############################################################################## # URLhaus ASN CSV Feed # # Generated on 2024-03-29 10:06:14 UTC # # # # For questions please refer to: # # https://urlhaus.abuse.ch/feeds/ # ############################################################################## # # Feed generated for AS7489 # # Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country "2024-03-21 17:32:13","https://bloomorganicspa.za.com/qqOKZfkm165.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","bloomorganicspa.za.com","216.189.149.199","7489","US" "2024-03-21 17:32:12","https://bloomorganicspa.za.com/asras.ocx","offline","malware_download","encrypted|RAT|RemcosRAT","bloomorganicspa.za.com","216.189.149.199","7489","US" "2023-11-06 14:55:42","https://thedailyreel.com/atll/","offline","malware_download","Pikabot|TA577|TR","thedailyreel.com","83.143.116.3","7489","GB" "2023-06-14 16:56:40","https://technosolution.in/oeer/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","technosolution.in","83.143.116.3","7489","GB" "2023-05-31 15:57:13","https://epicmpls.com/ea/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","epicmpls.com","83.143.116.3","7489","GB" "2023-05-31 13:31:27","https://epicmpls.com/cio/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","epicmpls.com","83.143.116.3","7489","GB" "2023-04-06 15:44:05","https://piazzagrande.info/qei/qei.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","piazzagrande.info","83.143.116.3","7489","GB" "2023-04-05 15:40:19","https://joezias.com/ea/ea.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","joezias.com","83.143.116.3","7489","GB" "2023-04-04 16:37:17","https://mimarpro.com/dn/dn.php","offline","malware_download","BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA","mimarpro.com","83.143.116.26","7489","GB" "2023-04-04 16:36:14","https://joezias.com/prn/prn.php","offline","malware_download","BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA","joezias.com","83.143.116.3","7489","GB" "2023-02-27 19:39:33","https://epicmpls.com/TC.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","epicmpls.com","83.143.116.3","7489","GB" "2023-01-25 20:01:10","http://185.185.40.164/calc.exe","offline","malware_download","exe|Formbook","185.185.40.164","185.185.40.164","7489","NL" "2022-12-15 16:24:19","https://sos-israel.com/sdt/index.php","offline","malware_download","BB10|E17|ISO|qakbot|qbot|quakbot|TR|zip","sos-israel.com","83.143.116.3","7489","GB" "2022-12-13 20:15:59","https://ana5.net/istr/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","ana5.net","83.143.116.3","7489","GB" "2022-07-15 16:03:08","https://rhinomusclewear.com/c/OBOMIKE4.exe","offline","malware_download","AgentTesla|keylogger |rat","rhinomusclewear.com","104.128.228.237","7489","US" "2021-10-20 14:18:11","http://chefnstuff.com/optioblanditiis/animihic-150542638","offline","malware_download","qbot","chefnstuff.com","162.245.216.205","7489","US" "2021-07-24 12:15:11","http://104.128.228.148/bins/sora.arm7","offline","malware_download","32|arm|elf|mirai","104.128.228.148","104.128.228.148","7489","US" "2021-07-24 11:45:04","http://104.128.228.148/bins/sora.x86","offline","malware_download","|script","104.128.228.148","104.128.228.148","7489","US" "2021-07-24 11:45:04","http://104.128.228.148/sora.sh","offline","malware_download","script","104.128.228.148","104.128.228.148","7489","US" "2020-08-26 21:26:31","http://wininin.com/oauth/w/","offline","malware_download","emotet|epoch1|exe|Heodo","wininin.com","160.119.66.37","7489","SC" "2020-08-18 