##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 08:21:53 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS59441
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2024-12-05 16:48:09","http://azgint.com/remittance//payment_advice.ps1","offline","malware_download","backdoor|RemcosRAT","azgint.com","62.60.164.98","59441","IR"
"2024-09-02 06:05:35","https://etehadshipping.com/AW/DH/Dvkuvug.dat","offline","malware_download","AgentTesla","etehadshipping.com","45.138.133.60","59441","IR"
"2023-12-22 16:09:25","https://hamrahansystem.com/4xe3cx/","offline","malware_download","PDF|Pikabot|TA577|TR|ZIP","hamrahansystem.com","45.138.134.33","59441","IR"
"2023-12-22 16:09:23","https://hotelava.ir/w2q1fs/","offline","malware_download","PDF|Pikabot|TA577|TR|ZIP","hotelava.ir","5.144.130.43","59441","IR"
"2023-12-19 15:06:52","https://indokopp.com/d5mm1q/","offline","malware_download","TR","indokopp.com","5.144.130.33","59441","IR"
"2023-12-13 15:40:21","https://hamrahansystem.com/onmi/","offline","malware_download","js|PDF|Pikabot|TA577|TR|zip","hamrahansystem.com","45.138.134.33","59441","IR"
"2023-12-08 17:24:15","https://hamrahansystem.com/mla/","offline","malware_download","Pikabot|TA577|TR","hamrahansystem.com","45.138.134.33","59441","IR"
"2023-11-28 15:06:36","https://hamrahansystem.com/etex/","offline","malware_download","TR","hamrahansystem.com","45.138.134.33","59441","IR"
"2023-11-28 15:06:08","http://hamrahansystem.com/etex/","offline","malware_download","TR","hamrahansystem.com","45.138.134.33","59441","IR"
"2023-11-27 16:39:58","https://hamrahansystem.com/nieu/","offline","malware_download","IcedID|TR","hamrahansystem.com","45.138.134.33","59441","IR"
"2023-11-06 14:56:04","https://hamrahansystem.com/dei/","offline","malware_download","Pikabot|TA577|TR","hamrahansystem.com","45.138.134.33","59441","IR"
"2023-09-26 15:12:14","https://21cafegame.com/tn/","offline","malware_download","IcedID|pdf|pw341|tr","21cafegame.com","62.60.164.219","59441","IR"
"2023-09-26 10:44:05","https://21cafegame.com/ni/","offline","malware_download","darkgate|xll","21cafegame.com","62.60.164.219","59441","IR"
"2023-05-03 16:28:41","https://setarehphysio.com/stun/quisid.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","setarehphysio.com","5.144.130.43","59441","IR"
"2023-05-03 16:26:18","https://atrodco.com/mta/rerumvoluptas.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","atrodco.com","5.144.130.51","59441","IR"
"2023-04-20 18:12:32","https://niv-studio.com/pr/index.php","offline","malware_download","671|BB24|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","niv-studio.com","5.144.130.40","59441","IR"
"2022-12-20 17:19:22","https://irancanada.cc/te/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","irancanada.cc","5.144.131.150","59441","IR"
"2022-12-19 21:41:17","https://irancanada.cc/esii/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","irancanada.cc","5.144.131.150","59441","IR"
"2022-12-19 16:34:29","https://pxlpack.com/ul/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","pxlpack.com","5.144.130.41","59441","IR"
"2022-12-14 16:05:38","https://irancanada.cc/edoi/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","irancanada.cc","5.144.131.150","59441","IR"
"2022-12-13 21:45:29","https://pxlpack.ir/eps/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","pxlpack.ir","5.144.130.41","59441","IR"
"2022-12-13 20:33:35","https://irancanada.cc/at/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","irancanada.cc","5.144.131.150","59441","IR"
"2022-12-07 18:56:52","https://parhampourak.ir/ute/index.php?QBOT.zip","offline","malware_download","BB09|qakbot|qbot|quakbot|TR|U12|VHD|zip","parhampourak.ir","5.144.130.47","59441","IR"
"2022-11-30 18:33:44","https://zoodcom.com/adq/index.php?qbot.zip","offline","malware_download","BB08|iso|qakbot|qbot|quakbot|T34|TR|zip","zoodcom.com","5.144.130.56","59441","IR"
"2022-11-17 19:09:28","https://bazarekood.ir/eb/index.php?qbot.zip","offline","malware_download","BB06|iso|qakbot|qbot|quakbot|SK16|TR|zip","bazarekood.ir","5.144.130.56","59441","IR"
"2022-11-14 17:03:16","https://cupown.ir/etil/index.php?qbot.zip","offline","malware_download","BB06|HK57|iso|qakbot|qbot|quakbot|TR|zip","cupown.ir","5.144.130.45","59441","IR"
"2022-11-03 18:17:22","https://niv-studio.com/pr/index.php?e=qbot.zip","offline","malware_download","BB05|BV1|iso|qakbot|qbot|quakbot|TR|zip","niv-studio.com","5.144.130.40","59441","IR"
