############################################################################## # URLhaus ASN CSV Feed # # Generated on 2025-11-19 01:18:50 UTC # # # # For questions please refer to: # # https://urlhaus.abuse.ch/feeds/ # ############################################################################## # # Feed generated for AS211126 # # Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country "2025-06-19 07:54:07","https://fomeisa.com/a/Duodecimfid.chm","offline","malware_download","ascii|encoded|GuLoader|RAT|RemcosRAT","fomeisa.com","195.250.27.34","211126","MX" "2025-06-19 07:54:07","https://fomeisa.com/a/OehxNhkQ34.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","fomeisa.com","195.250.27.34","211126","MX" "2025-06-14 13:21:13","https://fomeisa.com/a/Pizzaer.aca","offline","malware_download","ascii|encoded|GuLoader","fomeisa.com","195.250.27.34","211126","MX" "2024-02-08 18:12:11","https://data-activos.com/dua/","offline","malware_download","","data-activos.com","195.250.27.211","211126","MX" "2023-09-21 16:38:12","https://hmas.mx/relo/","offline","malware_download","Darkgate|pdf|USA|xll","hmas.mx","195.250.27.21","211126","MX" "2023-05-17 13:06:39","https://henchhenchcapital.com/aemu/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","henchhenchcapital.com","195.250.27.35","211126","MX" "2023-05-16 21:56:16","https://henchhenchcapital.com/op/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Qbot|Quakbot|USA","henchhenchcapital.com","195.250.27.35","211126","MX" "2023-03-14 16:10:27","https://temdicas.com.br/peou/peou.js","offline","malware_download","BB19|geofenced|js|Qakbot|USA","temdicas.com.br","195.250.27.35","211126","MX" "2022-11-07 11:44:12","https://cheffsys.com/css/5JqXCHJmidSY/","offline","malware_download","dll|emotet|epoch5|heodo","cheffsys.com","195.250.27.41","211126","MX" "2022-10-19 01:11:18","https://tastocup.com/eid/usnituqaa","offline","malware_download","BB03|FYN09|iso|qakbot|qbot|quakbot|TR|zip","tastocup.com","103.138.188.110","211126","MX" "2022-09-22 21:25:58","https://besurgico.com/cic/trsucks","offline","malware_download","bb|encrypted|iso|qakbot|qbot|quakbot|tr|zip","besurgico.com","103.138.188.110","211126","MX" "2022-09-22 21:23:14","https://solvetechsolution.co.in/er/trsucks","offline","malware_download","bb|encrypted|iso|qakbot|qbot|quakbot|tr|zip","solvetechsolution.co.in","103.138.188.138","211126","MX" "2022-09-22 21:22:15","https://digitalnidan.com/an/trsucks","offline","malware_download","bb|encrypted|iso|qakbot|qbot|quakbot|tr|zip","digitalnidan.com","103.138.188.110","211126","MX" "2022-09-15 16:04:09","https://shipraseeds.in/osr/ruaixamhemm","offline","malware_download","qbot|tr","shipraseeds.in","103.138.188.138","211126","MX" "2022-09-15 16:04:07","https://shipraseeds.in/osr/udsqerodiemol","offline","malware_download","qbot|tr","shipraseeds.in","103.138.188.138","211126","MX" "2022-09-15 16:03:03","https://shipraseeds.in/osr/oiuddq","offline","malware_download","qbot|tr","shipraseeds.in","103.138.188.138","211126","MX" "2022-06-22 19:45:07","https://cheffsys.com/AZOTEA/QpZ/","offline","malware_download","dll|emotet|epoch5|heodo","cheffsys.com","195.250.27.41","211126","MX" "2022-05-24 07:22:15","https://insuranceseller.in/ai/esetneidprfur","offline","malware_download","Quakbot|TR","insuranceseller.in","103.138.188.110","211126","MX" "2022-04-14 14:04:38","https://salvatoreindia.co.in/lpi/raieroruq","offline","malware_download","qakbot|qbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-04-14 14:04:36","https://salvatoreindia.co.in/lpi/uqmusiqtau","offline","malware_download","qakbot|qbot|Quakbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-04-14 14:04:32","https://edb.org.in/pm/tnnoe","offline","malware_download","qakbot|qbot|Quakbot|tr","edb.org.in","103.138.188.139","211126","MX" "2022-04-14 14:04:20","https://salvatoreindia.co.in/lpi/matsiepera","offline","malware_download","qakbot|qbot|Quakbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-04-14 