##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 01:19:00 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS12637
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2024-04-30 04:50:07","https://www.ferentino.org/wp-content/plugins/share-private-fls/shared","offline","malware_download","Latrodectus","www.ferentino.org","217.64.195.228","12637","IT"
"2024-01-17 14:09:07","https://zampieri1949.com/Adobe/Adobe-Reader-v8.0-latest-installer.7z","offline","malware_download","Formbook|GuLoader","zampieri1949.com","185.220.244.38","12637","CH"
"2023-10-23 15:48:35","http://garavellofigli.com/nls/","offline","malware_download","TA577|TR","garavellofigli.com","185.220.245.24","12637","CH"
"2023-10-23 15:46:05","https://garavellofigli.com/nls/","offline","malware_download","TA577|TR","garavellofigli.com","185.220.245.24","12637","CH"
"2022-09-28 18:07:45","https://negoziofiscale.it/uq/isqieuu","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","negoziofiscale.it","185.220.245.16","12637","CH"
"2022-09-28 18:07:42","https://negoziofiscale.it/uq/eintusm","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","negoziofiscale.it","185.220.245.16","12637","CH"
"2022-09-28 18:07:42","https://negoziofiscale.it/uq/utnqeirssmooncau","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","negoziofiscale.it","185.220.245.16","12637","CH"
"2022-09-28 18:07:41","https://negoziofiscale.it/uq/eeoqltiaumissa","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","negoziofiscale.it","185.220.245.16","12637","CH"
"2022-01-26 23:09:06","https://bluwom-milano.com/wp-content/FEj3y4z/","offline","malware_download","dll|emotet|epoch5|heodo","bluwom-milano.com","212.25.183.231","12637","IT"
"2021-09-23 01:14:14","http://demo.isisto.it/unrolled.php","offline","malware_download","doc|hancitor|html","demo.isisto.it","85.94.207.168","12637","IT"
"2021-09-23 01:14:07","http://demo.isisto.it/bottoming.php","offline","malware_download","doc|hancitor|html","demo.isisto.it","85.94.207.168","12637","IT"
"2021-09-23 01:14:04","http://demo.isisto.it/ageratums.php","offline","malware_download","doc|hancitor|html","demo.isisto.it","85.94.207.168","12637","IT"
"2021-04-12 06:37:05","https://www.sogecoenergy.com/ol/ol.bin","offline","malware_download","encrypted|GuLoader","www.sogecoenergy.com","217.64.195.31","12637","IT"
"2021-04-02 09:24:03","https://www.sogecoenergy.com/cp/cp.bin","offline","malware_download","encrypted|GuLoader","www.sogecoenergy.com","217.64.195.31","12637","IT"
"2021-04-02 03:44:03","https://www.sogecoenergy.com/ot/ot.bin","offline","malware_download","","www.sogecoenergy.com","217.64.195.31","12637","IT"
"2021-04-02 03:34:03","http://www.sogecoenergy.com/ot/ot.msi","offline","malware_download","","www.sogecoenergy.com","217.64.195.31","12637","IT"
"2021-04-02 03:34:03","https://www.sogecoenergy.com/ot/ot.msi","offline","malware_download","","www.sogecoenergy.com","217.64.195.31","12637","IT"
"2021-03-29 06:08:04","https://www.sogecoenergy.com/or/ag.bin","offline","malware_download","encrypted|GuLoader","www.sogecoenergy.com","217.64.195.31","12637","IT"
"2021-03-28 07:18:12","https://www.sogecoenergy.com/a/os.bin","offline","malware_download","encrypted|GuLoader","www.sogecoenergy.com","217.64.195.31","12637","IT"
"2021-03-15 15:40:06","https://culturbis.it/rih5i7i.rar","offline","malware_download","10444|dll|dridex","culturbis.it","185.220.245.51","12637","CH"
