##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 01:51:35 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS15967
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-03-05 07:42:07","https://bruta.pl/x/evil.ps1","offline","malware_download","ascii|opendir|PowerShell|ps1","bruta.pl","77.55.252.166","15967","PL"
"2025-03-05 07:42:05","https://bruta.pl/x/file.ps1","offline","malware_download","ascii|opendir|PowerShell|ps1","bruta.pl","77.55.252.166","15967","PL"
"2025-03-05 07:41:04","https://bruta.pl/x/JeBEYkyfFYuWEIA235.bin","offline","malware_download","encrypted|GuLoader|opendir","bruta.pl","77.55.252.166","15967","PL"
"2024-10-25 08:18:07","https://bruta.pl/DwvtKopKcDL194.bin","offline","malware_download","encrypted|GuLoader","bruta.pl","77.55.252.166","15967","PL"
"2024-10-25 08:18:07","https://bruta.pl/Ibrugtagelses.pcx","offline","malware_download","ascii|encoded|GuLoader","bruta.pl","77.55.252.166","15967","PL"
"2024-08-16 09:12:07","https://bruta.pl/OQAXoRi124.bin","offline","malware_download","encrypted|Formbook|GuLoader","bruta.pl","77.55.252.166","15967","PL"
"2024-05-14 07:36:06","https://bruta.pl/Monkeynut.emz","offline","malware_download","ascii|Formbook|GuLoader","bruta.pl","77.55.252.166","15967","PL"
"2024-05-14 07:35:10","https://bruta.pl/WSfBhsycdugbAkKJGNw168.bin","offline","malware_download","encrypted|Formbook|GuLoader","bruta.pl","77.55.252.166","15967","PL"
"2023-12-05 16:07:10","https://unisono.band/blog.php","offline","malware_download","","unisono.band","85.128.148.152","15967","PL"
"2023-08-25 18:20:09","https://druczki.pl/download.php","offline","malware_download","gating|gootloader","druczki.pl","85.128.208.19","15967","PL"
"2023-03-14 19:03:29","https://gptrade.nazwa.pl/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","gptrade.nazwa.pl","85.128.251.153","15967","PL"
"2023-03-14 19:02:58","https://server850010.nazwa.pl/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server850010.nazwa.pl","85.128.128.104","15967","PL"
"2023-03-14 19:02:29","https://server850010.nazwa.pl/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server850010.nazwa.pl","85.128.128.104","15967","PL"
"2023-03-14 19:02:26","https://server434633.nazwa.pl/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server434633.nazwa.pl","85.128.150.107","15967","PL"
"2023-03-14 19:02:14","https://server512758.nazwa.pl/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server512758.nazwa.pl","85.128.243.127","15967","PL"
"2023-03-14 19:01:36","https://server434633.nazwa.pl/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server434633.nazwa.pl","85.128.150.107","15967","PL"
"2023-03-14 19:01:27","https://server512758.nazwa.pl/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server512758.nazwa.pl","85.128.243.127","15967","PL"
"2023-03-14 19:01:20","https://gptrade.nazwa.pl/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","gptrade.nazwa.pl","85.128.251.153","15967","PL"
"2023-03-14 19:01:15","https://server850010.nazwa.pl/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server850010.nazwa.pl","85.128.128.104","15967","PL"
"2023-03-14 19:00:23","https://server434633.nazwa.pl/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server434633.nazwa.pl","85.128.150.107","15967","PL"
"2023-03-14 19:00:21","https://gptrade.nazwa.pl/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","gptrade.nazwa.pl","85.128.251.153","15967","PL"
"2023-03-14 18:59:57","https://server512758.nazwa.pl/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","server512758.nazwa.pl","85.128.243.127","15967","PL"
