URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | ob.youstarsbuilding.com |
|---|---|
| Domain registrar: | Amazon  |
| Domain registration date: | 2022-08-01 14:43:58 UTC |
| Spamhaus DBL : | Abused domain (malware) |
| SURBL : | Not blocked |
| Quad9 : | Not blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Not blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2025-12-30 09:49:05 UTC |
| Total malware sites : | 1 |
| A record(s) observed : | 20 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-12-30 09:50:07 | 13.35.58.81 | server-13-35-58-81.fra60.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | yes |
| 2025-12-30 09:50:07 | 13.35.58.44 | server-13-35-58-44.fra60.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | yes |
| 2025-12-30 09:50:07 | 13.35.58.37 | server-13-35-58-37.fra60.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | yes |
| 2025-12-30 09:50:07 | 13.35.58.124 | server-13-35-58-124.fra60.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | yes |
| 2026-01-29 09:19:56 | 18.239.18.76 | server-18-239-18-76.ams58.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2026-01-29 09:19:56 | 18.239.18.68 | server-18-239-18-68.ams58.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2026-01-29 09:19:56 | 18.239.18.13 | server-18-239-18-13.ams58.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2026-01-29 09:19:56 | 18.239.18.10 | server-18-239-18-10.ams58.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2026-04-14 19:36:11 | 108.157.150.106 | server-108-157-150-106.mci50.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
| 2026-04-14 19:36:11 | 108.157.150.81 | server-108-157-150-81.mci50.r.cloudfront.net | Not listed | AS16509 AMAZON-02 | US | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-12-30 09:50:07 | http://ob.youstarsbuilding.com/sxp/i/522f8dbab7... | Online |  JAMESWT_WT |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-04-27 18:37:22 | c05081da297d2d221e87a65fec2b05c7de47d5e61ce57a56d3db3a3275776c30 | unknown | ||
| 2026-04-15 18:10:30 | 06bd12f30c464c8b2e20b98d41f56c286495822d6e53ec56c10e8909666dde13 | unknown | ||
| 2026-03-15 15:32:18 | 831e1209df4e78692c616098a4000e550a253ca64972907db18dada476bb966b | unknown | ||
| 2026-03-08 18:28:43 | 4d206f23dfad6214675af947d5847f7120ef1b3a6a4378a7785679e77bf0efcc | unknown | ||
| 2026-03-01 14:44:17 | 1bfabbc3f61d4a53ce7b2e5a22a5728b8e2a9f345c71eeabd7dcffef082a1729 | unknown | ||
| 2026-02-22 19:13:17 | 87525c2726e884becd96d5a6ee0c8c2e66e382d4ab0f6dfb896e9ea0bbffe834 | unknown | ||
| 2026-02-18 14:18:11 | 7e85fe05518bfaa5f4ae7f217e26b443034cc0e50b0a532d54d1ba7a5a4474b6 | unknown | ||
| 2026-02-18 01:04:05 | 67f597109e003ba1fe22b67e6ecc5fc0cc913655509f6ba7b67ae5579a252d71 | unknown | ||
| 2026-01-07 20:10:14 | 04e95fb2bce0865767f340074a2d6f08b679baea04128be9e3bd12591e4634b5 | unknown | ||
| 2025-12-30 09:50:07 | fa5003d12c1bfbab92fa2f6f60fe08e3d3a3ebdd283cf071b22231d69338f2ab | unknown |