From 64598e3ad83ff57fceefee5b3c252d7756de1c34 Mon Sep 17 00:00:00 2001
From: curben-bot <curben-bot@users.noreply.gitlab.com>
Date: Mon, 18 Feb 2019 12:26:15 +0000
Subject: [PATCH] Filter updated: Mon, 18 Feb 2019 12:26:14 UTC

---
 src/URLhaus.csv    | 2857 +++++++++++++++++++++++++++++++++-----------
 urlhaus-filter.txt |  222 ++--
 2 files changed, 2226 insertions(+), 853 deletions(-)

diff --git a/src/URLhaus.csv b/src/URLhaus.csv
index 40110650..42b2f66b 100644
--- a/src/URLhaus.csv
+++ b/src/URLhaus.csv
@@ -1,12 +1,1453 @@
 ################################################################
 # abuse.ch URLhaus Database Dump (CSV)                         #
-# Last updated: 2019-02-18 00:19:50 (UTC)                      #
+# Last updated: 2019-02-18 12:19:02 (UTC)                      #
 #                                                              #
 # Terms Of Use: https://urlhaus.abuse.ch/api/                  #
 # For questions please contact urlhaus [at] abuse.ch           #
 ################################################################
 #
 # id,dateadded,url,url_status,threat,tags,urlhaus_link
+"132514","2019-02-18 12:19:02","http://104.155.134.95/de_DE/PHRJHNS1706006/Bestellungen/RECHNUNG/","online","malware_download","None","https://urlhaus.abuse.ch/url/132514/"
+"132513","2019-02-18 12:14:08","http://54.250.159.171/ITYUILQHPS2527864/de/Zahlung/","online","malware_download","None","https://urlhaus.abuse.ch/url/132513/"
+"132512","2019-02-18 12:05:05","http://52.63.119.3/DE/WJVLFQXIL7243103/Scan/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132512/"
+"132511","2019-02-18 12:03:11","http://185.224.249.181:80/bins/despise.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132511/"
+"132510","2019-02-18 12:03:08","http://185.224.249.181:80/bins/despise.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132510/"
+"132509","2019-02-18 12:03:05","http://185.224.249.181:80/bins/despise.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132509/"
+"132508","2019-02-18 12:02:03","http://185.224.249.181:80/bins/despise.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/132508/"
+"132507","2019-02-18 12:01:04","http://82.253.156.136/wordpress/Februar2019/RXZOTII4866226/GER/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132507/"
+"132506","2019-02-18 11:58:09","http://hourofcode.cn/De_de/WMUPSXLK9917373/Rechnungskorrektur/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132506/"
+"132505","2019-02-18 11:55:02","http://down.softlist.tcroot.cn/xbdtfences4310v1426.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/132505/"
+"132504","2019-02-18 11:53:11","http://menardvidal.com/new.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/132504/"
+"132503","2019-02-18 11:53:08","http://159.203.101.9/de_DE/XNTTSEBRUB9943814/Scan/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132503/"
+"132502","2019-02-18 11:52:14","http://185.224.249.181:80/bins/despise.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132502/"
+"132501","2019-02-18 11:52:11","http://185.224.249.181:80/bins/despise.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132501/"
+"132500","2019-02-18 11:52:08","http://185.224.249.181:80/bins/despise.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132500/"
+"132499","2019-02-18 11:52:05","http://185.224.249.181:80/bins/despise.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132499/"
+"132498","2019-02-18 11:49:06","http://35.232.73.116/DE/DSWTSAJ2444068/Rechnungs/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132498/"
+"132497","2019-02-18 11:48:14","http://mincoindia.com/wp-content/a2.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/132497/"
+"132496","2019-02-18 11:46:18","http://headshotsni.co.uk/.well-known/acme-challenge/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/132496/"
+"132495","2019-02-18 11:45:59","http://o-corporation.net/Content/PrintArea/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/132495/"
+"132494","2019-02-18 11:45:53","http://oinfernosaoosoutros.net/wp-content/plugins/akismet/_inc/img/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/132494/"
+"132493","2019-02-18 11:45:32","http://35.202.250.4/DE_de/CUEXGZE7905319/Rechnungs/DOC-Dokument/","online","malware_download","None","https://urlhaus.abuse.ch/url/132493/"
+"132492","2019-02-18 11:44:24","http://clashofclansgems.nl/we0vzgRVrBht_n0msiZXJ/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/132492/"
+"132491","2019-02-18 11:44:20","http://saleswork.nl/Hb48aHy9VnAy8/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/132491/"
+"132490","2019-02-18 11:44:16","http://zolotoykluch69.ru/bzdDJhsZP/","online","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/132490/"
+"132489","2019-02-18 11:44:08","http://mask.studio/Kv0yxkyQ34/","online","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/132489/"
+"132488","2019-02-18 11:40:10","http://mincoindia.com/wp-content/90603327.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/132488/"
+"132487","2019-02-18 11:40:04","http://krisen.ca/De/ZVHWKN4733448/Rechnungs/DETAILS/","offline","malware_download","None","https://urlhaus.abuse.ch/url/132487/"
+"132486","2019-02-18 11:36:05","http://menardvidal.com/nj.exe","online","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/132486/"
+"132485","2019-02-18 11:36:04","http://206.189.154.46/De_de/IOYGXFOS4586915/Rechnungs-Details/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132485/"
+"132484","2019-02-18 11:32:09","http://13.239.63.5/De_de/PTHJMWEKE6025428/gescanntes-Dokument/Rechnungszahlung//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132484/"
+"132483","2019-02-18 11:31:46","http://104.223.40.40/8CqRIJhG4/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/132483/"
+"132482","2019-02-18 11:31:42","http://128.199.187.124/v35hrbFz/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/132482/"
+"132481","2019-02-18 11:31:37","http://13.233.183.227/5VfqqsmV/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/132481/"
+"132480","2019-02-18 11:31:07","http://giancarloraso.com/xwSiP547/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/132480/"
+"132479","2019-02-18 11:31:04","http://bazee365.com/v59HxZy/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/132479/"
+"132478","2019-02-18 11:28:05","http://3.92.174.100/DE_de/LKYFRY3430810/Rechnungs/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132478/"
+"132477","2019-02-18 11:24:25","https://www.kamagra4uk.com/images/gee/eb/ebb.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/132477/"
+"132476","2019-02-18 11:24:12","http://35.204.88.6/De_de/QNXXBL2550799/DE/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132476/"
+"132475","2019-02-18 11:19:09","http://193.77.216.20/jwzedo5/Februar2019/UGSIRFQS9041754/Bestellungen/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132475/"
+"132474","2019-02-18 11:15:11","http://178.128.54.239/DE_de/LVDCUAUGYB6443381/de/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132474/"
+"132473","2019-02-18 11:13:14","http://5.152.203.104/file/win.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/132473/"
+"132472","2019-02-18 11:12:06","http://204.48.21.209/De/LTJPKWLIQJ3955553/Scan/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132472/"
+"132469","2019-02-18 11:09:04","http://tcbnonapf50.city/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=donuf12.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132469/"
+"132470","2019-02-18 11:09:04","http://tcbnonapf50.city/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=donuf13.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132470/"
+"132471","2019-02-18 11:09:04","http://tcbnonapf50.city/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=donuf14.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132471/"
+"132468","2019-02-18 11:09:03","http://tcbnonapf50.city/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=donuf10.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132468/"
+"132466","2019-02-18 11:09:02","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos11.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132466/"
+"132467","2019-02-18 11:09:02","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos12.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132467/"
+"132464","2019-02-18 11:08:03","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos10.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132464/"
+"132465","2019-02-18 11:08:03","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos13.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132465/"
+"132463","2019-02-18 11:08:03","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos9.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132463/"
+"132462","2019-02-18 11:08:02","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos8.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132462/"
+"132461","2019-02-18 11:06:04","http://159.89.153.180/Februar2019/KIGORQGG3636393/Rechnungs-Details/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132461/"
+"132460","2019-02-18 11:02:03","http://159.65.146.232/De_de/JVKBEGN3447167/Rechnungs-docs/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132460/"
+"132459","2019-02-18 10:58:02","http://18.218.56.72/wp-content/Februar2019/MCUQNVLYB6133013/GER/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132459/"
+"132458","2019-02-18 10:53:05","http://128.199.172.4/DE_de/SBWMHZD3362582/DE/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132458/"
+"132457","2019-02-18 10:49:05","http://139.59.6.216/De/MOKKBK2937470/de/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132457/"
+"132456","2019-02-18 10:45:04","http://128.199.207.179/De_de/XAQWGLP5525711/DE/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132456/"
+"132455","2019-02-18 10:41:04","http://178.236.210.22/DE_de/VXLQHV3545501/Rechnungskorrektur/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132455/"
+"132454","2019-02-18 10:37:02","http://207.154.223.104/De/MUDMLVMRE9635299/Dokumente/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132454/"
+"132452","2019-02-18 10:33:03","http://138.197.72.9/De_de/DAWSAA4214739/DE/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132452/"
+"132453","2019-02-18 10:33:03","http://139.99.186.18/xml/amin.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/132453/"
+"132451","2019-02-18 10:28:08","http://thales-las.cfdt-fgmm.fr/cgi-bin/de_DE/HGBRXR0176258/Rechnung/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132451/"
+"132450","2019-02-18 10:24:07","http://178.62.102.110/Februar2019/AUNPVURZA9802560/Rechnung/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132450/"
+"132449","2019-02-18 10:22:04","http://masjidsolar.nl/xMPn6P4SWc_Nor4jjjBg/","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/132449/"
+"132448","2019-02-18 10:20:08","http://132.145.153.89/de_DE/USZFAV9571004/Rechnungs-Details/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132448/"
+"132447","2019-02-18 10:14:04","http://139.59.182.250/DE_de/YEMZQWL7122420/DE_de/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132447/"
+"132446","2019-02-18 10:11:05","http://178.62.233.192/DE/IIGBOEF2759358/Rechnungs/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132446/"
+"132445","2019-02-18 10:07:03","http://178.62.213.188/DE_de/VLETOOSN3411887/Rechnung/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132445/"
+"132444","2019-02-18 10:02:02","http://139.59.130.73/Februar2019/GOQXXVYNC1427879/Rechnung/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132444/"
+"132443","2019-02-18 09:58:03","http://www.difalabarghoo.ir/De_de/UMKZAQYHN9698380/Rechnungs-Details/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132443/"
+"132442","2019-02-18 09:54:10","http://wordpress-219768-716732.cloudwaysapps.com/De_de/QGMZIZ7416457/Scan/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132442/"
+"132441","2019-02-18 09:53:21","http://amazonvietnampharma.com.vn/l/css/baba.msi","online","malware_download","msi","https://urlhaus.abuse.ch/url/132441/"
+"132440","2019-02-18 09:53:11","http://124.80.38.9:55660/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/132440/"
+"132439","2019-02-18 09:53:05","http://185.224.249.181:80/bins/despise.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132439/"
+"132438","2019-02-18 09:48:06","http://167.99.10.129/De/TWVNEO1831802/GER/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132438/"
+"132437","2019-02-18 09:44:23","https://www.kamagra4uk.com/images/gce/gio.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/132437/"
+"132436","2019-02-18 09:44:05","http://truenorthtimber.com/de_DE/GDWQWYRJ1104890/Rechnungs-Details/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132436/"
+"132435","2019-02-18 09:40:07","https://kamagra4uk.com/images/gce/gio.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/132435/"
+"132434","2019-02-18 09:40:06","http://napier.eu/De/WHRKVNO6175983/de/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132434/"
+"132433","2019-02-18 09:36:04","http://laylalanemusic.com/Februar2019/HYBBPW0603269/Scan/Fakturierung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132433/"
+"132432","2019-02-18 09:31:02","http://karditsa.org/DE/MXIESK6756803/Rechnungs-Details/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132432/"
+"132431","2019-02-18 09:28:04","http://ingramjapan.com/De_de/FCDVLUUVGM0238569/Rechnung/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132431/"
+"132430","2019-02-18 09:23:03","http://groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132430/"
+"132429","2019-02-18 09:20:10","http://kynangbanhang.edu.vn/De/LIQUOO0102956/Scan/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132429/"
+"132428","2019-02-18 09:16:06","http://buonbantenmien.com/3/JWRWSGF6549672/Scan/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132428/"
+"132427","2019-02-18 09:15:08","http://1lorawicz.pl/plan/DE/CUAOQJEB9148804/Rechnung/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132427/"
+"132426","2019-02-18 09:11:06","http://alainghazal.com/Februar2019/PYORQFTPOS2153499/Rechnung/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132426/"
+"132425","2019-02-18 09:02:03","http://carolechabrand.it/de_DE/GSEPXGJ2403092/Rechnungs-Details/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132425/"
+"132424","2019-02-18 09:00:02","http://mnyn.ir/Swift_copy.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/132424/"
+"132423","2019-02-18 08:57:02","http://helpdesk.lesitedemamsp.fr/de_DE/WQBBQPHN1301557/Rechnung/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132423/"
+"132422","2019-02-18 08:51:06","http://xn----7sbb4abj9beddh.xn--p1ai/NTBKZKEVG2036428/GER/Fakturierung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132422/"
+"132421","2019-02-18 08:48:09","http://lionabrasives.ru/de_DE/BFYMRX9182365/de/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132421/"
+"132420","2019-02-18 08:44:10","http://matongcaocap.vn/FUFGICJN7853536/DE_de/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132420/"
+"132419","2019-02-18 08:42:10","http://print.abcreative.com/De/SONZEYFXJ6721894/Bestellungen/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132419/"
+"132418","2019-02-18 08:37:05","http://185.224.249.181/bins/despise.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132418/"
+"132417","2019-02-18 08:36:26","http://185.224.249.181/bins/despise.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132417/"
+"132416","2019-02-18 08:36:24","http://185.224.249.181/bins/despise.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132416/"
+"132415","2019-02-18 08:36:23","http://185.224.249.181/bins/despise.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132415/"
+"132414","2019-02-18 08:36:21","http://185.224.249.181/bins/despise.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132414/"
+"132413","2019-02-18 08:36:20","http://185.224.249.181/bins/despise.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132413/"
+"132412","2019-02-18 08:36:18","http://185.224.249.181/bins/despise.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132412/"
+"132411","2019-02-18 08:36:11","http://185.224.249.181/bins/despise.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132411/"
+"132410","2019-02-18 08:36:08","http://185.224.249.181/bins/despise.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132410/"
+"132409","2019-02-18 08:36:05","http://185.224.249.181/bins/despise.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132409/"
+"132408","2019-02-18 08:36:03","http://185.224.249.181/bins/despise.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132408/"
+"132407","2019-02-18 08:13:16","http://www.novatisk.cz/obrazky/q/46640197.jpg","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/132407/"
+"132406","2019-02-18 07:55:00","http://www.act-mag.com/wp/185bz.jpg","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/132406/"
+"132405","2019-02-18 07:54:59","http://www.act-mag.com/wp/bin.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/132405/"
+"132404","2019-02-18 07:54:58","http://www.act-mag.com/wp/joibr.jpg","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/132404/"
+"132403","2019-02-18 07:54:58","http://www.act-mag.com/wp/snbn.jpg","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/132403/"
+"132402","2019-02-18 07:54:57","http://www.act-mag.com/wp/snd1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/132402/"
+"132401","2019-02-18 07:54:56","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132401/"
+"132400","2019-02-18 07:54:54","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132400/"
+"132399","2019-02-18 07:54:50","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132399/"
+"132398","2019-02-18 07:54:47","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132398/"
+"132397","2019-02-18 07:54:43","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132397/"
+"132396","2019-02-18 07:54:40","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132396/"
+"132395","2019-02-18 07:54:37","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132395/"
+"132394","2019-02-18 07:54:36","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132394/"
+"132393","2019-02-18 07:54:35","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132393/"
+"132392","2019-02-18 07:54:33","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132392/"
+"132391","2019-02-18 07:54:30","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132391/"
+"132390","2019-02-18 07:54:28","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132390/"
+"132389","2019-02-18 07:54:25","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132389/"
+"132388","2019-02-18 07:54:23","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132388/"
+"132387","2019-02-18 07:54:19","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132387/"
+"132386","2019-02-18 07:54:17","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132386/"
+"132385","2019-02-18 07:54:15","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132385/"
+"132384","2019-02-18 07:54:12","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132384/"
+"132383","2019-02-18 07:54:09","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132383/"
+"132382","2019-02-18 07:54:08","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132382/"
+"132381","2019-02-18 07:54:07","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132381/"
+"132380","2019-02-18 07:54:04","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132380/"
+"132379","2019-02-18 07:54:01","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132379/"
+"132378","2019-02-18 07:53:59","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132378/"
+"132377","2019-02-18 07:53:56","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132377/"
+"132376","2019-02-18 07:53:55","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132376/"
+"132375","2019-02-18 07:53:51","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132375/"
+"132374","2019-02-18 07:53:49","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132374/"
+"132373","2019-02-18 07:53:46","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132373/"
+"132372","2019-02-18 07:53:42","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132372/"
+"132371","2019-02-18 07:53:39","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132371/"
+"132370","2019-02-18 07:53:37","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132370/"
+"132368","2019-02-18 07:53:34","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132368/"
+"132369","2019-02-18 07:53:34","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132369/"
+"132367","2019-02-18 07:53:31","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132367/"
+"132364","2019-02-18 07:53:29","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132364/"
+"132365","2019-02-18 07:53:29","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132365/"
+"132366","2019-02-18 07:53:29","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132366/"
+"132361","2019-02-18 07:53:28","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132361/"
+"132362","2019-02-18 07:53:28","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132362/"
+"132363","2019-02-18 07:53:28","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132363/"
+"132360","2019-02-18 07:53:25","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132360/"
+"132359","2019-02-18 07:53:23","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132359/"
+"132358","2019-02-18 07:53:22","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132358/"
+"132356","2019-02-18 07:53:21","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132356/"
+"132357","2019-02-18 07:53:21","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132357/"
+"132355","2019-02-18 07:53:19","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132355/"
+"132354","2019-02-18 07:53:18","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132354/"
+"132353","2019-02-18 07:53:17","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132353/"
+"132352","2019-02-18 07:53:16","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132352/"
+"132350","2019-02-18 07:53:14","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132350/"
+"132351","2019-02-18 07:53:14","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132351/"
+"132349","2019-02-18 07:53:13","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132349/"
+"132347","2019-02-18 07:53:12","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132347/"
+"132348","2019-02-18 07:53:12","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132348/"
+"132344","2019-02-18 07:53:11","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132344/"
+"132345","2019-02-18 07:53:11","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132345/"
+"132346","2019-02-18 07:53:11","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132346/"
+"132343","2019-02-18 07:53:09","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132343/"
+"132342","2019-02-18 07:53:07","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132342/"
+"132341","2019-02-18 07:53:06","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132341/"
+"132340","2019-02-18 07:53:05","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132340/"
+"132338","2019-02-18 07:53:04","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132338/"
+"132339","2019-02-18 07:53:04","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132339/"
+"132337","2019-02-18 07:53:03","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132337/"
+"132336","2019-02-18 07:53:01","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132336/"
+"132335","2019-02-18 07:53:00","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132335/"
+"132334","2019-02-18 07:52:59","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132334/"
+"132333","2019-02-18 07:52:58","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132333/"
+"132331","2019-02-18 07:52:57","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132331/"
+"132332","2019-02-18 07:52:57","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132332/"
+"132330","2019-02-18 07:52:56","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132330/"
+"132329","2019-02-18 07:52:55","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132329/"
+"132328","2019-02-18 07:52:54","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132328/"
+"132327","2019-02-18 07:52:53","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132327/"
+"132326","2019-02-18 07:52:51","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132326/"
+"132325","2019-02-18 07:52:50","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132325/"
+"132324","2019-02-18 07:52:48","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132324/"
+"132323","2019-02-18 07:52:45","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132323/"
+"132322","2019-02-18 07:52:42","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132322/"
+"132321","2019-02-18 07:52:39","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132321/"
+"132320","2019-02-18 07:52:35","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132320/"
+"132319","2019-02-18 07:52:31","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132319/"
+"132318","2019-02-18 07:52:27","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132318/"
+"132317","2019-02-18 07:52:25","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132317/"
+"132316","2019-02-18 07:52:24","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132316/"
+"132315","2019-02-18 07:52:22","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132315/"
+"132314","2019-02-18 07:52:20","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132314/"
+"132313","2019-02-18 07:52:17","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132313/"
+"132312","2019-02-18 07:52:15","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132312/"
+"132311","2019-02-18 07:52:13","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132311/"
+"132310","2019-02-18 07:52:10","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132310/"
+"132309","2019-02-18 07:52:08","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132309/"
+"132308","2019-02-18 07:52:06","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132308/"
+"132307","2019-02-18 07:52:03","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132307/"
+"132306","2019-02-18 07:52:01","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132306/"
+"132305","2019-02-18 07:51:58","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132305/"
+"132304","2019-02-18 07:51:57","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132304/"
+"132303","2019-02-18 07:51:56","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132303/"
+"132302","2019-02-18 07:51:52","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132302/"
+"132301","2019-02-18 07:51:50","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132301/"
+"132300","2019-02-18 07:51:46","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132300/"
+"132299","2019-02-18 07:51:44","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132299/"
+"132298","2019-02-18 07:51:43","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132298/"
+"132297","2019-02-18 07:51:40","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132297/"
+"132296","2019-02-18 07:51:37","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132296/"
+"132295","2019-02-18 07:51:35","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132295/"
+"132294","2019-02-18 07:51:31","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132294/"
+"132293","2019-02-18 07:51:29","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132293/"
+"132292","2019-02-18 07:51:27","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132292/"
+"132291","2019-02-18 07:51:24","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132291/"
+"132290","2019-02-18 07:51:23","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132290/"
+"132289","2019-02-18 07:51:21","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132289/"
+"132286","2019-02-18 07:51:19","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132286/"
+"132287","2019-02-18 07:51:19","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132287/"
+"132288","2019-02-18 07:51:19","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132288/"
+"132283","2019-02-18 07:51:18","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132283/"
+"132284","2019-02-18 07:51:18","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132284/"
+"132285","2019-02-18 07:51:18","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132285/"
+"132282","2019-02-18 07:51:16","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132282/"
+"132281","2019-02-18 07:51:13","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132281/"
+"132279","2019-02-18 07:51:12","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132279/"
+"132280","2019-02-18 07:51:12","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132280/"
+"132278","2019-02-18 07:51:11","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132278/"
+"132277","2019-02-18 07:51:10","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132277/"
+"132276","2019-02-18 07:51:09","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132276/"
+"132275","2019-02-18 07:51:08","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132275/"
+"132274","2019-02-18 07:51:06","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132274/"
+"132272","2019-02-18 07:51:05","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132272/"
+"132273","2019-02-18 07:51:05","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132273/"
+"132271","2019-02-18 07:51:04","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132271/"
+"132268","2019-02-18 07:51:03","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132268/"
+"132269","2019-02-18 07:51:03","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132269/"
+"132270","2019-02-18 07:51:03","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132270/"
+"132267","2019-02-18 07:51:02","http://www.act-mag.com/wp/jony.jpg","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/132267/"
+"132265","2019-02-18 07:51:01","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132265/"
+"132266","2019-02-18 07:51:01","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132266/"
+"132264","2019-02-18 07:51:00","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132264/"
+"132263","2019-02-18 07:50:59","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132263/"
+"132262","2019-02-18 07:50:58","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132262/"
+"132261","2019-02-18 07:50:57","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132261/"
+"132259","2019-02-18 07:50:56","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132259/"
+"132260","2019-02-18 07:50:56","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132260/"
+"132258","2019-02-18 07:50:55","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132258/"
+"132257","2019-02-18 07:50:53","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132257/"
+"132256","2019-02-18 07:50:52","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132256/"
+"132254","2019-02-18 07:50:51","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132254/"
+"132255","2019-02-18 07:50:51","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132255/"
+"132253","2019-02-18 07:50:50","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132253/"
+"132252","2019-02-18 07:50:49","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132252/"
+"132251","2019-02-18 07:50:48","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132251/"
+"132250","2019-02-18 07:50:47","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132250/"
+"132249","2019-02-18 07:50:46","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132249/"
+"132248","2019-02-18 07:50:45","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132248/"
+"132247","2019-02-18 07:50:43","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132247/"
+"132246","2019-02-18 07:50:42","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132246/"
+"132245","2019-02-18 07:50:41","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132245/"
+"132244","2019-02-18 07:50:38","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132244/"
+"132243","2019-02-18 07:50:36","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132243/"
+"132242","2019-02-18 07:50:32","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132242/"
+"132241","2019-02-18 07:50:28","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132241/"
+"132240","2019-02-18 07:50:24","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132240/"
+"132239","2019-02-18 07:50:20","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132239/"
+"132238","2019-02-18 07:50:17","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132238/"
+"132237","2019-02-18 07:50:16","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132237/"
+"132236","2019-02-18 07:50:15","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132236/"
+"132235","2019-02-18 07:50:12","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132235/"
+"132234","2019-02-18 07:50:10","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132234/"
+"132233","2019-02-18 07:50:07","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132233/"
+"132232","2019-02-18 07:50:04","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132232/"
+"132231","2019-02-18 07:49:57","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132231/"
+"132230","2019-02-18 07:49:54","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132230/"
+"132229","2019-02-18 07:49:52","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132229/"
+"132228","2019-02-18 07:49:49","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132228/"
+"132227","2019-02-18 07:49:46","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132227/"
+"132226","2019-02-18 07:49:44","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132226/"
+"132225","2019-02-18 07:49:43","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132225/"
+"132224","2019-02-18 07:49:42","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132224/"
+"132223","2019-02-18 07:49:38","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132223/"
+"132222","2019-02-18 07:49:35","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132222/"
+"132221","2019-02-18 07:49:33","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132221/"
+"132220","2019-02-18 07:49:30","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132220/"
+"132219","2019-02-18 07:49:29","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132219/"
+"132218","2019-02-18 07:49:27","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132218/"
+"132217","2019-02-18 07:49:23","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132217/"
+"132216","2019-02-18 07:49:21","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132216/"
+"132215","2019-02-18 07:49:17","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132215/"
+"132214","2019-02-18 07:49:15","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132214/"
+"132213","2019-02-18 07:49:12","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132213/"
+"132212","2019-02-18 07:49:10","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132212/"
+"132211","2019-02-18 07:49:09","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132211/"
+"132210","2019-02-18 07:49:06","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132210/"
+"132207","2019-02-18 07:49:04","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132207/"
+"132208","2019-02-18 07:49:04","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132208/"
+"132209","2019-02-18 07:49:04","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132209/"
+"132204","2019-02-18 07:49:03","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132204/"
+"132205","2019-02-18 07:49:03","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132205/"
+"132206","2019-02-18 07:49:03","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132206/"
+"132203","2019-02-18 07:49:00","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132203/"
+"132202","2019-02-18 07:48:58","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132202/"
+"132200","2019-02-18 07:48:57","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132200/"
+"132201","2019-02-18 07:48:57","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132201/"
+"132199","2019-02-18 07:48:56","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132199/"
+"132198","2019-02-18 07:48:55","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132198/"
+"132197","2019-02-18 07:48:54","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132197/"
+"132196","2019-02-18 07:48:53","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132196/"
+"132195","2019-02-18 07:48:52","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132195/"
+"132194","2019-02-18 07:48:51","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132194/"
+"132192","2019-02-18 07:48:50","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132192/"
+"132193","2019-02-18 07:48:50","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132193/"
+"132190","2019-02-18 07:48:48","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132190/"
+"132191","2019-02-18 07:48:48","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132191/"
+"132187","2019-02-18 07:48:47","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132187/"
+"132188","2019-02-18 07:48:47","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132188/"
+"132189","2019-02-18 07:48:47","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132189/"
+"132186","2019-02-18 07:48:46","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132186/"
+"132185","2019-02-18 07:48:45","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132185/"
+"132184","2019-02-18 07:48:44","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132184/"
+"132183","2019-02-18 07:48:43","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132183/"
+"132182","2019-02-18 07:48:42","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132182/"
+"132180","2019-02-18 07:48:41","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132180/"
+"132181","2019-02-18 07:48:41","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132181/"
+"132179","2019-02-18 07:48:38","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132179/"
+"132178","2019-02-18 07:48:37","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132178/"
+"132176","2019-02-18 07:48:36","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132176/"
+"132177","2019-02-18 07:48:36","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132177/"
+"132175","2019-02-18 07:48:35","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132175/"
+"132174","2019-02-18 07:48:34","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132174/"
+"132173","2019-02-18 07:48:33","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132173/"
+"132172","2019-02-18 07:48:32","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132172/"
+"132171","2019-02-18 07:48:30","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132171/"
+"132170","2019-02-18 07:48:29","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132170/"
+"132169","2019-02-18 07:48:26","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132169/"
+"132168","2019-02-18 07:48:25","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132168/"
+"132167","2019-02-18 07:48:24","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132167/"
+"132166","2019-02-18 07:48:21","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132166/"
+"132165","2019-02-18 07:48:19","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132165/"
+"132164","2019-02-18 07:48:16","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132164/"
+"132163","2019-02-18 07:48:12","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132163/"
+"132162","2019-02-18 07:48:09","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132162/"
+"132161","2019-02-18 07:48:05","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132161/"
+"132160","2019-02-18 07:48:02","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132160/"
+"132159","2019-02-18 07:48:01","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132159/"
+"132158","2019-02-18 07:48:00","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132158/"
+"132157","2019-02-18 07:47:57","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132157/"
+"132156","2019-02-18 07:47:55","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132156/"
+"132155","2019-02-18 07:47:52","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132155/"
+"132154","2019-02-18 07:47:50","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132154/"
+"132153","2019-02-18 07:47:47","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132153/"
+"132152","2019-02-18 07:47:45","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132152/"
+"132151","2019-02-18 07:47:43","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132151/"
+"132150","2019-02-18 07:47:41","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132150/"
+"132149","2019-02-18 07:47:38","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132149/"
+"132148","2019-02-18 07:47:35","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132148/"
+"132147","2019-02-18 07:47:34","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132147/"
+"132146","2019-02-18 07:47:33","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132146/"
+"132145","2019-02-18 07:47:30","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132145/"
+"132144","2019-02-18 07:47:27","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132144/"
+"132143","2019-02-18 07:47:24","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132143/"
+"132142","2019-02-18 07:47:22","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132142/"
+"132141","2019-02-18 07:47:21","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132141/"
+"132140","2019-02-18 07:47:18","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132140/"
+"132139","2019-02-18 07:47:16","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132139/"
+"132138","2019-02-18 07:47:12","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132138/"
+"132137","2019-02-18 07:47:08","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132137/"
+"132136","2019-02-18 07:47:06","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132136/"
+"132135","2019-02-18 07:47:03","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132135/"
+"132134","2019-02-18 07:47:00","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132134/"
+"132133","2019-02-18 07:46:59","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132133/"
+"132132","2019-02-18 07:46:57","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132132/"
+"132130","2019-02-18 07:46:55","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132130/"
+"132131","2019-02-18 07:46:55","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132131/"
+"132127","2019-02-18 07:46:54","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132127/"
+"132128","2019-02-18 07:46:54","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132128/"
+"132129","2019-02-18 07:46:54","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132129/"
+"132126","2019-02-18 07:46:53","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132126/"
+"132125","2019-02-18 07:46:51","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132125/"
+"132124","2019-02-18 07:46:49","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132124/"
+"132123","2019-02-18 07:46:48","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132123/"
+"132121","2019-02-18 07:46:47","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132121/"
+"132122","2019-02-18 07:46:47","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132122/"
+"132120","2019-02-18 07:46:46","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132120/"
+"132119","2019-02-18 07:46:45","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132119/"
+"132118","2019-02-18 07:46:43","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132118/"
+"132117","2019-02-18 07:46:42","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132117/"
+"132116","2019-02-18 07:46:41","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132116/"
+"132114","2019-02-18 07:46:40","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132114/"
+"132115","2019-02-18 07:46:40","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132115/"
+"132113","2019-02-18 07:46:39","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132113/"
+"132110","2019-02-18 07:46:38","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132110/"
+"132111","2019-02-18 07:46:38","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132111/"
+"132112","2019-02-18 07:46:38","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132112/"
+"132108","2019-02-18 07:46:37","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132108/"
+"132109","2019-02-18 07:46:37","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132109/"
+"132107","2019-02-18 07:46:36","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132107/"
+"132106","2019-02-18 07:46:35","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132106/"
+"132105","2019-02-18 07:46:34","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132105/"
+"132104","2019-02-18 07:46:33","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132104/"
+"132102","2019-02-18 07:46:32","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132102/"
+"132103","2019-02-18 07:46:32","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132103/"
+"132101","2019-02-18 07:46:29","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132101/"
+"132100","2019-02-18 07:46:28","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132100/"
+"132098","2019-02-18 07:46:27","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132098/"
+"132099","2019-02-18 07:46:27","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132099/"
+"132097","2019-02-18 07:46:26","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132097/"
+"132096","2019-02-18 07:46:25","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132096/"
+"132095","2019-02-18 07:46:24","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132095/"
+"132094","2019-02-18 07:46:23","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132094/"
+"132093","2019-02-18 07:46:22","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132093/"
+"132092","2019-02-18 07:46:21","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132092/"
+"132091","2019-02-18 07:46:19","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132091/"
+"132090","2019-02-18 07:46:17","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132090/"
+"132089","2019-02-18 07:46:11","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132089/"
+"132088","2019-02-18 07:46:07","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132088/"
+"132087","2019-02-18 07:46:05","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132087/"
+"132086","2019-02-18 07:46:01","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132086/"
+"132085","2019-02-18 07:45:58","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132085/"
+"132084","2019-02-18 07:45:54","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132084/"
+"132083","2019-02-18 07:45:50","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132083/"
+"132082","2019-02-18 07:45:48","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132082/"
+"132081","2019-02-18 07:45:46","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132081/"
+"132080","2019-02-18 07:45:45","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132080/"
+"132079","2019-02-18 07:45:43","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132079/"
+"132078","2019-02-18 07:45:40","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132078/"
+"132077","2019-02-18 07:45:38","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132077/"
+"132076","2019-02-18 07:45:35","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132076/"
+"132075","2019-02-18 07:45:33","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132075/"
+"132074","2019-02-18 07:45:30","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132074/"
+"132073","2019-02-18 07:45:28","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132073/"
+"132072","2019-02-18 07:45:26","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132072/"
+"132071","2019-02-18 07:45:23","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132071/"
+"132070","2019-02-18 07:45:20","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132070/"
+"132069","2019-02-18 07:45:19","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132069/"
+"132068","2019-02-18 07:45:18","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132068/"
+"132067","2019-02-18 07:45:14","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132067/"
+"132066","2019-02-18 07:45:12","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132066/"
+"132065","2019-02-18 07:45:09","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132065/"
+"132064","2019-02-18 07:45:06","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132064/"
+"132063","2019-02-18 07:45:05","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132063/"
+"132062","2019-02-18 07:45:02","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132062/"
+"132061","2019-02-18 07:45:00","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132061/"
+"132060","2019-02-18 07:44:58","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132060/"
+"132059","2019-02-18 07:44:54","http://www.novatisk.cz/obrazky/q/891047.jpg","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/132059/"
+"132058","2019-02-18 07:44:53","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132058/"
+"132057","2019-02-18 07:44:50","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132057/"
+"132056","2019-02-18 07:44:47","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132056/"
+"132055","2019-02-18 07:44:45","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132055/"
+"132054","2019-02-18 07:44:43","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132054/"
+"132053","2019-02-18 07:44:34","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132053/"
+"132052","2019-02-18 07:44:31","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132052/"
+"132049","2019-02-18 07:44:30","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132049/"
+"132050","2019-02-18 07:44:30","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132050/"
+"132051","2019-02-18 07:44:30","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132051/"
+"132047","2019-02-18 07:44:29","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132047/"
+"132048","2019-02-18 07:44:29","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132048/"
+"132046","2019-02-18 07:44:21","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132046/"
+"132045","2019-02-18 07:44:02","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132045/"
+"132043","2019-02-18 07:43:57","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132043/"
+"132044","2019-02-18 07:43:57","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132044/"
+"132042","2019-02-18 07:43:56","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132042/"
+"132041","2019-02-18 07:43:51","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132041/"
+"132040","2019-02-18 07:43:46","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132040/"
+"132039","2019-02-18 07:43:38","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132039/"
+"132038","2019-02-18 07:43:31","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132038/"
+"132037","2019-02-18 07:43:23","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132037/"
+"132035","2019-02-18 07:43:19","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132035/"
+"132036","2019-02-18 07:43:19","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132036/"
+"132034","2019-02-18 07:43:15","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132034/"
+"132032","2019-02-18 07:43:14","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132032/"
+"132033","2019-02-18 07:43:14","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132033/"
+"132030","2019-02-18 07:43:13","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132030/"
+"132031","2019-02-18 07:43:13","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132031/"
+"132029","2019-02-18 07:43:08","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132029/"
+"132028","2019-02-18 07:43:04","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132028/"
+"132027","2019-02-18 07:42:59","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132027/"
+"132026","2019-02-18 07:42:52","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132026/"
+"132025","2019-02-18 07:42:46","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132025/"
+"132024","2019-02-18 07:42:45","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132024/"
+"132023","2019-02-18 07:42:44","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132023/"
+"132022","2019-02-18 07:42:30","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132022/"
+"132021","2019-02-18 07:42:25","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132021/"
+"132020","2019-02-18 07:42:20","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132020/"
+"132019","2019-02-18 07:42:19","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132019/"
+"132017","2019-02-18 07:42:12","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132017/"
+"132018","2019-02-18 07:42:12","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132018/"
+"132016","2019-02-18 07:42:08","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132016/"
+"132015","2019-02-18 07:42:03","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132015/"
+"132014","2019-02-18 07:42:00","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/132014/"
+"132013","2019-02-18 07:41:55","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132013/"
+"132012","2019-02-18 07:41:44","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132012/"
+"132011","2019-02-18 07:41:41","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132011/"
+"132010","2019-02-18 07:41:36","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132010/"
+"132009","2019-02-18 07:41:31","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132009/"
+"132008","2019-02-18 07:41:27","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132008/"
+"132007","2019-02-18 07:41:22","http://51.75.75.88/ankit/x86hua","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132007/"
+"132006","2019-02-18 07:41:22","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132006/"
+"132005","2019-02-18 07:41:17","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132005/"
+"132004","2019-02-18 07:41:13","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132004/"
+"132003","2019-02-18 07:41:08","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132003/"
+"132002","2019-02-18 07:41:05","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132002/"
+"132001","2019-02-18 07:41:02","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132001/"
+"132000","2019-02-18 07:41:01","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132000/"
+"131999","2019-02-18 07:40:58","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131999/"
+"131998","2019-02-18 07:40:55","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131998/"
+"131997","2019-02-18 07:40:52","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131997/"
+"131996","2019-02-18 07:40:49","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131996/"
+"131995","2019-02-18 07:40:46","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131995/"
+"131994","2019-02-18 07:40:44","http://51.75.75.88/ankit/wtf","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131994/"
+"131993","2019-02-18 07:40:43","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131993/"
+"131992","2019-02-18 07:40:40","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131992/"
+"131991","2019-02-18 07:40:37","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131991/"
+"131990","2019-02-18 07:40:34","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131990/"
+"131989","2019-02-18 07:40:31","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131989/"
+"131988","2019-02-18 07:40:29","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131988/"
+"131987","2019-02-18 07:40:28","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131987/"
+"131986","2019-02-18 07:40:21","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131986/"
+"131985","2019-02-18 07:40:17","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131985/"
+"131984","2019-02-18 07:40:14","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131984/"
