URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	130.12.180.20
Firstseen:	2025-12-24 22:58:04 UTC
Total malware sites :	42
Online malware sites :	13 (31%)
Offline Malware sites :	29 (69%)
Newest active malware site :	2025-12-25 03:16:06 UTC
Oldest active malware site :	2025-12-25 03:11:09 UTC (Age: 12 hours, 55 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-12-24 22:58:09	130.12.180.20		SBL690641	AS214943 RAILNET	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-12-25 07:55:12	http://130.12.180.20:52603/i486	Offline	elf ua-wget	abuse_ch
2025-12-25 07:55:12	http://130.12.180.20/i486	Offline	elf ua-wget	abuse_ch
2025-12-25 03:16:06	http://130.12.180.20:52603//arm5	Online	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-25 03:11:10	http://130.12.180.20:52603/cat.sh	Offline	geofenced mirai sh ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/x86_64	Online	elf geofenced mirai ua-wget USA x86	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/m68k	Online	elf geofenced m68k mirai ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/mpsl	Online	elf geofenced mips mirai ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/arm7	Online	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/ppc	Online	elf geofenced mirai PowerPC ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/spc	Online	elf geofenced mirai sparc ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/arm6	Online	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/x86	Online	elf geofenced mirai ua-wget USA x86	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/arm5	Online	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/sh4	Online	elf geofenced mirai SuperH ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/arm4	Online	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-25 03:11:09	http://130.12.180.20:52603/mips	Online	elf gafgyt geofenced mips ua-wget USA	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/x86_64	Offline	elf geofenced ua-wget USA x86	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/arm5	Offline	arm elf geofenced ua-wget USA	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/cat.sh	Offline	geofenced sh ua-wget USA	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/spc	Offline	elf geofenced sparc ua-wget USA	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/m68k	Offline	elf geofenced m68k ua-wget USA	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/arm6	Offline	arm elf geofenced ua-wget USA	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/ppc	Offline	elf geofenced PowerPC ua-wget USA	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/arm4	Offline	arm elf geofenced ua-wget USA	botnetkiller
2025-12-25 00:50:08	http://130.12.180.20:31735/sh4	Offline	elf geofenced SuperH ua-wget USA	botnetkiller
2025-12-25 00:50:07	http://130.12.180.20:31735/x86	Offline	elf geofenced ua-wget USA x86	botnetkiller
2025-12-25 00:44:05	http://130.12.180.20:31735/arm7	Offline	arm elf geofenced ua-wget USA	botnetkiller
2025-12-25 00:37:05	http://130.12.180.20:31735/mpsl	Offline	elf geofenced mips ua-wget USA	botnetkiller
