URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: youxel.com
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-09-14 18:47:03 UTC
Total malware sites :3
Online malware sites :0 (0%)
Offline Malware sites :3 (100%)
A record(s) observed :9

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-11-01 10:01:55 198.202.211.1Not listedAS209242 CLOUDFLARESPECTRUM- USyes
2025-04-27 08:41:46 75.2.70.75aacb0a264e514dd48.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2025-04-27 08:41:46 99.83.190.102aacb0a264e514dd48.awsglobalaccelerator.comNot listedAS16509 AMAZON-02- USno
2020-09-19 23:43:21 104.26.0.245Not listedAS13335 CLOUDFLARENETn/ano
2020-09-19 23:43:21 104.26.1.245Not listedAS13335 CLOUDFLARENETn/ano
2020-09-19 23:43:21 172.67.70.139Not listedAS13335 CLOUDFLARENETn/ano
2020-09-14 18:47:07 104.18.32.117Not listedAS13335 CLOUDFLARENETn/ano
2020-09-14 18:47:07 104.18.33.117Not listedAS13335 CLOUDFLARENETn/ano
2020-09-14 18:47:06 172.67.198.69Not listedAS13335 CLOUDFLARENETn/ano

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-09-29 10:48:04https://youxel.com/sys-cache/lLWGgV/Offlineemotet ext epoch3 exe heodo ext Cryptolaemus1
2020-09-18 19:05:05https://youxel.com/sys-cache/attachments/Offlinedoc emotet ext epoch2 heodo ext Cryptolaemus1
2020-09-14 18:47:07https://youxel.com/sys-cache/r/Offlineemotet ext epoch1 exe heodo ext Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-09-29 15:56:14ed0fdb5d86695a76430522f6e109f20635a8d44f860d9985d6f900de370ae8ceexe Heodo
2020-09-29 15:43:252b42a086f803be928c931ff28fbb424de25406181f1141b659cea5741aa58825exe Heodo
2020-09-29 15:22:27cf931dabd97d69e0d6dc4b3489f417ebd8dae4dc1d38caab9f7dce983ba2a09fexe Heodo
2020-09-29 12:49:240c93e1f7975adb3d4e9148ba54a7f2cc0262836a22a93e96fd84da0088e83678exe Heodo
2020-09-29 12:21:4732dbdd3b856bac93339baf9d657b630c3e125d2628b49473494e78e166103b94exe Heodo
2020-09-29 11:53:462dd401882f449e7bc848a37eb56288792bc7f7bacda2c5dc98f73d310494cce8exe Heodo
2020-09-29 11:44:35c3078808c070765a65fc2b81c28e5253bd3713f31660cc8eb6ef388636d42107exe Heodo
2020-09-29 11:19:57e13781ac612c6b81ab90f8433cacf7584b20b96c0eb29847b3dfa8045ca3035cexe Heodo
2020-09-29 11:07:5939fd032bc86e39327cde51a4194afbab81605a2fe4c6c136bf596ebcdd698d48exe Heodo
2020-09-29 10:48:04a17167c3fb352eb16f4f728a59066a57510c6f8482b911479b5325a5d8c7c1e0exe Heodo
2020-09-18 20:09:314e500dc20300e081376f4f6951330ba0b37700ae0b23ac5662a2e96e2cd9a755docHeodo
2020-09-18 19:44:56ba8631c356bab8573b3b7bbac984856e3ae826f3c6503286c2e8396330f263aedocHeodo
2020-09-18 19:28:54fbb0768a54c96daabef7659e5ec321d26211a023027f8beb9b9b5bf49f36d583docHeodo
2020-09-18 19:05:05a41a3280f7e5710c654132cf7c3dc95d3411e4c7ae29028b10a25e5c2798fb9bdocHeodo
2020-09-14 19:32:29ad92ec5703d03354b2b51f5f807ded493a850beefc32c84907034c91f87beb74exe Heodo
2020-09-14 19:06:1495d24a27a7268891662684b4c0d7ae1edc8c5faabce2cb97771fd26f4e71c40cexe Heodo
2020-09-14 18:47:065684b688445e0880ebfa1f44a61662f1e88858320774c7c8e207eab36ee4b94dexe Heodo