+"131983","2019-02-18 07:40:10","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131983/"
+"131982","2019-02-18 07:40:08","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131982/"
+"131981","2019-02-18 07:40:05","http://51.75.75.88/ankit/os.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131981/"
+"131980","2019-02-18 07:40:05","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131980/"
+"131979","2019-02-18 07:40:02","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131979/"
+"131978","2019-02-18 07:39:59","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131978/"
+"131977","2019-02-18 07:39:53","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131977/"
+"131976","2019-02-18 07:39:50","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131976/"
+"131975","2019-02-18 07:39:47","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131975/"
+"131974","2019-02-18 07:39:44","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131974/"
+"131973","2019-02-18 07:39:37","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131973/"
+"131972","2019-02-18 07:39:20","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131972/"
+"131971","2019-02-18 07:39:05","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131971/"
+"131969","2019-02-18 07:39:04","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131969/"
+"131970","2019-02-18 07:39:04","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131970/"
+"131967","2019-02-18 07:39:03","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131967/"
+"131968","2019-02-18 07:39:03","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131968/"
+"131966","2019-02-18 07:39:02","http://51.75.75.88/ankit/os.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131966/"
+"131965","2019-02-18 07:39:01","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131965/"
+"131964","2019-02-18 07:38:46","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131964/"
+"131963","2019-02-18 07:38:28","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131963/"
+"131962","2019-02-18 07:38:21","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131962/"
+"131961","2019-02-18 07:38:20","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131961/"
+"131960","2019-02-18 07:38:19","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131960/"
+"131959","2019-02-18 07:38:12","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131959/"
+"131958","2019-02-18 07:38:06","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131958/"
+"131957","2019-02-18 07:37:57","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131957/"
+"131956","2019-02-18 07:37:52","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131956/"
+"131955","2019-02-18 07:37:45","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131955/"
+"131954","2019-02-18 07:37:41","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131954/"
+"131953","2019-02-18 07:37:40","http://51.75.75.88/ankit/os.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131953/"
+"131952","2019-02-18 07:37:39","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131952/"
+"131951","2019-02-18 07:37:33","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131951/"
+"131950","2019-02-18 07:37:32","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131950/"
+"131948","2019-02-18 07:37:31","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131948/"
+"131949","2019-02-18 07:37:31","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131949/"
+"131947","2019-02-18 07:37:30","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131947/"
+"131946","2019-02-18 07:37:24","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131946/"
+"131945","2019-02-18 07:37:18","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131945/"
+"131944","2019-02-18 07:37:11","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131944/"
+"131943","2019-02-18 07:37:02","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131943/"
+"131942","2019-02-18 07:36:54","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131942/"
+"131940","2019-02-18 07:36:53","http://51.75.75.88/ankit/os.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131940/"
+"131941","2019-02-18 07:36:53","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131941/"
+"131939","2019-02-18 07:36:52","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131939/"
+"131938","2019-02-18 07:36:35","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131938/"
+"131937","2019-02-18 07:36:28","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131937/"
+"131936","2019-02-18 07:36:21","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131936/"
+"131935","2019-02-18 07:36:20","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131935/"
+"131934","2019-02-18 07:36:12","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131934/"
+"131933","2019-02-18 07:36:11","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131933/"
+"131932","2019-02-18 07:36:05","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131932/"
+"131931","2019-02-18 07:35:59","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131931/"
+"131930","2019-02-18 07:35:54","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131930/"
+"131929","2019-02-18 07:35:47","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131929/"
+"131928","2019-02-18 07:35:29","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131928/"
+"131927","2019-02-18 07:35:26","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131927/"
+"131926","2019-02-18 07:35:22","http://51.75.75.88/ankit/os.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131926/"
+"131925","2019-02-18 07:35:21","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131925/"
+"131924","2019-02-18 07:35:17","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131924/"
+"131923","2019-02-18 07:35:14","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131923/"
+"131922","2019-02-18 07:35:09","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131922/"
+"131921","2019-02-18 07:35:04","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131921/"
+"131920","2019-02-18 07:34:59","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131920/"
+"131919","2019-02-18 07:34:55","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131919/"
+"131918","2019-02-18 07:34:52","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131918/"
+"131917","2019-02-18 07:34:50","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131917/"
+"131916","2019-02-18 07:34:49","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131916/"
+"131915","2019-02-18 07:34:46","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131915/"
+"131914","2019-02-18 07:34:43","http://51.75.75.88/ankit/os.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131914/"
+"131913","2019-02-18 07:34:42","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131913/"
+"131912","2019-02-18 07:34:39","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131912/"
+"131911","2019-02-18 07:34:36","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131911/"
+"131910","2019-02-18 07:34:32","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131910/"
+"131909","2019-02-18 07:34:30","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131909/"
+"131908","2019-02-18 07:34:27","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131908/"
+"131907","2019-02-18 07:34:24","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131907/"
+"131906","2019-02-18 07:34:21","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131906/"
+"131905","2019-02-18 07:34:18","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131905/"
+"131904","2019-02-18 07:34:17","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131904/"
+"131903","2019-02-18 07:34:16","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131903/"
+"131902","2019-02-18 07:34:12","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131902/"
+"131901","2019-02-18 07:34:09","http://51.75.75.88/ankit/os.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131901/"
+"131900","2019-02-18 07:34:09","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131900/"
+"131899","2019-02-18 07:34:06","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131899/"
+"131898","2019-02-18 07:34:03","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131898/"
+"131897","2019-02-18 07:34:02","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131897/"
+"131896","2019-02-18 07:33:59","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131896/"
+"131895","2019-02-18 07:33:57","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131895/"
+"131894","2019-02-18 07:33:54","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131894/"
+"131893","2019-02-18 07:33:50","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131893/"
+"131892","2019-02-18 07:33:48","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131892/"
+"131891","2019-02-18 07:33:44","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131891/"
+"131890","2019-02-18 07:33:41","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131890/"
+"131889","2019-02-18 07:33:38","http://51.75.75.88/ankit/os.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131889/"
+"131888","2019-02-18 07:33:37","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131888/"
+"131887","2019-02-18 07:33:32","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131887/"
+"131885","2019-02-18 07:33:30","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131885/"
+"131886","2019-02-18 07:33:30","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131886/"
+"131882","2019-02-18 07:33:29","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131882/"
+"131883","2019-02-18 07:33:29","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131883/"
+"131884","2019-02-18 07:33:29","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131884/"
+"131881","2019-02-18 07:33:28","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131881/"
+"131880","2019-02-18 07:33:24","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131880/"
+"131879","2019-02-18 07:33:05","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131879/"
+"131878","2019-02-18 07:32:58","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131878/"
+"131877","2019-02-18 07:32:57","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131877/"
+"131876","2019-02-18 07:32:56","http://51.75.75.88/ankit/os.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131876/"
+"131875","2019-02-18 07:32:54","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131875/"
+"131874","2019-02-18 07:32:46","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131874/"
+"131873","2019-02-18 07:32:39","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131873/"
+"131872","2019-02-18 07:32:29","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131872/"
+"131871","2019-02-18 07:32:20","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131871/"
+"131870","2019-02-18 07:32:14","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131870/"
+"131869","2019-02-18 07:32:09","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131869/"
+"131868","2019-02-18 07:32:07","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131868/"
+"131867","2019-02-18 07:32:02","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131867/"
+"131866","2019-02-18 07:32:01","http://51.75.75.88/ankit/os.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131866/"
+"131865","2019-02-18 07:32:00","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131865/"
+"131863","2019-02-18 07:31:59","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131863/"
+"131864","2019-02-18 07:31:59","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131864/"
+"131862","2019-02-18 07:31:58","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131862/"
+"131861","2019-02-18 07:31:52","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131861/"
+"131860","2019-02-18 07:31:45","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131860/"
+"131859","2019-02-18 07:31:38","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131859/"
+"131858","2019-02-18 07:31:30","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131858/"
+"131857","2019-02-18 07:31:23","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131857/"
+"131856","2019-02-18 07:31:22","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131856/"
+"131855","2019-02-18 07:31:21","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131855/"
+"131854","2019-02-18 07:31:03","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131854/"
+"131853","2019-02-18 07:30:55","http://51.75.75.88/ankit/os.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131853/"
+"131852","2019-02-18 07:30:54","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131852/"
+"131851","2019-02-18 07:30:48","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131851/"
+"131850","2019-02-18 07:30:47","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131850/"
+"131849","2019-02-18 07:30:39","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131849/"
+"131848","2019-02-18 07:30:38","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131848/"
+"131847","2019-02-18 07:30:34","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131847/"
+"131846","2019-02-18 07:30:31","http://base.n24rostov.ru/US/WVWYZ-WjTW_KXk-ni","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131846/"
+"131845","2019-02-18 07:30:22","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131845/"
+"131844","2019-02-18 07:30:17","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131844/"
+"131843","2019-02-18 07:30:10","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131843/"
+"131842","2019-02-18 07:30:01","http://pravara-mi.com/download/Invoice_number/fofur-h2CAB_c-lgb","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131842/"
+"131841","2019-02-18 07:29:55","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131841/"
+"131840","2019-02-18 07:29:50","http://51.75.75.88/ankit/mpsl.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131840/"
+"131839","2019-02-18 07:29:49","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131839/"
+"131838","2019-02-18 07:29:42","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131838/"
+"131837","2019-02-18 07:29:35","http://51.75.75.88/ankit/gang","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131837/"
+"131836","2019-02-18 07:29:33","http://51.75.75.88/ankit/fgd","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131836/"
+"131835","2019-02-18 07:29:31","http://51.75.75.88/ankit/arm7.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131835/"
+"131834","2019-02-18 07:29:30","http://51.75.75.88/ankit/arm5.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131834/"
+"131833","2019-02-18 07:29:29","http://51.75.75.88/ankit/arm.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131833/"
+"131832","2019-02-18 07:29:28","http://simplebsolutions.co.uk/US/corporation/Invoice_Notice/9955581/ZEqz-9WuK_ApOHQ-8pw/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/131832/"
+"131831","2019-02-18 07:29:23","http://megl.ca/llc/Invoice_Notice/VZYa-iN3oZ_MmWHxgsT-C7A","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131831/"
+"131830","2019-02-18 07:29:21","http://music.minoshazkr.gq/dj.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/131830/"
+"131829","2019-02-18 07:29:13","http://amazonvietnampharma.com.vn/l/css/css.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/131829/"
+"131828","2019-02-18 07:29:09","http://83.166.241.99/AB4g5/Josho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131828/"
+"131827","2019-02-18 07:29:06","http://83.166.241.99/AB4g5/Josho.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131827/"
+"131826","2019-02-18 07:29:03","http://35.235.102.123/bins/yakuza.x86_64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131826/"
+"131824","2019-02-18 07:28:32","http://23.239.9.56/bins/xbox.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131824/"
+"131825","2019-02-18 07:28:32","http://23.239.9.56/bins/xbox.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131825/"
+"131823","2019-02-18 07:28:30","http://23.239.9.56/bins/xbox.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131823/"
+"131822","2019-02-18 07:28:29","http://23.239.9.56/bins/xbox.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131822/"
+"131821","2019-02-18 07:28:28","http://23.239.9.56/bins/xbox.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131821/"
+"131820","2019-02-18 07:28:27","http://23.239.9.56/bins/xbox.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131820/"
+"131819","2019-02-18 07:28:26","http://23.239.9.56/bins/xbox.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131819/"
+"131818","2019-02-18 07:28:24","http://23.239.9.56/bins/xbox.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131818/"
+"131817","2019-02-18 07:28:23","http://23.239.9.56/bins/xbox.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131817/"
+"131816","2019-02-18 07:28:22","http://23.239.9.56/bins/xbox.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131816/"
+"131815","2019-02-18 07:28:21","http://23.239.9.56/bins/xbox.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131815/"
+"131814","2019-02-18 07:28:20","http://46.101.232.155/bins/Solstice.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131814/"
+"131812","2019-02-18 07:28:19","http://46.101.232.155/bins/Solstice.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131812/"
+"131813","2019-02-18 07:28:19","http://46.101.232.155/bins/Solstice.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131813/"
+"131810","2019-02-18 07:28:18","http://46.101.232.155/bins/Solstice.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131810/"
+"131811","2019-02-18 07:28:18","http://46.101.232.155/bins/Solstice.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131811/"
+"131809","2019-02-18 07:28:17","http://46.101.232.155/bins/Solstice.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131809/"
+"131807","2019-02-18 07:28:16","http://46.101.232.155/bins/Solstice.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131807/"
+"131808","2019-02-18 07:28:16","http://46.101.232.155/bins/Solstice.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131808/"
+"131806","2019-02-18 07:28:15","http://46.101.232.155/bins/Solstice.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131806/"
+"131804","2019-02-18 07:28:14","http://46.101.232.155/bins/Solstice.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131804/"
+"131805","2019-02-18 07:28:14","http://46.101.232.155/bins/Solstice.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131805/"
+"131803","2019-02-18 07:28:13","http://178.128.127.231/bins/ppc.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131803/"
+"131802","2019-02-18 07:28:12","http://178.128.127.231/bins/mpsl.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131802/"
+"131801","2019-02-18 07:28:10","http://178.128.127.231/bins/mips.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131801/"
+"131800","2019-02-18 07:28:09","http://178.128.127.231/bins/m68k.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131800/"
+"131799","2019-02-18 07:28:07","http://178.128.127.231/bins/arm7.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131799/"
+"131798","2019-02-18 07:28:05","http://178.128.127.231/bins/arm6.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131798/"
+"131797","2019-02-18 07:28:04","http://178.128.127.231/bins/arm5.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131797/"
+"131796","2019-02-18 07:28:03","http://178.128.127.231/bins/arm.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131796/"
+"131795","2019-02-18 07:27:10","http://35.235.102.123/bins/yakuza.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131795/"
+"131794","2019-02-18 07:26:39","http://35.235.102.123/bins/yakuza.x64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131794/"
+"131793","2019-02-18 07:26:09","http://35.235.102.123/bins/yakuza.x32","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131793/"
+"131792","2019-02-18 07:25:39","http://35.235.102.123/bins/yakuza.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131792/"
+"131791","2019-02-18 07:25:09","http://35.235.102.123/bins/yakuza.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131791/"
+"131790","2019-02-18 07:24:39","http://35.235.102.123/bins/yakuza.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131790/"
+"131789","2019-02-18 07:24:09","http://35.235.102.123/bins/yakuza.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131789/"
+"131788","2019-02-18 07:23:39","http://35.235.102.123/bins/yakuza.mipsel","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131788/"
+"131787","2019-02-18 07:23:08","http://35.235.102.123/bins/yakuza.mips64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131787/"
+"131786","2019-02-18 07:22:38","http://35.235.102.123/bins/yakuza.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131786/"
+"131785","2019-02-18 07:22:08","http://35.235.102.123/bins/yakuza.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131785/"
+"131784","2019-02-18 07:21:38","http://35.235.102.123/bins/yakuza.i686","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131784/"
+"131783","2019-02-18 07:21:08","http://35.235.102.123/bins/yakuza.armv7l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131783/"
+"131782","2019-02-18 07:20:38","http://35.235.102.123/bins/yakuza.armv6l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131782/"
+"131781","2019-02-18 07:20:07","http://35.235.102.123/bins/yakuza.armv5l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131781/"
+"131780","2019-02-18 07:19:37","http://35.235.102.123/bins/yakuza.armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131780/"
+"131779","2019-02-18 07:19:07","http://35.235.102.123/bins/yakuza.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131779/"
+"131778","2019-02-18 07:18:37","http://35.235.102.123/bins/yakuza.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131778/"
+"131777","2019-02-18 07:18:07","http://35.235.102.123/bins/yakuza.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131777/"
+"131776","2019-02-18 07:17:37","http://35.235.102.123/bins/yakuza.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131776/"
+"131775","2019-02-18 07:17:06","http://35.235.102.123/bins/tmp.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131775/"
+"131774","2019-02-18 07:16:36","http://35.235.102.123/bins/tmp.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131774/"
+"131773","2019-02-18 07:16:06","http://35.235.102.123/bins/tmp.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131773/"
+"131772","2019-02-18 07:15:36","http://35.235.102.123/bins/tmp.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131772/"
+"131771","2019-02-18 07:15:06","http://35.235.102.123/bins/tmp.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131771/"
+"131770","2019-02-18 07:14:35","http://35.235.102.123/bins/tmp.mips64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131770/"
+"131769","2019-02-18 07:14:05","http://35.235.102.123/bins/tmp.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131769/"
+"131768","2019-02-18 07:13:35","http://35.235.102.123/bins/tmp.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131768/"
+"131767","2019-02-18 07:13:05","http://35.235.102.123/bins/tmp.i686","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131767/"
+"131766","2019-02-18 07:12:35","http://35.235.102.123/bins/tmp.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131766/"
+"131765","2019-02-18 07:12:05","http://35.235.102.123/bins/tmp.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131765/"
+"131764","2019-02-18 07:11:35","http://35.235.102.123/bins/tmp.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131764/"
+"131763","2019-02-18 07:11:04","http://35.235.102.123/bins/tmp.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131763/"
+"131762","2019-02-18 07:10:34","http://35.235.102.123/bins/telnet.mips64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131762/"
+"131761","2019-02-18 07:10:03","http://35.235.102.123/bins/telnet.i686","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131761/"
+"131760","2019-02-18 07:09:33","http://35.235.102.123/bins/kwari.x86_64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131760/"
+"131759","2019-02-18 07:09:03","http://35.235.102.123/bins/kwari.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131759/"
+"131758","2019-02-18 07:08:33","http://35.235.102.123/bins/kwari.x64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131758/"
+"131757","2019-02-18 07:08:03","http://35.235.102.123/bins/kwari.x32","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131757/"
+"131756","2019-02-18 07:07:33","http://35.235.102.123/bins/kwari.sparc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131756/"
+"131755","2019-02-18 07:07:03","http://35.235.102.123/bins/kwari.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131755/"
+"131754","2019-02-18 07:06:32","http://35.235.102.123/bins/kwari.mips64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131754/"
+"131753","2019-02-18 07:06:02","http://35.235.102.123/bins/kwari.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131753/"
+"131752","2019-02-18 07:05:32","http://35.235.102.123/bins/kwari.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131752/"
+"131751","2019-02-18 07:05:02","http://35.235.102.123/bins/kwari.armv6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131751/"
+"131750","2019-02-18 07:04:32","http://35.235.102.123/bins/kwari.armv5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131750/"
+"131749","2019-02-18 07:04:01","http://35.235.102.123/bins/kwari.armv4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131749/"
+"131748","2019-02-18 07:03:31","http://35.235.102.123/bins/kwari.arm7n","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131748/"
+"131747","2019-02-18 07:02:14","http://201.92.84.134:22521/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/131747/"
+"131746","2019-02-18 07:02:10","http://199.38.245.221/bins/yakuza.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131746/"
+"131745","2019-02-18 07:02:09","http://199.38.245.221/bins/yakuza.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131745/"
+"131744","2019-02-18 07:02:08","http://199.38.245.221/bins/yakuza.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131744/"
+"131743","2019-02-18 07:02:07","http://199.38.245.221/bins/x","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131743/"
+"131742","2019-02-18 07:02:06","http://198.23.201.215/AB4g5/Josho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131742/"
+"131741","2019-02-18 07:02:05","http://185.244.25.134/AB4g5/Josho.x84","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131741/"
+"131740","2019-02-18 07:02:04","http://185.244.25.134/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131740/"
+"131739","2019-02-18 07:02:03","http://168.235.98.135/bins/PhantomATM.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131739/"
+"131738","2019-02-18 07:01:20","http://168.235.98.135/bins/PhantomATM.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131738/"
+"131737","2019-02-18 07:01:17","http://168.235.98.135/bins/PhantomATM.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131737/"
+"131736","2019-02-18 07:01:14","http://142.93.227.149/bins/purves.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131736/"
+"131735","2019-02-18 07:01:11","http://142.93.227.149/bins/purves.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131735/"
+"131734","2019-02-18 07:01:08","http://142.93.227.149/bins/purves.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131734/"
+"131733","2019-02-18 07:01:04","http://142.93.227.149/bins/purves.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131733/"
+"131732","2019-02-18 07:01:01","http://142.93.227.149/bins/purves.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131732/"
+"131731","2019-02-18 07:00:58","http://142.93.227.149/bins/purves.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131731/"
+"131730","2019-02-18 07:00:55","http://142.93.227.149/bins/purves.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131730/"
+"131729","2019-02-18 07:00:51","http://142.93.227.149/bins/purves.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131729/"
+"131728","2019-02-18 07:00:48","http://142.93.227.149/bins/purves.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131728/"
+"131727","2019-02-18 07:00:45","http://142.93.227.149/bins/purves.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131727/"
+"131726","2019-02-18 07:00:42","http://142.93.227.149/bins/purves.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131726/"
+"131725","2019-02-18 07:00:39","http://128.199.96.104/AB4g5/Omni.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131725/"
+"131724","2019-02-18 07:00:38","http://128.199.96.104/AB4g5/Omni.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131724/"
+"131723","2019-02-18 07:00:36","http://128.199.96.104/AB4g5/Omni.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131723/"
+"131722","2019-02-18 07:00:34","http://128.199.96.104/AB4g5/Omni.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131722/"
+"131721","2019-02-18 07:00:31","http://128.199.96.104/AB4g5/Omni.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131721/"
+"131720","2019-02-18 06:59:34","http://128.199.96.104/AB4g5/Omni.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131720/"
+"131719","2019-02-18 06:59:32","http://128.199.96.104/AB4g5/Omni.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131719/"
+"131718","2019-02-18 06:59:30","http://128.199.96.104/AB4g5/Omni.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131718/"
+"131717","2019-02-18 06:59:27","http://128.199.96.104/AB4g5/Omni.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131717/"
+"131716","2019-02-18 06:59:09","http://128.199.96.104/AB4g5/Omni.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131716/"
+"131715","2019-02-18 06:58:39","http://128.199.96.104/AB4g5/Omni.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131715/"
+"131714","2019-02-18 06:58:09","http://104.248.181.42:8000/usr/lib/hub/static/3017/ddgs.x86_64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131714/"
+"131713","2019-02-18 06:58:07","http://104.248.181.42:8000/usr/lib/hub/static/3017/ddgs.i686","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131713/"
+"131711","2019-02-18 06:58:06","http://34.73.163.194/AB4g5/Josho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131711/"
+"131712","2019-02-18 06:58:06","ttp://104.219.235.147/bins/x","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131712/"
+"131710","2019-02-18 06:58:03","http://34.73.163.194/AB4g5/Josho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131710/"
+"131709","2019-02-18 06:46:03","https://kamagra4uk.com/images/gee/eb/ebb.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/131709/"
+"131708","2019-02-18 06:45:17","https://share.dmca.gripe/fepQjvpl8uYh5yTy.jpg","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/131708/"
+"131707","2019-02-18 06:29:06","http://www.novatisk.cz/obrazky/q/6029118.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/131707/"
+"131706","2019-02-18 06:11:02","http://gaminggo.website/dbssxdydaf/file/jeMNh-Ra_puh-g0j","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131706/"
+"131705","2019-02-18 06:00:09","https://stablecoinswar.com/2e20640.msi","online","malware_download","exe","https://urlhaus.abuse.ch/url/131705/"
+"131704","2019-02-18 05:46:02","http://206.189.205.246/bins.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/131704/"
+"131703","2019-02-18 05:38:12","http://185.191.229.180/java8000","online","malware_download","elf","https://urlhaus.abuse.ch/url/131703/"
+"131702","2019-02-18 05:36:09","http://34.73.163.194/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131702/"
+"131701","2019-02-18 05:36:06","http://34.73.163.194/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131701/"
+"131700","2019-02-18 05:36:03","http://34.73.163.194/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131700/"
+"131699","2019-02-18 05:35:19","http://34.73.163.194/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131699/"
+"131698","2019-02-18 05:35:13","http://34.73.163.194/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131698/"
+"131697","2019-02-18 05:35:06","http://34.73.163.194/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131697/"
+"131696","2019-02-18 05:33:05","http://34.73.163.194/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131696/"
+"131695","2019-02-18 05:25:05","http://54.250.159.171/US_us/corporation/mlKxT-I19OF_MChYwJVdO-FD","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131695/"
+"131694","2019-02-18 05:14:35","http://216.176.179.106:9090/26005","online","malware_download","payload","https://urlhaus.abuse.ch/url/131694/"
+"131693","2019-02-18 05:14:33","http://216.176.179.106:9090/26004","online","malware_download","payload","https://urlhaus.abuse.ch/url/131693/"
+"131692","2019-02-18 05:14:31","http://216.176.179.106:9090/26002","online","malware_download","payload","https://urlhaus.abuse.ch/url/131692/"
+"131691","2019-02-18 05:14:28","http://216.176.179.106:9090/dash","online","malware_download","payload","https://urlhaus.abuse.ch/url/131691/"
+"131690","2019-02-18 05:14:25","http://216.176.179.106:9090/winlogooo","online","malware_download","payload","https://urlhaus.abuse.ch/url/131690/"
+"131689","2019-02-18 05:14:19","http://216.176.179.106:9090/winlogoo","online","malware_download","payload","https://urlhaus.abuse.ch/url/131689/"
+"131688","2019-02-18 05:13:10","http://images.hbsc-banking.com/SecuredContentadd.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/131688/"
+"131687","2019-02-18 05:09:01","http://119.254.12.142/US_us/corporation/Invoice_number/aXwy-4a_IPVAwL-Yrb","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131687/"
+"131686","2019-02-18 04:31:02","http://35.176.197.139/US/company/Invoice/Yegah-4UC2R_EqbBA-uK","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131686/"
+"131685","2019-02-18 04:23:02","http://54.250.159.171/US/company/Invoice_number/123405918808120/nZdg-6se_PlUK-UQ","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131685/"
+"131684","2019-02-18 04:19:03","http://34.73.163.194/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131684/"
+"131683","2019-02-18 04:19:02","http://www.novatisk.cz/obrazky/q/60501.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/131683/"
+"131682","2019-02-18 04:15:03","http://34.73.163.194/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131682/"
+"131681","2019-02-18 03:58:06","http://104.168.149.180/vb/Amakano.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131681/"
+"131680","2019-02-18 03:48:02","http://www.novatisk.cz/obrazky/q/tpl.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/131680/"
+"131679","2019-02-18 03:28:04","http://1.9.178.128:6425/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/131679/"
+"131678","2019-02-18 03:28:02","http://34.73.163.194:80/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131678/"
+"131677","2019-02-18 03:25:04","http://34.73.163.194:80/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131677/"
+"131676","2019-02-18 02:54:12","http://104.219.235.147/bins/x","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131676/"
+"131675","2019-02-18 02:26:10","https://ilistenidraw.com/CredAdv_85467PDF.jar","offline","malware_download","payload,stage2","https://urlhaus.abuse.ch/url/131675/"
+"131674","2019-02-18 02:26:04","http://priveeprimeltd.co.uk/PNC_943775_883.exe","online","malware_download","payload,stage2","https://urlhaus.abuse.ch/url/131674/"
+"131673","2019-02-18 01:52:14","https://udential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131673/"
+"131672","2019-02-18 01:52:11","https://udential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131672/"
+"131671","2019-02-18 01:52:08","https://udential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131671/"
+"131670","2019-02-18 01:52:04","https://udential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131670/"
+"131669","2019-02-18 01:52:00","https://udential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131669/"
+"131668","2019-02-18 01:51:56","https://udential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131668/"
+"131667","2019-02-18 01:51:53","https://udential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131667/"
+"131666","2019-02-18 01:51:52","https://udential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131666/"
+"131665","2019-02-18 01:51:51","https://udential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131665/"
+"131664","2019-02-18 01:51:48","https://udential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131664/"
+"131663","2019-02-18 01:51:45","https://udential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131663/"
+"131662","2019-02-18 01:51:43","https://udential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131662/"
+"131661","2019-02-18 01:51:40","https://udential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131661/"
+"131660","2019-02-18 01:51:37","https://udential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131660/"
+"131659","2019-02-18 01:51:35","https://udential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131659/"
+"131658","2019-02-18 01:51:32","https://udential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131658/"
+"131657","2019-02-18 01:51:30","https://udential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131657/"
+"131656","2019-02-18 01:51:27","https://udential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131656/"
+"131655","2019-02-18 01:51:24","https://udential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131655/"
+"131654","2019-02-18 01:51:23","https://udential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131654/"
+"131653","2019-02-18 01:51:17","https://udential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131653/"
+"131652","2019-02-18 01:51:12","https://udential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131652/"
+"131651","2019-02-18 01:51:10","https://udential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131651/"
+"131650","2019-02-18 01:51:07","https://udential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131650/"
+"131649","2019-02-18 01:51:04","https://udential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131649/"
+"131648","2019-02-18 01:51:03","https://udential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131648/"
+"131647","2019-02-18 01:51:01","https://udential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131647/"
+"131646","2019-02-18 01:50:58","https://udential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131646/"
+"131645","2019-02-18 01:50:55","https://udential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131645/"
+"131644","2019-02-18 01:50:51","https://udential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131644/"
+"131643","2019-02-18 01:50:48","https://udential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131643/"
+"131642","2019-02-18 01:50:45","https://udential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131642/"
+"131641","2019-02-18 01:50:43","http://udential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131641/"
+"131640","2019-02-18 01:50:42","http://udential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131640/"
+"131639","2019-02-18 01:50:40","http://udential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131639/"
+"131636","2019-02-18 01:50:37","http://udential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131636/"
+"131637","2019-02-18 01:50:37","http://udential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131637/"
+"131638","2019-02-18 01:50:37","http://udential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131638/"
+"131633","2019-02-18 01:50:36","http://udential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131633/"
+"131634","2019-02-18 01:50:36","http://udential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131634/"
+"131635","2019-02-18 01:50:36","http://udential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131635/"
+"131632","2019-02-18 01:50:33","http://udential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131632/"
+"131631","2019-02-18 01:50:31","http://udential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131631/"
+"131630","2019-02-18 01:50:30","http://udential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131630/"
+"131628","2019-02-18 01:50:29","http://udential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131628/"
+"131629","2019-02-18 01:50:29","http://udential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131629/"
+"131627","2019-02-18 01:50:27","http://udential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131627/"
+"131626","2019-02-18 01:50:26","http://udential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131626/"
+"131625","2019-02-18 01:50:24","http://udential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131625/"
+"131624","2019-02-18 01:50:23","http://udential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131624/"
+"131623","2019-02-18 01:50:22","http://udential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131623/"
+"131622","2019-02-18 01:50:21","http://udential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131622/"
+"131621","2019-02-18 01:50:20","http://udential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131621/"
+"131618","2019-02-18 01:50:19","http://udential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131618/"
+"131619","2019-02-18 01:50:19","http://udential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131619/"
+"131620","2019-02-18 01:50:19","http://udential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131620/"
+"131616","2019-02-18 01:50:18","http://udential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131616/"
+"131617","2019-02-18 01:50:18","http://udential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131617/"
+"131615","2019-02-18 01:50:17","http://udential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131615/"
+"131614","2019-02-18 01:50:16","http://udential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131614/"
+"131613","2019-02-18 01:50:15","http://udential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131613/"
+"131612","2019-02-18 01:50:14","http://udential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131612/"
+"131611","2019-02-18 01:50:13","http://udential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131611/"
+"131609","2019-02-18 01:50:12","http://udential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131609/"
+"131610","2019-02-18 01:50:12","http://udential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131610/"
+"131608","2019-02-18 01:50:09","http://udential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131608/"
+"131607","2019-02-18 01:50:08","http://udential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131607/"
+"131605","2019-02-18 01:50:07","http://udential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131605/"
+"131606","2019-02-18 01:50:07","http://udential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131606/"
+"131603","2019-02-18 01:50:05","http://udential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131603/"
+"131604","2019-02-18 01:50:05","http://udential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131604/"
+"131602","2019-02-18 01:50:04","http://udential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131602/"
+"131601","2019-02-18 01:50:02","http://udential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131601/"
+"131600","2019-02-18 01:50:01","http://udential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131600/"
+"131599","2019-02-18 01:50:00","http://udential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131599/"
+"131598","2019-02-18 01:49:58","http://udential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131598/"
+"131597","2019-02-18 01:49:56","http://udential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131597/"
+"131596","2019-02-18 01:49:55","http://udential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131596/"
+"131595","2019-02-18 01:49:52","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131595/"
+"131594","2019-02-18 01:49:49","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131594/"
+"131593","2019-02-18 01:49:45","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131593/"
+"131592","2019-02-18 01:49:42","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131592/"
+"131591","2019-02-18 01:49:38","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131591/"
+"131590","2019-02-18 01:49:34","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131590/"
+"131589","2019-02-18 01:49:32","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131589/"
+"131588","2019-02-18 01:49:30","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131588/"
+"131587","2019-02-18 01:49:28","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131587/"
+"131586","2019-02-18 01:49:25","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131586/"
+"131585","2019-02-18 01:49:23","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131585/"
+"131584","2019-02-18 01:49:20","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131584/"
+"131583","2019-02-18 01:49:17","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131583/"
+"131582","2019-02-18 01:49:14","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131582/"
+"131581","2019-02-18 01:49:12","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131581/"
+"131580","2019-02-18 01:49:10","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131580/"
+"131579","2019-02-18 01:49:07","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131579/"
+"131578","2019-02-18 01:49:04","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131578/"
+"131577","2019-02-18 01:48:56","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131577/"
+"131576","2019-02-18 01:48:55","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131576/"
+"131575","2019-02-18 01:48:54","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131575/"
+"131574","2019-02-18 01:48:50","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131574/"
+"131573","2019-02-18 01:48:48","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131573/"
+"131572","2019-02-18 01:48:45","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131572/"
+"131571","2019-02-18 01:48:42","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131571/"
+"131570","2019-02-18 01:48:41","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131570/"
+"131569","2019-02-18 01:48:38","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131569/"
+"131568","2019-02-18 01:48:36","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131568/"
+"131567","2019-02-18 01:48:33","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131567/"
+"131566","2019-02-18 01:48:29","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131566/"
+"131565","2019-02-18 01:48:26","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131565/"
+"131564","2019-02-18 01:48:21","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131564/"
+"131563","2019-02-18 01:48:19","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131563/"
+"131562","2019-02-18 01:48:18","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131562/"
+"131561","2019-02-18 01:48:15","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131561/"
+"131558","2019-02-18 01:48:12","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131558/"
+"131559","2019-02-18 01:48:12","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131559/"
+"131560","2019-02-18 01:48:12","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131560/"
+"131555","2019-02-18 01:48:11","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131555/"
+"131556","2019-02-18 01:48:11","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131556/"
+"131557","2019-02-18 01:48:11","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131557/"
+"131554","2019-02-18 01:48:08","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131554/"
+"131553","2019-02-18 01:48:06","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131553/"
+"131552","2019-02-18 01:48:05","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131552/"
+"131550","2019-02-18 01:48:04","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131550/"
+"131551","2019-02-18 01:48:04","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131551/"
+"131549","2019-02-18 01:48:03","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131549/"
+"131548","2019-02-18 01:48:02","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131548/"
+"131547","2019-02-18 01:48:00","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131547/"
+"131546","2019-02-18 01:47:59","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131546/"
+"131545","2019-02-18 01:47:58","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131545/"
+"131543","2019-02-18 01:47:57","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131543/"
+"131544","2019-02-18 01:47:57","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131544/"
+"131541","2019-02-18 01:47:56","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131541/"
+"131542","2019-02-18 01:47:56","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131542/"
+"131538","2019-02-18 01:47:55","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131538/"
+"131539","2019-02-18 01:47:55","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131539/"
+"131540","2019-02-18 01:47:55","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131540/"
+"131537","2019-02-18 01:47:54","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131537/"
+"131536","2019-02-18 01:47:52","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131536/"
+"131535","2019-02-18 01:47:50","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131535/"
+"131534","2019-02-18 01:47:49","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131534/"
+"131533","2019-02-18 01:47:47","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131533/"
+"131531","2019-02-18 01:47:46","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131531/"
+"131532","2019-02-18 01:47:46","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131532/"
+"131530","2019-02-18 01:47:39","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131530/"
+"131529","2019-02-18 01:47:38","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131529/"
+"131528","2019-02-18 01:47:37","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131528/"
+"131527","2019-02-18 01:47:36","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131527/"
+"131525","2019-02-18 01:47:35","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131525/"
+"131526","2019-02-18 01:47:35","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131526/"
+"131524","2019-02-18 01:47:34","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131524/"
+"131523","2019-02-18 01:47:33","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131523/"
+"131522","2019-02-18 01:47:32","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131522/"
+"131521","2019-02-18 01:47:31","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131521/"
+"131520","2019-02-18 01:47:28","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131520/"
+"131519","2019-02-18 01:47:27","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131519/"
+"131518","2019-02-18 01:47:26","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131518/"
+"131517","2019-02-18 01:47:23","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131517/"
+"131516","2019-02-18 01:47:20","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131516/"
+"131515","2019-02-18 01:47:16","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131515/"
+"131514","2019-02-18 01:47:13","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131514/"
+"131513","2019-02-18 01:47:09","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131513/"
+"131512","2019-02-18 01:47:05","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131512/"
+"131511","2019-02-18 01:47:02","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131511/"
+"131510","2019-02-18 01:47:01","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131510/"
+"131509","2019-02-18 01:47:00","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131509/"
+"131508","2019-02-18 01:46:57","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131508/"
+"131507","2019-02-18 01:46:54","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131507/"
+"131506","2019-02-18 01:46:52","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131506/"
+"131505","2019-02-18 01:46:49","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131505/"
+"131504","2019-02-18 01:46:47","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131504/"
+"131503","2019-02-18 01:46:44","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131503/"
+"131502","2019-02-18 01:46:42","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131502/"
+"131501","2019-02-18 01:46:39","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131501/"
+"131500","2019-02-18 01:46:36","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131500/"
+"131499","2019-02-18 01:46:34","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131499/"
+"131498","2019-02-18 01:46:32","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131498/"
+"131497","2019-02-18 01:46:25","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131497/"
+"131496","2019-02-18 01:46:21","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131496/"
+"131495","2019-02-18 01:46:19","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131495/"
+"131494","2019-02-18 01:46:16","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131494/"
+"131493","2019-02-18 01:46:13","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131493/"
+"131492","2019-02-18 01:46:12","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131492/"
+"131491","2019-02-18 01:46:10","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131491/"
+"131490","2019-02-18 01:46:07","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131490/"
+"131489","2019-02-18 01:46:05","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131489/"
+"131488","2019-02-18 01:46:01","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131488/"
+"131487","2019-02-18 01:45:58","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131487/"
+"131486","2019-02-18 01:45:56","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131486/"
+"131485","2019-02-18 01:45:48","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131485/"
+"131484","2019-02-18 01:45:45","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131484/"
+"131483","2019-02-18 01:45:27","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131483/"
+"131481","2019-02-18 01:45:22","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131481/"
+"131482","2019-02-18 01:45:22","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131482/"
+"131478","2019-02-18 01:45:21","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131478/"
+"131479","2019-02-18 01:45:21","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131479/"
+"131480","2019-02-18 01:45:21","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131480/"
+"131477","2019-02-18 01:45:20","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131477/"
+"131476","2019-02-18 01:45:14","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131476/"
+"131475","2019-02-18 01:45:03","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131475/"
+"131474","2019-02-18 01:44:56","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131474/"
+"131473","2019-02-18 01:44:55","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131473/"
+"131472","2019-02-18 01:44:53","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131472/"
+"131471","2019-02-18 01:44:47","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131471/"
+"131470","2019-02-18 01:44:40","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131470/"
+"131469","2019-02-18 01:44:31","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131469/"
+"131468","2019-02-18 01:44:24","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131468/"
+"131467","2019-02-18 01:44:18","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131467/"
+"131466","2019-02-18 01:44:15","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131466/"
+"131465","2019-02-18 01:44:14","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131465/"
+"131463","2019-02-18 01:44:09","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131463/"
+"131464","2019-02-18 01:44:09","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131464/"
+"131462","2019-02-18 01:44:07","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131462/"
