##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-20 11:16:17 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS201200
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-07-31 12:00:12","https://aestheticbalance.bg/s/SSA-30-07-2025.exe","offline","malware_download","ConnectWise","aestheticbalance.bg","164.138.218.220","201200","BG"
"2025-04-08 09:07:06","http://upnet.bg/d0/Stokkedslagene.pcx","offline","malware_download","encrypted|GuLoader","upnet.bg","185.45.67.120","201200","BG"
"2024-10-16 15:24:17","http://gdent.bg/files/AA_v3.exe","offline","malware_download","Adware.DownloadMR|FlawedAmmyRAT","gdent.bg","79.124.55.249","201200","BG"
"2024-01-19 09:13:07","https://advokatkraleva.com/ted.exe","offline","malware_download","dropped-by-smokeloader","advokatkraleva.com","193.107.69.80","201200","BG"
"2023-10-16 16:19:22","https://aquila-services.bg/qtui/","offline","malware_download","IcedID|TR","aquila-services.bg","164.138.222.129","201200","BG"
"2023-10-13 19:52:14","http://aquila-services.bg/tcer/","offline","malware_download","DarkGate|TA577|TR","aquila-services.bg","164.138.222.129","201200","BG"
"2023-10-13 19:44:13","https://aquila-services.bg/tcer/?HZ=4983732","offline","malware_download","DarkGate|TA577|TR","aquila-services.bg","164.138.222.129","201200","BG"
"2023-10-05 13:24:12","https://pktrakia.com/imu/?1","offline","malware_download","Pikabot|TR","pktrakia.com","193.107.69.123","201200","BG"
"2023-06-22 05:52:40","https://klavierart.at/ql/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","klavierart.at","185.45.66.115","201200","BG"
"2023-06-16 15:24:35","https://klavierart.at/mle/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","klavierart.at","185.45.66.115","201200","BG"
"2023-06-14 16:56:39","https://chardakasopot.online/ac/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","chardakasopot.online","185.80.2.226","201200","BG"
"2023-05-17 13:06:15","https://onemoreconsulting.com/ua/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","onemoreconsulting.com","185.45.66.104","201200","BG"
"2023-05-16 13:15:14","https://mirage-mk.com/ir/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","mirage-mk.com","79.124.55.249","201200","BG"
"2023-05-16 13:14:32","https://kleptuzaparts.com/au/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","kleptuzaparts.com","185.80.2.228","201200","BG"
"2023-05-16 11:25:53","https://skdoverie.com/ta/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","skdoverie.com","91.196.125.197","201200","BG"
"2023-05-11 11:58:25","https://agrokarti.com/tmeu/","offline","malware_download","BB27|geofenced|js|Qakbot|Quakbot|USA","agrokarti.com","195.191.148.176","201200","BG"
"2023-05-09 09:28:14","https://prestan.bg/Poste%20Italien%20documenti%20di%20spedizione%203454535345.gz","offline","malware_download","Formbook","prestan.bg","193.107.36.121","201200","BG"
"2023-05-03 05:25:18","https://levelh.bg/wp-content/download/File_pass1234.zip","offline","malware_download","1234|password-protected|zip","levelh.bg","91.196.125.91","201200","BG"
"2023-03-06 14:38:09","https://ultranafta.com/mise/Normativa.zip","offline","malware_download","gozi|ITA|mef|MISE|ursnif","ultranafta.com","91.196.124.156","201200","BG"
"2023-03-06 11:39:17","https://ultranafta.com/mise/Servizi.zip","offline","malware_download","gozi|ITA|MEF|MISE|ursnif","ultranafta.com","91.196.124.156","201200","BG"
"2023-03-06 11:39:16","https://ultranafta.com/mise/Cliente.zip","offline","malware_download","gozi|ITA|MEF|MISE|ursnif","ultranafta.com","91.196.124.156","201200","BG"
"2023-03-06 11:39:16","https://ultranafta.com/mise/Contratto.zip","offline","malware_download","gozi|ITA|MEF|MISE|ursnif","ultranafta.com","91.196.124.156","201200","BG"
"2023-03-06 11:39:16","https://ultranafta.com/mise/Disposizioni.zip","offline","malware_download","gozi|ITA|MEF|MISE|ursnif","ultranafta.com","91.196.124.156","201200","BG"
