##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 01:51:58 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS8648
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.arm5","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.arm7","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.mips","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.mpsl","offline","malware_download","ELF|geofenced|MIPS|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.x86","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://81.88.18.108/shadow/bins/shadow.x86_64","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://vps-2624.onecom-cloud.one/shadow/bins/shadow.mips","offline","malware_download","ELF|geofenced|MIPS|Mirai|ua-wget|USA","vps-2624.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-10-16 05:39:14","http://vps-2624.onecom-cloud.one/shadow/bins/shadow.mpsl","offline","malware_download","ELF|geofenced|MIPS|Mirai|ua-wget|USA","vps-2624.onecom-cloud.one","81.88.18.108","8648","DE"
"2025-10-16 05:39:13","http://81.88.18.108/shadow/bins/shadow.arm","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:13","http://81.88.18.108/shadow/bins/shadow.arm6","offline","malware_download","ELF|geofenced|Mirai|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:11","http://81.88.18.108/shadow/bins/shadow.arm64","offline","malware_download","ELF|geofenced|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:08","http://81.88.18.108/shadow/bins/binary.sh","offline","malware_download","geofenced|sh|ua-wget|USA","81.88.18.108","81.88.18.108","8648","DE"
"2025-10-16 05:39:08","http://vps-2624.onecom-cloud.one/shadow/bins/binary.sh","offline","malware_download","geofenced|sh|ua-wget|USA","vps-2624.onecom-cloud.one","81.88.18.108","8648","DE"
"2023-03-14 19:03:41","https://w1072207.checkdomain.net/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","w1072207.checkdomain.net","185.3.235.195","8648","DE"
"2023-03-14 19:02:21","https://w1072207.checkdomain.net/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","w1072207.checkdomain.net","185.3.235.195","8648","DE"
"2023-03-14 19:01:09","https://w1072207.checkdomain.net/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","w1072207.checkdomain.net","185.3.235.195","8648","DE"
"2023-03-14 14:56:10","http://w1072207.checkdomain.net/connect/index.php","offline","malware_download","agenziaentrate|geofenced|gozi|isfb|ITA|mef|mise|ursnif","w1072207.checkdomain.net","185.3.235.195","8648","DE"
"2023-02-02 05:07:10","http://medjugorje.tours/SMU.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","medjugorje.tours","89.22.104.142","8648","DE"
"2023-02-01 11:07:14","https://medjugorje.tours/SMU.php?URAQEAT=7","offline","malware_download","QakBot|QuakBot","medjugorje.tours","89.22.104.142","8648","DE"
"2022-12-28 00:28:12","http://royalrangerseurope.net/rulesupdate/QBOT_AZD.ZIP","offline","malware_download","514126|azd|img|iso|qakbot|qbot|quakbot|zip","royalrangerseurope.net","5.44.111.74","8648","DE"
"2022-12-14 20:06:32","https://grubi-co.de/otos/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","grubi-co.de","37.218.252.218","8648","DE"
"2022-06-13 13:30:06","https://www.xpert.sk/upload/checker/Invoice_US260999.jar","offline","malware_download","","www.xpert.sk","195.181.249.13","8648","SK"
"2022-01-11 11:35:05","http://diasforte.sk/LOGS/zFLEEKgSmmzACqAJ/","offline","malware_download","emotet|epoch4|redir-doc|xls","diasforte.sk","212.57.32.97","8648","SK"
"2021-10-22 07:20:08","http://rujewz6.sweb.cz/ok/Sample.exe","offline","malware_download","SnakeKeyLogger","rujewz6.sweb.cz","195.181.250.118","8648","SK"
"2020-12-29 11:51:04","http://tuerkiyemspor.de/d/2HwekzifbsEP6/","offline","malware_download","doc|emotet|epoch2|Heodo","tuerkiyemspor.de","5.44.111.67","8648","DE"