+"131461","2019-02-18 01:44:05","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131461/"
+"131460","2019-02-18 01:44:04","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131460/"
+"131459","2019-02-18 01:44:00","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131459/"
+"131458","2019-02-18 01:43:56","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131458/"
+"131457","2019-02-18 01:43:52","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131457/"
+"131456","2019-02-18 01:43:45","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131456/"
+"131454","2019-02-18 01:43:40","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131454/"
+"131455","2019-02-18 01:43:40","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131455/"
+"131453","2019-02-18 01:43:38","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131453/"
+"131452","2019-02-18 01:43:24","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131452/"
+"131451","2019-02-18 01:43:18","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131451/"
+"131449","2019-02-18 01:43:12","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131449/"
+"131450","2019-02-18 01:43:12","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131450/"
+"131448","2019-02-18 01:43:06","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131448/"
+"131447","2019-02-18 01:43:05","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131447/"
+"131446","2019-02-18 01:43:01","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131446/"
+"131445","2019-02-18 01:42:58","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131445/"
+"131444","2019-02-18 01:42:55","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131444/"
+"131443","2019-02-18 01:42:50","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131443/"
+"131442","2019-02-18 01:42:39","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131442/"
+"131441","2019-02-18 01:42:33","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131441/"
+"131440","2019-02-18 01:42:27","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131440/"
+"131439","2019-02-18 01:42:21","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131439/"
+"131438","2019-02-18 01:42:17","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131438/"
+"131437","2019-02-18 01:42:12","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131437/"
+"131436","2019-02-18 01:42:06","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131436/"
+"131435","2019-02-18 01:42:00","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131435/"
+"131434","2019-02-18 01:41:55","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131434/"
+"131433","2019-02-18 01:41:51","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131433/"
+"131432","2019-02-18 01:41:48","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131432/"
+"131431","2019-02-18 01:41:46","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131431/"
+"131430","2019-02-18 01:41:43","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131430/"
+"131429","2019-02-18 01:41:40","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131429/"
+"131428","2019-02-18 01:41:34","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131428/"
+"131427","2019-02-18 01:41:30","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131427/"
+"131426","2019-02-18 01:41:27","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131426/"
+"131425","2019-02-18 01:41:24","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131425/"
+"131424","2019-02-18 01:41:19","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131424/"
+"131423","2019-02-18 01:41:15","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131423/"
+"131422","2019-02-18 01:41:10","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131422/"
+"131421","2019-02-18 01:41:06","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131421/"
+"131420","2019-02-18 01:41:02","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131420/"
+"131419","2019-02-18 01:41:01","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131419/"
+"131418","2019-02-18 01:40:56","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131418/"
+"131417","2019-02-18 01:40:53","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131417/"
+"131416","2019-02-18 01:40:49","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131416/"
+"131415","2019-02-18 01:40:46","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131415/"
+"131414","2019-02-18 01:40:43","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131414/"
+"131413","2019-02-18 01:40:39","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131413/"
+"131412","2019-02-18 01:40:34","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131412/"
+"131411","2019-02-18 01:40:29","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131411/"
+"131410","2019-02-18 01:40:23","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131410/"
+"131409","2019-02-18 01:40:18","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131409/"
+"131408","2019-02-18 01:40:13","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131408/"
+"131407","2019-02-18 01:40:09","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131407/"
+"131406","2019-02-18 01:40:02","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131406/"
+"131405","2019-02-18 01:39:45","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131405/"
+"131404","2019-02-18 01:39:28","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131404/"
+"131403","2019-02-18 01:39:25","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131403/"
+"131402","2019-02-18 01:39:22","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131402/"
+"131401","2019-02-18 01:39:20","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131401/"
+"131400","2019-02-18 01:39:18","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131400/"
+"131399","2019-02-18 01:39:16","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131399/"
+"131398","2019-02-18 01:39:01","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131398/"
+"131397","2019-02-18 01:38:46","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131397/"
+"131396","2019-02-18 01:38:38","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131396/"
+"131395","2019-02-18 01:38:35","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131395/"
+"131394","2019-02-18 01:38:31","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131394/"
+"131393","2019-02-18 01:38:21","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131393/"
+"131392","2019-02-18 01:38:13","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131392/"
+"131391","2019-02-18 01:38:02","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131391/"
+"131390","2019-02-18 01:37:51","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131390/"
+"131389","2019-02-18 01:37:39","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131389/"
+"131388","2019-02-18 01:37:31","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131388/"
+"131387","2019-02-18 01:37:27","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131387/"
+"131386","2019-02-18 01:37:15","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131386/"
+"131385","2019-02-18 01:37:11","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131385/"
+"131384","2019-02-18 01:37:05","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131384/"
+"131383","2019-02-18 01:36:50","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131383/"
+"131382","2019-02-18 01:36:45","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131382/"
+"131381","2019-02-18 01:36:34","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131381/"
+"131380","2019-02-18 01:36:24","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131380/"
+"131379","2019-02-18 01:36:14","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131379/"
+"131378","2019-02-18 01:36:04","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131378/"
+"131377","2019-02-18 01:35:56","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131377/"
+"131376","2019-02-18 01:35:55","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131376/"
+"131375","2019-02-18 01:35:54","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131375/"
+"131374","2019-02-18 01:35:39","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131374/"
+"131373","2019-02-18 01:35:30","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131373/"
+"131372","2019-02-18 01:35:22","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131372/"
+"131371","2019-02-18 01:35:20","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131371/"
+"131370","2019-02-18 01:35:11","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131370/"
+"131369","2019-02-18 01:34:56","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131369/"
+"131368","2019-02-18 01:34:51","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131368/"
+"131367","2019-02-18 01:34:45","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131367/"
+"131366","2019-02-18 01:34:40","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131366/"
+"131365","2019-02-18 01:34:36","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131365/"
+"131364","2019-02-18 01:34:21","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131364/"
+"131363","2019-02-18 01:34:17","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131363/"
+"131362","2019-02-18 01:34:10","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131362/"
+"131361","2019-02-18 01:32:10","http://178.128.127.231/bins/spc.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131361/"
+"131360","2019-02-18 01:32:08","http://178.128.127.231/bins/x86.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131360/"
+"131359","2019-02-18 01:32:05","http://178.128.127.231/bins/sh4.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131359/"
+"131358","2019-02-18 00:42:07","http://206.189.205.246/vvglma","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131358/"
+"131357","2019-02-18 00:42:06","http://206.189.205.246/nvitpj","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131357/"
+"131356","2019-02-18 00:42:04","http://206.189.205.246/earyzq","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131356/"
+"131355","2019-02-18 00:42:03","http://206.189.205.246/lnkfmx","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131355/"
+"131354","2019-02-18 00:41:42","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131354/"
+"131353","2019-02-18 00:41:39","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131353/"
+"131352","2019-02-18 00:41:34","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131352/"
+"131351","2019-02-18 00:41:31","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131351/"
+"131350","2019-02-18 00:41:27","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131350/"
+"131349","2019-02-18 00:41:23","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131349/"
+"131348","2019-02-18 00:41:19","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131348/"
+"131347","2019-02-18 00:41:11","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131347/"
+"131346","2019-02-18 00:41:09","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131346/"
+"131345","2019-02-18 00:41:06","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131345/"
+"131344","2019-02-18 00:41:02","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131344/"
+"131343","2019-02-18 00:40:57","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131343/"
+"131342","2019-02-18 00:40:51","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131342/"
+"131341","2019-02-18 00:40:46","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131341/"
+"131340","2019-02-18 00:40:40","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131340/"
+"131339","2019-02-18 00:40:35","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131339/"
+"131338","2019-02-18 00:40:30","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131338/"
+"131337","2019-02-18 00:40:25","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131337/"
+"131336","2019-02-18 00:40:21","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131336/"
+"131335","2019-02-18 00:40:19","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131335/"
+"131334","2019-02-18 00:40:17","http://206.189.205.246/qtmzbn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131334/"
+"131333","2019-02-18 00:40:15","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131333/"
+"131332","2019-02-18 00:40:08","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131332/"
+"131331","2019-02-18 00:40:03","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131331/"
+"131330","2019-02-18 00:39:59","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131330/"
+"131329","2019-02-18 00:39:48","http://206.189.205.246/qvmxvl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131329/"
+"131328","2019-02-18 00:39:45","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131328/"
+"131327","2019-02-18 00:39:43","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131327/"
+"131326","2019-02-18 00:39:38","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131326/"
+"131325","2019-02-18 00:39:32","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131325/"
+"131324","2019-02-18 00:39:28","http://206.189.205.246/atxhua","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131324/"
+"131323","2019-02-18 00:39:25","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131323/"
+"131322","2019-02-18 00:39:18","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131322/"
+"131321","2019-02-18 00:39:12","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131321/"
+"131320","2019-02-18 00:39:07","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131320/"
+"131319","2019-02-18 00:39:03","http://206.189.205.246/razdzn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131319/"
+"131318","2019-02-18 00:39:01","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131318/"
+"131317","2019-02-18 00:38:53","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131317/"
+"131316","2019-02-18 00:38:37","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131316/"
+"131315","2019-02-18 00:38:22","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131315/"
+"131314","2019-02-18 00:38:19","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131314/"
+"131313","2019-02-18 00:38:16","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131313/"
+"131312","2019-02-18 00:38:14","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131312/"
+"131311","2019-02-18 00:38:12","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131311/"
+"131310","2019-02-18 00:38:08","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131310/"
+"131309","2019-02-18 00:37:51","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131309/"
+"131308","2019-02-18 00:37:35","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131308/"
+"131307","2019-02-18 00:37:26","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131307/"
+"131306","2019-02-18 00:37:23","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131306/"
+"131305","2019-02-18 00:37:20","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131305/"
+"131304","2019-02-18 00:37:12","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131304/"
+"131303","2019-02-18 00:37:06","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131303/"
+"131302","2019-02-18 00:36:54","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131302/"
+"131301","2019-02-18 00:36:45","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131301/"
+"131300","2019-02-18 00:36:34","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131300/"
+"131299","2019-02-18 00:36:28","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131299/"
+"131298","2019-02-18 00:36:26","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131298/"
+"131297","2019-02-18 00:36:19","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131297/"
+"131296","2019-02-18 00:36:17","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131296/"
+"131295","2019-02-18 00:36:14","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131295/"
+"131294","2019-02-18 00:36:09","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131294/"
+"131293","2019-02-18 00:36:06","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131293/"
+"131292","2019-02-18 00:35:58","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131292/"
+"131291","2019-02-18 00:35:49","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131291/"
+"131290","2019-02-18 00:35:42","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131290/"
+"131289","2019-02-18 00:35:33","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131289/"
+"131288","2019-02-18 00:35:25","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131288/"
+"131287","2019-02-18 00:35:18","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131287/"
+"131286","2019-02-18 00:35:15","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131286/"
+"131285","2019-02-18 00:35:03","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131285/"
+"131284","2019-02-18 00:35:02","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131284/"
+"131283","2019-02-18 00:35:01","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131283/"
+"131282","2019-02-18 00:35:00","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131282/"
+"131280","2019-02-18 00:34:59","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131280/"
+"131281","2019-02-18 00:34:59","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131281/"
+"131279","2019-02-18 00:34:57","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131279/"
+"131278","2019-02-18 00:34:56","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131278/"
+"131277","2019-02-18 00:34:55","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131277/"
+"131276","2019-02-18 00:34:54","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131276/"
+"131275","2019-02-18 00:34:52","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131275/"
+"131274","2019-02-18 00:34:51","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131274/"
+"131273","2019-02-18 00:34:49","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131273/"
+"131272","2019-02-18 00:34:46","https://businessmanagemewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131272/"
+"131271","2019-02-18 00:34:44","https://businessmanagemewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131271/"
+"131270","2019-02-18 00:34:40","https://businessmanagemewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131270/"
+"131269","2019-02-18 00:34:37","https://businessmanagemewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131269/"
+"131268","2019-02-18 00:34:33","https://businessmanagemewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131268/"
+"131267","2019-02-18 00:34:30","https://businessmanagemewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131267/"
+"131266","2019-02-18 00:34:27","https://businessmanagemewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131266/"
+"131265","2019-02-18 00:34:26","https://businessmanagemewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131265/"
+"131264","2019-02-18 00:34:25","https://businessmanagemewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131264/"
+"131263","2019-02-18 00:34:22","https://businessmanagemewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131263/"
+"131262","2019-02-18 00:34:20","https://businessmanagemewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131262/"
+"131261","2019-02-18 00:34:17","https://businessmanagemewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131261/"
+"131260","2019-02-18 00:34:15","https://businessmanagemewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131260/"
+"131259","2019-02-18 00:34:12","https://businessmanagemewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131259/"
+"131258","2019-02-18 00:34:10","https://businessmanagemewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131258/"
+"131257","2019-02-18 00:34:07","https://businessmanagemewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131257/"
+"131256","2019-02-18 00:34:04","https://businessmanagemewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131256/"
+"131255","2019-02-18 00:33:46","https://businessmanagemewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131255/"
+"131254","2019-02-18 00:33:43","https://businessmanagemewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131254/"
+"131253","2019-02-18 00:33:42","https://businessmanagemewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131253/"
+"131252","2019-02-18 00:33:41","https://businessmanagemewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131252/"
+"131251","2019-02-18 00:33:37","https://businessmanagemewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131251/"
+"131250","2019-02-18 00:33:35","https://businessmanagemewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131250/"
+"131249","2019-02-18 00:33:32","https://businessmanagemewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131249/"
+"131248","2019-02-18 00:33:30","https://businessmanagemewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131248/"
+"131247","2019-02-18 00:33:29","https://businessmanagemewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131247/"
+"131246","2019-02-18 00:33:26","https://businessmanagemewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131246/"
+"131245","2019-02-18 00:33:24","https://businessmanagemewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131245/"
+"131244","2019-02-18 00:33:22","https://businessmanagemewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131244/"
+"131243","2019-02-18 00:33:18","https://businessmanagemewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131243/"
+"131242","2019-02-18 00:33:16","https://businessmanagemewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131242/"
+"131241","2019-02-18 00:33:13","https://businessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131241/"
+"131240","2019-02-18 00:33:11","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131240/"
+"131239","2019-02-18 00:33:10","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131239/"
+"131238","2019-02-18 00:33:08","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131238/"
+"131237","2019-02-18 00:33:06","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131237/"
+"131235","2019-02-18 00:33:05","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131235/"
+"131236","2019-02-18 00:33:05","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131236/"
+"131234","2019-02-18 00:33:04","http://206.189.205.246/ajoomk","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131234/"
+"131231","2019-02-18 00:33:03","http://businessmanagemewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131231/"
+"131232","2019-02-18 00:33:03","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131232/"
+"131233","2019-02-18 00:33:03","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131233/"
+"131230","2019-02-18 00:33:01","http://businessmanagemewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131230/"
+"131229","2019-02-18 00:32:58","http://206.189.205.246/vtyhat","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131229/"
+"131228","2019-02-18 00:32:57","http://businessmanagemewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131228/"
+"131226","2019-02-18 00:32:56","http://businessmanagemewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131226/"
+"131227","2019-02-18 00:32:56","http://businessmanagemewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131227/"
+"131225","2019-02-18 00:32:55","http://businessmanagemewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131225/"
+"131224","2019-02-18 00:32:54","http://businessmanagemewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131224/"
+"131223","2019-02-18 00:32:53","http://206.189.205.246/fwdfvf","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131223/"
+"131222","2019-02-18 00:32:52","http://businessmanagemewww.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131222/"
+"131221","2019-02-18 00:32:50","http://businessmanagemewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131221/"
+"131220","2019-02-18 00:32:48","http://businessmanagemewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131220/"
+"131219","2019-02-18 00:32:47","http://206.189.205.246/cemtop","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131219/"
+"131218","2019-02-18 00:32:46","http://businessmanagemewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131218/"
+"131216","2019-02-18 00:32:45","http://businessmanagemewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131216/"
+"131217","2019-02-18 00:32:45","http://businessmanagemewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131217/"
+"131215","2019-02-18 00:32:39","http://businessmanagemewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131215/"
+"131212","2019-02-18 00:32:38","http://businessmanagemewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131212/"
+"131213","2019-02-18 00:32:38","http://businessmanagemewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131213/"
+"131214","2019-02-18 00:32:38","http://businessmanagemewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131214/"
+"131211","2019-02-18 00:32:37","http://businessmanagemewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131211/"
+"131210","2019-02-18 00:32:36","http://businessmanagemewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131210/"
+"131209","2019-02-18 00:32:35","http://businessmanagemewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131209/"
+"131208","2019-02-18 00:32:33","http://businessmanagemewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131208/"
+"131207","2019-02-18 00:32:32","http://businessmanagemewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131207/"
+"131206","2019-02-18 00:32:30","http://businessmanagemewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131206/"
+"131204","2019-02-18 00:32:24","http://businessmanagemewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131204/"
+"131205","2019-02-18 00:32:24","http://businessmanagemewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131205/"
+"131203","2019-02-18 00:32:21","http://businessmanagemewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131203/"
+"131202","2019-02-18 00:32:19","http://businessmanagemewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131202/"
+"131200","2019-02-18 00:32:18","http://businessmanagemewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131200/"
+"131201","2019-02-18 00:32:18","http://businessmanagemewww.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131201/"
+"131198","2019-02-18 00:32:16","http://businessmanagemewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131198/"
+"131199","2019-02-18 00:32:16","http://businessmanagemewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131199/"
+"131197","2019-02-18 00:32:15","http://businessmanagemewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131197/"
+"131196","2019-02-18 00:32:14","http://businessmanagemewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131196/"
+"131195","2019-02-18 00:32:12","http://businessmanagemewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131195/"
+"131194","2019-02-18 00:32:11","http://businessmanagemewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131194/"
+"131193","2019-02-18 00:32:08","http://businessmanagemewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131193/"
+"131192","2019-02-18 00:32:07","http://businessmanagemewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131192/"
+"131191","2019-02-18 00:32:06","http://businessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131191/"
+"131190","2019-02-18 00:29:24","http://216.176.179.106:9090/26006","online","malware_download","elf","https://urlhaus.abuse.ch/url/131190/"
+"131189","2019-02-18 00:29:02","http://34.73.163.194:80/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131189/"
+"131188","2019-02-18 00:29:01","http://208.89.211.38:80/bins/kwari.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131188/"
+"131187","2019-02-18 00:29:00","http://34.73.163.194:80/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131187/"
+"131186","2019-02-18 00:28:58","http://88.29.193.92:42681/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/131186/"
+"131185","2019-02-18 00:28:40","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131185/"
+"131184","2019-02-18 00:28:37","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131184/"
+"131183","2019-02-18 00:28:33","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131183/"
+"131182","2019-02-18 00:28:30","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131182/"
+"131181","2019-02-18 00:28:26","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131181/"
+"131180","2019-02-18 00:28:22","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131180/"
+"131179","2019-02-18 00:28:20","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131179/"
+"131178","2019-02-18 00:28:19","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131178/"
+"131177","2019-02-18 00:28:18","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131177/"
+"131176","2019-02-18 00:28:14","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131176/"
+"131175","2019-02-18 00:28:12","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131175/"
+"131174","2019-02-18 00:28:09","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131174/"
+"131173","2019-02-18 00:28:07","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131173/"
+"131172","2019-02-18 00:28:04","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131172/"
+"131171","2019-02-18 00:28:02","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131171/"
+"131170","2019-02-18 00:27:59","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131170/"
+"131169","2019-02-18 00:27:57","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131169/"
+"131168","2019-02-18 00:27:55","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131168/"
+"131167","2019-02-18 00:27:52","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131167/"
+"131166","2019-02-18 00:27:50","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131166/"
+"131165","2019-02-18 00:27:49","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131165/"
+"131164","2019-02-18 00:27:45","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131164/"
+"131163","2019-02-18 00:27:43","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131163/"
+"131162","2019-02-18 00:27:40","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131162/"
+"131161","2019-02-18 00:27:37","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131161/"
+"131160","2019-02-18 00:27:36","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131160/"
+"131159","2019-02-18 00:27:34","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131159/"
+"131158","2019-02-18 00:27:31","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131158/"
+"131157","2019-02-18 00:27:28","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131157/"
+"131156","2019-02-18 00:27:24","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131156/"
+"131155","2019-02-18 00:27:21","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131155/"
+"131154","2019-02-18 00:27:18","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131154/"
+"131153","2019-02-18 00:27:16","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131153/"
+"131152","2019-02-18 00:27:15","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131152/"
+"131151","2019-02-18 00:27:12","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131151/"
+"131150","2019-02-18 00:27:10","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131150/"
+"131146","2019-02-18 00:27:09","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131146/"
+"131147","2019-02-18 00:27:09","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131147/"
+"131148","2019-02-18 00:27:09","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131148/"
+"131149","2019-02-18 00:27:09","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131149/"
+"131145","2019-02-18 00:27:08","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131145/"
+"131144","2019-02-18 00:27:06","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131144/"
+"131143","2019-02-18 00:27:04","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131143/"
+"131142","2019-02-18 00:27:03","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131142/"
+"131140","2019-02-18 00:27:02","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131140/"
+"131141","2019-02-18 00:27:02","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131141/"
+"131139","2019-02-18 00:27:01","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131139/"
+"131138","2019-02-18 00:26:59","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131138/"
+"131137","2019-02-18 00:26:58","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131137/"
+"131136","2019-02-18 00:26:56","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131136/"
+"131135","2019-02-18 00:26:55","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131135/"
+"131133","2019-02-18 00:26:53","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131133/"
+"131134","2019-02-18 00:26:53","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131134/"
+"131130","2019-02-18 00:26:51","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131130/"
+"131131","2019-02-18 00:26:51","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131131/"
+"131132","2019-02-18 00:26:51","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131132/"
+"131128","2019-02-18 00:26:50","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131128/"
+"131129","2019-02-18 00:26:50","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131129/"
+"131127","2019-02-18 00:26:49","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131127/"
+"131126","2019-02-18 00:26:48","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131126/"
+"131125","2019-02-18 00:26:46","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131125/"
+"131124","2019-02-18 00:26:44","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131124/"
+"131122","2019-02-18 00:26:42","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131122/"
+"131123","2019-02-18 00:26:42","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131123/"
+"131121","2019-02-18 00:26:41","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131121/"
+"131120","2019-02-18 00:26:33","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131120/"
+"131119","2019-02-18 00:26:24","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131119/"
+"131118","2019-02-18 00:26:11","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131118/"
+"131117","2019-02-18 00:25:22","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131117/"
+"131116","2019-02-18 00:25:12","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131116/"
+"131115","2019-02-18 00:25:11","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131115/"
+"131114","2019-02-18 00:25:03","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131114/"
+"131113","2019-02-18 00:24:55","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131113/"
+"131112","2019-02-18 00:24:44","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131112/"
+"131111","2019-02-18 00:24:23","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131111/"
+"131110","2019-02-18 00:24:03","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131110/"
+"131109","2019-02-18 00:23:56","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131109/"
+"131108","2019-02-18 00:23:47","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131108/"
+"131107","2019-02-18 00:23:38","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131107/"
+"131106","2019-02-18 00:23:32","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131106/"
+"131105","2019-02-18 00:23:24","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131105/"
+"131104","2019-02-18 00:23:17","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131104/"
+"131103","2019-02-18 00:23:11","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131103/"
+"131102","2019-02-18 00:23:05","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131102/"
+"131101","2019-02-18 00:23:02","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131101/"
+"131100","2019-02-18 00:22:59","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131100/"
+"131099","2019-02-18 00:22:56","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131099/"
+"131098","2019-02-18 00:22:49","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131098/"
+"131097","2019-02-18 00:22:44","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131097/"
+"131096","2019-02-18 00:22:37","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131096/"
+"131095","2019-02-18 00:22:30","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131095/"
+"131094","2019-02-18 00:22:23","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131094/"
+"131093","2019-02-18 00:22:14","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131093/"
+"131092","2019-02-18 00:22:07","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131092/"
+"131091","2019-02-18 00:22:02","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131091/"
+"131090","2019-02-18 00:21:56","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131090/"
+"131089","2019-02-18 00:21:49","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131089/"
+"131088","2019-02-18 00:21:44","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131088/"
+"131087","2019-02-18 00:21:39","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131087/"
+"131086","2019-02-18 00:21:31","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131086/"
+"131085","2019-02-18 00:21:25","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131085/"
+"131084","2019-02-18 00:21:18","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131084/"
+"131083","2019-02-18 00:21:10","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131083/"
+"131082","2019-02-18 00:21:04","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131082/"
+"131081","2019-02-18 00:21:00","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131081/"
+"131080","2019-02-18 00:20:57","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131080/"
+"131079","2019-02-18 00:20:53","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131079/"
+"131078","2019-02-18 00:20:45","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131078/"
+"131077","2019-02-18 00:20:40","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131077/"
+"131076","2019-02-18 00:20:34","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131076/"
+"131075","2019-02-18 00:20:28","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131075/"
+"131074","2019-02-18 00:20:18","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131074/"
 "131073","2019-02-18 00:19:50","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131073/"
 "131072","2019-02-18 00:19:24","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131072/"
 "131071","2019-02-18 00:19:21","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131071/"
@@ -30,7 +1471,7 @@
 "131053","2019-02-18 00:16:26","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131053/"
 "131052","2019-02-18 00:16:22","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131052/"
 "131051","2019-02-18 00:16:17","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131051/"
-"131050","2019-02-18 00:16:11","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131050/"
+"131050","2019-02-18 00:16:11","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131050/"
 "131049","2019-02-18 00:15:58","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131049/"
 "131048","2019-02-18 00:15:44","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131048/"
 "131047","2019-02-18 00:15:31","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131047/"
@@ -64,7 +1505,7 @@
 "131019","2019-02-18 00:10:53","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131019/"
 "131018","2019-02-18 00:10:50","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131018/"
 "131017","2019-02-18 00:10:47","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131017/"
-"131016","2019-02-18 00:10:44","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131016/"
+"131016","2019-02-18 00:10:44","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131016/"
 "131015","2019-02-18 00:10:40","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131015/"
 "131014","2019-02-18 00:10:38","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131014/"
 "131013","2019-02-18 00:10:35","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131013/"
@@ -108,7 +1549,7 @@
 "130975","2019-02-18 00:06:40","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130975/"
 "130974","2019-02-18 00:06:36","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130974/"
 "130973","2019-02-18 00:06:32","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130973/"
-"130972","2019-02-18 00:06:29","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130972/"
+"130972","2019-02-18 00:06:29","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130972/"
 "130971","2019-02-18 00:06:22","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130971/"
 "130970","2019-02-18 00:06:15","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130970/"
 "130969","2019-02-18 00:06:06","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130969/"
@@ -142,7 +1583,7 @@
 "130941","2019-02-18 00:03:31","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130941/"
 "130940","2019-02-18 00:03:29","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130940/"
 "130939","2019-02-18 00:03:26","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130939/"
-"130938","2019-02-18 00:03:24","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130938/"
+"130938","2019-02-18 00:03:24","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130938/"
 "130937","2019-02-18 00:03:21","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130937/"
 "130936","2019-02-18 00:03:19","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130936/"
 "130935","2019-02-18 00:03:16","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130935/"
@@ -185,7 +1626,7 @@
 "130896","2019-02-18 00:01:51","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130896/"
 "130897","2019-02-18 00:01:51","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130897/"
 "130898","2019-02-18 00:01:51","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130898/"
-"130894","2019-02-18 00:01:50","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130894/"
+"130894","2019-02-18 00:01:50","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130894/"
 "130895","2019-02-18 00:01:50","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130895/"
 "130893","2019-02-18 00:01:49","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130893/"
 "130892","2019-02-18 00:01:48","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130892/"
@@ -220,7 +1661,7 @@
 "130863","2019-02-18 00:00:49","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130863/"
 "130862","2019-02-18 00:00:47","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130862/"
 "130861","2019-02-18 00:00:44","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130861/"
-"130860","2019-02-18 00:00:41","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130860/"
+"130860","2019-02-18 00:00:41","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130860/"
 "130859","2019-02-18 00:00:39","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130859/"
 "130858","2019-02-18 00:00:36","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130858/"
 "130857","2019-02-18 00:00:34","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130857/"
@@ -263,7 +1704,7 @@
 "130818","2019-02-17 23:59:27","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130818/"
 "130819","2019-02-17 23:59:27","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130819/"
 "130820","2019-02-17 23:59:27","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130820/"
-"130816","2019-02-17 23:59:26","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130816/"
+"130816","2019-02-17 23:59:26","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130816/"
 "130817","2019-02-17 23:59:26","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130817/"
 "130815","2019-02-17 23:59:25","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130815/"
 "130814","2019-02-17 23:59:24","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130814/"
@@ -298,7 +1739,7 @@
 "130785","2019-02-17 23:58:14","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130785/"
 "130784","2019-02-17 23:58:11","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130784/"
 "130783","2019-02-17 23:58:08","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130783/"
-"130782","2019-02-17 23:58:06","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130782/"
+"130782","2019-02-17 23:58:06","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130782/"
 "130781","2019-02-17 23:58:03","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130781/"
 "130780","2019-02-17 23:58:01","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130780/"
 "130779","2019-02-17 23:57:59","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130779/"
@@ -341,7 +1782,7 @@
 "130740","2019-02-17 23:56:52","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130740/"
 "130741","2019-02-17 23:56:52","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130741/"
 "130742","2019-02-17 23:56:52","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130742/"
-"130739","2019-02-17 23:56:51","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130739/"
+"130739","2019-02-17 23:56:51","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130739/"
 "130738","2019-02-17 23:56:50","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130738/"
 "130737","2019-02-17 23:56:49","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130737/"
 "130736","2019-02-17 23:56:48","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130736/"
@@ -375,7 +1816,7 @@
 "130708","2019-02-17 23:55:56","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130708/"
 "130707","2019-02-17 23:55:54","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130707/"
 "130706","2019-02-17 23:55:51","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130706/"
-"130705","2019-02-17 23:55:48","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130705/"
+"130705","2019-02-17 23:55:48","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130705/"
 "130704","2019-02-17 23:55:46","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130704/"
 "130703","2019-02-17 23:55:43","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130703/"
 "130702","2019-02-17 23:55:41","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130702/"
@@ -419,7 +1860,7 @@
 "130663","2019-02-17 23:53:36","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130663/"
 "130664","2019-02-17 23:53:36","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130664/"
 "130662","2019-02-17 23:53:35","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130662/"
-"130661","2019-02-17 23:53:34","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130661/"
+"130661","2019-02-17 23:53:34","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130661/"
 "130660","2019-02-17 23:53:29","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130660/"
 "130659","2019-02-17 23:53:23","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130659/"
 "130658","2019-02-17 23:53:19","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130658/"
@@ -456,7 +1897,7 @@
 "130627","2019-02-17 21:18:46","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130627/"
 "130626","2019-02-17 21:18:44","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130626/"
 "130625","2019-02-17 21:18:41","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130625/"
-"130624","2019-02-17 21:18:39","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130624/"
+"130624","2019-02-17 21:18:39","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130624/"
 "130623","2019-02-17 21:18:36","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130623/"
 "130622","2019-02-17 21:18:34","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130622/"
 "130621","2019-02-17 21:18:31","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130621/"
@@ -500,7 +1941,7 @@
 "130581","2019-02-17 21:17:15","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130581/"
 "130582","2019-02-17 21:17:15","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130582/"
 "130583","2019-02-17 21:17:15","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130583/"
-"130580","2019-02-17 21:17:14","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130580/"
+"130580","2019-02-17 21:17:14","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130580/"
 "130579","2019-02-17 21:17:13","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130579/"
 "130578","2019-02-17 21:17:12","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130578/"
 "130577","2019-02-17 21:17:11","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130577/"
@@ -534,7 +1975,7 @@
 "130549","2019-02-17 21:16:09","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130549/"
 "130548","2019-02-17 21:16:06","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130548/"
 "130547","2019-02-17 21:16:03","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130547/"
-"130546","2019-02-17 21:15:59","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130546/"
+"130546","2019-02-17 21:15:59","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130546/"
 "130545","2019-02-17 21:15:56","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130545/"
 "130544","2019-02-17 21:15:53","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130544/"
 "130543","2019-02-17 21:15:50","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130543/"
@@ -578,7 +2019,7 @@
 "130505","2019-02-17 21:13:11","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130505/"
 "130504","2019-02-17 21:13:09","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130504/"
 "130503","2019-02-17 21:13:07","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130503/"
-"130502","2019-02-17 21:13:06","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130502/"
+"130502","2019-02-17 21:13:06","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130502/"
 "130501","2019-02-17 21:12:57","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130501/"
 "130500","2019-02-17 21:12:48","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130500/"
 "130499","2019-02-17 21:12:40","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130499/"
@@ -612,7 +2053,7 @@
 "130471","2019-02-17 21:08:42","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130471/"
 "130470","2019-02-17 21:08:34","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130470/"
 "130469","2019-02-17 21:08:29","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130469/"
-"130468","2019-02-17 21:08:25","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130468/"
+"130468","2019-02-17 21:08:25","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130468/"
 "130467","2019-02-17 21:08:18","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130467/"
 "130466","2019-02-17 21:08:11","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130466/"
 "130465","2019-02-17 21:08:03","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130465/"
@@ -656,7 +2097,7 @@
 "130427","2019-02-17 21:02:19","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130427/"
 "130426","2019-02-17 21:02:16","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130426/"
 "130425","2019-02-17 21:02:13","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130425/"
-"130424","2019-02-17 21:02:10","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130424/"
+"130424","2019-02-17 21:02:10","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130424/"
 "130423","2019-02-17 21:02:02","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130423/"
 "130422","2019-02-17 21:01:55","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130422/"
 "130421","2019-02-17 21:01:47","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130421/"
@@ -680,7 +2121,7 @@
 "130403","2019-02-17 20:23:07","http://211.21.205.207:40722/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/130403/"
 "130402","2019-02-17 20:23:04","http://1.32.43.40:12984/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/130402/"
 "130401","2019-02-17 20:23:00","http://mikrotik.com.pe/cli/as.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130401/"
-"130400","2019-02-17 20:22:58","http://www.pestguard.com.bd/protected.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130400/"
+"130400","2019-02-17 20:22:58","http://www.pestguard.com.bd/protected.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130400/"
 "130399","2019-02-17 20:22:56","http://pestguard.com.bd/protected.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130399/"
 "130398","2019-02-17 20:22:54","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130398/"
 "130397","2019-02-17 20:22:51","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130397/"
@@ -695,7 +2136,7 @@
 "130388","2019-02-17 20:22:26","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130388/"
 "130387","2019-02-17 20:22:23","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130387/"
 "130386","2019-02-17 20:22:20","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130386/"
-"130385","2019-02-17 20:22:18","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130385/"
+"130385","2019-02-17 20:22:18","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130385/"
 "130384","2019-02-17 20:22:16","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130384/"
 "130383","2019-02-17 20:22:13","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130383/"
 "130382","2019-02-17 20:22:11","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130382/"
@@ -738,7 +2179,7 @@
 "130343","2019-02-17 20:20:40","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130343/"
 "130344","2019-02-17 20:20:40","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130344/"
 "130345","2019-02-17 20:20:40","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130345/"
-"130341","2019-02-17 20:20:39","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130341/"
+"130341","2019-02-17 20:20:39","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130341/"
 "130342","2019-02-17 20:20:39","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130342/"
 "130340","2019-02-17 20:20:36","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130340/"
 "130339","2019-02-17 20:20:33","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130339/"
@@ -773,7 +2214,7 @@
 "130310","2019-02-17 20:17:54","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130310/"
 "130309","2019-02-17 20:17:50","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130309/"
 "130308","2019-02-17 20:17:46","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130308/"
-"130307","2019-02-17 20:17:43","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130307/"
+"130307","2019-02-17 20:17:43","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130307/"
 "130306","2019-02-17 20:17:40","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130306/"
 "130305","2019-02-17 20:17:36","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130305/"
 "130304","2019-02-17 20:17:32","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130304/"
@@ -816,7 +2257,7 @@
 "130267","2019-02-17 20:14:16","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130267/"
 "130265","2019-02-17 20:14:15","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130265/"
 "130266","2019-02-17 20:14:15","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130266/"
-"130263","2019-02-17 20:14:14","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130263/"
+"130263","2019-02-17 20:14:14","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130263/"
 "130264","2019-02-17 20:14:14","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130264/"
 "130262","2019-02-17 20:14:09","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130262/"
 "130261","2019-02-17 20:14:03","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130261/"
@@ -851,7 +2292,7 @@
 "130232","2019-02-17 20:10:53","https://orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130232/"
 "130231","2019-02-17 20:10:49","https://orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130231/"
 "130230","2019-02-17 20:10:46","https://orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130230/"
-"130229","2019-02-17 20:10:44","https://orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130229/"