14:04:15","https://ibcci.net.in/sun/evatnmimaga","offline","malware_download","qakbot|qbot|Quakbot|tr","ibcci.net.in","103.138.188.110","211126","MX" "2022-04-14 14:04:13","https://salvatoreindia.co.in/lpi/eaxibocdlip","offline","malware_download","qakbot|qbot|Quakbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-04-14 14:04:02","https://salvatoreindia.co.in/lpi/maqluatie","offline","malware_download","qakbot|qbot|Quakbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-04-14 14:03:18","https://salvatoreindia.co.in/lpi/tvuupibeitalomaarsp","offline","malware_download","qakbot|qbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-04-14 14:03:10","https://salvatoreindia.co.in/lpi/lcnorotdssitiuoidib","offline","malware_download","qakbot|qbot|Quakbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-04-14 14:00:54","https://salvatoreindia.co.in/lpi/tisqiu","offline","malware_download","qakbot|qbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-04-14 13:49:10","https://salvatoreindia.co.in/lpi/utestpianae","offline","malware_download","qakbot|qbot|Quakbot|tr","salvatoreindia.co.in","103.138.188.110","211126","MX" "2022-03-27 22:46:07","https://cipes.gob.mx/css/A046XJg/","offline","malware_download","dll|emotet|epoch4|Heodo","cipes.gob.mx","195.250.28.67","211126","MX" "2022-03-18 13:34:06","http://amautatravel.com/cgi-bin/WhWIic/","offline","malware_download","dll|emotet|epoch4|heodo","amautatravel.com","195.250.27.46","211126","MX" "2022-03-18 10:40:07","https://amautatravel.com/cgi-bin/WhWIic/","offline","malware_download","dll|emotet|epoch4|Heodo","amautatravel.com","195.250.27.46","211126","MX" "2021-07-13 19:10:05","http://marcamsrl.com/5WaCxjg34Runo2C.exe","offline","malware_download","32|exe|Loki","marcamsrl.com","195.250.27.134","211126","MX" "2021-07-13 19:10:05","https://marcamsrl.com/5uNJuFIVFadgqwX.exe","offline","malware_download","32|exe|Loki","marcamsrl.com","195.250.27.134","211126","MX" "2021-07-13 18:56:05","http://marcamsrl.com/crpYSZLkHw0n3SH.exe","offline","malware_download","32|exe|Loki","marcamsrl.com","195.250.27.134","211126","MX" "2021-07-13 18:56:05","http://marcamsrl.com/frS8UmNq9MyY5Ap.exe","offline","malware_download","32|exe|Loki","marcamsrl.com","195.250.27.134","211126","MX" "2021-07-13 18:56:05","http://marcamsrl.com/h/RFQ_1220274_SH0601201.exe","offline","malware_download","32|exe|Loki","marcamsrl.com","195.250.27.134","211126","MX" "2021-07-13 17:17:06","http://marcamsrl.com/KD9.exe","offline","malware_download","exe|Loki","marcamsrl.com","195.250.27.134","211126","MX" "2021-03-22 20:43:12","http://hgperformance.com.mx/wp-admin/rl8.exe","offline","malware_download","BazarCall|exe|openfield","hgperformance.com.mx","195.250.27.34","211126","MX" "2021-03-22 20:43:08","http://hgperformance.com.mx/wp-admin/sd5ers2.exe","offline","malware_download","BazaLoader|exe|openfield","hgperformance.com.mx","195.250.27.34","211126","MX" "2021-03-22 20:43:05","http://hgperformance.com.mx/wp-admin/rldr.exe","offline","malware_download","BazaLoader|exe|openfield","hgperformance.com.mx","195.250.27.34","211126","MX" "2021-03-22 18:07:06","http://hgperformance.com.mx/wp-admin/e3.exe","offline","malware_download","exe|openfield","hgperformance.com.mx","195.250.27.34","211126","MX" "2021-03-22 18:07:05","http://hgperformance.com.mx/wp-admin/e1.exe","offline","malware_download","BazarCall|exe|openfield","hgperformance.com.mx","195.250.27.34","211126","MX" "2021-03-22 18:07:05","http://hgperformance.com.mx/wp-admin/e4.exe","offline","malware_download","exe|openfield","hgperformance.com.mx","195.250.27.34","211126","MX" "2021-01-05 18:04:05","https://mirvalgroup.com/wp-includes/FOeYo/","offline","malware_download","emotet|epoch2|exe|heodo","mirvalgroup.com","195.250.27.159","211126","MX" "2020-10-27 20:37:13","http://gpjulioandrade.gob.ec/carchi/aTlUHIyDd0mzJfXOauso50h6xTzrieogF7F3mkHQLPDJR1YAyy5Aa1/","offline","malware_download","doc|emotet|epoch2|Heodo","gpjulioandrade.gob.ec","195.250.27.30","211126","MX" "2020-09-30 