############################################################################## # URLhaus ASN CSV Feed # # Generated on 2025-11-19 06:03:18 UTC # # # # For questions please refer to: # # https://urlhaus.abuse.ch/feeds/ # ############################################################################## # # Feed generated for AS55286 # # Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country "2024-11-04 03:50:07","http://108.165.228.115/obfuscated.exe","offline","malware_download","32|exe|ShikataGaNai","108.165.228.115","108.165.228.115","55286","US" "2024-11-03 15:06:13","http://108.165.228.115/termo.pdf.exe","offline","malware_download","exe|opendir","108.165.228.115","108.165.228.115","55286","US" "2024-08-05 14:35:12","http://38.62.245.50/contract_file.html","offline","malware_download","","38.62.245.50","38.62.245.50","55286","US" "2024-07-04 06:19:08","http://38.153.61.199/efKCeyHQjGedaNngrAad42.bin","offline","malware_download","encrypted|GuLoader","38.153.61.199","38.153.61.199","55286","US" "2024-06-26 12:15:11","http://38.153.61.199/UKlXozn31.bin","offline","malware_download","encrypted|GuLoader","38.153.61.199","38.153.61.199","55286","US" "2024-06-25 05:13:04","http://38.153.61.199/iMoZqIHPvd241.bin","offline","malware_download","encrypted|GuLoader","38.153.61.199","38.153.61.199","55286","US" "2024-06-16 09:03:18","http://38.153.61.61:9080/DXJS.zip","offline","malware_download","Fake-Invoice-Campaign","38.153.61.61","38.153.61.61","55286","US" "2024-06-16 09:03:17","http://38.153.61.61:9080/YBGD.pdf","offline","malware_download","Fake-Invoice-Campaign","38.153.61.61","38.153.61.61","55286","US" "2024-06-16 09:03:12","http://38.153.61.61:9080/5tbsssxa.lnk","offline","malware_download","Fake-Invoice-Campaign","38.153.61.61","38.153.61.61","55286","US" "2024-06-16 09:03:10","http://38.153.61.61:9080/new.bat","offline","malware_download","Fake-Invoice-Campaign","38.153.61.61","38.153.61.61","55286","US" "2024-06-16 09:03:10","http://38.153.61.61:9080/startuppp.cmd","offline","malware_download","Fake-Invoice-Campaign","38.153.61.61","38.153.61.61","55286","US" "2024-05-23 05:59:11","http://38.62.245.120/XytiEsGVWJPs243.bin","offline","malware_download","encryptede|GuLoader","38.62.245.120","38.62.245.120","55286","US" "2024-05-23 05:59:05","http://38.153.61.199/QgSCbsMyS221.bin","offline","malware_download","encrypted|GuLoader","38.153.61.199","38.153.61.199","55286","US" "2024-05-22 14:58:07","http://38.15.131.137/UqSMPUzbGBughO230.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","38.15.131.137","38.15.131.137","55286","US" "2024-05-14 06:55:07","http://38.15.131.216/xDiAqOwvPZdOa69.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","38.15.131.216","38.15.131.216","55286","US" "2023-10-18 06:43:18","https://amv2.org/oe/","offline","malware_download","Pikabot|TA577|TR","amv2.org","192.241.101.140","55286","US" "2023-10-10 08:55:39","https://amv2.org/ecc/","offline","malware_download","DarkGate|TA577|tr","amv2.org","192.241.101.140","55286","US" "2023-09-13 07:39:06","http://23.236.203.81/gEUBYPspBNL33.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","23.236.203.81","23.236.203.81","55286","US" "2023-09-12 07:13:04","http://38.170.239.55/jboNAWg228.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","38.170.239.55","38.170.239.55","55286","US" "2023-09-05 13:34:07","http://38.170.239.55/nzPDfjnM163.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","38.170.239.55","38.170.239.55","55286","US" "2023-09-05 13:34:07","http://38.170.239.55/yLnlpitQetpDvUzcfFs54.