##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-18 20:26:34 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS48896
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2023-11-28 11:34:06","http://eraport.dfirma.pl/attivita/index.php","offline","malware_download","geo|geofenced|ITA|paypal|remcosrat","eraport.dfirma.pl","109.95.156.1","48896","PL"
"2023-08-25 18:22:09","https://foblesproject.pl/go.php","offline","malware_download","gating|gootloader","foblesproject.pl","109.95.159.55","48896","PL"
"2023-03-14 19:03:49","https://eraport.dfirma.pl/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","eraport.dfirma.pl","109.95.156.1","48896","PL"
"2023-03-14 19:02:40","https://eraport.dfirma.pl/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","eraport.dfirma.pl","109.95.156.1","48896","PL"
"2023-03-14 19:00:54","https://eraport.dfirma.pl/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","eraport.dfirma.pl","109.95.156.1","48896","PL"
"2021-08-25 05:40:42","https://www.pcpremium.pl/f.php?redacted","offline","malware_download","","www.pcpremium.pl","109.95.158.76","48896","PL"
"2021-07-21 15:29:14","https://lex-art.pl/dachshund.php","offline","malware_download","hancitor","lex-art.pl","109.95.159.54","48896","PL"
"2021-07-21 15:29:03","https://lex-art.pl/alleviator.php","offline","malware_download","hancitor","lex-art.pl","109.95.159.54","48896","PL"
"2021-03-15 13:24:06","https://hostelkielce.com/vn.bin","offline","malware_download","exe|ModiLoader","hostelkielce.com","109.95.159.32","48896","PL"
"2020-11-09 14:32:21","http://pgpo.pl/xmth28k.png","offline","malware_download","Dridex","pgpo.pl","109.95.156.7","48896","PL"
"2020-10-29 13:36:04","http://bieldruk.pl/wp-admin/paclm/iCwuJIoIoMuW/","offline","malware_download","doc|emotet|epoch1|Heodo","bieldruk.pl","109.95.159.40","48896","PL"
"2020-10-29 11:38:04","https://bieldruk.pl/wp-admin/paclm/iCwuJIoIoMuW/","offline","malware_download","doc|emotet|epoch1|Heodo","bieldruk.pl","109.95.159.40","48896","PL"
"2020-09-14 10:31:11","http://www.apartamenty.lukstreet.pl/term/payment/","offline","malware_download","doc|emotet|epoch2|heodo","www.apartamenty.lukstreet.pl","109.95.159.118","48896","PL"
"2020-05-21 20:51:08","http://tani-klucz.pl/2/19397x.jpg","offline","malware_download","exe|Smoke Loader","tani-klucz.pl","109.95.157.165","48896","PL"
"2020-05-21 20:50:37","http://tani-klucz.pl/2/bbox.jpg","offline","malware_download","exe|Smoke Loader","tani-klucz.pl","109.95.157.165","48896","PL"
"2020-05-21 20:46:02","http://tani-klucz.pl/2/chuc.jpg","offline","malware_download","exe|Smoke Loader","tani-klucz.pl","109.95.157.165","48896","PL"
"2020-05-21 19:18:37","http://tani-klucz.pl/2/stripe.jpg","offline","malware_download","GuLoader|Smoke Loader","tani-klucz.pl","109.95.157.165","48896","PL"
"2019-12-17 13:53:04","http://scorpion.org.pl/wp-content/docs/","offline","malware_download","doc|emotet|epoch2|Heodo","scorpion.org.pl","109.95.159.53","48896","PL"
"2019-12-12 14:54:04","http://russianwedding.eu/wp-includes/Scan/","offline","malware_download","doc|emotet|epoch2|heodo","russianwedding.eu","109.95.158.64","48896","PL"
