############################################################################## # URLhaus ASN CSV Feed # # Generated on 2025-11-18 18:47:53 UTC # # # # For questions please refer to: # # https://urlhaus.abuse.ch/feeds/ # ############################################################################## # # Feed generated for AS38365 # # Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country "2025-11-13 18:39:13","http://120.48.123.10:8090/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","120.48.123.10","120.48.123.10","38365","CN" "2025-10-23 04:14:22","http://120.48.25.153:9999/cs4.7-cn/third-party/winvnc.x64.dll","offline","malware_download","huntio|opendir","120.48.25.153","120.48.25.153","38365","CN" "2025-10-23 04:14:07","http://120.48.25.153:9999/cs4.7-cn/third-party/winvnc.x86.dll","offline","malware_download","huntio|opendir","120.48.25.153","120.48.25.153","38365","CN" "2025-10-10 20:40:08","http://120.48.123.10:8080/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","120.48.123.10","120.48.123.10","38365","CN" "2025-10-06 12:52:58","http://120.48.12.172:8000/3.exe","offline","malware_download","exe|QuasarRAT","120.48.12.172","120.48.12.172","38365","CN" "2025-10-06 12:52:42","http://120.48.12.172:8000/1.exe","offline","malware_download","exe","120.48.12.172","120.48.12.172","38365","CN" "2025-10-06 12:52:42","http://120.48.12.172:8000/Quasar.v1.4.1/Quasar%20v1.4.1/Quasar.exe","offline","malware_download","exe|QuasarRAT","120.48.12.172","120.48.12.172","38365","CN" "2025-10-04 14:17:08","http://180.76.153.78:9001/info.zip","online","malware_download","Coinminer","180.76.153.78","180.76.153.78","38365","CN" "2025-09-21 15:55:14","http://120.48.50.33:8888/02.08.2022.exe","online","malware_download","censys|CobaltStrike","120.48.50.33","120.48.50.33","38365","CN" "2025-09-18 16:39:08","http://106.13.137.229:7777/02.08.2022.exe","online","malware_download","censys|CobaltStrike","106.13.137.229","106.13.137.229","38365","CN" "2025-09-06 21:48:08","http://120.48.24.227/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","120.48.24.227","120.48.24.227","38365","CN" "2025-07-21 06:07:15","http://106.12.215.229:8099/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","106.12.215.229","106.12.215.229","38365","CN" "2025-07-16 06:00:19","http://106.12.215.229:8080/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","106.12.215.229","106.12.215.229","38365","CN" "2025-07-11 06:16:10","http://120.48.25.39/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","120.48.25.39","120.48.25.39","38365","CN" "2025-06-06 18:12:33","http://180.76.144.175/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","180.76.144.175","180.76.144.175","38365","CN" "2025-05-15 06:07:07","http://180.76.138.238/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","180.76.138.238","180.76.138.238","38365","CN" "2025-04-30 18:08:33","http://180.76.244.133/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","180.76.244.133","180.76.244.133","38365","CN" "2024-12-16 17:37:18","http://120.48.116.118:7777/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","120.48.116.118","120.48.116.118","38365","CN" "2024-12-03 18:36:13","https://180.76.138.238/02.08.2022.exe","offline","malware_download","CobaltStrike|shellcode","180.76.138.238","180.76.138.238","38365","CN" "2024-09-04 17:39:12","https://106.13.33.204/02.08.2022.exe","offline","malware_download","CobaltStrike|shellcode","106.13.33.204","106.13.33.204","38365","CN" "2024-08-16 17:05:11","http://120.48.124.220:8080/02.08.2022.exe","offline","malware_download","cobaltstrike","120.48.124.220","120.48.124.220","38365","CN" "2024-08-06 19:26:05","http://120.48.124.220/02.08.2022.exe","offline","malware_download","cobaltstrike|exe|This_exe_triggers_specifically_to_cobaltstrike_c2","120.48.124.220","120.48.124.220","38365","CN" "2024-08-02 