##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2026-06-28 07:54:20 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS398823
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2026-02-08 17:41:19","https://107.149.192.54:8080/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","107.149.192.54","107.149.192.54","398823","US"
"2026-02-08 17:41:14","https://107.149.192.54:7443/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","107.149.192.54","107.149.192.54","398823","US"
"2025-11-29 13:18:18","http://104.219.215.157/02.08.2022.exe","offline","malware_download","censys|CobaltStrike","104.219.215.157","104.219.215.157","398823","US"
"2024-12-27 10:54:12","http://107.149.220.104/02.08.2022.exe","offline","malware_download","censys|CobaltStrike|shellcode","107.149.220.104","107.149.220.104","398823","US"
"2024-12-13 10:36:10","http://107.149.220.104:8080/02.08.2022.exe","offline","malware_download","cobaltstrike","107.149.220.104","107.149.220.104","398823","US"
"2023-06-22 06:42:14","https://benigletechnologies.com/dol/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","benigletechnologies.com","38.63.224.183","398823","US"
"2023-06-20 11:46:44","https://benigletechnologies.com/deii/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","benigletechnologies.com","38.63.224.183","398823","US"
"2023-06-16 15:22:38","https://benigletechnologies.com/aiut/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","benigletechnologies.com","38.63.224.183","398823","US"
"2023-05-30 16:50:40","https://benigletechnologies.com/cieu/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2023-04-10 16:20:15","https://benigletechnologies.com/aip/aip.php","offline","malware_download","BB23|geofenced|Qakbot|Qbot|Quakbot|R89|tr|USA|wsf|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-12-22 21:14:18","https://benigletechnologies.com/INEU.php","offline","malware_download","B1|BB11|ISO|Qakbot|Qbot|Quakbot|TR|U22|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-12-20 17:10:32","https://benigletechnologies.com/da/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-12-19 16:24:41","https://benigletechnologies.com/tie/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-12-15 16:12:17","https://benigletechnologies.com/ua/index.php","offline","malware_download","BB10|E17|ISO|qakbot|qbot|quakbot|TR|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-12-06 23:04:18","http://benigletechnologies.com/nnom/index.php?QBOT.zip","offline","malware_download","BB09|qakbot|qbot|quakbot|TR|U12|VHD|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-12-06 17:22:40","https://benigletechnologies.com/nnom/index.php?QBOT.zip","offline","malware_download","BB09|qakbot|qbot|quakbot|TR|U12|VHD|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-11-22 16:31:47","https://benigletechnologies.com/tnau/index.php?qbot.zip","offline","malware_download","BB07|iso|qakbot|qbot|quakbot|TR|VX21|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-11-17 15:45:29","https://benigletechnologies.com/ra/index.php?qbot.zip","offline","malware_download","BB06|iso|qakbot|qbot|quakbot|SK16|TR|zip","benigletechnologies.com","38.63.224.183","398823","US"
"2022-07-05 00:39:05","http://zhivir.com/wp/g1bvvKyM/","offline","malware_download","dll|emotet|epoch4|Heodo","zhivir.com","38.173.111.86","398823","US"
"2022-06-13 16:35:06","http://zhivir.com/wp/yrqupT1QwXuRdX3/","offline","malware_download","dll|emotet|epoch5|heodo","zhivir.com","38.173.111.86","398823","US"
