URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	voyager.softuvo.xyz
Domain registrar:	Instra
Domain registration date:	2018-09-04 12:17:24 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-21 03:42:09 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-11-22 04:12:06	172.234.24.211	k8s-svc-lander-02.us-ord.parklogic.net	Not listed	AS63949 AKAMAI-LINODE-AP	US	yes
2025-11-22 04:12:07	172.239.57.117	k8s-svc-lander-01.us-ord.parklogic.net	Not listed	AS63949 AKAMAI-LINODE-AP	US	yes
2025-11-19 17:42:17	13.248.148.254	aba1c1ff9d2ec5376.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-11-19 17:42:17	76.223.26.96	aba1c1ff9d2ec5376.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-10-22 23:20:57	66.180.146.14		Not listed	AS11563 NETENTERPRISE	US	no
2025-04-30 20:46:01	66.180.146.124		Not listed	AS13768 COGECO-PEER1	US	no
2022-01-21 03:42:11	112.196.72.188		Not listed	AS17917 QTLTELECOM-AS-AP	IN	no
2022-03-21 03:57:01	112.196.72.189		Not listed	AS17917 QTLTELECOM-AS-AP	IN	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-21 03:42:12	https://voyager.softuvo.xyz/css/027802_19491/?i=1	Offline	doc emotet epoch5 heodo	Cryptolaemus1
2022-01-21 03:42:11	https://voyager.softuvo.xyz/css/027802_19491/	Offline	emotet epoch5 redir-doc	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-21 11:08:39	64c6ba33444e5db3cc9c99613d04fd163ec1971ee5eb90041a17068e37578fc0	xls		Heodo
2022-01-21 10:36:06	b0e9d2148a1c5ad60a5ccbc0c8b753f7c81e298cac18059db3c3ed66a04d4068	xls		Heodo
2022-01-21 08:26:21	4170fd2e1e20be004dc4fb1490bd16ce9bd092ec9d1048e6ac0a63d10c7ba255	xlsm		Heodo
2022-01-21 08:10:21	9bb2ebea9b5a85ffd22e2f2f97a07e9367ddc5ddcaa086c8903c57212273548b	xlsm		Heodo
2022-01-21 07:33:00	df43427d915757b0932c26b7029a6f1bd5602383b04d075ce0ad95f40b1c2e19	xlsm		Heodo
2022-01-21 07:25:29	f7f344862e543ce22b540ef4bbab44ac1dbd786c224550cb5ecbee3380403ab7	xlsm		Heodo
2022-01-21 06:56:44	eee95e3bcd72a2d0932acc8c6e46e6b0a4d95a39ab028da3b0c11e294e0faa89	xlsm		Heodo
2022-01-21 06:17:22	733af54ba0a2878f86abc471d5388ac61f838211959a4444ca6307819c4860d7	xlsm		Heodo
2022-01-21 05:53:57	6b4e80411216eff0629dfc0ce6788afc2578e22f48613a0664edb46f621d746a	xlsm		Heodo
2022-01-21 05:32:01	4765164204e734a59822149f062f898117d41dbbb26a969800d8fc36e80a9a49	xlsm		Heodo
2022-01-21 05:15:27	8293affd245bca747939f06a07970c40d349524f0e57a8037bbb78d7b6d04263	xlsm		Heodo
2022-01-21 04:34:42	8b6c3d1c1c4f0194ac14f20217620719ae9888660cfc5b07fdc42970e6fd377e	xlsm		Heodo
2022-01-21 04:18:45	79d21212ede80612cecd2e319424918b3f95dd07e305e99bb3f4941ab60ff2c4	xlsm		Heodo
2022-01-21 03:42:12	655e69dfaf74c3a34eb02d75f4e51264009fbdbe46a7f535b9e72888bffeaf58	xlsm		Heodo
2022-01-21 03:42:11	133b98f7d4fa73428415ff3f63072ea6e6e0740dba30582127e5cc4f122e8e94	html