"2022-04-23 04:44:44","http://mohammadsorkhabi.ir/atm/khaklg9euj.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","mohammadsorkhabi.ir","5.144.130.37","59441","IR"
"2022-04-22 03:24:22","https://mohammadsorkhabi.ir/atm/H0VzwXsXL9.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","mohammadsorkhabi.ir","5.144.130.37","59441","IR"
"2022-04-21 16:17:09","https://mohammadsorkhabi.ir/atm/KhAKLG9eUj.zip","offline","malware_download","obama179|Qakbot|Quakbot","mohammadsorkhabi.ir","5.144.130.37","59441","IR"
"2021-05-07 15:17:04","https://tafaghodi.ir/resume/files/OKBWIjkslY8bOV.php","offline","malware_download","dll|dridex","tafaghodi.ir","5.144.130.34","59441","IR"
"2021-05-06 21:12:03","https://tafaghodi.ir/resume/files/EHEtRsJyIPR6o75.php","offline","malware_download","Dridex|opendir","tafaghodi.ir","5.144.130.34","59441","IR"
"2021-01-13 23:31:06","http://hakm.ir/wp-admin/yGJ4IyOoc3fI0VQPf8DDXzaI4C/","offline","malware_download","doc|emotet|epoch2","hakm.ir","185.173.105.22","59441","IR"
"2021-01-13 21:02:04","http://185.165.29.248/z0l1mxjm4mdl4jjfjf7sb2vdmv/KKveTTgaAAsecNNaaaa.arm","offline","malware_download","elf","185.165.29.248","185.165.29.248","59441","IR"
"2021-01-13 21:02:04","http://185.165.29.248/z0l1mxjm4mdl4jjfjf7sb2vdmv/KKveTTgaAAsecNNaaaa.arm7","offline","malware_download","elf","185.165.29.248","185.165.29.248","59441","IR"
"2021-01-12 20:08:04","https://hakm.ir/wp-admin/yGJ4IyOoc3fI0VQPf8DDXzaI4C/","offline","malware_download","doc|emotet|epoch2|Heodo","hakm.ir","185.173.105.22","59441","IR"
"2020-08-26 22:41:12","http://arbaeen.ir/wp-admin/sites/","offline","malware_download","doc|emotet|epoch2|Heodo","arbaeen.ir","45.92.92.100","59441","IR"
"2020-07-20 22:13:40","http://navidrayan.ir/wp-admin/v8-9i-358651/","offline","malware_download","doc|emotet|epoch3|Heodo","navidrayan.ir","5.144.131.251","59441","IR"
"2020-01-31 11:46:06","http://khaneye-sabz.ir/wp-includes/Bi4/","offline","malware_download","doc|emotet|epoch3|Heodo","khaneye-sabz.ir","185.173.105.22","59441","IR"
"2020-01-30 12:34:08","http://185.165.29.36/phone.jpg","offline","malware_download","","185.165.29.36","185.165.29.36","59441","IR"
"2019-12-16 16:52:07","https://academyskate.ir/wp-includes/open_array/corporate_cloud/5920411802759_jAldxi/","offline","malware_download","doc|emotet|epoch1|Heodo","academyskate.ir","185.208.79.99","59441","IR"
"2019-12-13 18:34:04","http://azgint.com/remittance/payment_advice.ps1","offline","malware_download","","azgint.com","62.60.164.98","59441","IR"
"2019-12-07 01:38:33","http://rayhanad.com/wp-includes/browse/","offline","malware_download","doc|emotet|epoch2|Heodo","rayhanad.com","5.144.130.32","59441","IR"
"2019-10-23 08:05:37","http://virap.ir/wwkh6/eoodd5/","offline","malware_download","emotet|epoch2|exe|heodo","virap.ir","185.173.105.22","59441","IR"
"2019-05-27 15:27:06","http://atparsco.com/ii/u.msi","offline","malware_download","Formbook","atparsco.com","5.144.129.78","59441","IR"
"2019-05-24 15:27:09","http://brqom.ir/wp-admin/css/colors/blue/1c.jpg","offline","malware_download","exe|Troldesh","brqom.ir","45.92.92.101","59441","IR"
"2019-05-24 08:31:41","http://brqom.ir/wp-admin/css/colors/blue/ural_zakaz.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","brqom.ir","45.92.92.101","59441","IR"
"2019-02-12 02:32:08","http://kianafrooz.com/trust.myaccount.send.com/","offline","malware_download","emotet|epoch1|Heodo","kianafrooz.com","5.144.129.220","59441","IR"
"2019-02-08 17:44:34","http://kianafrooz.com/arEGe-Xqhxt_uQWp-um/","offline","malware_download","emotet|epoch2|Heodo","kianafrooz.com","5.144.129.220","59441","IR"
"2019-02-07 13:44:35","http://distinctiveblog.ir/xiAC_zDl-GPaa/vC/Clients/02_19/","offline","malware_download","doc|emotet|epoch1|Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-02-06 15:37:05","http://btsco.ir/orderlist.exe","offline","malware_download","exe","btsco.ir","5.144.130.36","59441","IR"
