##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-25 19:25:56 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS50245
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-04-27 23:59:03","http://tdamarant.ru/images/xcrypted.exe","offline","malware_download","","tdamarant.ru","62.122.170.171","50245","NL"
"2020-08-03 23:38:45","http://itc-sr.ru/iozipuqbw/5hYQTPaxwI.zip","offline","malware_download","Qakbot|Qbot|spx147|vbs|zip","itc-sr.ru","62.122.170.171","50245","NL"
"2020-05-27 05:48:40","http://saratov.tdhimservis.ru/vninrravvl/1211/Aufhebung_1211_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","saratov.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 17:06:29","http://bryansk.tdhimservis.ru/uwdmcbu/70513042/Aufhebung_70513042_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","bryansk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 17:05:29","http://bryansk.tdhimservis.ru/uwdmcbu/Aufhebung_82117_25052020.zip","offline","malware_download"," Quakbot|Qakbot|zip","bryansk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 16:34:47","http://saratov.tdhimservis.ru/vninrravvl/Aufhebung_73668640_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","saratov.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 16:34:45","http://bryansk.tdhimservis.ru/uwdmcbu/32233206/Aufhebung_32233206_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","bryansk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 16:32:44","http://perm.tdhimservis.ru/pacoix/25664800/Aufhebung_25664800_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","perm.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 16:08:09","http://astrakhan.tdhimservis.ru/sxidf/9953/Aufhebung_9953_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","astrakhan.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 16:06:10","http://chronogroup.ru/lpglygqztweo/4838/Aufhebung_4838_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","chronogroup.ru","62.122.170.171","50245","NL"
"2020-05-26 15:53:10","http://smolensk.tdhimservis.ru/hnhgvysgk/97387299/Aufhebung_97387299_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","smolensk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 15:52:29","http://chronogroup.ru/lpglygqztweo/1331824/Aufhebung_1331824_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","chronogroup.ru","62.122.170.171","50245","NL"
"2020-05-26 15:45:17","http://smolensk.tdhimservis.ru/hnhgvysgk/Aufhebung_54535780_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","smolensk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 15:35:04","http://samara.tdhimservis.ru/vmpxlewpq/Aufhebung_1279_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","samara.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 15:21:31","http://smolensk.tdhimservis.ru/hnhgvysgk/0806/Aufhebung_0806_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","smolensk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 14:34:04","http://chronogroup.ru/lpglygqztweo/864575/Aufhebung_864575_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","chronogroup.ru","62.122.170.171","50245","NL"
"2020-05-26 14:27:00","http://astrakhan.tdhimservis.ru/sxidf/7629332/Aufhebung_7629332_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","astrakhan.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 14:18:18","http://chronogroup.ru/lpglygqztweo/Aufhebung_7064_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","chronogroup.ru","62.122.170.171","50245","NL"
"2020-05-26 13:32:51","http://smolensk.tdhimservis.ru/hnhgvysgk/5899148/Aufhebung_5899148_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","smolensk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 13:25:51","http://smolensk.tdhimservis.ru/hnhgvysgk/Aufhebung_3956_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","smolensk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 13:04:17","http://chronogroup.ru/lpglygqztweo/0948415/Aufhebung_0948415_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","chronogroup.ru","62.122.170.171","50245","NL"