14:25:35","http://bethagroup.com.au/3GrPP0533/","offline","malware_download","emotet|epoch1|exe|Heodo","bethagroup.com.au","104.128.237.195","7489","US" "2020-08-12 02:51:04","http://bethagroup.com.au/wp-admin/Scan/n49z8qgpg6j1/","offline","malware_download","doc|emotet|epoch2|heodo","bethagroup.com.au","104.128.237.195","7489","US" "2020-08-06 23:01:03","http://bethagroup.com.au/wp-admin/Reporting/tj7vfbm7f7x/","offline","malware_download","doc|emotet|epoch2|heodo|QuakBot","bethagroup.com.au","104.128.237.195","7489","US" "2020-07-31 18:08:04","http://bethagroup.com.au/wp-admin/statement/b08606781504310601hzhj3az0fagq0/","offline","malware_download","doc|emotet|epoch2|heodo","bethagroup.com.au","104.128.237.195","7489","US" "2020-07-23 19:34:06","http://bethagroup.com.au/wp-admin/4126445-72SMD3Z1kG6-array/verified-kbxvgkvk-ub5m61njwm/2fwrw03dhg1-vtx0y7sztv50zw/","offline","malware_download","doc|emotet|epoch1|heodo","bethagroup.com.au","104.128.237.195","7489","US" "2020-05-22 19:46:08","http://www.deayoungkiki.com/wp-content/themes/twentynineteen/template-parts/content/da3_2020-05-20_18-57.exe","offline","malware_download","exe|gtag: da3|Trickbot","www.deayoungkiki.com","202.5.16.47","7489","US" "2020-02-06 21:18:06","http://sangokythuat.com.vn/wp-includes/Document/","offline","malware_download","doc|emotet|epoch2|Heodo","sangokythuat.com.vn","45.124.64.229","7489","HK" "2019-12-18 13:50:05","http://besoul8.com/home/Reporting/nsvr5999l9d/","offline","malware_download","doc|emotet|epoch2|heodo","besoul8.com","45.124.64.229","7489","HK" "2019-01-24 00:35:29","http://wasobd.net/tIeVA-MdeZ_rkTvCcy-3t/7434213/SurveyQuestionsEN_en/Sales-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","wasobd.net","104.128.226.6","7489","US" "2018-11-19 19:45:43","http://decozspring.com/doc/En/Invoice-for-sent/invoice/","offline","malware_download","emotet|heodo","decozspring.com","104.128.233.139","7489","US" "2018-08-14 14:48:48","http://decozspring.com/doc/En/Invoice-for-sent/invoice","offline","malware_download","doc|emotet|Heodo","decozspring.com","104.128.233.139","7489","US" "2018-07-06 18:28:02","http://cofancio.com/fred.exe","offline","malware_download","AgentTesla","cofancio.com","208.87.103.200","7489","GB" "2018-06-18 13:59:03","http://www.cncdoctor.com/Rechnungs-scan/","offline","malware_download","doc|emotet|heodo","www.cncdoctor.com","45.58.51.51","7489","US" "2018-06-15 17:23:23","http://cncdoctor.com/VIN1Uyetqb/","offline","malware_download","Heodo","cncdoctor.com","45.58.51.51","7489","US" "2018-06-15 15:55:05","http://www.cncdoctor.com/VIN1Uyetqb/","offline","malware_download","emotet|epoch2|Heodo|payload","www.cncdoctor.com","45.58.51.51","7489","US" "2018-05-28 04:45:23","http://cofancio.com/today.exe","offline","malware_download","AgentTesla|downloader|exe","cofancio.com","208.87.103.200","7489","GB" "2018-05-26 10:44:18","http://cofancio.com/file1.exe","offline","malware_download","AgentTesla|downloader|exe","cofancio.com","208.87.103.200","7489","GB" "2018-05-21 16:47:57","http://cofancio.com/caleb.exe","offline","malware_download","downloader|exe","cofancio.com","208.87.103.200","7489","GB" "2018-05-20 16:44:26","http://cofancio.com/favr.exe","offline","malware_download","downloader|exe","cofancio.com","208.87.103.200","7489","GB" "2018-04-09 18:03:13","http://104.128.228.134/taheni123659/Mar-16-08-20-03/Tracking-Number-8L34007056446740/","offline","malware_download","doc|emotet|heodo","104.128.228.134","104.128.228.134","7489","US" # of entries: 40