URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 130.12.180.22 |
|---|---|
| Firstseen: | 2026-01-19 06:17:05 UTC |
| Total malware sites : | 2 |
| Online malware sites : | 1 (50%) |
| Offline Malware sites : | 1 (50%) |
| Newest active malware site : | 2026-01-21 20:02:06 UTC |
| Oldest active malware site : | 2026-01-21 20:02:06 UTC (Age: 6 days, 2 hours, 44 minutes) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2026-01-19 06:17:05 | 130.12.180.22 | SBL690641 | AS214943 RAILNET |  US | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2026-01-21 20:02:06 | http://130.12.180.22/file/data.mips-uclibc | Online | elf geofenced mips mirai  ua-wget USA |  botnetkiller |
| 2026-01-19 06:17:05 | http://130.12.180.22/file/bbc | Offline | geofenced sh ua-wget USA | botnetkiller |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2026-01-27 06:18:35 | 869fcd05cd73b20cde220e207b055fdf006c37c3e41875acde5e376555f3df36 | elf | Mirai | |
| 2026-01-26 23:28:14 | 543ab6fc98874832b8419151fd38d56ac9d2fbcdddd3f37bd6ca3d740f42a4b4 | elf | Mirai | |
| 2026-01-22 01:29:32 | 00aa845dc77760538d7da9eb8c4d514c4db8e9859c249c558a89a982d859b5c4 | elf | Mirai |