"2020-05-26 12:42:08","http://perm.tdhimservis.ru/pacoix/5747784/Aufhebung_5747784_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","perm.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 12:42:01","http://bryansk.tdhimservis.ru/uwdmcbu/Aufhebung_6283889_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","bryansk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 12:35:16","http://perm.tdhimservis.ru/pacoix/6408/Aufhebung_6408_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","perm.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 12:32:39","http://chronogroup.ru/lpglygqztweo/86473/Aufhebung_86473_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","chronogroup.ru","62.122.170.171","50245","NL"
"2020-05-26 12:24:28","http://smolensk.tdhimservis.ru/hnhgvysgk/Aufhebung_3509028_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","smolensk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 12:11:49","http://perm.tdhimservis.ru/pacoix/461341/Aufhebung_461341_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","perm.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 12:07:37","http://smolensk.tdhimservis.ru/hnhgvysgk/Aufhebung_21306_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","smolensk.tdhimservis.ru","62.122.170.171","50245","NL"
"2020-05-26 11:50:53","http://bryansk.tdhimservis.ru/uwdmcbu/7862/Aufhebung_7862_25052020.zip","offline","malware_download","Qakbot|Quakbot|zip","bryansk.tdhimservis.ru","62.122.170.171","50245","NL"
"2019-03-26 15:56:04","http://musicmama.ru/buttons/AFmeU-QHN_maEsxNMr-RP/","offline","malware_download","Emotet|Heodo","musicmama.ru","62.122.170.171","50245","NL"
"2019-03-15 09:25:33","http://nightonline.ru/images/Amazon/DE/Kunden_informationen/01_19","offline","malware_download","doc|emotet|heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-03-06 08:01:53","http://www.accont.ru/administrator/cache/GKPIK.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","www.accont.ru","62.122.170.171","50245","NL"
"2019-03-06 08:01:33","http://accont.ru/templates/bizblue/images/system/GKPIK.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","accont.ru","62.122.170.171","50245","NL"
"2019-02-26 13:18:20","http://accont.ru/templates/bizblue/language/en-GB/pikz.zip","offline","malware_download","RUS|Troldesh|zipped-JS","accont.ru","62.122.170.171","50245","NL"
"2019-02-20 22:59:12","http://ifpc.ru/eKKi6q5YUC_WyPjVNX/","offline","malware_download","emotet|epoch2|exe|Heodo","ifpc.ru","62.122.170.171","50245","NL"
"2019-02-13 23:44:05","http://nightonline.ru/images/trust.accs.docs.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-02-13 22:04:41","http://pro-obed.ru/trust.myacc.send.com/","offline","malware_download","doc|emotet|epoch1|Heodo","pro-obed.ru","62.122.170.171","50245","NL"
"2019-02-11 22:15:03","http://nightonline.ru/images/scan/tScs-t0_T-P7N/","offline","malware_download","Emotet|Heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-02-10 04:29:07","http://cafesoft.ru/modules/php/sserv.jpg","offline","malware_download","exe","cafesoft.ru","62.122.170.171","50245","NL"
"2019-02-10 03:52:05","http://cafesoft.ru/modules/php/slavneft.zakaz.zip","offline","malware_download","compressed|javascript|loader|TrolDesh|zip","cafesoft.ru","62.122.170.171","50245","NL"
"2019-02-07 15:43:12","http://nightonline.ru/images/WF0wknLoVI/","offline","malware_download","emotet|epoch1|exe|Heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-02-05 12:52:10","http://nightonline.ru/images/D1aSg48AcN/","offline","malware_download","emotet|epoch2|exe|Heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-02-01 21:39:57","http://nightonline.ru/images/US/llc/Invoice_number/jGgh-U3p_zzsUsmIF-Lbz/","offline","malware_download","doc|emotet|epoch2|Heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-01-30 16:24:10","http://nightonline.ru/images/9eD_UjK2Rol_ubQbSz3/Organization/Account/","offline","malware_download","doc|emotet|epoch1|Heodo|Quakbot","nightonline.ru","62.122.170.171","50245","NL"
"2019-01-29 08:39:33","http://nightonline.ru/images/WxOF-XbCd2_CbFEO-ZP4/EXT/PaymentStatus/EN_en/Invoice-Number-992023//","offline","malware_download","doc|emotet|heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-01-28 16:13:36","http://nightonline.ru/images/WxOF-XbCd2_CbFEO-ZP4/EXT/PaymentStatus/EN_en/Invoice-Number-992023/","offline","malware_download","doc|emotet|epoch2|Heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-01-24 14:45:39","http://nightonline.ru/images/bKPX-yT3RSMWKFrNeULX_kDwzYhgq-xJ/","offline","malware_download","doc|emotet|epoch1|Heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-01-24 10:36:11","http://tevii.ru/support/downloads/20090313_myTeVii.v4.00.111S2.v3.38.4S1.exe","offline","malware_download","exe","tevii.ru","62.122.170.171","50245","NL"
