URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry


Host: famileai.com
Domain registrar:NameSilo -
Domain registration date:2022-04-27 09:52:56 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2023-04-20 06:43:04 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :9

IP addresses


The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-06-01 11:01:46 103.224.182.208lb-182-208.above.comNot listedAS133618 TRELLIAN-AS-AP- USno
2023-07-17 03:14:03 69.16.231.56lb04.parklogic.comNot listedAS32244 LIQUIDWEB- USno
2023-07-14 08:09:53 69.16.231.60lb04.parklogic.comNot listedAS32244 LIQUIDWEB- USno
2023-06-11 06:09:41 199.115.116.43Not listedAS30633 LEASEWEB-USA-WDC- USno
2023-06-10 21:24:39 170.178.183.18rdns18.mdlider.net.brNot listedAS46844 SHARKTECH- USno
2023-06-10 10:44:57 70.32.1.32ip-70.32.1.32.hosted.by.gigenet.comNot listedAS32181 ASN-GIGENET- USno
2023-04-27 13:32:21 91.195.240.12Not listedAS47846 SEDO-AS- DEno
2023-04-20 06:43:12 104.21.65.217Not listedAS13335 CLOUDFLARENETn/ano
2023-04-20 06:43:12 172.67.192.186Not listedAS13335 CLOUDFLARENETn/ano

Malware URLs


The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-04-20 06:48:10https://famileai.com/php/upsoft/zov.txtOfflineexe vxvault
2023-04-20 06:43:12https://famileai.com/php/upsoft/milmonjey.txtOfflineexe LaplasClipper vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-04-20 06:48:10af1679585c261a5a4490b7848e65d45b6bc030fa124e75cccc2ac28e615d041eexe  
2023-04-20 06:43:062a7e44c4035efa9cf51a7699c6731ef77322bd034f0db8936f7c484406ff05d6exeLaplasClipper