"2019-02-05 23:00:05","http://distinctiveblog.ir/GSfa_uds-Jofbovhjq/tT/Payments/02_19/","offline","malware_download","doc|emotet|epoch1|Heodo|Nabucur","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-02-01 16:58:56","http://distinctiveblog.ir/En_us/download/Invoice/13780395302/xMyuV-MR244_IyDkWbxk-Yrl/","offline","malware_download","doc|emotet|epoch2|Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-01-30 14:08:36","http://distinctiveblog.ir/YVEHJTJZ6118546/Bestellungen/DETAILS/","offline","malware_download","doc|emotet|epoch2|Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-01-28 09:12:06","http://distinctiveblog.ir/Vodafone/Transaktion/012019/","offline","malware_download","Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-01-25 16:22:12","http://distinctiveblog.ir/Ywli-Zr_TFFnnH-p5/INV/4410555FORPO/485132683782/US_us/Invoices-attached/","offline","malware_download","doc|emotet|epoch2|Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-01-23 13:04:42","http://distinctiveblog.ir/DNLWPFVRPE1119975/Rech/FORM/","offline","malware_download","doc|emotet|epoch2|Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-01-21 14:32:09","http://distinctiveblog.ir/Amazon/Zahlungsdetails/2019-01/","offline","malware_download","doc|emotet|epoch1|Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-01-18 22:46:42","http://distinctiveblog.ir/EDHfD-gq_AIWqWukK-cph/InvoiceCodeChanges/EN_en/Paid-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2019-01-17 00:08:05","http://distinctiveblog.ir/Amazon/En/Orders-details/01_19/","offline","malware_download","doc|emotet|Heodo","distinctiveblog.ir","185.173.105.22","59441","IR"
"2018-11-16 00:16:18","http://mahdavischool.org/int/myp/En_us/Documents/2018-11/","offline","malware_download","doc|emotet|epoch1|Heodo","mahdavischool.org","5.144.131.244","59441","IR"
"2018-11-15 14:05:49","http://mahdavischool.org/int/myp/En_us/Documents/2018-11","offline","malware_download","emotet|Heodo","mahdavischool.org","5.144.131.244","59441","IR"
"2018-09-12 01:11:44","http://tehran-p-c.com/89923AT/PAYROLL/US","offline","malware_download","doc|emotet|heodo","tehran-p-c.com","5.144.130.36","59441","IR"
"2018-09-06 08:56:05","http://www.azgint.com/web/etna.exe","offline","malware_download","exe|Fuerboos","www.azgint.com","62.60.164.98","59441","IR"
"2018-09-06 08:56:04","http://www.azgint.com/web/a","offline","malware_download","exe|Formbook|Fuerboos","www.azgint.com","62.60.164.98","59441","IR"
"2018-09-06 03:16:51","http://nojanads.ir/16SF/biz/Personal","offline","malware_download","doc|emotet|epoch2","nojanads.ir","185.173.105.22","59441","IR"
"2018-08-28 05:53:04","http://www.azgint.com/log/fban4.exe","offline","malware_download","exe|Formbook","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-27 17:28:04","http://azgint.com/log/mail.exe","offline","malware_download","Formbook","azgint.com","62.60.164.98","59441","IR"
"2018-08-27 17:28:03","http://azgint.com/log/fban4.exe","offline","malware_download","Formbook","azgint.com","62.60.164.98","59441","IR"
"2018-08-27 08:24:04","http://www.azgint.com/log/fban3.exe","offline","malware_download","exe|fareit|Formbook","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-27 06:57:03","http://www.azgint.com/log/fban.exe","offline","malware_download","exe|Formbook","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-23 05:23:08","http://www.azgint.com/log/nonny1.exe","offline","malware_download","exe","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-23 05:23:07","http://www.azgint.com/log/mail.exe","offline","malware_download","exe|Formbook","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-23 05:23:06","http://www.azgint.com/log/anyi%20fb.exe","offline","malware_download","exe|Formbook","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-23 05:23:05","http://www.azgint.com/log/e","offline","malware_download","exe|fareit|Formbook|NanoCore","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-23 05:23:05","http://www.azgint.com/log/n","offline","malware_download","exe|fareit","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-23 05:23:04","http://www.azgint.com/log/b","offline","malware_download","exe|fareit|Formbook","www.azgint.com","62.60.164.98","59441","IR"
"2018-08-23 05:20:05","http://www.azgint.com/log/a","offline","malware_download","exe|fareit|Formbook|NanoCore","www.azgint.com","62.60.164.98","59441","IR"
"2018-04-18 12:30:28","http://keihani.com/wp-includes/js/plaz.exe","offline","malware_download","autoit|exe|rarsfx","keihani.com","5.144.130.34","59441","IR"
"2018-03-29 14:36:52","http://adonisgroup.co/Sales-Invoice/","offline","malware_download","doc|emotet|heodo","adonisgroup.co","5.144.130.141","59441","IR"
# of entries: 80