##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 01:52:27 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS142403
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-08-19 15:32:22","http://103.146.158.129:8089/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","103.146.158.129","103.146.158.129","142403","HK"
"2025-08-12 18:03:55","http://103.146.158.129:1080/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","103.146.158.129","103.146.158.129","142403","HK"
"2025-08-09 21:58:42","http://103.146.158.129:4444/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","103.146.158.129","103.146.158.129","142403","HK"
"2025-08-09 21:58:07","http://103.146.158.129:8880/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","103.146.158.129","103.146.158.129","142403","HK"
"2025-05-23 05:27:08","http://154.221.16.38/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","154.221.16.38","154.221.16.38","142403","HK"
"2025-05-16 06:10:08","http://154.92.15.53:81/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","154.92.15.53","154.92.15.53","142403","HK"
"2025-03-21 19:30:23","http://154.92.14.41:2999/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","154.92.14.41","154.92.14.41","142403","HK"
"2025-02-13 15:52:27","https://154.221.28.166/Android.apk","offline","malware_download","apk","154.221.28.166","154.221.28.166","142403","HK"
"2025-02-13 15:51:00","https://www.cmcmarkets.work/Android.apk","offline","malware_download","apk","www.cmcmarkets.work","154.221.28.166","142403","HK"
"2024-12-13 10:37:10","http://154.221.28.112/02.08.2022.exe","offline","malware_download","cobaltstrike","154.221.28.112","154.221.28.112","142403","HK"
"2024-12-09 16:26:51","https://154.92.14.41:2998/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","154.92.14.41","154.92.14.41","142403","HK"
"2024-12-09 16:26:16","https://154.221.16.176:12443/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","154.221.16.176","154.221.16.176","142403","HK"
"2024-12-04 12:49:07","http://154.92.14.41:2999","offline","malware_download","hta|vbs-dropper","154.92.14.41","154.92.14.41","142403","HK"
"2024-11-07 08:12:22","http://39.109.122.249:7001/02.08.2022.exe","offline","malware_download","cobaltstrike","39.109.122.249","39.109.122.249","142403","HK"
"2024-11-07 08:12:22","http://39.109.122.249:8010/02.08.2022.exe","offline","malware_download","cobaltstrike","39.109.122.249","39.109.122.249","142403","HK"
"2024-10-29 18:30:28","http://154.92.19.29:1231/02.08.2022.exe","offline","malware_download","CobaltStrike|shellcode","154.92.19.29","154.92.19.29","142403","HK"
"2024-10-13 03:20:10","https://154.221.19.134:8443/02.08.2022.exe","offline","malware_download","CobaltStrike","154.221.19.134","154.221.19.134","142403","HK"
"2024-09-27 03:27:15","http://103.100.209.185/Server_se.exe","offline","malware_download","exe|Nitol","103.100.209.185","103.100.209.185","142403","HK"
"2024-09-27 03:27:13","http://103.100.209.185/jlr_se.exe","offline","malware_download","exe|Nitol","103.100.209.185","103.100.209.185","142403","HK"
"2024-08-16 17:05:05","http://156.236.72.148/02.08.2022.exe","offline","malware_download","cobaltstrike","156.236.72.148","156.236.72.148","142403","HK"
"2024-08-06 19:26:33","http://156.236.70.244/02.08.2022.exe","offline","malware_download","cobaltstrike|exe|This_exe_triggers_specifically_to_cobaltstrike_c2","156.236.70.244","156.236.70.244","142403","HK"
"2024-01-21 10:30:11","http://154.92.15.189/ef/rty45.exe","offline","malware_download","64|exe|Fabookie","154.92.15.189","154.92.15.189","142403","HK"
"2024-01-11 04:10:24","http://154.92.16.100/XIN/dwm2.exe","offline","malware_download","32|exe","154.92.16.100","154.92.16.100","142403","HK"
"2023-12-14 20:00:10","http://154.92.16.100/Admin/Mpclient.dll","offline","malware_download","32|AsyncRAT|exe","154.92.16.100","154.92.16.100","142403","HK"
"2023-12-14 04:07:08","http://154.92.16.100/Admin/svchost1.exe","offline","malware_download","32|AsyncRAT|exe|VenomRAT","154.92.16.100","154.92.16.100","142403","HK"
"2023-05-26 05:28:12","http://154.221.23.107/word.exe","offline","malware_download","exe|RemcosRAT","154.221.23.107","154.221.23.107","142403","HK"
"2023-05-26 05:28:11","http://154.221.23.107/CT360.exe","offline","malware_download","exe|RemcosRAT","154.221.23.107","154.221.23.107","142403","HK"
"2023-05-11 17:08:08","http://154.221.27.200/img.jpg","offline","malware_download","","154.221.27.200","154.221.27.200","142403","HK"