"2020-08-27 10:46:05","http://bss-ticket.de/wp-content/browse/7o06yaxzr8/p3xywzd24817897103294146tnev8250q0q/","offline","malware_download","doc|emotet|epoch2","bss-ticket.de","89.22.122.156","8648","DE"
"2020-08-27 07:46:04","https://www.bss-ticket.de/wp-content/browse/7o06yaxzr8/p3xywzd24817897103294146tnev8250q0q/","offline","malware_download","doc|emotet|epoch2|heodo","www.bss-ticket.de","89.22.122.156","8648","DE"
"2020-08-18 21:16:11","https://3spower.sk/bck/attachments/h75wkxyd6r/d3c53jr78977932zt5lxrjpts9wzhj5/","offline","malware_download","doc|emotet|epoch2|Heodo","3spower.sk","195.181.248.14","8648","SK"
"2020-08-17 23:19:38","https://koenigsmarck.de/blogs/Scan/lflwywmj/","offline","malware_download","doc|emotet|epoch2|Heodo","koenigsmarck.de","93.90.186.201","8648","DE"
"2020-08-06 21:39:19","https://koenigsmarck.de/blogs/FILE/","offline","malware_download","doc|emotet|epoch2|Heodo|QuakBot","koenigsmarck.de","93.90.186.201","8648","DE"
"2020-08-06 05:33:03","https://3spower.sk/bck/DOC/evangsemr/","offline","malware_download","doc|emotet|epoch2|heodo","3spower.sk","195.181.248.14","8648","SK"
"2020-08-05 06:08:05","https://dobrecasy.sk/wp-admin/user/documents.zip","offline","malware_download","Qakbot|Quakbot|zip","dobrecasy.sk","195.181.248.41","8648","SK"
"2020-07-31 09:00:07","http://comars.sk/images/LSBGF5D22A2L/mbe9wos/","offline","malware_download","doc|emotet|epoch2|heodo","comars.sk","212.57.32.164","8648","SK"
"2020-07-28 14:48:03","http://comars.sk/images/payment/","offline","malware_download","doc|emotet|epoch2|Heodo","comars.sk","212.57.32.164","8648","SK"
"2020-07-22 21:43:03","https://3spower.sk/bck/report/09vp236394718420280682sx40pg6435xpnzp5fn5i/","offline","malware_download","doc|emotet|epoch2|heodo","3spower.sk","195.181.248.14","8648","SK"
"2020-05-22 19:54:06","http://acherner-buergerstiftung.de/wp-content/plugins/tinymce-advanced/mce/advlist/da2_2020-05-07_21-39.exe","offline","malware_download","exe|gtag: da2|Trickbot","acherner-buergerstiftung.de","89.22.104.92","8648","DE"
"2020-05-15 08:47:37","https://eudubai.com/wp-content/plugins/apikey/qqduaxjzimih/80749/LoanAgreement_80749_05132020.zip","offline","malware_download","Qakbot|Quakbot|zip","eudubai.com","185.102.21.79","8648","CZ"
"2020-05-15 05:59:48","https://eudubai.com/wp-content/plugins/apikey/qqduaxjzimih/5787581/LoanAgreement_5787581_05132020.zip","offline","malware_download","Qakbot|Quakbot|zip","eudubai.com","185.102.21.79","8648","CZ"
"2020-04-21 19:17:16","http://svs-atzen.de/flower.exe","offline","malware_download","exe|Neutrino","svs-atzen.de","93.90.188.45","8648","DE"
"2020-04-21 19:17:09","http://smi-dienstleistungen.de/chrome.exe","offline","malware_download","exe","smi-dienstleistungen.de","93.90.188.45","8648","DE"
"2020-04-21 19:17:05","http://www.svs-atzen.de/flower.exe","offline","malware_download","exe|Neutrino","www.svs-atzen.de","93.90.188.45","8648","DE"
"2020-01-29 10:13:04","http://specialtactics.sk/encyclopedia/common_PTei1u_cO7nM7qD/976117_6N8unoXjEpcppfN_portal/6447603333646_pJbGj/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2020-01-22 21:13:03","http://vyboh.com/doc/Adobe-Reader-PDF-Plugin-5.0.2.exe","offline","malware_download","ArkeiStealer|exe","vyboh.com","195.181.249.13","8648","SK"
"2020-01-16 03:14:03","http://specialtactics.sk/paladin/protected_module/test_cloud/H0a0EjyGR_zm4Mhg0v/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2020-01-14 00:51:03","http://specialtactics.sk/paladin/personal-5771035336275-mVZFXJm0TrK3/test-portal/MACS4OJbfa-a67mli6tazea/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2019-12-19 03:05:03","https://kavovary-saeco.sk/wp-includes/EAtQHf233167/","offline","malware_download","doc|emotet|epoch3|heodo","kavovary-saeco.sk","195.181.251.30","8648","SK"
"2019-12-19 02:53:05","https://remont.sk/wp-admin/sites/yfc6vij/","offline","malware_download","doc|emotet|epoch2|heodo","remont.sk","195.181.251.30","8648","SK"