+"130229","2019-02-17 20:10:44","https://orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130229/"
 "130228","2019-02-17 20:10:41","https://orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130228/"
 "130227","2019-02-17 20:10:37","https://orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130227/"
 "130226","2019-02-17 20:10:35","https://orciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130226/"
@@ -895,7 +2336,7 @@
 "130188","2019-02-17 20:08:31","http://orciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130188/"
 "130186","2019-02-17 20:08:30","http://orciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130186/"
 "130187","2019-02-17 20:08:30","http://orciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130187/"
-"130185","2019-02-17 20:08:29","http://orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130185/"
+"130185","2019-02-17 20:08:29","http://orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130185/"
 "130184","2019-02-17 20:08:24","http://orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130184/"
 "130183","2019-02-17 20:08:23","http://orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130183/"
 "130182","2019-02-17 20:08:22","http://orciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130182/"
@@ -920,7 +2361,7 @@
 "130163","2019-02-17 20:06:11","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130163/"
 "130162","2019-02-17 20:06:04","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130162/"
 "130161","2019-02-17 20:05:42","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130161/"
-"130160","2019-02-17 20:05:36","https://www.dropbox.com/s/2rf7ry7dwx1qmp8/INV.ISO?dl=1","online","malware_download","compressed,iso,NanoCore,payload,rat","https://urlhaus.abuse.ch/url/130160/"
+"130160","2019-02-17 20:05:36","https://www.dropbox.com/s/2rf7ry7dwx1qmp8/INV.ISO?dl=1","offline","malware_download","compressed,iso,NanoCore,payload,rat","https://urlhaus.abuse.ch/url/130160/"
 "130159","2019-02-17 20:05:27","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130159/"
 "130158","2019-02-17 20:05:21","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130158/"
 "130157","2019-02-17 20:05:13","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130157/"
@@ -930,7 +2371,7 @@
 "130153","2019-02-17 20:05:01","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130153/"
 "130152","2019-02-17 20:04:58","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130152/"
 "130151","2019-02-17 20:04:55","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130151/"
-"130150","2019-02-17 20:04:53","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130150/"
+"130150","2019-02-17 20:04:53","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130150/"
 "130149","2019-02-17 20:04:50","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130149/"
 "130148","2019-02-17 20:04:48","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130148/"
 "130147","2019-02-17 20:04:45","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130147/"
@@ -973,7 +2414,7 @@
 "130108","2019-02-17 20:03:41","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130108/"
 "130109","2019-02-17 20:03:41","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130109/"
 "130110","2019-02-17 20:03:41","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130110/"
-"130106","2019-02-17 20:03:40","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130106/"
+"130106","2019-02-17 20:03:40","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130106/"
 "130107","2019-02-17 20:03:40","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130107/"
 "130105","2019-02-17 20:03:39","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130105/"
 "130104","2019-02-17 20:03:38","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130104/"
@@ -1008,7 +2449,7 @@
 "130075","2019-02-17 20:02:39","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130075/"
 "130074","2019-02-17 20:02:36","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130074/"
 "130073","2019-02-17 20:02:33","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130073/"
-"130072","2019-02-17 20:02:30","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130072/"
+"130072","2019-02-17 20:02:30","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130072/"
 "130071","2019-02-17 20:02:28","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130071/"
 "130070","2019-02-17 20:02:26","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130070/"
 "130069","2019-02-17 20:02:23","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130069/"
@@ -1050,7 +2491,7 @@
 "130033","2019-02-17 20:01:00","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130033/"
 "130031","2019-02-17 20:00:58","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130031/"
 "130032","2019-02-17 20:00:58","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130032/"
-"130028","2019-02-17 20:00:57","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130028/"
+"130028","2019-02-17 20:00:57","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130028/"
 "130029","2019-02-17 20:00:57","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130029/"
 "130030","2019-02-17 20:00:57","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130030/"
 "130027","2019-02-17 20:00:55","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130027/"
@@ -1086,7 +2527,7 @@
 "129997","2019-02-17 19:59:48","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129997/"
 "129996","2019-02-17 19:59:45","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129996/"
 "129995","2019-02-17 19:59:42","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129995/"
-"129994","2019-02-17 19:59:40","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129994/"
+"129994","2019-02-17 19:59:40","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129994/"
 "129993","2019-02-17 19:59:38","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129993/"
 "129992","2019-02-17 19:59:35","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129992/"
 "129991","2019-02-17 19:59:33","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129991/"
@@ -1129,7 +2570,7 @@
 "129952","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129952/"
 "129953","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129953/"
 "129954","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129954/"
-"129950","2019-02-17 19:58:27","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129950/"
+"129950","2019-02-17 19:58:27","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129950/"
 "129951","2019-02-17 19:58:27","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129951/"
 "129949","2019-02-17 19:58:26","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129949/"
 "129948","2019-02-17 19:58:25","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129948/"
@@ -1163,7 +2604,7 @@
 "129920","2019-02-17 19:57:30","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129920/"
 "129919","2019-02-17 19:57:28","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129919/"
 "129918","2019-02-17 19:57:25","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129918/"
-"129917","2019-02-17 19:57:22","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129917/"
+"129917","2019-02-17 19:57:22","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129917/"
 "129916","2019-02-17 19:57:20","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129916/"
 "129915","2019-02-17 19:57:17","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129915/"
 "129914","2019-02-17 19:57:15","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129914/"
@@ -1206,7 +2647,7 @@
 "129875","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129875/"
 "129876","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129876/"
 "129877","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129877/"
-"129873","2019-02-17 19:56:03","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129873/"
+"129873","2019-02-17 19:56:03","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129873/"
 "129874","2019-02-17 19:56:03","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129874/"
 "129872","2019-02-17 19:56:02","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129872/"
 "129871","2019-02-17 19:56:01","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129871/"
@@ -1241,7 +2682,7 @@
 "129842","2019-02-17 19:55:08","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129842/"
 "129841","2019-02-17 19:55:06","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129841/"
 "129840","2019-02-17 19:55:03","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129840/"
-"129839","2019-02-17 19:55:01","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129839/"
+"129839","2019-02-17 19:55:01","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129839/"
 "129838","2019-02-17 19:54:58","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129838/"
 "129837","2019-02-17 19:54:56","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129837/"
 "129836","2019-02-17 19:54:53","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129836/"
@@ -1283,7 +2724,7 @@
 "129801","2019-02-17 19:53:47","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129801/"
 "129798","2019-02-17 19:53:46","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129798/"
 "129799","2019-02-17 19:53:46","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129799/"
-"129795","2019-02-17 19:53:45","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129795/"
+"129795","2019-02-17 19:53:45","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129795/"
 "129796","2019-02-17 19:53:45","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129796/"
 "129797","2019-02-17 19:53:45","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129797/"
 "129794","2019-02-17 19:53:43","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129794/"
@@ -1319,7 +2760,7 @@
 "129764","2019-02-17 19:52:48","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129764/"
 "129763","2019-02-17 19:52:45","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129763/"
 "129762","2019-02-17 19:52:42","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129762/"
-"129761","2019-02-17 19:52:40","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129761/"
+"129761","2019-02-17 19:52:40","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129761/"
 "129760","2019-02-17 19:52:38","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129760/"
 "129759","2019-02-17 19:52:35","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129759/"
 "129758","2019-02-17 19:52:32","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129758/"
@@ -1363,7 +2804,7 @@
 "129721","2019-02-17 19:51:20","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129721/"
 "129718","2019-02-17 19:51:19","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129718/"
 "129719","2019-02-17 19:51:19","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129719/"
-"129717","2019-02-17 19:51:18","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129717/"
+"129717","2019-02-17 19:51:18","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129717/"
 "129716","2019-02-17 19:51:17","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129716/"
 "129715","2019-02-17 19:51:15","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129715/"
 "129714","2019-02-17 19:51:13","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129714/"
@@ -1397,7 +2838,7 @@
 "129686","2019-02-17 19:48:45","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129686/"
 "129685","2019-02-17 19:48:41","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129685/"
 "129684","2019-02-17 19:48:38","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129684/"
-"129683","2019-02-17 19:48:34","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129683/"
+"129683","2019-02-17 19:48:34","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129683/"
 "129682","2019-02-17 19:48:31","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129682/"
 "129681","2019-02-17 19:48:28","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129681/"
 "129680","2019-02-17 19:48:24","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129680/"
@@ -1441,7 +2882,7 @@
 "129642","2019-02-17 19:44:24","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129642/"
 "129641","2019-02-17 19:44:22","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129641/"
 "129640","2019-02-17 19:44:20","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129640/"
-"129639","2019-02-17 19:44:17","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129639/"
+"129639","2019-02-17 19:44:17","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129639/"
 "129638","2019-02-17 19:44:10","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129638/"
 "129637","2019-02-17 19:44:04","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129637/"
 "129636","2019-02-17 19:43:56","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129636/"
@@ -1475,7 +2916,7 @@
 "129608","2019-02-17 19:40:36","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129608/"
 "129607","2019-02-17 19:40:32","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129607/"
 "129606","2019-02-17 19:40:28","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129606/"
-"129605","2019-02-17 19:40:25","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129605/"
+"129605","2019-02-17 19:40:25","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129605/"
 "129604","2019-02-17 19:40:21","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129604/"
 "129603","2019-02-17 19:40:18","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129603/"
 "129602","2019-02-17 19:40:14","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129602/"
@@ -1518,7 +2959,7 @@
 "129563","2019-02-17 19:38:20","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129563/"
 "129564","2019-02-17 19:38:20","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129564/"
 "129565","2019-02-17 19:38:20","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129565/"
-"129561","2019-02-17 19:38:19","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129561/"
+"129561","2019-02-17 19:38:19","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129561/"
 "129562","2019-02-17 19:38:19","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129562/"
 "129560","2019-02-17 19:38:18","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129560/"
 "129559","2019-02-17 19:38:16","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129559/"
@@ -1553,7 +2994,7 @@
 "129530","2019-02-17 19:36:09","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129530/"
 "129529","2019-02-17 19:36:05","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129529/"
 "129528","2019-02-17 19:35:59","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129528/"
-"129527","2019-02-17 19:35:55","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129527/"
+"129527","2019-02-17 19:35:55","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129527/"
 "129526","2019-02-17 19:35:50","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129526/"
 "129525","2019-02-17 19:35:45","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129525/"
 "129524","2019-02-17 19:35:39","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129524/"
@@ -1595,7 +3036,7 @@
 "129489","2019-02-17 19:33:39","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129489/"
 "129486","2019-02-17 19:33:37","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129486/"
 "129487","2019-02-17 19:33:37","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129487/"
-"129483","2019-02-17 19:33:36","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129483/"
+"129483","2019-02-17 19:33:36","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129483/"
 "129484","2019-02-17 19:33:36","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129484/"
 "129485","2019-02-17 19:33:36","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129485/"
 "129482","2019-02-17 19:33:35","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129482/"
@@ -1631,7 +3072,7 @@
 "129452","2019-02-17 19:32:42","https://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129452/"
 "129451","2019-02-17 19:32:40","https://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129451/"
 "129450","2019-02-17 19:32:37","https://rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129450/"
-"129449","2019-02-17 19:32:34","https://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129449/"
+"129449","2019-02-17 19:32:34","https://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129449/"
 "129448","2019-02-17 19:32:32","https://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129448/"
 "129447","2019-02-17 19:32:30","https://rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129447/"
 "129446","2019-02-17 19:32:27","https://rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129446/"
@@ -1675,7 +3116,7 @@
 "129406","2019-02-17 19:31:22","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129406/"
 "129407","2019-02-17 19:31:22","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129407/"
 "129408","2019-02-17 19:31:22","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129408/"
-"129405","2019-02-17 19:31:21","http://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129405/"
+"129405","2019-02-17 19:31:21","http://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129405/"
 "129404","2019-02-17 19:31:20","http://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129404/"
 "129403","2019-02-17 19:31:19","http://rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129403/"
 "129402","2019-02-17 19:31:18","http://rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129402/"
@@ -1709,7 +3150,7 @@
 "129374","2019-02-17 19:29:42","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129374/"
 "129373","2019-02-17 19:29:36","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129373/"
 "129372","2019-02-17 19:29:29","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129372/"
-"129371","2019-02-17 19:29:21","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129371/"
+"129371","2019-02-17 19:29:21","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129371/"
 "129370","2019-02-17 19:29:15","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129370/"
 "129369","2019-02-17 19:29:08","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129369/"
 "129368","2019-02-17 19:29:02","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129368/"
@@ -1753,7 +3194,7 @@
 "129329","2019-02-17 19:24:00","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129329/"
 "129330","2019-02-17 19:24:00","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129330/"
 "129328","2019-02-17 19:23:59","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129328/"
-"129327","2019-02-17 19:23:58","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129327/"
+"129327","2019-02-17 19:23:58","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129327/"
 "129326","2019-02-17 19:23:52","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129326/"
 "129325","2019-02-17 19:23:46","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129325/"
 "129324","2019-02-17 19:23:37","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129324/"
@@ -1782,18 +3223,18 @@
 "129301","2019-02-17 18:24:10","http://mission2019.website/wzz.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129301/"
 "129300","2019-02-17 18:14:36","http://89.35.39.78/ghost","online","malware_download","backdoor,elf,Elknot,Ganiw","https://urlhaus.abuse.ch/url/129300/"
 "129299","2019-02-17 18:14:23","http://185.101.105.130/Okami.okami","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129299/"
-"129297","2019-02-17 18:14:22","http://185.101.105.130/Okami.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129297/"
-"129298","2019-02-17 18:14:22","http://185.101.105.130/Okami.arm5","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129298/"
-"129296","2019-02-17 18:14:21","http://185.101.105.130/Okami.sparc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129296/"
-"129295","2019-02-17 18:14:19","http://185.101.105.130/Okami.m68k","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129295/"
-"129294","2019-02-17 18:14:17","http://185.101.105.130/Okami.i586","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129294/"
-"129293","2019-02-17 18:14:17","http://185.101.105.130/Okami.ppc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129293/"
-"129292","2019-02-17 18:14:16","http://185.101.105.130/Okami.i686","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129292/"
-"129291","2019-02-17 18:14:14","http://185.101.105.130/Okami.arm6","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129291/"
-"129290","2019-02-17 18:14:14","http://185.101.105.130/Okami.x86","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129290/"
-"129289","2019-02-17 18:14:09","http://185.101.105.130/Okami.sh4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129289/"
-"129288","2019-02-17 18:14:06","http://185.101.105.130/Okami.mipsel","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129288/"
-"129287","2019-02-17 18:14:03","http://185.101.105.130/Okami.mips","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129287/"
+"129297","2019-02-17 18:14:22","http://185.101.105.130/Okami.arm4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129297/"
+"129298","2019-02-17 18:14:22","http://185.101.105.130/Okami.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129298/"
+"129296","2019-02-17 18:14:21","http://185.101.105.130/Okami.sparc","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129296/"
+"129295","2019-02-17 18:14:19","http://185.101.105.130/Okami.m68k","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129295/"
+"129294","2019-02-17 18:14:17","http://185.101.105.130/Okami.i586","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129294/"
+"129293","2019-02-17 18:14:17","http://185.101.105.130/Okami.ppc","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129293/"
+"129292","2019-02-17 18:14:16","http://185.101.105.130/Okami.i686","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129292/"
+"129291","2019-02-17 18:14:14","http://185.101.105.130/Okami.arm6","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129291/"
+"129290","2019-02-17 18:14:14","http://185.101.105.130/Okami.x86","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129290/"
+"129289","2019-02-17 18:14:09","http://185.101.105.130/Okami.sh4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129289/"
+"129288","2019-02-17 18:14:06","http://185.101.105.130/Okami.mipsel","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129288/"
+"129287","2019-02-17 18:14:03","http://185.101.105.130/Okami.mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129287/"
 "129286","2019-02-17 17:29:02","http://www.wf-hack.com/FantasyHack.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129286/"
 "129285","2019-02-17 17:10:05","http://wf-hack.com/vk/dowloand/abr.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129285/"
 "129284","2019-02-17 15:35:09","http://125.136.94.85:53541/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129284/"
@@ -1857,21 +3298,21 @@
 "129226","2019-02-17 10:15:18","http://72.208.129.238:32286/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129226/"
 "129225","2019-02-17 10:15:13","http://219.85.233.13:27673/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129225/"
 "129224","2019-02-17 10:15:07","http://222.105.156.36:10665/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129224/"
-"129223","2019-02-17 10:14:10","http://31.184.198.158:80/bins/DEMONS.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129223/"
-"129222","2019-02-17 10:14:08","http://31.184.198.158/bins/DEMONS.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129222/"
-"129221","2019-02-17 10:14:06","http://31.184.198.158:80/bins/DEMONS.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129221/"
-"129220","2019-02-17 10:14:04","http://31.184.198.158:80/bins/DEMONS.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129220/"
-"129219","2019-02-17 10:13:21","http://31.184.198.158/bins/DEMONS.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129219/"
-"129218","2019-02-17 10:13:16","http://31.184.198.158/bins/DEMONS.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129218/"
-"129217","2019-02-17 10:13:10","http://31.184.198.158/bins/DEMONS.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129217/"
-"129216","2019-02-17 10:13:05","http://31.184.198.158:80/bins/DEMONS.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129216/"
-"129215","2019-02-17 10:11:16","http://31.184.198.158:80/bins/DEMONS.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129215/"
-"129214","2019-02-17 10:11:12","http://31.184.198.158/bins/DEMONS.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129214/"
-"129213","2019-02-17 10:11:09","http://31.184.198.158:80/bins/DEMONS.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129213/"
-"129212","2019-02-17 10:11:05","http://31.184.198.158/bins/DEMONS.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129212/"
-"129211","2019-02-17 10:10:13","http://31.184.198.158:80/bins/DEMONS.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129211/"
-"129210","2019-02-17 10:10:09","http://31.184.198.158:80/bins/DEMONS.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129210/"
-"129209","2019-02-17 10:10:05","http://31.184.198.158/bins/DEMONS.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129209/"
+"129223","2019-02-17 10:14:10","http://31.184.198.158:80/bins/DEMONS.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129223/"
+"129222","2019-02-17 10:14:08","http://31.184.198.158/bins/DEMONS.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129222/"
+"129221","2019-02-17 10:14:06","http://31.184.198.158:80/bins/DEMONS.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129221/"
+"129220","2019-02-17 10:14:04","http://31.184.198.158:80/bins/DEMONS.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129220/"
+"129219","2019-02-17 10:13:21","http://31.184.198.158/bins/DEMONS.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129219/"
+"129218","2019-02-17 10:13:16","http://31.184.198.158/bins/DEMONS.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129218/"
+"129217","2019-02-17 10:13:10","http://31.184.198.158/bins/DEMONS.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129217/"
+"129216","2019-02-17 10:13:05","http://31.184.198.158:80/bins/DEMONS.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129216/"
+"129215","2019-02-17 10:11:16","http://31.184.198.158:80/bins/DEMONS.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129215/"
+"129214","2019-02-17 10:11:12","http://31.184.198.158/bins/DEMONS.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129214/"
+"129213","2019-02-17 10:11:09","http://31.184.198.158:80/bins/DEMONS.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129213/"
+"129212","2019-02-17 10:11:05","http://31.184.198.158/bins/DEMONS.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129212/"
+"129211","2019-02-17 10:10:13","http://31.184.198.158:80/bins/DEMONS.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129211/"
+"129210","2019-02-17 10:10:09","http://31.184.198.158:80/bins/DEMONS.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129210/"
+"129209","2019-02-17 10:10:05","http://31.184.198.158/bins/DEMONS.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129209/"
 "129208","2019-02-17 09:59:56","https://ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129208/"
 "129207","2019-02-17 09:59:54","https://ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129207/"
 "129206","2019-02-17 09:59:50","https://ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129206/"
@@ -1885,7 +3326,7 @@
 "129198","2019-02-17 09:59:29","https://ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129198/"
 "129197","2019-02-17 09:59:26","https://ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129197/"
 "129196","2019-02-17 09:59:23","https://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129196/"
-"129195","2019-02-17 09:59:21","https://ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129195/"
+"129195","2019-02-17 09:59:21","https://ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129195/"
 "129194","2019-02-17 09:59:18","https://ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129194/"
 "129193","2019-02-17 09:59:15","https://ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129193/"
 "129192","2019-02-17 09:59:12","https://ciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129192/"
@@ -1930,7 +3371,7 @@
 "129151","2019-02-17 09:58:09","http://ciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129151/"
 "129152","2019-02-17 09:58:09","http://ciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129152/"
 "129153","2019-02-17 09:58:09","http://ciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129153/"
-"129150","2019-02-17 09:58:08","http://ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129150/"
+"129150","2019-02-17 09:58:08","http://ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129150/"
 "129149","2019-02-17 09:58:07","http://ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129149/"
 "129148","2019-02-17 09:58:06","http://ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129148/"
 "129147","2019-02-17 09:58:05","http://ciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129147/"
@@ -1964,7 +3405,7 @@
 "129119","2019-02-17 09:56:18","https://benfey.ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129119/"
 "129118","2019-02-17 09:56:15","https://benfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129118/"
 "129117","2019-02-17 09:56:12","https://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129117/"
-"129116","2019-02-17 09:56:10","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129116/"
+"129116","2019-02-17 09:56:10","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129116/"
 "129115","2019-02-17 09:56:07","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129115/"
 "129114","2019-02-17 09:56:04","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129114/"
 "129113","2019-02-17 09:56:01","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129113/"
@@ -2007,7 +3448,7 @@
 "129074","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129074/"
 "129075","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129075/"
 "129076","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129076/"
-"129072","2019-02-17 09:54:26","http://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129072/"
+"129072","2019-02-17 09:54:26","http://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129072/"
 "129073","2019-02-17 09:54:26","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129073/"
 "129071","2019-02-17 09:54:25","http://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129071/"
 "129070","2019-02-17 09:54:24","http://benfey.ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129070/"
@@ -2043,7 +3484,7 @@
 "129040","2019-02-17 09:35:24","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129040/"
 "129039","2019-02-17 09:35:21","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129039/"
 "129038","2019-02-17 09:35:19","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129038/"
-"129037","2019-02-17 09:35:16","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129037/"
+"129037","2019-02-17 09:35:16","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129037/"
 "129036","2019-02-17 09:35:14","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129036/"
 "129035","2019-02-17 09:35:11","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129035/"
 "129034","2019-02-17 09:35:08","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129034/"
@@ -2085,7 +3526,7 @@
 "128999","2019-02-17 09:34:08","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128999/"
 "128996","2019-02-17 09:34:07","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128996/"
 "128997","2019-02-17 09:34:07","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128997/"
-"128993","2019-02-17 09:34:06","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128993/"
+"128993","2019-02-17 09:34:06","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128993/"
 "128994","2019-02-17 09:34:06","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128994/"
 "128995","2019-02-17 09:34:06","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128995/"
 "128992","2019-02-17 09:34:04","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128992/"
@@ -2121,7 +3562,7 @@
 "128962","2019-02-17 09:33:09","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128962/"
 "128961","2019-02-17 09:33:06","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128961/"
 "128960","2019-02-17 09:33:03","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128960/"
-"128959","2019-02-17 09:33:00","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128959/"
+"128959","2019-02-17 09:33:00","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128959/"
 "128958","2019-02-17 09:32:57","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128958/"
 "128957","2019-02-17 09:32:55","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128957/"
 "128956","2019-02-17 09:32:53","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128956/"
@@ -2163,7 +3604,7 @@
 "128921","2019-02-17 09:31:32","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128921/"
 "128918","2019-02-17 09:31:31","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128918/"
 "128919","2019-02-17 09:31:31","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128919/"
-"128915","2019-02-17 09:31:30","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128915/"
+"128915","2019-02-17 09:31:30","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128915/"
 "128916","2019-02-17 09:31:30","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128916/"
 "128917","2019-02-17 09:31:30","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128917/"
 "128914","2019-02-17 09:31:29","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128914/"
@@ -2191,7 +3632,7 @@
 "128892","2019-02-17 09:16:10","https://cdn.discordapp.com/attachments/538861511133888526/546557289419636736/fff.exe","online","malware_download","exe,orcus,payload,rat,stage2","https://urlhaus.abuse.ch/url/128892/"
 "128891","2019-02-17 09:15:28","http://dsdfgdfshfgh.ru/16/P45JH435.exe","online","malware_download","exe,GandCrab,payload,Ransomware,stage2","https://urlhaus.abuse.ch/url/128891/"
 "128890","2019-02-17 09:15:11","http://dsdfgdfshfgh.ru/16/_output2B47DA0pp.exe","online","malware_download","exe,GandCrab,payload,Ransomware,stage2","https://urlhaus.abuse.ch/url/128890/"
-"128889","2019-02-17 09:02:04","http://45.33.0.176/admin201506/uploadApkFile/rt/20171227/360.zip","online","malware_download","elf,payload","https://urlhaus.abuse.ch/url/128889/"
+"128889","2019-02-17 09:02:04","http://45.33.0.176/admin201506/uploadApkFile/rt/20171227/360.zip","offline","malware_download","elf,payload","https://urlhaus.abuse.ch/url/128889/"
 "128888","2019-02-17 08:40:24","http://dsdfgdfshfgh.ru/16/S4SFDF23.exe","online","malware_download","exe,GandCrab,payload,ps1,Ransomware,stage2","https://urlhaus.abuse.ch/url/128888/"
 "128887","2019-02-17 08:40:17","http://dsdfgdfshfgh.ru/16/_output8418BAFr.exe","online","malware_download","exe,GandCrab,payload,ps1,Ransomware,stage2","https://urlhaus.abuse.ch/url/128887/"
 "128886","2019-02-17 08:40:12","http://qwerkkc.ru/qwerty.ps1","offline","malware_download","exe,GandCrab,payload,ps1,Ransomware,stage2","https://urlhaus.abuse.ch/url/128886/"
@@ -2200,7 +3641,7 @@
 "128883","2019-02-17 08:20:03","http://e-basvur.com/wp-content/themes/bizcorp/assets/images/placeholder/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/128883/"
 "128882","2019-02-17 07:44:03","http://188.165.179.11/bins/trojan.arm","online","malware_download","elf","https://urlhaus.abuse.ch/url/128882/"
 "128881","2019-02-17 07:40:04","http://188.165.179.11/bins/trojan.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128881/"
-"128880","2019-02-17 07:35:03","http://31.184.198.158/bins/DEMONS.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128880/"
+"128880","2019-02-17 07:35:03","http://31.184.198.158/bins/DEMONS.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128880/"
 "128879","2019-02-17 07:24:06","http://194.147.32.206/atxhua","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/128879/"
 "128878","2019-02-17 07:24:04","http://194.147.32.206/earyzq","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/128878/"
 "128877","2019-02-17 07:24:03","http://194.147.32.206/fwdfvf","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/128877/"
@@ -2214,7 +3655,7 @@
 "128869","2019-02-17 07:21:04","http://194.147.32.206/cemtop","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/128869/"
 "128868","2019-02-17 06:48:11","http://188.165.179.11:80/bins/trojan.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128868/"
 "128866","2019-02-17 06:48:10","http://188.165.179.11:80/bins/trojan.arm","online","malware_download","elf","https://urlhaus.abuse.ch/url/128866/"
-"128867","2019-02-17 06:48:10","http://31.184.198.158:80/bins/DEMONS.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128867/"
+"128867","2019-02-17 06:48:10","http://31.184.198.158:80/bins/DEMONS.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128867/"
 "128865","2019-02-17 06:48:09","http://oneclickart.com/css/xqmmil_protected.msi","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128865/"
 "128864","2019-02-17 06:48:07","http://oneclickart.com/css/pivkzx.msi","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128864/"
 "128863","2019-02-17 06:48:06","http://oneclickart.com/css/client24_protected.msi","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128863/"
@@ -2232,7 +3673,7 @@
 "128851","2019-02-17 06:46:47","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128851/"
 "128850","2019-02-17 06:46:44","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128850/"
 "128849","2019-02-17 06:46:41","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128849/"
-"128848","2019-02-17 06:46:39","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128848/"
+"128848","2019-02-17 06:46:39","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128848/"
 "128847","2019-02-17 06:46:36","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128847/"
 "128846","2019-02-17 06:46:34","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128846/"
 "128845","2019-02-17 06:46:30","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128845/"
@@ -2275,7 +3716,7 @@
 "128806","2019-02-17 06:45:20","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128806/"
 "128807","2019-02-17 06:45:20","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128807/"
 "128808","2019-02-17 06:45:20","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128808/"
-"128804","2019-02-17 06:45:19","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128804/"
+"128804","2019-02-17 06:45:19","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128804/"
 "128805","2019-02-17 06:45:19","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128805/"
 "128803","2019-02-17 06:45:18","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128803/"
 "128802","2019-02-17 06:45:16","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128802/"
@@ -2310,7 +3751,7 @@
 "128773","2019-02-17 06:43:49","https://rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128773/"
 "128772","2019-02-17 06:43:44","https://rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128772/"
 "128771","2019-02-17 06:43:39","https://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128771/"
-"128770","2019-02-17 06:43:33","https://rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128770/"
+"128770","2019-02-17 06:43:33","https://rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128770/"
 "128769","2019-02-17 06:43:28","https://rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128769/"
 "128768","2019-02-17 06:43:23","https://rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128768/"
 "128767","2019-02-17 06:43:16","https://rjsrwaco.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128767/"
@@ -2353,7 +3794,7 @@
 "128730","2019-02-17 06:39:46","http://rjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128730/"
 "128728","2019-02-17 06:39:45","http://rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128728/"
 "128729","2019-02-17 06:39:45","http://rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128729/"
-"128726","2019-02-17 06:39:44","http://rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128726/"
+"128726","2019-02-17 06:39:44","http://rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128726/"
 "128727","2019-02-17 06:39:44","http://rjsrwaco.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128727/"
 "128725","2019-02-17 06:39:36","http://rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128725/"
 "128724","2019-02-17 06:39:28","http://rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128724/"
@@ -2381,29 +3822,29 @@
 "128702","2019-02-17 06:20:10","http://dl-gameplayer.dmm.com/product/apkggame/silkys_angelica/silkys_angelica/win/src/content/data/AI5WIN.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128702/"
 "128701","2019-02-17 05:43:08","http://dl-gameplayer.dmm.com/product/apkggame/nel_narikiri/nel_narikiri/win/src/content/data/%E3%81%AA%E3%82%8A%E3%81%8D%E3%82%8A%E3%83%90%E3%82%AB%E3%83%83%E3%83%97%E3%83%AB%EF%BC%81.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128701/"
 "128700","2019-02-17 05:41:05","http://dl-gameplayer.dmm.com/product/apkggame/GIGA_BaldrBringerExtendCode/GIGA_BaldrBringerExtendCode/win/src/content/data/Data/Uninstall.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128700/"
-"128699","2019-02-17 05:39:00","http://helpyouman.tk/files/f0276370.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128699/"
+"128699","2019-02-17 05:39:00","http://helpyouman.tk/files/f0276370.xsph.ru.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128699/"
 "128698","2019-02-17 03:22:05","http://forodigitalpyme.es/US/file/Invoice_Notice/YSBoc-HFsMY_FXHFU-bf","offline","malware_download","doc","https://urlhaus.abuse.ch/url/128698/"
 "128697","2019-02-17 03:22:03","http://kmu-kaluga.ru/assets/images/cnt/benefits/whe.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/128697/"
 "128696","2019-02-17 03:10:10","http://kmu-kaluga.ru/assets/images/cnt/benefits/whe4.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/128696/"
-"128695","2019-02-17 03:10:09","http://helpyouman.tk/files/f0276376.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128695/"
-"128694","2019-02-17 03:01:38","http://helpyouman.tk/files/f0277191.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128694/"
+"128695","2019-02-17 03:10:09","http://helpyouman.tk/files/f0276376.xsph.ru.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128695/"
+"128694","2019-02-17 03:01:38","http://helpyouman.tk/files/f0277191.xsph.ru.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128694/"
 "128693","2019-02-17 02:50:04","http://kmu-kaluga.ru/assets/images/cnt/benefits/elbb.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128693/"
 "128692","2019-02-17 02:49:09","http://kmu-kaluga.ru/assets/images/cnt/benefits/frc.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/128692/"
 "128691","2019-02-17 02:48:07","http://coffeeatthejunction.com/hBfL","offline","malware_download","amazonprofile,Cobalt,CobaltStrike,encrypted,payload,stage2,Strike","https://urlhaus.abuse.ch/url/128691/"
-"128690","2019-02-17 02:46:06","http://helpyouman.tk/files/a0275202.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128690/"
-"128689","2019-02-17 02:40:08","http://helpyouman.tk/files/f0277063.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128689/"
+"128690","2019-02-17 02:46:06","http://helpyouman.tk/files/a0275202.xsph.ru.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128690/"
+"128689","2019-02-17 02:40:08","http://helpyouman.tk/files/f0277063.xsph.ru.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128689/"
 "128688","2019-02-17 02:40:03","http://kmu-kaluga.ru/assets/images/cnt/benefits/ago8.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/128688/"
 "128687","2019-02-17 02:36:09","http://kmu-kaluga.ru/assets/images/cnt/benefits/frnn.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128687/"
-"128686","2019-02-17 02:23:09","http://helpyouman.tk/files/f0275183.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128686/"
+"128686","2019-02-17 02:23:09","http://helpyouman.tk/files/f0275183.xsph.ru.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128686/"
 "128685","2019-02-17 02:06:15","http://kmu-kaluga.ru/assets/images/cnt/benefits/obi7.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/128685/"
 "128684","2019-02-17 02:06:06","http://rockenstein-gmbh.de/templates/beez5/fonts/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128684/"
 "128683","2019-02-17 01:27:10","http://kmu-kaluga.ru/assets/images/cnt/benefits/solo.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128683/"
-"128682","2019-02-17 01:26:24","http://helpyouman.tk/files/f0276416.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128682/"
+"128682","2019-02-17 01:26:24","http://helpyouman.tk/files/f0276416.xsph.ru.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128682/"
 "128681","2019-02-17 01:25:08","http://modexcommunications.eu/alex/alex.exe","online","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/128681/"
 "128680","2019-02-17 00:59:15","http://home.earthlink.net/~ruthtraa/shipment-label.jar","online","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/128680/"
 "128679","2019-02-17 00:49:04","http://14.183.241.169:41283/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/128679/"
-"128678","2019-02-17 00:48:03","http://83.166.241.99/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128678/"
-"128677","2019-02-17 00:48:02","http://83.166.241.99/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128677/"
+"128678","2019-02-17 00:48:03","http://83.166.241.99/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128678/"
+"128677","2019-02-17 00:48:02","http://83.166.241.99/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128677/"
 "128676","2019-02-17 00:45:12","http://chinhdropfile.myvnc.com/cig.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128676/"
 "128675","2019-02-17 00:35:04","http://www.rockenstein-gmbh.de/templates/beez5/fonts/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/128675/"
 "128674","2019-02-17 00:25:08","http://garenanow4.myvnc.com:81/cig.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128674/"
@@ -2422,7 +3863,7 @@
 "128661","2019-02-17 00:23:16","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128661/"
 "128660","2019-02-17 00:23:12","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128660/"
 "128659","2019-02-17 00:23:05","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128659/"
-"128658","2019-02-17 00:22:34","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128658/"
+"128658","2019-02-17 00:22:34","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128658/"
 "128657","2019-02-17 00:22:31","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128657/"
 "128656","2019-02-17 00:22:28","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128656/"
 "128655","2019-02-17 00:22:24","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128655/"
@@ -2466,7 +3907,7 @@
 "128617","2019-02-17 00:20:16","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128617/"
 "128616","2019-02-17 00:20:14","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128616/"
 "128615","2019-02-17 00:20:13","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128615/"
-"128614","2019-02-17 00:20:12","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128614/"
+"128614","2019-02-17 00:20:12","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128614/"
 "128613","2019-02-17 00:20:11","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128613/"
 "128612","2019-02-17 00:20:09","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128612/"
 "128611","2019-02-17 00:20:06","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128611/"
@@ -2500,7 +3941,7 @@
 "128583","2019-02-17 00:18:19","https://folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128583/"
 "128582","2019-02-17 00:18:15","https://folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128582/"
 "128581","2019-02-17 00:18:10","https://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128581/"
-"128580","2019-02-17 00:18:06","https://folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128580/"
+"128580","2019-02-17 00:18:06","https://folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128580/"
 "128579","2019-02-17 00:18:03","https://folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128579/"
 "128578","2019-02-17 00:17:59","https://folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128578/"
 "128577","2019-02-17 00:17:52","https://folkbjnrwwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128577/"
@@ -2543,7 +3984,7 @@
 "128540","2019-02-17 00:16:25","http://folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128540/"
 "128538","2019-02-17 00:16:24","http://folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128538/"
 "128539","2019-02-17 00:16:24","http://folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128539/"
-"128536","2019-02-17 00:16:23","http://folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128536/"
+"128536","2019-02-17 00:16:23","http://folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128536/"
 "128537","2019-02-17 00:16:23","http://folkbjnrwwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128537/"
 "128535","2019-02-17 00:16:22","http://folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128535/"
 "128534","2019-02-17 00:16:21","http://folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128534/"
@@ -2578,7 +4019,7 @@
 "128505","2019-02-17 00:15:31","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128505/"
 "128504","2019-02-17 00:15:28","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128504/"
 "128503","2019-02-17 00:15:25","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128503/"
-"128502","2019-02-17 00:15:23","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128502/"
+"128502","2019-02-17 00:15:23","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128502/"
 "128501","2019-02-17 00:15:20","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128501/"
 "128500","2019-02-17 00:15:18","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128500/"
 "128499","2019-02-17 00:15:15","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128499/"
@@ -2621,7 +4062,7 @@
 "128460","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128460/"
 "128461","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128461/"
 "128462","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128462/"
-"128458","2019-02-17 00:14:07","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128458/"
+"128458","2019-02-17 00:14:07","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128458/"
 "128459","2019-02-17 00:14:07","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128459/"
 "128457","2019-02-17 00:14:06","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128457/"
 "128456","2019-02-17 00:14:05","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128456/"
@@ -2656,7 +4097,7 @@
 "128427","2019-02-17 00:12:12","https://actionfraud.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128427/"
 "128426","2019-02-17 00:12:09","https://actionfraud.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128426/"
 "128425","2019-02-17 00:12:06","https://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128425/"
-"128424","2019-02-17 00:12:04","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128424/"
+"128424","2019-02-17 00:12:04","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128424/"
 "128423","2019-02-17 00:12:01","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128423/"
 "128422","2019-02-17 00:11:59","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128422/"
 "128421","2019-02-17 00:11:56","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128421/"
@@ -2698,7 +4139,7 @@
 "128385","2019-02-17 00:10:37","http://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128385/"
 "128383","2019-02-17 00:10:36","http://actionfraud.coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128383/"
 "128384","2019-02-17 00:10:36","http://actionfraud.coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128384/"
-"128380","2019-02-17 00:10:35","http://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128380/"
+"128380","2019-02-17 00:10:35","http://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128380/"
 "128381","2019-02-17 00:10:35","http://actionfraud.coqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128381/"
 "128382","2019-02-17 00:10:35","http://actionfraud.coqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128382/"
 "128379","2019-02-17 00:10:33","http://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128379/"
@@ -2723,13 +4164,13 @@
 "128360","2019-02-17 00:10:08","http://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128360/"
 "128359","2019-02-16 23:59:05","http://drberrinkarakuy.com/WbB9Y9w/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/128359/"
 "128358","2019-02-16 23:58:10","http://garenanow.myvnc.com:81/CIG_MHKD.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128358/"
-"128356","2019-02-16 23:46:03","http://83.166.241.99/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128356/"
-"128357","2019-02-16 23:46:03","http://83.166.241.99/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128357/"
-"128355","2019-02-16 23:46:02","http://83.166.241.99/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128355/"
-"128354","2019-02-16 23:45:04","http://83.166.241.99/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128354/"
-"128353","2019-02-16 23:45:03","http://83.166.241.99/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128353/"
-"128352","2019-02-16 23:45:02","http://83.166.241.99/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128352/"
-"128351","2019-02-16 23:44:02","http://83.166.241.99/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128351/"
+"128356","2019-02-16 23:46:03","http://83.166.241.99/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128356/"
+"128357","2019-02-16 23:46:03","http://83.166.241.99/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128357/"
+"128355","2019-02-16 23:46:02","http://83.166.241.99/AB4g5/Josho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128355/"
+"128354","2019-02-16 23:45:04","http://83.166.241.99/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128354/"
+"128353","2019-02-16 23:45:03","http://83.166.241.99/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128353/"
+"128352","2019-02-16 23:45:02","http://83.166.241.99/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128352/"
+"128351","2019-02-16 23:44:02","http://83.166.241.99/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128351/"
 "128350","2019-02-16 23:41:03","http://185.101.105.168/OwO/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128350/"
 "128349","2019-02-16 23:41:02","http://185.101.105.168/OwO/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128349/"
 "128348","2019-02-16 23:38:11","http://185.101.105.168/OwO/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128348/"
@@ -2738,18 +4179,18 @@
 "128345","2019-02-16 23:38:03","http://185.101.105.168/OwO/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128345/"
 "128344","2019-02-16 23:33:03","http://185.101.105.168/OwO/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128344/"
 "128343","2019-02-16 23:22:04","http://185.101.105.168:80/OwO/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128343/"
-"128342","2019-02-16 23:22:03","http://83.166.241.99:80/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128342/"
+"128342","2019-02-16 23:22:03","http://83.166.241.99:80/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128342/"
 "128341","2019-02-16 23:22:02","http://185.101.105.168:80/OwO/Tsunami.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128341/"
 "128340","2019-02-16 23:20:09","http://185.101.105.168:80/OwO/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128340/"
 "128339","2019-02-16 23:20:08","http://185.101.105.168:80/OwO/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128339/"
-"128338","2019-02-16 23:20:05","http://fctu.xyz/document/cr7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128338/"
-"128337","2019-02-16 23:20:02","http://83.166.241.99:80/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128337/"
-"128335","2019-02-16 23:19:03","http://83.166.241.99:80/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128335/"