"2023-03-10 08:59:15","http://gptrade.nazwa.pl/connect/index.php","offline","malware_download","7712|agenziaentrate|geofenced|gozi|ITA|mef|mise|redir-302|ursnif","gptrade.nazwa.pl","85.128.251.153","15967","PL"
"2022-12-22 17:02:29","http://robitoki.pl/TUET.php","offline","malware_download","B1|BB11|ISO|Qakbot|Qbot|Quakbot|TR|zip","robitoki.pl","77.55.252.136","15967","PL"
"2022-12-19 16:41:03","https://zdrady24h.pl/pace/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","zdrady24h.pl","77.55.252.136","15967","PL"
"2022-11-03 18:25:22","https://latoska.com/iet/index.php?e=qbot.zip","offline","malware_download","BB05|BV1|iso|qakbot|qbot|quakbot|TR|zip","latoska.com","77.55.252.6","15967","PL"
"2022-03-30 18:12:04","http://gilbt.nazwa.pl/wp-includes/3yD2w2TfNmkAnYiRGmlH0wpplvdi/","offline","malware_download","emotet|epoch4|Heodo|redir-doc|SilentBuilder|xls","gilbt.nazwa.pl","85.128.248.247","15967","PL"
"2022-03-30 18:12:04","http://gilbt.nazwa.pl/wp-includes/3yD2w2TfNmkAnYiRGmlH0wpplvdi/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","gilbt.nazwa.pl","85.128.248.247","15967","PL"
"2022-03-29 14:30:04","http://frankowicz.net/customizeit.pl/YevBoYUW3Rp9NPF0Y1fxykvsIQc/","offline","malware_download","emotet|epoch4|redir-doc","frankowicz.net","85.128.227.133","15967","PL"
"2022-03-29 14:30:04","http://frankowicz.net/customizeit.pl/YevBoYUW3Rp9NPF0Y1fxykvsIQc/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","frankowicz.net","85.128.227.133","15967","PL"
"2021-04-21 18:20:11","http://autoabi.pl/2ofcO/catalogue-5.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","autoabi.pl","85.128.134.230","15967","PL"
"2021-04-21 18:13:25","http://autoabi.pl/2ofcO/catalogue-30.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","autoabi.pl","85.128.134.230","15967","PL"
"2021-04-20 22:55:05","http://krzysztofrzaczynski.pl/9zB94/catalogue-28.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","krzysztofrzaczynski.pl","85.128.156.40","15967","PL"
"2021-04-20 14:03:18","http://krzysztofrzaczynski.pl/9zB94/catalogue-89.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","krzysztofrzaczynski.pl","85.128.156.40","15967","PL"
"2020-12-02 21:47:05","http://autoabi.pl/ds/021220.gif","offline","malware_download","dll|Qakbot|qbot|SilentBuilder|tr02","autoabi.pl","85.128.134.230","15967","PL"
"2020-10-26 17:56:04","https://gastromatic.pl/wp-includes/parts_service/aZbeYNGyfOqkfLffKqT/","offline","malware_download","doc|emotet|epoch1|Heodo","gastromatic.pl","85.128.192.154","15967","PL"
"2020-08-26 18:44:03","http://420omaha.pragapoludnie.zhp.pl/wp-admin/browse/d7wy512471304760o5zpf11kxojd5oh2y/","offline","malware_download","doc|emotet|epoch2|Heodo","420omaha.pragapoludnie.zhp.pl","77.55.253.61","15967","PL"
"2020-08-20 11:25:06","https://one-drives.com/download.php","offline","malware_download","","one-drives.com","77.55.213.241","15967","PL"
"2020-07-17 17:22:36","https://akcje.browarbrodacz.pl/wp-keys.php","offline","malware_download","zloader","akcje.browarbrodacz.pl","77.55.253.75","15967","PL"
