############################################################################## # URLhaus ASN CSV Feed # # Generated on 2025-11-19 01:19:00 UTC # # # # For questions please refer to: # # https://urlhaus.abuse.ch/feeds/ # ############################################################################## # # Feed generated for AS49699 # # Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country "2024-09-12 19:50:09","http://notariusnaydenova.eu/wp-admin/users/VcMCVjkQrsBzFUgwYHIGkOaC24.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","notariusnaydenova.eu","195.69.165.109","49699","BG" "2023-03-01 10:34:07","https://mbal-karlovo.com/impresa/","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:21","https://mbal-karlovo.com/impresa/Direzione.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|njrat|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:21","https://mbal-karlovo.com/impresa/impresa.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:18","https://mbal-karlovo.com/impresa/AgenziaEntrate.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:16","https://mbal-karlovo.com/impresa/documenti.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:15","https://mbal-karlovo.com/impresa/Marzo.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:09","https://mbal-karlovo.com/impresa/azienda.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:06","https://mbal-karlovo.com/impresa/Agenzia_Entrate.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:06","https://mbal-karlovo.com/impresa/cliente.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:05","https://mbal-karlovo.com/impresa/Agenzia.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-03-01 10:33:05","https://mbal-karlovo.com/impresa/contratto.ppa","offline","malware_download","agenziaentrate|gozi|isfb|ITA|italy|ursnif","mbal-karlovo.com","91.215.216.41","49699","BG" "2023-02-02 23:16:45","https://vtparking.bg/SMI.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","vtparking.bg","91.215.216.56","49699","BG" "2022-12-05 18:35:02","https://ibexbg.com/gsi/index.php?QBOT.zip","offline","malware_download","BB09|N54|qakbot|qbot|quakbot|TR|VHD|zip","ibexbg.com","91.230.195.96","49699","BG" "2022-11-21 18:05:14","https://avtoogledala.com/lecs/index.php?qbot.zip","offline","malware_download","BB07|iso|qakbot|qbot|quakbot|TR|XP11|zip","avtoogledala.com","193.41.67.183","49699","BG" "2022-11-17 16:13:14","https://avtoogledala.com/iaa/index.php?qbot.zip","offline","malware_download","BB06|iso|qakbot|qbot|quakbot|SK16|TR|zip","avtoogledala.com","193.41.67.183","49699","BG" "2021-12-27 14:26:13","https://mladtehnik.com/admin/controller/captcha/KnSoftInstall3r44423949.exe","offline","malware_download","32|exe|RedLineStealer","mladtehnik.com","91.215.216.27","49699","BG" "2021-12-23 20:41:09","https://mladtehnik.com/admin/controller/captcha/SoftPInstallersdkd2235.exe","offline","malware_download","32|exe|RedLineStealer","mladtehnik.com","91.215.216.27","49699","BG" "2021-11-01 18:20:09","https://mladtehnik.com/image/flags/Softw75TradingB27534.exe","offline","malware_download","32|exe|RedLineStealer","mladtehnik.com","91.215.216.27","49699","BG" "2021-10-31 22:16:05","https://mladtehnik.com/image/flags/Softw75TradingB26345.exe","offline","malware_download","32|exe|RedLineStealer","mladtehnik.com","91.215.216.27","49699","BG" "2021-10-28 13:26:17","https://m.globus-tours.net/praesentiumrepellat/formarentferendum-375358","offline","malware_download","Quakbot|SilentBuilder|TR|zip","m.globus-tours.net","193.41.67.158","49699","BG" "2021-10-19 15:23:13","https://stanseykof-photography.com/velnon/documents.zip","offline","malware_download","TR|zip","stanseykof-photography.com","91.215.216.118","49699","BG" "2021-10-18 