"2019-01-22 15:32:36","http://nightonline.ru/images/Amazon/DE/Kunden_informationen/01_19/","offline","malware_download","emotet|epoch1|Heodo","nightonline.ru","62.122.170.171","50245","NL"
"2019-01-10 07:32:02","http://auto-klad.ru/wp-includes/Requests/css/l/word.doc","offline","malware_download","doc","auto-klad.ru","62.122.170.171","50245","NL"
"2019-01-09 15:16:04","http://auto-klad.ru/wp-includes/Requests/css/heny.msi","offline","malware_download","exe-to-msi","auto-klad.ru","62.122.170.171","50245","NL"
"2019-01-09 05:27:02","http://auto-klad.ru/wp-includes/Requests/css/updates.doc","offline","malware_download","rtf","auto-klad.ru","62.122.170.171","50245","NL"
"2018-11-26 15:43:33","http://ftk-toys.ru/2946FUICYO/WIRE/US/","offline","malware_download","doc|emotet|epoch2|Gozi|Heodo","ftk-toys.ru","62.122.170.171","50245","NL"
"2018-11-26 11:24:07","http://ftk-toys.ru/2946FUICYO/WIRE/US","offline","malware_download","doc|emotet|Gozi|Heodo","ftk-toys.ru","62.122.170.171","50245","NL"
"2018-11-18 17:18:10","http://ghost246630.worldhosts.ru/GEWJYXFBEW.exe","offline","malware_download","exe|opendir","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-18 17:18:06","http://ghost246630.worldhosts.ru/kwhvepeuou.exe","offline","malware_download","exe|opendir","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-16 17:00:03","http://ghost246630.worldhosts.ru/clip.exe","offline","malware_download","exe|iplogger","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-15 18:12:14","http://ghost246630.worldhosts.ru/Steam.exe","offline","malware_download","opendir","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-15 18:12:11","http://ghost246630.worldhosts.ru/koowlvpoiw.exe","offline","malware_download","opendir","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-15 18:12:06","http://ghost246630.worldhosts.ru/Dev.jpg","offline","malware_download","opendir","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-15 18:12:06","http://ghost246630.worldhosts.ru/DHFVGSDUIV.exe","offline","malware_download","opendir","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-15 18:12:06","http://ghost246630.worldhosts.ru/fastdl/cs_assault.zip","offline","malware_download","opendir","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-15 18:10:02","http://ghost246630.worldhosts.ru/csgo.jpg","offline","malware_download","powershell","ghost246630.worldhosts.ru","62.122.170.171","50245","NL"
"2018-11-14 17:28:45","http://ftk-toys.ru/Download/En/Paid-Invoice-Credit-Card-Receipt","offline","malware_download","doc|emotet|epoch2|Heodo","ftk-toys.ru","62.122.170.171","50245","NL"
"2018-11-14 17:28:45","http://ftk-toys.ru/Download/En/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","doc|emotet|epoch2|Heodo","ftk-toys.ru","62.122.170.171","50245","NL"
"2018-11-08 04:07:02","http://domm.ru/3CMKVUW/biz/Personal","offline","malware_download","doc|emotet","domm.ru","62.122.170.171","50245","NL"
"2018-11-07 15:07:41","http://www.domm.ru/3CMKVUW/biz/Personal","offline","malware_download","doc|emotet|heodo","www.domm.ru","62.122.170.171","50245","NL"
"2018-11-07 07:50:05","http://evro-sert.ru/16525UACQ/oamo/US","offline","malware_download","doc|emotet|heodo","evro-sert.ru","62.122.170.171","50245","NL"
"2018-09-11 23:01:26","http://binfish.ru/Sep2018/US_us/Past-Due-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","binfish.ru","62.122.170.171","50245","NL"
"2018-09-11 23:01:25","http://binfish.ru/Sep2018/US_us/Past-Due-Invoice","offline","malware_download","doc|emotet|epoch2|Heodo","binfish.ru","62.122.170.171","50245","NL"
"2018-08-14 04:19:31","http://batto.ru/578LZACH/DA81208207ZJKXH/62135894/PNXO-BPZ-Aug-09-2018/","offline","malware_download","doc|emotet|Heodo","batto.ru","62.122.170.171","50245","NL"
"2018-08-13 12:50:00","http://batto.ru/578LZACH/DA81208207ZJKXH/62135894/PNXO-BPZ-Aug-09-2018","offline","malware_download","doc|emotet|Heodo","batto.ru","62.122.170.171","50245","NL"
"2018-07-27 22:45:04","http://karassov.ru/btf.exe","offline","malware_download","Emotet|exe","karassov.ru","62.122.170.171","50245","NL"