"2020-06-16 15:22:01","http://arthuta.pl/kctpxbkkeeu/4jQv8VPzCA.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 15:21:45","http://arthuta.pl/rydiakvhpqs/0ZISNw7Sff.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 15:14:03","http://arthuta.pl/fxhak/P/d8ZKW6MmS.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 15:12:46","http://arthuta.pl/rydiakvhpqs/4C/X5/nQGcmQ2h.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 15:12:24","http://arthuta.pl/kctpxbkkeeu/Sm/yL/rX45coQw.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 14:42:50","http://arthuta.pl/rydiakvhpqs/Rdh1L5N5i5.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 13:54:54","http://arthuta.pl/fxhak/Ql/cb/feZaz3I6.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 13:45:13","http://arthuta.pl/wkdguprwyhgh/0/ou2oMUK85.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 13:12:37","http://arthuta.pl/kctpxbkkeeu/a/x6kbgxGfx.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-16 13:10:51","http://arthuta.pl/rydiakvhpqs/CIqhM8RYng.zip","offline","malware_download","Qakbot|Quakbot|zip","arthuta.pl","85.128.173.58","15967","PL"
"2020-06-09 17:39:41","http://stowarzyszenie.jaroslaw.pl/bmcyqtz/AOgcHV2Vgg.zip","offline","malware_download","Qakbot|Quakbot|zip","stowarzyszenie.jaroslaw.pl","85.128.168.188","15967","PL"
"2020-06-09 17:06:22","http://stowarzyszenie.jaroslaw.pl/bmcyqtz/gesgj8fKKK.zip","offline","malware_download","Qakbot|Quakbot|zip","stowarzyszenie.jaroslaw.pl","85.128.168.188","15967","PL"
"2020-02-06 21:28:34","http://multihouse.fmcode.pl/wp-admin/FILE/","offline","malware_download","doc|emotet|epoch2|Heodo","multihouse.fmcode.pl","77.55.236.157","15967","PL"
"2020-01-16 23:59:03","http://ironart.com.pl/ww12/multifunctional-eJDVQat5aS-f1FdkeL24uB43/test-warehouse/BcFn9n47fRzN-b2qv2rjqL0/","offline","malware_download","doc|emotet|epoch1|Heodo","ironart.com.pl","85.128.128.104","15967","PL"
"2019-10-09 00:40:03","http://hurtowniatapet.pl/wp-admin/zqVHnvSXXoiFCasKkuFaUg/","offline","malware_download","doc|emotet|epoch2|Heodo","hurtowniatapet.pl","85.128.139.181","15967","PL"
"2019-07-24 13:20:02","https://marcin101.nazwa.pl/inc/HIbEraSKeORp1mL.jpg","offline","malware_download","WarzoneRat","marcin101.nazwa.pl","85.128.128.104","15967","PL"
"2019-07-09 21:52:03","http://efectiva.pl/administrator/backups/1c.jpg","offline","malware_download","exe|Troldesh","efectiva.pl","85.128.149.60","15967","PL"
"2019-06-01 00:47:02","http://fryzjer.zsp6tom.pl/images/INC/PyjzlnihtLmop/","offline","malware_download","doc|emotet|epoch2|Heodo","fryzjer.zsp6tom.pl","85.128.164.78","15967","PL"
"2019-05-23 07:44:28","https://marcin101.nazwa.pl/images/pasek/60secs.msi","offline","malware_download","avemaria|exe","marcin101.nazwa.pl","85.128.128.104","15967","PL"
"2019-05-20 10:24:08","http://serwiskonsol.com/wp-content/JEsfYuiPMv/","offline","malware_download","emotet|epoch2|exe|heodo","serwiskonsol.com","85.128.245.65","15967","PL"
"2019-04-26 13:37:10","http://matysiak.pl/trina/css/1c.jpg","offline","malware_download","exe|Troldesh","matysiak.pl","85.128.195.131","15967","PL"
"2019-04-09 16:19:06","http://walburg.pl/libraries/AuMXq-6c0aBeWoutb0Wu_TOzCOQObI-ESA/","offline","malware_download","Emotet|Heodo","walburg.pl","77.55.252.45","15967","PL"
"2019-03-29 21:25:16","http://walburg.pl/libraries/verif.myaccount.resourses.com/","offline","malware_download","doc|emotet|epoch1|Heodo","walburg.pl","77.55.252.45","15967","PL"
"2019-03-12 09:29:09","http://walburg.pl/cache/sendinc/service/sich/DE/2019-03/","offline","malware_download","doc|emotet|epoch1|Heodo","walburg.pl","77.55.252.45","15967","PL"
"2019-03-11 17:51:03","http://fundacjadelhan.pl/wp-admin/hfpa7-3fj0g-bsdiy/","offline","malware_download","Emotet|Heodo","fundacjadelhan.pl","77.55.148.184","15967","PL"
"2019-03-07 18:28:17","http://walburg.pl/cache/bqude-p0dk3w-cowon.view/","offline","malware_download","Emotet|Heodo","walburg.pl","77.55.252.45","15967","PL"
