URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	130.12.180.43
Firstseen:	2025-12-25 19:31:06 UTC
Total malware sites :	24
Online malware sites :	16 (67%)
Offline Malware sites :	8 (33%)
Newest active malware site :	2025-12-26 12:51:08 UTC
Oldest active malware site :	2025-12-25 19:31:07 UTC (Age: 19 hours, 21 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-12-25 19:31:07	130.12.180.43		SBL690641	AS214943 RAILNET	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-12-26 12:51:08	http://130.12.180.43/files/7992210799/8CX1FQ8.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-26 07:29:07	http://130.12.180.43/files/5561582465/K21l3Ix.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-26 07:08:09	http://130.12.180.43/files/2047601333/OaRxT97.bat	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-26 07:08:05	http://130.12.180.43/files/2047601333/OaRxT97.ps1	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-26 07:08:05	http://130.12.180.43/files/7782139129/HxOVWEH.ps1	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-25 23:23:09	http://130.12.180.43/files/7557427348/Akfqk2s.exe	Offline	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2025-12-25 22:50:08	http://130.12.180.43/files/unique2/random.exe	Online	c2-monitor-auto dropped-by-amadey gcleaner	c2hunter
2025-12-25 20:39:08	http://130.12.180.43/files/1781548144/vYh2eCB.exe	Offline	c2-monitor-auto dropped-by-amadey QuasarRAT	c2hunter
2025-12-25 20:21:11	http://130.12.180.43/files/unique5/random.exe	Online	Adware.Neoreklami c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-25 20:21:08	http://130.12.180.43/files/321m/random.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-25 20:21:06	http://130.12.180.43/vidar/random.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2025-12-25 20:21:05	http://130.12.180.43/files/rdx/random.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2025-12-25 20:21:05	http://130.12.180.43/test/random.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-25 19:38:08	http://130.12.180.43/files/come/random.exe	Online	c2-monitor-auto dropped-by-amadey Stealc	c2hunter
2025-12-25 19:38:07	http://130.12.180.43/files/6858883307/HzVJzOd.exe	Offline	Amatera c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-25 19:38:07	http://130.12.180.43/files/7453936223/lJ5IwxN.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2025-12-25 19:38:07	http://130.12.180.43/files/1660276343/Bx0btQr.exe	Offline	c2-monitor-auto dropped-by-amadey LummaStealer	c2hunter
2025-12-25 19:37:10	http://130.12.180.43/files/380743829/ee5G8GW.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2025-12-25 19:37:09	http://130.12.180.43/files/380743829/affa9En.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2025-12-25 19:37:06	http://130.12.180.43/files/5561582465/JQsNoTz.exe	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2025-12-25 19:37:06	http://130.12.180.43/files/6608710704/IkuVjrI.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2025-12-25 19:32:08	http://130.12.180.43/files/8134610967/2qIIQWe.exe	Online	CoinMiner dropped-by-amadey fbf543	Bitsight
2025-12-25 19:32:07	http://130.12.180.43/files/mr/random.exe	Online	dropped-by-amadey fbf543 Vidar	Bitsight
