##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-20 03:13:47 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS139880
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2024-09-26 18:27:45","https://tatemosher.com/cdn-vs/data.php","offline","malware_download","ascii|base64-loader|encoded|NetSupport|NetSupportRAT","tatemosher.com","154.214.98.180","139880","SC"
"2024-09-26 18:27:45","https://www.tatemosher.com/cdn-vs/data.php","offline","malware_download","ascii|base64-loader|encoded|NetSupport|NetSupportRAT","www.tatemosher.com","154.214.98.180","139880","SC"
"2023-05-31 13:31:05","https://icondude.com/acnu/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","icondude.com","156.227.111.24","139880","SC"
"2023-05-30 16:51:16","https://icondude.com/eis/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","icondude.com","156.227.111.24","139880","SC"
"2023-04-05 15:52:21","https://icondude.com/itt/itt.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","icondude.com","156.227.111.24","139880","SC"
"2022-09-03 05:15:06","http://petroaryalivco.com/dining%20delightk.exe","offline","malware_download","32|exe","petroaryalivco.com","154.82.61.248","139880","US"
"2022-09-03 04:55:05","http://petroaryalivco.com/documento2.exe","offline","malware_download","32|exe|njrat","petroaryalivco.com","154.82.61.248","139880","US"
"2022-09-03 04:54:05","http://petroaryalivco.com/Envio25.exe","offline","malware_download","32|exe","petroaryalivco.com","154.82.61.248","139880","US"
"2022-09-02 19:04:05","http://petroaryalivco.com/nj25.exe","offline","malware_download","exe|njrat","petroaryalivco.com","154.82.61.248","139880","US"
"2022-01-21 05:35:05","http://mrkingcake.com/wp-includes/EUS-1758/","offline","malware_download","emotet|epoch5|redir-doc|xls","mrkingcake.com","154.194.180.17","139880","HK"
"2022-01-21 05:35:05","http://mrkingcake.com/wp-includes/EUS-1758/?i=1","offline","malware_download","doc|emotet|epoch5|Heodo","mrkingcake.com","154.194.180.17","139880","HK"
"2021-12-04 00:32:09","https://www.bboprecords.com/cgi-bin/7e0tqBPK/","offline","malware_download","doc|emotet|epoch4|Heodo","www.bboprecords.com","154.209.173.35","139880","HK"
"2021-12-01 19:33:09","https://www.bboprecords.com/cgi-bin/ucFtWWFliu/","offline","malware_download","emotet|epoch4|redir-appinstaller","www.bboprecords.com","154.209.173.35","139880","HK"
"2021-01-21 11:33:18","http://f1sol.com/ibnt6ia.rar","offline","malware_download","Dridex","f1sol.com","154.194.172.215","139880","HK"
"2021-01-12 16:16:07","http://h5.ashiwenhua.cn/louis.php","offline","malware_download","","h5.ashiwenhua.cn","45.204.239.173","139880","MU"
"2021-01-12 16:10:08","https://vysimopoulos.com/d/NF/","offline","malware_download","emotet|epoch1|exe|heodo","vysimopoulos.com","156.227.83.198","139880","SC"
"2020-10-20 12:22:16","http://qixiulvshi.com/apographal/IH42PXH/6um4y0gilabo/","offline","malware_download","doc|emotet|epoch2|Heodo","qixiulvshi.com","154.215.123.197","139880","SC"
"2020-10-20 10:03:06","http://www.qixiulvshi.com/apographal/IH42PXH/6um4y0gilabo/","offline","malware_download","doc|emotet|epoch2|Heodo","www.qixiulvshi.com","154.215.123.197","139880","SC"
"2020-10-16 13:31:08","http://qixiulvshi.com/calendar/em61fxbejgzj49epoohqvl/","offline","malware_download","doc|emotet|epoch2|Heodo","qixiulvshi.com","154.215.123.197","139880","SC"
"2020-10-15 22:57:06","http://www.qixiulvshi.com/calendar/em61fxbejgzj49epoohqvl/","offline","malware_download","doc|emotet|epoch2|Heodo","www.qixiulvshi.com","154.215.123.197","139880","SC"
"2020-09-21 12:09:03","https://dubaisparkle.com/wp-includes/Reporting/nX15LCmDxT65/","offline","malware_download","doc|emotet|epoch1|Heodo","dubaisparkle.com","154.209.184.116","139880","HK"
"2020-09-16 23:13:16","http://shoujiushu.cn/3ls806/1rVeMNHQ/","offline","malware_download","emotet|epoch3|exe|Heodo","shoujiushu.cn","156.227.64.232","139880","SC"