09:48:28","https://182.61.55.76/SosoAppdata----44%e7%82%b9%e5%90%8e.ini","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:24","https://182.61.55.76/MSVBCRT.exe","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:13","https://182.61.55.76/JQMain.exe","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:13","https://182.61.55.76/PXHMAIN.exe","offline","malware_download","CobaltStrike","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:12","https://182.61.55.76/GZX.exe","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:12","https://182.61.55.76/SosoAppdata.ini","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:10","https://182.61.55.76/GZX6666.exe","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:10","https://182.61.55.76/JQMain7.30.zip","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:09","https://182.61.55.76/PXHMAIN7.30%e8%81%94%e9%80%9a.zip","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:09","https://182.61.55.76/PXHMAIN7.31.zip","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:07","https://182.61.55.76/GZX7.30%e5%bc%80%e6%88%bf%e8%81%94%e9%80%9a.zip","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:06","https://182.61.55.76/%e7%89%a9%e5%93%81%e4%bb%a3%e7%a0%81.txt","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:06","https://182.61.55.76/GZX7.31.1%e4%bb%bb%e5%8a%a1.zip","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-08-02 09:48:05","https://182.61.55.76/8yue%20yyyyyyyyyyy.zip","offline","malware_download","","182.61.55.76","182.61.55.76","38365","CN" "2024-06-08 14:09:09","http://120.48.123.240:88/shellcode/payload.bin","offline","malware_download","turtleloader","120.48.123.240","120.48.123.240","38365","CN" "2024-06-08 14:08:09","http://120.48.123.240:88/shellcode/code.txt","offline","malware_download","base64|base64-loader|Metasploit","120.48.123.240","120.48.123.240","38365","CN" "2024-06-08 14:08:08","http://120.48.123.240:88/shellcode/main.exe","offline","malware_download","CobaltStrike|dothetuk|trojan","120.48.123.240","120.48.123.240","38365","CN" "2024-02-23 12:51:04","http://120.48.58.156:8888/supershell/login","offline","malware_download","Supershell","120.48.58.156","120.48.58.156","38365","CN" "2023-03-08 18:14:23","http://106.12.173.7/d","offline","malware_download","32|arm|elf|mirai","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:13:23","http://106.12.173.7/e","offline","malware_download","32|arm|elf|mirai","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:13:23","http://106.12.173.7/q","offline","malware_download","32|elf|mips|mirai","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:13:23","http://106.12.173.7/t","offline","malware_download","32|elf|intel|mirai","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:13:21","http://106.12.173.7/c","offline","malware_download","64|elf|mirai","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:13:21","http://106.12.173.7/h","offline","malware_download","32|elf|mirai|powerpc","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:12:24","http://106.12.173.7/z","offline","malware_download","32|elf|mips|mirai","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:12:19","http://106.12.173.7/a","offline","malware_download","32|arm|elf|mirai","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:12:19","http://106.12.173.7/w","offline","malware_download","32|elf|mirai|sparc","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:12:05","http://106.12.173.7/bins.sh","offline","malware_download","shellscript","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:11:12","http://106.12.173.7/f","offline","malware_download","32|elf|mirai|motorola","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:03:18","http://106.12.173.7/s","offline","malware_download","32|elf|mirai|renesas","106.12.173.7","106.12.173.7","38365","CN" "2023-03-08 