URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: oneup.cc
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-08-09 12:04:07 UTC
Total malware sites :1
A record(s) observed :3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-09-05 11:51:02 99.83.154.118a51062ecadbb5a26e.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2021-08-09 12:05:10 185.239.243.112ns1.20mb.nlNot listedAS212238 CDNEXT- USno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-08-09 12:05:10https://oneup.cc/download/nvcontainer1.exeOfflineAsyncRAT ext CoinMiner CoinMiner.XMRig exe RedLineStealer ext vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-09-07 16:45:361e76fa9be747aba53d20aae6cd4d384c2a84c0b3650c87944085d12a0a713fb7exeAsyncRAT
2021-09-06 22:06:324531d8af87a523a1664264ed8417741d154cdeeebd2c1b77419f18e530722c77exeAsyncRAT
2021-09-05 17:58:3199965cce8132e8c36dfbbe2a7ef0a4db936f147098e8a8cd8bca5d5ec577d192exe CoinMiner.XMRig
2021-09-03 23:10:40d60c9957cdbed60b3f054a942fe9878d23283f6662d16888695adc5e7b3e951eexeAsyncRAT
2021-09-01 17:39:453133ccd49787119edca20d75bc98f791f26da6fc8f70fece3c06a6e0405c4ed5exe CoinMiner
2021-08-31 11:31:2970c86f345adf4e43d56bfeb5eec348475722803a6aa65ceac1a6a0aab4904539exeAsyncRAT
2021-08-29 11:33:25548b9ca933b2acc83144abcb354fadfadc4e15861c7623352be55faea64851a4exeAsyncRAT
2021-08-27 20:56:49a6b2a3131669d745ce097d784a1e227b0e80cb246ea364ef9301cf7887ef1d8cexe AsyncRAT
2021-08-26 21:53:218b480ff5797c4d2a4a4c9eeb9207ce3fa89a1d063a72c90faa341e012faf9fd5exeAsyncRAT
2021-08-26 09:49:138ecd676a1e6ac02ed9db01f62c18940038c695d5bf9938f1133dcbeeffb48fb1exeAsyncRAT
2021-08-25 18:11:0663e4d45c7fce9de0b78e2bc09df98ffe29ac6ca9e36f247977fa37415b8da13aexeAsyncRAT
2021-08-25 17:59:17a3b2cafa928f4fb6d88fe1988d38ae5c7a5323f65739925394d4b641bca02f49exeAsyncRAT
2021-08-25 15:31:00fc7eab3215c8161ea0d3fdfe0d341d4560a597eb0f3693d7495c480aca7612b1exe RedLineStealer
2021-08-21 18:55:479fe95a6421cbcedfcd831733d3b4a0711f8fd245034b67f0fb059d070adbb49aexe RedLineStealer
2021-08-21 10:22:28bff559146bc99484a29cdfd9a234550ad0124237feea6806dd91dd9ebff6c998exe RedLineStealer
2021-08-20 21:42:052675562fe96bd7f22b201128e472ea918bc8b0df59d9076b988976443a59b1d2exe RedLineStealer
2021-08-19 22:35:43bc1cfe8741baf6b8639030cc2369766320b8086c07fe73b57720c02b48de46c7exe RedLineStealer
2021-08-19 20:28:5921431fc384a00434d01bcdd004c56d1a73e9aab4372098c4f175989e05563938exeRedLineStealer
2021-08-18 20:19:38ba39ff62e7b178c55bd2787b5e6690b00e1f3bf6cf5ea30ca2b2e4cfd12bb97fexe RedLineStealer
2021-08-18 11:28:04fb416672e7ef0f01a189765395e9c87a44de01f41f4df96c871a267fea65cb87exeRedLineStealer
2021-08-17 21:11:53c3c1332d02a22afa88eeece8085e0457132b52a7c9c2b4ce2e5578d95ba40690exe RedLineStealer
2021-08-16 12:00:5965dd8fe4f7296cb94756aee39534c14662114365ccd88b407e1a7d9e3178b20cexe RedLineStealer
2021-08-15 10:15:501e445f6c58a18464fc758839559bada7607f882900831891b28d314b2bf77d6dexeRedLineStealer
2021-08-14 21:38:361bcdaedbeec877141cbe2193e3df76599716c70a7cff7bb1d3aec327e5cc0c12exe RedLineStealer
2021-08-13 09:27:44ea0479c1415ce6456d43bdcc72e2fb20c1f876ce0f7490892ed42b3b0c10f0b5exeRedLineStealer
2021-08-11 23:47:534745a79cf2d6a810416effbd35f70e3f7cbd2771988e061192d301e9bf6e0c9fexe RedLineStealer
2021-08-10 17:56:24df4ae1dda690768169a67821f774c860ef72993607de86dc4aa520330aa31529exeRedLineStealer
2021-08-09 21:12:25b17074a58199466de086dc0127bfda7d9a8d01c914e9e6ad3ea79a6462ef6fbeexe RedLineStealer
2021-08-09 12:05:10008a112467f8f7b74845bbb9958650cd16e8be074510e8d58d28f78c1fdd0840exeRedLineStealer