##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-20 20:56:59 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS197155
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-08-28 05:48:05","http://91.206.178.27/vbnh.pdf","offline","malware_download","LummaStealer","91.206.178.27","91.206.178.27","197155","PL"
"2025-08-24 14:17:38","http://91.206.178.200/int.pdf","offline","malware_download","ClickFix|DonutLoader|FakeCaptcha|hta|LummaStealer","91.206.178.200","91.206.178.200","197155","PL"
"2025-02-18 07:01:05","http://91.206.178.120:5001/script_end?random_number=76945","offline","malware_download","91-206-178-120","91.206.178.120","91.206.178.120","197155","PL"
"2025-02-18 07:01:05","http://91.206.178.120:5001/script_start?ip=85.94.163.251&os=Microsoft%20Windows%20NT%2010.0.19045.0&memory=3.99&random_number=76945","offline","malware_download","91-206-178-120","91.206.178.120","91.206.178.120","197155","PL"
"2025-02-18 06:56:04","http://91.206.178.120:5001/get_txt","offline","malware_download","91-206-178-120|LummaStealer","91.206.178.120","91.206.178.120","197155","PL"
"2025-02-18 06:56:04","http://91.206.178.120:5001/script_start","offline","malware_download","","91.206.178.120","91.206.178.120","197155","PL"
"2024-10-17 09:41:07","https://kambud.biz/LabaPzMEkhwRRrP197.bin","offline","malware_download","encrypted|GuLoader","kambud.biz","185.17.43.223","197155","PL"
"2024-10-17 09:40:07","https://kambud.biz/TrKbMEENHWGFu198.bin","offline","malware_download","encrypted|GuLoader","kambud.biz","185.17.43.223","197155","PL"
"2024-02-17 09:09:38","http://37.28.157.3/b90e088dfaeb928d/nss3.dll","offline","malware_download","dll|Stealc","37.28.157.3","37.28.157.3","197155","PL"
"2024-02-17 09:09:37","http://37.28.157.3/b90e088dfaeb928d/vcruntime140.dll","offline","malware_download","dll|Stealc","37.28.157.3","37.28.157.3","197155","PL"
"2024-02-17 09:09:12","http://37.28.157.3/b90e088dfaeb928d/sqlite3.dll","offline","malware_download","dll|Stealc","37.28.157.3","37.28.157.3","197155","PL"
"2024-02-17 09:09:10","http://37.28.157.3/b90e088dfaeb928d/freebl3.dll","offline","malware_download","dll|Stealc","37.28.157.3","37.28.157.3","197155","PL"
"2024-02-17 09:09:10","http://37.28.157.3/b90e088dfaeb928d/mozglue.dll","offline","malware_download","dll|Stealc","37.28.157.3","37.28.157.3","197155","PL"
"2024-02-17 09:09:10","http://37.28.157.3/b90e088dfaeb928d/msvcp140.dll","offline","malware_download","dll|Stealc","37.28.157.3","37.28.157.3","197155","PL"
"2024-02-17 09:09:09","http://37.28.157.3/b90e088dfaeb928d/softokn3.dll","offline","malware_download","dll|Stealc","37.28.157.3","37.28.157.3","197155","PL"
"2024-02-05 06:43:44","http://91.206.178.118/a9d06ea3fe859ab7/vcruntime140.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:35","http://91.206.178.118/a9d06ea3fe859ab7/nss3.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:34","http://91.206.178.118/a9d06ea3fe859ab7/mozglue.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:32","http://91.206.178.118/a9d06ea3fe859ab7/msvcp140.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:32","http://91.206.178.118/a9d06ea3fe859ab7/sqlite3.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:31","http://91.206.178.118/a9d06ea3fe859ab7/freebl3.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:23","http://91.206.178.118/a9d06ea3fe859ab7/softokn3.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:15","http://91.206.178.118/e0e2f45da0c45e6b/freebl3.