############################################################################## # URLhaus ASN CSV Feed # # Generated on 2025-11-19 14:38:16 UTC # # # # For questions please refer to: # # https://urlhaus.abuse.ch/feeds/ # ############################################################################## # # Feed generated for AS23724 # # Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country "2025-10-31 12:00:08","http://106.38.201.207:8042/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","106.38.201.207","106.38.201.207","23724","CN" "2025-05-22 07:58:07","http://106.38.201.218:8801/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","106.38.201.218","106.38.201.218","23724","CN" "2025-05-19 04:03:08","http://106.38.201.218:8800/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","106.38.201.218","106.38.201.218","23724","CN" "2025-04-17 17:07:41","https://49.7.54.162:8443/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","49.7.54.162","49.7.54.162","23724","CN" "2024-12-16 17:37:14","http://218.30.103.189/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.189","218.30.103.189","23724","CN" "2024-12-16 17:37:12","http://218.30.103.198/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.198","218.30.103.198","23724","CN" "2024-12-16 17:37:07","http://218.30.103.130/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.130","218.30.103.130","23724","CN" "2024-12-16 17:37:07","http://218.30.103.192/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.192","218.30.103.192","23724","CN" "2024-12-16 17:37:07","http://218.30.103.232/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.232","218.30.103.232","23724","CN" "2024-12-16 17:37:05","http://218.30.103.154/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.154","218.30.103.154","23724","CN" "2024-12-16 17:37:05","http://218.30.103.168/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.168","218.30.103.168","23724","CN" "2024-12-16 17:37:05","http://218.30.103.182/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.182","218.30.103.182","23724","CN" "2024-12-16 17:37:05","http://218.30.103.224/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","218.30.103.224","218.30.103.224","23724","CN" "2024-12-16 11:17:16","http://106.38.201.40:8443/02.08.2022.exe","offline","malware_download","cobaltstrike","106.38.201.40","106.38.201.40","23724","CN" "2024-11-06 11:54:18","http://disk.accord1key.cn/txdown_disk/%E8%BD%AF%E4%BB%B6%E4%BD%BF%E7%94%A8/%E7%BC%BA%E5%A4%B1%E4%B8%8B%E8%BD%BD/plugin.dll","online","malware_download","DLL","disk.accord1key.cn","49.7.210.159","23724","CN" "2020-06-03 09:23:47","http://42.62.11.212/bins/Ares.x86","offline","malware_download","elf","42.62.11.212","42.62.11.212","23724","CN" "2019-12-11 15:52:06","https://shop-test.263nt.com/0bdht5/closed-box/interior-cloud/qntu-t27st21vuv6w6/","offline","malware_download","doc|emotet|epoch1|Heodo","shop-test.263nt.com","211.157.227.116","23724","CN" "2019-05-17 05:30:49","http://101.254.149.23:5910/huya.4","offline","malware_download","elf","101.254.149.23","101.254.149.23","23724","CN" "2019-05-16 06:07:17","http://114.64.249.236:12560/Li-8","offline","malware_download","elf","114.64.249.236","114.64.249.236","23724","CN" "2019-05-11 02:33:42","http://101.254.149.23:5910/cef2.4","offline","malware_download","elf","101.254.149.23","101.254.149.23","23724","CN" "2019-04-20 01:28:51","http://101.254.149.23:5910/ffipc2.4","offline","malware_download","elf","101.254.149.23","101.254.149.23","23724","CN" "2019-02-23 05:10:52","http://101.254.225.145:5910/hor2.4","offline","malware_download","elf","101.254.225.145","101.254.225.145","23724","CN" "2019-02-18 12:42:05","http://119.254.12.142/De_de/UDUAGTZ8720587/Rechnungskorrektur/Zahlungserinnerung/","offline","malware_download","Emotet|Heodo|Tinba","119.254.12.142","119.254.12.142","23724","CN" "2019-02-18 