-"128336","2019-02-16 23:19:03","http://83.166.241.99:80/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128336/"
+"128338","2019-02-16 23:20:05","http://fctu.xyz/document/cr7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128338/"
+"128337","2019-02-16 23:20:02","http://83.166.241.99:80/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128337/"
+"128335","2019-02-16 23:19:03","http://83.166.241.99:80/AB4g5/Josho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128335/"
+"128336","2019-02-16 23:19:03","http://83.166.241.99:80/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128336/"
 "128334","2019-02-16 23:07:07","http://185.101.105.168:80/OwO/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128334/"
-"128333","2019-02-16 23:01:15","http://83.166.241.99:80/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128333/"
-"128332","2019-02-16 23:01:12","http://83.166.241.99:80/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128332/"
-"128331","2019-02-16 23:01:08","http://83.166.241.99:80/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128331/"
+"128333","2019-02-16 23:01:15","http://83.166.241.99:80/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128333/"
+"128332","2019-02-16 23:01:12","http://83.166.241.99:80/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128332/"
+"128331","2019-02-16 23:01:08","http://83.166.241.99:80/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128331/"
 "128330","2019-02-16 23:01:05","http://185.101.105.168:80/OwO/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128330/"
 "128329","2019-02-16 21:54:09","http://169.50.86.213:443/xU9UHGabKGbf2d7Yg4XTDA5f3T_lv","online","malware_download","exe","https://urlhaus.abuse.ch/url/128329/"
 "128328","2019-02-16 21:53:01","http://112.117.221.26/cdn/pcclient/20180716/16/16/masar.zip","online","malware_download","Banload","https://urlhaus.abuse.ch/url/128328/"
@@ -2766,7 +4207,7 @@
 "128317","2019-02-16 21:42:20","http://13.209.81.235/jus/1jus.zip","online","malware_download","Encoded","https://urlhaus.abuse.ch/url/128317/"
 "128316","2019-02-16 21:42:11","http://13.209.81.235/jus/jus.zip","online","malware_download","Encoded","https://urlhaus.abuse.ch/url/128316/"
 "128315","2019-02-16 21:28:08","http://159.65.101.80:80/bins/telnet.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128315/"
-"128314","2019-02-16 21:27:13","http://fctu.xyz/document/MK2UoD5IHDuAVaG.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128314/"
+"128314","2019-02-16 21:27:13","http://fctu.xyz/document/MK2UoD5IHDuAVaG.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128314/"
 "128313","2019-02-16 21:26:06","http://159.65.101.80:80/bins/telnet.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128313/"
 "128312","2019-02-16 21:26:02","http://159.65.101.80:80/bins/telnet.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128312/"
 "128311","2019-02-16 21:18:07","http://159.65.101.80:80/bins/telnet.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128311/"
@@ -2784,10 +4225,10 @@
 "128299","2019-02-16 21:04:03","http://159.65.101.80/bins/telnet.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128299/"
 "128298","2019-02-16 20:54:02","http://159.65.101.80:80/bins/telnet.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128298/"
 "128297","2019-02-16 20:50:03","http://installer-vpn.ru/install.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128297/"
-"128296","2019-02-16 20:31:02","http://fctu.xyz/document/jn4X2CCVc5yUBd3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128296/"
+"128296","2019-02-16 20:31:02","http://fctu.xyz/document/jn4X2CCVc5yUBd3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128296/"
 "128295","2019-02-16 20:21:07","http://reveron-one.ru/install.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128295/"
 "128294","2019-02-16 19:36:05","http://optionscity.com/wp-content/wptouch-data/debug/safebrowsing.exe","online","malware_download","chthonic,exe","https://urlhaus.abuse.ch/url/128294/"
-"128293","2019-02-16 19:34:03","http://fctu.xyz/document/cr8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128293/"
+"128293","2019-02-16 19:34:03","http://fctu.xyz/document/cr8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128293/"
 "128292","2019-02-16 19:11:03","https://uc2fcae4176383841969e2a3093d.dl.dropboxusercontent.com/cd/0/get/AbcZ4k1uy0sKkDvjasGPvO0YyeZ-mMLLnbj0EsNcg7_ybXY4p_S4PoGxlk4zxWz6gCXI-s6DJipH1O6lSxpZBTW9jpC0JTZ81gvSgNPrp1GRuQ/file?dl=1","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128292/"
 "128291","2019-02-16 18:10:30","http://garenanow4.myvnc.com/cig_mhkd.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128291/"
 "128290","2019-02-16 18:10:15","http://107.179.34.49/s443ls","online","malware_download","elf","https://urlhaus.abuse.ch/url/128290/"
@@ -2804,7 +4245,7 @@
 "128279","2019-02-16 18:09:30","https://sitwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128279/"
 "128278","2019-02-16 18:09:26","https://sitwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128278/"
 "128277","2019-02-16 18:09:23","https://sitwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128277/"
-"128276","2019-02-16 18:09:19","https://sitwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128276/"
+"128276","2019-02-16 18:09:19","https://sitwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128276/"
 "128275","2019-02-16 18:09:15","https://sitwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128275/"
 "128274","2019-02-16 18:09:12","https://sitwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128274/"
 "128273","2019-02-16 18:09:09","https://sitwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128273/"
@@ -2847,7 +4288,7 @@
 "128236","2019-02-16 18:05:31","http://sitwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128236/"
 "128234","2019-02-16 18:05:30","http://sitwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128234/"
 "128235","2019-02-16 18:05:30","http://sitwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128235/"
-"128232","2019-02-16 18:05:29","http://sitwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128232/"
+"128232","2019-02-16 18:05:29","http://sitwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128232/"
 "128233","2019-02-16 18:05:29","http://sitwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128233/"
 "128231","2019-02-16 18:05:23","http://sitwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128231/"
 "128230","2019-02-16 18:05:18","http://sitwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128230/"
@@ -2915,7 +4356,7 @@
 "128168","2019-02-16 17:17:24","https://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128168/"
 "128167","2019-02-16 17:17:22","https://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128167/"
 "128166","2019-02-16 17:17:19","https://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128166/"
-"128165","2019-02-16 17:17:17","https://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128165/"
+"128165","2019-02-16 17:17:17","https://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128165/"
 "128164","2019-02-16 17:17:14","https://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128164/"
 "128163","2019-02-16 17:17:12","https://arash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128163/"
 "128162","2019-02-16 17:17:09","https://arash.tcoqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128162/"
@@ -2959,7 +4400,7 @@
 "128122","2019-02-16 17:15:58","http://arash.tcoqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128122/"
 "128123","2019-02-16 17:15:58","http://arash.tcoqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128123/"
 "128124","2019-02-16 17:15:58","http://arash.tcoqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128124/"
-"128121","2019-02-16 17:15:57","http://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128121/"
+"128121","2019-02-16 17:15:57","http://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128121/"
 "128120","2019-02-16 17:15:56","http://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128120/"
 "128119","2019-02-16 17:15:55","http://arash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128119/"
 "128118","2019-02-16 17:15:53","http://arash.tcoqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128118/"
@@ -2994,7 +4435,7 @@
 "128089","2019-02-16 17:14:58","https://tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128089/"
 "128088","2019-02-16 17:14:55","https://tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128088/"
 "128087","2019-02-16 17:14:52","https://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128087/"
-"128086","2019-02-16 17:14:49","https://tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128086/"
+"128086","2019-02-16 17:14:49","https://tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128086/"
 "128085","2019-02-16 17:14:47","https://tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128085/"
 "128084","2019-02-16 17:14:44","https://tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128084/"
 "128083","2019-02-16 17:14:40","https://tcoqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128083/"
@@ -3038,7 +4479,7 @@
 "128045","2019-02-16 17:11:17","http://tcoqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128045/"
 "128044","2019-02-16 17:11:16","http://tcoqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128044/"
 "128043","2019-02-16 17:11:14","http://tcoqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128043/"
-"128042","2019-02-16 17:11:11","http://tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128042/"
+"128042","2019-02-16 17:11:11","http://tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128042/"
 "128041","2019-02-16 17:11:03","http://185.101.105.168/bins.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/128041/"
 "128040","2019-02-16 17:10:30","http://tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128040/"
 "128039","2019-02-16 17:10:24","http://tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128039/"
@@ -3073,7 +4514,7 @@
 "128010","2019-02-16 17:06:48","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128010/"
 "128009","2019-02-16 17:06:42","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128009/"
 "128008","2019-02-16 17:06:36","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128008/"
-"128007","2019-02-16 17:06:30","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128007/"
+"128007","2019-02-16 17:06:30","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128007/"
 "128006","2019-02-16 17:06:24","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128006/"
 "128005","2019-02-16 17:06:13","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128005/"
 "128004","2019-02-16 17:06:07","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128004/"
@@ -3117,7 +4558,7 @@
 "127965","2019-02-16 17:02:12","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127965/"
 "127966","2019-02-16 17:02:12","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127966/"
 "127964","2019-02-16 17:02:11","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127964/"
-"127963","2019-02-16 17:02:08","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127963/"
+"127963","2019-02-16 17:02:08","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127963/"
 "127962","2019-02-16 17:02:04","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127962/"
 "127961","2019-02-16 17:02:03","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127961/"
 "127960","2019-02-16 17:02:01","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127960/"
@@ -3151,7 +4592,7 @@
 "127932","2019-02-16 17:00:27","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127932/"
 "127931","2019-02-16 17:00:20","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127931/"
 "127930","2019-02-16 17:00:11","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127930/"
-"127929","2019-02-16 17:00:08","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127929/"
+"127929","2019-02-16 17:00:08","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127929/"
 "127928","2019-02-16 17:00:05","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127928/"
 "127927","2019-02-16 17:00:01","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127927/"
 "127926","2019-02-16 16:59:56","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127926/"
@@ -3195,7 +4636,7 @@
 "127889","2019-02-16 16:58:24","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127889/"
 "127887","2019-02-16 16:58:23","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127887/"
 "127886","2019-02-16 16:58:21","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127886/"
-"127885","2019-02-16 16:58:20","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127885/"
+"127885","2019-02-16 16:58:20","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127885/"
 "127884","2019-02-16 16:58:19","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127884/"
 "127883","2019-02-16 16:58:18","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127883/"
 "127882","2019-02-16 16:58:17","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127882/"
@@ -3229,7 +4670,7 @@
 "127854","2019-02-16 16:57:19","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127854/"
 "127853","2019-02-16 16:57:17","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127853/"
 "127852","2019-02-16 16:57:13","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127852/"
-"127851","2019-02-16 16:57:11","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127851/"
+"127851","2019-02-16 16:57:11","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127851/"
 "127850","2019-02-16 16:57:09","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127850/"
 "127849","2019-02-16 16:57:07","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127849/"
 "127848","2019-02-16 16:57:04","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127848/"
@@ -3273,7 +4714,7 @@
 "127810","2019-02-16 16:55:54","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127810/"
 "127811","2019-02-16 16:55:54","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127811/"
 "127808","2019-02-16 16:55:53","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127808/"
-"127807","2019-02-16 16:55:48","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127807/"
+"127807","2019-02-16 16:55:48","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127807/"
 "127806","2019-02-16 16:55:47","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127806/"
 "127805","2019-02-16 16:55:46","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127805/"
 "127804","2019-02-16 16:55:44","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127804/"
@@ -3307,7 +4748,7 @@
 "127776","2019-02-16 16:54:41","https://bjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127776/"
 "127775","2019-02-16 16:54:38","https://bjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127775/"
 "127774","2019-02-16 16:54:35","https://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127774/"
-"127773","2019-02-16 16:54:33","https://bjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127773/"
+"127773","2019-02-16 16:54:33","https://bjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127773/"
 "127772","2019-02-16 16:54:30","https://bjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127772/"
 "127771","2019-02-16 16:54:28","https://bjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127771/"
 "127770","2019-02-16 16:54:25","https://bjnrwwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127770/"
@@ -3351,7 +4792,7 @@
 "127730","2019-02-16 16:53:16","http://bjnrwwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127730/"
 "127731","2019-02-16 16:53:16","http://bjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127731/"
 "127732","2019-02-16 16:53:16","http://bjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127732/"
-"127729","2019-02-16 16:53:15","http://bjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127729/"
+"127729","2019-02-16 16:53:15","http://bjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127729/"
 "127728","2019-02-16 16:53:14","http://bjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127728/"
 "127727","2019-02-16 16:53:13","http://bjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127727/"
 "127726","2019-02-16 16:53:11","http://bjnrwwww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127726/"
@@ -3385,7 +4826,7 @@
 "127698","2019-02-16 16:49:37","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127698/"
 "127697","2019-02-16 16:49:33","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127697/"
 "127696","2019-02-16 16:49:28","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127696/"
-"127695","2019-02-16 16:49:24","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127695/"
+"127695","2019-02-16 16:49:24","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127695/"
 "127694","2019-02-16 16:49:21","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127694/"
 "127693","2019-02-16 16:49:17","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127693/"
 "127692","2019-02-16 16:49:12","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127692/"
@@ -3429,7 +4870,7 @@
 "127654","2019-02-16 16:44:20","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127654/"
 "127653","2019-02-16 16:44:17","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127653/"
 "127652","2019-02-16 16:44:14","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127652/"
-"127651","2019-02-16 16:44:11","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127651/"
+"127651","2019-02-16 16:44:11","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127651/"
 "127650","2019-02-16 16:44:03","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127650/"
 "127649","2019-02-16 16:43:55","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127649/"
 "127648","2019-02-16 16:43:46","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127648/"
@@ -3472,16 +4913,16 @@
 "127611","2019-02-16 12:24:02","http://208.89.211.38/bins/x86.light","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127611/"
 "127610","2019-02-16 12:22:03","http://104.219.235.157/bins/xbox.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127610/"
 "127609","2019-02-16 12:22:02","http://104.219.235.157/bins/xbox.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127609/"
-"127608","2019-02-16 12:17:06","http://198.98.58.235/cnc.ppc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127608/"
-"127607","2019-02-16 12:17:05","http://198.98.58.235/cnc.m68k","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127607/"
-"127606","2019-02-16 12:17:03","http://198.98.58.235/cnc.mpsl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127606/"
-"127605","2019-02-16 12:16:08","http://198.98.58.235/cnc.x86","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127605/"
-"127604","2019-02-16 12:16:07","http://198.98.58.235/nut","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127604/"
-"127603","2019-02-16 12:16:05","http://198.98.58.235/cnc.arm6","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127603/"
-"127602","2019-02-16 12:16:03","http://198.98.58.235/cnc.sh4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127602/"
-"127601","2019-02-16 12:14:06","http://198.98.58.235/cnc.586","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127601/"
-"127600","2019-02-16 12:14:03","http://198.98.58.235/cnc.mips","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127600/"
-"127599","2019-02-16 12:13:09","http://198.98.58.235/cnc.686","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127599/"
+"127608","2019-02-16 12:17:06","http://198.98.58.235/cnc.ppc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127608/"
+"127607","2019-02-16 12:17:05","http://198.98.58.235/cnc.m68k","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127607/"
+"127606","2019-02-16 12:17:03","http://198.98.58.235/cnc.mpsl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127606/"
+"127605","2019-02-16 12:16:08","http://198.98.58.235/cnc.x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127605/"
+"127604","2019-02-16 12:16:07","http://198.98.58.235/nut","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127604/"
+"127603","2019-02-16 12:16:05","http://198.98.58.235/cnc.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127603/"
+"127602","2019-02-16 12:16:03","http://198.98.58.235/cnc.sh4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127602/"
+"127601","2019-02-16 12:14:06","http://198.98.58.235/cnc.586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127601/"
+"127600","2019-02-16 12:14:03","http://198.98.58.235/cnc.mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127600/"
+"127599","2019-02-16 12:13:09","http://198.98.58.235/cnc.686","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127599/"
 "127598","2019-02-16 12:13:07","http://104.219.235.157/bins/xbox.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127598/"
 "127597","2019-02-16 12:13:06","http://104.219.235.157/bins/xbox.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127597/"
 "127596","2019-02-16 12:13:04","http://104.219.235.157/bins/xbox.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127596/"
@@ -3502,15 +4943,15 @@
 "127581","2019-02-16 11:32:05","http://208.89.211.38:80/bins/x86.light","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127581/"
 "127580","2019-02-16 11:32:02","http://104.219.235.157:80/bins/xbox.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127580/"
 "127579","2019-02-16 11:28:03","http://netsoft.net.pl/wp-content/themes/porcelain/lang/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127579/"
-"127578","2019-02-16 10:58:03","http://mrdp.net.pl/administrator/cache/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127578/"
+"127578","2019-02-16 10:58:03","http://mrdp.net.pl/administrator/cache/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127578/"
 "127577","2019-02-16 10:46:16","http://croesetranslations.com/files/Postal_Rosario_Garcia_11.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/127577/"
-"127576","2019-02-16 10:46:11","http://hydra100.staroundi.com/tblis188/smk1202.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/127576/"
+"127576","2019-02-16 10:46:11","http://hydra100.staroundi.com/tblis188/smk1202.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/127576/"
 "127575","2019-02-16 10:39:18","http://netsoft.net.pl/wp-content/themes/porcelain/css/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127575/"
-"127574","2019-02-16 10:35:14","http://supreme.net.pl/administrator/cache/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127574/"
+"127574","2019-02-16 10:35:14","http://supreme.net.pl/administrator/cache/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127574/"
 "127573","2019-02-16 10:12:11","http://galladoria.de/templates/rt_oculus/html/com_content/archive/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/127573/"
 "127572","2019-02-16 10:04:10","http://crownrentals.net/US/doc/Invoice_number/UAIL-mF_Dm-iC","offline","malware_download","doc","https://urlhaus.abuse.ch/url/127572/"
 "127571","2019-02-16 09:56:02","http://185.244.25.173/bins/Solstice.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127571/"
-"127570","2019-02-16 09:52:02","http://hydra100.staroundi.com/levxty017/jsmk1302.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/127570/"
+"127570","2019-02-16 09:52:02","http://hydra100.staroundi.com/levxty017/jsmk1302.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/127570/"
 "127569","2019-02-16 08:48:03","http://savethechildren.xyz/onlineform/iTappy.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/127569/"
 "127568","2019-02-16 08:41:05","http://techrecyclers.info/EN_en/jSjtg-W7_gGC-rJX","offline","malware_download","doc","https://urlhaus.abuse.ch/url/127568/"
 "127567","2019-02-16 08:23:02","http://185.244.25.139/armv4l","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127567/"
@@ -3584,7 +5025,7 @@
 "127499","2019-02-16 06:50:52","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127499/"
 "127498","2019-02-16 06:50:50","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127498/"
 "127497","2019-02-16 06:50:47","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127497/"
-"127496","2019-02-16 06:50:44","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127496/"
+"127496","2019-02-16 06:50:44","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127496/"
 "127495","2019-02-16 06:50:42","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127495/"
 "127494","2019-02-16 06:50:39","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127494/"
 "127493","2019-02-16 06:50:36","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127493/"
@@ -3627,7 +5068,7 @@
 "127454","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127454/"
 "127455","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127455/"
 "127456","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127456/"
-"127452","2019-02-16 06:49:27","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127452/"
+"127452","2019-02-16 06:49:27","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127452/"
 "127453","2019-02-16 06:49:27","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127453/"
 "127451","2019-02-16 06:49:26","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127451/"
 "127450","2019-02-16 06:49:25","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127450/"
@@ -3662,7 +5103,7 @@
 "127421","2019-02-16 06:48:29","https://cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127421/"
 "127420","2019-02-16 06:48:27","https://cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127420/"
 "127419","2019-02-16 06:48:24","https://cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127419/"
-"127418","2019-02-16 06:48:21","https://cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127418/"
+"127418","2019-02-16 06:48:21","https://cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127418/"
 "127417","2019-02-16 06:48:19","https://cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127417/"
 "127416","2019-02-16 06:48:17","https://cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127416/"
 "127415","2019-02-16 06:48:14","https://cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127415/"
@@ -3705,7 +5146,7 @@
 "127377","2019-02-16 06:47:11","http://cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127377/"
 "127378","2019-02-16 06:47:11","http://cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127378/"
 "127376","2019-02-16 06:47:10","http://cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127376/"
-"127374","2019-02-16 06:47:04","http://cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127374/"
+"127374","2019-02-16 06:47:04","http://cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127374/"
 "127375","2019-02-16 06:47:04","http://cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127375/"
 "127373","2019-02-16 06:47:03","http://cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127373/"
 "127372","2019-02-16 06:46:34","http://cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127372/"
@@ -3740,7 +5181,7 @@
 "127343","2019-02-16 06:45:27","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127343/"
 "127342","2019-02-16 06:45:24","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127342/"
 "127341","2019-02-16 06:45:20","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127341/"
-"127340","2019-02-16 06:45:17","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127340/"
+"127340","2019-02-16 06:45:17","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127340/"
 "127339","2019-02-16 06:45:14","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127339/"
 "127338","2019-02-16 06:45:11","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127338/"
 "127337","2019-02-16 06:45:07","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127337/"
@@ -3782,7 +5223,7 @@
 "127302","2019-02-16 06:43:30","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127302/"
 "127299","2019-02-16 06:43:29","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127299/"
 "127300","2019-02-16 06:43:29","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127300/"
-"127296","2019-02-16 06:43:28","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127296/"
+"127296","2019-02-16 06:43:28","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127296/"
 "127297","2019-02-16 06:43:28","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127297/"
 "127298","2019-02-16 06:43:28","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127298/"
 "127295","2019-02-16 06:43:27","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127295/"
@@ -3818,7 +5259,7 @@
 "127265","2019-02-16 06:23:44","http://46.29.163.239/x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127265/"
 "127264","2019-02-16 06:23:42","http://46.29.163.239/mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127264/"
 "127263","2019-02-16 06:23:39","http://104.219.235.147/8UsA.sh","online","malware_download","None","https://urlhaus.abuse.ch/url/127263/"
-"127262","2019-02-16 06:23:35","http://hydra100.staroundi.com/poazt386/jsmk1202.exe","online","malware_download","smokeloader","https://urlhaus.abuse.ch/url/127262/"
+"127262","2019-02-16 06:23:35","http://hydra100.staroundi.com/poazt386/jsmk1202.exe","offline","malware_download","smokeloader","https://urlhaus.abuse.ch/url/127262/"
 "127261","2019-02-16 06:23:28","http://89.46.223.247/OwO/Tsunami.sh4","offline","malware_download","None","https://urlhaus.abuse.ch/url/127261/"
 "127260","2019-02-16 06:23:23","http://89.46.223.247/OwO/Tsunami.m68k","offline","malware_download","None","https://urlhaus.abuse.ch/url/127260/"
 "127259","2019-02-16 06:23:03","http://89.46.223.247/OwO/Tsunami.spc","offline","malware_download","None","https://urlhaus.abuse.ch/url/127259/"
@@ -3832,7 +5273,7 @@
 "127251","2019-02-16 06:22:15","http://89.46.223.247/OwO/Tsunami.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/127251/"
 "127250","2019-02-16 06:22:08","http://89.46.223.247/wget.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/127250/"
 "127249","2019-02-16 06:20:03","http://ilan.baynuri.net/.well-known/acme-challenge/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127249/"
-"127248","2019-02-16 05:49:12","http://thewordrelianceinternational.org/wp-content/themes/event-star/page-templates/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127248/"
+"127248","2019-02-16 05:49:12","http://thewordrelianceinternational.org/wp-content/themes/event-star/page-templates/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127248/"
 "127247","2019-02-16 05:41:02","http://domanhtrang.com/En/scan/Invoice_number/QVKS-FFWtW_nGdgp-xD","offline","malware_download","doc","https://urlhaus.abuse.ch/url/127247/"
 "127246","2019-02-16 05:25:57","http://testingpurpous.000webhostapp.com/done/software.exe","offline","malware_download","https://cofense.com/upgrades-delivery-support-infrastructure,RevengeRAT,threatactor","https://urlhaus.abuse.ch/url/127246/"
 "127245","2019-02-16 05:25:56","http://testingpurpous.000webhostapp.com/test/New%20folder.rar","offline","malware_download","https://cofense.com/upgrades-delivery-support-infrastructure,RevengeRAT,threatactor","https://urlhaus.abuse.ch/url/127245/"
@@ -3853,7 +5294,7 @@
 "127230","2019-02-16 05:04:38","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127230/"
 "127229","2019-02-16 05:04:36","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127229/"
 "127228","2019-02-16 05:04:33","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127228/"
-"127227","2019-02-16 05:04:31","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127227/"
+"127227","2019-02-16 05:04:31","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127227/"
 "127226","2019-02-16 05:04:28","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127226/"
 "127225","2019-02-16 05:04:26","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127225/"
 "127224","2019-02-16 05:04:23","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127224/"
@@ -3897,7 +5338,7 @@
 "127185","2019-02-16 05:03:17","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127185/"
 "127186","2019-02-16 05:03:17","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127186/"
 "127187","2019-02-16 05:03:17","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127187/"
-"127183","2019-02-16 05:03:16","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127183/"
+"127183","2019-02-16 05:03:16","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127183/"
 "127182","2019-02-16 05:03:15","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127182/"
 "127181","2019-02-16 05:03:14","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127181/"
 "127180","2019-02-16 05:03:13","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127180/"
@@ -3931,7 +5372,7 @@
 "127152","2019-02-16 05:02:19","https://comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127152/"
 "127151","2019-02-16 05:02:16","https://comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127151/"
 "127150","2019-02-16 05:02:14","https://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127150/"
-"127149","2019-02-16 05:02:11","https://comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127149/"
+"127149","2019-02-16 05:02:11","https://comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127149/"
 "127148","2019-02-16 05:02:06","https://comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127148/"
 "127147","2019-02-16 05:02:04","https://comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127147/"
 "127146","2019-02-16 05:02:01","https://comduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127146/"
@@ -3975,7 +5416,7 @@
 "127108","2019-02-16 05:00:13","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127108/"
 "127107","2019-02-16 05:00:11","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127107/"
 "127106","2019-02-16 05:00:09","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127106/"
-"127105","2019-02-16 05:00:07","http://comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127105/"
+"127105","2019-02-16 05:00:07","http://comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127105/"
 "127104","2019-02-16 04:59:59","http://comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127104/"
 "127103","2019-02-16 04:59:50","http://comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127103/"
 "127102","2019-02-16 04:59:41","http://comduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127102/"
@@ -4003,7 +5444,7 @@
 "127080","2019-02-16 04:53:18","http://baptysci.waw.pl/audio/piesni/txt/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127080/"
 "127079","2019-02-16 04:40:13","http://yolyardim.baynuri.net/wp-content/ai1wm-backups/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127079/"
 "127078","2019-02-16 04:40:10","http://www.wsu.pl/templates/atomic/images/blog_images/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127078/"
-"127077","2019-02-16 04:40:08","http://szkolarodzenia.sos.pl/administrator/backups/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127077/"
+"127077","2019-02-16 04:40:08","http://szkolarodzenia.sos.pl/administrator/backups/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127077/"
 "127076","2019-02-16 04:40:05","http://www.blinkblink.eu/picture_library/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127076/"
 "127075","2019-02-16 04:35:23","http://ironworks.net/wp-content/themes/customizr/inc/admin/css/iphone-style-checkboxes/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127075/"
 "127074","2019-02-16 04:35:20","http://netsoft.net.pl/wp-content/themes/porcelain/envato-wordpress-toolkit-library/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127074/"
@@ -4018,7 +5459,7 @@
 "127065","2019-02-16 04:03:45","http://shafercharacter.org/.well-known/acme-challenge/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127065/"
 "127064","2019-02-16 04:03:28","http://nexclick.ir/wp-content/themes/appart/fonts-farsi/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127064/"
 "127063","2019-02-16 03:42:21","https://gastrohero.zendesk.com/attachments/token/SpLLREGAJCvV26JDPR1szmfVu/?name=Rechnung+D01K88L.doc/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127063/"
-"127062","2019-02-16 03:42:19","http://xn--90aeb9ae9a.xn--p1ai/Amazon/Documents/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127062/"
+"127062","2019-02-16 03:42:19","http://xn--90aeb9ae9a.xn--p1ai/Amazon/Documents/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127062/"
 "127061","2019-02-16 03:42:14","http://sexchatsnol.nl/Amazon/En/Documents/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127061/"
 "127060","2019-02-16 03:42:09","http://ilo-drink.nl/Amazon/EN/Messages/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127060/"
 "127059","2019-02-16 03:41:20","http://doservicework.com/Amazon/Details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127059/"
@@ -4042,7 +5483,7 @@
 "127041","2019-02-16 03:14:09","https://coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127041/"
 "127040","2019-02-16 03:14:05","https://coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127040/"
 "127039","2019-02-16 03:14:01","https://coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127039/"
-"127038","2019-02-16 03:13:57","https://coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127038/"
+"127038","2019-02-16 03:13:57","https://coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127038/"
 "127037","2019-02-16 03:13:54","https://coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127037/"
 "127036","2019-02-16 03:13:51","https://coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127036/"
 "127035","2019-02-16 03:13:47","https://coqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127035/"
@@ -4085,7 +5526,7 @@
 "126996","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126996/"
 "126997","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126997/"
 "126998","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126998/"
-"126994","2019-02-16 03:12:28","http://coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126994/"
+"126994","2019-02-16 03:12:28","http://coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126994/"
 "126995","2019-02-16 03:12:28","http://coqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126995/"
 "126993","2019-02-16 03:12:27","http://coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126993/"
 "126992","2019-02-16 03:12:26","http://coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126992/"
@@ -4120,7 +5561,7 @@
 "126963","2019-02-16 03:11:36","https://lists.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126963/"
 "126962","2019-02-16 03:11:33","https://lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126962/"
 "126961","2019-02-16 03:11:30","https://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126961/"
-"126960","2019-02-16 03:11:28","https://lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126960/"
+"126960","2019-02-16 03:11:28","https://lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126960/"
 "126959","2019-02-16 03:11:25","https://lists.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126959/"
 "126958","2019-02-16 03:11:23","https://lists.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126958/"
 "126957","2019-02-16 03:11:20","https://lists.coqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126957/"
@@ -4165,7 +5606,7 @@
 "126918","2019-02-16 03:09:26","http://lists.coqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126918/"
 "126919","2019-02-16 03:09:26","http://lists.coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126919/"
 "126915","2019-02-16 03:09:25","http://lists.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126915/"
-"126916","2019-02-16 03:09:25","http://lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126916/"
+"126916","2019-02-16 03:09:25","http://lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126916/"
 "126914","2019-02-16 03:09:24","http://lists.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126914/"
 "126913","2019-02-16 03:09:23","http://lists.coqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126913/"
 "126912","2019-02-16 03:09:21","http://lists.coqianlong.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126912/"
@@ -4186,7 +5627,7 @@
 "126897","2019-02-16 03:09:06","http://lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126897/"
 "126896","2019-02-16 03:09:05","http://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126896/"
 "126895","2019-02-16 02:54:07","http://nkcatering.pl/wp-content/themes/vogue/templates/contents/slavneft.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126895/"
-"126894","2019-02-16 02:54:06","http://alisa-photo.com.ua/admin/ctxmenu/font/docx.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126894/"
+"126894","2019-02-16 02:54:06","http://alisa-photo.com.ua/admin/ctxmenu/font/docx.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126894/"
 "126893","2019-02-16 02:54:04","http://yolyardim.baynuri.net/wp-content/ai1wm-backups/slavneft.zakaz.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126893/"
 "126892","2019-02-16 02:28:23","https://quadriconexiones.info/putty.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126892/"
 "126891","2019-02-16 02:28:20","https://quadriconexiones.info/putty.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126891/"
@@ -4233,10 +5674,10 @@
 "126850","2019-02-16 02:13:09","http://www.rdmarmotte.net/wp-content/themes/responsive/woocommerce/cart/Vseros.Bank.zakaz.docx.zip","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126850/"
 "126849","2019-02-16 02:13:08","http://www.rdmarmotte.net/wp-content/themes/responsive/woocommerce/cart/messg.jpg","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126849/"
 "126848","2019-02-16 02:13:07","http://unswerving.org/blog.old/wp-admin/css/messg.jpg","offline","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126848/"
-"126846","2019-02-16 02:13:03","http://thewordrelianceinternational.org/wp-content/themes/event-star/template-parts/Philip.Morris.International.zip","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126846/"
-"126847","2019-02-16 02:13:03","http://thewordrelianceinternational.org/wp-content/themes/event-star/template-parts/Vseros.Bank.zakaz.docx.zip","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126847/"
-"126845","2019-02-16 02:13:02","http://www.taoday.net/wp-content/themes/twentyten/languages/Philip.Morris.International.zip","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126845/"
-"126844","2019-02-16 02:13:01","http://www.taoday.net/wp-content/themes/twentyten/languages/Vseros.Bank.zakaz.docx.zip","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126844/"
+"126846","2019-02-16 02:13:03","http://thewordrelianceinternational.org/wp-content/themes/event-star/template-parts/Philip.Morris.International.zip","offline","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126846/"
+"126847","2019-02-16 02:13:03","http://thewordrelianceinternational.org/wp-content/themes/event-star/template-parts/Vseros.Bank.zakaz.docx.zip","offline","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126847/"
+"126845","2019-02-16 02:13:02","http://www.taoday.net/wp-content/themes/twentyten/languages/Philip.Morris.International.zip","offline","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126845/"
+"126844","2019-02-16 02:13:01","http://www.taoday.net/wp-content/themes/twentyten/languages/Vseros.Bank.zakaz.docx.zip","offline","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126844/"
 "126843","2019-02-16 02:08:03","http://teelam9.com/Document5.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/126843/"
 "126842","2019-02-16 02:06:10","http://teelam9.com/myloki1.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126842/"
 "126841","2019-02-16 02:06:09","http://teelam9.com/myloki1.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126841/"
@@ -4247,7 +5688,7 @@
 "126836","2019-02-16 01:56:12","http://82.80.63.165:44155/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/126836/"
 "126835","2019-02-16 01:56:09","http://14.46.70.58:49575/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/126835/"
 "126834","2019-02-16 01:56:06","http://191.193.51.34:5133/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/126834/"
-"126833","2019-02-16 01:52:11","http://primeeast.net/images/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126833/"
+"126833","2019-02-16 01:52:11","http://primeeast.net/images/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126833/"
 "126832","2019-02-16 01:49:05","http://torontoluxuryrealestatelistings.com/US_us/corporation/YBFNo-8ndqK_UdBOJ-aK3","offline","malware_download","doc","https://urlhaus.abuse.ch/url/126832/"
 "126831","2019-02-16 01:48:02","http://mikrotik.com.pe/gestion/inc/fpdf/yellowhta/DHL1_TRACKING1_DETAILS1.hta","online","malware_download","autoit,Loader","https://urlhaus.abuse.ch/url/126831/"
 "126830","2019-02-16 01:46:04","http://steveterry.net/wp-admin/css/colors/blue/slavneft.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126830/"
@@ -4271,7 +5712,7 @@
 "126812","2019-02-16 01:33:49","https://duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126812/"
 "126811","2019-02-16 01:33:46","https://duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126811/"
 "126810","2019-02-16 01:33:43","https://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126810/"
-"126809","2019-02-16 01:33:41","https://duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126809/"
+"126809","2019-02-16 01:33:41","https://duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126809/"
 "126808","2019-02-16 01:33:38","https://duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126808/"
 "126807","2019-02-16 01:33:36","https://duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126807/"
 "126806","2019-02-16 01:33:33","https://duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126806/"
@@ -4314,7 +5755,7 @@
 "126767","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126767/"
 "126768","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126768/"
 "126769","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126769/"
-"126765","2019-02-16 01:31:50","http://duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126765/"
+"126765","2019-02-16 01:31:50","http://duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126765/"
 "126766","2019-02-16 01:31:50","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126766/"
 "126764","2019-02-16 01:31:49","http://duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126764/"
 "126763","2019-02-16 01:31:48","http://duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126763/"
@@ -4349,7 +5790,7 @@
 "126734","2019-02-16 01:30:58","https://farmcomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126734/"
 "126733","2019-02-16 01:30:55","https://farmcomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126733/"
 "126732","2019-02-16 01:30:53","https://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126732/"
-"126731","2019-02-16 01:30:50","https://farmcomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126731/"
+"126731","2019-02-16 01:30:50","https://farmcomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126731/"
 "126730","2019-02-16 01:30:48","https://farmcomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126730/"
 "126729","2019-02-16 01:30:45","https://farmcomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126729/"
 "126728","2019-02-16 01:30:43","https://farmcomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126728/"
@@ -4392,7 +5833,7 @@
 "126689","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126689/"
 "126690","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126690/"
 "126691","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126691/"
-"126687","2019-02-16 01:29:06","http://farmcomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126687/"
+"126687","2019-02-16 01:29:06","http://farmcomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126687/"
 "126688","2019-02-16 01:29:06","http://farmcomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126688/"
 "126686","2019-02-16 01:29:05","http://farmcomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126686/"
 "126685","2019-02-16 01:29:04","http://farmcomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126685/"
@@ -4427,7 +5868,7 @@
 "126656","2019-02-16 01:28:12","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126656/"
 "126655","2019-02-16 01:28:09","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126655/"
 "126654","2019-02-16 01:28:06","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126654/"
-"126653","2019-02-16 01:28:04","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126653/"
+"126653","2019-02-16 01:28:04","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126653/"
 "126652","2019-02-16 01:28:01","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126652/"
 "126651","2019-02-16 01:27:58","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126651/"
 "126650","2019-02-16 01:27:56","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126650/"
@@ -4471,7 +5912,7 @@
 "126611","2019-02-16 01:24:39","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126611/"
 "126612","2019-02-16 01:24:39","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126612/"
 "126610","2019-02-16 01:24:38","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126610/"
-"126609","2019-02-16 01:24:37","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126609/"
+"126609","2019-02-16 01:24:37","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126609/"
 "126608","2019-02-16 01:24:32","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126608/"
 "126607","2019-02-16 01:24:27","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126607/"
 "126606","2019-02-16 01:24:19","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126606/"
@@ -4517,14 +5958,14 @@
 "126566","2019-02-16 00:20:02","http://masjidsolar.nl/EN_en/doc/Invoice_Notice/yeKx-z3_pQRN-OH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126566/"
 "126565","2019-02-16 00:16:02","http://xn-----9kccsa1afbhzcgd9a1ay5l.xn--p1ai/scan/EN_en/scan/New_invoice/xdjG-hNRx_vKYc-Dl/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126565/"
 "126564","2019-02-16 00:13:12","http://realdealhouse.eu/WAL/WAH.exe","online","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/126564/"
-"126563","2019-02-16 00:13:05","http://viticomvietnam.com/US/file/Invoice_Notice/oqFVw-8nZ_llHfonJEE-tr/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126563/"
-"126562","2019-02-16 00:04:07","http://altuntuval.com/info/Invoice/dRdoc-G3Q_TdxMB-ygf/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126562/"
+"126563","2019-02-16 00:13:05","http://viticomvietnam.com/US/file/Invoice_Notice/oqFVw-8nZ_llHfonJEE-tr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126563/"
+"126562","2019-02-16 00:04:07","http://altuntuval.com/info/Invoice/dRdoc-G3Q_TdxMB-ygf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126562/"
 "126561","2019-02-16 00:00:05","http://batdongsanphonoi.vn/company/Invoice/uwlS-nrB_QbgLLvsD-gY/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126561/"
 "126560","2019-02-15 23:59:14","http://sweethusky.com/Amazon/Attachments/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126560/"
-"126558","2019-02-15 23:59:13","http://ccbaike.cn/Amazon/Payments_details/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126558/"
+"126558","2019-02-15 23:59:13","http://ccbaike.cn/Amazon/Payments_details/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126558/"
 "126559","2019-02-15 23:59:13","http://lun.otrweb.ru/verif.myaccount.resourses.com/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/126559/"
 "126557","2019-02-15 23:59:09","http://nimitta.life/Amazon/EN/Information/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126557/"
-"126556","2019-02-15 23:59:04","http://rms.uzelbilisim.com.tr/Amazon/En/Information/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126556/"
+"126556","2019-02-15 23:59:04","http://rms.uzelbilisim.com.tr/Amazon/En/Information/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126556/"
 "126555","2019-02-15 23:56:02","https://tischer.ro/document/61805022/gksJP-pt_vVj-agO/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126555/"
 "126554","2019-02-15 23:53:01","http://www.forodigitalpyme.es/US/file/Invoice_Notice/YSBoc-HFsMY_FXHFU-bf/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126554/"
 "126553","2019-02-15 23:49:04","http://ea-no7.net/.well-known/pki-validation/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126553/"
@@ -4557,7 +5998,7 @@
 "126526","2019-02-15 23:30:40","http://ipcalc.net/css/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126526/"
 "126525","2019-02-15 23:30:36","http://jambanswers.org/.well-known/pki-validation/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126525/"
 "126524","2019-02-15 23:30:26","http://hubertpascal.org/templates/hubertpascal/css/fonts/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126524/"
-"126523","2019-02-15 23:30:16","http://mrbr.net.pl/administrator/cache/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126523/"
+"126523","2019-02-15 23:30:16","http://mrbr.net.pl/administrator/cache/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126523/"
 "126522","2019-02-15 23:30:12","http://zdrowie-blog.pl/wp-content/themes/wt_falcon/includes/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126522/"
 "126521","2019-02-15 23:30:06","http://befirstclub.org/EN_en/70553116/VLOP-sxNSc_nyHGmQi-Yz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126521/"
 "126520","2019-02-15 23:25:04","http://equall.co/New_invoice/896860086/mSKV-N3G_kylxdZkR-mm/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126520/"
@@ -4570,8 +6011,8 @@
 "126513","2019-02-15 23:14:12","http://thebeautyresidence.net/wp-content/themes/hemlock/plugins/Philip.Morris.International.zip","offline","malware_download","comrpessed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126513/"
 "126512","2019-02-15 23:14:11","http://thebeautyresidence.net/wp-content/themes/hemlock/plugins/messg.jpg","offline","malware_download","comrpessed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126512/"
 "126511","2019-02-15 23:13:03","http://sonshinecelebrations.com/EN_en/download/Inv/ILaR-yT_toW-qu2/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126511/"
-"126510","2019-02-15 23:12:05","http://teelam9.com/myfb11.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/126510/"
-"126509","2019-02-15 23:09:06","http://thewordrelianceinternational.org/wp-content/themes/event-star/template-parts/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126509/"
+"126510","2019-02-15 23:12:05","http://teelam9.com/myfb11.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/126510/"
+"126509","2019-02-15 23:09:06","http://thewordrelianceinternational.org/wp-content/themes/event-star/template-parts/messg.jpg","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126509/"
 "126508","2019-02-15 23:09:02","http://jambanswers.org/.well-known/pki-validation/Vseros.Bank.zakaz.docx.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126508/"
 "126507","2019-02-15 23:08:03","http://westsideresources.org/US_us/scan/Copy_Invoice/BmNl-4B_LMSObWM-FN9/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126507/"
 "126506","2019-02-15 23:03:02","http://mkcelectric.com/doc/qvjs-cJG4D_zNPVc-GG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126506/"
@@ -4597,11 +6038,11 @@
 "126486","2019-02-15 22:07:24","http://tellingmusic.com/En_us/document/Copy_Invoice/051321957164/Jdmj-w2F_WaL-cS/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126486/"
 "126485","2019-02-15 22:07:18","http://treasureto.com/Amazon/EN/Transactions-details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126485/"
 "126484","2019-02-15 22:07:11","http://thebandofrivals.dreamhosters.com/Amazon/EN/Clients_transactions/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126484/"
-"126483","2019-02-15 22:07:05","http://starlineyapi.xyz/AMAZON/Clients_Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126483/"
+"126483","2019-02-15 22:07:05","http://starlineyapi.xyz/AMAZON/Clients_Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126483/"
 "126482","2019-02-15 22:07:02","http://mebelni-master.ru/Amazon/EN/Clients/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126482/"
-"126481","2019-02-15 22:06:59","http://lazell.pl/wp-includes/Amazon/Transaction_details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126481/"
+"126481","2019-02-15 22:06:59","http://lazell.pl/wp-includes/Amazon/Transaction_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126481/"
 "126480","2019-02-15 22:06:56","http://kgr.kirov.spb.ru/Amazon/En/Transactions-details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126480/"