"2020-08-07 14:05:10","http://cnwanlian.cn/wp-admin/Kpce/","offline","malware_download","doc|emotet|epoch3|Heodo|QuakBot","cnwanlian.cn","156.253.40.17","139880","SC"
"2020-08-06 11:20:11","https://wksbsolutions.com/picture_library/f9_f03t4_4z/","offline","malware_download","emotet|epoch2|exe|Heodo","wksbsolutions.com","156.254.68.123","139880","HK"
"2020-07-21 17:59:14","https://www.51gua.vip/css/DOC/","offline","malware_download","doc|Emotet|epoch2|Heodo","www.51gua.vip","154.215.114.174","139880","SC"
"2020-07-20 14:25:55","http://elilaifs.cn/wp-admin/parts_service/jecxwnaz1j/.../","offline","malware_download","doc|emotet|epoch2","elilaifs.cn","156.227.109.241","139880","SC"
"2020-07-17 14:30:13","http://elilaifs.cn/wp-admin/parts_service/jecxwnaz1j/","offline","malware_download","doc|emotet|epoch2|heodo","elilaifs.cn","156.227.109.241","139880","SC"
"2020-06-10 20:02:35","http://sysnamiq.com/uohlcyy/uK/2N/0GN6V39K.zip","offline","malware_download","Qakbot|Quakbot|zip","sysnamiq.com","154.215.105.248","139880","SC"
"2020-06-10 19:54:38","http://sysnamiq.com/uohlcyy/dY/ak/IQDU6heX.zip","offline","malware_download","Qakbot|Quakbot|zip","sysnamiq.com","154.215.105.248","139880","SC"
"2020-06-10 19:44:18","http://sysnamiq.com/uohlcyy/LC/M8/u0fc8CKv.zip","offline","malware_download","Qakbot|Quakbot|zip","sysnamiq.com","154.215.105.248","139880","SC"
"2020-06-10 13:38:04","http://sysnamiq.com/vodzxx/W9/uL/JXZ5c6EC.zip","offline","malware_download","Qakbot|Quakbot|zip","sysnamiq.com","154.215.105.248","139880","SC"
"2020-06-10 13:24:12","http://sysnamiq.com/uohlcyy/Qa/qC/PUTVYCj0.zip","offline","malware_download","Qakbot|Quakbot|zip","sysnamiq.com","154.215.105.248","139880","SC"
"2020-06-10 12:05:30","http://sysnamiq.com/vodzxx/JA1opQjgjW.zip","offline","malware_download","Qakbot|Quakbot|zip","sysnamiq.com","154.215.105.248","139880","SC"
"2020-01-29 03:48:06","http://fzpf.uni28.com/wp-includes/payment/n4xyi8/","offline","malware_download","doc|emotet|epoch2|heodo","fzpf.uni28.com","154.82.37.249","139880","US"
"2020-01-20 15:13:06","http://fzpf.uni28.com/wp-includes/sNzulE/","offline","malware_download","doc|emotet|epoch3|Heodo","fzpf.uni28.com","154.82.37.249","139880","US"
"2020-01-18 05:36:06","https://www.bzhw.com.cn/lnkvjs235jdhsed/ud-ixlry-45/","offline","malware_download","doc|emotet|epoch3|Heodo","www.bzhw.com.cn","156.254.88.107","139880","HK"
"2020-01-18 05:22:06","https://bzhw.com.cn/lnkvjs235jdhsed/paclm/8zcsprr/","offline","malware_download","doc|emotet|epoch2|Heodo","bzhw.com.cn","156.254.88.107","139880","HK"
"2020-01-13 23:06:13","https://bzhw.com.cn/wp-admin/Documentation/kidtobhx/","offline","malware_download","doc|emotet|epoch2|heodo","bzhw.com.cn","156.254.88.107","139880","HK"
"2020-01-13 16:49:40","https://www.bzhw.com.cn/wp-admin/HYUVNFAN2TH/934g704uoq/","offline","malware_download","doc|emotet|epoch2|heodo","www.bzhw.com.cn","156.254.88.107","139880","HK"
"2019-12-20 09:25:30","https://bingo.hi.cn/ru/update.bin","offline","malware_download","Dreambot|module","bingo.hi.cn","156.254.84.109","139880","HK"
"2019-12-20 09:25:29","https://bingo.hi.cn/update.bin","offline","malware_download","Dreambot|module","bingo.hi.cn","156.254.84.109","139880","HK"
"2019-05-27 20:44:08","http://cuijunxing.cn/wp-content/opuxfo4w52dxan_2kc3kikf7-121850386/","offline","malware_download","doc|emotet|epoch2","cuijunxing.cn","154.89.237.71","139880","SC"
"2019-05-25 01:42:17","http://cuijunxing.cn/wp-content/FILE/XwwkhYgxtWKsAa/","offline","malware_download","doc|Emotet|Heodo","cuijunxing.cn","154.89.237.71","139880","SC"
"2019-04-23 09:23:08","https://criminalisticaycriminologia.com/wp-includes/zvwz8-qrvwc-mgnnza/","offline","malware_download","doc|emotet|epoch2|Heodo","criminalisticaycriminologia.com","156.227.67.13","139880","SC"