05:09:01","http://119.254.12.142/US_us/corporation/Invoice_number/aXwy-4a_IPVAwL-Yrb","offline","malware_download","doc","119.254.12.142","119.254.12.142","23724","CN" "2019-02-15 18:13:03","http://119.254.12.142/US_us/corporation/Invoice_number/aXwy-4a_IPVAwL-Yrb/","offline","malware_download","Emotet|Heodo","119.254.12.142","119.254.12.142","23724","CN" "2019-02-13 17:48:07","http://119.254.12.142/US_us/download/Invoice_Notice/DEhK-cRi_XfFFEn-rui/","offline","malware_download","Emotet|Heodo","119.254.12.142","119.254.12.142","23724","CN" "2019-02-13 14:36:14","http://101.254.225.145:5910/ca2.6","offline","malware_download","","101.254.225.145","101.254.225.145","23724","CN" "2019-02-13 13:23:36","http://101.254.225.145:5910/ca2.4","offline","malware_download","","101.254.225.145","101.254.225.145","23724","CN" "2019-02-11 19:05:10","http://119.254.12.142/En/llc/UjBO-7i5MH_rh-hch/","offline","malware_download","doc|emotet|epoch2|Heodo","119.254.12.142","119.254.12.142","23724","CN" "2019-01-31 01:54:11","http://101.254.149.83:10533/SetNH","offline","malware_download","elf","101.254.149.83","101.254.149.83","23724","CN" "2018-10-17 06:03:06","http://wotehb.com/public/artdialog/_doc/highlight/files/zuniga/zuniga.exe","offline","malware_download","AgentTesla|exe","wotehb.com","101.36.223.224","23724","CN" "2018-10-15 12:31:07","http://wotehb.com/public/artdialog/_doc/highlight/files/neme/neme2.exe","offline","malware_download","AgentTesla|exe","wotehb.com","101.36.223.224","23724","CN" "2018-08-14 04:30:25","http://vi.com.cn/h2015/it39/499ICorporation/AZVT29941MKAN/17885167/IFOG-ZJHO-Aug-10-2018/","offline","malware_download","doc|emotet|Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-08-10 04:36:05","http://vi.com.cn/h2015/it39/499ICorporation/AZVT29941MKAN/17885167/IFOG-ZJHO-Aug-10-2018","offline","malware_download","doc|emotet|Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-30 06:13:53","http://vi.com.cn/h2015/h3px1/FILE/Invoice-570913","offline","malware_download","emotet|heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-28 05:37:48","http://vi.com.cn/h2015/bdceo/Rechnungs","offline","malware_download","emotet|heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-28 04:33:36","http://vi.com.cn/h2015/bdceo/Rechnungs/","offline","malware_download","Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-27 15:03:14","http://vi.com.cn/h2015/h3px1/FILE/Invoice-570913/","offline","malware_download","Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-25 04:47:05","http://220.181.87.80/t.exe","offline","malware_download","exe|Pony","220.181.87.80","220.181.87.80","23724","CN" "2018-06-21 13:03:56","http://vi.com.cn/h2015/nyy05/IRS-TRANSCRIPTS-062018-9697","offline","malware_download","emotet|Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-15 00:24:34","http://vi.com.cn/h2015/newit2/DHL-28-Sep-17-64579/HW-CWSH/","offline","malware_download","Emotet|Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-13 21:16:08","http://vi.com.cn/h2015/christmas/IRS-Tax-Transcipts-1860","offline","malware_download","doc|emotet|epoch1|Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-11 19:14:11","http://vi.com.cn/h2015/yqh01/IRS-Transcripts-062018-05N/8/","offline","malware_download","doc|emotet|epoch1|Formbook|Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-05 22:27:12","http://vi.com.cn/h2015/bshh1/FILE/858191/","offline","malware_download","doc|emotet|Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-06-01 17:46:51","http://vi.com.cn/demo/site/Facture-impayee/","offline","malware_download","doc|emotet|Heodo","vi.com.cn","211.100.61.94","23724","CN" "2018-05-29 19:20:05","http://vi.com.cn/h2015/nyy05/FILE/invoice/","offline","malware_download","doc|emotet|Heodo","vi.com.cn","211.100.61.94","23724","CN" # of entries: 46