"2019-12-19 02:26:02","http://archipelago.sk/LOGS/j9ryoq7vht-qqo4lf-disk/external-area/pDVOLy-l284H9tK68s/","offline","malware_download","doc|emotet|epoch1|Heodo","archipelago.sk","212.57.32.7","8648","SK"
"2019-12-18 21:42:07","http://specialtactics.sk/paladin/personal-sector/open-forum/7014894-cctMWiYxNSLq/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2019-12-10 09:09:32","http://www.freizeichen.com/wp-content/personal-sector/corporate-cloud/vqGmvwQLk6gA-lJer4xgwntzn27/","offline","malware_download","doc|emotet|epoch1|Heodo","www.freizeichen.com","178.250.170.184","8648","DE"
"2019-10-09 19:02:37","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/4","offline","malware_download","","stolarstvosimo.sk","212.57.39.188","8648","SK"
"2019-08-24 01:39:07","http://code-cheats.8u.cz/Loader0/CodeBoT.exe","offline","malware_download","exe","code-cheats.8u.cz","185.102.21.125","8648","CZ"
"2019-07-28 03:35:04","http://185.80.92.4/backdoor.exe","offline","malware_download","exe","185.80.92.4","185.80.92.4","8648","DE"
"2019-07-28 03:23:03","http://185.80.92.4/chrome.exe","offline","malware_download","exe","185.80.92.4","185.80.92.4","8648","DE"
"2019-07-11 13:27:03","http://89.22.103.139:8000/bulkFont.bin","offline","malware_download","Dridex|exe","89.22.103.139","89.22.103.139","8648","DE"
"2019-07-05 09:13:03","http://kupaliskohs.sk/wp-content/themes/kupaliskohs/styles/1c.jpg","offline","malware_download","exe|Troldesh","kupaliskohs.sk","195.181.248.12","8648","SK"
"2019-04-30 00:09:02","http://ione.sk/isotope/FILE/8eBIbUhqgQM/","offline","malware_download","doc|emotet|epoch2|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-04-29 22:32:03","http://reckon.sk/e107_admin/verif.accs.send.biz/","offline","malware_download","doc|emotet|epoch1|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-29 17:43:02","http://specialtactics.sk/encyclopedia/trust.myacc.send.com/","offline","malware_download","doc|emotet|epoch1|Heodo","specialtactics.sk","195.181.249.10","8648","SK"
"2019-04-26 23:10:04","http://reckon.sk/e107_admin/FILE/tRM7hYrKbxi/","offline","malware_download","doc|emotet|epoch2","reckon.sk","195.181.248.14","8648","SK"
"2019-04-24 22:29:02","http://ione.sk/isotope/INC/36iO9PRRdX4/","offline","malware_download","doc|emotet|epoch2|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-04-23 08:02:03","http://reckon.sk/e107_admin/service/Frage/2019-04/","offline","malware_download","doc|emotet|epoch1|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-18 21:33:03","http://ione.sk/isotope/Document/g0TnHARB5FV/","offline","malware_download","doc|emotet|epoch2","ione.sk","195.181.248.17","8648","SK"
"2019-04-18 21:31:05","http://reckon.sk/e107_admin/LP_Rl/","offline","malware_download","emotet|epoch2|exe|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-16 11:50:03","http://ione.sk/isotope/legale/Frage/04-2019/","offline","malware_download","doc|emotet|epoch1|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-04-16 05:49:02","http://reckon.sk/e107_admin/3guc-rpaur-pawhxiy/","offline","malware_download","doc|emotet|epoch2|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-12 05:41:03","http://ione.sk/isotope/Ixhl-dmcVBe1HjDyJOK_hZxLyUbnI-mYM/","offline","malware_download","Emotet|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-04-10 17:13:12","http://reckon.sk/e107_admin/VkZW-3EDLLbA9SvtziFx_fIXcIjMh-HRS/","offline","malware_download","doc|emotet|epoch1|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-08 13:23:02","http://reckon.sk/e107_admin/IinDo-SR3wiEcsbEXj03_uNpnFBYir-EO/","offline","malware_download","Emotet|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-05 20:12:18","http://reckon.sk/e107_admin/PKHHe-7R7UNvxUjgxe9CL_zCFngvAxI-LR/","offline","malware_download","emotet|epoch1|Heodo","reckon.sk","195.181.248.14","8648","SK"
"2019-04-03 17:57:05","http://ione.sk/isotope/secure.accounts.docs.net/","offline","malware_download","","ione.sk","195.181.248.17","8648","SK"
