##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-20 00:51:55 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS63052
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2020-11-23 18:53:13","http://216.170.126.121/hkcmd/vbc.exe","offline","malware_download","AgentTesla|exe|Formbook","216.170.126.121","216.170.126.121","63052","CA"
"2020-10-27 12:58:04","http://216.170.126.109/doc/lilbaa.exe","offline","malware_download","404Keylogger|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-27 12:58:04","http://216.170.126.109/doc/tallest.exe","offline","malware_download","AgentTesla|exe|opendir","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-26 07:19:05","http://216.170.126.109/doc/friend.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-26 07:19:05","http://216.170.126.109/doc/info.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-24 06:13:05","http://216.170.126.109/doc/svch.exe","offline","malware_download","AgentTesla|exe|opendir","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-23 17:35:11","http://216.170.126.109/doc/vbc.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-21 10:18:04","http://216.170.126.109/ranger.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-20 14:53:07","http://216.170.126.109/ref.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-19 11:20:10","http://216.170.126.109/kap.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-16 12:37:13","http://216.170.126.109/nna.exe","offline","malware_download","AgentTesla","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-15 07:45:05","http://216.170.126.109/moni.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-12 14:31:04","http://216.170.126.109/cr.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-12 05:40:06","http://216.170.126.109/fran.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-10-08 11:12:05","http://216.170.126.109/mo.exe","offline","malware_download","AgentTesla|exe","216.170.126.109","216.170.126.109","63052","CA"
"2020-07-17 14:05:04","http://216.170.126.102/saintfb.exe","offline","malware_download","exe|FormBook","216.170.126.102","216.170.126.102","63052","CA"
"2020-07-10 09:49:05","http://216.170.126.102/file.exe","offline","malware_download","AgentTesla|exe","216.170.126.102","216.170.126.102","63052","CA"
"2020-05-29 07:27:34","http://irequestyoutopleaseadviseonthepayment.duckdns.org/invoice.doc","offline","malware_download","doc","irequestyoutopleaseadviseonthepayment.duckdns.org","216.170.126.22","63052","CA"
"2020-05-19 23:38:33","http://egbukachidieberedanielsgdmonni.duckdns.org/svchost.exe","offline","malware_download","AgentTesla|exe","egbukachidieberedanielsgdmonni.duckdns.org","216.170.126.22","63052","CA"
"2020-05-18 07:23:02","http://irequestyoutopleaseadviseonthepayment.duckdns.org/win32.exe","offline","malware_download","AgentTesla","irequestyoutopleaseadviseonthepayment.duckdns.org","216.170.126.22","63052","CA"
"2020-05-13 20:34:09","http://irequestyoutopleaseadviseonthepayment.duckdns.org/explore.exe","offline","malware_download","AgentTesla|exe","irequestyoutopleaseadviseonthepayment.duckdns.org","216.170.126.22","63052","CA"
"2020-05-13 16:34:31","http://irequestyoutopleaseadviseonthepayment.duckdns.org/vbc.exe","offline","malware_download","AgentTesla|exe","irequestyoutopleaseadviseonthepayment.duckdns.org","216.170.126.22","63052","CA"
"2020-03-18 10:45:05","http://egbukachidieberedanielsgdmonni.duckdns.org/vbc.exe","offline","malware_download","AgentTesla|exe|GuLoader","egbukachidieberedanielsgdmonni.duckdns.org","216.170.126.22","63052","CA"
"2020-02-27 14:38:06","http://egbukachidieberedanielsgdmonni.duckdns.org/win32.exe","offline","malware_download","AgentTesla|exe","egbukachidieberedanielsgdmonni.duckdns.org","216.170.126.22","63052","CA"
"2020-02-25 13:58:06","http://chnwsdy3threewealthandreinforcementagenc.duckdns.org/secure/svchost.pdf","offline","malware_download","exe|Loki","chnwsdy3threewealthandreinforcementagenc.duckdns.org","216.170.126.141","63052","CA"
"2020-02-24 13:21:04","http://216.170.126.164/document/vbc.exe","offline","malware_download","exe|FormBook","216.170.126.164","216.170.126.164","63052","CA"