2025-12-25 00:37:05	http://130.12.180.20:31735/mips	Offline	elf geofenced mips ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/arm7	Offline	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/cat.sh	Offline	geofenced mirai sh ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/sh4	Offline	elf geofenced mirai SuperH ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/x86_64	Offline	elf geofenced mirai ua-wget USA x86	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/spc	Offline	elf geofenced mirai sparc ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/ppc	Offline	elf geofenced mirai PowerPC ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/m68k	Offline	elf geofenced m68k mirai ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/arm4	Offline	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/arm5	Offline	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/arm6	Offline	arm elf geofenced mirai ua-wget USA	botnetkiller
2025-12-24 23:05:11	http://130.12.180.20/x86	Offline	elf geofenced mirai ua-wget USA x86	botnetkiller
2025-12-24 22:58:09	http://130.12.180.20/mips	Offline	elf gafgyt geofenced mips ua-wget USA	botnetkiller
2025-12-24 22:58:09	http://130.12.180.20/mpsl	Offline	elf geofenced mips mirai ua-wget USA	botnetkiller

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-12-25 13:21:54	f970290ff41ba899fedea4999e76461860b7cdab86a1847193302edb0ee691ba	elf	Mirai
2025-12-25 03:16:06	fc542ad670c36e48b6bf573678e5e81fe884d231807256ecd06fa88801cb8eaa	elf	Mirai
2025-12-25 03:11:10	d2e8ad3035bf734c4ab18d298b44dae38c3841eb5e37532bef4ca89e3bb8c35b	sh	Mirai
2025-12-25 03:11:09	e2f49b929531ddce009e62e076af65a97785fe9732012fb13e968ffab3164f43	elf	Mirai
2025-12-25 03:11:09	d908d2f0b4114165079510ef8fc762c6b6cec60eea6dec514d683f3e67f55680	elf	Gafgyt
2025-12-25 03:11:09	42719d96f3b14272254cbd68c4ea3e02900a517a501f8a94440cf162689e6b0a	elf	Mirai
2025-12-25 03:11:09	7916e2f6e47d71fcc0a48bf85d4bce2a61623035bc91eda55f036f1f6482a956	elf	Mirai
2025-12-25 03:11:09	fc542ad670c36e48b6bf573678e5e81fe884d231807256ecd06fa88801cb8eaa	elf	Mirai
2025-12-25 03:11:09	30da945d7e5500938299cb12b475f94e3354dfdcfb5d591128668a3b5d4de483	elf	Mirai
2025-12-25 03:11:09	afd23239ac37840687f51cdc8cc0e5c1ab0f62bfcc861427a092bd21e07d8dee	elf	Mirai
2025-12-25 03:11:09	f4c538b4c55ad7f1dcc1dc160b373386aa0b11de48528ac5338ea58913e42900	elf	Mirai
2025-12-25 03:11:09	0ddb8750a2234f53bebd468ede3922e59d69845d47c81967709bb9ed729a2717	elf	Mirai
2025-12-25 03:11:09	4f581e30be9df11bcab26c70caf17a0161cf2acaf676371ba0aa5aabc7e5d371	elf	Mirai
2025-12-25 03:11:09	f20dd3de2b928c15faff2a8b7233b3918a3922f53f61ce7e02a7e0f1b691be1a	elf	Mirai
2025-12-25 03:11:09	b041660f92a91d789663cf2b84acb7045c27fc2287283b0dd3bcb4cea0ebb9d8	elf	Mirai
2025-12-24 23:05:11	30da945d7e5500938299cb12b475f94e3354dfdcfb5d591128668a3b5d4de483	elf	Mirai
2025-12-24 23:05:11	f20dd3de2b928c15faff2a8b7233b3918a3922f53f61ce7e02a7e0f1b691be1a	elf	Mirai
2025-12-24 23:05:11	f4c538b4c55ad7f1dcc1dc160b373386aa0b11de48528ac5338ea58913e42900	elf	Mirai
2025-12-24 23:05:11	fc542ad670c36e48b6bf573678e5e81fe884d231807256ecd06fa88801cb8eaa	elf	Mirai
2025-12-24 23:05:11	42719d96f3b14272254cbd68c4ea3e02900a517a501f8a94440cf162689e6b0a	elf	Mirai
2025-12-24 23:05:11	b041660f92a91d789663cf2b84acb7045c27fc2287283b0dd3bcb4cea0ebb9d8	elf	Mirai
2025-12-24 23:05:11	4f581e30be9df11bcab26c70caf17a0161cf2acaf676371ba0aa5aabc7e5d371	elf	Mirai
2025-12-24 23:05:11	0ddb8750a2234f53bebd468ede3922e59d69845d47c81967709bb9ed729a2717	elf	Mirai
2025-12-24 23:05:11	afd23239ac37840687f51cdc8cc0e5c1ab0f62bfcc861427a092bd21e07d8dee	elf	Mirai
2025-12-24 23:05:11	7916e2f6e47d71fcc0a48bf85d4bce2a61623035bc91eda55f036f1f6482a956	elf	Mirai
2025-12-24 23:05:11	959f6557999d6008ef5dd2ff0faf5810a88072fe35202bd993e392f9519a42e1	sh	Mirai
2025-12-24 22:58:08	d908d2f0b4114165079510ef8fc762c6b6cec60eea6dec514d683f3e67f55680	elf	Gafgyt
2025-12-24 22:58:08	e2f49b929531ddce009e62e076af65a97785fe9732012fb13e968ffab3164f43	elf	Mirai