14:37:04","https://etnolina.com/etsunt/documents.zip","offline","malware_download","SilentBuilder|TR|zip","etnolina.com","91.215.216.103","49699","BG" "2021-10-18 14:03:03","https://cargo-protection.com/exvoluptas/documents.zip","offline","malware_download","SilentBuilder|TR|zip","cargo-protection.com","91.215.216.118","49699","BG" "2021-10-15 11:24:10","https://silverclean.bg/omnisenim/velrepellendus-143180242","offline","malware_download","qbot","silverclean.bg","91.215.216.37","49699","BG" "2021-09-23 11:16:10","https://favo-obleklo.com/ipsum-laudantium/documents.zip","offline","malware_download","TR|zip","favo-obleklo.com","91.215.216.118","49699","BG" "2021-08-05 14:02:10","http://georgeprapas.com/cem/VVZMYLHaSOcblqo.exe","offline","malware_download","AZORult|exe|opendir","georgeprapas.com","91.215.216.11","49699","BG" "2021-08-04 18:03:06","http://www.georgeprapas.com/cem/wwerfyr.exe","offline","malware_download","32|AZORult|exe","www.georgeprapas.com","91.215.216.11","49699","BG" "2021-08-04 11:39:09","http://georgeprapas.com/cem/wwerfyr.exe","offline","malware_download","AZORult|exe|opendir","georgeprapas.com","91.215.216.11","49699","BG" "2020-09-14 23:41:20","https://bondart.eu/docs/hk8GK/","offline","malware_download","emotet|epoch3|exe|Heodo","bondart.eu","91.215.216.17","49699","BG" "2020-09-04 19:16:33","http://minerva-bg.net/tutorials/esp/akqr96hfrh6m/","offline","malware_download","doc|emotet|epoch2|heodo","minerva-bg.net","91.215.216.41","49699","BG" "2020-09-02 20:53:05","http://minerva-bg.net/tutorials/http:/lm/pRqWSkDIvzW/","offline","malware_download","doc|emotet|epoch1|Heodo","minerva-bg.net","91.215.216.41","49699","BG" "2020-09-02 18:58:04","http://minerva-bg.net/tutorials/http://lm/pRqWSkDIvzW/","offline","malware_download","doc|emotet|epoch1|Heodo","minerva-bg.net","91.215.216.41","49699","BG" "2020-08-31 18:54:57","http://minerva-bg.net/tutorials/attach/ntHZgJIgtRB/","offline","malware_download","emotet|epoch3|exe|Heodo","minerva-bg.net","91.215.216.41","49699","BG" "2019-11-13 06:16:06","http://jpro-bg.com/aleksblog/m6md6a/","offline","malware_download","emotet|epoch2|exe|Heodo","jpro-bg.com","91.215.216.118","49699","BG" "2019-05-24 08:34:35","http://sylviastratieva.com/wp-content/themes/arte/vc_templates/ural_zakaz.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","sylviastratieva.com","91.215.216.7","49699","BG" "2018-09-18 05:04:04","http://existra.bg/newsletter/US/Overdue-payment/","offline","malware_download","doc|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-09-17 15:18:04","http://existra.bg/newsletter/US/Overdue-payment","offline","malware_download","doc|emotet|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-09-11 23:03:47","http://existra.bg/doc/En/Invoice-receipt/","offline","malware_download","doc|emotet|epoch2|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-09-11 05:05:15","http://existra.bg/15WLXZEV/identity/Business/","offline","malware_download","doc|emotet|epoch2|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-09-10 15:41:24","http://existra.bg/doc/En/Invoice-receipt","offline","malware_download","doc|emotet|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-09-07 02:55:35","http://existra.bg/15WLXZEV/identity/Business","offline","malware_download","doc|emotet|epoch2|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-09-06 03:14:20","http://existra.bg/0E/PAYROLL/Personal/","offline","malware_download","doc|emotet|epoch2|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-09-05 22:20:35","http://existra.bg/0E/PAYROLL/Personal","offline","malware_download","doc|emotet|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-08-31 05:12:16","http://existra.bg/doc/En/Invoices-attached/","offline","malware_download","doc|emotet|epoch2|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-08-30 