"2023-03-06 11:39:16","https://ultranafta.com/mise/Gestione.zip","offline","malware_download","gozi|ITA|MEF|MISE|ursnif","ultranafta.com","91.196.124.156","201200","BG"
"2023-02-02 23:17:36","https://vivsoaps.com/ARUE.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","vivsoaps.com","195.191.148.97","201200","BG"
"2022-12-22 20:03:25","https://vendyplus.com/BDIO.php","offline","malware_download","B1|BB11|ISO|Qakbot|Qbot|Quakbot|TR|U22|zip","vendyplus.com","164.138.218.107","201200","BG"
"2022-12-20 17:23:27","https://rxbg.eu/et/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","rxbg.eu","164.138.218.226","201200","BG"
"2022-12-20 17:18:48","https://ivali7.com/ri/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","ivali7.com","164.138.219.116","201200","BG"
"2022-12-08 01:39:16","https://detektiv-fox.com/index.php?QBOT.zip","offline","malware_download","","detektiv-fox.com","185.45.66.159","201200","BG"
"2022-11-17 19:25:23","https://toptul.bg/iiae/index.php?qbot.zip","offline","malware_download","BB06|iso|qakbot|qbot|quakbot|SK16|TR|zip","toptul.bg","185.45.66.147","201200","BG"
"2022-10-20 08:51:12","https://cargoconnect.online/LFeuP15.pfm","offline","malware_download","encrypted|GuLoader","cargoconnect.online","185.123.191.107","201200","BG"
"2022-06-07 16:19:08","https://ait-service.com/images/cLtrZtaV7zkqt/","offline","malware_download","dll|emotet|epoch5|Heodo","ait-service.com","185.45.66.231","201200","BG"
"2021-12-21 15:09:12","http://game.technomarket.bg/liberodignissimos/corporisquibusdam-quisaccusantium","offline","malware_download","qbot|Quakbot|tr","game.technomarket.bg","164.138.222.158","201200","BG"
"2021-12-21 14:19:40","http://game.technomarket.bg/liberodignissimos/atquefacilis-temporibusquis","offline","malware_download","qbot|Quakbot|tr","game.technomarket.bg","164.138.222.158","201200","BG"
"2021-11-12 06:46:05","https://invitro-bg.com/totamet/utsit-148201302","offline","malware_download","ChaserLdr|qakbot|qbot|TR|zip","invitro-bg.com","91.196.124.39","201200","BG"
"2021-10-28 13:37:08","https://mail.moemdanosim.com/sedvoluptatum/adducturasuperfuturo-728263","offline","malware_download","Quakbot|TR|zip","mail.moemdanosim.com","164.138.222.99","201200","BG"
"2021-10-25 14:34:09","https://invitro-bg.com/totamet/documents.zip","offline","malware_download","TR|zip","invitro-bg.com","91.196.124.39","201200","BG"
"2021-10-25 13:00:04","https://www.jorjeia.com/cms/font/unifont/DownFlSetup122.exe","offline","malware_download","32|exe|RedLineStealer","www.jorjeia.com","45.158.30.89","201200","BG"
"2021-10-25 06:17:09","https://www.jorjeia.com/cms/font/unifont/DownFlSetup999.exe","offline","malware_download","32|exe|RedLineStealer","www.jorjeia.com","45.158.30.89","201200","BG"
"2021-10-19 17:05:06","http://playonvarna.com/odionihil/idimpedit-145647239","offline","malware_download","SilentBuilder|TR","playonvarna.com","195.191.148.176","201200","BG"
"2021-10-19 16:11:08","https://mesarnica.com/aab/documents.zip","offline","malware_download","TR|zip","mesarnica.com","91.196.124.100","201200","BG"
"2021-10-19 15:55:17","https://playonvarna.com/odionihil/documents.zip","offline","malware_download","TR|zip","playonvarna.com","195.191.148.176","201200","BG"
"2021-10-18 14:02:08","https://casamia.bg/etmagnam/documents.zip","offline","malware_download","TR|zip","casamia.bg","193.107.68.111","201200","BG"
"2021-10-15 14:19:11","https://ij-group.com/velquo/documents.zip","offline","malware_download","SilentBuilder|TR|zip","ij-group.com","185.45.66.104","201200","BG"
"2021-10-15 14:17:14","https://petbox.bg/dignissimosfacilis/documents.zip","offline","malware_download","SilentBuilder|TR|zip","petbox.bg","91.196.124.100","201200","BG"
"2021-10-15 11:26:11","https://nadezhdahospital.bg/porroesse/mollitiaodio-143518287","offline","malware_download","qbot","nadezhdahospital.bg","91.196.124.39","201200","BG"
