URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: niveen.net
Domain registrar:Namecheap -
Domain registration date:2020-01-03 08:24:55 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2023-10-13 16:58:03 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-10-13 16:58:04 188.114.96.3SBL690066AS13335 CLOUDFLARENETn/ayes
2023-10-13 16:58:04 188.114.97.3SBL691350AS13335 CLOUDFLARENETn/ayes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-10-25 11:41:14https://niveen.net/ovit/OfflinePikabot TA577 TR zip 0x48215333
2023-10-13 16:58:04https://niveen.net/ib/?p=3016451OfflineDarkGate ext TA577 TR k3dg3

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-10-26 00:05:20aca3a402af06afb12a31952f591596317d18565a4abfaae261a3affe5d7fdf78zip  
2023-10-25 11:56:20709640c28a1d8aa7a61aab735263b378fa9742f2cc42cbb51417e3280f6aa1b5zip  
2023-10-25 11:41:14c036d4c40d34a47beb562dce996ee461de271597277902863b14949f89933c39zip  
2023-10-14 17:07:31940f6cfa445f6dc86ceb3e8a4ff519e53482dd58aa1d6b746241b57cf4eac7cbzip  
2023-10-14 05:05:154c8f99015d91b885366329f6508ac9290aae0c7120be294bcccd9badf2400126zip  
2023-10-13 17:04:107095acfd63c35634aa336f6c1d48561fe67d5101676f9db0bb3fd13f6dc08edezip