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","38.170.239.55","38.170.239.55","55286","US" "2023-04-05 13:03:10","http://23.236.169.237/cv/rt.txt","offline","malware_download","","23.236.169.237","23.236.169.237","55286","US" "2023-02-13 02:08:05","http://38.153.157.57/412/vbc.exe","offline","malware_download","32|exe|SnakeKeylogger","38.153.157.57","38.153.157.57","55286","US" "2023-02-09 05:59:05","http://38.153.157.57/411/vbc.exe","offline","malware_download","32|exe|SnakeKeylogger","38.153.157.57","38.153.157.57","55286","US" "2023-02-09 05:23:04","http://38.153.157.57/13.doc","offline","malware_download","AgentTesla|rtf","38.153.157.57","38.153.157.57","55286","US" "2023-02-08 19:21:18","http://209.127.19.155:5870/Vre","offline","malware_download","Vjw0rm","209.127.19.155","209.127.19.155","55286","CA" "2023-02-08 19:01:06","http://38.153.157.57/214/vbc.exe","offline","malware_download","exe|opendir|SnakeKeylogger","38.153.157.57","38.153.157.57","55286","US" "2023-02-04 04:58:05","http://38.153.157.57/76/vbc.exe","offline","malware_download","32|exe|Formbook","38.153.157.57","38.153.157.57","55286","US" "2023-02-02 11:30:07","http://38.153.157.57/138/vbc.exe","offline","malware_download","SnakeKeylogger","38.153.157.57","38.153.157.57","55286","US" "2023-02-02 06:59:10","http://38.153.157.57/212/vbc.exe","offline","malware_download","AgentTesla|exe","38.153.157.57","38.153.157.57","55286","US" "2022-11-21 09:46:46","http://198.20.177.229:444/img01.png","offline","malware_download","ascii|AsyncRAT|PowerShell|ps|RAT","198.20.177.229","198.20.177.229","55286","US" "2022-11-01 19:34:05","http://192.186.183.139/TreasuryDept/LoanServiceCharge$.js","offline","malware_download","ascii|opendir|PowerShell|ps","192.186.183.139","192.186.183.139","55286","US" "2022-11-01 19:34:05","http://192.186.183.139/TreasuryDept/SmallBusinessLoans$.js","offline","malware_download","ascii|opendir|PowerShell|ps","192.186.183.139","192.186.183.139","55286","US" "2022-11-01 19:33:06","http://192.186.183.139/LoansDept/PropertyLoans.jpg","offline","malware_download","ascii|opendir|PowerShell|ps|RAT|RemcosRAT","192.186.183.139","192.186.183.139","55286","US" "2022-11-01 19:33:05","http://192.186.183.139/PolicyDept/CompoundInterest.txt","offline","malware_download","ascii|opendir|PowerShell|ps|RAT|RemcosRAT","192.186.183.139","192.186.183.139","55286","US" "2022-10-22 06:42:06","http://192.186.183.139/LoansDept/HousingLoans.jpg","offline","malware_download","opendir|RAT|RemcosRAT","192.186.183.139","192.186.183.139","55286","US" "2022-10-22 06:42:05","http://192.186.183.139/PolicyDept/LoansT&C.txt","offline","malware_download","opendir|RAT|RemcosRAT","192.186.183.139","192.186.183.139","55286","US" "2022-09-28 16:25:11","http://209.127.20.13/ade.jpg","offline","malware_download","","209.127.20.13","209.127.20.13","55286","CA" "2022-09-28 16:25:06","http://209.127.20.13/goa.jpg","offline","malware_download","","209.127.20.13","209.127.20.13","55286","CA" "2022-09-28 16:25:04","http://209.127.20.13/goat.txt","offline","malware_download","RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-09-28 16:25:04","http://209.127.20.13/woke.js","offline","malware_download","RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-09-22 10:36:05","http://209.127.20.13/favicon.ico","offline","malware_download","","209.127.20.13","209.127.20.13","55286","CA" "2022-09-22 10:36:04","http://209.127.20.13/adec.txt","offline","malware_download","","209.127.20.13","209.127.20.13","55286","CA" "2022-09-22 06:14:05","http://209.127.20.13/boop.txt","offline","malware_download","ascii|PowerShell|ps1|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-09-22 06:14:04","http://209.127.20.13/jubile.js","offline","malware_download","ascii|js|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-09-22 06:13:29","http://209.127.20.13/boo.jpg","offline","malware_download","ascii|PowerShell|ps|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-09-15 18:17:28","http://209.127.20.13/tim.jpg","offline","malware_download","RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-09-15 18:17:05","http://209.127.20.13/time.txt","offline","malware_download","RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-09-13 06:34:33","http://209.127.20.13/fit.jpg","offline","malware_download","ascii|PowerShell|ps|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-09-13 06:34:05","http://209.127.20.13/fitac.txt","offline","malware_download","ascii|encoded|PowerShell|ps|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-08-26 06:45:27","http://209.127.20.13/remit.jpg","offline","malware_download","ascii|PowerShell|ps|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-08-26 