"2019-11-20 05:22:04","http://narty.laserteam.pl/scan/EN_en/Invoice-66361347/","offline","malware_download","doc|Emotet|Heodo","narty.laserteam.pl","109.95.157.167","48896","PL"
"2019-11-14 20:21:05","http://esportcenter.pl/br/kv.exe","offline","malware_download","exe|Smoke Loader","esportcenter.pl","109.95.156.156","48896","PL"
"2019-11-14 09:09:06","http://www.esportcenter.pl/br/kv.exe","offline","malware_download","exe|Smoke Loader","www.esportcenter.pl","109.95.156.156","48896","PL"
"2019-10-31 16:36:04","http://phtmierzwa.com/plugins/content/apismtp/artifact125.exe","offline","malware_download","","phtmierzwa.com","109.95.156.197","48896","PL"
"2019-10-31 16:04:20","http://phtmierzwa.com/plugins/content/apismtp/2","offline","malware_download","","phtmierzwa.com","109.95.156.197","48896","PL"
"2019-10-31 16:04:05","http://phtmierzwa.com/plugins/content/apismtp/1","offline","malware_download","","phtmierzwa.com","109.95.156.197","48896","PL"
"2019-10-29 06:54:16","http://newamsterdam.pl/wp-content/rOykYRek/","offline","malware_download","Emotet|epoch3|exe|Heodo","newamsterdam.pl","109.95.156.78","48896","PL"
"2019-10-23 12:34:18","http://newamsterdam.pl/wp-content/plugins/apikey/qwcvfznvil/57f2a62b9100b0842c4ca88feac66049.zip","offline","malware_download","CAN|Danabot|exe|vbs|zip","newamsterdam.pl","109.95.156.78","48896","PL"
"2019-10-14 15:30:59","https://norbertwaszak.pl/tmp/NNzfYHoDAXOmfclUEtxocIEJoO/","offline","malware_download","doc|emotet|epoch2|Heodo","norbertwaszak.pl","109.95.158.43","48896","PL"
"2019-10-10 03:07:58","http://norbertwaszak.pl/tmp/LLC/BQpvwHGKCQDvKNpfIGhqse/","offline","malware_download","doc|emotet|epoch2|Heodo","norbertwaszak.pl","109.95.158.43","48896","PL"
"2019-10-09 01:19:06","https://norbertwaszak.pl/tmp/LLC/BQpvwHGKCQDvKNpfIGhqse/","offline","malware_download","doc|emotet|epoch2|Heodo","norbertwaszak.pl","109.95.158.43","48896","PL"
"2019-10-08 09:16:40","https://norbertwaszak.pl/tmp/4atc-8hp2m48nye-47/","offline","malware_download","Emotet|epoch3|exe|Heodo","norbertwaszak.pl","109.95.158.43","48896","PL"
"2019-05-16 13:21:03","http://ladesign.pl/cli/DOC/9q2zhkcyggh1shu00gx_ov7jndh6k-09455198824059/","offline","malware_download","doc|Emotet|epoch2|Heodo","ladesign.pl","109.95.158.122","48896","PL"
"2019-05-10 12:14:02","http://narty.laserteam.pl/scan/EN_en/Invoice-66361347","offline","malware_download","doc","narty.laserteam.pl","109.95.157.167","48896","PL"
"2019-05-09 14:53:16","http://fabryka-przestrzeni.pl/wp-admin/4i33f-z7ngqi7-uakt/","offline","malware_download","epoch2","fabryka-przestrzeni.pl","109.95.156.156","48896","PL"
"2019-05-03 19:11:19","http://blog.jftechnologie.pl/wp-admin/FILE/l1pq1s34uqbx1fghbam9irjm1n8b_mamvy9x-3772286339166/","offline","malware_download","Emotet|Heodo","blog.jftechnologie.pl","109.95.159.56","48896","PL"
"2019-04-09 13:10:05","http://super-plus.pl/css/oo6a-atf3y-frzom/","offline","malware_download","Emotet|Heodo","super-plus.pl","109.95.158.234","48896","PL"
"2019-03-27 13:11:02","http://super-plus.pl/wp-admin/146829290785/YSLs-r3zM_L-Ds/","offline","malware_download","","super-plus.pl","109.95.158.234","48896","PL"
