec493c2cb1b7f3bdc563068504a0bca9373js Quakbot
2023-05-17 13:06:146bf7410f1b32c7fad44030961607fb13ec400a2a008f5817485ba84c5c297175js Quakbot