18:02:25","http://106.12.173.7/b","offline","malware_download","32|arm|elf|mirai","106.12.173.7","106.12.173.7","38365","CN" "2022-07-01 04:52:08","http://120.48.11.44/zxc.exe","offline","malware_download","YoungLotus","120.48.11.44","120.48.11.44","38365","CN" "2022-07-01 04:52:08","http://120.48.78.85/123.exe","offline","malware_download","YoungLotus","120.48.78.85","120.48.78.85","38365","CN" "2022-02-03 19:56:05","http://106.13.113.20/bote","offline","malware_download","IRCbot|perl|PerlBot|ShellBot","106.13.113.20","106.13.113.20","38365","CN" "2021-08-10 03:12:33","http://42.199.166.90:58365/mozi.a","offline","malware_download","","42.199.166.90","42.199.166.90","38365","CN" "2020-10-15 20:13:06","http://www.jszacct.com/pzcmd/paclm/DIXn2TEa2uvkGJxUzm/","offline","malware_download","doc|emotet|epoch1|Heodo","www.jszacct.com","182.61.23.174","38365","CN" "2020-10-13 04:26:06","http://dl.mydown.com/download/be5abe2da15f5d91d4f29cbf80d5d581/509451398_6/newsoft/tsbrowser_724_4.0.7.20.exe","offline","malware_download","exe","dl.mydown.com","120.48.128.2","38365","CN" "2020-09-18 20:13:05","http://106.12.24.182/acpzk/Documentation/9y03736184830368gqu6ndco346hs7oqbtdhv/","offline","malware_download","doc|emotet|epoch2|Heodo","106.12.24.182","106.12.24.182","38365","CN" "2020-01-29 13:57:58","http://www.cclrbbt.com/87/IuXP4807/","offline","malware_download","emotet|epoch1|exe|Heodo","www.cclrbbt.com","180.76.185.206","38365","CN" "2020-01-29 09:50:08","http://106.12.111.189/wr0pezn/balance/tdgny0i/n8675-18112-660uc32e55thq84ag/","offline","malware_download","doc|emotet|epoch2|heodo","106.12.111.189","106.12.111.189","38365","CN" "2020-01-23 08:04:56","https://jsd618.com/wp-content/PbbZi-nAqvACpE2Fgo-box/security-warehouse/xuwgi-7v502095uv/","offline","malware_download","doc|emotet|epoch1|Heodo","jsd618.com","106.13.200.18","38365","CN" "2020-01-23 07:58:08","http://106.12.111.189/wr0pezn/personal-zone/jt611syry9ww2a-pnad-cloud/Or7i2wGBvU-pfGp0whwLtM9/","offline","malware_download","doc|emotet|epoch1|Heodo","106.12.111.189","106.12.111.189","38365","CN" "2020-01-23 07:33:13","http://www.cclrbbt.com/87/FILE/pag4rygf9/4t-911386-51-2aepyw-8ludagyw/","offline","malware_download","doc|emotet|epoch2|heodo","www.cclrbbt.com","180.76.185.206","38365","CN" "2020-01-21 07:37:48","http://www.cclrbbt.com/file/Ayvb228/","offline","malware_download","emotet|epoch1|exe|Heodo","www.cclrbbt.com","180.76.185.206","38365","CN" "2020-01-18 08:25:05","http://106.12.111.189/wr0pezn/Scan/","offline","malware_download","doc|emotet|epoch2|heodo","106.12.111.189","106.12.111.189","38365","CN" "2020-01-16 16:17:10","https://jsd618.com/wp-content/invoice/t17a4o-5688-3202674-vsgoz3iw-lknm0wxih/","offline","malware_download","doc|emotet|epoch2|heodo","jsd618.com","106.13.200.18","38365","CN" "2020-01-16 09:33:18","http://www.cclrbbt.com/ueditor/5fkvd8q-qrsc-2899/","offline","malware_download","doc|emotet|epoch3|heodo","www.cclrbbt.com","180.76.185.206","38365","CN" "2020-01-16 02:19:06","http://106.12.111.189/wr0pezn/report/jr-03928953-987261-xgycneqxh5-4y33/","offline","malware_download","doc|emotet|epoch2|Heodo","106.12.111.189","106.12.111.189","38365","CN" "2020-01-14 15:55:12","https://jsd618.com/wp-content/statement/","offline","malware_download","doc|emotet|epoch2|heodo","jsd618.com","106.13.200.18","38365","CN" "2020-01-13 23:40:06","http://106.12.111.189/wr0pezn/sites/s0kgm6/","offline","malware_download","doc|emotet|epoch2|heodo","106.12.111.189","106.12.111.189","38365","CN" "2019-06-05 22:15:10","http://www.gauss-control.com/wp-includes/oo/guy.exe","offline","malware_download","exe","www.gauss-control.com","106.13.206.30","38365","CN" "2019-06-05 