"2021-10-15 11:26:05","https://nadezhdahospital.bg/porroesse/voluptasdoloribus-143577640","offline","malware_download","qbot","nadezhdahospital.bg","91.196.124.39","201200","BG"
"2021-10-12 15:16:06","https://goldenhands.bg/asperiores-natus/documents.zip","offline","malware_download","TR|zip","goldenhands.bg","195.191.149.91","201200","BG"
"2021-10-12 13:54:08","https://dinimar.com/voluptates-quo/documents.zip","offline","malware_download","TR|zip","dinimar.com","195.191.148.130","201200","BG"
"2021-10-07 13:52:06","https://proficleanpartner.com/quod-molestias/documents.zip","offline","malware_download","TR|zip","proficleanpartner.com","185.80.3.192","201200","BG"
"2021-10-05 15:52:06","https://tislighting.com/dolor-optio/documents.zip","offline","malware_download","TR|zip","tislighting.com","185.80.2.103","201200","BG"
"2021-10-05 14:29:21","https://kupisha.bg/non-sint/documents.zip","offline","malware_download","TR|zip","kupisha.bg","185.80.2.103","201200","BG"
"2021-10-05 14:21:06","https://autopodbor.eu/in-et/documents.zip","offline","malware_download","TR|zip","autopodbor.eu","195.191.148.130","201200","BG"
"2021-10-04 15:40:12","https://kupisha.pl/quia-sit/documents.zip","offline","malware_download","TR|zip","kupisha.pl","195.191.148.130","201200","BG"
"2021-10-04 15:38:12","https://kupisha.bg/molestiae-fugiat/documents.zip","offline","malware_download","TR|zip","kupisha.bg","185.80.2.103","201200","BG"
"2021-10-04 15:10:15","https://gonzagirecords.com/error-vel/documents.zip","offline","malware_download","TR|zip","gonzagirecords.com","164.138.219.127","201200","BG"
"2021-09-24 14:51:30","https://foodtest.cf2015bg.com/cumque-iure/documents.zip","offline","malware_download","TR|zip","foodtest.cf2015bg.com","164.138.223.145","201200","BG"
"2021-01-06 08:49:07","http://gtp.bg/opka/iopd/ztyh/nmk/1vrkY2OMQfcfBgx.exe","offline","malware_download","exe|QuasarRAT","gtp.bg","195.191.148.61","201200","BG"
"2021-01-06 06:43:04","http://gtp.bg/opkl/fioli/zplk/apo/5DVxvgK9jn5gaBl.exe","offline","malware_download","exe|QuasarRAT","gtp.bg","195.191.148.61","201200","BG"
"2021-01-05 15:24:08","http://gtp.bg/.quarantine/jazxc/aziona/ztyh/cmi/HGMQEJgwymnTaON.exe","offline","malware_download","bitrat|QuasarRAT","gtp.bg","195.191.148.61","201200","BG"
"2020-12-09 01:48:08","https://dosha.bg/kapa1/ferrapos/gudda/ferrapos/abm/iola.exe","offline","malware_download","BitRAT|exe","dosha.bg","195.191.148.123","201200","BG"
"2020-12-08 21:40:13","https://dosha.bg/kapa2/ferrapos/gudda/ferrapos/abm/iola.exe","offline","malware_download","BitRAT|exe","dosha.bg","195.191.148.123","201200","BG"
"2020-10-15 23:38:04","https://www.kremena-dance.com/wp-admin/Pages/3JKiFEcSA7T3/","offline","malware_download","doc|emotet|epoch1|Heodo","www.kremena-dance.com","185.45.67.150","201200","BG"
"2020-08-19 00:08:04","http://abcd.bg/wwvv2/DOC/d3z7815y3qj2/","offline","malware_download","doc|emotet|epoch2|heodo","abcd.bg","185.45.66.117","201200","BG"
"2020-07-30 11:02:15","http://www.geodesign07.com/wp-content/ni9tn_7_6aiui/","offline","malware_download","emotet|epoch2|exe|heodo","www.geodesign07.com","185.45.66.90","201200","BG"
"2020-07-27 22:05:05","http://www.geodesign07.com/wp-content/browse/vrtsamfhj/8yg67q5593656134149uiy5p2hg9kjmoq10q5l/","offline","malware_download","doc|emotet|epoch2|Heodo","www.geodesign07.com","185.45.66.90","201200","BG"
"2020-07-13 06:56:36","http://ecolux-bg.com/royal1/helper/gd/zt/bola.exe","offline","malware_download","NetWire","ecolux-bg.com","185.80.3.202","201200","BG"
"2020-06-09 17:28:08","http://library-karlovo.com/000/RFQ-2000-05-06-PDF.js","offline","malware_download","js|RAT|WSHRAT","library-karlovo.com","185.80.3.202","201200","BG"
"2020-06-02 15:27:10","http://petrovacosmetics.eu/wp-includes/images/P.O_24710-2020.zip","offline","malware_download","jar|zip","petrovacosmetics.eu","185.45.67.120","201200","BG"