"2019-02-15 13:30:16","http://choinkimarkus.pl/wp-content/themes/unicon/framework/admin/ReduxCore/assets/css/color-picker/messg.jpg","offline","malware_download","exe|ransomware|shade|troldesh","choinkimarkus.pl","85.128.134.225","15967","PL"
"2019-02-11 17:45:05","http://asztar.pl/templates/theme1627/css/messg.jpg","offline","malware_download","exe|ransomware|shade|troldesh","asztar.pl","77.55.252.98","15967","PL"
"2019-01-22 12:45:12","http://slowianskawieza.pl/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe|Ransomware.Shade","slowianskawieza.pl","85.128.172.43","15967","PL"
"2018-12-16 07:46:03","http://77.55.223.123/AB4g5/Josho.x86","offline","malware_download","elf","77.55.223.123","77.55.223.123","15967","PL"
"2018-12-16 07:45:08","http://77.55.223.123/AB4g5/Josho.ppc","offline","malware_download","elf","77.55.223.123","77.55.223.123","15967","PL"
"2018-12-16 07:44:04","http://77.55.223.123/AB4g5/Josho.sh4","offline","malware_download","elf","77.55.223.123","77.55.223.123","15967","PL"
"2018-12-16 07:44:02","http://77.55.223.123/AB4g5/Josho.mpsl","offline","malware_download","elf","77.55.223.123","77.55.223.123","15967","PL"
"2018-12-16 07:09:04","http://77.55.223.123/AB4g5/Josho.mips","offline","malware_download","elf","77.55.223.123","77.55.223.123","15967","PL"
"2018-12-16 07:08:05","http://77.55.223.123/AB4g5/Josho.m68k","offline","malware_download","elf","77.55.223.123","77.55.223.123","15967","PL"
"2018-12-16 07:04:05","http://77.55.223.123/AB4g5/Josho.arm6","offline","malware_download","elf","77.55.223.123","77.55.223.123","15967","PL"
"2018-12-12 03:37:29","http://globalsecurity.com.pl/IRS/Internal-Revenue-Service/Wage-and-Income-Transcript/12112018/","offline","malware_download","emotet|epoch2|Heodo","globalsecurity.com.pl","85.128.167.245","15967","PL"
"2018-11-26 15:58:05","http://rozdroza.com/AVA8xbw8/","offline","malware_download","Emotet|exe|Heodo","rozdroza.com","77.55.253.70","15967","PL"
"2018-11-24 03:29:03","http://rozdroza.com/En_us/Clients_Messages/11_18/","offline","malware_download","doc|emotet|epoch1|Heodo","rozdroza.com","77.55.253.70","15967","PL"
"2018-11-22 16:07:02","http://rozdroza.com/AVA8xbw8","offline","malware_download","emotet|epoch1|exe|Heodo","rozdroza.com","77.55.253.70","15967","PL"
"2018-11-21 09:38:03","http://rozdroza.com/En_us/Clients_Messages/11_18","offline","malware_download","emotet|epoch1|Heodo","rozdroza.com","77.55.253.70","15967","PL"
"2018-11-19 20:05:36","http://ysti.eu/doc/EN_en/Aug2018/Payment/","offline","malware_download","emotet|heodo","ysti.eu","85.128.134.225","15967","PL"
"2018-11-16 02:10:37","http://rozdroza.com/Download/US_us/Past-Due-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","rozdroza.com","77.55.253.70","15967","PL"
"2018-11-15 17:35:00","http://rozdroza.com/Download/US_us/Past-Due-Invoice","offline","malware_download","doc|emotet|heodo","rozdroza.com","77.55.253.70","15967","PL"
"2018-11-13 22:59:21","http://rozdroza.com/Corporation/US/New-order","offline","malware_download","emotet|Heodo","rozdroza.com","77.55.253.70","15967","PL"
"2018-09-24 20:46:13","http://perfexim.nazwa.pl/perfektsystem_new/coke.exe","offline","malware_download","exe","perfexim.nazwa.pl","85.128.185.193","15967","PL"
"2018-08-10 04:25:06","http://ysti.eu/doc/EN_en/Aug2018/Payment","offline","malware_download","doc|emotet|Heodo","ysti.eu","85.128.134.225","15967","PL"