-"126479","2019-02-15 22:06:53","http://firstcryptobank.io/Amazon/En/Clients/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126479/"
+"126479","2019-02-15 22:06:53","http://firstcryptobank.io/Amazon/En/Clients/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126479/"
 "126478","2019-02-15 22:06:48","http://enviedepices.fr/AMAZON/Clients/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126478/"
 "126477","2019-02-15 22:06:43","http://buralistesdugard.fr/Amazon/Transactions-details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126477/"
 "126476","2019-02-15 22:06:38","http://bestcleaningcolombia.com/Amazon/Clients_transactions/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126476/"
@@ -4639,25 +6080,25 @@
 "126444","2019-02-15 20:42:07","http://nmce2015.nichost.ru/Amazon/En/Clients_Messages/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126444/"
 "126443","2019-02-15 20:42:06","http://asansor.parsnet.space/Amazon/EN/Clients/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126443/"
 "126442","2019-02-15 20:42:03","http://35.190.186.53/Amazon/En/Payments_details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126442/"
-"126441","2019-02-15 20:42:02","http://cech.gdansk.pl/llc/Inv/51545223150/KyNd-8Z8SW_qri-JS/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126441/"
-"126440","2019-02-15 20:39:02","http://theengineersguild.com/info/Invoice_Notice/aqJr-KGB_A-JoI/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126440/"
+"126441","2019-02-15 20:42:02","http://cech.gdansk.pl/llc/Inv/51545223150/KyNd-8Z8SW_qri-JS/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126441/"
+"126440","2019-02-15 20:39:02","http://theengineersguild.com/info/Invoice_Notice/aqJr-KGB_A-JoI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126440/"
 "126439","2019-02-15 20:36:21","http://13.126.61.11/qpA8kpDj8_rp/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126439/"
 "126438","2019-02-15 20:36:19","http://138.197.72.9/5jEtWZHLS/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126438/"
 "126437","2019-02-15 20:36:18","http://195.88.208.202/GkR3jnNg/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126437/"
 "126436","2019-02-15 20:36:17","http://markkellylive.com.au/nzB1yr7bR8Jf_VXGMg/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126436/"
 "126435","2019-02-15 20:36:11","http://tellusvillas.com/l2BOnRc5q_pGXL6RE/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126435/"
-"126434","2019-02-15 20:34:08","http://cech.gdansk.pl//llc/Inv/51545223150/KyNd-8Z8SW_qri-JS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126434/"
+"126434","2019-02-15 20:34:08","http://cech.gdansk.pl//llc/Inv/51545223150/KyNd-8Z8SW_qri-JS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126434/"
 "126433","2019-02-15 20:33:09","https://protect-us.mimecast.com/s/357TC5yx0ZfRY4quOzKwy?domain=54.234.174.153/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/126433/"
-"126432","2019-02-15 20:33:07","http://pattani.mcu.ac.th/wp-content/uploads/US/xerox/New_invoice/yOkVu-OX_qQVzLsP-QjW/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126432/"
+"126432","2019-02-15 20:33:07","http://pattani.mcu.ac.th/wp-content/uploads/US/xerox/New_invoice/yOkVu-OX_qQVzLsP-QjW/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126432/"
 "126431","2019-02-15 20:31:10","https://doc-00-9o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/0p72cr7rffke4bottccuatc0jv9qkjhb/1550253600000/09100922564250845248/*/1HgSWyA3-erKtySCSJj0mJLoAWV6LpUo3","offline","malware_download","exe","https://urlhaus.abuse.ch/url/126431/"
 "126430","2019-02-15 20:29:06","http://193.77.216.20/US_us/scan/Invoice_number/eaFz-bA1hG_IrMD-5it/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126430/"
-"126429","2019-02-15 20:25:09","http://alexlema.com/css/a1/Mail_Access_Logs.doc","online","malware_download","doc,Loader,rat,remcos,stage1","https://urlhaus.abuse.ch/url/126429/"
+"126429","2019-02-15 20:25:09","http://alexlema.com/css/a1/Mail_Access_Logs.doc","offline","malware_download","doc,Loader,rat,remcos,stage1","https://urlhaus.abuse.ch/url/126429/"
 "126428","2019-02-15 20:25:06","http://159.65.65.213/US_us/llc/Inv/OsvtZ-fja_VeDfqRvsn-9mK/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126428/"
 "126427","2019-02-15 20:23:30","http://mincoindia.com/wp-content/PcHeal.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126427/"
 "126426","2019-02-15 20:23:11","http://sadaemujahid.com/a1/die.exe","offline","malware_download","exe,Loader,payload,trojan","https://urlhaus.abuse.ch/url/126426/"
 "126425","2019-02-15 20:23:10","http://sadaemujahid.com/a1/lord.exe","offline","malware_download","exe,Loader,payload,trojan","https://urlhaus.abuse.ch/url/126425/"
 "126424","2019-02-15 20:23:05","http://useraccount.co/assets/pqs/logo.jpg","online","malware_download","exe,Loader,payload,trojan","https://urlhaus.abuse.ch/url/126424/"
-"126423","2019-02-15 20:20:05","http://traktor.parsnet.space/En/YZUYI-dlk_CfhKdCOSl-i6C/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126423/"
+"126423","2019-02-15 20:20:05","http://traktor.parsnet.space/En/YZUYI-dlk_CfhKdCOSl-i6C/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126423/"
 "126422","2019-02-15 20:16:10","http://snopsd.duckdns.org:7101/mt810000019034.jar?_sm_au_%3diVVsR0FwMDnjWRqP","online","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/126422/"
 "126421","2019-02-15 20:15:31","http://207.154.223.104/sycTwoHI4/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126421/"
 "126420","2019-02-15 20:15:29","http://128.199.172.4/J1EuGgi0sx/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126420/"
@@ -4673,8 +6114,8 @@
 "126410","2019-02-15 20:01:04","http://185.244.25.153:80/bins/DEMON.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/126410/"
 "126409","2019-02-15 20:01:03","http://185.244.25.153:80/bins/DEMON.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/126409/"
 "126408","2019-02-15 20:01:02","http://185.244.25.153:80/bins/DEMON.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/126408/"
-"126407","2019-02-15 20:00:01","http://3.112.13.31/Amazon/En/Clients_Messages/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126407/"
-"126406","2019-02-15 19:59:59","http://mohinhgohandmadedtoys.com/Amazon/EN/Transactions/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126406/"
+"126407","2019-02-15 20:00:01","http://3.112.13.31/Amazon/En/Clients_Messages/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126407/"
+"126406","2019-02-15 19:59:59","http://mohinhgohandmadedtoys.com/Amazon/EN/Transactions/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126406/"
 "126405","2019-02-15 19:59:56","http://my.jiwa-nala.org/css/Amazon/En/Messages/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126405/"
 "126404","2019-02-15 19:59:54","http://mulmart.ru/Amazon/EN/Documents/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126404/"
 "126403","2019-02-15 19:59:53","http://hoatuoithienhuong.com/Amazon/En/Transaction_details/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126403/"
@@ -4685,7 +6126,7 @@
 "126398","2019-02-15 19:59:45","http://nicosong.com/RF/corporation/Receipt_Notice/295565133969/TxInO-SmV_UEMi-A4g/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/126398/"
 "126397","2019-02-15 19:59:15","http://greeksoft.gr/sec.myacc.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126397/"
 "126396","2019-02-15 19:59:07","http://portlandelectric.co/AMAZON/Clients_information/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126396/"
-"126395","2019-02-15 19:57:03","http://otosude.com/wp-admin/llc/Invoice/NGAX-HfmVz_XjJYU-LN/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126395/"
+"126395","2019-02-15 19:57:03","http://otosude.com/wp-admin/llc/Invoice/NGAX-HfmVz_XjJYU-LN/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126395/"
 "126394","2019-02-15 19:53:05","http://online01-capitalhelp24.da-ar.ru/En/doc/Invoice_Notice/mGJcc-uY_ZmaFH-ZL6/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126394/"
 "126393","2019-02-15 19:49:05","http://port-vostochny.ru/company/Invoice/5839993372131/fNDH-UTv7_SMvffHRVw-0bl/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126393/"
 "126392","2019-02-15 19:48:05","http://185.244.25.153:80/bins/DEMON.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/126392/"
@@ -4701,7 +6142,7 @@
 "126382","2019-02-15 19:36:05","http://89.46.223.247:80/OwO/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/126382/"
 "126381","2019-02-15 19:36:04","http://185.244.25.153:80/bins/DEMON.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/126381/"
 "126380","2019-02-15 19:36:03","http://68.235.84.140:37653/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/126380/"
-"126379","2019-02-15 19:32:33","http://megl.ca/llc/Invoice_Notice/VZYa-iN3oZ_MmWHxgsT-C7A/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126379/"
+"126379","2019-02-15 19:32:33","http://megl.ca/llc/Invoice_Notice/VZYa-iN3oZ_MmWHxgsT-C7A/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126379/"
 "126378","2019-02-15 19:32:31","http://mikrotik.com.pe/gestion/inc/fpdf/germany/P1qUar90.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126378/"
 "126377","2019-02-15 19:32:22","http://manhattanluxuryrealestatelistings.com/En/Inv/IZWK-kTt_JLvmH-HT/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126377/"
 "126376","2019-02-15 19:32:16","http://laoliehuo.oss-cn-hangzhou.aliyuncs.com/updlq/K-20170721-3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126376/"
@@ -4710,34 +6151,34 @@
 "126373","2019-02-15 19:29:49","http://secscan.oss-cn-hangzhou.aliyuncs.com/file.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126373/"
 "126372","2019-02-15 19:28:58","http://taoge.oss-cn-hangzhou.aliyuncs.com/%E5%87%A4%E5%87%B0%E5%A4%96%E4%BC%A0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/126372/"
 "126371","2019-02-15 19:28:42","http://kimberly5esthetique.com/xerox/Invoice_Notice/aboxP-ru_UVSOu-9Q/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126371/"
-"126370","2019-02-15 19:28:32","http://kinhbacchemical.com/En_us/xerox/650849278697591/DjXN-vK_PAiJzKk-f1z/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126370/"
+"126370","2019-02-15 19:28:32","http://kinhbacchemical.com/En_us/xerox/650849278697591/DjXN-vK_PAiJzKk-f1z/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126370/"
 "126369","2019-02-15 19:28:24","http://www.prowidor.com/corporation/Inv/KPDJg-tK_lRzuQw-KCt","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/126369/"
 "126368","2019-02-15 19:28:16","http://realtytraining.org/test_theatre/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/126368/"
 "126367","2019-02-15 19:27:56","http://jy-property.com/Amazon/Messages/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126367/"
 "126366","2019-02-15 19:27:51","http://istratrans.ru/AMAZON/Payments/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126366/"
-"126365","2019-02-15 19:27:46","http://haunnhyundaibacninh.com/AMAZON/Messages/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126365/"
-"126364","2019-02-15 19:27:42","http://h809171554.nichost.ru/Amazon/Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126364/"
+"126365","2019-02-15 19:27:46","http://haunnhyundaibacninh.com/AMAZON/Messages/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126365/"
+"126364","2019-02-15 19:27:42","http://h809171554.nichost.ru/Amazon/Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126364/"
 "126363","2019-02-15 19:27:39","http://focus-group.spb.ru/Amazon/Details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126363/"
-"126362","2019-02-15 19:27:36","http://csvina.vn/wp-snapshots/Amazon/En/Orders-details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126362/"
+"126362","2019-02-15 19:27:36","http://csvina.vn/wp-snapshots/Amazon/En/Orders-details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126362/"
 "126361","2019-02-15 19:27:33","http://charms.com.co/Amazon/EN/Orders_details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126361/"
-"126360","2019-02-15 19:27:30","http://cash-lovers.com/Amazon/En/Attachments/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126360/"
+"126360","2019-02-15 19:27:30","http://cash-lovers.com/Amazon/En/Attachments/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126360/"
 "126359","2019-02-15 19:26:59","http://big.5072610.ru/Amazon/En/Details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126359/"
 "126358","2019-02-15 19:26:54","http://arvendanismanlik.com/Amazon/EN/Transaction_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126358/"
 "126357","2019-02-15 19:26:46","http://arieloutdoors.in/Amazon/En/Transaction_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126357/"
-"126356","2019-02-15 19:26:39","http://54.202.85.204/Amazon/EN/Information/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126356/"
+"126356","2019-02-15 19:26:39","http://54.202.85.204/Amazon/EN/Information/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126356/"
 "126355","2019-02-15 19:26:30","http://52.63.71.120/Amazon/En/Clients/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126355/"
 "126354","2019-02-15 19:26:22","http://52.63.119.3/Amazon/En/Clients/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126354/"
 "126353","2019-02-15 19:26:15","http://52.205.176.136/Amazon/EN/Details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126353/"
-"126352","2019-02-15 19:26:10","http://52.202.101.89/Amazon/En/Orders-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126352/"
-"126351","2019-02-15 19:25:39","http://52.196.225.91/wordpress/Amazon/EN/Details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126351/"
+"126352","2019-02-15 19:26:10","http://52.202.101.89/Amazon/En/Orders-details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126352/"
+"126351","2019-02-15 19:25:39","http://52.196.225.91/wordpress/Amazon/EN/Details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126351/"
 "126350","2019-02-15 19:25:34","http://188.192.104.226/wordpress/Amazon/EN/Transactions-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126350/"
 "126349","2019-02-15 19:25:30","http://188.131.164.117/Amazon/Attachments/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126349/"
 "126348","2019-02-15 19:25:25","http://159.65.142.218/wp-admin/Amazon/Attachments/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126348/"
-"126347","2019-02-15 19:25:20","http://13.126.61.22/Amazon/En/Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126347/"
+"126347","2019-02-15 19:25:20","http://13.126.61.22/Amazon/En/Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126347/"
 "126346","2019-02-15 19:25:14","http://115.66.127.67/Amazon/EN/Transactions/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126346/"
 "126345","2019-02-15 19:25:07","http://104.155.134.95/Amazon/En/Clients/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126345/"
 "126344","2019-02-15 19:24:59","http://joerath.ca/US_us/scan/Inv/379791966093282/ozeH-2byJM_hd-yP/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126344/"
-"126343","2019-02-15 19:24:46","http://190.164.186.104/EN_en/New_invoice/kaGto-SKA_DSIJvMBnm-DfE/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126343/"
+"126343","2019-02-15 19:24:46","http://190.164.186.104/EN_en/New_invoice/kaGto-SKA_DSIJvMBnm-DfE/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126343/"
 "126342","2019-02-15 19:24:38","http://demo.hoatuoinhuy.vn/US/scan/CfeF-Q5gO_rtdLh-U5/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126342/"
 "126341","2019-02-15 19:24:28","http://demo.supegift.com/En_us/Invoice_Notice/mUcf-v6U_Antg-bbJ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126341/"
 "126340","2019-02-15 19:24:13","http://sun-proxy.oss-cn-hangzhou.aliyuncs.com/download/pc/sundaili1.2.45.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126340/"
@@ -4755,7 +6196,7 @@
 "126328","2019-02-15 19:18:53","https://www.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126328/"
 "126327","2019-02-15 19:18:49","https://www.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126327/"
 "126326","2019-02-15 19:18:45","https://www.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126326/"
-"126325","2019-02-15 19:18:42","https://www.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126325/"
+"126325","2019-02-15 19:18:42","https://www.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126325/"
 "126324","2019-02-15 19:18:36","https://www.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126324/"
 "126323","2019-02-15 19:18:31","https://www.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126323/"
 "126322","2019-02-15 19:18:27","https://www.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126322/"
@@ -4784,7 +6225,7 @@
 "126299","2019-02-15 19:16:37","http://www.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126299/"
 "126298","2019-02-15 19:16:36","http://www.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126298/"
 "126297","2019-02-15 19:16:35","http://www.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126297/"
-"126296","2019-02-15 19:16:33","http://www.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126296/"
+"126296","2019-02-15 19:16:33","http://www.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126296/"
 "126295","2019-02-15 19:16:32","http://www.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126295/"
 "126294","2019-02-15 19:16:24","http://www.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126294/"
 "126293","2019-02-15 19:16:23","http://www.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126293/"
@@ -4814,7 +6255,7 @@
 "126269","2019-02-15 19:15:27","https://ta107s3.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126269/"
 "126268","2019-02-15 19:15:25","https://ta107s3.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126268/"
 "126267","2019-02-15 19:15:22","https://ta107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126267/"
-"126266","2019-02-15 19:15:20","https://ta107s3.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126266/"
+"126266","2019-02-15 19:15:20","https://ta107s3.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126266/"
 "126265","2019-02-15 19:15:17","https://ta107s3.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126265/"
 "126264","2019-02-15 19:15:14","https://ta107s3.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126264/"
 "126263","2019-02-15 19:15:11","https://ta107s3.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126263/"
@@ -4848,7 +6289,7 @@
 "126235","2019-02-15 19:13:36","http://ta107s3.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126235/"
 "126234","2019-02-15 19:13:35","http://ta107s3.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126234/"
 "126233","2019-02-15 19:13:34","http://ta107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126233/"
-"126232","2019-02-15 19:13:33","http://ta107s3.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126232/"
+"126232","2019-02-15 19:13:33","http://ta107s3.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126232/"
 "126231","2019-02-15 19:13:32","http://ta107s3.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126231/"
 "126230","2019-02-15 19:13:31","http://ta107s3.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126230/"
 "126229","2019-02-15 19:13:30","http://ta107s3.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126229/"
@@ -4882,7 +6323,7 @@
 "126201","2019-02-15 19:12:30","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126201/"
 "126200","2019-02-15 19:12:28","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126200/"
 "126199","2019-02-15 19:12:25","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126199/"
-"126198","2019-02-15 19:12:22","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126198/"
+"126198","2019-02-15 19:12:22","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126198/"
 "126197","2019-02-15 19:12:19","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126197/"
 "126196","2019-02-15 19:12:17","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126196/"
 "126195","2019-02-15 19:12:15","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126195/"
@@ -4916,7 +6357,7 @@
 "126167","2019-02-15 19:11:16","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126167/"
 "126165","2019-02-15 19:11:14","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126165/"
 "126166","2019-02-15 19:11:14","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126166/"
-"126164","2019-02-15 19:11:13","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126164/"
+"126164","2019-02-15 19:11:13","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126164/"
 "126163","2019-02-15 19:11:12","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126163/"
 "126162","2019-02-15 19:11:11","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126162/"
 "126161","2019-02-15 19:11:10","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126161/"
@@ -4949,7 +6390,7 @@
 "126134","2019-02-15 19:10:06","https://com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126134/"
 "126133","2019-02-15 19:10:04","https://com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126133/"
 "126132","2019-02-15 19:10:00","https://com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126132/"
-"126131","2019-02-15 19:09:58","https://com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126131/"
+"126131","2019-02-15 19:09:58","https://com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126131/"
 "126130","2019-02-15 19:09:55","https://com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126130/"
 "126129","2019-02-15 19:09:53","https://com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126129/"
 "126128","2019-02-15 19:09:50","https://com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126128/"
@@ -4983,7 +6424,7 @@
 "126100","2019-02-15 19:08:52","http://com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126100/"
 "126099","2019-02-15 19:08:51","http://com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126099/"
 "126098","2019-02-15 19:08:50","http://com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126098/"
-"126097","2019-02-15 19:08:49","http://com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126097/"
+"126097","2019-02-15 19:08:49","http://com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126097/"
 "126096","2019-02-15 19:08:48","http://com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126096/"
 "126095","2019-02-15 19:08:47","http://com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126095/"
 "126094","2019-02-15 19:08:46","http://com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126094/"
@@ -5016,7 +6457,7 @@
 "126067","2019-02-15 19:07:55","https://iprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126067/"
 "126066","2019-02-15 19:07:53","https://iprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126066/"
 "126065","2019-02-15 19:07:50","https://iprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126065/"
-"126064","2019-02-15 19:07:48","https://iprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126064/"
+"126064","2019-02-15 19:07:48","https://iprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126064/"
 "126063","2019-02-15 19:07:46","https://iprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126063/"
 "126062","2019-02-15 19:07:44","https://iprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126062/"
 "126061","2019-02-15 19:07:41","https://iprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126061/"
@@ -5050,7 +6491,7 @@
 "126033","2019-02-15 19:06:42","http://iprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126033/"
 "126032","2019-02-15 19:06:40","http://iprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126032/"
 "126031","2019-02-15 19:06:39","http://iprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126031/"
-"126030","2019-02-15 19:06:38","http://iprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126030/"
+"126030","2019-02-15 19:06:38","http://iprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126030/"
 "126029","2019-02-15 19:06:37","http://iprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126029/"
 "126028","2019-02-15 19:06:35","http://iprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126028/"
 "126027","2019-02-15 19:06:34","http://iprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126027/"
@@ -5083,7 +6524,7 @@
 "126000","2019-02-15 19:05:39","https://jsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126000/"
 "125999","2019-02-15 19:05:36","https://jsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125999/"
 "125998","2019-02-15 19:05:33","https://jsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125998/"
-"125997","2019-02-15 19:05:31","https://jsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125997/"
+"125997","2019-02-15 19:05:31","https://jsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125997/"
 "125996","2019-02-15 19:05:29","https://jsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125996/"
 "125995","2019-02-15 19:05:26","https://jsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125995/"
 "125994","2019-02-15 19:05:23","https://jsrwaco.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125994/"
@@ -5117,7 +6558,7 @@
 "125966","2019-02-15 19:02:44","http://jsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125966/"
 "125965","2019-02-15 19:02:25","http://jsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125965/"
 "125964","2019-02-15 19:02:14","http://jsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125964/"
-"125963","2019-02-15 19:02:07","http://jsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125963/"
+"125963","2019-02-15 19:02:07","http://jsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125963/"
 "125962","2019-02-15 19:02:01","http://jsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125962/"
 "125961","2019-02-15 19:01:55","http://jsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125961/"
 "125960","2019-02-15 19:01:49","http://jsrwaco.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125960/"
@@ -5151,7 +6592,7 @@
 "125932","2019-02-15 18:59:06","https://resonance-pub.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125932/"
 "125931","2019-02-15 18:59:02","https://resonance-pub.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125931/"
 "125930","2019-02-15 18:58:58","https://resonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125930/"
-"125929","2019-02-15 18:58:54","https://resonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125929/"
+"125929","2019-02-15 18:58:54","https://resonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125929/"
 "125928","2019-02-15 18:58:51","https://resonance-pub.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125928/"
 "125927","2019-02-15 18:58:48","https://resonance-pub.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125927/"
 "125926","2019-02-15 18:58:45","https://resonance-pub.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125926/"
@@ -5185,7 +6626,7 @@
 "125898","2019-02-15 18:55:44","http://resonance-pub.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125898/"
 "125897","2019-02-15 18:55:33","http://resonance-pub.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125897/"
 "125896","2019-02-15 18:55:29","http://resonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125896/"
-"125895","2019-02-15 18:55:17","http://resonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125895/"
+"125895","2019-02-15 18:55:17","http://resonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125895/"
 "125894","2019-02-15 18:55:10","http://resonance-pub.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125894/"
 "125893","2019-02-15 18:55:04","http://resonance-pub.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125893/"
 "125892","2019-02-15 18:54:56","http://resonance-pub.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125892/"
@@ -5218,7 +6659,7 @@
 "125865","2019-02-15 18:52:16","https://qianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125865/"
 "125864","2019-02-15 18:52:13","https://qianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125864/"
 "125863","2019-02-15 18:52:10","https://qianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125863/"
-"125862","2019-02-15 18:52:07","https://qianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125862/"
+"125862","2019-02-15 18:52:07","https://qianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125862/"
 "125861","2019-02-15 18:52:05","https://qianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125861/"
 "125860","2019-02-15 18:52:02","https://qianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125860/"
 "125859","2019-02-15 18:51:59","https://qianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125859/"
@@ -5252,7 +6693,7 @@
 "125831","2019-02-15 18:51:00","http://qianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125831/"
 "125830","2019-02-15 18:50:58","http://qianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125830/"
 "125829","2019-02-15 18:50:57","http://qianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125829/"
-"125828","2019-02-15 18:50:56","http://qianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125828/"
+"125828","2019-02-15 18:50:56","http://qianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125828/"
 "125827","2019-02-15 18:50:55","http://qianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125827/"
 "125826","2019-02-15 18:50:54","http://qianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125826/"
 "125825","2019-02-15 18:50:53","http://qianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125825/"
@@ -5285,7 +6726,7 @@
 "125798","2019-02-15 18:49:52","https://computewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125798/"
 "125797","2019-02-15 18:49:49","https://computewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125797/"
 "125796","2019-02-15 18:49:46","https://computewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125796/"
-"125795","2019-02-15 18:49:43","https://computewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125795/"
+"125795","2019-02-15 18:49:43","https://computewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125795/"
 "125794","2019-02-15 18:49:41","https://computewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125794/"
 "125793","2019-02-15 18:49:38","https://computewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125793/"
 "125792","2019-02-15 18:49:36","https://computewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125792/"
@@ -5319,7 +6760,7 @@
 "125764","2019-02-15 18:48:38","http://computewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125764/"
 "125763","2019-02-15 18:48:37","http://computewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125763/"
 "125762","2019-02-15 18:48:36","http://computewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125762/"
-"125761","2019-02-15 18:48:35","http://computewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125761/"
+"125761","2019-02-15 18:48:35","http://computewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125761/"
 "125760","2019-02-15 18:48:34","http://computewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125760/"
 "125759","2019-02-15 18:48:33","http://computewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125759/"
 "125758","2019-02-15 18:48:32","http://computewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125758/"
@@ -5352,7 +6793,7 @@
 "125731","2019-02-15 18:47:41","https://doverenewables.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125731/"
 "125730","2019-02-15 18:47:39","https://doverenewables.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125730/"
 "125729","2019-02-15 18:47:36","https://doverenewables.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125729/"
-"125728","2019-02-15 18:47:34","https://doverenewables.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125728/"
+"125728","2019-02-15 18:47:34","https://doverenewables.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125728/"
 "125727","2019-02-15 18:47:31","https://doverenewables.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125727/"
 "125726","2019-02-15 18:47:29","https://doverenewables.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125726/"
 "125725","2019-02-15 18:47:27","https://doverenewables.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125725/"
@@ -5386,7 +6827,7 @@
 "125697","2019-02-15 18:46:29","http://doverenewables.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125697/"
 "125696","2019-02-15 18:46:27","http://doverenewables.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125696/"
 "125695","2019-02-15 18:46:26","http://doverenewables.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125695/"
-"125694","2019-02-15 18:46:25","http://doverenewables.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125694/"
+"125694","2019-02-15 18:46:25","http://doverenewables.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125694/"
 "125693","2019-02-15 18:46:24","http://doverenewables.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125693/"
 "125692","2019-02-15 18:46:23","http://doverenewables.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125692/"
 "125691","2019-02-15 18:46:22","http://doverenewables.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125691/"
@@ -5402,7 +6843,7 @@
 "125681","2019-02-15 18:46:07","http://doverenewables.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125681/"
 "125680","2019-02-15 18:46:06","http://doverenewables.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125680/"
 "125679","2019-02-15 18:46:05","http://doverenewables.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125679/"
-"125678","2019-02-15 18:46:03","http://211.238.147.196/@eaDir/info/hvKcX-ByyHe_lmc-ER1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125678/"
+"125678","2019-02-15 18:46:03","http://211.238.147.196/@eaDir/info/hvKcX-ByyHe_lmc-ER1/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125678/"
 "125677","2019-02-15 18:45:19","http://doverenewables.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125677/"
 "125676","2019-02-15 18:45:17","http://doverenewables.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125676/"
 "125675","2019-02-15 18:45:16","http://doverenewables.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125675/"
@@ -5420,7 +6861,7 @@
 "125663","2019-02-15 18:44:43","https://mirtv.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125663/"
 "125662","2019-02-15 18:44:40","https://mirtv.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125662/"
 "125661","2019-02-15 18:44:37","https://mirtv.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125661/"
-"125660","2019-02-15 18:44:35","https://mirtv.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125660/"
+"125660","2019-02-15 18:44:35","https://mirtv.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125660/"
 "125659","2019-02-15 18:44:32","https://mirtv.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125659/"
 "125658","2019-02-15 18:44:29","https://mirtv.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125658/"
 "125657","2019-02-15 18:44:27","https://mirtv.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125657/"
@@ -5454,7 +6895,7 @@
 "125629","2019-02-15 18:43:29","http://mirtv.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125629/"
 "125628","2019-02-15 18:43:28","http://mirtv.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125628/"
 "125627","2019-02-15 18:43:27","http://mirtv.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125627/"
-"125626","2019-02-15 18:43:26","http://mirtv.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125626/"
+"125626","2019-02-15 18:43:26","http://mirtv.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125626/"
 "125625","2019-02-15 18:43:25","http://mirtv.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125625/"
 "125624","2019-02-15 18:43:24","http://mirtv.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125624/"
 "125623","2019-02-15 18:43:23","http://mirtv.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125623/"
@@ -5487,7 +6928,7 @@
 "125596","2019-02-15 18:42:33","https://smart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125596/"
 "125595","2019-02-15 18:42:30","https://smart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125595/"
 "125594","2019-02-15 18:42:27","https://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125594/"
-"125593","2019-02-15 18:42:25","https://smart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125593/"
+"125593","2019-02-15 18:42:25","https://smart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125593/"
 "125592","2019-02-15 18:42:23","https://smart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125592/"
 "125591","2019-02-15 18:42:20","https://smart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125591/"
 "125590","2019-02-15 18:42:18","https://smart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125590/"
@@ -5522,7 +6963,7 @@
 "125561","2019-02-15 18:41:20","http://smart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125561/"
 "125560","2019-02-15 18:41:19","http://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125560/"
 "125558","2019-02-15 18:41:18","http://smart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125558/"
-"125559","2019-02-15 18:41:18","http://smart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125559/"
+"125559","2019-02-15 18:41:18","http://smart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125559/"
 "125557","2019-02-15 18:41:16","http://smart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125557/"
 "125556","2019-02-15 18:41:15","http://smart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125556/"
 "125555","2019-02-15 18:41:14","http://smart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125555/"
@@ -5554,7 +6995,7 @@
 "125529","2019-02-15 18:40:20","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125529/"
 "125528","2019-02-15 18:40:17","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125528/"
 "125527","2019-02-15 18:40:13","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125527/"
-"125526","2019-02-15 18:40:10","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125526/"
+"125526","2019-02-15 18:40:10","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125526/"
 "125525","2019-02-15 18:40:08","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125525/"
 "125524","2019-02-15 18:40:05","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125524/"
 "125523","2019-02-15 18:40:02","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125523/"
@@ -5587,7 +7028,7 @@
 "125496","2019-02-15 18:37:16","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125496/"
 "125495","2019-02-15 18:37:09","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125495/"
 "125494","2019-02-15 18:36:27","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125494/"
-"125493","2019-02-15 18:36:23","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125493/"
+"125493","2019-02-15 18:36:23","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125493/"
 "125492","2019-02-15 18:36:18","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125492/"
 "125491","2019-02-15 18:36:12","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125491/"
 "125490","2019-02-15 18:36:06","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125490/"
@@ -5607,10 +7048,10 @@
 "125476","2019-02-15 18:34:22","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125476/"
 "125475","2019-02-15 18:34:16","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125475/"
 "125474","2019-02-15 18:34:08","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125474/"
-"125473","2019-02-15 18:33:06","http://chuthapdobg.org.vn/tmp/Invoice/hgjz-zS1_rC-tl3/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125473/"
+"125473","2019-02-15 18:33:06","http://chuthapdobg.org.vn/tmp/Invoice/hgjz-zS1_rC-tl3/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125473/"
 "125472","2019-02-15 18:32:41","http://pujjr-cs.oss-cn-hangzhou.aliyuncs.com/DocData/CUP3143001728570/A102170215124S2/AAAAAA/831505b5-bb9a-4ef8-b098-abc014e67d8a.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/125472/"
 "125471","2019-02-15 18:29:03","http://empressxtensions.com/US_us/5667351314009/JiRt-TN_lBKR-r7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125471/"
-"125470","2019-02-15 18:26:04","http://demo1.parsnet.space/EN_en/document/New_invoice/LWhV-pN_UdPzMLn-Vc/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125470/"
+"125470","2019-02-15 18:26:04","http://demo1.parsnet.space/EN_en/document/New_invoice/LWhV-pN_UdPzMLn-Vc/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125470/"
 "125469","2019-02-15 18:23:47","http://dlqz4.oss-cn-hangzhou.aliyuncs.com/0108.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/125469/"
 "125468","2019-02-15 18:21:04","http://elbizkonut.com/En_us/OhfUR-zRW_ECYHxzMCX-IwK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125468/"
 "125467","2019-02-15 18:17:05","http://dod-tec.ru/EN_en/document/73826160583/VlZUL-qU_eAPqY-tW/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125467/"
@@ -5621,7 +7062,7 @@
 "125462","2019-02-15 18:07:08","https://www.crempco.com/wp-content/themes/online-shop/assets/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/125462/"
 "125461","2019-02-15 18:07:04","http://www.galladoria.de/templates/rt_oculus/html/com_content/archive/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/125461/"
 "125460","2019-02-15 18:07:01","http://www.prowidorcom/corporation/Inv/KPDJg-tK_lRzuQw-KCt/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125460/"
-"125459","2019-02-15 18:05:03","http://base.n24rostov.ru/US/WVWYZ-WjTW_KXk-ni/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125459/"
+"125459","2019-02-15 18:05:03","http://base.n24rostov.ru/US/WVWYZ-WjTW_KXk-ni/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125459/"
 "125458","2019-02-15 18:00:03","http://crypto-strategy.ru/document/Dyofl-L4l_saN-2c/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125458/"
 "125457","2019-02-15 17:56:03","http://venta72.ru/company/Invoice/DYTf-2H_B-jhh/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125457/"
 "125456","2019-02-15 17:52:28","http://www.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125456/"
@@ -5639,9 +7080,9 @@
 "125444","2019-02-15 17:51:12","https://watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125444/"
 "125443","2019-02-15 17:51:08","https://watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125443/"
 "125442","2019-02-15 17:51:05","http://140.227.27.252/wp-content/En_us/company/260678375091/tochY-ZuC_zNJsI-VU/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125442/"
-"125441","2019-02-15 17:47:10","http://104.248.140.207/xerox/Copy_Invoice/QabZ-lS_GduWJiqh-ZS5/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125441/"
+"125441","2019-02-15 17:47:10","http://104.248.140.207/xerox/Copy_Invoice/QabZ-lS_GduWJiqh-ZS5/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125441/"
 "125440","2019-02-15 17:43:07","http://54.250.159.171/US_us/corporation/mlKxT-I19OF_MChYwJVdO-FD/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125440/"
-"125439","2019-02-15 17:39:03","http://54.153.245.124/document/Invoice_number/snqMU-136A_J-50/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125439/"
+"125439","2019-02-15 17:39:03","http://54.153.245.124/document/Invoice_number/snqMU-136A_J-50/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125439/"
 "125438","2019-02-15 17:35:02","http://fenichka.ru/En/download/Invoice_Notice/jjhzf-rIi_PSROCFYf-OB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125438/"
 "125437","2019-02-15 17:31:03","http://78.207.210.11/@eaDir/US_us/doc/blvY-ZLi_vfDtzP-4k/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125437/"
 "125436","2019-02-15 17:28:08","http://www.prowidor.com/corporation/Inv/KPDJg-tK_lRzuQw-KCt/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125436/"
@@ -5685,9 +7126,9 @@
 "125398","2019-02-15 17:15:44","http://watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125398/"
 "125397","2019-02-15 17:15:23","http://watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125397/"
 "125396","2019-02-15 17:15:15","https://watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/125396/"
-"125395","2019-02-15 17:15:10","https://watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125395/"
+"125395","2019-02-15 17:15:10","https://watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/125395/"
 "125394","2019-02-15 17:15:04","https://watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125394/"
-"125393","2019-02-15 17:12:05","http://amatiran.online/scan/Inv/ZRpb-S20J_pneMMM-dq/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125393/"
+"125393","2019-02-15 17:12:05","http://amatiran.online/scan/Inv/ZRpb-S20J_pneMMM-dq/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125393/"
 "125392","2019-02-15 17:09:05","http://catscream.wp.iex.uno/doc/Invoice_number/JTyQ-YhCg_GawolVS-h8r/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125392/"
 "125391","2019-02-15 17:08:06","https://doc-0s-9o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/iaed3jtdciqu252c9ttpgqu708tomija/1550246400000/09100922564250845248/*/1tKpTzIDP8TlJa5FTmUCA-uTxJAJkIELC","offline","malware_download","exe","https://urlhaus.abuse.ch/url/125391/"
 "125390","2019-02-15 17:08:04","http://catscream.wpiex.uno/doc/Invoice_number/JTyQ-YhCg_GawolVS-h8r/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125390/"
@@ -5705,14 +7146,14 @@
 "125378","2019-02-15 17:05:03","http://base2.n24rostov.ru/EN_en/Uieji-eaWK_nxy-bpH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125378/"
 "125377","2019-02-15 17:03:06","https://attgb-my.sharepoint.com/:u:/g/personal/s_bassett_attgb_co_uk/EavkSd9jq9REpq_WnglNek8BbFUtiUv6mMivLqYsrXUNjw?e=QcHqBn&download=1","online","malware_download","AUS,Gozi,zipped-VBS","https://urlhaus.abuse.ch/url/125377/"
 "125376","2019-02-15 17:03:04","https://photographers-my.sharepoint.com/:u:/g/personal/photo_timstubbings_com/EdnZfG7rLlZBiAOM7KnX04ABm9Fvqg0B3mHDfs73kROmUw?e=EIpknx&download=1","online","malware_download","AUS,Gozi,zipped-VBS","https://urlhaus.abuse.ch/url/125376/"
-"125375","2019-02-15 17:02:09","http://54.234.174.153/US_us/Invoice_Notice/734489132/vsQIJ-C52_WlNCNM-9tZ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125375/"
+"125375","2019-02-15 17:02:09","http://54.234.174.153/US_us/Invoice_Notice/734489132/vsQIJ-C52_WlNCNM-9tZ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125375/"
 "125374","2019-02-15 17:02:07","http://varzeshpresscom/EN_en/corporation/Invoice_Notice/bRCS-dwz6m_Z-iE/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125374/"
 "125373","2019-02-15 17:02:07","http://x-soft.tomskru/EN_en/Invoice_Notice/Ujdw-re9LW_xd-qrV/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125373/"
 "125372","2019-02-15 17:02:06","https://worldver.com/scarab/1FAE8C98D2A46830/vab-v2.js","offline","malware_download","cloaked,magecart","https://urlhaus.abuse.ch/url/125372/"
 "125371","2019-02-15 17:02:04","http://91.152.139.27/.../auto/safe_scr_files/MF","online","malware_download","bash","https://urlhaus.abuse.ch/url/125371/"
 "125370","2019-02-15 17:02:03","http://vrrumover0.vrrum0.farted.net/.../auto/safe_scr_files/MF","online","malware_download","bash","https://urlhaus.abuse.ch/url/125370/"
 "125369","2019-02-15 17:01:12","https://23.249.161.100/shell/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125369/"
-"125368","2019-02-15 17:01:09","https://23.249.161.100/jhn/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125368/"
+"125368","2019-02-15 17:01:09","https://23.249.161.100/jhn/vbc.exe","online","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/125368/"
 "125367","2019-02-15 17:01:06","https://23.249.161.100/jhn/tony.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125367/"
 "125366","2019-02-15 17:01:03","https://23.249.161.100/sure/vc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125366/"
 "125365","2019-02-15 17:00:59","https://23.249.161.100/sure/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125365/"
@@ -5750,18 +7191,18 @@
 "125333","2019-02-15 16:54:21","http://kupiklopik.ru/AMAZON/Transaction_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125333/"
 "125332","2019-02-15 16:54:16","http://insideljpc.com/AMAZON/Information/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125332/"
 "125331","2019-02-15 16:54:10","http://cicekciilhan.com/Amazon/EN/Transactions/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125331/"
-"125330","2019-02-15 16:54:02","http://54.167.192.134/Amazon/Details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125330/"
+"125330","2019-02-15 16:54:02","http://54.167.192.134/Amazon/Details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125330/"
 "125329","2019-02-15 16:53:58","http://35.204.88.6/Amazon/Clients_information/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125329/"
-"125328","2019-02-15 16:53:54","http://35.202.250.4/AMAZON/Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125328/"
+"125328","2019-02-15 16:53:54","http://35.202.250.4/AMAZON/Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125328/"
 "125327","2019-02-15 16:53:48","http://35.176.197.139/Amazon/EN/Attachments/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125327/"
 "125326","2019-02-15 16:53:41","http://204.48.21.209/AMAZON/Clients_Messages/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125326/"
 "125325","2019-02-15 16:53:37","http://18.223.20.43/Amazon/Payments_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125325/"
-"125324","2019-02-15 16:53:07","http://178.128.54.239/Amazon/Transactions-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125324/"
+"125324","2019-02-15 16:53:07","http://178.128.54.239/Amazon/Transactions-details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125324/"
 "125323","2019-02-15 16:53:04","http://104.223.40.40/Amazon/En/Orders_details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125323/"
 "125322","2019-02-15 16:51:12","https://doc-0k-9o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/uasf9f8eeu5b3k8eia359q1o9jp8u2d7/1550246400000/09100922564250845248/*/1vGaIisUsuzVmypZogXvyyOqpiSYq2y5P","offline","malware_download","exe","https://urlhaus.abuse.ch/url/125322/"
 "125321","2019-02-15 16:51:03","http://cityofpossibilities.org/US_us/doc/Invoice_Notice/LPNXf-eZ_iB-Bc/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125321/"
 "125320","2019-02-15 16:46:03","http://varzeshpress.com/EN_en/corporation/Invoice_Notice/bRCS-dwz6m_Z-iE/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125320/"
-"125319","2019-02-15 16:42:02","http://54.38.35.144/US/doc/Inv/GnOu-KAf_TSUry-RvD/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125319/"
+"125319","2019-02-15 16:42:02","http://54.38.35.144/US/doc/Inv/GnOu-KAf_TSUry-RvD/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125319/"
 "125318","2019-02-15 16:38:03","http://ipnat.ru/US_us/company/oeia-SCsQ5_N-5cr/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125318/"
 "125317","2019-02-15 16:37:05","http://light.light1234565.5gbfree.com/dj.exe","online","malware_download","avemaria,exe,keylogger,payload,stage2,stealer","https://urlhaus.abuse.ch/url/125317/"
 "125316","2019-02-15 16:33:04","http://51.77.192.138/En/file/Invoice_number/923223948040/NwCO-MiEZa_WvFVTc-jia/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125316/"
@@ -5779,7 +7220,7 @@
 "125304","2019-02-15 16:06:02","http://34.242.190.144/En/info/New_invoice/MJsM-ePI_g-pQS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125304/"
 "125303","2019-02-15 16:01:03","http://18.221.1.168/corporation/Invoice_number/19580066705/gzOGt-HXwZr_JkfdtFW-QN8/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125303/"
 "125302","2019-02-15 15:59:31","http://18.217.211.183/wordpress/Amazon/Documents/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125302/"
-"125301","2019-02-15 15:59:30","http://13.112.69.225/wp-content/Amazon/En/Clients_Messages/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125301/"
+"125301","2019-02-15 15:59:30","http://13.112.69.225/wp-content/Amazon/En/Clients_Messages/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125301/"
 "125300","2019-02-15 15:59:27","http://18.218.56.72/wp-content/AMAZON/Clients/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125300/"
 "125299","2019-02-15 15:59:26","http://104.198.73.104/Amazon/En/Transactions/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125299/"
 "125298","2019-02-15 15:59:25","http://128.199.187.124/Amazon/En/Documents/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125298/"
@@ -5812,19 +7253,19 @@
 "125271","2019-02-15 14:51:56","http://wordpress-219768-716732.cloudwaysapps.com/AMAZON/Transactions/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125271/"
 "125270","2019-02-15 14:51:53","http://ucanbisiklet.com/Amazon/Payments_details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125270/"
 "125269","2019-02-15 14:51:49","http://test.aimakinvest.kz/Amazon/Orders-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125269/"
-"125268","2019-02-15 14:51:43","http://stardenteurope.com/Amazon/EN/Payments_details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125268/"
+"125268","2019-02-15 14:51:43","http://stardenteurope.com/Amazon/EN/Payments_details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125268/"
 "125267","2019-02-15 14:51:39","http://shirtsforpatriots.com/Amazon/EN/Payments/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125267/"
-"125266","2019-02-15 14:51:31","http://opcbgpharma.com/themes/Amazon/En/Details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125266/"
+"125266","2019-02-15 14:51:31","http://opcbgpharma.com/themes/Amazon/En/Details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125266/"
 "125265","2019-02-15 14:51:26","http://media-standard.ru/Amazon/Documents/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125265/"
 "125264","2019-02-15 14:51:16","http://heatherdawn.com/Amazon/Information/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125264/"
 "125263","2019-02-15 14:51:09","http://hardwareportugal.com/Amazon/En/Details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125263/"
 "125262","2019-02-15 14:51:03","http://132.145.153.89/Amazon/En/Attachments/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125262/"
 "125261","2019-02-15 14:48:16","http://2647403-1.web-hosting.es/blMc65Xgegv_YFDyjpRH/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125261/"
-"125260","2019-02-15 14:48:15","http://nosomosgenios.com/cCZThGY1_wVKtkj23V/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125260/"
+"125260","2019-02-15 14:48:15","http://nosomosgenios.com/cCZThGY1_wVKtkj23V/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125260/"
 "125259","2019-02-15 14:48:14","http://aucklandluxuryrealestatelistings.com/pHXewgm3qzll_3L/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125259/"
 "125258","2019-02-15 14:48:09","http://cvlancer.com/CWvd8iMnLfj9C/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125258/"
 "125257","2019-02-15 14:48:03","http://ishqekamil.com/ciY34zeKn3d/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125257/"
-"125256","2019-02-15 14:44:24","http://13.233.183.227/EN_en/file/AJLoK-sa91z_Mfbpo-BCp/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125256/"
+"125256","2019-02-15 14:44:24","http://13.233.183.227/EN_en/file/AJLoK-sa91z_Mfbpo-BCp/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125256/"
 "125255","2019-02-15 14:44:02","http://helmaccountsco.uk/document/Copy_Invoice/chhjN-g8_W-kNO/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125255/"
 "125254","2019-02-15 14:42:07","http://helmaccounts.co.uk/document/Copy_Invoice/chhjN-g8_W-kNO/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125254/"
 "125253","2019-02-15 14:42:05","http://35.200.161.87/DE/MTCRKMWEE5142395/DE_de/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125253/"
@@ -5837,7 +7278,7 @@
 "125246","2019-02-15 14:37:15","http://property.arkof5.com/Amazon/Documents/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125246/"
 "125245","2019-02-15 14:37:12","http://aminshiri.com/AMAZON/Transactions/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125245/"
 "125244","2019-02-15 14:37:11","http://truenorthtimber.com/Amazon/En/Clients_Messages/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125244/"
-"125243","2019-02-15 14:37:09","http://xn--777-9cdpxv4b3g4a.xn--p1ai/Amazon/Information/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125243/"
+"125243","2019-02-15 14:37:09","http://xn--777-9cdpxv4b3g4a.xn--p1ai/Amazon/Information/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125243/"
 "125242","2019-02-15 14:37:08","http://tinpanalley.com/Amazon/En/Transaction_details/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125242/"
 "125241","2019-02-15 14:37:05","http://n24rk.ru/Amazon/Messages/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125241/"