"2020-02-21 13:50:19","http://spartltd.com/file1.exe","offline","malware_download","","spartltd.com","185.45.66.117","201200","BG"
"2019-09-12 13:28:02","http://malev-bg.com/xmlInstall/regsec1","offline","malware_download","","malev-bg.com","193.107.36.110","201200","BG"
"2019-09-12 13:25:03","http://malev-bg.com/xmlInstall/cdkp.scr","offline","malware_download","exe","malev-bg.com","193.107.36.110","201200","BG"
"2019-07-16 23:26:03","http://iccf-bg.com/wp-admin/includes/firefox.bin","offline","malware_download","Dridex|exe","iccf-bg.com","185.80.3.202","201200","BG"
"2019-05-30 23:35:02","http://boshnakov.com/VisualArts/vfvlg4qm59ripck22fi0mnmwqfo_z5r4h-7122529632245/","offline","malware_download","doc|emotet|epoch2|Heodo","boshnakov.com","185.45.66.80","201200","BG"
"2019-05-29 22:28:03","http://smixe.com/jbwhzay/owaqafj26_145sfchk-86466482679085/","offline","malware_download","doc|emotet|epoch2|Heodo","smixe.com","185.80.2.93","201200","BG"
"2018-11-26 15:43:09","http://automotive.bg/wp-content/43YRDI/oamo/Personal/","offline","malware_download","doc|emotet|epoch2","automotive.bg","185.80.2.120","201200","BG"
"2018-11-26 12:28:20","http://automotive.bg/wp-content/43YRDI/oamo/Personal","offline","malware_download","doc|emotet|heodo","automotive.bg","185.80.2.120","201200","BG"
"2018-11-23 14:41:06","http://biogas-bulgaria.efarmbg.com/fiDaiHg/","offline","malware_download","emotet|epoch2|exe|Heodo","biogas-bulgaria.efarmbg.com","185.45.66.219","201200","BG"
"2018-11-23 12:33:05","http://biogas-bulgaria.efarmbg.com/fiDaiHg","offline","malware_download","emotet|epoch2|Heodo","biogas-bulgaria.efarmbg.com","185.45.66.219","201200","BG"
"2018-11-09 16:21:12","http://automotive.bg/wp-content/EN_US/Clients_Messages/2018-11/","offline","malware_download","doc|emotet|Heodo","automotive.bg","185.80.2.120","201200","BG"
"2018-11-09 16:02:06","http://automotive.bg/wp-content/EN_US/Clients_Messages/2018-11","offline","malware_download","doc|emotet|Heodo","automotive.bg","185.80.2.120","201200","BG"
"2018-10-03 18:40:25","http://automotive.bg/wp-content/075EFMRXSFU/biz/Commercial/","offline","malware_download","doc|emotet|heodo","automotive.bg","185.80.2.120","201200","BG"
"2018-10-03 04:51:46","http://automotive.bg/wp-content/075EFMRXSFU/biz/Commercial","offline","malware_download","doc|emotet|heodo","automotive.bg","185.80.2.120","201200","BG"
"2018-09-12 02:09:58","http://gardacom-bg.com/tk5atJbA3/SEP/200-Jahre/","offline","malware_download","doc|emotet|epoch2|Heodo","gardacom-bg.com","185.45.67.150","201200","BG"
"2018-09-11 11:01:43","http://gardacom-bg.com/tk5atJbA3/SEP/200-Jahre","offline","malware_download","doc|emotet|Heodo","gardacom-bg.com","185.45.67.150","201200","BG"
"2018-09-05 04:57:26","http://gardacom-bg.com/846O/PAYROLL/Commercial/","offline","malware_download","doc|emotet|epoch2|Heodo","gardacom-bg.com","185.45.67.150","201200","BG"
"2018-09-04 23:26:48","http://gardacom-bg.com/846O/PAYROLL/Commercial","offline","malware_download","doc|emotet|Heodo","gardacom-bg.com","185.45.67.150","201200","BG"
"2018-08-26 00:31:18","http://malka-reklama.com/panel/micro.exe","offline","malware_download","Pony","malka-reklama.com","185.45.66.155","201200","BG"
"2018-06-06 06:13:15","http://ilievi-parket.com/ups.com/WebTracking/GAC-59698382/","offline","malware_download","doc|emotet|Heodo","ilievi-parket.com","185.80.2.127","201200","BG"
"2018-06-04 11:50:39","http://valerii.org/ups.com/WebTracking/WFX-1811291950564/","offline","malware_download","doc|emotet|Heodo","valerii.org","185.80.2.127","201200","BG"
"2018-06-01 17:12:17","http://valerii.org/MODIF-FACTURE-31-mai/","offline","malware_download","doc|emotet|Heodo","valerii.org","185.80.2.127","201200","BG"
"2018-05-29 19:58:25","http://valerii.org/Notification-de-facture-29-mai/","offline","malware_download","doc|emotet|Heodo","valerii.org","185.80.2.127","201200","BG"
# of entries: 92