"2019-02-26 15:44:18","http://fachowe-remonty.com/wp-content/themes/gaad-wp-template/css/pikz.zip","offline","malware_download","RUS|Troldesh|zipped-JS","fachowe-remonty.com","109.95.157.82","48896","PL"
"2019-02-26 14:02:13","http://fachowe-remonty.com/wp-content/themes/gaad-wp-template/css/msg.jpg","offline","malware_download","exe|Troldesh","fachowe-remonty.com","109.95.157.82","48896","PL"
"2019-02-26 09:30:56","http://fachowe-remonty.com/wp-content/themes/gaad-wp-template/css/pik.zip","offline","malware_download","RUS|Troldesh|zipped-JS","fachowe-remonty.com","109.95.157.82","48896","PL"
"2019-02-21 15:57:02","http://edax.com.pl/file/Copy_Invoice/ZrEN-y5_LTeWjrNh-4UO/","offline","malware_download","Emotet|Heodo","edax.com.pl","109.95.156.197","48896","PL"
"2019-02-16 11:28:03","http://netsoft.net.pl/wp-content/themes/porcelain/lang/messg.jpg","offline","malware_download","exe|Troldesh","netsoft.net.pl","109.95.157.49","48896","PL"
"2019-02-16 10:39:18","http://netsoft.net.pl/wp-content/themes/porcelain/css/messg.jpg","offline","malware_download","exe|Troldesh","netsoft.net.pl","109.95.157.49","48896","PL"
"2019-02-16 04:35:20","http://netsoft.net.pl/wp-content/themes/porcelain/envato-wordpress-toolkit-library/messg.jpg","offline","malware_download","compressed|exe|javascript|payload|ransomware|stage2|TrolDesh|zip","netsoft.net.pl","109.95.157.49","48896","PL"
"2019-02-14 15:23:03","http://edax.com.pl/xerox/FLqDa-0Tg0p_xbjIkWx-KWS/","offline","malware_download","Emotet|Heodo","edax.com.pl","109.95.156.197","48896","PL"
"2019-02-11 18:32:32","http://edax.com.pl/verif.myacc.resourses.biz/","offline","malware_download","emotet|epoch1|Heodo","edax.com.pl","109.95.156.197","48896","PL"
"2019-01-19 05:28:11","http://dplogistics.com.pl/PpCR-rB_QsLs-E4/ACH/PaymentAdvice/En/Past-Due-Invoices/","offline","malware_download","emotet|epoch2|Heodo","dplogistics.com.pl","109.95.158.127","48896","PL"
"2019-01-18 08:50:03","http://dplogistics.com.pl/Amazon/En/Transactions-details/012019","offline","malware_download","","dplogistics.com.pl","109.95.158.127","48896","PL"
"2019-01-17 18:04:34","http://dplogistics.com.pl/Amazon/En/Transactions-details/012019/","offline","malware_download","doc|emotet|epoch1|Heodo","dplogistics.com.pl","109.95.158.127","48896","PL"
"2019-01-17 16:13:59","http://www.dplogistics.com.pl/PpCR-rB_QsLs-E4/ACH/PaymentAdvice/En/Past-Due-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","www.dplogistics.com.pl","109.95.158.127","48896","PL"
"2019-01-17 10:21:03","http://nextserv.pl/img/joibr.jpg","offline","malware_download","exe|Smoke Loader","nextserv.pl","109.95.156.156","48896","PL"
"2019-01-17 10:21:03","http://nextserv.pl/img/jswp.jpg","offline","malware_download","exe|Smoke Loader","nextserv.pl","109.95.156.156","48896","PL"
"2019-01-17 10:18:03","http://nextserv.pl/img/liwx.jpg","offline","malware_download","exe|Smoke Loader","nextserv.pl","109.95.156.156","48896","PL"
"2018-10-16 02:33:03","http://elektroklinika.pl/wp-includes/certificates/s.exe","offline","malware_download","AgentTesla","elektroklinika.pl","109.95.157.165","48896","PL"
"2018-10-16 02:33:02","http://elektroklinika.pl/wp-includes/certificates/b.exe","offline","malware_download","AgentTesla","elektroklinika.pl","109.95.157.165","48896","PL"