11:21:14","http://gauss-control.com/wp-includes/oo/my.exe","offline","malware_download","exe","gauss-control.com","106.13.206.30","38365","CN" "2019-06-04 23:35:11","http://www.gauss-control.com/wp-includes/oo/my.exe","offline","malware_download","exe","www.gauss-control.com","106.13.206.30","38365","CN" "2019-05-10 01:17:34","http://106.12.99.117:666/linux","offline","malware_download","elf","106.12.99.117","106.12.99.117","38365","CN" "2019-05-04 04:54:21","http://106.13.96.196/LinuxTF","offline","malware_download","elf","106.13.96.196","106.13.96.196","38365","CN" "2019-05-04 04:40:10","http://106.13.96.196/svcyr.exe","offline","malware_download","exe","106.13.96.196","106.13.96.196","38365","CN" "2019-05-04 04:36:10","http://106.13.96.196/1433%E6%8F%90%E6%9D%83.exe","offline","malware_download","exe","106.13.96.196","106.13.96.196","38365","CN" "2019-05-04 04:22:28","http://106.13.96.196/office.exe","offline","malware_download","exe","106.13.96.196","106.13.96.196","38365","CN" "2019-05-04 04:22:22","http://106.13.96.196/Linux4.7","offline","malware_download","elf","106.13.96.196","106.13.96.196","38365","CN" "2019-03-03 22:32:48","http://106.12.201.224/package/payload/1/payload.jar","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:47","http://106.12.201.224/package/payload/1/payload-1.jar","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:46","http://106.12.201.224/Jenkins-PreAuth-RCE-PoC/code/payload-1.jar","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:45","http://106.12.201.224/Jenkins-PreAuth-RCE-PoC/code/Payload.java","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:44","http://106.12.201.224/Jenkins-PreAuth-RCE-PoC/code/Payload.class","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:44","http://106.12.201.224/rips/js/netron.js","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:43","http://106.12.201.224/rips/js/hotpatch.js","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:42","http://106.12.201.224/rips/js/exploit.js","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:41","http://106.12.201.224/rips/js/script.js","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:40","http://106.12.201.224/Jenkins-PreAuth-RCE-PoC/build.sh","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:39","http://106.12.201.224/Jenkins-PreAuth-RCE-PoC/README.txt","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:38","http://106.12.201.224/payload.jar","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:37","http://106.12.201.224/payload-1.jar","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:32:36","http://106.12.201.224/cobaltstrike3.12_cracked-master.zip","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-03 22:03:02","http://106.12.201.224/asset_discovery.py","offline","malware_download","cobalt|cobaltstrike|cracked|exe|payload|strike","106.12.201.224","106.12.201.224","38365","CN" "2019-03-02 13:07:06","http://106.13.13.9/lpk.dll","offline","malware_download","exe|payload","106.13.13.9","106.13.13.9","38365","CN" "2019-03-02 13:07:05","http://106.13.13.9/MpeSvc.exe","offline","malware_download","exe|payload","106.13.13.9","106.13.13.9","38365","CN" "2019-01-23 09:19:07","http://180.76.114.169:8081/Yuming","offline","malware_download","ddos|elf","180.76.114.169","180.76.114.169","38365","CN" "2019-01-12 06:44:03","http://180.76.114.169:8081/Stsz.exe","offline","malware_download","exe","180.76.114.169","180.76.114.169","38365","CN" "2018-06-28 05:36:57","http://shanfeng99.com/DOC-Dokument/in-Rechnung-gestellt","offline","malware_download","emotet|heodo","shanfeng99.com","180.76.132.171","38365","CN" "2018-06-28 04:33:04","http://shanfeng99.com/DOC-Dokument/in-Rechnung-gestellt/","offline","malware_download","Heodo","shanfeng99.com","180.76.132.171","38365","CN" # of entries: 102