"2020-12-22 22:08:03","https://www.acboilers.com/_/DOC/kEkqpw/","offline","malware_download","doc|emotet|epoch3|Heodo","www.acboilers.com","212.35.217.40","12637","IT"
"2020-10-16 17:42:04","http://techra-drumsticks.com/wp-includes/Documentation/vjiov70cs/2e7gk2a2o70snmqpc2cp0ii2uszow2khx/","offline","malware_download","doc|emotet|epoch2|Heodo","techra-drumsticks.com","95.174.29.127","12637","IT"
"2020-09-22 13:33:33","https://telemarketingliste.it/docs/Pages/oN4UNNyc4hR/","offline","malware_download","doc|emotet|epoch1|Heodo","telemarketingliste.it","185.220.244.65","12637","CH"
"2020-09-21 18:21:39","http://giuseppecaggiano.com/wp-admin/docs/115whjj8/","offline","malware_download","doc|emotet|epoch2","giuseppecaggiano.com","217.64.195.14","12637","IT"
"2020-09-21 13:49:06","http://www.santipietroepaololatina.it/wp-includes/sites/e2ziF2qJ42oKQL09B60/","offline","malware_download","doc|emotet|epoch1|Heodo","www.santipietroepaololatina.it","217.64.195.225","12637","IT"
"2020-09-17 08:20:09","http://nardopavimenti.it/Q12.jpg","offline","malware_download","Encoded|MassLogger|nankasa.com.ar","nardopavimenti.it","95.174.9.146","12637","IT"
"2020-09-03 19:13:34","http://farmaciaarcobaleno.ch/wp-snapshots/PNXFHEqzTK/","offline","malware_download","emotet|epoch3|exe|Heodo","farmaciaarcobaleno.ch","185.220.244.29","12637","CH"
"2020-09-03 09:48:08","http://www.abatifamily.it/rw_common/attachments/i40enlwdbuet/","offline","malware_download","doc|emotet|epoch2|heodo","www.abatifamily.it","217.64.195.178","12637","IT"
"2020-08-25 21:42:13","http://www.dynamai.eu/wp-includes/invoice/lnkb556928760957rzru4eyledx9u/","offline","malware_download","doc|emotet|epoch2|heodo","www.dynamai.eu","217.64.195.215","12637","IT"
"2020-08-14 04:19:06","http://eurofutura.com/carloghio/invoice/gbzhpum4bfr/","offline","malware_download","doc|emotet|epoch2|heodo","eurofutura.com","217.64.195.35","12637","IT"
"2020-08-12 07:23:04","http://eurofutura.com/carloghio/71-nyga-89881/","offline","malware_download","doc|emotet|epoch3|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2020-08-06 23:49:04","http://eurofutura.com/carloghio/invoice/2y6611yew2/kxyush77148104086073uigkhvvlxsh2c/","offline","malware_download","doc|emotet|epoch2|heodo|QuakBot","eurofutura.com","217.64.195.35","12637","IT"
"2020-07-30 23:26:34","http://eurofutura.com/carloghio/obj/","offline","malware_download","doc|emotet|epoch3|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2020-07-30 12:23:04","http://www.magsoft.it/blog_img/lpary2-lu-94322/","offline","malware_download","doc|emotet|epoch3|Heodo","www.magsoft.it","217.64.195.201","12637","IT"
"2020-07-29 07:03:43","http://www.francescoarzeni.it/dist/available-section/corporate-344051876-gtX30sO/76851718337-igerFk9wcJKtZ/","offline","malware_download","doc|emotet|epoch1|Heodo","www.francescoarzeni.it","217.64.195.238","12637","IT"
"2020-07-28 12:28:08","http://www.dearsport.it/wp-admin/x6e-vm9-99/","offline","malware_download","doc|emotet|epoch3|Heodo","www.dearsport.it","217.64.195.229","12637","IT"
"2020-07-23 03:28:37","http://chiaraberettamazzotta.it/wp-includes/g9ayf-lg6d-9526/","offline","malware_download","doc|emotet|epoch3|Heodo","chiaraberettamazzotta.it","185.220.244.6","12637","CH"