"2019-04-02 11:13:38","http://archipelago.sk/LOGS/sec.myaccount.resourses.com/","offline","malware_download","Emotet|Heodo","archipelago.sk","212.57.32.7","8648","SK"
"2019-03-29 13:05:02","http://magiccomp.sk/projekt_eu/bEnL-Hh_xpM-sC/","offline","malware_download","doc|emotet|epoch2|Heodo","magiccomp.sk","195.181.248.12","8648","SK"
"2019-03-27 14:36:17","http://manik.sk/drgatko.exe","offline","malware_download","exe","manik.sk","195.181.248.12","8648","SK"
"2019-03-27 12:20:05","http://magiccomp.sk/projekt_eu/II_pj/","offline","malware_download","emotet|epoch2|exe|Heodo","magiccomp.sk","195.181.248.12","8648","SK"
"2019-03-18 17:52:05","http://layoutd.net/css/5sl1-2abwa7-rvkhlyd/","offline","malware_download","doc|emotet|epoch2|Heodo","layoutd.net","195.181.248.13","8648","SK"
"2019-03-16 00:51:11","http://privat-cyprian.sk/_ZALOHA_/4ql19-ch4bnm-czfjdlr/","offline","malware_download","doc|emotet|epoch2|Heodo","privat-cyprian.sk","195.181.248.21","8648","SK"
"2019-03-14 18:36:05","http://lemuria.sk/ww4w/vr1h-kaegqe-cxtp/","offline","malware_download","doc|emotet|epoch2|Heodo","lemuria.sk","195.181.248.18","8648","SK"
"2019-03-14 18:33:06","http://layoutd.net/aukro/270p-f03urt-zudsp/","offline","malware_download","doc|emotet|epoch2|Heodo","layoutd.net","195.181.248.13","8648","SK"
"2019-03-13 06:57:32","http://ione.sk/isotope/fa9n-ilztc-raiydwlsg/","offline","malware_download","Emotet|Heodo","ione.sk","195.181.248.17","8648","SK"
"2019-03-09 21:28:07","http://sweet-bud.com/1/6526.vbs","offline","malware_download","loader|vbs","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:40:03","http://sweet-bud.com/1/Firefox.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:39:03","http://sweet-bud.com/1/Protected24.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:39:02","http://sweet-bud.com/1/data24.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:38:05","http://sweet-bud.com/1/65.exe","offline","malware_download","exe|njrat","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:38:04","http://sweet-bud.com/1/Protected244.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:31:09","http://sweet-bud.com/1/4.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:22:50","http://sweet-bud.com/1/d22_signed.exe","offline","malware_download","exe|njrat","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:22:38","http://sweet-bud.com/1/80.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 09:22:13","http://sweet-bud.com/1/6565.exe","offline","malware_download","exe|njrat","sweet-bud.com","5.44.111.161","8648","DE"
"2019-03-09 08:42:10","http://sweet-bud.com/1/24.exe","offline","malware_download","exe","sweet-bud.com","5.44.111.161","8648","DE"
"2019-02-27 00:10:47","http://musicatemporis.recordtogo.com/sendincencrypt/support/secure/EN_en/201902/","offline","malware_download","doc|emotet|epoch1|Heodo","musicatemporis.recordtogo.com","195.181.251.27","8648","SK"
"2019-02-26 20:57:43","http://abcstudio.sk/wp-content/themes/fusion-base/fonts/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","abcstudio.sk","195.181.248.157","8648","SK"
"2019-02-26 15:56:09","http://autoskolaprimcar.sk/wp-content/themes/primi/images/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","autoskolaprimcar.sk","212.57.32.164","8648","SK"