06:45:04","http://209.127.20.13/firm.txt","offline","malware_download","ascii|PowerShell|ps|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-08-17 06:24:05","http://209.127.20.13/max.jpg","offline","malware_download","ascii|PowerShell|ps|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-08-17 06:24:05","http://209.127.20.13/maxa.txt","offline","malware_download","ascii|PowerShell|ps|RAT|RemcosRAT","209.127.20.13","209.127.20.13","55286","CA" "2022-08-17 06:24:05","http://209.127.20.13/maxine.vbs","offline","malware_download","ascii|RAT|RemcosRAT|vbs","209.127.20.13","209.127.20.13","55286","CA" "2022-07-01 13:34:05","https://oud-fit.nl/wp-admin/YxJGcfwvk/","offline","malware_download","dll|emotet|epoch4|heodo","oud-fit.nl","192.198.127.162","55286","US" "2022-06-14 08:25:34","http://23.229.34.114/Dnyshzq_Urrkrtqa.png","offline","malware_download","encrypted|NanoCore|RAT","23.229.34.114","23.229.34.114","55286","US" "2022-06-13 07:05:06","http://23.229.34.114/Rtjry_Dhnvsxtb.bmp","offline","malware_download","encrypted","23.229.34.114","23.229.34.114","55286","US" "2022-06-12 19:35:05","http://23.229.34.114/fudge.exe","offline","malware_download","32|exe|NanoCore","23.229.34.114","23.229.34.114","55286","US" "2022-06-12 14:07:04","http://23.229.34.114/Yvydof_Tpsvzogq.jpg","offline","malware_download","encrypted|NanoCore","23.229.34.114","23.229.34.114","55286","US" "2022-06-02 16:58:33","http://209.127.19.101/sweep.vbs","offline","malware_download","Remcos|vbs","209.127.19.101","209.127.19.101","55286","CA" "2022-04-08 19:31:08","http://209.127.19.101/lundi.jpg","offline","malware_download","exe","209.127.19.101","209.127.19.101","55286","CA" "2022-04-08 19:24:03","http://209.127.19.101/mardi.txt","offline","malware_download","ps1","209.127.19.101","209.127.19.101","55286","CA" "2022-04-08 19:12:04","http://209.127.19.101/vendredi.vbs","offline","malware_download","vbs","209.127.19.101","209.127.19.101","55286","CA" "2022-03-22 19:33:03","http://209.127.19.101/win.vbs","offline","malware_download","Remcos|RemcosRAT|vbs","209.127.19.101","209.127.19.101","55286","CA" "2022-03-22 17:41:04","http://209.127.19.101/kif.jpg","offline","malware_download","PowerShell|ps|RAT|RemcosRAT","209.127.19.101","209.127.19.101","55286","CA" "2022-03-22 17:41:03","http://209.127.19.101/pit.txt","offline","malware_download","ascii|PowerShell|ps|RAT|RemcosRAT","209.127.19.101","209.127.19.101","55286","CA" "2022-03-03 17:09:03","http://209.127.19.101/regm.vbs","offline","malware_download","Remcos-Dropper","209.127.19.101","209.127.19.101","55286","CA" "2022-03-03 17:08:05","http://209.127.19.101/asm.jpg","offline","malware_download","Remcos","209.127.19.101","209.127.19.101","55286","CA" "2022-02-10 17:00:04","http://209.127.20.130/tech.jpg","offline","malware_download","","209.127.20.130","209.127.20.130","55286","CA" "2022-02-07 20:37:31","http://209.127.19.101/invoice.jpg","offline","malware_download","ascii|encoded|RAT|RemcosRAT","209.127.19.101","209.127.19.101","55286","CA" "2021-12-16 09:12:05","http://209.127.19.133/biggi1.jpg","offline","malware_download","AgentTesla|ascii","209.127.19.133","209.127.19.133","55286","CA" "2021-11-13 08:10:05","http://hydro-power-plant.com/prods_mZmv3g__L2j9y9nq93p/Soft_CP/tK9mduyBPQVh9gvP.exe","offline","malware_download","AgentTesla|exe","hydro-power-plant.com","38.62.235.85","55286","US" "2021-11-13 08:09:11","http://hydro-power-plant.com/Install__Me/ShareFolder.exe","offline","malware_download","AgentTesla|exe","hydro-power-plant.com","38.62.235.85","55286","US" "2021-11-04 10:22:05","http://23.229.29.54/toto.exe","offline","malware_download","Danabot|exe","23.229.29.54","23.229.29.54","55286","US" "2021-10-11 07:14:05","http://209.127.78.27/CCle.exe","offline","malware_download","ArkeiStealer|RedLineStealer","209.127.78.27","209.127.78.27","55286","CA" "2021-10-08 04:26:04","http://209.127.78.26/browsercleaner3.exe","offline","malware_download","32|Babadeda|exe","209.127.78.26","209.127.78.26","55286","CA" "2021-10-08 