11:08:09","https://amvd.org.mx/old_site_backup/submenu02/endsession/scour452/hy48sdkzxuoix07y18sufa/","offline","malware_download","doc|emotet|epoch2|Heodo","amvd.org.mx","195.250.27.158","211126","MX" "2020-08-03 23:38:32","http://escuelajosesanabria.com/dpfpfl/2c/zM/eVUfmt02.zip","offline","malware_download","Qakbot|Qbot|spx147|vbs|zip","escuelajosesanabria.com","195.250.27.22","211126","MX" "2020-06-02 11:21:14","https://tortaslucas.com.pe/sxcdctfjbnu/NQAD_8519_01062020.zip","offline","malware_download","Qakbot|Quakbot|zip","tortaslucas.com.pe","195.250.27.35","211126","MX" "2020-06-02 10:53:06","https://tortaslucas.com.pe/sxcdctfjbnu/72196/NQAD_72196_01062020.zip","offline","malware_download","Qakbot","tortaslucas.com.pe","195.250.27.35","211126","MX" "2020-06-02 09:39:09","https://tortaslucas.com.pe/sxcdctfjbnu/55469183/NQAD_55469183_01062020.zip","offline","malware_download","Qakbot","tortaslucas.com.pe","195.250.27.35","211126","MX" "2020-06-02 08:29:51","https://tortaslucas.com.pe/sxcdctfjbnu/NQAD_7657531_01062020.zip","offline","malware_download","Qakbot|Quakbot|zip","tortaslucas.com.pe","195.250.27.35","211126","MX" "2020-06-02 07:44:24","https://tortaslucas.com.pe/sxcdctfjbnu/NQAD_659816_01062020.zip","offline","malware_download","Qakbot|Quakbot|zip","tortaslucas.com.pe","195.250.27.35","211126","MX" "2019-12-09 15:41:28","https://bauhausit.com/pressthis/4580233661289/","offline","malware_download","doc|emotet|epoch2","bauhausit.com","195.250.27.25","211126","MX" "2019-12-06 16:12:10","http://cetpro.harvar.edu.pe/dup-installer/2i5i_r76gl3x5v6vge_disk/individual_profile/NrWPp5_3Hj0zszymw/","offline","malware_download","doc|emotet|epoch1|Heodo","cetpro.harvar.edu.pe","195.250.27.24","211126","MX" "2019-03-08 17:26:06","http://siisa.com.mx/picture_library/w1lv-3h086u-zmwo.view/","offline","malware_download","Emotet|Heodo","siisa.com.mx","195.250.27.47","211126","MX" "2019-03-05 16:17:03","http://audiservice.com.mx/wp-includes/zfl6c-3kopj-cidhw.view/","offline","malware_download","doc|emotet|epoch2|Heodo","audiservice.com.mx","195.250.27.155","211126","MX" "2019-03-04 18:44:12","http://www.bivang.com.mx/0y7nygx/291q-o57hp-upbe.view/","offline","malware_download","Emotet|Heodo","www.bivang.com.mx","195.250.27.34","211126","MX" "2018-12-22 02:18:05","http://tdi.com.mx/DyDEV-Rb3_eB-PT/PaymentStatus/EN_en/Invoice","offline","malware_download","doc","tdi.com.mx","195.250.27.156","211126","MX" "2018-12-21 19:09:15","http://www.tdi.com.mx/DyDEV-Rb3_eB-PT/PaymentStatus/EN_en/Invoice/","offline","malware_download","doc|emotet|epoch2","www.tdi.com.mx","195.250.27.156","211126","MX" "2018-12-21 02:16:42","http://tdi.com.mx/DSwIH-Pzw3t_FAYqw-8Y/Ref/56645073En/Service-Invoice/","offline","malware_download","emotet|epoch2|Heodo","tdi.com.mx","195.250.27.156","211126","MX" "2018-12-19 19:46:15","http://www.tdi.com.mx/DSwIH-Pzw3t_FAYqw-8Y/Ref/56645073En/Service-Invoice/","offline","malware_download","emotet|epoch2|Heodo","www.tdi.com.mx","195.250.27.156","211126","MX" "2018-12-19 00:26:08","http://tdi.com.mx/ATTBusiness/gZiVFCYl7b_oVgGCjpL_AbPoQtN0Wx/","offline","malware_download","emotet|epoch2|Heodo","tdi.com.mx","195.250.27.156","211126","MX" "2018-12-18 05:54:59","http://www.tdi.com.mx/ATTBusiness/gZiVFCYl7b_oVgGCjpL_AbPoQtN0Wx/","offline","malware_download","emotet|Heodo","www.tdi.com.mx","195.250.27.156","211126","MX" "2018-12-17 23:06:05","http://www.tdi.com.mx/ATTBusiness/gZiVFCYl7b_oVgGCjpL_AbPoQtN0Wx","offline","malware_download","doc","www.tdi.com.mx","195.250.27.156","211126","MX" "2018-12-14 16:23:47","http://www.tdi.com.mx/aVmyl-j2PvdURfk3C9DU_FOyDcthx-PD/","offline","malware_download","emotet|epoch2|Heodo","www.tdi.com.mx","195.250.27.156","211126","MX" "2018-08-10 04:15:11","http://anthara.mx/715LRCARD/ELQZ56849337923XE/Aug-09-2018-38315/QCKW-LUV-Aug-09-2018","offline","malware_download","doc|emotet|Heodo","anthara.mx","195.250.27.47","211126","MX" # of entries: 67