"2023-05-11 17:08:07","http://154.221.27.200/service.log","offline","malware_download","","154.221.27.200","154.221.27.200","142403","HK"
"2023-05-05 11:55:07","http://154.221.27.200/KK.exe","offline","malware_download","exe","154.221.27.200","154.221.27.200","142403","HK"
"2023-05-05 11:54:13","http://154.221.27.200/360.exe","offline","malware_download","exe","154.221.27.200","154.221.27.200","142403","HK"
"2023-05-05 11:54:11","http://154.221.27.200/word.exe","offline","malware_download","exe","154.221.27.200","154.221.27.200","142403","HK"
"2023-04-26 01:33:06","http://156.236.72.163:8080/dan.exe","offline","malware_download","32|exe|Gh0stRAT","156.236.72.163","156.236.72.163","142403","HK"
"2023-04-24 10:33:13","http://156.236.72.163:8080/MicOSOFTSearchProtocolHosb66.exe","offline","malware_download","32|exe|Gh0stRAT|Nitol","156.236.72.163","156.236.72.163","142403","HK"
"2023-04-17 02:22:44","http://154.221.19.94/PYS.exe","offline","malware_download","32|exe|Nitol","154.221.19.94","154.221.19.94","142403","HK"
"2023-04-07 00:30:53","http://154.221.19.94/GXS.exe","offline","malware_download","32|exe|Nitol","154.221.19.94","154.221.19.94","142403","HK"
"2023-04-06 22:54:27","http://154.221.19.94/GXS.exe?abc=%d/","offline","malware_download","32|exe|Nitol","154.221.19.94","154.221.19.94","142403","HK"
"2023-03-25 14:06:12","http://154.221.19.94/Windowsfig.exe","offline","malware_download","exe","154.221.19.94","154.221.19.94","142403","HK"
"2023-03-02 04:39:07","http://39.109.114.129:5858/kk/WmiPrvSEaz.exe","offline","malware_download","32|exe|FatalRAT","39.109.114.129","39.109.114.129","142403","HK"
"2023-03-02 04:30:08","http://39.109.114.129:5858/qd/Application.exe","offline","malware_download","32|exe","39.109.114.129","39.109.114.129","142403","HK"
"2023-02-27 08:26:05","http://39.109.114.129:5858/xdxm/qbcore.dll","offline","malware_download","32|exe|FatalRAT","39.109.114.129","39.109.114.129","142403","HK"
"2023-02-25 06:29:06","http://39.109.114.129:5858/akaz/Updaater.exe","offline","malware_download","32|exe|YoungLotus","39.109.114.129","39.109.114.129","142403","HK"
"2023-02-25 05:38:12","http://39.109.114.129:5858/akaz/Application.exe","offline","malware_download","32|exe","39.109.114.129","39.109.114.129","142403","HK"
"2022-10-13 04:39:08","http://103.210.238.215:443/SQLAGENTIHC.exe","offline","malware_download","coinminer|exe","103.210.238.215","103.210.238.215","142403","HK"
"2022-07-31 14:09:03","http://103.210.238.215/ma/ReportServser.exe","offline","malware_download","exe","103.210.238.215","103.210.238.215","142403","HK"
"2022-07-31 14:09:03","http://103.210.238.215/ma/SQLSerase.exe","offline","malware_download","exe","103.210.238.215","103.210.238.215","142403","HK"
"2022-07-31 13:40:04","http://103.210.238.215/ma/fdlaunchera.exe","offline","malware_download","exe","103.210.238.215","103.210.238.215","142403","HK"
"2022-07-25 08:25:10","http://103.210.238.215:443/ma/SQLSerase.exe","offline","malware_download","Blackmoon|CoinMiner|exe|Gh0stRAT","103.210.238.215","103.210.238.215","142403","HK"
"2022-07-10 07:59:07","http://103.210.238.196:443/ma/SQLSerase.exe","offline","malware_download","Blackmoon|CoinMiner|exe","103.210.238.196","103.210.238.196","142403","HK"
"2021-11-14 11:54:33","http://154.211.14.232/bins/sora.sh4","offline","malware_download","elf|Mirai","154.211.14.232","154.211.14.232","142403","HK"
"2021-11-14 11:53:40","http://154.211.14.232/bins/sora.x86","offline","malware_download","elf|Mirai","154.211.14.232","154.211.14.232","142403","HK"
"2021-11-14 11:52:45","http://154.211.14.232/bins/sora.ppc","offline","malware_download","elf|Mirai","154.211.14.232","154.211.14.232","142403","HK"
"2021-11-14 11:52:39","http://154.211.14.232/bins/sora.arm5","offline","malware_download","elf|Mirai","154.211.14.232","154.211.14.232","142403","HK"
"2021-11-14 11:52:15","http://154.211.14.232/bins/sora.mips","offline","malware_download","elf|Mirai","154.211.14.232","154.211.14.232","142403","HK"
"2021-11-14 11:52:14","http://154.211.14.232/bins/sora.arm","offline","malware_download","elf|Mirai","154.211.14.232","154.211.14.232","142403","HK"
"2021-07-30 05:16:41","http://39.109.117.11/kbbank.apk","offline","malware_download","android|apk|banker|spy","39.109.117.11","39.109.117.11","142403","HK"
"2019-12-12 20:44:41","http://39.109.104.219/wp-admin/multifunctional_zone/additional_forum/9D0KWR34Z7_nG6nculqyGn/","offline","malware_download","doc|emotet|epoch1|Heodo","39.109.104.219","39.109.104.219","142403","HK"