"2018-10-16 02:31:09","http://elektroklinika.pl/wp-content/languages/plugins/includes/qwerty.hta","offline","malware_download","","elektroklinika.pl","109.95.157.165","48896","PL"
"2018-10-16 02:31:08","http://elektroklinika.pl/wp-content/languages/plugins/includes/kg.exe","offline","malware_download","","elektroklinika.pl","109.95.157.165","48896","PL"
"2018-10-16 02:31:08","http://elektroklinika.pl/wp-content/languages/plugins/includes/logon.hta","offline","malware_download","","elektroklinika.pl","109.95.157.165","48896","PL"
"2018-10-16 02:31:06","http://elektroklinika.pl/wp-content/languages/plugins/includes/jsn.exe","offline","malware_download","","elektroklinika.pl","109.95.157.165","48896","PL"
"2018-10-16 02:31:05","http://elektroklinika.pl/wp-content/languages/plugins/includes/js.exe","offline","malware_download","AgentTesla","elektroklinika.pl","109.95.157.165","48896","PL"
"2018-10-16 02:31:03","http://elektroklinika.pl/wp-content/languages/plugins/includes/jb.exe","offline","malware_download","AgentTesla","elektroklinika.pl","109.95.157.165","48896","PL"
"2018-10-03 10:22:18","http://dev1.onihost.pl/En_us/Payments/10_18","offline","malware_download","doc|emotet|Heodo","dev1.onihost.pl","109.95.156.197","48896","PL"
"2018-09-19 04:30:00","http://versusgas.com/00BRSU/identity/Smallbusiness/","offline","malware_download","doc|emotet|epoch2|Heodo","versusgas.com","109.95.159.70","48896","PL"
"2018-09-14 05:03:59","http://versusgas.com/Sep2018/US_us/Open-Past-Due-Orders/","offline","malware_download","doc|emotet|epoch2|Heodo","versusgas.com","109.95.159.70","48896","PL"
"2018-09-14 05:03:57","http://versusgas.com/00BRSU/identity/Smallbusiness","offline","malware_download","doc|emotet|epoch2|Heodo","versusgas.com","109.95.159.70","48896","PL"
"2018-09-13 10:31:13","http://versusgas.com/Sep2018/US_us/Open-Past-Due-Orders","offline","malware_download","doc|emotet|Heodo","versusgas.com","109.95.159.70","48896","PL"
"2018-09-11 05:19:08","http://versusgas.com/doc/EN_en/Invoice-2626549-September/","offline","malware_download","doc|emotet|epoch2|Heodo","versusgas.com","109.95.159.70","48896","PL"
"2018-09-07 08:02:33","http://versusgas.com/doc/EN_en/Invoice-2626549-September","offline","malware_download","doc|emotet|Heodo","versusgas.com","109.95.159.70","48896","PL"
"2018-09-05 04:56:55","http://dev1.onihost.pl/Download/EN_en/Invoice-8372832-September/","offline","malware_download","doc|emotet|epoch2|Heodo","dev1.onihost.pl","109.95.156.197","48896","PL"
"2018-09-04 20:46:11","http://dev1.onihost.pl/Download/EN_en/Invoice-8372832-September","offline","malware_download","doc|emotet|Heodo","dev1.onihost.pl","109.95.156.197","48896","PL"
"2018-09-04 15:40:47","http://miekowo.pl/Corrections","offline","malware_download","doc|emotet|Heodo","miekowo.pl","109.95.157.167","48896","PL"
"2018-09-01 17:04:28","http://narty.laserteam.pl/werpbxzkw/DOC/En/New-order","offline","malware_download","doc|emotet|Heodo","narty.laserteam.pl","109.95.157.167","48896","PL"