"2018-08-07 15:01:06","http://ysti.eu/Download/APP83411783ZIKMQS/4875476407/FZOX-KLFZ-Aug-07-2018","offline","malware_download","doc|emotet|Heodo","ysti.eu","85.128.134.225","15967","PL"
"2018-08-07 02:52:14","http://polskidrob.pl/files/En_us/Latest-payment/","offline","malware_download","doc|emotet|Heodo","polskidrob.pl","85.128.225.235","15967","PL"
"2018-08-03 08:01:09","http://polskidrob.pl/files/En_us/Latest-payment","offline","malware_download","doc|emotet|Heodo","polskidrob.pl","85.128.225.235","15967","PL"
"2018-08-03 05:13:32","http://ysti.eu/Aug2018/En_us/Receipt-attached","offline","malware_download","doc|emotet|Heodo","ysti.eu","85.128.134.225","15967","PL"
"2018-08-03 04:31:32","http://ysti.eu/Aug2018/En_us/Receipt-attached/","offline","malware_download","doc|emotet|Heodo","ysti.eu","85.128.134.225","15967","PL"
"2018-07-30 19:13:01","http://pensjonat-domino.pl/DHL/En/","offline","malware_download","doc|emotet|epoch2|Heodo","pensjonat-domino.pl","77.55.252.112","15967","PL"
"2018-07-07 22:45:05","http://lewandowskhj.nazwa.pl/dld.exe","offline","malware_download","exe|Formbook|Pony","lewandowskhj.nazwa.pl","85.128.128.104","15967","PL"
"2018-07-05 04:46:13","http://lewandowskhj.nazwa.pl/utAFBEE5F.exe","offline","malware_download","exe|formbook","lewandowskhj.nazwa.pl","85.128.128.104","15967","PL"
"2018-06-30 04:45:04","http://lewandowskhj.nazwa.pl/4624A50.exe","offline","malware_download","exe|NetWire|Pony","lewandowskhj.nazwa.pl","85.128.128.104","15967","PL"
"2018-06-21 04:44:12","http://www.drugarunda.pl/Jun2018/Invoice-0322917/","offline","malware_download","emotet|Heodo","www.drugarunda.pl","85.128.239.92","15967","PL"
"2018-06-15 17:39:26","http://drugarunda.pl/UPS-INVOICES-8649/","offline","malware_download","Heodo","drugarunda.pl","85.128.239.92","15967","PL"
"2018-06-15 16:01:03","http://www.drugarunda.pl/UPS-INVOICES-8649/","offline","malware_download","doc|emotet|epoch2|Heodo","www.drugarunda.pl","85.128.239.92","15967","PL"
"2018-06-15 00:12:27","http://karate.zgora.pl/Corporation/YH44338END/Feb-26-2018-88800/XZQ-VUXTB-Feb-26-2018/","offline","malware_download","Heodo","karate.zgora.pl","77.55.252.102","15967","PL"
"2018-06-06 19:43:03","http://store.drzwinet.pl/Rech-06-Juni/","offline","malware_download","doc|emotet","store.drzwinet.pl","85.128.218.79","15967","PL"
"2018-06-06 00:00:04","http://www.wroclaw1.nazwa.pl/ups.com/WebTracking/TE-15960347062967/","offline","malware_download","doc|emotet|Heodo","www.wroclaw1.nazwa.pl","85.128.128.104","15967","PL"
"2018-05-31 13:06:02","http://pensjonat-domino.pl/ACCOUNT/Invoice","offline","malware_download","Heodo","pensjonat-domino.pl","77.55.252.112","15967","PL"
"2018-05-23 20:24:11","http://pensjonat-domino.pl/ups.com/WebTracking/PLB-9260749/","offline","malware_download","doc|emotet|Heodo","pensjonat-domino.pl","77.55.252.112","15967","PL"
"2018-04-03 19:15:21","http://pssafetytv.nazwa.pl/4-Past-Due-Invoices/","offline","malware_download","doc|emotet|heodo","pssafetytv.nazwa.pl","85.128.251.57","15967","PL"
"2018-03-29 15:02:49","http://villamagnoli.nazwa.pl/WIRE-FORM/IEG-68097896733006/","offline","malware_download","doc|emotet|heodo","villamagnoli.nazwa.pl","85.128.128.104","15967","PL"
"2018-03-28 13:43:08","http://itvm.pl/ACH-FORM/OAE-905671706078/","offline","malware_download","doc|emotet|heodo","itvm.pl","77.55.253.55","15967","PL"
"2018-03-27 07:51:05","http://pssafetytv.nazwa.pl/WIRE-FORM/BMZ-818084625113/","offline","malware_download","emotet heodo doc","pssafetytv.nazwa.pl","85.128.251.57","15967","PL"
# of entries: 107