"2020-02-21 10:03:16","http://chnwsdyglobalwealthandreinforcementagenc.duckdns.org/secure/svchost.exe","offline","malware_download","AgentTesla|exe|FormBook|Loki","chnwsdyglobalwealthandreinforcementagenc.duckdns.org","216.170.126.141","63052","CA"
"2020-02-21 07:20:08","http://chnwsdy3threewealthandreinforcementagenc.duckdns.org/secure/svchost.exe","offline","malware_download","AgentTesla|exe|FormBook|Loki","chnwsdy3threewealthandreinforcementagenc.duckdns.org","216.170.126.141","63052","CA"
"2020-02-11 07:52:12","http://egbukachidieberedanielsgdmonni.duckdns.org/moni.exe","offline","malware_download","exe","egbukachidieberedanielsgdmonni.duckdns.org","216.170.126.22","63052","CA"
"2019-10-29 07:27:08","http://jxj.duckdns.org/j/bb.msi","offline","malware_download","exe","jxj.duckdns.org","216.170.126.152","63052","CA"
"2019-10-29 07:27:06","http://jxj.duckdns.org/j/fs.msi","offline","malware_download","exe","jxj.duckdns.org","216.170.126.152","63052","CA"
"2019-10-25 07:49:07","http://jxj.duckdns.org/j/fi.msi","offline","malware_download","exe","jxj.duckdns.org","216.170.126.152","63052","CA"
"2019-10-25 07:49:04","http://jxj.duckdns.org/j/mi.msi","offline","malware_download","exe","jxj.duckdns.org","216.170.126.152","63052","CA"
"2019-09-16 20:37:05","http://216.170.119.12/successneww.exe","offline","malware_download","AgentTesla|exe","216.170.119.12","216.170.119.12","63052","CA"
"2019-08-11 06:05:07","http://216.170.126.120/qwertyuba.exe","offline","malware_download","AgentTesla|exe","216.170.126.120","216.170.126.120","63052","CA"
"2019-08-11 06:01:04","http://216.170.126.120/blackqwerty.exe","offline","malware_download","exe","216.170.126.120","216.170.126.120","63052","CA"
"2019-08-03 07:49:03","http://216.170.126.120/qwertyjae.exe","offline","malware_download","AgentTesla|exe","216.170.126.120","216.170.126.120","63052","CA"
"2019-08-02 17:33:04","http://216.170.126.120/qwerty22.exe","offline","malware_download","agenttesla|exe|rat","216.170.126.120","216.170.126.120","63052","CA"
"2019-07-11 13:44:05","http://216.170.119.6/1.exe","offline","malware_download","exe","216.170.119.6","216.170.119.6","63052","CA"
"2019-07-02 14:28:09","http://216.170.126.106/win32.exe","offline","malware_download","Formbook|NanoCore","216.170.126.106","216.170.126.106","63052","CA"
"2019-06-26 12:10:07","http://joeing.duckdns.org/joe/uk.msi","offline","malware_download","","joeing.duckdns.org","216.170.126.152","63052","CA"
"2019-06-26 12:10:06","http://joeing.duckdns.org/joe/ugo.msi","offline","malware_download","","joeing.duckdns.org","216.170.126.152","63052","CA"
"2019-06-26 12:10:05","http://joeing.duckdns.org/joe/t.msi","offline","malware_download","","joeing.duckdns.org","216.170.126.152","63052","CA"
"2019-06-26 12:10:04","http://joeing.duckdns.org/joe/sum.msi","offline","malware_download","","joeing.duckdns.org","216.170.126.152","63052","CA"
"2019-06-26 12:09:03","http://joeing.duckdns.org/joe/bin.exe","offline","malware_download","FormBook","joeing.duckdns.org","216.170.126.152","63052","CA"
"2019-06-19 19:58:07","http://joeing.duckdns.org/joe/onye.msi","offline","malware_download","msi|opendir","joeing.duckdns.org","216.170.126.152","63052","CA"
"2019-06-19 19:58:06","http://joeing.duckdns.org/joe/13.msi","offline","malware_download","","joeing.duckdns.org","216.170.126.152","63052","CA"
"2019-06-19 19:58:06","http://joeing.duckdns.org/joe/cal.exe","offline","malware_download","","joeing.duckdns.org","216.170.126.152","63052","CA"
"2019-06-18 19:51:04","http://check511.duckdns.org/c/kk.exe","offline","malware_download","exe|FormBook","check511.duckdns.org","216.170.119.156","63052","CA"
"2019-06-18 16:28:04","http://216.170.119.156/c/kk.exe","offline","malware_download","exe|FormBook","216.170.119.156","216.170.119.156","63052","CA"
"2019-06-18 16:27:04","http://216.170.119.156/b/2.exe","offline","malware_download","exe","216.170.119.156","216.170.119.156","63052","CA"
"2019-06-18 16:25:04","http://216.170.119.156/a/1.exe","offline","malware_download","exe|FormBook","216.170.119.156","216.170.119.156","63052","CA"
"2019-06-14 22:59:09","http://check511.duckdns.org/min/m.exe","offline","malware_download","exe|FormBook","check511.duckdns.org","216.170.119.156","63052","CA"