"2020-05-26 15:53:12","http://www.alox-media.it/lcgnncprqr/149054/Aufhebung_149054_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","www.alox-media.it","217.194.6.96","12637","IT"
"2020-05-26 13:57:23","http://panserialberto.it/eehckdbjodpi/Aufhebung_6402_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","panserialberto.it","217.194.6.96","12637","IT"
"2020-05-26 13:57:15","http://panserialberto.it/eehckdbjodpi/Aufhebung_80319005_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","panserialberto.it","217.194.6.96","12637","IT"
"2020-05-26 13:04:29","http://panserialberto.it/eehckdbjodpi/Aufhebung_6574_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","panserialberto.it","217.194.6.96","12637","IT"
"2020-05-26 12:44:05","http://www.alox-media.it/lcgnncprqr/22752942/Aufhebung_22752942_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","www.alox-media.it","217.194.6.96","12637","IT"
"2020-05-26 12:36:11","http://www.alox-media.it/lcgnncprqr/73129536/Aufhebung_73129536_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","www.alox-media.it","217.194.6.96","12637","IT"
"2020-05-26 12:16:43","http://panserialberto.it/eehckdbjodpi/Aufhebung_53106645_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","panserialberto.it","217.194.6.96","12637","IT"
"2020-05-26 11:58:26","http://panserialberto.it/eehckdbjodpi/Aufhebung_03814_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","panserialberto.it","217.194.6.96","12637","IT"
"2020-05-26 11:58:18","http://panserialberto.it/eehckdbjodpi/Aufhebung_5494_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","panserialberto.it","217.194.6.96","12637","IT"
"2020-05-08 13:42:21","https://www.dpcservizi.it/wp-content/themes/danfe/mojhxsriuysl/01678/EmploymentVerification_01678_05072020.zip","offline","malware_download","Qakbot|Quakbot|zip","www.dpcservizi.it","217.64.195.189","12637","IT"
"2020-05-08 13:23:33","https://www.dpcservizi.it/wp-content/themes/danfe/mojhxsriuysl/EmploymentVerification_964803_05072020.zip","offline","malware_download","Qakbot|Quakbot|zip","www.dpcservizi.it","217.64.195.189","12637","IT"
"2020-04-10 23:39:10","https://priviteraeventi.com/wp-content/themes/calliope/previous/730167.zip","offline","malware_download","Qakbot|qbot|zip","priviteraeventi.com","185.220.247.240","12637","CH"
"2020-04-10 23:39:07","https://priviteraeventi.com/wp-content/themes/calliope/previous/75448827/75448827.zip","offline","malware_download","Qakbot|qbot|zip","priviteraeventi.com","185.220.247.240","12637","CH"
"2020-02-03 17:21:18","https://www.sitagroup.it/wp-includes/6i/","offline","malware_download","emotet|epoch2|exe|Heodo","www.sitagroup.it","5.144.171.112","12637","IT"
"2019-12-19 08:41:03","https://www.hcristallo.it/email/DOC/efzenw5-1062144065-92504-sxy9v5acv2x-q6inw/","offline","malware_download","doc|emotet|epoch2|Heodo","www.hcristallo.it","95.174.3.205","12637","IT"
"2019-12-18 18:22:28","http://unpacked.it/sandbox_wordpress/multifunctional-array/security-profile/257474-6s68N0lZe4T8D5CA/","offline","malware_download","doc|emotet|epoch1|Heodo","unpacked.it","195.182.210.170","12637","IT"
"2019-12-16 13:07:18","http://www.savestudio.com/softaculous/personal_3tNxC_dF2wol4/9371031180_ZkUQYslb_warehouse/551667277_nCnJt9IcIEpvPxQ/","offline","malware_download","doc|emotet|epoch1","www.savestudio.com","217.64.195.238","12637","IT"
