URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	famileai.com
Domain registrar:	NameSilo
Domain registration date:	2022-04-27 09:52:56 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-04-20 06:43:04 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	9

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-06-01 11:01:46	103.224.182.208	lb-182-208.above.com	Not listed	AS133618 TRELLIAN-AS-AP	US	no
2023-07-17 03:14:03	69.16.231.56	lb04.parklogic.com	Not listed	AS32244 LIQUIDWEB	US	no
2023-07-14 08:09:53	69.16.231.60	lb04.parklogic.com	Not listed	AS32244 LIQUIDWEB	US	no
2023-06-11 06:09:41	199.115.116.43		Not listed	AS30633 LEASEWEB-USA-WDC	US	no
2023-06-10 21:24:39	170.178.183.18	rdns18.mdlider.net.br	Not listed	AS46844 SHARKTECH	US	no
2023-06-10 10:44:57	70.32.1.32	ip-70.32.1.32.hosted.by.gigenet.com	Not listed	AS32181 ASN-GIGENET	US	no
2023-04-27 13:32:21	91.195.240.12		Not listed	AS47846 SEDO-AS	DE	no
2023-04-20 06:43:12	104.21.65.217		Not listed	AS13335 CLOUDFLARENET	n/a	no
2023-04-20 06:43:12	172.67.192.186		Not listed	AS13335 CLOUDFLARENET	n/a	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-04-20 06:48:10	https://famileai.com/php/upsoft/zov.txt	Offline	exe	vxvault
2023-04-20 06:43:12	https://famileai.com/php/upsoft/milmonjey.txt	Offline	exe LaplasClipper	vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-04-20 06:48:10	af1679585c261a5a4490b7848e65d45b6bc030fa124e75cccc2ac28e615d041e	exe
2023-04-20 06:43:06	2a7e44c4035efa9cf51a7699c6731ef77322bd034f0db8936f7c484406ff05d6	exe		LaplasClipper