URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.onecupad.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-01-27 15:57:02 UTC
Total malware sites :	1
A record(s) observed :	11

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-11-19 11:07:36	13.248.148.254	aba1c1ff9d2ec5376.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-11-19 11:07:36	76.223.26.96	aba1c1ff9d2ec5376.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-11-05 09:45:01	172.236.126.142	172-236-126-142.ip.linodeusercontent.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-11-05 09:45:01	172.236.126.145	172-236-126-145.ip.linodeusercontent.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-11-05 09:45:01	172.236.126.225	172-236-126-225.ip.linodeusercontent.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-11-05 09:45:01	172.236.126.234	172-236-126-234.ip.linodeusercontent.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2025-04-27 17:33:31	104.21.74.93		Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-04-27 17:33:31	172.67.168.3		Not listed	AS13335 CLOUDFLARENET	n/a	no
2020-01-27 15:57:05	85.187.128.19	sg1-sr4.supercp.com	Not listed	AS55293 A2HOSTING	SG	no
2025-11-23 11:48:23	172.234.24.211	k8s-svc-lander-02.us-ord.parklogic.net	Not listed	AS63949 AKAMAI-LINODE-AP	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-01-27 15:57:05	https://www.onecupad.com/wp-admin/OCT/wfdsggi/	Offline	doc emotet epoch2 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-01-29 16:10:27	135e6e64bd7742b372ada6b825319eb55fa6081a563f2bb5b8c41b146badb7e9	doc	Heodo
2020-01-29 15:00:53	297fd91043a8029b8962d475697106ba99591e11fd9a12213f50dc4df365404b	doc
2020-01-29 15:00:48	297fd91043a8029b8962d475697106ba99591e11fd9a12213f50dc4df365404b	doc
2020-01-29 13:29:01	caeb63c281928fabb08a3fd9e2dc5ce013153975c7c123520486b8659e018454	doc
2020-01-29 11:58:59	7a9f0072f9f336e1f477765326b0904a8bdd927336a3f89900469770ad33b1e4	doc
2020-01-29 08:03:40	9346481a03e2a1556f554427fc48e9ff195a24a75b018989f882089a340069dd	doc
2020-01-29 07:24:08	4e89efad89df0f1d9b0774bf71616623134ab1dac90d2d40a213a7fc915ac7f4	doc
2020-01-28 15:16:45	0326447359bcb5cec3c6b6c7f4f9a983eaa6c3a0d180c4137a44f2fb041bf643	doc	Heodo
2020-01-28 13:44:54	7d3a3874f861a74507017ef33df30b4d919a29b0c3cd5a880fad08914d6e3e79	doc	Heodo
2020-01-28 12:13:47	566db9b01fd935b2a8a63aca4b9f41becf0fa76eb8d74ba2b1c5920d70bdffbf	doc	Heodo
2020-01-28 10:41:48	4c7d8fcc5c94c42dc2ec3136c567e14adf68f8137ea6958e03715d26d5cdd3eb	doc	Heodo
2020-01-28 09:11:38	fddc3cc379cdd9dad9d1d35e42a8d1e42faf7c7d4c88967adcfdbd6030796a12	doc
2020-01-28 08:00:26	726fe3a86f202ffbce80e52bd30501e05747819355ed9bd32f0c7346a497c7ed	doc	Heodo
2020-01-28 06:51:04	6f3fc64cc5874fc03f7e564c4c117aa694fbce96e69e40c4a52b96a5d6b84211	doc	Heodo
2020-01-28 04:40:40	7eff6e61b3df124ca02fd6ae860683afe4dddc1693d6ad935c6c72bc802e3aae	doc	Heodo
2020-01-28 04:03:34	854df2c5586d2b84b721ec3629949c9a2c869ad4f475cc430fff5c43c97f6fdc	doc	Heodo
2020-01-28 03:02:16	d3a46ba5db98b7ec4fa19d3393304d4e77647537575c5b109f31a957334a0efc	doc	Heodo
2020-01-28 02:30:14	75dea07761a62ad2984062fe1a7aff9b51e413e565107dc128fd73b2a108e9e7	doc	Heodo
2020-01-28 01:46:49	76c895914283cc32f6cfbe15be64b225c2a8b349dce0f76673b062b91ca7087c	doc	Heodo
2020-01-28 00:47:58	f374503b3b9a1561d2c81237b910ef6e3d98c486c1e3d5e57321f81f126adbde	doc	Heodo
2020-01-28 00:16:35	40e6bc576919420acc6221f3dd2f68aed232207822333a4d33b3eca4bfd5b22c	doc	Heodo
2020-01-27 23:39:55	88fd2158ba7b87acff57e31a10925a8a55fd2c299bffff2749af387a44fdb8dd	doc	Heodo
2020-01-27 22:07:56	8bf1359493ab66967a808ecdc5669f97a06b6dc6b09436ce05a1661cd1d4673e	doc	Heodo
2020-01-27 20:35:44	52cbfade77b0f617a83dd52e08fdc06820da595cb7aa9505337fe735f5cd3718	doc	Heodo
2020-01-27 19:23:00	c12d27ec8cf6674fcd11bda2c3567ff7499113c910ac59482934de9408f26a8a	doc	Heodo
2020-01-27 17:54:38	d422d6ef522c546ebd7984b39c60ac7c8bd4f78b9ca09f03ebc304d8e6342323	doc	Heodo
2020-01-27 16:24:29	4d436063a825cca1f42f22edd88923fa73a3efd6808a449c4e0b57972857e4fe	doc	Heodo
2020-01-27 15:57:05	45f7a84fb184243cf66d57c265c388bdbd7f3150373f1fd37a166efdee5ef35e	doc	Heodo