"2019-10-25 05:22:13","http://tecnopressitaly.it/wp-includes/richard.php","offline","malware_download","EvilPony|Hancitor|Pony|Tordal|Ursnif","tecnopressitaly.it","85.94.203.132","12637","IT"
"2019-07-05 16:09:03","http://www.webfastprint.it/wp-content/themes/ttourism/css/messg.jpg","offline","malware_download","exe|Troldesh","www.webfastprint.it","217.64.195.228","12637","IT"
"2019-07-05 15:56:02","http://webfastprint.it/wp-content/themes/ttourism/css/messg.jpg","offline","malware_download","exe","webfastprint.it","217.64.195.228","12637","IT"
"2019-05-20 22:31:05","http://eurofutura.com/carloghio/parts_service/JYRByxVSfhNOpVVTASyyBhBR/","offline","malware_download","doc|Emotet|epoch2|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2019-05-09 14:49:17","http://www.rivoltaponteggi.com/pdf/NrEXyVsSMiXbGRIMqaRxatUcwrfZZZ/","offline","malware_download","epoch2","www.rivoltaponteggi.com","95.174.1.76","12637","IT"
"2019-04-18 13:48:27","http://eurofutura.com/anti/98c/","offline","malware_download","emotet|epoch1|exe|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2019-04-09 18:27:03","http://eurofutura.com/dolibarr/JyPD-Gl7UMuQHinoIltc_nNYOFEndV-cGR/","offline","malware_download","doc|emotet|epoch2|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2019-04-02 15:36:19","http://eurofutura.com/Ratchet-master/wZBv/","offline","malware_download","emotet|epoch1|exe|Heodo|TrickBot","eurofutura.com","217.64.195.35","12637","IT"
"2019-03-21 11:43:05","http://eurofutura.com/yii/29i2j-m2cqj85-hgxhuo/","offline","malware_download","doc|emotet|epoch2|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2019-02-07 13:45:28","http://siciliasapori.com/Telekom/RechnungOnline/012019/","offline","malware_download","doc|emotet|epoch1|Heodo","siciliasapori.com","217.64.195.220","12637","IT"
"2019-01-24 22:35:38","https://rosalindacademy.it/GdtaX-gnztg2R1LMIT42u_eozpWyiKu-V9/","offline","malware_download","doc|emotet|epoch1|Heodo","rosalindacademy.it","217.64.195.242","12637","IT"
"2019-01-24 01:07:17","http://rosalindacademy.it/zVWy-2lPC_BDKTd-CCY/Southwire/UWT1986389353/US_us/Invoice/","offline","malware_download","doc|emotet|epoch2","rosalindacademy.it","217.64.195.242","12637","IT"
"2019-01-22 22:44:11","https://rosalindacademy.it/zVWy-2lPC_BDKTd-CCY/Southwire/UWT1986389353/US_us/Invoice/","offline","malware_download","emotet|epoch2|Heodo","rosalindacademy.it","217.64.195.242","12637","IT"
"2018-12-19 03:48:34","http://uolli.it/HSTOj-5YUtMd8A_ZsCPaa-ALk/Inv/151264875/files/EN_en/Overdue-payment/","offline","malware_download","emotet|epoch2|Heodo","uolli.it","95.174.3.212","12637","IT"
"2018-12-19 02:11:32","http://uolli.it/HSTOj-5YUtMd8A_ZsCPaa-ALk/Inv/151264875/files/EN_en/Overdue-payment","offline","malware_download","doc","uolli.it","95.174.3.212","12637","IT"
"2018-12-14 00:56:02","http://eurofutura.com/US/Transaction_details/2018-12","offline","malware_download","doc","eurofutura.com","217.64.195.35","12637","IT"
"2018-12-14 00:28:04","http://eurofutura.com/US/Transaction_details/2018-12/","offline","malware_download","emotet|epoch1|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2018-12-07 13:03:04","http://uolli.it/mu5g/","offline","malware_download","exe|Heodo","uolli.it","95.174.3.212","12637","IT"
"2018-12-07 11:57:24","http://uolli.it/mu5g","offline","malware_download","emotet|epoch2|exe|Heodo","uolli.it","95.174.3.212","12637","IT"