"2019-02-20 19:52:16","http://kelvingee.hys.cz/kev4.exe","offline","malware_download","exe|HawkEye","kelvingee.hys.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:12","http://www.kokopellz.4fan.cz:80/koko4.exe","offline","malware_download","exe|hta|LokiBot|payload|stage2","www.kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:10","http://kokopellz.4fan.cz:80/koko4.exe","offline","malware_download","exe|hta|LokiBot|payload|stage2","kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:09","http://www.kokopellz.4fan.cz/koko4.exe","offline","malware_download","exe|hta|LokiBot|payload|stage2","www.kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:07","http://kokopellz.4fan.cz/koko4.exe","offline","malware_download","exe|hta|LokiBot|payload|stage2","kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:06","http://www.kokopellz.4fan.cz:80/koko4.hta","offline","malware_download","exe|hta|LokiBot|payload|stage2","www.kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:05","http://kokopellz.4fan.cz:80/koko4.hta","offline","malware_download","exe|hta|LokiBot|payload|stage2","kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:05","http://www.kokopellz.4fan.cz/koko4.hta","offline","malware_download","exe|hta|LokiBot|payload|stage2","www.kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-20 17:54:04","http://kokopellz.4fan.cz/koko4.hta","offline","malware_download","exe|hta|LokiBot|payload|stage2","kokopellz.4fan.cz","185.102.21.125","8648","CZ"
"2019-02-13 20:51:01","http://www.marconuenlist.ch/trust.myaccount.send.com/","offline","malware_download","doc|emotet|epoch1","www.marconuenlist.ch","5.44.111.74","8648","DE"
"2019-02-13 16:16:30","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/3","offline","malware_download","","stolarstvosimo.sk","212.57.39.188","8648","SK"
"2019-02-13 16:16:06","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/2","offline","malware_download","","stolarstvosimo.sk","212.57.39.188","8648","SK"
"2019-02-13 16:13:17","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/1","offline","malware_download","","stolarstvosimo.sk","212.57.39.188","8648","SK"
"2019-02-13 00:34:42","http://marconuenlist.ch/verif.accounts.docs.net/","offline","malware_download","doc|emotet|epoch1","marconuenlist.ch","5.44.111.74","8648","DE"
"2019-02-12 11:12:46","http://marconuenlist.ch/KQQGNCDOFN5346015/gescanntes-Dokument/Zahlungserinnerung/","offline","malware_download","emotet|epoch2","marconuenlist.ch","5.44.111.74","8648","DE"
"2019-02-06 12:57:54","http://frenesis.net/Telekom/Transaktion/01_19/","offline","malware_download","doc|emotet|epoch1|Heodo","frenesis.net","195.181.249.10","8648","SK"
"2019-01-16 12:20:34","http://admaacademy.sk/DE/UCUORDYIJ7907481/Dokumente/DOC-Dokument/","offline","malware_download","emotet|epoch2|Heodo","admaacademy.sk","212.57.32.116","8648","SK"
"2018-12-18 23:49:43","http://magiccomp.sk/lSaQN-ppXDNbFvXjfYkDf_IVIkFzyat-va/","offline","malware_download","emotet|epoch1|Heodo","magiccomp.sk","195.181.248.12","8648","SK"
"2018-12-17 16:57:19","http://hps-sk.sk/Amazon/Information/2018-12/","offline","malware_download","emotet|epoch1|Heodo","hps-sk.sk","195.181.250.133","8648","SK"
"2018-12-14 13:04:16","http://hps-sk.sk/boHj-qwNSBL33lOqC6XH_bFPbwJUxb-5D/","offline","malware_download","doc|emotet|heodo","hps-sk.sk","195.181.250.133","8648","SK"
"2018-12-14 00:28:18","http://frenesis.net/EN_US/Attachments/122018/","offline","malware_download","emotet|epoch1|Heodo","frenesis.net","195.181.249.10","8648","SK"
"2018-11-28 18:09:39","http://frenesis.net/En/Clients_CyberMonday_Coupons","offline","malware_download","doc|emotet|heodo","frenesis.net","195.181.249.10","8648","SK"
"2018-11-12 16:01:03","http://asakoko.cekuj.net/ehiz.hta","offline","malware_download","","asakoko.cekuj.net","185.102.21.125","8648","CZ"
"2018-11-12 16:01:02","http://asakoko.cekuj.net/ehiz.exe","offline","malware_download","Loki","asakoko.cekuj.net","185.102.21.125","8648","CZ"
"2018-10-28 14:25:02","http://envi-herzog.de/uyitfu65uy??LeeWdH=LeeWdH","offline","malware_download","exe|Locky|Ransomware","envi-herzog.de","194.116.187.130","8648","DE"
"2018-10-04 08:45:42","http://www.hradisko.cz/3122571YQXP/biz/Personal","offline","malware_download","doc|emotet|heodo","www.hradisko.cz","185.102.21.209","8648","CZ"
"2018-09-26 11:18:36","http://diablo2friend.de/En_us/Attachments/092018","offline","malware_download","doc|emotet|Heodo","diablo2friend.de","89.22.100.72","8648","DE"