17:44:28","http://existra.bg/doc/En/Invoices-attached","offline","malware_download","doc|emotet|Heodo","existra.bg","91.215.216.40","49699","BG" "2018-08-26 08:59:04","http://terabuild.sevencolours.eu/4bc2kL/","offline","malware_download","Emotet|exe|Heodo","terabuild.sevencolours.eu","91.215.216.13","49699","BG" "2018-08-24 07:05:10","http://terabuild.sevencolours.eu/4bc2kL","offline","malware_download","emotet|exe|Fuery|Heodo","terabuild.sevencolours.eu","91.215.216.13","49699","BG" "2018-08-22 04:22:10","http://bestfreegames.planeta42.com/sites/EN_en/New-order/","offline","malware_download","doc|emotet|Heodo","bestfreegames.planeta42.com","91.215.216.38","49699","BG" "2018-08-21 20:34:21","http://bestfreegames.planeta42.com/sites/EN_en/New-order","offline","malware_download","doc|emotet|Heodo","bestfreegames.planeta42.com","91.215.216.38","49699","BG" "2018-08-21 15:16:04","http://digital.etnasoft.eu/S","offline","malware_download","emotet|exe|Heodo","digital.etnasoft.eu","91.230.192.105","49699","BG" "2018-07-21 08:10:29","http://rivana.eu/sites/US_us/Statement/Services-07-20-18-New-Customer-XI","offline","malware_download","doc|emotet|heodo","rivana.eu","195.69.166.126","49699","BG" "2018-07-20 03:44:47","http://veloraptor.bg/newsletter/US/STATUS/Invoice-541246/","offline","malware_download","doc|emotet|epoch2|Heodo","veloraptor.bg","91.215.216.39","49699","BG" "2018-07-19 11:08:24","http://veloraptor.bg/newsletter/US/STATUS/Invoice-541246","offline","malware_download","doc|emotet|Heodo","veloraptor.bg","91.215.216.39","49699","BG" "2018-07-17 12:10:17","http://rivana.eu/lNEjji/","offline","malware_download","emotet|exe|heodo","rivana.eu","195.69.166.126","49699","BG" "2018-07-11 19:55:22","http://snejankagd.com/EL-RECH/","offline","malware_download","doc|emotet|epoch1|Heodo","snejankagd.com","91.215.216.15","49699","BG" "2018-07-09 21:00:18","http://snejankagd.com/RECHs/","offline","malware_download","Emotet|Heodo","snejankagd.com","91.215.216.15","49699","BG" "2018-07-03 20:19:02","http://snejankagd.com/Greeting-eCard/","offline","malware_download","doc|emotet|epoch1|Heodo","snejankagd.com","91.215.216.15","49699","BG" "2018-07-02 14:53:03","http://pulse.bg/6XK6I4Eim/","offline","malware_download","emotet|epoch1|Heodo|payload","pulse.bg","91.230.192.229","49699","BG" "2018-07-02 06:07:07","http://pulse.bg/mLXK5j/","offline","malware_download","Heodo","pulse.bg","91.230.192.229","49699","BG" "2018-06-27 03:17:13","http://snejankagd.com/Declaracion-mensual-junio/","offline","malware_download","doc|emotet|epoch1|Heodo","snejankagd.com","91.215.216.15","49699","BG" "2018-06-26 13:13:02","http://snejankagd.com/Declaracion-mensual-junio","offline","malware_download","Heodo","snejankagd.com","91.215.216.15","49699","BG" "2018-06-21 13:02:35","http://pulse.bg/Jun2018/New-Invoice-VK1465-ZG-7780","offline","malware_download","emotet|Heodo","pulse.bg","91.230.192.229","49699","BG" "2018-06-21 05:43:12","http://pulse.bg/Jun2018/New-Invoice-VK1465-ZG-7780/","offline","malware_download","emotet|Heodo","pulse.bg","91.230.192.229","49699","BG" "2018-06-14 06:01:46","http://pulse.bg/IRS-Tax-Transcipts-03T/7","offline","malware_download","doc|emotet|Heodo","pulse.bg","91.230.192.229","49699","BG" "2018-06-05 16:34:05","http://pulse.bg/FORM/Hilfestellung-zu-Ihrer-Rechnung-065-6822/","offline","malware_download","doc|emotet|Heodo","pulse.bg","91.230.192.229","49699","BG" "2018-05-28 16:22:25","http://pulse.bg/ups.com/WebTracking/UM-097364455420/","offline","malware_download","doc|emotet|Heodo","pulse.bg","91.230.192.229","49699","BG" "2018-04-26 11:32:13","http://pulse.bg/BnUycLo70CR/","offline","malware_download","doc|emotet","pulse.bg","91.230.192.229","49699","BG" # of entries: 68