"2018-08-14 04:18:35","http://akowalska.ecrm.pl/98JXPAYMENT/HJO1258743137B/2202627249/BV-CTWFB-Aug-11-2018/","offline","malware_download","doc|emotet","akowalska.ecrm.pl","109.95.156.7","48896","PL"
"2018-08-13 12:48:35","http://akowalska.ecrm.pl/98JXPAYMENT/HJO1258743137B/2202627249/BV-CTWFB-Aug-11-2018","offline","malware_download","doc|emotet","akowalska.ecrm.pl","109.95.156.7","48896","PL"
"2018-08-08 05:23:15","http://przedszkolezrodelko.edu.pl/LLC/BA91321629L/Aug-07-2018-4545713/WH-WLNMY/","offline","malware_download","Heodo","przedszkolezrodelko.edu.pl","109.95.157.207","48896","PL"
"2018-08-08 05:08:16","http://grupainwestor.com.pl/Download/GYP72296GGGWN/784650/YVWQ-EVA","offline","malware_download","doc|emotet|Heodo","grupainwestor.com.pl","109.95.158.43","48896","PL"
"2018-08-08 05:07:59","http://przedszkolezrodelko.edu.pl/LLC/BA91321629L/Aug-07-2018-4545713/WH-WLNMY","offline","malware_download","doc|emotet|Heodo","przedszkolezrodelko.edu.pl","109.95.157.207","48896","PL"
"2018-07-26 03:54:30","http://grupainwestor.com.pl/default/EN_en/OVERDUE-ACCOUNT/Invoice-73528327-072518/","offline","malware_download","doc|emotet|epoch2|Heodo","grupainwestor.com.pl","109.95.158.43","48896","PL"
"2018-07-26 03:53:25","http://crm.czest.pl/DHL-Tracking/En_us/","offline","malware_download","doc|emotet|epoch2|Heodo","crm.czest.pl","195.88.51.162","48896","PL"
"2018-07-16 21:33:57","http://grupainwestor.com.pl/newsletter/US_us/STATUS/Invoice-80886649-071618/","offline","malware_download","doc|emotet|epoch2|Heodo","grupainwestor.com.pl","109.95.158.43","48896","PL"
"2018-07-16 21:32:07","http://grupainwestor.com.pl/9ngs/Rechnungs/","offline","malware_download","doc|emotet|epoch1|Heodo","grupainwestor.com.pl","109.95.158.43","48896","PL"
"2018-07-16 17:12:46","http://grupainwestor.com.pl/newsletter/US_us/STATUS/Invoice-80886649-071618","offline","malware_download","doc|emotet|heodo","grupainwestor.com.pl","109.95.158.43","48896","PL"
"2018-07-04 10:45:09","http://esportcenter.pl/ying.exe","offline","malware_download","exe|Pony","esportcenter.pl","109.95.156.156","48896","PL"
"2018-06-22 12:57:41","http://dekoluce.pl/Hilfestellung/Rech-002106","offline","malware_download","emotet|Heodo","dekoluce.pl","109.95.159.68","48896","PL"
"2018-06-22 00:29:05","http://dekoluce.pl/Hilfestellung/Rech-002106/","offline","malware_download","doc|emotet|epoch1|Heodo","dekoluce.pl","109.95.159.68","48896","PL"
"2018-06-20 05:35:14","http://dekoluce.pl/DOC/Rechnung-fur-Dienstleistungen","offline","malware_download","AgentTesla|emotet|Heodo","dekoluce.pl","109.95.159.68","48896","PL"
"2018-06-19 13:23:40","http://dekoracje-koszalin.pl/CanadaPost.zip","offline","malware_download","ars|zip","dekoracje-koszalin.pl","109.95.159.54","48896","PL"
"2018-06-15 18:02:12","http://old.comwit.pl/UPS/Mar-13-18-03-41-46/","offline","malware_download","Heodo","old.comwit.pl","109.95.157.49","48896","PL"
"2018-03-26 17:52:05","http://celebritycruises.pl/INV/BPV-7853081541/","offline","malware_download","doc|emotet|heodo","celebritycruises.pl","109.95.156.197","48896","PL"
"2018-03-22 16:34:40","http://kraftinwestycje.pl/GDXPN9/","offline","malware_download","emotet|exe|heodo","kraftinwestycje.pl","109.95.157.49","48896","PL"
# of entries: 90