"2018-09-11 05:20:24","http://www.nellyvonalven.com/default/US_us/Paid-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","www.nellyvonalven.com","178.20.102.92","8648","DE"
"2018-09-11 05:11:24","http://nellyvonalven.com/default/US_us/Paid-Invoices","offline","malware_download","doc|emotet|epoch2|Heodo","nellyvonalven.com","178.20.102.92","8648","DE"
"2018-09-07 06:56:04","http://www.nellyvonalven.com/default/US_us/Paid-Invoices","offline","malware_download","doc|emotet|Heodo","www.nellyvonalven.com","178.20.102.92","8648","DE"
"2018-09-05 03:36:29","http://waterski.sk/Corrections/","offline","malware_download","doc|emotet|epoch1|Heodo","waterski.sk","195.181.248.18","8648","SK"
"2018-09-04 16:51:50","http://waterski.sk/Corrections","offline","malware_download","doc|emotet|heodo","waterski.sk","195.181.248.18","8648","SK"
"2018-08-24 07:08:06","http://nellyvonalven.com/9741UH/oamo/Commercial","offline","malware_download","doc|emotet|Heodo","nellyvonalven.com","178.20.102.92","8648","DE"
"2018-08-22 23:50:16","http://www.nellyvonalven.com/9741UH/oamo/Commercial","offline","malware_download","doc|emotet|Heodo","www.nellyvonalven.com","178.20.102.92","8648","DE"
"2018-08-22 22:26:04","http://www.nellyvonalven.com/9741UH/oamo/Commercial/","offline","malware_download","doc|emotet|Heodo","www.nellyvonalven.com","178.20.102.92","8648","DE"
"2018-08-10 10:45:09","http://stud.clanweb.eu/gym.exe","offline","malware_download","Emotet|exe|Loki","stud.clanweb.eu","185.102.21.125","8648","CZ"
"2018-08-07 12:57:05","http://studio.maweb.eu/bidniz.exe","offline","malware_download","exe|Loki","studio.maweb.eu","185.102.21.125","8648","CZ"
"2018-08-07 12:57:03","http://studio.maweb.eu/EgO.hta","offline","malware_download","hta|Loki","studio.maweb.eu","185.102.21.125","8648","CZ"
"2018-07-30 14:27:02","http://www.ferrettconsulting.com/Jul2018/Rech/Hilfestellung/in-Rechnung-gestellt-STU-44-82239/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-30 14:26:36","http://ferrettconsulting.com/Jul2018/Rech/Hilfestellung/in-Rechnung-gestellt-STU-44-82239/","offline","malware_download","doc|emotet|epoch2|Heodo","ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-26 03:57:53","http://www.ferrettconsulting.com/sites/EN_en/Invoice/Invoice-0593121/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-25 04:31:14","http://bckm.sk/Jul2018/EN_en/Open-invoices/Invoice-658257","offline","malware_download","doc|emotet|heodo","bckm.sk","195.181.251.8","8648","SK"
"2018-07-25 04:02:16","http://www.ferrettconsulting.com/pdf/Rechnung/RECH/Fakturierung-ZZN-91-18275/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-25 03:57:42","http://ferrettconsulting.com/pdf/Rechnung/RECH/Fakturierung-ZZN-91-18275/","offline","malware_download","doc|emotet|epoch2|Heodo","ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-25 03:56:31","http://bckm.sk/Jul2018/EN_en/Open-invoices/Invoice-658257/","offline","malware_download","doc|emotet|epoch2|Heodo","bckm.sk","195.181.251.8","8648","SK"
"2018-07-24 05:36:23","http://www.lutz-nachhilfe.de/sites/US/Client/Services-07-23-18-New-Customer-YY/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-23 19:14:07","http://www.lutz-nachhilfe.de/sites/US/Client/Services-07-23-18-New-Customer-YY","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-20 03:45:22","http://www.ferrettconsulting.com/sites/En_us/OVERDUE-ACCOUNT/Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ferrettconsulting.com","89.22.105.52","8648","DE"