"2019-04-01 19:24:55","http://iqos.uni28.com/wp-admin/trust.accounts.resourses.biz/","offline","malware_download","","iqos.uni28.com","154.82.37.249","139880","US"
"2019-03-29 22:39:08","https://youdaihe.com/wp-admin/S2s6/","offline","malware_download","emotet|epoch1|exe|Heodo","youdaihe.com","154.215.76.69","139880","SC"
"2019-03-26 16:02:16","http://iqos.uni28.com/wp-admin/hf332t-d65ahzo-qisyqqv/","offline","malware_download","doc|emotet|epoch2|Heodo","iqos.uni28.com","154.82.37.249","139880","US"
"2019-02-26 09:41:53","http://lisasdesignstudio.com/wp-content/themes/whisper/images/msg.jpg","offline","malware_download","exe|RUS|Troldesh","lisasdesignstudio.com","154.194.136.143","139880","HK"
"2019-02-19 20:31:03","http://lisasdesignstudio.com/wp-content/themes/whisper/images/pic.zip","offline","malware_download","javascript|ransomware|shade|troldesh|zip","lisasdesignstudio.com","154.194.136.143","139880","HK"
"2018-12-12 15:39:21","http://mswebpro.com/BTOEXVUOX8717707/Rechnungs/RECH/","offline","malware_download","emotet|epoch2|Heodo","mswebpro.com","156.227.97.197","139880","SC"
"2018-12-11 05:44:10","http://mswebpro.com/Telekom/Rechnungen/11_18/","offline","malware_download","doc|emotet|epoch1|Heodo","mswebpro.com","156.227.97.197","139880","SC"
"2018-12-11 04:01:10","http://mswebpro.com/Telekom/Rechnungen/11_18","offline","malware_download","emotet|epoch1","mswebpro.com","156.227.97.197","139880","SC"
"2018-12-08 17:14:02","http://mswebpro.com/YHUFbhGvF/","offline","malware_download","Emotet|exe|Heodo","mswebpro.com","156.227.97.197","139880","SC"
"2018-12-06 17:18:05","http://mswebpro.com/YHUFbhGvF","offline","malware_download","emotet|epoch1|exe|Heodo","mswebpro.com","156.227.97.197","139880","SC"
"2018-11-19 19:49:34","http://hotellaspalmashmo.com/713SMBYOFRJ/biz/Commercial/","offline","malware_download","emotet|heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-10-24 00:39:08","http://xinanfls.com/winz/srk/Swift00382.jar.exe","offline","malware_download","exe|NanoCore","xinanfls.com","154.215.102.60","139880","SC"
"2018-10-23 06:32:18","http://xinanfls.com/css/wix/Zaskl.exe","offline","malware_download","exe|rat|revcode|RevCodeRAT","xinanfls.com","154.215.102.60","139880","SC"
"2018-10-06 15:11:04","http://hotellaspalmashmo.com/9bzK9EBuXD/","offline","malware_download","Emotet|exe|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-10-05 15:39:03","http://hotellaspalmashmo.com/9bzK9EBuXD","offline","malware_download","emotet|exe|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-10-04 08:16:23","http://hotellaspalmashmo.com/81MONDOJG/SWIFT/US","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-10-01 12:52:09","http://hotellaspalmashmo.com/sHQJxP2H97","offline","malware_download","emotet|exe|heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-09-24 21:24:10","http://hotellaspalmashmo.com/92WKNDMR/PAYMENT/Smallbusiness","offline","malware_download","doc|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-09-24 13:33:56","http://hotellaspalmashmo.com/713SMBYOFRJ/biz/Commercial","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-09-12 09:15:18","http://hotellaspalmashmo.com/AyBl","offline","malware_download","AgentTesla|emotet|exe|heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-09-11 05:13:00","http://politicasdocus.com/5ZOVMDRMM/SWIFT/Business/","offline","malware_download","doc|emotet|epoch2","politicasdocus.com","45.204.167.12","139880","MU"
"2018-09-07 06:07:33","http://giocareers.com/2732877NMU/WIRE/Smallbusiness","offline","malware_download","doc|emotet|heodo","giocareers.com","154.206.163.78","139880","SC"
"2018-09-07 03:03:08","http://politicasdocus.com/5ZOVMDRMM/SWIFT/Business","offline","malware_download","doc|emotet|epoch2|Heodo","politicasdocus.com","45.204.167.12","139880","MU"