"2018-12-06 11:43:25","http://eurofutura.com/EN_US/Messages/12_18","offline","malware_download","emotet|epoch1|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2018-11-29 06:08:06","http://www.yogananda-palermo.org/Ra7/","offline","malware_download","Emotet|exe|Heodo","www.yogananda-palermo.org","217.64.195.223","12637","IT"
"2018-11-28 19:28:05","http://www.yogananda-palermo.org/Ra7","offline","malware_download","emotet|epoch2|exe|Heodo","www.yogananda-palermo.org","217.64.195.223","12637","IT"
"2018-10-08 15:39:02","http://gymmy.it/3157LIXBXSD/PAYMENT/Business","offline","malware_download","doc|emotet","gymmy.it","185.220.244.46","12637","CH"
"2018-10-05 05:33:03","http://psichesalute.com/Claim_5102018.doc","offline","malware_download","doc","psichesalute.com","217.64.195.16","12637","IT"
"2018-09-13 23:17:02","http://leulocati.com/297WQR/BIZ/Commercial/","offline","malware_download","doc|Heodo","leulocati.com","212.35.203.104","12637","IT"
"2018-09-13 22:36:03","http://leulocati.com/297WQR/BIZ/Commercial","offline","malware_download","doc|emotet|Heodo","leulocati.com","212.35.203.104","12637","IT"
"2018-09-06 16:13:26","http://eurofutura.com/Download/EN_en/Invoice-Corrections-for-46/74","offline","malware_download","doc|emotet|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2018-09-05 22:20:16","http://eurofutura.com/Sep2018/En/Inv-44272-PO-9C377273","offline","malware_download","doc|emotet|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2018-09-05 03:36:23","http://gymmy.it/INVOICE/","offline","malware_download","doc|emotet|epoch1|Heodo","gymmy.it","185.220.244.46","12637","CH"
"2018-09-04 14:45:12","http://eurofutura.com/Sep2018/En/Inv-44272-PO-9C377273/","offline","malware_download","emotet|Heodo|word macro","eurofutura.com","217.64.195.35","12637","IT"
"2018-09-04 14:03:20","http://gymmy.it/INVOICE","offline","malware_download","doc|emotet|Heodo","gymmy.it","185.220.244.46","12637","CH"
"2018-08-30 08:00:13","http://gymmy.it/LLC/EN_en/Outstanding-Invoices/","offline","malware_download","doc|Heodo","gymmy.it","185.220.244.46","12637","CH"
"2018-08-30 07:19:05","http://gymmy.it/LLC/EN_en/Outstanding-Invoices","offline","malware_download","doc|emotet|Heodo","gymmy.it","185.220.244.46","12637","CH"
"2018-08-30 04:24:38","http://eurofutura.com/DOC/US/Invoice-for-v/r-08/29/2018/","offline","malware_download","doc|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2018-08-29 22:05:18","http://eurofutura.com/DOC/US/Invoice-for-v/r-08/29/2018","offline","malware_download","doc|emotet|Heodo","eurofutura.com","217.64.195.35","12637","IT"
"2018-08-21 16:34:52","http://josefingarage.com/784FAD/identity/Commercial/","offline","malware_download","Heodo","josefingarage.com","185.220.244.17","12637","CH"
"2018-08-21 12:02:17","http://josefingarage.com/784FAD/identity/Commercial","offline","malware_download","doc|emotet|Heodo","josefingarage.com","185.220.244.17","12637","CH"
"2018-08-07 02:52:05","http://milano-autonoleggio.it/DHL/En_us/","offline","malware_download","doc|emotet|Heodo","milano-autonoleggio.it","217.64.195.207","12637","IT"
"2018-07-04 10:46:02","http://www.ladybiss.it/test/scan.docm","offline","malware_download","doc|downloader","www.ladybiss.it","217.64.195.229","12637","IT"
"2018-06-28 18:53:09","http://tatanka.it/EP074KK/","offline","malware_download","emotet|epoch2|Heodo|payload","tatanka.it","217.64.195.239","12637","IT"
# of entries: 94