 "125240","2019-02-15 14:29:06","http://www.3forfree.org/wp-content/themes/twentyseventeen/assets/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/125240/"
@@ -5850,7 +7291,7 @@
 "125233","2019-02-15 13:59:06","http://wiki.ugix.ru/US_us/Invoice_Notice/jnRX-jj_FaayjRy-xY2/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125233/"
 "125232","2019-02-15 13:55:06","http://sukien.aloduhoc.com/En_us/document/zNUN-vtLco_ELfsnAV-cg/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125232/"
 "125231","2019-02-15 13:50:06","http://test.38abc.ru/En/Invoice/052494575759824/NbVv-we_izUt-B3z/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125231/"
-"125230","2019-02-15 13:46:07","http://tesonisitma.com/En_us/Copy_Invoice/4802432474/cNSaF-Y6W_sxqIx-7g/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125230/"
+"125230","2019-02-15 13:46:07","http://tesonisitma.com/En_us/Copy_Invoice/4802432474/cNSaF-Y6W_sxqIx-7g/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125230/"
 "125229","2019-02-15 13:44:05","https://www.carnetatamexico.com.mx/bin.exe","online","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/125229/"
 "125228","2019-02-15 13:43:02","http://politicot.com/En_us/scan/Inv/53552012776285/uVRfy-faEM_ocsud-mzt/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125228/"
 "125227","2019-02-15 13:40:05","http://www.clermontmasons.org/wp-content/backwpup-c60dd-logs/messg.jpg","online","malware_download","exe,Ransomware,Troldesh","https://urlhaus.abuse.ch/url/125227/"
@@ -5863,16 +7304,16 @@
 "125220","2019-02-15 13:35:19","http://efficientlifechurch.org/wp-content/plugins/backupcreator/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125220/"
 "125219","2019-02-15 13:35:06","https://www.dropbox.com/s/0259z5lsjmkiavk/Scan_Doc_%23785784904.ace?dl=1","offline","malware_download","NanoCore,rat","https://urlhaus.abuse.ch/url/125219/"
 "125218","2019-02-15 13:33:06","http://lesclefsdor.sg/scan/IbkD-dSf1_S-bH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125218/"
-"125217","2019-02-15 13:32:33","http://www.taoday.net/wp-content/themes/twentyten/languages/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125217/"
+"125217","2019-02-15 13:32:33","http://www.taoday.net/wp-content/themes/twentyten/languages/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125217/"
 "125216","2019-02-15 13:32:18","http://master-of-bitcoin.net/.well-known/pki-validation/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125216/"
 "125215","2019-02-15 13:31:15","http://mikrotik.com.pe/gestion/inc/fpdf/yellow/h1QEDsxz2.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/125215/"
-"125214","2019-02-15 13:30:16","http://choinkimarkus.pl/wp-content/themes/unicon/framework/admin/ReduxCore/assets/css/color-picker/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125214/"
+"125214","2019-02-15 13:30:16","http://choinkimarkus.pl/wp-content/themes/unicon/framework/admin/ReduxCore/assets/css/color-picker/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125214/"
 "125213","2019-02-15 13:29:16","http://thu-san-world-challenges.org/wp-includes/ID3/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125213/"
 "125212","2019-02-15 13:28:13","http://yojolife.site/cgi-bin/En/llc/dfrFK-RQF3_rT-O5/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/125212/"
 "125211","2019-02-15 13:28:12","http://xn--34-6kc5ajgpzw.xn--p1ai/De_de/LFVOKILEVW1185520/Rech/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125211/"
 "125210","2019-02-15 13:28:10","http://fiat-fullback.ru/De/UOKXXSK1821754/GER/Zahlung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125210/"
 "125209","2019-02-15 13:28:06","http://na-korable.ru/websitemap/VserosBank.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/125209/"
-"125208","2019-02-15 13:27:05","http://gaminggo.website/dbssxdydaf/file/jeMNh-Ra_puh-g0j/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125208/"
+"125208","2019-02-15 13:27:05","http://gaminggo.website/dbssxdydaf/file/jeMNh-Ra_puh-g0j/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125208/"
 "125207","2019-02-15 13:27:01","http://cinemaschoolpro/En/company/Invoice_number/zTWY-bvr9_zwmKjgDNL-HW6/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125207/"
 "125206","2019-02-15 13:26:43","http://na-korable.ru/websitemap/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125206/"
 "125205","2019-02-15 13:26:26","http://na-korable.ru/websitemap/Vseros.Bank.zakaz.docx.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/125205/"
@@ -5884,7 +7325,7 @@
 "125199","2019-02-15 13:26:05","http://178.62.233.192/AMAZON/Clients_transactions/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125199/"
 "125198","2019-02-15 13:26:03","http://na-korable.ru/websitemap/PhilipMorris.zip","offline","malware_download","Ransomware,Shade,Troldesh,zip","https://urlhaus.abuse.ch/url/125198/"
 "125197","2019-02-15 13:24:20","http://www.caringsoul.org/includes/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125197/"
-"125196","2019-02-15 13:24:06","http://etka.com.tr/En/llc/New_invoice/tcEP-BV_RjtvlM-kMw/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125196/"
+"125196","2019-02-15 13:24:06","http://etka.com.tr/En/llc/New_invoice/tcEP-BV_RjtvlM-kMw/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125196/"
 "125195","2019-02-15 13:22:05","http://stellacosmeticos.com/images/M_images/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125195/"
 "125194","2019-02-15 13:21:03","http://www.pashahub.ru/templates/yoo_tweety/css/alert/VserosBank.zip","offline","malware_download","Ransomware,Shade,Troldesh,zip","https://urlhaus.abuse.ch/url/125194/"
 "125193","2019-02-15 13:20:03","http://cinemaschool.pro/En/company/Invoice_number/zTWY-bvr9_zwmKjgDNL-HW6/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125193/"
@@ -5901,7 +7342,7 @@
 "125182","2019-02-15 13:05:04","http://chopman.ru/scan/sezW-Fg_JZxlYfTKH-DNA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125182/"
 "125181","2019-02-15 12:53:06","http://193.187.172.181/test.dat","offline","malware_download","exe","https://urlhaus.abuse.ch/url/125181/"
 "125180","2019-02-15 12:50:16","http://128.199.68.28/QZp55xxC/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125180/"
-"125179","2019-02-15 12:50:15","http://noithatchungcudep.info/47urKpX3/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125179/"
+"125179","2019-02-15 12:50:15","http://noithatchungcudep.info/47urKpX3/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125179/"
 "125178","2019-02-15 12:50:13","http://54.224.240.34/L0PRmepe6/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125178/"
 "125177","2019-02-15 12:50:12","http://54.165.253.1/4mBBNcsGYL/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125177/"
 "125176","2019-02-15 12:50:11","http://81.56.198.200/MrMAFWOk9/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125176/"
@@ -5913,7 +7354,7 @@
 "125170","2019-02-15 12:13:02","http://85.171.136.37/@eaDir/DE/AYKPEIRGX3418789/DE_de/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125170/"
 "125169","2019-02-15 12:10:04","http://206.189.45.178/wp-content/uploads/De/BJBUZMEG0557084/de/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125169/"
 "125168","2019-02-15 12:06:05","http://35.200.161.87/DE/MTCRKMWEE5142395/DE_de/Rechnungsanschrift//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125168/"
-"125167","2019-02-15 12:02:06","http://52.66.236.210/de_DE/AUTMAGM5440478/Rechnungs/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125167/"
+"125167","2019-02-15 12:02:06","http://52.66.236.210/de_DE/AUTMAGM5440478/Rechnungs/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125167/"
 "125166","2019-02-15 12:00:07","http://46.29.166.149:80/bins/daku.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125166/"
 "125165","2019-02-15 12:00:05","http://46.29.166.149:80/bins/daku.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125165/"
 "125164","2019-02-15 12:00:03","http://46.29.166.149:80/bins/daku.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125164/"
@@ -5970,7 +7411,7 @@
 "125113","2019-02-15 11:23:40","http://104.219.235.148/bins/dlr.arm6","offline","malware_download","downloader,elf,mirai","https://urlhaus.abuse.ch/url/125113/"
 "125111","2019-02-15 11:23:39","http://104.219.235.148/bins/dlr.arm","offline","malware_download","downloader,elf,mirai","https://urlhaus.abuse.ch/url/125111/"
 "125112","2019-02-15 11:23:39","http://104.219.235.148/bins/dlr.arm5","offline","malware_download","downloader,elf,mirai","https://urlhaus.abuse.ch/url/125112/"
-"125110","2019-02-15 11:23:38","http://176.32.32.140/De/IXFUDQVPX5493186/Rechnung/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125110/"
+"125110","2019-02-15 11:23:38","http://176.32.32.140/De/IXFUDQVPX5493186/Rechnung/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125110/"
 "125109","2019-02-15 11:20:05","http://46.29.166.149:80/bins/daku.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125109/"
 "125108","2019-02-15 11:20:03","http://91.105.126.31:28395/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/125108/"
 "125107","2019-02-15 11:17:03","http://18.188.113.212/DE_de/UPNEDGNCRR5337942/de/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125107/"
@@ -6005,18 +7446,18 @@
 "125078","2019-02-15 10:58:04","http://adepan.frameweb.ro/de_DE/TWAYPELBT3261721/Rechnungs-Details/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125078/"
 "125077","2019-02-15 10:51:06","http://159.65.83.246/Februar2019/MCJAGEVEJ9676275/Scan/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125077/"
 "125076","2019-02-15 10:49:07","http://lionabrasives.ru/DE/RYKGGACW7337658/DE/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125076/"
-"125075","2019-02-15 10:46:03","http://165.227.26.16/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125075/"
-"125074","2019-02-15 10:44:03","http://165.227.26.16/bins/sora.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125074/"
-"125073","2019-02-15 10:44:02","http://165.227.26.16/bins/sora.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125073/"
-"125072","2019-02-15 10:43:06","http://165.227.26.16/bins/sora.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125072/"
-"125071","2019-02-15 10:43:05","http://165.227.26.16/bins/sora.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125071/"
-"125070","2019-02-15 10:43:04","http://165.227.26.16/bins/sora.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125070/"
+"125075","2019-02-15 10:46:03","http://165.227.26.16/bins/sora.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125075/"
+"125074","2019-02-15 10:44:03","http://165.227.26.16/bins/sora.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125074/"
+"125073","2019-02-15 10:44:02","http://165.227.26.16/bins/sora.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125073/"
+"125072","2019-02-15 10:43:06","http://165.227.26.16/bins/sora.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125072/"
+"125071","2019-02-15 10:43:05","http://165.227.26.16/bins/sora.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125071/"
+"125070","2019-02-15 10:43:04","http://165.227.26.16/bins/sora.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125070/"
 "125069","2019-02-15 10:43:04","http://178.62.213.188/DE/KWDMEALPJ2127558/Rechnungskorrektur/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125069/"
-"125068","2019-02-15 10:43:03","http://165.227.26.16/bins/sora.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125068/"
-"125067","2019-02-15 10:43:02","http://165.227.26.16/bins/sora.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125067/"
-"125066","2019-02-15 10:42:05","http://165.227.26.16/bins/sora.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125066/"
-"125065","2019-02-15 10:42:04","http://165.227.26.16/bins/sora.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125065/"
-"125064","2019-02-15 10:42:03","http://165.227.26.16/bins/sora.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125064/"
+"125068","2019-02-15 10:43:03","http://165.227.26.16/bins/sora.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125068/"
+"125067","2019-02-15 10:43:02","http://165.227.26.16/bins/sora.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125067/"
+"125066","2019-02-15 10:42:05","http://165.227.26.16/bins/sora.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125066/"
+"125065","2019-02-15 10:42:04","http://165.227.26.16/bins/sora.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125065/"
+"125064","2019-02-15 10:42:03","http://165.227.26.16/bins/sora.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125064/"
 "125063","2019-02-15 10:40:03","http://napier.eu/de_DE/AUMYNHSSLP8162109/Dokumente/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125063/"
 "125062","2019-02-15 10:35:04","http://laylalanemusic.com/DE/TIXJZV4153771/GER/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125062/"
 "125058","2019-02-15 10:31:02","http://5.45.74.250/radiance.png","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/125058/"
@@ -6076,7 +7517,7 @@
 "125008","2019-02-15 09:00:12","http://145.239.41.199/dead.mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125008/"
 "125006","2019-02-15 09:00:11","http://145.239.41.199/dead.arm","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125006/"
 "125005","2019-02-15 09:00:11","http://194.147.35.56/Okami.x86","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125005/"
-"125004","2019-02-15 08:59:29","http://194.147.35.56/Okami.i686","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125004/"
+"125004","2019-02-15 08:59:29","http://194.147.35.56/Okami.i686","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125004/"
 "125003","2019-02-15 08:58:12","http://194.147.35.56/Okami.i586","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125003/"
 "125001","2019-02-15 08:56:30","http://grupomedica.equipment/Ftfh7wZ3JuiVUFr/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125001/"
 "125002","2019-02-15 08:56:30","http://hapoo.pet/9vYXJezSnwW3Q/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125002/"
@@ -6097,7 +7538,7 @@
 "124986","2019-02-15 08:51:03","http://145.239.41.199/dead.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124986/"
 "124985","2019-02-15 08:51:02","http://145.239.41.199/dead.arm4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124985/"
 "124984","2019-02-15 08:49:31","http://185.244.25.237/x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124984/"
-"124983","2019-02-15 08:49:27","http://194.147.35.56/Okami.sparc","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124983/"
+"124983","2019-02-15 08:49:27","http://194.147.35.56/Okami.sparc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124983/"
 "124982","2019-02-15 08:49:02","http://194.147.35.56/Okami.okami","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124982/"
 "124981","2019-02-15 08:48:28","http://46.17.41.208/sshd","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124981/"
 "124980","2019-02-15 08:48:27","http://145.239.41.199/dead.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124980/"
@@ -6142,7 +7583,7 @@
 "124941","2019-02-15 08:13:05","http://185.244.25.237/powerpc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124941/"
 "124940","2019-02-15 08:13:02","http://185.244.30.151/Corona.sparc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124940/"
 "124939","2019-02-15 08:11:05","http://46.17.41.208/tftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124939/"
-"124938","2019-02-15 08:10:06","http://194.147.35.56/Okami.m68k","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124938/"
+"124938","2019-02-15 08:10:06","http://194.147.35.56/Okami.m68k","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124938/"
 "124937","2019-02-15 08:10:04","http://145.239.41.199/dead.x32","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124937/"
 "124936","2019-02-15 08:08:04","http://194.147.35.56/Okami.mipsel","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124936/"
 "124935","2019-02-15 08:07:03","http://185.244.25.237/armv5l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124935/"
@@ -6160,7 +7601,7 @@
 "124923","2019-02-15 07:28:19","http://192.155.85.122:80/bins/xbox.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124923/"
 "124922","2019-02-15 07:28:18","http://yokocobra.com/miksSYCmpY/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124922/"
 "124921","2019-02-15 07:28:13","http://192.155.85.122:80/bins/xbox.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124921/"
-"124920","2019-02-15 07:28:12","http://casfetaudsm.org/Cx3yC6Kd/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124920/"
+"124920","2019-02-15 07:28:12","http://casfetaudsm.org/Cx3yC6Kd/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124920/"
 "124919","2019-02-15 07:28:11","http://jntrader.com/QkF34W2k6s/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124919/"
 "124918","2019-02-15 07:28:06","http://limerakitchen.com/DVgsvHWHfS/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124918/"
 "124917","2019-02-15 07:28:03","http://xem.tomtera.com/MbTsjook2n/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124917/"
@@ -6252,7 +7693,7 @@
 "124831","2019-02-15 00:03:25","http://w4snc.com/sec.myacc.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124831/"
 "124830","2019-02-15 00:03:18","http://threemenandamovie.com/trust.accounts.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124830/"
 "124829","2019-02-15 00:03:15","http://tekirmak.com.tr/secure.myacc.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124829/"
-"124828","2019-02-15 00:03:12","http://rohrreinigung-klosterneuburg.at/verif.accs.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124828/"
+"124828","2019-02-15 00:03:12","http://rohrreinigung-klosterneuburg.at/verif.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124828/"
 "124827","2019-02-15 00:03:10","http://pontotocdistrictba.com/secure.accs.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124827/"
 "124826","2019-02-15 00:03:04","http://pinturaartisticas.com/verif.accounts.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124826/"
 "124825","2019-02-15 00:03:01","http://mclplumbing.com/trust.myacc.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124825/"
@@ -6286,7 +7727,7 @@
 "124797","2019-02-14 23:38:02","http://rasteniyam.ru/verif.accs.send.net/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/124797/"
 "124796","2019-02-14 23:36:04","http://admin.staging.buildsmart.io/document/Invoice/iDgb-7xup_ZI-omO/","offline","malware_download","None","https://urlhaus.abuse.ch/url/124796/"
 "124795","2019-02-14 23:32:03","http://churchofgod.team/phpMyAdmin/US_us/Invoice_number/zKVWe-HLC_tdBujH-c6R/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124795/"
-"124794","2019-02-14 23:27:04","http://vcpesaas.com/info/Invoice/pBXt-q6Sq_xS-1B/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124794/"
+"124794","2019-02-14 23:27:04","http://vcpesaas.com/info/Invoice/pBXt-q6Sq_xS-1B/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124794/"
 "124793","2019-02-14 23:25:07","https://carsibazar.com/corporation/Inv/aMTY-oqbx_JdrQ-lzJ/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124793/"
 "124792","2019-02-14 23:25:05","http://tischer.ro/US/document/Invoice/thmRA-M2eu_ct-9s/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124792/"
 "124791","2019-02-14 23:25:03","http://www.ppp-au.com/verif.myaccount.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124791/"
@@ -6294,7 +7735,7 @@
 "124788","2019-02-14 23:24:49","http://forodigitalpyme.es/En/download/iiJNr-RvP_lMcn-8t9/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/124788/"
 "124787","2019-02-14 23:24:49","http://sprinty.com.au/sec.accounts.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124787/"
 "124786","2019-02-14 23:24:42","http://smtfmb.com/sec.accs.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124786/"
-"124785","2019-02-14 23:24:36","http://printingphuket.com/secure.myaccount.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124785/"
+"124785","2019-02-14 23:24:36","http://printingphuket.com/secure.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124785/"
 "124784","2019-02-14 23:24:30","http://carsibazar.com/corporation/Inv/aMTY-oqbx_JdrQ-lzJ/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/124784/"
 "124783","2019-02-14 23:24:30","http://mgxconsultancy.com/secure.myaccount.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124783/"
 "124782","2019-02-14 23:24:24","http://malayalinewsonline.com/sec.accs.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124782/"
@@ -6312,8 +7753,8 @@
 "124770","2019-02-14 23:09:06","http://sttheresealumni.com/EN_en/scan/tZdo-h7_qCbPxfxwo-tn/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124770/"
 "124769","2019-02-14 23:05:07","http://weiweinote.com/US/New_invoice/yiURQ-1c_K-Gop/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124769/"
 "124768","2019-02-14 23:00:02","http://frispa.usm.md/wp-content/uploads/info/New_invoice/DscV-qy_flDuzON-BCr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124768/"
-"124767","2019-02-14 22:51:03","http://cafe.tgeeks.co.tz/corporation/XNcYV-e7_VCCcS-zxX/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124767/"
-"124766","2019-02-14 22:49:05","http://manhtructhanhtin.com/wp-content/themes/flatsome/woocommerce/back-comp/cart/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/124766/"
+"124767","2019-02-14 22:51:03","http://cafe.tgeeks.co.tz/corporation/XNcYV-e7_VCCcS-zxX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124767/"
+"124766","2019-02-14 22:49:05","http://manhtructhanhtin.com/wp-content/themes/flatsome/woocommerce/back-comp/cart/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/124766/"
 "124765","2019-02-14 22:47:03","http://smartre.live/file/Invoice_Notice/NZrd-ATgmb_sHgCDUb-iu/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124765/"
 "124764","2019-02-14 22:43:04","http://dixe.online/En/document/Invoice_number/cJaLC-On_M-yu/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124764/"
 "124763","2019-02-14 22:39:03","http://lienquangiare.vn/US/download/CUQL-eeveX_MDgzJuFAj-r6/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124763/"
@@ -6325,7 +7766,7 @@
 "124757","2019-02-14 22:12:04","http://fenceandgateco.com/document/Invoice_Notice/FFAkh-MoU_GSAmzo-66T/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124757/"
 "124756","2019-02-14 22:08:05","http://shrimalisonimahamandal.com/US/New_invoice/fsCMJ-xXK_VaHjOdXn-AOI/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124756/"
 "124755","2019-02-14 22:04:08","http://www.crownrentals.net/US/doc/Invoice_number/UAIL-mF_Dm-iC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124755/"
-"124754","2019-02-14 22:00:10","http://rupbasanbandung.com/US/xerox/Invoice_number/nitY-LG6_vaiXe-RU0/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124754/"
+"124754","2019-02-14 22:00:10","http://rupbasanbandung.com/US/xerox/Invoice_number/nitY-LG6_vaiXe-RU0/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124754/"
 "124753","2019-02-14 21:56:04","http://www.blueelephantmassage.com.au/En/download/8243513533/ZsScr-fwQ_vfsKCVRz-TUA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124753/"
 "124752","2019-02-14 21:52:03","http://whitefarmhousestudio.com/corporation/Invoice_number/ZZwEc-WU_kbmpt-77/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124752/"
 "124751","2019-02-14 21:48:03","http://kendinyap.club/EN_en/document/Invoice_number/hIBsT-Hmi2_huftCxLC-Fn/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124751/"
@@ -6357,7 +7798,7 @@
 "124725","2019-02-14 21:10:07","http://5.45.74.250/sin.png","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/124725/"
 "124724","2019-02-14 21:10:04","http://46.249.62.199/Sw9JKmXqaSj.exe","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/124724/"
 "124723","2019-02-14 21:09:04","http://legalth.com/En_us/scan/Invoice_Notice/hhwOs-j7_VGrGVwj-Ghz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124723/"
-"124721","2019-02-14 21:05:07","http://www.pattani.mcu.ac.th/wp-content/uploads/US/xerox/New_invoice/yOkVu-OX_qQVzLsP-QjW/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124721/"
+"124721","2019-02-14 21:05:07","http://www.pattani.mcu.ac.th/wp-content/uploads/US/xerox/New_invoice/yOkVu-OX_qQVzLsP-QjW/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124721/"
 "124720","2019-02-14 21:03:57","http://yahyabahadir.com/sec.myacc.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124720/"
 "124719","2019-02-14 21:03:52","http://xn--12cs3ad5a6alt7c1a6cva8byhn4hnno.com/secure.myacc.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124719/"
 "124718","2019-02-14 21:03:50","http://www.youwatches.online/sec.myacc.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124718/"
@@ -6366,7 +7807,7 @@
 "124715","2019-02-14 21:03:35","http://sapidestraining.com/secure.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124715/"
 "124714","2019-02-14 21:03:29","http://research.fph.tu.ac.th/wp-content/uploads/verif.accounts.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124714/"
 "124713","2019-02-14 21:03:22","http://kosheranguilla.com/secure.myaccount.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124713/"
-"124712","2019-02-14 21:03:15","http://kebunrayabaturraden.id/sec.accounts.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124712/"
+"124712","2019-02-14 21:03:15","http://kebunrayabaturraden.id/sec.accounts.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124712/"
 "124711","2019-02-14 21:03:13","http://jobbautomlands.com/trust.myacc.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124711/"
 "124710","2019-02-14 21:03:12","http://iantdbrasil.com.br/secure.accs.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124710/"
 "124709","2019-02-14 21:03:10","http://hvacofportland.com/secure.accounts.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124709/"
@@ -6387,7 +7828,7 @@
 "124694","2019-02-14 20:28:12","http://trandinhtuan.vn/EN_en/download/Inv/DopUi-Wu5Tc_S-ZCn/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124694/"
 "124693","2019-02-14 20:24:09","http://l3financial.com/download/Invoice/awyF-MOx_quji-EZL/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124693/"
 "124692","2019-02-14 20:20:13","http://desbloqueosuniversales.com/EN_en/corporation/Copy_Invoice/BalcZ-858_C-HIO/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124692/"
-"124691","2019-02-14 20:15:02","http://tsogomediakit.co.za/En_us/sVLmw-N5_hQQ-Gj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124691/"
+"124691","2019-02-14 20:15:02","http://tsogomediakit.co.za/En_us/sVLmw-N5_hQQ-Gj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124691/"
 "124690","2019-02-14 20:11:06","http://eosago99.com/US/company/Copy_Invoice/747050964813/okyK-Lk_pcUbpV-MSQ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124690/"
 "124689","2019-02-14 20:06:05","http://kynangdaotao.com/Invoice/GwpQh-2Re_lpTUlKn-mH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124689/"
 "124688","2019-02-14 20:02:08","http://barrycaputo.com/corporation/New_invoice/ReYB-KGBfF_btPUHMDOo-0wj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124688/"
@@ -6400,7 +7841,7 @@
 "124681","2019-02-14 19:55:51","http://svornitologia.org/verif.accs.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124681/"
 "124680","2019-02-14 19:55:49","http://staging.fanthefirecreative.com/mobileforming/public/uploads/secure.accounts.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124680/"
 "124679","2019-02-14 19:55:48","http://namecheaptest.websteach.info/trust.myacc.resourses.biz/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124679/"
-"124678","2019-02-14 19:55:47","http://marasopel.com/trust.myacc.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124678/"
+"124678","2019-02-14 19:55:47","http://marasopel.com/trust.myacc.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124678/"
 "124677","2019-02-14 19:55:46","http://lindseymayfit.com/trust.myaccount.docs.net/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124677/"
 "124676","2019-02-14 19:55:40","http://kpkglobalstaffing.com/verif.accs.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124676/"
 "124675","2019-02-14 19:55:34","http://impulsedu.com/verif.myaccount.docs.com/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124675/"
@@ -6426,7 +7867,7 @@
 "124655","2019-02-14 19:30:11","http://40seg.com/verif.accs.send.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124655/"
 "124654","2019-02-14 19:30:09","http://bayaneabrishami.ir/verif.accs.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124654/"
 "124653","2019-02-14 19:30:07","http://khtc.hcmut.edu.vn/trust.myacc.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124653/"
-"124652","2019-02-14 19:30:04","http://ngkidshop.com/sec.myaccount.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124652/"
+"124652","2019-02-14 19:30:04","http://ngkidshop.com/sec.myaccount.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124652/"
 "124651","2019-02-14 19:30:01","https://lun.otrweb.ru/verif.myaccount.resourses.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124651/"
 "124650","2019-02-14 19:29:59","http://distro.attaqwapreneur.com/secure.accounts.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124650/"
 "124649","2019-02-14 19:29:56","http://esgaming.com.br/wp-content/secure.accounts.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124649/"
@@ -6436,13 +7877,13 @@
 "124645","2019-02-14 19:29:40","http://restosducoeur-bassinminier.fr/trust.accs.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124645/"
 "124644","2019-02-14 19:29:33","http://www.mariaelenabececco.it/sec.myaccount.docs.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124644/"
 "124643","2019-02-14 19:29:27","http://healthcarejobsuae.com/trust.accs.send.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124643/"
-"124642","2019-02-14 19:29:18","http://alabarderomadrid.es/verif.accounts.resourses.biz/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124642/"
+"124642","2019-02-14 19:29:18","http://alabarderomadrid.es/verif.accounts.resourses.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124642/"
 "124641","2019-02-14 19:29:11","http://greenoak.adcoretechnologies.com/verif.myacc.send.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124641/"
 "124640","2019-02-14 19:28:09","http://hipecard.yazdvip.ir/download/Copy_Invoice/QmWC-PgUki_z-Gxh/","online","malware_download","None","https://urlhaus.abuse.ch/url/124640/"
 "124639","2019-02-14 19:25:34","http://tycpyt.com/scan/Invoice_number/sHOih-7KW_iIsUFbg-0T/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124639/"
-"124638","2019-02-14 19:20:10","http://keshtafzoon.com/En_us/Invoice/33015438/BgsqQ-cloCn_PaYSlBcJP-eL/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124638/"
+"124638","2019-02-14 19:20:10","http://keshtafzoon.com/En_us/Invoice/33015438/BgsqQ-cloCn_PaYSlBcJP-eL/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124638/"
 "124637","2019-02-14 19:16:07","http://clients.nashikclick.com/EN_en/doc/New_invoice/rEvuk-5UC_WLYVK-Sy/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124637/"
-"124636","2019-02-14 19:12:04","http://rohrreinigung-wiener-neustadt.at/EN_en/yZgbm-KmG_vgWV-EN/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124636/"
+"124636","2019-02-14 19:12:04","http://rohrreinigung-wiener-neustadt.at/EN_en/yZgbm-KmG_vgWV-EN/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124636/"
 "124635","2019-02-14 19:08:05","http://kuoying.net/wp-admin/info/dhzv-E8HR_pExT-QWV/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124635/"
 "124634","2019-02-14 18:58:04","http://view52.com/En/ThKIO-mF3vn_LgYuedH-53/","offline","malware_download","None","https://urlhaus.abuse.ch/url/124634/"
 "124633","2019-02-14 18:56:03","http://198.98.62.207/ldr.exe","online","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/124633/"
@@ -6450,7 +7891,7 @@
 "124631","2019-02-14 18:50:04","http://vivekanandaeducation-armoor.org/corporation/Invoice_Notice/JhGpZ-bMVh_SpOYPCo-tf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124631/"
 "124630","2019-02-14 18:46:02","http://fortuneinfosys.com/En_us/info/Invoice_Notice/2986743250/lwYN-Y2_MUvIcLZ-Asr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124630/"
 "124629","2019-02-14 18:41:03","http://185.244.25.182/bins/arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124629/"
-"124628","2019-02-14 18:41:02","http://embrava.eu/EN_en/Copy_Invoice/TNXWS-e0tv_Pos-9xo/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124628/"
+"124628","2019-02-14 18:41:02","http://embrava.eu/EN_en/Copy_Invoice/TNXWS-e0tv_Pos-9xo/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124628/"
 "124627","2019-02-14 18:37:01","http://balooteabi.com/US_us/En_us/dxJTg-4x_QfxoqYr-GM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124627/"
 "124626","2019-02-14 18:33:06","http://66.42.58.126/8spc8","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124626/"
 "124625","2019-02-14 18:33:04","http://66.42.58.126/8m68k8","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124625/"
@@ -6476,7 +7917,7 @@
 "124605","2019-02-14 17:46:03","http://msca.net.au/invoie.rar","offline","malware_download","NanoCore,rat","https://urlhaus.abuse.ch/url/124605/"
 "124604","2019-02-14 17:44:09","http://185.244.25.182:80/bins/arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124604/"
 "124603","2019-02-14 17:44:07","http://178.62.227.13:80/x0w2435452/Mx86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124603/"
-"124602","2019-02-14 17:44:06","http://huyushop.com/US/Invoice_Notice/zbNo-LqVx_EF-Q3W/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124602/"
+"124602","2019-02-14 17:44:06","http://huyushop.com/US/Invoice_Notice/zbNo-LqVx_EF-Q3W/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124602/"
 "124601","2019-02-14 17:42:15","http://aslike.org/templates/beez_20/css/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/124601/"
 "124600","2019-02-14 17:40:09","http://bnpartnersweb.com/US_us/New_invoice/lTKbk-Q0_L-VTm/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124600/"
 "124599","2019-02-14 17:39:05","http://www.xhencheng.tk/test2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/124599/"
@@ -6490,7 +7931,7 @@
 "124591","2019-02-14 17:23:09","http://demo.liuzhixiong.top/En/info/022722605742/rKkVS-SppgP_bHPhLheh-FA/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124591/"
 "124590","2019-02-14 17:19:05","http://www.cducarre.fr/US_us/xerox/Invoice/Ugzd-5F_xxzhwl-PVM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124590/"
 "124589","2019-02-14 17:17:05","http://www.storageadda.com/sites/EN_en/Payment-and-address/Order-30260802218","offline","malware_download","doc","https://urlhaus.abuse.ch/url/124589/"
-"124588","2019-02-14 17:15:09","http://hongcheng.org.hk/llc/New_invoice/88982804151066/rMFQN-PSnss_ZUbTCmH-Vz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124588/"
+"124588","2019-02-14 17:15:09","http://hongcheng.org.hk/llc/New_invoice/88982804151066/rMFQN-PSnss_ZUbTCmH-Vz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124588/"
 "124587","2019-02-14 17:10:06","http://matex.biz//En/company/New_invoice/kxTg-XJr_ddPRb-D0x/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124587/"
 "124586","2019-02-14 17:05:03","http://greenoak.in/EN_en/company/Copy_Invoice/gVpn-6h_JlRzKXNK-4Y/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124586/"
 "124585","2019-02-14 17:00:03","http://www.misrecuerdos.cl/En/download/QEBN-LG_Zyoi-9X/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124585/"
@@ -6502,7 +7943,7 @@
 "124579","2019-02-14 16:36:05","http://mostkuafor.com/llc/Copy_Invoice/qRwH-dAK_p-kf/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124579/"
 "124578","2019-02-14 16:32:10","http://rameshsood.com/US/xuTXt-rfjM_iCVbXiL-tQ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124578/"
 "124577","2019-02-14 16:28:07","http://ingramjapan.com/US/corporation/kAuuC-LxnRQ_ev-gg/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124577/"
-"124576","2019-02-14 16:24:12","http://bizresilience.com/En/scan/52135701911/gaPod-S2_JIxaPIWHd-Tt/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124576/"
+"124576","2019-02-14 16:24:12","http://bizresilience.com/En/scan/52135701911/gaPod-S2_JIxaPIWHd-Tt/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124576/"
 "124575","2019-02-14 16:20:07","http://giamcannhanhslimfast.com/En_us/doc/Inv/0609247872/JRKos-pB0_cC-DZN/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124575/"
 "124573","2019-02-14 16:17:11","http://tolstyakitut.ru/download/Invoice_number/SwHZ-lJg4_LURSGwCa-ktd/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124573/"
 "124572","2019-02-14 16:17:09","http://rdproject.kz/corporation/Inv/DdvJn-QG3y_zoxWZjP-iUL/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/124572/"
@@ -6515,7 +7956,7 @@
 "124565","2019-02-14 16:16:05","http://msao.net/verif.accs.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124565/"
 "124564","2019-02-14 16:15:55","http://karkw.org/trust.myacc.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124564/"
 "124563","2019-02-14 16:15:46","http://jmbtrading.com.br/secure.myaccount.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124563/"
-"124562","2019-02-14 16:15:37","http://botmechanic.io/secure.myacc.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124562/"
+"124562","2019-02-14 16:15:37","http://botmechanic.io/secure.myacc.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124562/"
 "124561","2019-02-14 16:15:29","http://atlas133.ir/trust.myaccount.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124561/"
 "124560","2019-02-14 16:15:24","http://agriafrika.co.za/trust.accounts.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124560/"
 "124559","2019-02-14 16:15:17","http://52.59.169.135/trust.accs.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124559/"
@@ -6523,7 +7964,7 @@
 "124557","2019-02-14 16:13:08","http://www.meggalistaconvenios.com.br/EN_en/download/Copy_Invoice/RIxJ-UjB_qRk-10Y/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124557/"
 "124556","2019-02-14 16:09:14","http://chowdownmarketing.com/EN_en/xerox/Inv/VLPX-GccM_itLJudwyF-5GI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124556/"
 "124555","2019-02-14 16:03:07","http://illa-berek.com/US/document/Invoice/QoACx-bj_YrUkJDFh-KP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124555/"
-"124554","2019-02-14 15:58:04","http://anhsangtuthien.com/US/company/RNIkZ-ldYb_hvovAD-Wx/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124554/"
+"124554","2019-02-14 15:58:04","http://anhsangtuthien.com/US/company/RNIkZ-ldYb_hvovAD-Wx/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124554/"
 "124553","2019-02-14 15:51:02","http://54.85.253.114/EN_en/document/Invoice_Notice/xsMVK-BL_ugbhUUWX-zDa/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124553/"
 "124552","2019-02-14 15:48:08","http://psychologyforyou.eu/1HdEdRb/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124552/"
 "124551","2019-02-14 15:48:05","http://uran-spb.ru/qzzXAyC/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124551/"
@@ -6544,10 +7985,10 @@
 "124536","2019-02-14 15:44:29","http://www.elkhebar.net/doc/yFXEY-eP2Y_pYAqjsBgt-xdr/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124536/"
 "124535","2019-02-14 15:44:25","http://tatsu.com.vn/REF/files/Receipt_Notice/bWcPZ-KKobX_MFtSZymx-92/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/124535/"
 "124534","2019-02-14 15:44:23","http://qzltrading.com/receipt/4161793752/SsLte-Wv_ds-DH/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124534/"
-"124533","2019-02-14 15:44:20","http://thinhlv.vn/wp-admin/document/Rcpt/Mwmy-eg_tFuW-iQ/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124533/"
+"124533","2019-02-14 15:44:20","http://thinhlv.vn/wp-admin/document/Rcpt/Mwmy-eg_tFuW-iQ/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124533/"
 "124532","2019-02-14 15:44:15","http://archive.skorstensfejerdata.dk/corporation/IhWq-LH_uJEG-vS/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/124532/"
 "124531","2019-02-14 15:44:14","http://banyuwangi.org/REF/download/Newreceipt/JgGuv-QfZWB_ZmTI-ae/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124531/"
-"124530","2019-02-14 15:44:11","https://precounterbrand.com/UtbBjWRRG/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124530/"
+"124530","2019-02-14 15:44:11","https://precounterbrand.com/UtbBjWRRG/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124530/"
 "124529","2019-02-14 15:44:07","http://www.db4serv.com.br/Receipt_Notice/Mdqny-M4Q_Oa-LtJ/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124529/"
 "124528","2019-02-14 15:44:02","http://tecnificacioimanteniment.com/doc/Newreceipt/oAYd-DZ_fUKPcQ-Hq/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/124528/"
 "124527","2019-02-14 15:40:05","http://mpdpro.sk/En/scan/Inv/WSuZI-WT_FU-mhy/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124527/"
@@ -6589,7 +8030,7 @@
 "124491","2019-02-14 14:48:04","http://xn----etbh1a5a8d.xn--p1ai/EN_en/Invoice/18444564460016/EgoP-4SRBy_jLiXkSeW-0M/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124491/"
 "124490","2019-02-14 14:39:09","http://primofilmes.net/verif.accs.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124490/"
 "124489","2019-02-14 14:39:04","http://porteuropa.eu/En_us/ctrq-ku5Z_UiAcbT-dm/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124489/"
-"124488","2019-02-14 14:34:15","http://rdk.kz/Invoice_number/luMI-EE_HAbJIY-vqV/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124488/"
+"124488","2019-02-14 14:34:15","http://rdk.kz/Invoice_number/luMI-EE_HAbJIY-vqV/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124488/"
 "124487","2019-02-14 14:32:06","https://share.dmca.gripe/nOHSzuHSgQfgLNZI.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/124487/"
 "124486","2019-02-14 14:29:14","http://thammydiemquynh.com/Ref_operation/Receipts/Mutz-sr_HxITwd-rE/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124486/"
 "124485","2019-02-14 14:29:07","http://tych.pe/iDLLJ-fs_pQU-VF/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124485/"
@@ -6610,7 +8051,7 @@
 "124470","2019-02-14 13:37:08","http://rdk.victoria-makeup.kz/DE_de/ZUABQV2745706/Rech/Rechnungszahlung/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124470/"
 "124469","2019-02-14 13:37:03","http://telsandalyesi.com/En/company/Invoice_Notice/Vkfr-TBy_KyNjorB-EB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124469/"
 "124468","2019-02-14 13:36:09","http://zolotoykluch69.ru/Telekom/Rechnungen/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124468/"
-"124467","2019-02-14 13:36:05","http://yolanda.co.ke/Telekom/Rechnungen/01_19/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124467/"
+"124467","2019-02-14 13:36:05","http://yolanda.co.ke/Telekom/Rechnungen/01_19/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124467/"
 "124466","2019-02-14 13:36:01","http://yoguibento.com/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124466/"
 "124465","2019-02-14 13:35:54","http://xn--kazmarslan-zub.com/Refund_Transactions/document/Copy_receipt/vXEE-9AFB_DJZTBYtUW-a5e/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124465/"
 "124464","2019-02-14 13:35:53","http://www.vetcruzverde.es/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124464/"
@@ -6620,7 +8061,7 @@
 "124460","2019-02-14 13:35:29","http://www.mobileonline.hu/soft/REF/corporation/Copy_receipt/588110761090953/mwmL-1ec_mncqV-NSP/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124460/"
 "124459","2019-02-14 13:35:25","http://www.kelaskayu.com/Telekom/Rechnung/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124459/"
 "124458","2019-02-14 13:35:21","http://www.autoskup.wroc.pl/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124458/"
-"124457","2019-02-14 13:35:18","http://watwotunumili.co.ke/files/Receipts/EDfV-u7S_hwvamEa-NT/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124457/"
+"124457","2019-02-14 13:35:18","http://watwotunumili.co.ke/files/Receipts/EDfV-u7S_hwvamEa-NT/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124457/"
 "124456","2019-02-14 13:35:15","http://voip96.ru/Telekom/Rechnungen/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124456/"
 "124455","2019-02-14 13:35:12","http://vencendoodesemprego.com.br/REF/doc/XSep-3W0_FfUeoh-Qh/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124455/"
 "124454","2019-02-14 13:35:07","http://uniquehiramatsu.com.br/Ref_operation/transaction/Receipts/ndvP-tXg_HPsOJsyT-eim/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124454/"
@@ -6630,7 +8071,7 @@
 "124450","2019-02-14 13:34:51","http://sunlightjo.com/company/DQniw-3Q_wEdXIYRUT-i3h/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124450/"
 "124449","2019-02-14 13:34:45","http://srivijaya.ir/scan/receipt/SDjo-K0Qz_TuPB-KX/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124449/"
 "124448","2019-02-14 13:34:39","http://sanat-tarrahan.ir/luMXk-JY7a4_u-Qfb/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124448/"
-"124447","2019-02-14 13:34:36","http://samuelkageche.co.ke/document/Newreceipt/mgdly-N4B_NLDOJIedu-6mI/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124447/"
+"124447","2019-02-14 13:34:36","http://samuelkageche.co.ke/document/Newreceipt/mgdly-N4B_NLDOJIedu-6mI/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124447/"
 "124446","2019-02-14 13:34:33","http://sadragheteh.com/document/Receipt_Notice/pjrOd-Jook_dDALdsWM-t7/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124446/"
 "124445","2019-02-14 13:34:27","http://pvc-vloer-eindhoven.nl/Sec_Refund/xerox/Rcpt/4520624407290/qqOWd-41a8_zRJPulUm-Hw/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124445/"
 "124444","2019-02-14 13:34:22","http://pruebas.sansebastianpalomino.com.co/REF/scan/Newreceipt/bRyJ-HlwZ_l-Mej/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124444/"
@@ -6650,31 +8091,31 @@
 "124430","2019-02-14 13:30:09","http://www.fundacionesperanza.org.es/En_us/file/Wcwqs-Ht_qnY-Ii/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124430/"
 "124429","2019-02-14 13:27:07","http://wineswap.com.au/US_us/aNMn-Nb_A-ire/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124429/"
 "124428","2019-02-14 13:22:02","http://sucreh.fr/corporation/Invoice_number/1123656788047/zrFjJ-U2_Lyrz-p4/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124428/"
-"124427","2019-02-14 13:21:04","http://104.248.187.115:80/bins/Tsunami.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/124427/"
-"124426","2019-02-14 13:21:03","http://104.248.187.115:80/bins/Tsunami.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124426/"
+"124427","2019-02-14 13:21:04","http://104.248.187.115:80/bins/Tsunami.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124427/"
+"124426","2019-02-14 13:21:03","http://104.248.187.115:80/bins/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124426/"
 "124425","2019-02-14 13:21:02","http://104.219.235.147/bins/yakuza.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124425/"
 "124424","2019-02-14 13:19:06","http://104.219.235.147/bins/yakuza.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124424/"
-"124423","2019-02-14 13:19:05","http://104.248.187.115/bins/Tsunami.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124423/"
+"124423","2019-02-14 13:19:05","http://104.248.187.115/bins/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124423/"
 "124422","2019-02-14 13:19:04","http://104.219.235.147/bins/yakuza.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124422/"
-"124421","2019-02-14 13:19:03","http://104.248.187.115:80/bins/Tsunami.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124421/"
+"124421","2019-02-14 13:19:03","http://104.248.187.115:80/bins/Tsunami.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124421/"
 "124420","2019-02-14 13:19:02","http://www.tecnificacioimanteniment.com/company/New_invoice/npAow-dC_DHc-4gP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124420/"
-"124419","2019-02-14 13:18:04","http://104.248.187.115/bins/Tsunami.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124419/"
+"124419","2019-02-14 13:18:04","http://104.248.187.115/bins/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124419/"
 "124418","2019-02-14 13:18:03","http://104.219.235.147/bins/yakuza.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124418/"
-"124417","2019-02-14 13:18:02","http://104.248.187.115/bins/Tsunami.ppc","online","malware_download","elf","https://urlhaus.abuse.ch/url/124417/"
-"124416","2019-02-14 13:17:05","http://104.248.187.115/bins/Tsunami.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124416/"
-"124415","2019-02-14 13:17:04","http://104.248.187.115:80/bins/Tsunami.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124415/"
-"124414","2019-02-14 13:17:03","http://104.248.187.115/bins/Tsunami.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124414/"
-"124413","2019-02-14 13:17:02","http://104.248.187.115:80/bins/Tsunami.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124413/"
+"124417","2019-02-14 13:18:02","http://104.248.187.115/bins/Tsunami.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124417/"
+"124416","2019-02-14 13:17:05","http://104.248.187.115/bins/Tsunami.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124416/"
+"124415","2019-02-14 13:17:04","http://104.248.187.115:80/bins/Tsunami.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124415/"
+"124414","2019-02-14 13:17:03","http://104.248.187.115/bins/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124414/"
+"124413","2019-02-14 13:17:02","http://104.248.187.115:80/bins/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124413/"
 "124412","2019-02-14 13:16:06","http://104.219.235.147/bins/yakuza.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124412/"
-"124411","2019-02-14 13:16:05","http://104.248.187.115/bins/Tsunami.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124411/"
-"124410","2019-02-14 13:16:04","http://104.248.187.115:80/bins/Tsunami.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124410/"
-"124409","2019-02-14 13:16:03","http://104.248.187.115/bins/Tsunami.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124409/"
+"124411","2019-02-14 13:16:05","http://104.248.187.115/bins/Tsunami.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124411/"
+"124410","2019-02-14 13:16:04","http://104.248.187.115:80/bins/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124410/"
+"124409","2019-02-14 13:16:03","http://104.248.187.115/bins/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124409/"
 "124408","2019-02-14 13:13:05","http://chamboncaytrong.marigoldcatba.com/wp-includes/US_us/corporation/Invoice_number/3449472835/YTDp-QR_iEiNJnyTF-fZp/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124408/"
 "124407","2019-02-14 13:10:07","http://www.misionnevado.gob.ve/Sec_Refund/xerox/receipt/Jamd-in_mauMO-bbc/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124407/"
 "124406","2019-02-14 13:08:12","http://104.219.235.147/bins/yakuza.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124406/"
-"124405","2019-02-14 13:08:11","http://104.248.187.115/bins/Tsunami.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/124405/"
-"124404","2019-02-14 13:08:10","http://104.248.187.115:80/bins/Tsunami.ppc","online","malware_download","elf","https://urlhaus.abuse.ch/url/124404/"
-"124403","2019-02-14 13:08:09","http://104.248.187.115:80/bins/Tsunami.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124403/"
+"124405","2019-02-14 13:08:11","http://104.248.187.115/bins/Tsunami.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124405/"
+"124404","2019-02-14 13:08:10","http://104.248.187.115:80/bins/Tsunami.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124404/"
+"124403","2019-02-14 13:08:09","http://104.248.187.115:80/bins/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124403/"
 "124402","2019-02-14 13:08:08","http://www.realestatewaterviews.com/US/download/FXIZj-UWZ_fHqItwIW-ZO/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124402/"
 "124401","2019-02-14 13:07:03","http://104.219.235.147/bins/yakuza.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124401/"
 "124400","2019-02-14 13:03:10","http://www.cateringbangkok.in.th/wp-content/US/scan/Invoice_number/Kuzfu-S4_Trevk-inp/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124400/"
@@ -6688,13 +8129,13 @@
 "124392","2019-02-14 12:50:03","http://videokontent.com.ua/company/5297588/zBAdX-jQWdw_KVLPx-fFS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124392/"
 "124391","2019-02-14 12:49:03","https://cdn.discordapp.com/attachments/537641941920383008/544475550375215124/dodo.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/124391/"
 "124390","2019-02-14 12:46:04","http://www.jagielkyscandy.net/EN_en/file/EVEn-AywR_Sco-1vW/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124390/"
-"124389","2019-02-14 12:44:02","http://104.248.187.115/bins/Tsunami.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124389/"
+"124389","2019-02-14 12:44:02","http://104.248.187.115/bins/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124389/"
 "124388","2019-02-14 12:42:02","http://wingmed.com.tr/download/Invoice/1334904212119/TsaPl-6U_B-eYK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124388/"
 "124387","2019-02-14 12:18:02","http://104.219.235.147/bins/yakuza.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124387/"
 "124386","2019-02-14 12:11:09","http://www.emmawitter.co.uk/document/Receipt_Notice/DcFY-7KB_YQBHE-WM/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124386/"
-"124385","2019-02-14 11:59:10","http://femconsult.ru/US/download/UYyoL-8uuE_RcrgGmUff-li/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/124385/"
+"124385","2019-02-14 11:59:10","http://femconsult.ru/US/download/UYyoL-8uuE_RcrgGmUff-li/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124385/"
 "124384","2019-02-14 11:59:05","http://trandinhtuan.edu.vn/De_de/RDCDPPXTNP5120675/Rechnungs-docs/Hilfestellung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124384/"
-"124383","2019-02-14 11:56:05","http://104.248.187.115:80/bins/Tsunami.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124383/"
+"124383","2019-02-14 11:56:05","http://104.248.187.115:80/bins/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124383/"
 "124382","2019-02-14 11:56:04","http://104.219.235.147:80/bins/yakuza.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124382/"
 "124381","2019-02-14 11:55:06","http://104.219.235.147:80/bins/yakuza.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124381/"
 "124380","2019-02-14 11:55:05","http://104.219.235.147:80/bins/yakuza.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124380/"
@@ -6799,7 +8240,7 @@
 "124280","2019-02-14 09:04:14","http://northmaint.se/wp-content/themes/Divi/psd/messg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/124280/"
 "124279","2019-02-14 09:04:07","http://mod.sibcat.info/messg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/124279/"
 "124278","2019-02-14 09:04:03","http://nexusinfor.com/DE_de/TAKMPFGFQ0046319/GER/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124278/"
-"124277","2019-02-14 09:00:03","http://ortotomsk.ru/De_de/EHDBXWZBJO7581980/GER/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124277/"
+"124277","2019-02-14 09:00:03","http://ortotomsk.ru/De_de/EHDBXWZBJO7581980/GER/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124277/"
 "124276","2019-02-14 08:55:05","http://miamifloridainvestigator.com/DE_de/NCGPKMLQ2278313/Rechnungs/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124276/"
 "124275","2019-02-14 08:47:06","http://herbaty.zzdb.pl/LGROHFYNTT7091608/DE_de/RECHNUNG/","offline","malware_download","None","https://urlhaus.abuse.ch/url/124275/"
 "124274","2019-02-14 08:35:05","http://www.pesei.it/old/ifen.jpg","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/124274/"
@@ -6811,7 +8252,7 @@
 "124268","2019-02-14 08:27:06","http://64.110.27.136/bins/kalon.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124268/"
 "124267","2019-02-14 08:27:05","http://krisen.ca/De/BBFHMZMUX6888264/gescanntes-Dokument/Rechnungszahlung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/124267/"
 "124266","2019-02-14 08:27:02","http://64.110.27.136/bins/kalon.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124266/"
-"124265","2019-02-14 08:22:04","http://185.234.216.239/testhh.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/124265/"
+"124265","2019-02-14 08:22:04","http://185.234.216.239/testhh.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/124265/"
 "124264","2019-02-14 08:15:05","http://ercanendustri.com/US_us/scan/qdZGZ-vI_IW-LTc/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124264/"
 "124263","2019-02-14 08:12:04","http://burodetuin.nl/htdocs/New_invoice/TxiF-Qm_L-dD/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124263/"
 "124262","2019-02-14 08:11:02","http://food-stories.ru/De/ZFIITIVLVF4074664/Rechnung/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124262/"