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:14","http://91.206.178.118/e0e2f45da0c45e6b/mozglue.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:14","http://91.206.178.118/e0e2f45da0c45e6b/msvcp140.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:14","http://91.206.178.118/e0e2f45da0c45e6b/nss3.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-02-05 06:43:14","http://91.206.178.118/e0e2f45da0c45e6b/sqlite3.dll","offline","malware_download","dll|Stealc","91.206.178.118","91.206.178.118","197155","PL"
"2024-01-24 06:19:38","http://185.17.40.133/d9db6111f3c7d6df/nss3.dll","offline","malware_download","dll|Stealc","185.17.40.133","185.17.40.133","197155","PL"
"2024-01-24 06:19:35","http://185.17.40.133/d9db6111f3c7d6df/vcruntime140.dll","offline","malware_download","dll|Stealc","185.17.40.133","185.17.40.133","197155","PL"
"2024-01-24 06:19:08","http://185.17.40.133/d9db6111f3c7d6df/mozglue.dll","offline","malware_download","dll|Stealc","185.17.40.133","185.17.40.133","197155","PL"
"2024-01-24 06:19:08","http://185.17.40.133/d9db6111f3c7d6df/msvcp140.dll","offline","malware_download","dll|Stealc","185.17.40.133","185.17.40.133","197155","PL"
"2024-01-24 06:19:08","http://185.17.40.133/d9db6111f3c7d6df/sqlite3.dll","offline","malware_download","dll|Stealc","185.17.40.133","185.17.40.133","197155","PL"
"2024-01-24 06:19:07","http://185.17.40.133/d9db6111f3c7d6df/freebl3.dll","offline","malware_download","dll|Stealc","185.17.40.133","185.17.40.133","197155","PL"
"2024-01-24 06:19:06","http://185.17.40.133/d9db6111f3c7d6df/softokn3.dll","offline","malware_download","dll|Stealc","185.17.40.133","185.17.40.133","197155","PL"
"2023-10-03 06:04:08","http://194.15.216.72/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll","offline","malware_download","dll|RecordBreaker","194.15.216.72","194.15.216.72","197155","PL"
"2023-10-03 06:04:08","http://194.15.216.72/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll","offline","malware_download","dll|RecordBreaker","194.15.216.72","194.15.216.72","197155","PL"
"2023-10-03 06:04:08","http://194.15.216.72/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll","offline","malware_download","dll|RecordBreaker","194.15.216.72","194.15.216.72","197155","PL"
"2023-10-03 06:04:08","http://194.15.216.72/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll","offline","malware_download","dll|RecordBreaker","194.15.216.72","194.15.216.72","197155","PL"
"2023-10-03 06:04:08","http://194.15.216.72/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll","offline","malware_download","dll|RecordBreaker","194.15.216.72","194.15.216.72","197155","PL"
"2023-10-03 06:04:07","http://194.15.216.72/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll","offline","malware_download","dll|RecordBreaker","194.15.216.72","194.15.216.72","197155","PL"
"2023-10-03 06:04:07","http://194.15.216.72/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll","offline","malware_download","dll|RecordBreaker","194.15.216.72","194.15.216.72","197155","PL"
"2023-06-20 20:36:10","https://stowarzyszeniepolonistow.pl/ldfozqgbeb/vodka.gif","offline","malware_download","geofenced|js|Obama269|Qakbot|TR|USA|zip","stowarzyszeniepolonistow.pl","185.17.43.223","197155","PL"
"2023-06-20 17:00:14","https://stowarzyszeniepolonistow.pl/ldfozqgbeb/ldfozqgbeb.gif","offline","malware_download","geofenced|js|Obama269|Qakbot|TR|USA|zip","stowarzyszeniepolonistow.pl","185.17.43.223","197155","PL"