"2019-06-14 16:28:04","http://check511.duckdns.org/21/maf.exe","offline","malware_download","exe","check511.duckdns.org","216.170.119.156","63052","CA"
"2019-04-30 04:48:04","http://216.170.119.131/chris/stub.exe","offline","malware_download","Emotet|exe|Heodo|NanoCore|NetWire","216.170.119.131","216.170.119.131","63052","CA"
"2019-02-04 00:01:09","http://216.170.126.142/bin/ca.exe","offline","malware_download","exe|NetWire|payload|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-03 23:59:04","http://216.170.126.142/bin/crypt.js","offline","malware_download","javascript|js|loader","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-03 23:58:03","http://216.170.126.142/bin/wm.js","offline","malware_download","javascript|js|loader","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 22:03:03","http://216.170.126.142/bin/nwd.exe","offline","malware_download","exe|payload|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:14","http://216.170.126.142/bin/ori.exe","offline","malware_download","AgentTesla|doc|exe|js|loader|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:12","http://216.170.126.142/bin/nw.exe","offline","malware_download","doc|exe|js|loader|NetWire|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:11","http://216.170.126.142/bin/nd.exe","offline","malware_download","doc|exe|js|loader|Loki|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:10","http://216.170.126.142/bin/lo.exe","offline","malware_download","doc|exe|js|loader|Loki|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:09","http://216.170.126.142/bin/dh.exe","offline","malware_download","doc|exe|js|loader|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:08","http://216.170.126.142/bin/cr.exe","offline","malware_download","doc|exe|js|loader|Loki|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:06","http://216.170.126.142/bin/cas.exe","offline","malware_download","doc|exe|js|loader|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:05","http://216.170.126.142/bin/build_outputDD3E47F.exe","offline","malware_download","doc|exe|js|loader|Loki|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:04","http://216.170.126.142/bin/VN00720ORI.doc","offline","malware_download","doc|exe|js|loader|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:04","http://216.170.126.142/bin/VN00720Q10.doc","offline","malware_download","doc|exe|js|loader|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:03","http://216.170.126.142/bin/RFQ0035417.doc","offline","malware_download","doc|exe|js|loader|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2019-02-01 03:14:03","http://216.170.126.142/bin/Sales-Advice-NSW.doc","offline","malware_download","doc|exe|js|loader|payload|stage1|stage2","216.170.126.142","216.170.126.142","63052","CA"
"2018-08-28 17:54:21","http://216.170.126.114/chu/chu.exe","offline","malware_download","exe|Formbook","216.170.126.114","216.170.126.114","63052","CA"
"2018-08-28 10:45:38","http://216.170.126.114/curry/curry.exe","offline","malware_download","exe|Formbook|Trickbot","216.170.126.114","216.170.126.114","63052","CA"
"2018-08-14 16:45:10","http://216.170.126.114/cur/cur.exe","offline","malware_download","Emotet|exe|Formbook","216.170.126.114","216.170.126.114","63052","CA"
"2018-08-14 16:45:09","http://216.170.126.114/mamez/mamez.exe","offline","malware_download","Emotet|exe|Formbook|Heodo","216.170.126.114","216.170.126.114","63052","CA"
"2018-07-24 10:45:10","http://216.170.119.154/ojjj/ojjj.exe","offline","malware_download","exe|Formbook|Pony","216.170.119.154","216.170.119.154","63052","CA"
"2018-07-19 22:44:58","http://216.170.119.154/cur/cur.exe","offline","malware_download","exe|Formbook|Pony","216.170.119.154","216.170.119.154","63052","CA"
"2018-07-06 04:45:08","http://216.170.119.154/mamez/mamez.exe","offline","malware_download","exe|Formbook|Pony","216.170.119.154","216.170.119.154","63052","CA"
"2018-07-04 22:45:05","http://216.170.119.154/man/man.exe","offline","malware_download","exe|Formbook|Pony","216.170.119.154","216.170.119.154","63052","CA"
"2018-05-26 16:44:32","http://216.170.126.16/1111.exe","offline","malware_download","Azorult|exe","216.170.126.16","216.170.126.16","63052","CA"
# of entries: 80