2025-12-25 19:31:07	http://130.12.180.43/files/8434554557/BieVLQp.exe	Online	c2-monitor-auto dropped-by-amadey PureLogsStealer	c2hunter

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-12-26 12:51:08	137cc63999db545a8714318685a607725308e0d15c3bb71c1eb92a30f07f0ed1	exe
2025-12-26 12:45:34	cbecf36b8417601733552f2a94efaf3c84b7c8b73ce7f1870de84e3fbb45f956	exe	GCleaner
2025-12-26 11:40:50	533f1b3dc86291ff65ccd2bca8b239aeed4054e3a878623ccbce7325f0be152e	exe	Adware.Neoreklami
2025-12-26 08:34:04	046fc02a1e68583d39b5638e2d21693832da9882419359de17b06497a698a6e1	exe	Adware.Neoreklami
2025-12-26 07:29:07	6132ba2be7acdad1bdee760b3227f88d26b61677b6ddff3c48af98053d13ea82	exe
2025-12-26 07:08:09	7f99f5540631f133425289c1420129622a9b4eae57201c27e1ba9d181d18771c	ps
2025-12-26 07:05:44	9a0a22d0123715455fde2e21f86b8f2ffd3f1311203287f7cdc93a58201d7a6e	exe	GCleaner
2025-12-26 06:24:54	c3816f5439437c47f985a7a8efeccd562bc4f1969595371ed610722fa31c7230	exe	Adware.Neoreklami
2025-12-26 05:55:51	a7ccbd569505d6e4a9cad09d97312bb4c6e38d8b9bc2e6e7bfcaf3d2bd767e32	exe	Vidar
2025-12-26 01:33:36	3a8136bb039b7176dc057aa652eaccd2d5723150325d2ed28b5cdc33f813ed7e	exe
2025-12-26 01:02:10	cabee660a1e0d9116dd62130e1ee0f9578f869cd43cfd729d0fb8ccb966a6217	exe	GCleaner
2025-12-26 00:50:36	36592e43993159e4e42ce04185f2438a228875d74360989348588f60e340d418	exe	Adware.Neoreklami
2025-12-25 23:23:09	fe0201cbdebd8b9ca73543db69d72817b96250e8dbed9175ed09cae29759438a	exe	Vidar
2025-12-25 22:50:08	cf173d70cc6a9c9ebea6785cb37dc8f9485ed46a5bbead496ca2b6a0a2872a4f	exe	GCleaner
2025-12-25 20:39:08	e7c30ad28271f6cd25745fe06ea3b01e1c5a50e3991a715fc9b843965e43af70	exe	QuasarRAT
2025-12-25 20:21:11	cc9bbdec4c55ecbdf47fb45e7386f500460edb29f477e11140dd35999098aab4	exe	Adware.Neoreklami
2025-12-25 20:21:08	efdbec2afdac78bf64bc6d859aceafbe684dc5aea6a85f96297572a815a176da	exe
2025-12-25 20:21:06	ef6ce6a5f34ab55e4898cb9b895d9832d66f0b0c3757a4e446b42cf6967f7da8	exe	Vidar
2025-12-25 20:21:05	50c063208801f6250ad0984212bbff667fa4b979b5443a639b24bc5bbdce0b5d	exe
2025-12-25 20:21:05	67e69f4d9f3e406a05755b547750a15ab7245471a0193325fc755aac7efe68f7	exe	Vidar
2025-12-25 19:38:07	b7adc51025ca1c6503e0634a570b401cb947ceba42d440367790c976aa1c6578	exe	LummaStealer
2025-12-25 19:38:07	56e3ac5f4be4a1ef51b87e1df3d940f7c8663e0f28842252790a422e29b6ad92	exe	Amatera
2025-12-25 19:38:07	0e2d513b8d459d333ef0407d9ce027f586f8fd861bebee987e2137a07877cc1f	exe	Vidar
2025-12-25 19:38:07	4b1b9e1ed0efa52e4663f9247477c273166481fdd8e639cae35c4909de3566d9	exe	Stealc
2025-12-25 19:37:10	807160cebe03f91eff7d454b9d4df36b81a929f0fa521d0500b472cb78b4263b	exe	Vidar
2025-12-25 19:37:09	84e2b776c5bcbee2070b78eecea3aaebf5aef44d6fbb6466143fab02c4dcefb1	exe	Vidar
2025-12-25 19:37:06	6deac951bab9c3aced6c961a94b800b8281373e0cae5234b4f21938e7547947d	exe
2025-12-25 19:37:06	d33b5367ad01f4d824a174f02575335819ed49d2c03128b107d651173757a46d	exe	Vidar
2025-12-25 19:32:08	ac9b66046e7b48690eec441a018373e654b164cdb01957f1712d39404063517f	exe	CoinMiner
2025-12-25 19:32:07	6b4ef1e6154069d6fabe151810017f7333dc41c8febbdcefc93c1d6358cfb278	exe	Vidar
2025-12-25 19:31:07	810a793a997d62829d45fc8c28c6808b9303256c2e4a635af39e7e142b4e0c79	exe	PureLogsStealer