URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: niggabot.windy.my.id
Domain registrar: n/a
Domain registration date:2025-11-28 12:35:18 UTC
Spamhaus DBL :Abused domain (botnet C&C)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2025-12-26 20:16:04 UTC
Total malware sites :17
Online malware sites :16 (94%)
Offline Malware sites :1 (6%)
Newest active malware site :2025-12-26 20:16:21 UTC
Oldest active malware site :2025-12-26 20:16:06 UTC (Age: 11 hours, 31 minutes)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-12-26 20:16:06 94.156.152.90Not listedAS214209 INTERNET-MAGNATE- BGyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-12-26 20:16:21http://niggabot.windy.my.id/bins/x86Onlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:19http://niggabot.windy.my.id/wget.shOnlinemirai ext sh ua-wget NDA0E
2025-12-26 20:16:19http://niggabot.windy.my.id/bins/m68kOnlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:16http://niggabot.windy.my.id/w.shOnlinemirai ext sh ua-wget NDA0E
2025-12-26 20:16:16http://niggabot.windy.my.id/auto.shOnlinesh ua-wget NDA0E
2025-12-26 20:16:16http://niggabot.windy.my.id/tftp.shOnlinesh ua-wget NDA0E
2025-12-26 20:16:16http://niggabot.windy.my.id/bins/arm7Onlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:16http://niggabot.windy.my.id/bins/mpslOnlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:16http://niggabot.windy.my.id/bins/sh4Onlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:16http://niggabot.windy.my.id/bins/x86_64Onlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:16http://niggabot.windy.my.id/bins/ppcOnlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:11http://niggabot.windy.my.id/bins/mipsOnlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:10http://niggabot.windy.my.id/bins/arm5Onlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:10http://niggabot.windy.my.id/bins/armOnlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:10http://niggabot.windy.my.id/bins/arm6Offlinebotnetdomain elf mirai ext ua-wget NDA0E
2025-12-26 20:16:10http://niggabot.windy.my.id/c.shOnlinemirai ext sh ua-wget NDA0E
2025-12-26 20:16:06http://niggabot.windy.my.id/bins/spcOnlinebotnetdomain elf mirai ext ua-wget NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-12-26 20:16:2103ecda01330d867752a09c2e6118fed74a061d4f5222d492ab43640e0d36e6c4elfMirai
2025-12-26 20:16:19cadf82600085db2bd650c43d6323f2383f7696805a7cd26a2744f2f01743c8b2shMirai
2025-12-26 20:16:190fc0c0aa10d7f989ee6709c50908144d95b2c62ad512419f690652c906db8ed5elfMirai
2025-12-26 20:16:169f45aa714e603901aa6c7627fab86a1def241ecb30dea3575fbbb8c8269bc4b9shMirai
2025-12-26 20:16:16095d2bd5ed1630e328422768ead379b6f111ef981797d029985dbfc21f699fd0sh 
2025-12-26 20:16:16aa3803a34237fabfd445dd8a7ed0853168f2bdce7289e38b0fc3f1260d2e3cf4sh 
2025-12-26 20:16:16c05ee431ce3abe70afdbf9710b0ab3864ecdd8de9f8697c077f956a39bdf8217elfMirai
2025-12-26 20:16:16d80d236e16bfef3dd5b8aacb4aff4226616be790c3b5dc2325af73e71d61441celfMirai
2025-12-26 20:16:16439b5691344326a2b67d18c5414f27c50d2b5be2bba021a6c74fbd718fd956ceelfMirai
2025-12-26 20:16:16c0fe3a9a893f48296e27f62bb47a35480d0255c5df46d2185963ce8552004535elfMirai
2025-12-26 20:16:1614d5f0267f0ca1c67bdd8e3075ee3598e2ae7444c7f87bab0b862b3b5ee6ced7elfMirai
2025-12-26 20:16:100f8f041acce3852c7ee78caffddcb4e941206b3c5b905bb5e6c061285ce08852elfMirai
2025-12-26 20:16:10f6fbf730c614f55b266174036c98d1827bc602c3c830ccff25454272c694b91felfMirai
2025-12-26 20:16:10e0844b0cdf611d8a7521ff37ca40ab691a2c2c3e28a4b9571ff9456d5b5a2b77elfMirai
2025-12-26 20:16:1046588e27520d4ff181d33bc7ff021903d1ecd13f376657f5db7af180ca2e3ac6elfMirai
2025-12-26 20:16:10aeda42b413fe50a381d97e1108aa336ee6be8489888b2c2db4ebeddbdd4392f0shMirai
2025-12-26 20:16:062951437574f0b44b68855462c650bc1d7b10fbaf36ed86e7a45faec38b87ee6eelfMirai