04:26:04","http://209.127.78.26/CCle.exe","offline","malware_download","32|ArkeiStealer|exe|RedLineStealer","209.127.78.26","209.127.78.26","55286","CA" "2021-10-08 03:59:05","http://209.127.78.26/Sunbathers.exe","offline","malware_download","32|ArkeiStealer|exe","209.127.78.26","209.127.78.26","55286","CA" "2021-09-20 19:34:05","http://209.127.78.26/Igno.exe","offline","malware_download","ArkeiStealer","209.127.78.26","209.127.78.26","55286","CA" "2021-09-01 07:02:06","http://23.229.29.39/bathosts.exe","offline","malware_download","32|DanaBot|exe","23.229.29.39","23.229.29.39","55286","US" "2021-08-21 22:46:05","http://192.210.222.84/tepserv.exe","offline","malware_download","32|DanaBot|exe|FickerStealer","192.210.222.84","192.210.222.84","55286","US" "2021-07-17 09:11:05","http://23.229.29.42/cvhost.exe","offline","malware_download","32|DanaBot|exe|FickerStealer","23.229.29.42","23.229.29.42","55286","US" "2021-05-10 17:50:04","http://192.186.183.130/ts/909t5HXsDn4QMY6OB0I8tfpOT0N4FPGKuw~~/40PRbE-lUJTVQYhwM4WoZD6MyfeLT3GeSA~~/","offline","malware_download","","192.186.183.130","192.186.183.130","55286","US" "2020-10-19 06:01:03","http://172.245.205.123/Jailed.sh","offline","malware_download","script","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:06","http://172.245.205.123/bins/Astra.mpsl","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:03","http://172.245.205.123/bins/Astra.arm","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:03","http://172.245.205.123/bins/Astra.arm5","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:03","http://172.245.205.123/bins/Astra.arm6","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:03","http://172.245.205.123/bins/Astra.m68k","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:03","http://172.245.205.123/bins/Astra.mips","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:03","http://172.245.205.123/bins/Astra.ppc","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:03","http://172.245.205.123/bins/Astra.sh4","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 17:03:03","http://172.245.205.123/bins/Astra.x32","offline","malware_download","elf","172.245.205.123","172.245.205.123","55286","US" "2020-10-18 16:34:04","http://172.245.205.123/bins/Astra.x86","offline","malware_download","32-bit|ELF|x86-32","172.245.205.123","172.245.205.123","55286","US" "2019-12-26 23:30:26","http://lobstermentours.com/Scan37712.doc","offline","malware_download","doc|PredatorStealer","lobstermentours.com","23.229.65.36","55286","US" "2019-12-26 23:30:23","http://lobstermentours.com/Scan363358.doc","offline","malware_download","doc|PredatorStealer","lobstermentours.com","23.229.65.36","55286","US" "2019-05-22 20:50:34","http://www.virtualupload.org/uconfig.php?a=down&file=OaQ4LB4fvm&name=xforx.exe","offline","malware_download","exe","www.virtualupload.org","192.157.56.139","55286","US" "2019-05-02 17:25:06","http://blog.refa24.com/TEST777/secure.myaccount.resourses.net/","offline","malware_download","doc|emotet|epoch1|Heodo","blog.refa24.com","192.157.56.142","55286","US" "2019-03-13 13:15:07","http://ryanprest.com/cgi-bin/jmEoN/","offline","malware_download","emotet|epoch1|Heodo","ryanprest.com","192.67.255.236","55286","CA" "2019-03-12 21:55:11","http://www.ryanprest.com/cgi-bin/jmEoN/","offline","malware_download","emotet|epoch1|exe|Heodo","www.ryanprest.com","192.67.255.236","55286","CA" "2019-03-06 16:44:21","http://www.ryanprest.com/cgi-bin/sendincencrypt/messages/ios/EN/201903/","offline","malware_download","emotet|epoch1|Heodo","www.ryanprest.com","192.67.255.236","55286","CA" "2019-03-06 15:15:09","http://ryanprest.com/cgi-bin/sendincencrypt/messages/ios/EN/201903/","offline","malware_download","Emotet|Heodo","ryanprest.com","192.67.255.236","55286","CA" "2018-06-14 05:58:08","http://scorpioncontrollers.com/STATUS/527451","offline","malware_download","doc|emotet|Heodo","scorpioncontrollers.com","192.67.255.86","55286","CA" "2018-06-11 23:40:06","http://www.scorpioncontrollers.com/IRS-Accounts-Transcipts-118/","offline","malware_download","doc|emotet|epoch1|Formbook|Heodo","www.scorpioncontrollers.com","192.67.255.86","55286","CA" # of entries: 105