"2022-06-07 20:18:05","http://zhivir.com/wp/U/","offline","malware_download","emotet|epoch4|exe|heodo","zhivir.com","38.173.111.86","398823","US"
"2021-06-08 07:05:15","http://alligatortrekkingandsafaris.com/CX/XP_remcos%202021_ogBiNEKs50.bin","offline","malware_download","encrypted|GuLoader","alligatortrekkingandsafaris.com","38.6.115.157","398823","US"
"2021-06-07 06:44:11","http://alligatortrekkingandsafaris.com/CX/Frank%20nanoraw_gGxyEOMGm251.bin","offline","malware_download","encrypted|GuLoader","alligatortrekkingandsafaris.com","38.6.115.157","398823","US"
"2021-06-06 15:32:07","http://alligatortrekkingandsafaris.com/CX/mekino_MassloggerRAW_txomYi40.bin","offline","malware_download","encrypted|GuLoader","alligatortrekkingandsafaris.com","38.6.115.157","398823","US"
"2021-04-05 16:58:06","http://shidditourism.com/ds/0504.gif","offline","malware_download","b-TDS|dll|Gozi|ISFB|Ursnif","shidditourism.com","38.38.86.203","398823","US"
"2021-03-23 04:18:04","https://app.adsensearticle.com/subtitles/migrations/__pycache__/159.dll","offline","malware_download","dll|Trickbot","app.adsensearticle.com","38.63.225.239","398823","US"
"2020-10-01 01:46:12","http://hcrg.com.cn/temp/90m4ehxxtgy/ka8h23ffp/","offline","malware_download","doc|emotet|epoch2|Heodo","hcrg.com.cn","38.12.199.175","398823","US"
"2020-09-24 01:15:53","http://hcrg.com.cn/temp/OCT/sQ07IkTNn3OBBDp/","offline","malware_download","doc|emotet|epoch1|Heodo","hcrg.com.cn","38.12.199.175","398823","US"
"2020-09-18 00:07:05","https://shipin.xiaopbk.com/hnoz4/Scan/hv4mkcSzIF/","offline","malware_download","doc|emotet|epoch1|Heodo","shipin.xiaopbk.com","140.188.59.180","398823","US"
"2020-09-16 18:39:07","https://shipin.xiaopbk.com/hnoz4/swift/434mf636x/","offline","malware_download","doc|emotet|epoch2|Heodo","shipin.xiaopbk.com","140.188.59.180","398823","US"
"2020-09-16 07:47:06","https://houtai.xiaopbk.com/install/t0H/","offline","malware_download","emotet|epoch2|exe|Heodo","houtai.xiaopbk.com","140.188.59.180","398823","US"
"2020-09-15 23:31:37","https://yingshi.xiaopbk.com/vendor/docs/t2iynvcciuo0/kvlr13533462441cxgkregw142amqdq9/","offline","malware_download","doc|emotet|epoch2|Heodo","yingshi.xiaopbk.com","140.188.59.180","398823","US"
"2020-08-21 01:47:33","http://marketingdigitalhub.com/wp-includes/parts_service/","offline","malware_download","doc|emotet|epoch2|heodo","marketingdigitalhub.com","38.48.231.145","398823","US"
"2020-08-20 14:30:14","https://www.yikeyuedu.com/wp-includes/Zf/","offline","malware_download","emotet|epoch1|exe|Heodo","www.yikeyuedu.com","38.6.67.161","398823","US"
"2020-08-18 17:53:34","http://marketingdigitalhub.com/wp-includes/common-disk/f3ii5pr-euwbd1b1kgfjcqz-forum/ze2hd6x-85y3/","offline","malware_download","doc|emotet|epoch1|heodo","marketingdigitalhub.com","38.48.231.145","398823","US"
"2020-08-07 01:43:06","http://jantosam.com/awstats/qz0nc-a37c8-065/","offline","malware_download","doc|emotet|epoch3|Heodo|QuakBot","jantosam.com","140.188.57.198","398823","US"
"2020-06-09 08:07:58","http://earthmotherpublishing.com/whquhyefnwp/w/1VEoUQ4mL.zip","offline","malware_download","Qakbot|Quakbot|zip","earthmotherpublishing.com","38.173.153.249","398823","US"
"2020-06-08 19:07:05","http://earthmotherpublishing.com/whquhyefnwp/o5CpfJyvXx.zip","offline","malware_download","Qakbot|Quakbot|zip","earthmotherpublishing.com","38.173.153.249","398823","US"
