URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	a.ninis.us
Domain registrar:	Public Domain Registry
Domain registration date:	2021-05-12 05:49:53 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-08-17 13:40:08 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	4

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-05-12 16:32:11	209.99.40.222	209-99-40-222.fwd.datafoundry.com	Not listed	AS23005 SWITCH-LTD	US	no
2021-09-30 00:08:08	194.195.211.98	194-195-211-98.ip.linodeusercontent.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	no
2021-09-03 13:00:21	54.227.98.220	ec2-54-227-98-220.compute-1.amazonaws.com	Not listed	AS14618 AMAZON-AES	US	no
2021-08-17 13:40:11	172.245.119.43	172-245-119-43-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-08-17 13:46:06	http://a.ninis.us/d/oy.exe	Offline	exe opendir	abuse_ch
2021-08-17 13:46:04	http://a.ninis.us/d/obi.exe	Offline	exe Formbook opendir	abuse_ch
2021-08-17 13:46:04	http://a.ninis.us/d/doc.doc	Offline	opendir RTF	abuse_ch
2021-08-17 13:40:11	http://a.ninis.us/d/hot.exe	Offline	exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-08-17 13:46:06	37882a4a0aaf84e2f3c063de493fedbf2233c31c7bd146c79059dd1ae914e2f4	exe
2021-08-17 13:46:04	caff14d450514a35eac5ba34b3e74126360662d7c8fdf60a8008a0e3bb8ed0b3	exe		Formbook
2021-08-17 13:46:04	a8680fe6b1b96489aa5331018a095d20a4a9c69f3f46bc2f9d1b011242079ba3	unknown
2021-08-17 13:40:11	22a3ccdeb9ae4b196461cdb81c895ae891e2149af03e44b6ce86c2a1bf062947	exe		Formbook