"2018-09-06 18:59:04","http://hotellaspalmashmo.com/305102X/SWIFT/US/","offline","malware_download","doc|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-09-05 16:46:29","http://hotellaspalmashmo.com/305102X/SWIFT/US","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-31 05:13:17","http://giocareers.com/Document/EN_en/Outstanding-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","giocareers.com","154.206.163.78","139880","SC"
"2018-08-30 07:17:28","http://giocareers.com/Document/EN_en/Outstanding-Invoices","offline","malware_download","doc|emotet|Heodo","giocareers.com","154.206.163.78","139880","SC"
"2018-08-29 05:16:36","http://giocareers.com/Document/En_us/Invoice-for-you/","offline","malware_download","doc|emotet|epoch2|Heodo","giocareers.com","154.206.163.78","139880","SC"
"2018-08-28 06:57:42","http://giocareers.com/Document/En_us/Invoice-for-you","offline","malware_download","doc|emotet|heodo","giocareers.com","154.206.163.78","139880","SC"
"2018-08-24 08:29:12","http://hotellaspalmashmo.com/0YLLU/biz/Smallbusiness","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-21 16:35:46","http://merctransfers.gradycares.com/022BZX/SWIFT/US/","online","malware_download","Heodo","merctransfers.gradycares.com","156.254.38.171","139880","HK"
"2018-08-21 14:41:55","http://hotellaspalmashmo.com/2928ZZYD/ACH/Smallbusiness","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-21 12:02:36","http://merctransfers.gradycares.com/022BZX/SWIFT/US","online","malware_download","doc|emotet|Heodo","merctransfers.gradycares.com","156.254.38.171","139880","HK"
"2018-08-14 04:23:42","http://hotellaspalmashmo.com/sites/US/Open-invoices/INV12020918101383/","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-14 04:23:41","http://hotellaspalmashmo.com/924LCorporation/GN81509269331QF/Aug-08-2018-953844/QPSK-ZYLGD-Aug-08-2018/","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-13 15:59:42","http://hotellaspalmashmo.com/sites/US/Open-invoices/INV12020918101383","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-09 05:47:43","http://hotellaspalmashmo.com/924LCorporation/GN81509269331QF/Aug-08-2018-953844/QPSK-ZYLGD-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-09 05:15:58","http://hotellaspalmashmo.com/DOC/XGM39404315038TSQFR/1264700381/WCZ-OQSW-Aug-06-2018/","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-08 05:49:51","http://hotellaspalmashmo.com/DOC/XGM39404315038TSQFR/1264700381/WCZ-OQSW-Aug-06-2018","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-03 05:16:56","http://hotellaspalmashmo.com/s7SG9ZMVoJRUnNz","offline","malware_download","doc|emotet|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-08-01 16:11:51","http://hotellaspalmashmo.com/s7SG9ZMVoJRUnNz/","offline","malware_download","doc|emotet|epoch2|Heodo","hotellaspalmashmo.com","156.254.40.24","139880","HK"
"2018-07-11 09:39:06","http://hengkangusa.com/doc/En/FILE/Invoice-07-11-18/","offline","malware_download","doc|emotet|heodo","hengkangusa.com","156.254.49.181","139880","HK"
"2018-07-11 04:07:20","http://hengkangusa.com/DE_de/Rechnungsanschrift/Rechnung/","offline","malware_download","doc|emotet|epoch2|Heodo","hengkangusa.com","156.254.49.181","139880","HK"
"2018-07-06 05:16:15","http://hengkangusa.com/Greeting-ECard-2018/","offline","malware_download","doc|emotet|heodo","hengkangusa.com","156.254.49.181","139880","HK"
"2018-07-02 16:26:40","http://hengkangusa.com/US/Jul2018/Direct-Deposit-Notice/","offline","malware_download","doc|emotet|heodo","hengkangusa.com","156.254.49.181","139880","HK"
"2018-05-28 07:03:06","http://prokeyboardist.com/cciXI/","offline","malware_download","Emotet|exe|Heodo","prokeyboardist.com","156.254.49.111","139880","HK"
"2018-05-17 18:53:16","http://prokeyboardist.com/0qLVjK7JgMX/","offline","malware_download","doc|emotet|Heodo","prokeyboardist.com","156.254.49.111","139880","HK"
# of entries: 91