"2020-06-08 18:06:19","http://earthmotherpublishing.com/whquhyefnwp/Q/Cw8xJJ5kt.zip","offline","malware_download","Qakbot|Quakbot|zip","earthmotherpublishing.com","38.173.153.249","398823","US"
"2020-06-08 18:05:18","http://earthmotherpublishing.com/hotlj/Nh/ML/g4ymyTgW.zip","offline","malware_download","Qakbot|Quakbot|zip","earthmotherpublishing.com","38.173.153.249","398823","US"
"2020-06-08 16:26:40","http://earthmotherpublishing.com/whquhyefnwp/RU/DO/tAd71cFl.zip","offline","malware_download","Qakbot|Quakbot|zip","earthmotherpublishing.com","38.173.153.249","398823","US"
"2020-06-08 16:23:15","http://earthmotherpublishing.com/hotlj/y/p9jaFFGEB.zip","offline","malware_download","Qakbot|Quakbot|zip","earthmotherpublishing.com","38.173.153.249","398823","US"
"2020-06-08 15:38:14","http://earthmotherpublishing.com/hotlj/5P9DEl2kdb.zip","offline","malware_download","Qakbot|Quakbot|zip","earthmotherpublishing.com","38.173.153.249","398823","US"
"2020-06-02 15:22:10","https://c9c6.com/wp-content/plugins/apikey/tmvscpygebct/Darlehensvertrag_3810_19052020.zip","offline","malware_download","qakbot|vbs|zip","c9c6.com","38.48.216.241","398823","US"
"2020-05-21 05:43:10","https://c9c6.com/wp-content/plugins/apikey/tmvscpygebct/639259/Darlehensvertrag_639259_19052020.zip","offline","malware_download","Qakbot|Quakbot|zip","c9c6.com","38.48.216.241","398823","US"
"2020-05-21 05:42:21","https://c9c6.com/wp-content/plugins/apikey/tmvscpygebct/Darlehensvertrag_42766_19052020.zip","offline","malware_download","Qakbot|Quakbot|zip","c9c6.com","38.48.216.241","398823","US"
"2020-02-05 18:33:09","http://nukumorinoie.com/nu_admin/statement/vidaw95s/f577918844bg1eatn7skdri/","offline","malware_download","doc|emotet|epoch2|heodo","nukumorinoie.com","38.173.109.85","398823","US"
"2020-01-28 05:32:09","http://www.changsa.com.cn/hvt/Overview/42r9y5/","offline","malware_download","doc|emotet|epoch2|Heodo","www.changsa.com.cn","38.6.108.149","398823","US"
"2020-01-23 19:02:25","http://www.changsa.com.cn/wp-admin/l7pz-qgj-54444/","offline","malware_download","doc|emotet|epoch3|Heodo","www.changsa.com.cn","38.6.108.149","398823","US"
"2020-01-16 14:00:14","http://di10.net/uploadfile/ueditor/image/20190301/10327905PDF.png","offline","malware_download","AgentTesla","di10.net","38.173.151.204","398823","US"
"2020-01-14 09:17:05","https://vlttrading.com/wp-content/FILE/e-372-180-7h09itz-xbxzix1tx5m/","offline","malware_download","doc|emotet|epoch2|Heodo","vlttrading.com","38.14.62.233","398823","US"
"2019-11-08 07:26:16","http://worldixam.com/wp-content/plugins/dir/ada.exe","offline","malware_download","exe|opendir","worldixam.com","38.6.100.101","398823","US"
"2019-11-08 07:26:13","http://worldixam.com/wp-content/plugins/dir/em.exe","offline","malware_download","exe|opendir","worldixam.com","38.6.100.101","398823","US"
"2019-11-08 07:26:11","http://worldixam.com/wp-content/plugins/dir/fbg.exe","offline","malware_download","exe|Loki|opendir","worldixam.com","38.6.100.101","398823","US"
"2019-11-08 07:26:09","http://worldixam.com/wp-content/plugins/dir/jl.exe","offline","malware_download","exe|opendir","worldixam.com","38.6.100.101","398823","US"
"2019-11-08 07:26:06","http://worldixam.com/wp-content/plugins/dir/jo.exe","offline","malware_download","exe|opendir","worldixam.com","38.6.100.101","398823","US"
"2019-10-30 11:50:20","https://tanilcosmetics.com/wp-content/9nl/","offline","malware_download","emotet|epoch2|exe|Heodo","tanilcosmetics.com","38.63.235.53","398823","US"