"2018-07-19 09:32:42","http://www.lutz-nachhilfe.de/doc/US=5Fus/Purchase/Invoices","offline","malware_download","doc|emotet","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-19 09:32:41","http://www.lutz-nachhilfe.de/doc/US_us/Purchase/Invoices","offline","malware_download","doc|emotet|Heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-19 09:31:18","http://lutz-nachhilfe.de/doc/US=5Fus/Purchase/Invoices","offline","malware_download","doc|emotet","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-19 09:31:18","http://lutz-nachhilfe.de/doc/US_us/Purchase/Invoices","offline","malware_download","doc|emotet|Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-17 23:08:41","http://www.lutz-nachhilfe.de/Jul2018/En/Client/Customer-Invoice-HX-0973348/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-17 14:39:08","http://lutz-nachhilfe.de/Jul2018/En/Client/Customer-Invoice-HX-0973348/","offline","malware_download","Emotet|Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-17 09:12:06","http://www.lutz-nachhilfe.de/Jul2018/En/Client/Customer-Invoice-HX-0973348","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-14 16:45:11","http://studio.clanweb.eu/fekir.exe","offline","malware_download","exe|Fuery|Loki|Pony","studio.clanweb.eu","185.102.21.125","8648","CZ"
"2018-07-13 15:36:39","http://www.pozarni-revize.eu/default/En_us/Order/Invoice-605099/","offline","malware_download","doc|emotet|heodo","www.pozarni-revize.eu","185.102.21.34","8648","CZ"
"2018-07-13 12:09:50","http://lutz-nachhilfe.de/doc/En_us/Order/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-13 06:59:34","http://www.lutz-nachhilfe.de/doc/En_us/Order/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-12 11:51:06","http://papillo.jecool.net/chapo.exe","offline","malware_download","Loki","papillo.jecool.net","185.102.21.125","8648","CZ"
"2018-07-11 15:37:20","http://www.lutz-nachhilfe.de/pdf/En/Jul2018/Direct-Deposit-Notice/","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-10 05:06:14","http://www.lutz-nachhilfe.de/sites/En_us/Payment-and-address/Invoice-79627/","offline","malware_download","doc|emotet|heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-09 20:57:07","http://lutz-nachhilfe.de/sites/En_us/Payment-and-address/Invoice-79627/","offline","malware_download","Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-06 19:35:57","http://lutz-nachhilfe.de/newsletter/US/ACCOUNT/Pay-Invoice/","offline","malware_download","Heodo","lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-07-05 21:33:09","http://www.lutz-nachhilfe.de/newsletter/US/ACCOUNT/Pay-Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","www.lutz-nachhilfe.de","93.90.186.37","8648","DE"
"2018-06-26 08:21:11","http://woelf.in/SheqtIxR3U/050euiM/","offline","malware_download","emotet|exe|heodo","woelf.in","93.90.186.40","8648","DE"
"2018-06-20 14:24:06","http://lemat.sk/Rechs/","offline","malware_download","Heodo","lemat.sk","195.181.248.15","8648","SK"
"2018-06-15 18:29:17","http://seda.sk/Rechnungszahlung/Zahlung-bequem-per-Rechnung-017-5026/","offline","malware_download","Heodo","seda.sk","195.181.248.10","8648","SK"
"2018-06-15 15:42:43","http://tigress.de/UPS.com/02-Jan-18-08-25-25/","offline","malware_download","Heodo","tigress.de","89.22.104.252","8648","DE"
"2018-06-15 00:12:42","http://makymaky.cz/wp-content/New-invoice-7256793/","offline","malware_download","Heodo","makymaky.cz","185.102.21.150","8648","CZ"
"2018-06-14 11:03:09","http://lemat.sk/LI5995/","offline","malware_download","emotet|epoch1|Heodo|payload","lemat.sk","195.181.248.15","8648","SK"
"2018-06-13 19:16:04","http://woelf.in/FILE/Services-06-13-18-New-Customer-MO/","offline","malware_download","doc|emotet|epoch1|Heodo","woelf.in","93.90.186.40","8648","DE"
"2018-06-11 16:19:04","http://meta-designs.com/IRS-Tax-Transcipts-062018-088L/1","offline","malware_download","doc|emotet|epoch1|Heodo","meta-designs.com","195.181.248.10","8648","SK"
"2018-06-08 10:46:05","http://lemat.sk/WKx1y/","offline","malware_download","emotet|epoch1|Heodo|payload","lemat.sk","195.181.248.15","8648","SK"
"2018-06-07 17:07:02","http://meta-designs.com/STATUS/Invoice-50418617-Invoice-date-060718-Order-no-3169541221/","offline","malware_download","doc|emotet|epoch1|Heodo","meta-designs.com","195.181.248.10","8648","SK"