"2022-12-14 20:05:32","https://fun-fly.pl/upis/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","fun-fly.pl","37.28.159.90","197155","PL"
"2022-11-02 01:51:38","https://biuropit.com.pl/spiu/qbot.zip","offline","malware_download","BB05|BV1|iso|qakbot|qbot|quakbot|TR|zip","biuropit.com.pl","185.17.40.218","197155","PL"
"2022-06-08 21:22:14","http://www.maszynyszwalnicze.pl/12/TrdngAnlzr649.exe","offline","malware_download","32|exe|RedLineStealer","www.maszynyszwalnicze.pl","185.17.43.225","197155","PL"
"2022-06-08 21:22:04","http://www.maszynyszwalnicze.pl/12/TrdngAnlzr74549.exe","offline","malware_download","32|exe|RedLineStealer|XFilesStealer","www.maszynyszwalnicze.pl","185.17.43.225","197155","PL"
"2022-06-08 21:12:05","http://www.maszynyszwalnicze.pl/12/TrdngAnlzr2249.exe","offline","malware_download","32|exe|RedLineStealer|XFilesStealer","www.maszynyszwalnicze.pl","185.17.43.225","197155","PL"
"2022-06-08 21:03:04","http://www.maszynyszwalnicze.pl/12/TrdngAnlzr1756.exe","offline","malware_download","32|exe|RedLineStealer","www.maszynyszwalnicze.pl","185.17.43.225","197155","PL"
"2022-06-08 01:49:05","https://www.maszynyszwalnicze.pl/12/TrdngAnlzr1756.exe","offline","malware_download","32|exe|RedLineStealer|XFilesStealer","www.maszynyszwalnicze.pl","185.17.43.225","197155","PL"
"2022-06-08 01:49:05","https://www.maszynyszwalnicze.pl/12/TrdngAnlzr2249.exe","offline","malware_download","32|exe|RedLineStealer|XFilesStealer","www.maszynyszwalnicze.pl","185.17.43.225","197155","PL"
"2022-06-08 01:17:06","https://www.maszynyszwalnicze.pl/12/TrdngAnlzr649.exe","offline","malware_download","32|exe|RedLineStealer","www.maszynyszwalnicze.pl","185.17.43.225","197155","PL"
"2022-01-27 21:44:10","http://tombet.net/jmaruk/fd8sVaiAcwcsfMdONH/","offline","malware_download","emotet|epoch5|exe|Heodo","tombet.net","178.255.42.227","197155","PL"
"2020-10-26 19:12:04","http://tyo.pl/wp-content/X9Ct1rAeP5tyvCEo4PynDVWUG9ikEBv4lza7mf/","offline","malware_download","doc|emotet|epoch2|Heodo","tyo.pl","37.28.159.194","197155","PL"
"2020-08-17 17:18:39","http://schladzalniki.eko-bart.pl/cgi-bin/7f53903/","offline","malware_download","emotet|epoch1|exe|Heodo","schladzalniki.eko-bart.pl","37.28.157.154","197155","PL"
"2019-04-30 17:06:03","http://ekokominki.pl/3vp4/l_Op/","offline","malware_download","emotet|epoch2|exe|Heodo","ekokominki.pl","185.17.43.225","197155","PL"
"2019-02-25 10:24:04","http://stacjazgierz.pl/cmsms/admin/lang/ext/messg.jpg","offline","malware_download","exe|Troldesh","stacjazgierz.pl","37.28.152.74","197155","PL"
"2019-02-16 04:53:18","http://baptysci.waw.pl/audio/piesni/txt/messg.jpg","offline","malware_download","exe|payload|ransomware|stage2|TrolDesh","baptysci.waw.pl","185.17.41.25","197155","PL"
"2019-02-09 22:58:29","http://barbarapaliga.pl/cgi-bin/messg.jpg","offline","malware_download","exe","barbarapaliga.pl","37.28.158.228","197155","PL"
"2018-07-31 03:57:03","http://it-optima.com.pl/newsletter/EN_en/OVERDUE-ACCOUNT/Deposit/","offline","malware_download","doc|emotet|epoch2|Heodo","it-optima.com.pl","185.17.43.225","197155","PL"
"2018-04-25 14:45:45","http://aftertax.pl/0HGiMMo/","offline","malware_download","doc|emotet","aftertax.pl","185.17.43.225","197155","PL"
"2018-04-06 06:10:10","https://www.bonavigator.pl/Overdue-payment/","offline","malware_download","doc|emotet|heodo","www.bonavigator.pl","185.17.40.218","197155","PL"
# of entries: 62