"2019-09-25 06:32:02","http://jslogo.cn/rlj7xe/wgyuo0_lkmp8b3k0-42/","offline","malware_download","emotet|epoch2|exe|heodo","jslogo.cn","38.165.99.3","398823","US"
"2019-03-08 19:41:03","http://applehomestay.com/p2xhlp5/z2hd-wo7nd-bkgx.view/","offline","malware_download","Emotet|Heodo","applehomestay.com","38.12.246.222","398823","US"
"2019-01-16 15:19:26","http://firstoptionstrading.com/mDSN-CD_fuAJQ-7I/US89/invoicing/US/053-70-938322-852-053-70-938322-913/","offline","malware_download","emotet|epoch2|Heodo","firstoptionstrading.com","38.173.141.102","398823","US"
"2018-11-06 15:33:20","http://fd-interior.com/sitefiles/032ODAQQ/oamo/Commercial/","offline","malware_download","doc|emotet|epoch2|Heodo","fd-interior.com","38.6.82.49","398823","US"
"2018-11-06 10:24:10","http://fd-interior.com/sitefiles/032ODAQQ/oamo/Commercial","offline","malware_download","doc|emotet|Heodo","fd-interior.com","38.6.82.49","398823","US"
"2018-09-06 20:17:02","http://wolnow.com/1149QUDBD/ACH/Business/","offline","malware_download","doc|Heodo","wolnow.com","38.38.92.238","398823","US"
"2018-09-05 14:21:15","http://wolnow.com/1149QUDBD/ACH/Business","offline","malware_download","doc|emotet|Heodo","wolnow.com","38.38.92.238","398823","US"
"2018-08-15 02:31:13","http://emailmarketingsurvey.com/wp-content/uploads/sites/En/Past-Due-Invoices/Pay-Invoice/","offline","malware_download","doc|emotet|Heodo","emailmarketingsurvey.com","38.63.251.106","398823","US"
"2018-08-14 22:49:48","http://emailmarketingsurvey.com/wp-content/uploads/sites/En/Past-Due-Invoices/Pay-Invoice","offline","malware_download","doc|emotet|Heodo","emailmarketingsurvey.com","38.63.251.106","398823","US"
"2018-08-09 05:15:11","http://emailmarketingsurvey.com/wp-content/uploads/49CYDOC/XNJ171804460EYCM/Aug-08-2018-144907781/WXM-INWN-Aug-08-2018/","offline","malware_download","doc|emotet|Heodo","emailmarketingsurvey.com","38.63.251.106","398823","US"
"2018-08-09 05:15:09","http://emailmarketingsurvey.com/wp-content/uploads/49CYDOC/XNJ171804460EYCM/Aug-08-2018-144907781/WXM-INWN-Aug-08-2018","offline","malware_download","doc|emotet|Heodo","emailmarketingsurvey.com","38.63.251.106","398823","US"
"2018-07-10 10:09:05","http://www.lifein.com.cn/wp-admin/PhYX2j/","offline","malware_download","emotet|exe|heodo","www.lifein.com.cn","38.12.247.3","398823","US"
"2018-07-03 02:04:17","http://lifein.com.cn/En/STATUS/Invoice-4806641/","offline","malware_download","doc|emotet|epoch2|Heodo","lifein.com.cn","38.12.247.3","398823","US"
"2018-06-30 06:22:58","http://www.maxolev.com/STATUS/invoice","offline","malware_download","emotet|heodo","www.maxolev.com","38.63.236.97","398823","US"
"2018-06-30 06:08:41","http://maxolev.com/STATUS/invoice","offline","malware_download","emotet|heodo","maxolev.com","38.63.236.97","398823","US"
"2018-06-28 03:06:14","http://www.maxolev.com/STATUS/invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","www.maxolev.com","38.63.236.97","398823","US"
"2018-06-27 15:02:05","http://maxolev.com/STATUS/invoice/","offline","malware_download","Heodo","maxolev.com","38.63.236.97","398823","US"
"2018-06-15 00:25:09","http://acghope.com/Rechnung/","offline","malware_download","Heodo","acghope.com","38.38.86.253","398823","US"
"2018-04-03 12:02:04","http://dingshengjs.com/xerox/Invoice-number-81819772/","offline","malware_download","#emotet doc downloader","dingshengjs.com","38.48.193.44","398823","US"
# of entries: 76