"2018-06-07 14:10:12","http://lemat.sk/Hilfestellung/Hilfestellung-zu-Ihrer-Rechnung/","offline","malware_download","Heodo","lemat.sk","195.181.248.15","8648","SK"
"2018-06-05 14:58:02","http://promoagency.sk/xmlGGDtvW/","offline","malware_download","emotet|payload","promoagency.sk","212.57.32.7","8648","SK"
"2018-06-04 17:23:39","http://meta-designs.com/Client/Invoice-55567/","offline","malware_download","doc|emotet|Heodo","meta-designs.com","195.181.248.10","8648","SK"
"2018-06-01 16:38:08","http://seda.sk/ups.com/WebTracking/AR-26258614745/","offline","malware_download","doc|emotet|Heodo","seda.sk","195.181.248.10","8648","SK"
"2018-06-01 07:49:47","http://promoagency.sk/MC9R/","offline","malware_download","emotet|Heodo","promoagency.sk","212.57.32.7","8648","SK"
"2018-05-30 16:23:14","http://opoj.eu/Facture/","offline","malware_download","doc|emotet|Heodo","opoj.eu","195.181.248.21","8648","SK"
"2018-05-30 01:01:19","http://it-partners.sk/Bezahlen-Sie-die-Rechnung/","offline","malware_download","doc|emotet|Heodo","it-partners.sk","195.181.249.10","8648","SK"
"2018-05-29 19:59:51","http://seda.sk/ACCOUNT/HRI-Monthly-Invoice/","offline","malware_download","doc|emotet|Heodo","seda.sk","195.181.248.10","8648","SK"
"2018-05-29 19:46:07","http://promoagency.sk/ups.com/WebTracking/VXH-4422375110774/","offline","malware_download","doc|emotet|Heodo","promoagency.sk","212.57.32.7","8648","SK"
"2018-05-29 19:42:03","http://asv-frueh-auf.de/Notification-de-facture/","offline","malware_download","doc|emotet|Heodo","asv-frueh-auf.de","5.44.111.57","8648","DE"
"2018-05-24 08:17:20","http://meta-designs.com/ups.com/WebTracking/QW-03559800990/","offline","malware_download","doc|emotet|heodo","meta-designs.com","195.181.248.10","8648","SK"
"2018-05-23 20:30:15","http://promoagency.sk/ups.com/WebTracking/OH-1031899501/","offline","malware_download","doc|emotet|Heodo","promoagency.sk","212.57.32.7","8648","SK"
"2018-05-18 08:47:26","http://lemat.sk/YQJHmA/","offline","malware_download","emotet|Heodo|payload","lemat.sk","195.181.248.15","8648","SK"
"2018-05-17 06:11:44","http://asv-frueh-auf.de/kdecFjEAD62/","offline","malware_download"," doc|emotet","asv-frueh-auf.de","5.44.111.57","8648","DE"
"2018-05-11 11:46:38","http://basedow-bilder.de/gando.bin","offline","malware_download","exe|trickbot","basedow-bilder.de","194.116.187.130","8648","DE"
"2018-05-10 13:51:21","http://basedow-bilder.de/kporto.bin","offline","malware_download","trickbot","basedow-bilder.de","194.116.187.130","8648","DE"
"2018-04-27 13:17:05","http://woelf.in/picture_library/nmzWXqMpg3O/","offline","malware_download","doc|emotet|Heodo","woelf.in","93.90.186.40","8648","DE"
"2018-04-09 18:06:11","http://oasis-lab.sk/INV/WP-22372047/","offline","malware_download","doc|emotet|heodo","oasis-lab.sk","212.57.32.43","8648","SK"
"2018-04-07 08:35:23","http://mittel.sk/ACH-FORM/NSQ-17803/","offline","malware_download","doc|emotet|heodo","mittel.sk","195.181.248.11","8648","SK"
"2018-04-06 05:49:12","http://opoj.eu/ZE-8070822513/","offline","malware_download","doc|emotet|heodo","opoj.eu","195.181.248.21","8648","SK"
"2018-04-05 17:13:30","http://novatel.sk/MpwthUI/","offline","malware_download","emotet","novatel.sk","195.181.248.17","8648","SK"
"2018-04-04 05:35:05","http://veucon.sk/W8V7rj/","offline","malware_download","emotet|exe|heodo","veucon.sk","195.181.249.11","8648","SK"
"2018-04-04 05:34:47","http://alyx.sk/jV1fOd/","offline","malware_download","emotet|exe|heodo","alyx.sk","195.181.248.13","8648","SK"
"2018-04-03 19:13:45","http://holovac.eu/WIRE-FORM/DYJ-5292811/","offline","malware_download","doc|emotet|heodo","holovac.eu","195.181.248.14","8648","SK"
"2018-03-29 07:25:36","http://envi-herzog.de/uglvvah.exe","offline","malware_download","exe|retefe","envi-herzog.de","194.116.187.130","8648","DE"
# of entries: 194