"2019-09-24 03:42:49","http://154.221.22.25/webmony.exe","offline","malware_download","exe","154.221.22.25","154.221.22.25","142403","HK"
"2019-09-13 04:51:21","http://154.209.4.126/udefrag.zip.3","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:51:16","http://154.209.4.126/udefrag.zip.2","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:51:11","http://154.209.4.126/udefrag.zip.1","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:51","http://154.209.4.126/udefrag.zip","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:38","http://154.209.4.126/meizi.exe","offline","malware_download","exe|Expiro|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:36","http://154.209.4.126/xmr.zip.3","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:32","http://154.209.4.126/xmr.zip.2","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:29","http://154.209.4.126/xmr.zip.1","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:23","http://154.209.4.126/xmr.zip","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:13","http://154.209.4.126/wk.exe.4","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:12","http://154.209.4.126/wk.exe.3","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:10","http://154.209.4.126/wk.exe.2","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:07","http://154.209.4.126/wk.exe.1","offline","malware_download","exe|payload|stage2","154.209.4.126","154.209.4.126","142403","HK"
"2019-09-13 04:50:05","http://154.209.4.126/wk.exe","offline","malware_download","exe|payload|Sality|stage2|Worm.Virut","154.209.4.126","154.209.4.126","142403","HK"
"2019-07-09 09:14:22","http://154.221.23.39:9999/Linux","offline","malware_download","ddos.tf|elf","154.221.23.39","154.221.23.39","142403","HK"
"2019-04-29 20:37:04","http://www.178zb.com/avcupkl/DOC/JyTuZk0xuP9n/","offline","malware_download","doc|emotet|epoch2|Heodo","www.178zb.com","154.83.13.111","142403","HK"
"2019-04-26 22:45:11","http://www.178zb.com/avcupkl/uaQX-bqEjZVQTNuL5JP_srOQVAYuZ-I8k/","offline","malware_download","doc|emotet|epoch1","www.178zb.com","154.83.13.111","142403","HK"
"2019-04-24 22:23:03","http://www.178zb.com/avcupkl/NvcQ-rfnG475DC0RMEv_EkVYWFIk-Mf/","offline","malware_download","doc|emotet|epoch1","www.178zb.com","154.83.13.111","142403","HK"
"2019-04-22 21:48:15","http://www.178zb.com/avcupkl/KBlhe-WVCWFhodD9BBflj_lbrcsBpH-dB/","offline","malware_download","doc|emotet|epoch1|Heodo","www.178zb.com","154.83.13.111","142403","HK"
"2019-04-17 12:18:21","http://www.178zb.com/index_files/service/vertrauen/201904/","offline","malware_download","doc|emotet|epoch1|Heodo","www.178zb.com","154.83.13.111","142403","HK"
"2019-03-15 19:24:04","http://www.365365c.com/wp-admin/rf2af-rmtby-mbwr/","offline","malware_download","doc|emotet|epoch2|Heodo","www.365365c.com","154.83.12.159","142403","HK"
"2019-02-19 15:16:38","http://103.210.236.96/starts.bat","offline","malware_download","bat","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:41","http://103.210.236.96/mm/nvidia.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:23","http://103.210.236.96/mm/cpu64.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:21","http://103.210.236.96/mm/cpu32.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:18","http://103.210.236.96/mm/amd64.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:15","http://103.210.236.96/mm/amd32.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:11","http://103.210.236.96/SqlWtsnvs.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:06","http://103.210.236.96/SqlWtsns.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:04","http://103.210.236.96/SQLAGENTSIN.exe","offline","malware_download","CoinMiner|CoinMiner.XMRig|exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:14:02","http://103.210.236.96/nsisvc.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-02-19 15:13:04","http://103.210.236.96/SQLIOSIMS.exe","offline","malware_download","exe","103.210.236.96","103.210.236.96","142403","HK"
"2019-01-26 09:49:23","http://103.100.209.198/SQLIOSIM.exe","offline","malware_download","exe","103.100.209.198","103.100.209.198","142403","HK"
"2019-01-10 07:55:05","http://103.100.209.198/SqlWtsn.exe","offline","malware_download","CoinMiner.XMRig|exe","103.100.209.198","103.100.209.198","142403","HK"
# of entries: 92