"2018-07-18 12:17:13","http://www.izumrude.ru/19n9wuqH/","offline","malware_download","emotet|epoch1|Heodo|payload","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-07-14 03:09:21","http://www.izumrude.ru/Monatsrechnung/","offline","malware_download","doc|emotet|epoch1|Heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-07-13 15:36:16","http://www.izumrude.ru/sites/US/Payment-and-address/Direct-Deposit-Notice/","offline","malware_download","doc|emotet|heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-07-13 02:47:14","http://izumrude.ru/Monatsrechnung/","offline","malware_download","doc|emotet|epoch1|Heodo","izumrude.ru","62.122.170.171","50245","NL"
"2018-07-12 09:06:41","http://www.izumrude.ru/newsletter/En_us/STATUS/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc|emotet|heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-07-11 04:15:09","http://www.mamymall.ru/default/EN_en/Client/Payment/","offline","malware_download","doc|emotet|epoch2|Heodo","www.mamymall.ru","62.122.170.171","50245","NL"
"2018-07-11 04:14:47","http://www.izumrude.ru/Rechnungs-Details/DETAILS/Rech-0321-2332/","offline","malware_download","doc|emotet|epoch2|Heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-07-11 04:08:20","http://mamymall.ru/default/EN_en/Client/Payment/","offline","malware_download","doc|emotet|epoch2|Heodo","mamymall.ru","62.122.170.171","50245","NL"
"2018-07-10 09:52:29","http://www.izumrude.ru/Service-Report/","offline","malware_download","doc|emotet|heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-07-06 19:35:58","http://izumrude.ru/newsletter/US_us/Purchase/701119/","offline","malware_download","Heodo","izumrude.ru","62.122.170.171","50245","NL"
"2018-07-05 17:05:02","http://www.izumrude.ru/newsletter/US_us/Purchase/701119/","offline","malware_download","doc|emotet|epoch2|Heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-07-04 16:02:41","http://izumrude.ru/Independence-DAY/","offline","malware_download","emotet|heodo","izumrude.ru","62.122.170.171","50245","NL"
"2018-07-04 07:21:04","http://www.izumrude.ru/Independence-DAY/","offline","malware_download","doc|emotet|heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-06-25 11:41:05","http://izumrude.ru/Rechnungs/","offline","malware_download","doc|emotet|epoch1|Heodo","izumrude.ru","62.122.170.171","50245","NL"
"2018-06-22 03:44:15","http://izumrude.ru/QHcziObohJ/","offline","malware_download","Heodo","izumrude.ru","62.122.170.171","50245","NL"
"2018-06-21 09:37:05","http://www.izumrude.ru/QHcziObohJ/","offline","malware_download","emotet|exe|heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-06-19 13:23:11","http://izumrude.ru/CanadaPost.zip","offline","malware_download","ars|zip","izumrude.ru","62.122.170.171","50245","NL"
"2018-06-18 22:50:10","http://www.izumrude.ru/FORM/Unsere-Rechnung-vom-18-Juni/","offline","malware_download","AgentTesla|doc|emotet|epoch2|Heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-06-15 18:00:32","http://izumrude.ru/IRS-Accounts-Transcipts-062018-012M/8/","offline","malware_download","Emotet|Heodo","izumrude.ru","62.122.170.171","50245","NL"
"2018-06-14 16:24:03","http://www.izumrude.ru/IRS-Accounts-Transcipts-062018-012M/8/","offline","malware_download","doc|emotet|epoch1|Heodo","www.izumrude.ru","62.122.170.171","50245","NL"
"2018-06-06 14:52:03","http://mebelnev.ru/ups.com/WebTracking/KY-73836160008/","offline","malware_download","doc|emotet|Heodo","mebelnev.ru","62.122.170.171","50245","NL"
"2018-06-06 14:32:03","http://mebelera.ru/Rechnungs-06-Juni/","offline","malware_download","doc|emotet|Heodo","mebelera.ru","62.122.170.171","50245","NL"
"2018-06-04 14:00:17","http://www.toniruy.ru/ups.com/WebTracking/MFF-8613359/","offline","malware_download","doc|emotet|Heodo","www.toniruy.ru","62.122.170.171","50245","NL"
"2018-05-29 07:13:07","http://www.toniruy.ru/Hilfestellung/Rechnung-Nr00694/","offline","malware_download","doc|emotet|Heodo","www.toniruy.ru","62.122.170.171","50245","NL"
"2018-05-21 19:43:21","http://www.toniruy.ru/Factura-por-descargas/","offline","malware_download","doc|emotet","www.toniruy.ru","62.122.170.171","50245","NL"
"2018-04-04 11:13:07","https://www.nerudstrom.ru/INFO/Invoice-number-2250616740/","offline","malware_download","doc|emotet|heodo","www.nerudstrom.ru","62.122.170.171","50245","NL"
"2018-03-14 12:40:48","http://www.etoeda.ru/vFee/","offline","malware_download","Emotet|exe|Heodo","www.etoeda.ru","62.122.170.171","50245","NL"
# of entries: 100