@@ -6877,7 +8318,7 @@
 "124202","2019-02-14 06:45:32","https://u.teknik.io/MeBDb.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/124202/"
 "124201","2019-02-14 06:44:04","http://46.249.62.199/Sw9GJnSXqSh.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/124201/"
 "124200","2019-02-14 06:43:22","http://46.249.62.199/Tini_x86Crypt.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/124200/"
-"124199","2019-02-14 06:41:33","http://191.184.241.71:47648/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/124199/"
+"124199","2019-02-14 06:41:33","http://191.184.241.71:47648/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/124199/"
 "124198","2019-02-14 06:40:08","http://188.251.199.205:57934/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/124198/"
 "124197","2019-02-14 06:40:05","http://46.29.166.83/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124197/"
 "124196","2019-02-14 06:40:03","http://108.174.198.173/bins/Unbound.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124196/"
@@ -6916,7 +8357,7 @@
 "124163","2019-02-14 06:30:04","http://89.34.26.100/ntpd","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124163/"
 "124162","2019-02-14 06:30:03","http://46.29.166.83/AB4g5/Josho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124162/"
 "124161","2019-02-14 06:30:02","http://46.29.166.83/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124161/"
-"124160","2019-02-14 06:29:02","http://185.234.216.239/armani.jpg","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/124160/"
+"124160","2019-02-14 06:29:02","http://185.234.216.239/armani.jpg","online","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/124160/"
 "124159","2019-02-14 06:25:11","http://fuelsolutions.co.zw/k/NWTR013.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/124159/"
 "124158","2019-02-14 06:25:09","http://fuelsolutions.co.zw/k/NN014.SCR","online","malware_download","NanoCore,scr","https://urlhaus.abuse.ch/url/124158/"
 "124157","2019-02-14 06:25:06","http://fuelsolutions.co.zw/k/DC013.SCR","online","malware_download","scr","https://urlhaus.abuse.ch/url/124157/"
@@ -7000,9 +8441,9 @@
 "124079","2019-02-14 03:59:07","http://dkstudy.com/US_us/Telekom/Transaktion/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/124079/"
 "124078","2019-02-14 03:59:06","https://dkstudy.com/US_us/Telekom/Transaktion/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124078/"
 "124077","2019-02-14 03:44:04","http://92.242.62.156/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124077/"
-"124076","2019-02-14 03:42:11","https://noithatshop.vn/US_us/xerox/Invoice/KsSCN-zUX_yk-T6D/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124076/"
+"124076","2019-02-14 03:42:11","https://noithatshop.vn/US_us/xerox/Invoice/KsSCN-zUX_yk-T6D/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124076/"
 "124075","2019-02-14 03:42:06","http://softsale.ie/scan/tUECA-EFC_AXRVlr-lZM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124075/"
-"124074","2019-02-14 03:42:04","http://52.196.225.91/wordpress/corporation/Copy_Invoice/xveJ-E22p_TURm-pkB/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124074/"
+"124074","2019-02-14 03:42:04","http://52.196.225.91/wordpress/corporation/Copy_Invoice/xveJ-E22p_TURm-pkB/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124074/"
 "124073","2019-02-14 03:41:05","http://18.184.16.5/US_us/llc/New_invoice/iCPK-udcxr_KAYpXyRLg-gU/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124073/"
 "124072","2019-02-14 03:37:06","https://my.mail.de/dl/16396560ccdf7536b3dde030d4b7e0e0/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124072/"
 "124071","2019-02-14 03:37:03","http://salesround.com/verif.accs.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124071/"
@@ -7021,7 +8462,7 @@
 "124058","2019-02-14 02:53:05","http://www.medgen.pl/templates/medgen/html/com_content/article/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/124058/"
 "124057","2019-02-14 02:53:02","http://185.22.154.206/bins/trojan.m68k","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124057/"
 "124056","2019-02-14 02:52:08","http://gettrafficlinks.com/gyuwqdh/DiskScantk.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/124056/"
-"124055","2019-02-14 02:52:05","http://www.clinkupon.com/dewedwad/ebay.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/124055/"
+"124055","2019-02-14 02:52:05","http://www.clinkupon.com/dewedwad/ebay.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/124055/"
 "124054","2019-02-14 02:52:02","http://185.22.154.206/bins/trojan.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124054/"
 "124053","2019-02-14 02:50:07","http://185.22.154.206/bins/trojan.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124053/"
 "124052","2019-02-14 02:50:07","http://materiacomfor.com/sdfergrt/ydsad.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/124052/"
@@ -7056,12 +8497,12 @@
 "124023","2019-02-14 01:16:04","http://77.73.69.58/mipsel","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124023/"
 "124022","2019-02-14 01:16:03","http://77.73.69.58/i586","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124022/"
 "124021","2019-02-14 01:16:02","http://77.73.69.58/armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124021/"
-"124020","2019-02-14 01:15:14","http://139.99.186.18/6.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124020/"
-"124019","2019-02-14 01:15:13","http://139.99.186.18/5.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124019/"
-"124018","2019-02-14 01:15:11","http://139.99.186.18/1.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124018/"
-"124017","2019-02-14 01:15:10","http://139.99.186.18/2.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/124017/"
-"124016","2019-02-14 01:15:08","http://139.99.186.18/3.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124016/"
-"124015","2019-02-14 01:15:07","http://139.99.186.18/4.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124015/"
+"124020","2019-02-14 01:15:14","http://139.99.186.18/6.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124020/"
+"124019","2019-02-14 01:15:13","http://139.99.186.18/5.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124019/"
+"124018","2019-02-14 01:15:11","http://139.99.186.18/1.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124018/"
+"124017","2019-02-14 01:15:10","http://139.99.186.18/2.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/124017/"
+"124016","2019-02-14 01:15:08","http://139.99.186.18/3.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124016/"
+"124015","2019-02-14 01:15:07","http://139.99.186.18/4.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/124015/"
 "124014","2019-02-14 01:14:02","http://77.73.69.58/armv5l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124014/"
 "124013","2019-02-14 01:13:02","http://77.73.69.58/sparc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124013/"
 "124012","2019-02-14 01:12:04","https://nitawezareality.info/98567/payment.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/124012/"
@@ -7081,7 +8522,7 @@
 "123998","2019-02-14 00:45:06","https://u.teknik.io/NGwO0.jpg","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/123998/"
 "123997","2019-02-14 00:41:06","http://navigatorpojizni.ru/company/Invoice/eAeJ-h7qna_py-Vw/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123997/"
 "123996","2019-02-14 00:41:05","http://horse-moskva.ru/En/Invoice/738908009963389/lWnS-H2Cu_Xbeezsrx-mMn/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123996/"
-"123995","2019-02-14 00:41:02","http://clashofclansgems.nl/US_us/30186813/ztaT-1p4J3_W-lat/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123995/"
+"123995","2019-02-14 00:41:02","http://clashofclansgems.nl/US_us/30186813/ztaT-1p4J3_W-lat/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123995/"
 "123994","2019-02-14 00:39:10","http://hvanli.com/verif.accs.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123994/"
 "123993","2019-02-14 00:39:09","http://further.tv/trust.myaccount.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123993/"
 "123992","2019-02-14 00:39:06","http://afshari.yazdvip.ir/sec.myacc.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123992/"
@@ -7099,11 +8540,11 @@
 "123980","2019-02-14 00:11:02","http://116.203.66.92/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123980/"
 "123979","2019-02-14 00:07:05","http://27.64.237.80:56149/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/123979/"
 "123978","2019-02-14 00:07:02","http://116.203.66.92/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123978/"
-"123977","2019-02-14 00:06:03","http://luckeepaulsza.com/hhh/bbd.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123977/"
+"123977","2019-02-14 00:06:03","http://luckeepaulsza.com/hhh/bbd.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123977/"
 "123976","2019-02-14 00:04:11","http://kuhni-vivat.ru/q2ECLyVCmWNeG_z2gp/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/123976/"
 "123975","2019-02-14 00:04:10","http://eyestopper.ru/22h8ErlH8uzqnbb/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/123975/"
 "123974","2019-02-14 00:04:09","http://everybodybags.com/hsBstnnD9s2CpH/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123974/"
-"123973","2019-02-14 00:04:07","http://farmsys.in/N9ttrjKXR7xE/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123973/"
+"123973","2019-02-14 00:04:07","http://farmsys.in/N9ttrjKXR7xE/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123973/"
 "123972","2019-02-14 00:04:05","http://pro-obed.u1296248.cp.regruhosting.ru/l29uxpBrAX/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123972/"
 "123971","2019-02-13 23:59:02","http://seksmag.nl/company/eZYu-2yP_t-EX/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123971/"
 "123970","2019-02-13 23:46:02","https://tischer.ro/US/document/Invoice/thmRA-M2eu_ct-9s/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123970/"
@@ -7111,7 +8552,7 @@
 "123968","2019-02-13 23:45:55","http://xn--90aeb9ae9a.xn--p1ai/xerox/NGWL-eHat_nrqqdaZ-36/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123968/"
 "123967","2019-02-13 23:45:47","http://www.forodigitalpyme.es/En/download/iiJNr-RvP_lMcn-8t9/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123967/"
 "123966","2019-02-13 23:45:43","http://weresolve.ca/doc/Invoice/KmtQq-Vs8yN_VmpHLQ-KJP/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123966/"
-"123965","2019-02-13 23:45:36","http://saleswork.nl/9883973888669/sKfw-JJWCx_zdAVRkDnn-xq/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123965/"
+"123965","2019-02-13 23:45:36","http://saleswork.nl/9883973888669/sKfw-JJWCx_zdAVRkDnn-xq/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123965/"
 "123964","2019-02-13 23:45:31","http://play2.revosales.ru/US_us/doc/Inv/sAUCY-xrh_yxm-m7q/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123964/"
 "123963","2019-02-13 23:45:30","http://noithatshop.vn/US_us/xerox/Invoice/KsSCN-zUX_yk-T6D/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123963/"
 "123962","2019-02-13 23:45:29","http://mingroups.vn/En/document/vqimK-93_ujgxHBl-2T/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123962/"
@@ -7122,7 +8563,7 @@
 "123957","2019-02-13 23:45:05","http://54.164.84.17/En_us/info/Copy_Invoice/632505435818/TCSp-Zj2_ND-gp/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123957/"
 "123956","2019-02-13 23:44:41","http://13.251.184.56/PeOI-pSLj_AlnHhVk-QDI/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123956/"
 "123955","2019-02-13 23:44:11","http://viticomvietnam.com/trust.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123955/"
-"123954","2019-02-13 23:44:07","http://shlifovka.by/secure.myacc.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123954/"
+"123954","2019-02-13 23:44:07","http://shlifovka.by/secure.myacc.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123954/"
 "123953","2019-02-13 23:44:05","http://nightonline.ru/images/trust.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123953/"
 "123952","2019-02-13 23:44:03","http://masjidsolar.nl/verif.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123952/"
 "123951","2019-02-13 23:43:20","http://lanco-flower.ir/secure.myacc.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123951/"
@@ -7212,7 +8653,7 @@
 "123867","2019-02-13 21:03:05","http://khobep.com/I2TSaRa/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123867/"
 "123866","2019-02-13 21:01:09","http://bestcook.hu/trust.myacc.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123866/"
 "123865","2019-02-13 21:01:08","https://protect2.fireeye.com/url?k=f5b74bdbc664847a.f5b76c6f-804cbd36101ba80b&u=http://fgroup.net/sec.accounts.send.net/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/123865/"
-"123864","2019-02-13 21:01:07","http://babaunangdong.com/US/company/NWus-uY_WYDqQzxO-QA5/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123864/"
+"123864","2019-02-13 21:01:07","http://babaunangdong.com/US/company/NWus-uY_WYDqQzxO-QA5/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123864/"
 "123863","2019-02-13 20:58:02","http://185.244.25.98/bins/arm","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123863/"
 "123862","2019-02-13 20:57:02","http://britanniasuperior.uk/NDohX-BhSDg_yMzBa-wh/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123862/"
 "123861","2019-02-13 20:54:03","http://185.22.154.206/bins/trojan.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123861/"
@@ -7222,7 +8663,7 @@
 "123857","2019-02-13 20:50:31","http://marmorems.com.br/secure.accounts.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123857/"
 "123856","2019-02-13 20:50:28","http://mail.sismoonisogoli.ir/sec.myacc.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123856/"
 "123855","2019-02-13 20:50:21","http://lightboxweb.com.br/secure.myaccount.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123855/"
-"123854","2019-02-13 20:50:16","http://lakornhot.com/verif.accs.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123854/"
+"123854","2019-02-13 20:50:16","http://lakornhot.com/verif.accs.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123854/"
 "123853","2019-02-13 20:50:12","http://glfishsuppliesgrimsby.co.uk/trust.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123853/"
 "123852","2019-02-13 20:50:11","http://dverliga.ru/trust.accounts.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123852/"
 "123851","2019-02-13 20:50:09","http://certificadoenergeticourgente.es/verif.accs.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123851/"
@@ -7237,7 +8678,7 @@
 "123842","2019-02-13 20:32:03","http://gmcvietnam.com/US_us/info/613374712/Cpsk-a4Eh_WqszGu-dC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123842/"
 "123841","2019-02-13 20:28:08","http://cashin.ca/US/xerox/LInKO-mf_ybRVceE-wgd/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123841/"
 "123840","2019-02-13 20:24:14","https://interiorswelove.co.uk/Day9HnXqSD.exe","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/123840/"
-"123839","2019-02-13 20:24:08","http://legalserv.in/scan/Invoice_number/PsFOe-ZcW_k-HM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123839/"
+"123839","2019-02-13 20:24:08","http://legalserv.in/scan/Invoice_number/PsFOe-ZcW_k-HM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123839/"
 "123838","2019-02-13 20:19:10","http://xn----dtbicbmcv0cdfeb.xn--p1ai/US_us/file/JZhX-uoAxG_uryptRJ-EIH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123838/"
 "123837","2019-02-13 20:15:12","http://lubraperfis.com.br/En_us/company/New_invoice/NqJst-IOh_BURkbxF-oM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123837/"
 "123836","2019-02-13 20:14:31","http://193.77.216.20/sOHJcxww2XdiSVz_e/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123836/"
@@ -7256,9 +8697,9 @@
 "123823","2019-02-13 20:02:05","http://211.204.165.173:41953/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/123823/"
 "123822","2019-02-13 20:02:02","http://dreams-innovations.com/wp-content/themes/ecommerce-solution/inc/metro.cash.and.carry.zakaz.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/123822/"
 "123820","2019-02-13 19:59:12","http://52.63.119.3/verif.accounts.send.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123820/"
-"123821","2019-02-13 19:59:12","http://54.38.35.144/verif.accounts.docs.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123821/"
-"123819","2019-02-13 19:59:08","http://52.202.101.89/verif.myaccount.docs.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123819/"
-"123818","2019-02-13 19:59:07","http://54.153.245.124/verif.myacc.resourses.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123818/"
+"123821","2019-02-13 19:59:12","http://54.38.35.144/verif.accounts.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123821/"
+"123819","2019-02-13 19:59:08","http://52.202.101.89/verif.myaccount.docs.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123819/"
+"123818","2019-02-13 19:59:07","http://54.153.245.124/verif.myacc.resourses.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123818/"
 "123817","2019-02-13 19:59:02","http://buglabog.xyz/llc/Inv/VJOnW-a8ePB_QzDUmff-rHl/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123817/"
 "123816","2019-02-13 19:55:04","http://liszkaokna.pl/En/info/Invoice_Notice/IyCK-Ot_ELdtn-zqB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123816/"
 "123815","2019-02-13 19:54:05","http://dreams-innovations.com/wp-content/themes/ecommerce-solution/languages/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/123815/"
@@ -7276,7 +8717,7 @@
 "123803","2019-02-13 19:37:22","http://95.177.143.55/Inv/YSgzD-zXdwz_Bi-Wi/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123803/"
 "123802","2019-02-13 19:37:20","http://82.253.156.136/wordpress/En/Copy_Invoice/eIqV-HZWan_frkIOz-fTS/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123802/"
 "123801","2019-02-13 19:37:19","http://54.250.159.171/US/company/Invoice_number/123405918808120/nZdg-6se_PlUK-UQ/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123801/"
-"123800","2019-02-13 19:37:13","http://54.234.174.153/corporation/Invoice_number/IBPk-HDo_PwtXEj-4o/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123800/"
+"123800","2019-02-13 19:37:13","http://54.234.174.153/corporation/Invoice_number/IBPk-HDo_PwtXEj-4o/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123800/"
 "123799","2019-02-13 19:37:12","http://159.65.142.218/wp-admin/file/rlQCK-AEA_TOLYw-ti/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123799/"
 "123798","2019-02-13 19:37:09","http://104.248.140.207/EN_en/download/0234405946/ZDyA-U0FPh_dvfsnUKXu-CG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123798/"
 "123797","2019-02-13 19:37:08","http://104.211.226.28/En/file/SgIS-4TUmZ_cTftxeU-xTR/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123797/"
@@ -7299,7 +8740,7 @@
 "123780","2019-02-13 19:34:23","http://85.115.23.247/wp-content/uploads/secure.myaccount.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123780/"
 "123779","2019-02-13 19:34:20","http://63.34.12.228/secure.myaccount.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123779/"
 "123778","2019-02-13 19:34:17","http://55kotel.ru/sec.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123778/"
-"123777","2019-02-13 19:34:14","http://211.238.147.196/@eaDir/verif.accs.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123777/"
+"123777","2019-02-13 19:34:14","http://211.238.147.196/@eaDir/verif.accs.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123777/"
 "123776","2019-02-13 19:34:10","http://188.192.104.226/wordpress/secure.myacc.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123776/"
 "123775","2019-02-13 19:34:06","http://140.227.27.252/wp-content/verif.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123775/"
 "123774","2019-02-13 19:31:12","http://wcsrh.org/dns-update.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123774/"
@@ -7319,7 +8760,7 @@
 "123760","2019-02-13 18:57:02","http://cifal.pl/EN_en/xerox/Mvglf-Mie_SbwiR-k7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123760/"
 "123759","2019-02-13 18:56:11","http://185.244.25.230/bins/arm7","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123759/"
 "123758","2019-02-13 18:56:10","http://gbconnection.vn/Invoice_number/HXxh-fLJ_tZ-mGT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123758/"
-"123757","2019-02-13 18:56:06","http://3.112.13.31/EN_en/llc/Inv/QbLAG-DMjut_T-Gt/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123757/"
+"123757","2019-02-13 18:56:06","http://3.112.13.31/EN_en/llc/Inv/QbLAG-DMjut_T-Gt/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123757/"
 "123756","2019-02-13 18:56:03","http://155.138.195.197/bins/KowaiB3.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123756/"
 "123755","2019-02-13 18:56:03","http://155.138.195.197/bins/KowaiB3.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123755/"
 "123754","2019-02-13 18:56:02","http://155.138.195.197/bins/KowaiB3.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123754/"
@@ -7356,8 +8797,8 @@
 "123723","2019-02-13 18:46:31","http://204.48.25.36/ankit/arm.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123723/"
 "123722","2019-02-13 18:45:21","http://s92902tb.beget.tech/trust.myaccount.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123722/"
 "123721","2019-02-13 18:45:10","http://are-ooo-ciz-io.uk/REPORT.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/123721/"
-"123720","2019-02-13 18:44:15","http://54.202.85.204/trust.accounts.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123720/"
-"123719","2019-02-13 18:44:06","http://190.164.186.104/xerox/Copy_Invoice/64069841415/isqdt-LqXK_eoS-K8/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123719/"
+"123720","2019-02-13 18:44:15","http://54.202.85.204/trust.accounts.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123720/"
+"123719","2019-02-13 18:44:06","http://190.164.186.104/xerox/Copy_Invoice/64069841415/isqdt-LqXK_eoS-K8/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123719/"
 "123718","2019-02-13 18:40:10","http://jerko.novi-net.net/stimac/US_us/file/Invoice_Notice/gBtQt-TSq_wBfXj-DUk/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123718/"
 "123717","2019-02-13 18:36:06","http://bornkickers.kounterdev.com/wp-content/uploads/US/qKFgO-I3_lqhr-p22/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123717/"
 "123716","2019-02-13 18:32:05","http://denaboresh.betonbor.ir/Invoice_Notice/KgwSj-LOI0_xCJ-ZN/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123716/"
@@ -7417,11 +8858,11 @@
 "123662","2019-02-13 17:14:09","http://customsservices.xyz/aii/bin_outputBD76DAF.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/123662/"
 "123661","2019-02-13 17:13:20","http://13.125.133.209/8v3dAOp/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123661/"
 "123660","2019-02-13 17:13:17","http://52.63.71.120/jP7Bi6vPVK/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123660/"
-"123659","2019-02-13 17:13:13","http://13.126.61.22/Tkjz49D/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123659/"
+"123659","2019-02-13 17:13:13","http://13.126.61.22/Tkjz49D/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123659/"
 "123658","2019-02-13 17:13:07","http://139.59.64.173/hlMSx0fm/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123658/"
 "123657","2019-02-13 17:13:05","http://www.prowidor.com/35hflpam3A/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123657/"
 "123656","2019-02-13 17:13:03","http://klotho.net/wp/wp-admin/css/colors/blue/ashan.russia.zakaz.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/123656/"
-"123655","2019-02-13 17:12:03","http://54.167.192.134/trust.myacc.docs.biz/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123655/"
+"123655","2019-02-13 17:12:03","http://54.167.192.134/trust.myacc.docs.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123655/"
 "123654","2019-02-13 17:11:07","http://lehtoniemi.com/wp-admin/includes/SWIFT_INGBank_rechnung006822.jar","offline","malware_download","Adwind,jar,java","https://urlhaus.abuse.ch/url/123654/"
 "123653","2019-02-13 17:02:37","http://varzeshpress.com/wp-admin/7W2CoXQJAHI_8PXLADey7/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123653/"
 "123652","2019-02-13 17:02:33","http://pro-iherb.ru/IeuJlgdj6_D/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123652/"
@@ -7452,7 +8893,7 @@
 "123627","2019-02-13 16:40:46","http://nonfree.ru/company/Inv/975956727/NKErr-s90_fjVgbaUI-wVO/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123627/"
 "123626","2019-02-13 16:40:45","http://newsfeedkings.palab.info/New_invoice/oeLUK-6II_zjnwqie-x3/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123626/"
 "123625","2019-02-13 16:40:44","http://46.101.52.174/doc/Invoice_Notice/DCjw-HXt2D_G-uT/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123625/"
-"123624","2019-02-13 16:40:43","http://40.69.23.131/US_us/company/New_invoice/PpUcl-3bjaO_X-s42/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123624/"
+"123624","2019-02-13 16:40:43","http://40.69.23.131/US_us/company/New_invoice/PpUcl-3bjaO_X-s42/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123624/"
 "123623","2019-02-13 16:40:42","http://35.232.73.116/scan/898053748436506/ttSQH-TTO_nNouWKfU-fsG/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123623/"
 "123622","2019-02-13 16:40:40","http://35.204.88.6/45103872657/Aiwa-tzPq_Tem-ASt/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123622/"
 "123621","2019-02-13 16:40:39","http://35.176.197.139/US/company/Invoice/Yegah-4UC2R_EqbBA-uK/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123621/"
@@ -7468,7 +8909,7 @@
 "123611","2019-02-13 16:40:20","http://158.69.135.116/EN_en/info/VLavl-5jWa_NN-Yxz/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123611/"
 "123609","2019-02-13 16:40:18","http://13.233.173.191/wp-content/US/llc/MwFSH-aOkOo_WKGErDSh-3pU/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123609/"
 "123610","2019-02-13 16:40:18","http://139.59.182.250/En/llc/Invoice_Notice/26997967767947/xFUlr-Ng4Hq_drWklraru-fK/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123610/"
-"123608","2019-02-13 16:40:16","http://13.112.69.225/wp-content/Copy_Invoice/kiUmW-O7_ambwybOW-6G/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123608/"
+"123608","2019-02-13 16:40:16","http://13.112.69.225/wp-content/Copy_Invoice/kiUmW-O7_ambwybOW-6G/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123608/"
 "123607","2019-02-13 16:40:12","http://128.199.207.179/EN_en/corporation/949706293103860/RNFCL-bK_rDb-RL/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123607/"
 "123606","2019-02-13 16:40:10","http://128.199.187.124/EN_en/Invoice_number/ncuQs-C0hW_uPvdSfApY-zz/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123606/"
 "123605","2019-02-13 16:40:08","http://118.25.176.38/US/download/New_invoice/EMQRa-Mp6_Ik-r8N/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123605/"
@@ -7476,7 +8917,7 @@
 "123603","2019-02-13 16:39:09","http://cityofpossibilities.org/sec.myacc.docs.biz/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/123603/"
 "123602","2019-02-13 16:39:08","http://51.77.192.138/verif.myaccount.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123602/"
 "123601","2019-02-13 16:39:06","http://37.139.27.218/secure.myaccount.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123601/"
-"123600","2019-02-13 16:39:04","http://35.202.250.4/sec.myacc.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123600/"
+"123600","2019-02-13 16:39:04","http://35.202.250.4/sec.myacc.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123600/"
 "123599","2019-02-13 16:39:00","http://34.242.190.144/secure.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123599/"
 "123598","2019-02-13 16:38:56","http://3.92.174.100/sec.myacc.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123598/"
 "123597","2019-02-13 16:38:54","http://23.235.202.43/verif.myacc.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123597/"
@@ -7578,7 +9019,7 @@
 "123500","2019-02-13 14:21:35","http://138.197.72.9/secure.accounts.resourses.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123500/"
 "123501","2019-02-13 14:21:35","http://159.65.83.246/Telekom/Rechnung/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123501/"
 "123499","2019-02-13 14:21:05","http://132.145.153.89/verif.accs.resourses.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123499/"
-"123498","2019-02-13 14:21:02","http://13.233.183.227/verif.myaccount.resourses.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123498/"
+"123498","2019-02-13 14:21:02","http://13.233.183.227/verif.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123498/"
 "123496","2019-02-13 14:07:02","http://khaledlakmes.com/llc/New_invoice/ZtDW-kJ46_Faeed-HyH/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123496/"
 "123497","2019-02-13 14:07:02","http://www.car-partner.ru/Februar2019/MZEALCIHPL7706516/Rechnungs/DOC-Dokument/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123497/"
 "123495","2019-02-13 14:07:01","http://eco-fun.ru/De_de/KPUGOF1777468/Rechnungs-docs/Rechnungszahlung/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123495/"
@@ -7603,7 +9044,7 @@
 "123477","2019-02-13 14:00:03","http://veulalmffyy.company/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=sklimf3.harz","offline","malware_download","exe,geofenced,Gozi,USA","https://urlhaus.abuse.ch/url/123477/"
 "123475","2019-02-13 14:00:02","http://veulalmffyy.company/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=sklimf1.harz","offline","malware_download","exe,geofenced,Gozi,USA","https://urlhaus.abuse.ch/url/123475/"
 "123474","2019-02-13 13:51:03","http://13.233.22.226/EN_en/info/PGTH-QJ_DJfTjdA-2d/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123474/"
-"123473","2019-02-13 13:48:15","http://altuntuval.com/8cfiGmIXk/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123473/"
+"123473","2019-02-13 13:48:15","http://altuntuval.com/8cfiGmIXk/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123473/"
 "123472","2019-02-13 13:48:13","http://vesidailucachau.com/F1zcXKyj/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123472/"
 "123471","2019-02-13 13:48:09","http://mimiabner.com/x7bQDOiSJe/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123471/"
 "123470","2019-02-13 13:48:07","http://barabooseniorhigh.com/FWLR2ZT/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123470/"
@@ -7692,7 +9133,7 @@
 "123387","2019-02-13 11:53:02","http://gemaco.com.ve/css/php/bu.exe","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/123387/"
 "123386","2019-02-13 11:51:12","http://85.171.136.37/@eaDir/US_us/doc/KRtTq-fyMl_lR-4hp/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123386/"
 "123385","2019-02-13 11:51:12","http://aghigh.yazdvip.ir/De/IVCGEFAP6613031/Rechnungs-Details/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123385/"
-"123384","2019-02-13 11:49:03","http://lam.cz/templates/lam/css/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/123384/"
+"123384","2019-02-13 11:49:03","http://lam.cz/templates/lam/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/123384/"
 "123383","2019-02-13 11:47:05","http://bjtechnologies.net/DE_de/GGLPOHEMJH2841406/Rechnungs-Details/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123383/"
 "123382","2019-02-13 11:46:05","http://206.189.45.178/wp-content/uploads/Invoice_Notice/oudp-KzRr3_RQelWff-qDs/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123382/"
 "123381","2019-02-13 11:42:34","http://vsharbakty.kz/En_us/scan/Invoice_number/AePD-W2GjS_wfVVgCL-Vks/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123381/"
@@ -7705,7 +9146,7 @@
 "123374","2019-02-13 11:29:04","http://efdesign.ir/de_DE/KYSJLLCUS3016175/Rechnungs-Details/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123374/"
 "123373","2019-02-13 11:28:03","http://34.80.131.135:80/bins/telnet.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123373/"
 "123372","2019-02-13 11:24:04","http://54.165.253.1/En/download/yuNuR-hf4a_oiVfXYk-YY/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123372/"
-"123371","2019-02-13 11:24:02","http://52.66.236.210/Februar2019/XQLEZND7115793/Rechnungs-Details/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123371/"
+"123371","2019-02-13 11:24:02","http://52.66.236.210/Februar2019/XQLEZND7115793/Rechnungs-Details/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123371/"
 "123370","2019-02-13 11:19:07","http://67.209.114.215/US_us/New_invoice/WurVn-MoQ_KZruyHDR-kp/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123370/"
 "123369","2019-02-13 11:19:06","http://52.89.55.218/wp-content/de_DE/TIJHADTEWZ0988890/DE/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123369/"
 "123368","2019-02-13 11:18:05","http://diputraders.com/okfiles.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123368/"
@@ -7725,7 +9166,7 @@
 "123351","2019-02-13 10:58:10","http://34.242.220.49/scan/Invoice_Notice/kwGY-KT_ApUI-Tl/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123351/"
 "123350","2019-02-13 10:58:05","http://212.47.233.25/wordpress/wp-content/RWACHN5834441/gescanntes-Dokument/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123350/"
 "123349","2019-02-13 10:54:05","http://orionmarketing.ru/En/corporation/Copy_Invoice/WuRwl-HAJ90_xRTt-zpk/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123349/"
-"123348","2019-02-13 10:53:03","http://176.32.32.140/ZZJHJIWWHC4541074/GER/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123348/"
+"123348","2019-02-13 10:53:03","http://176.32.32.140/ZZJHJIWWHC4541074/GER/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123348/"
 "123347","2019-02-13 10:50:02","http://139.59.130.73/KAAECAW0228023/DE/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123347/"
 "123346","2019-02-13 10:49:01","http://aulsystem.com/US_us/scan/Inv/bGyh-QnW_WLBwUcNkh-PZ/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123346/"
 "123345","2019-02-13 10:45:03","http://beta.compspb.ru/De_de/FFIZUMLUCI4809632/Dokumente/DETAILS/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123345/"
@@ -7745,17 +9186,17 @@
 "123330","2019-02-13 10:19:02","http://178.62.213.188/DE_de/POTJCPC8133291/Rech/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123330/"
 "123331","2019-02-13 10:19:02","http://napier.eu/corporation/Inv/toth-7zfm_JUUNfxq-5o3/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123331/"
 "123329","2019-02-13 10:15:04","http://secondmortgagerates.ca/EN_en/company/TURn-PY03_URCgOL-yTN/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123329/"
-"123328","2019-02-13 10:14:06","http://68.183.157.144/bins/air.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123328/"
-"123327","2019-02-13 10:14:05","http://68.183.157.144/bins/air.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123327/"
-"123326","2019-02-13 10:14:04","http://68.183.157.144/bins/air.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123326/"
-"123324","2019-02-13 10:14:03","http://68.183.157.144/bins/air.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123324/"
-"123325","2019-02-13 10:14:03","http://68.183.157.144/bins/air.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123325/"
-"123323","2019-02-13 10:13:06","http://68.183.157.144/bins/air.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123323/"
-"123322","2019-02-13 10:13:05","http://68.183.157.144/bins/air.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123322/"
-"123320","2019-02-13 10:13:04","http://68.183.157.144/bins/air.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123320/"
-"123321","2019-02-13 10:13:04","http://68.183.157.144/bins/air.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123321/"
-"123319","2019-02-13 10:13:03","http://68.183.157.144/bins/air.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123319/"
-"123318","2019-02-13 10:13:02","http://68.183.157.144/bins/air.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123318/"
+"123328","2019-02-13 10:14:06","http://68.183.157.144/bins/air.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123328/"
+"123327","2019-02-13 10:14:05","http://68.183.157.144/bins/air.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123327/"
+"123326","2019-02-13 10:14:04","http://68.183.157.144/bins/air.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123326/"
+"123324","2019-02-13 10:14:03","http://68.183.157.144/bins/air.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123324/"
+"123325","2019-02-13 10:14:03","http://68.183.157.144/bins/air.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123325/"
+"123323","2019-02-13 10:13:06","http://68.183.157.144/bins/air.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123323/"
+"123322","2019-02-13 10:13:05","http://68.183.157.144/bins/air.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123322/"
+"123320","2019-02-13 10:13:04","http://68.183.157.144/bins/air.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123320/"
+"123321","2019-02-13 10:13:04","http://68.183.157.144/bins/air.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123321/"
+"123319","2019-02-13 10:13:03","http://68.183.157.144/bins/air.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123319/"
+"123318","2019-02-13 10:13:02","http://68.183.157.144/bins/air.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123318/"
 "123317","2019-02-13 10:13:01","http://45.63.59.67/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123317/"
 "123316","2019-02-13 10:13:00","http://45.63.59.67/bins/hoho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123316/"
 "123315","2019-02-13 10:12:59","http://45.63.59.67/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123315/"
@@ -7803,20 +9244,20 @@
 "123273","2019-02-13 10:12:13","http://157.230.144.180/bins/apep.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123273/"
 "123272","2019-02-13 10:12:12","http://157.230.144.180/bins/apep.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123272/"
 "123271","2019-02-13 10:12:11","http://157.230.144.180/bins/apep.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123271/"
-"123269","2019-02-13 10:12:09","http://142.11.206.115/bins/sora.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123269/"
-"123270","2019-02-13 10:12:09","http://142.11.206.115/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123270/"
-"123268","2019-02-13 10:12:08","http://142.11.206.115/bins/sora.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123268/"
+"123269","2019-02-13 10:12:09","http://142.11.206.115/bins/sora.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123269/"
+"123270","2019-02-13 10:12:09","http://142.11.206.115/bins/sora.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123270/"
+"123268","2019-02-13 10:12:08","http://142.11.206.115/bins/sora.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123268/"
 "123267","2019-02-13 10:11:23","http://laylalanemusic.com/US/info/Invoice/XEGK-waw4L_rEfiyNp-Rc2/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123267/"
 "123266","2019-02-13 10:11:20","http://navolnejm.ru/de_DE/LOURSABTA7504461/Rechnungs/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123266/"
 "123265","2019-02-13 10:11:17","http://blog.cvsd.k12.pa.us/24820689936/document/Invoice_Notice/xJEM-Gcp_shRcNfl-Uf/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123265/"
-"123264","2019-02-13 10:11:15","http://142.11.206.115/bins/sora.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123264/"
-"123263","2019-02-13 10:11:14","http://142.11.206.115/bins/sora.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123263/"
-"123262","2019-02-13 10:11:13","http://142.11.206.115/bins/sora.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123262/"
-"123261","2019-02-13 10:11:11","http://142.11.206.115/bins/sora.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123261/"
-"123260","2019-02-13 10:11:10","http://142.11.206.115/bins/sora.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123260/"
-"123259","2019-02-13 10:11:08","http://142.11.206.115/bins/sora.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123259/"
-"123258","2019-02-13 10:11:07","http://142.11.206.115/bins/sora.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123258/"
-"123257","2019-02-13 10:11:05","http://142.11.206.115/bins/sora.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123257/"
+"123264","2019-02-13 10:11:15","http://142.11.206.115/bins/sora.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123264/"
+"123263","2019-02-13 10:11:14","http://142.11.206.115/bins/sora.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123263/"
+"123262","2019-02-13 10:11:13","http://142.11.206.115/bins/sora.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123262/"
+"123261","2019-02-13 10:11:11","http://142.11.206.115/bins/sora.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123261/"
+"123260","2019-02-13 10:11:10","http://142.11.206.115/bins/sora.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123260/"
+"123259","2019-02-13 10:11:08","http://142.11.206.115/bins/sora.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123259/"
+"123258","2019-02-13 10:11:07","http://142.11.206.115/bins/sora.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123258/"
+"123257","2019-02-13 10:11:05","http://142.11.206.115/bins/sora.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123257/"
 "123256","2019-02-13 10:07:10","http://kupiklopik.ru/US/info/Invoice/JWRed-sKDK_R-oP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123256/"
 "123255","2019-02-13 10:07:05","http://nosomosgenios.com/De_de/XORHWFB3951892/Rechnung/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123255/"
 "123254","2019-02-13 10:03:15","http://groundswellfilms.org/download/Inv/npGHK-yqo_XD-ue/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123254/"
@@ -7825,8 +9266,8 @@
 "123251","2019-02-13 09:59:04","http://198.98.60.232:80/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123251/"
 "123250","2019-02-13 09:58:14","http://fiat-fullback.ru/EN_en/company/208024765241/bYPag-RSE_IYUE-zw/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123250/"
 "123249","2019-02-13 09:58:07","http://hashtagvietnam.com/RWDSLA9599608/Rechnungs-Details/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123249/"
-"123248","2019-02-13 09:57:14","http://142.11.206.115:80/bins/sora.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123248/"
-"123247","2019-02-13 09:57:10","http://142.11.206.115:80/bins/sora.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123247/"
+"123248","2019-02-13 09:57:14","http://142.11.206.115:80/bins/sora.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123248/"
+"123247","2019-02-13 09:57:10","http://142.11.206.115:80/bins/sora.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123247/"
 "123246","2019-02-13 09:57:06","http://199.38.245.235:80/33bi/mirai.arm7","online","malware_download","elf","https://urlhaus.abuse.ch/url/123246/"
 "123245","2019-02-13 09:56:07","http://198.98.60.232:80/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123245/"
 "123244","2019-02-13 09:56:04","http://198.98.60.232:80/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123244/"
@@ -7837,10 +9278,10 @@
 "123239","2019-02-13 09:54:02","http://198.98.60.232:80/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123239/"
 "123238","2019-02-13 09:53:14","http://azs-service.victoria-makeup.kz/llc/3631933909174/zzeeW-ikQ_HeyX-ob/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123238/"
 "123237","2019-02-13 09:53:06","http://print.abcreative.com/DE/YGVLJI2079121/Rechnungs/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123237/"
-"123236","2019-02-13 09:52:04","http://142.11.206.115:80/bins/sora.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123236/"
+"123236","2019-02-13 09:52:04","http://142.11.206.115:80/bins/sora.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123236/"
 "123235","2019-02-13 09:52:03","http://199.38.245.235:80/33bi/mirai.m68k","online","malware_download","elf","https://urlhaus.abuse.ch/url/123235/"
-"123234","2019-02-13 09:52:02","http://142.11.206.115:80/bins/sora.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123234/"
-"123233","2019-02-13 09:51:03","http://142.11.206.115:80/bins/sora.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123233/"
+"123234","2019-02-13 09:52:02","http://142.11.206.115:80/bins/sora.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123234/"
+"123233","2019-02-13 09:51:03","http://142.11.206.115:80/bins/sora.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123233/"
 "123232","2019-02-13 09:49:04","http://199.38.245.235:80/33bi/mirai.sh4","online","malware_download","elf","https://urlhaus.abuse.ch/url/123232/"
 "123231","2019-02-13 09:49:03","http://satellit-group.ru/US_us/download/Invoice_Notice/nZNM-s4V_rTBCUp-91/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123231/"
 "123230","2019-02-13 09:49:02","http://site-internet-belfort.fr/DE/HBSUQGSTVK9220852/Scan/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123230/"
@@ -7851,10 +9292,10 @@
 "123225","2019-02-13 09:40:03","http://198.98.60.232/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123225/"
 "123224","2019-02-13 09:40:02","http://80.211.92.155/miori.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123224/"
 "123223","2019-02-13 09:40:02","http://car-partner.ru/Februar2019/MZEALCIHPL7706516/Rechnungs/DOC-Dokument/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123223/"
-"123222","2019-02-13 09:39:03","http://142.11.206.115:80/bins/sora.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123222/"
+"123222","2019-02-13 09:39:03","http://142.11.206.115:80/bins/sora.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123222/"
 "123221","2019-02-13 09:39:02","http://198.98.60.232:80/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123221/"
-"123220","2019-02-13 09:37:07","http://142.11.206.115:80/bins/sora.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123220/"
-"123219","2019-02-13 09:37:04","http://142.11.206.115:80/bins/sora.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123219/"
+"123220","2019-02-13 09:37:07","http://142.11.206.115:80/bins/sora.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123220/"
+"123219","2019-02-13 09:37:04","http://142.11.206.115:80/bins/sora.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123219/"
 "123218","2019-02-13 09:36:06","http://199.38.245.235:80/33bi/mirai.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/123218/"
 "123217","2019-02-13 09:36:04","http://198.98.60.232:80/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123217/"
 "123216","2019-02-13 09:36:02","http://btcfansclub.premiumbeautyhair.com/llc/Copy_Invoice/ufMDA-zRdk_OVQtBtbk-Q4K/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123216/"
@@ -7899,9 +9340,9 @@
 "123147","2019-02-13 09:12:03","http://cpextech.com/XoSu0UFgeRod5G/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/123147/"
 "123146","2019-02-13 09:10:04","http://dijitalkalkinma.org/De_de/ISQOBU2986689/Scan/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123146/"
 "123145","2019-02-13 09:08:02","http://www.2jrconcept.com/scan/Invoice_number/odkOb-WNR_zqMTga-OCC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123145/"
-"123144","2019-02-13 09:06:02","http://josjuniour.co.ke/De_de/LOYQYZ9180731/Rechnungs-Details/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123144/"
+"123144","2019-02-13 09:06:02","http://josjuniour.co.ke/De_de/LOYQYZ9180731/Rechnungs-Details/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123144/"
 "123143","2019-02-13 09:04:10","http://cachechief.com/En_us/xerox/Copy_Invoice/XQGSw-KkhD5_rIZrXDxV-fy3/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123143/"
-"123142","2019-02-13 09:02:27","http://parrocchiadellannunziata.it/cache/_system/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123142/"
+"123142","2019-02-13 09:02:27","http://parrocchiadellannunziata.it/cache/_system/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/123142/"
 "123141","2019-02-13 09:02:11","http://nailbar-fecity.ru/DE/EKEKTJWU1887316/GER/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123141/"
 "123140","2019-02-13 09:01:05","http://allens.youcheckit.ca/En_us/Invoice/Lktaj-Hf_HZBPJ-9S/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123140/"
 "123139","2019-02-13 08:58:04","http://kiabongo.ru/de_DE/VQOXIRMIBW5374595/Rechnungs-docs/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123139/"
@@ -7910,7 +9351,7 @@
 "123136","2019-02-13 08:53:03","http://157.230.144.180/bins/apep.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123136/"
 "123135","2019-02-13 08:52:03","http://naturescapescostabrava.com/EN_en/download/bwTc-h2LFm_KLTRHSN-hYK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123135/"
 "123134","2019-02-13 08:50:03","http://deltaviptemizlik.com/Februar2019/XFXBVDSJ2130539/Rechnung/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123134/"
-"123133","2019-02-13 08:49:03","http://142.11.206.115:80/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123133/"
+"123133","2019-02-13 08:49:03","http://142.11.206.115:80/bins/sora.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123133/"
 "123132","2019-02-13 08:48:10","http://80.211.92.155:80/miori.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123132/"
 "123131","2019-02-13 08:48:09","http://183.234.11.91:45262/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/123131/"
 "123130","2019-02-13 08:48:04","http://199.38.245.235:80/33bi/mirai.x86","online","malware_download","elf","https://urlhaus.abuse.ch/url/123130/"
@@ -7974,41 +9415,41 @@
 "123072","2019-02-13 07:11:03","http://157.230.173.29/yakuza.mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123072/"
 "123071","2019-02-13 07:10:06","http://46.29.163.77/razdzn","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123071/"
 "123070","2019-02-13 07:10:05","http://46.29.163.77/lnkfmx","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123070/"
-"123069","2019-02-13 07:10:04","http://185.244.30.150/sparc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123069/"
+"123069","2019-02-13 07:10:04","http://185.244.30.150/sparc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123069/"
 "123068","2019-02-13 07:10:03","http://157.230.173.29/yakuza.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123068/"
 "123067","2019-02-13 07:08:05","http://46.29.163.77/nvitpj","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123067/"
 "123066","2019-02-13 07:08:04","http://46.101.226.29/pftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123066/"
-"123065","2019-02-13 07:08:03","http://185.244.30.150/sh4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123065/"
-"123064","2019-02-13 07:08:02","http://185.244.30.150/x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123064/"
+"123065","2019-02-13 07:08:03","http://185.244.30.150/sh4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123065/"
+"123064","2019-02-13 07:08:02","http://185.244.30.150/x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123064/"
 "123063","2019-02-13 07:07:05","http://157.230.173.29/yakuza.mpsl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123063/"
-"123062","2019-02-13 07:07:03","http://185.244.30.150/mipsel","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123062/"
+"123062","2019-02-13 07:07:03","http://185.244.30.150/mipsel","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123062/"
 "123061","2019-02-13 07:07:02","http://46.101.226.29/ftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123061/"
 "123060","2019-02-13 07:07:02","http://46.29.163.77/atxhua","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123060/"
-"123059","2019-02-13 07:05:12","http://185.244.30.150/armv4l","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123059/"
-"123058","2019-02-13 07:05:11","http://185.244.30.150/mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123058/"
+"123059","2019-02-13 07:05:12","http://185.244.30.150/armv4l","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123059/"
+"123058","2019-02-13 07:05:11","http://185.244.30.150/mips","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123058/"
 "123057","2019-02-13 07:05:03","http://46.101.226.29/ntpd","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123057/"
 "123056","2019-02-13 07:05:03","http://46.29.163.77/qvmxvl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123056/"
 "123055","2019-02-13 07:04:05","http://46.29.163.77/cemtop","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123055/"
 "123054","2019-02-13 07:04:04","http://46.29.163.77/fwdfvf","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123054/"
 "123053","2019-02-13 07:04:03","http://157.230.173.29/yakuza.x32","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123053/"
-"123052","2019-02-13 07:03:05","http://185.244.30.150/armv6l","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123052/"
-"123051","2019-02-13 07:03:04","http://185.244.30.150/armv5l","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123051/"
+"123052","2019-02-13 07:03:05","http://185.244.30.150/armv6l","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123052/"
+"123051","2019-02-13 07:03:04","http://185.244.30.150/armv5l","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123051/"
 "123050","2019-02-13 07:03:03","http://157.230.173.29/yakuza.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123050/"
 "123049","2019-02-13 07:03:02","http://46.101.226.29/tftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123049/"
 "123048","2019-02-13 07:02:07","http://157.230.173.29/yakuza.m68k","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123048/"
 "123047","2019-02-13 07:02:05","http://46.29.163.77/qtmzbn","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123047/"
-"123046","2019-02-13 07:02:04","http://185.244.30.150/i686","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123046/"
-"123045","2019-02-13 07:02:03","http://185.244.30.150/i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123045/"
+"123046","2019-02-13 07:02:04","http://185.244.30.150/i686","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123046/"
+"123045","2019-02-13 07:02:03","http://185.244.30.150/i586","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123045/"
 "123044","2019-02-13 07:00:10","http://157.230.173.29/yakuza.x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123044/"
 "123043","2019-02-13 07:00:05","http://46.29.163.77/ajoomk","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123043/"
 "123041","2019-02-13 07:00:03","http://46.101.226.29/bash","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123041/"
 "123042","2019-02-13 07:00:03","http://46.101.226.29/sshd","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123042/"
 "123040","2019-02-13 06:59:06","http://157.230.173.29/yakuza.ppc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123040/"
-"123038","2019-02-13 06:59:04","http://185.244.30.150/armv7l","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123038/"
+"123038","2019-02-13 06:59:04","http://185.244.30.150/armv7l","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123038/"
 "123039","2019-02-13 06:59:04","http://46.29.163.77/vtyhat","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123039/"
 "123037","2019-02-13 06:59:03","http://157.230.173.29/yakuza.arm4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123037/"
 "123036","2019-02-13 06:57:02","http://46.101.226.29/openssh","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123036/"
-"123035","2019-02-13 06:53:08","http://ec2-13-112-69-225.ap-northeast-1.compute.amazonaws.com/wp-content/verif.myaccount.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123035/"
+"123035","2019-02-13 06:53:08","http://ec2-13-112-69-225.ap-northeast-1.compute.amazonaws.com/wp-content/verif.myaccount.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123035/"
 "123034","2019-02-13 06:53:03","http://shop.kaishclasses.com/SWOQMT0yK/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/123034/"
 "123033","2019-02-13 06:41:12","http://211.73.73.2/Photo.scr","online","malware_download","payload,port21,scanner,scr","https://urlhaus.abuse.ch/url/123033/"
 "123032","2019-02-13 06:36:03","http://bcexsupport.online/crypto.scr","offline","malware_download","dark comet,rat","https://urlhaus.abuse.ch/url/123032/"
@@ -8024,8 +9465,8 @@
 "123022","2019-02-13 06:29:08","http://193.187.172.193/toler.png","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/123022/"
 "123021","2019-02-13 06:29:07","http://193.187.172.193/worming.png","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/123021/"
 "123020","2019-02-13 06:29:05","http://193.187.172.193/table.png","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/123020/"
-"123019","2019-02-13 06:29:04","http://185.244.30.150/m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123019/"
-"123018","2019-02-13 06:29:03","http://185.244.30.150/powerpc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123018/"
+"123019","2019-02-13 06:29:04","http://185.244.30.150/m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123019/"
+"123018","2019-02-13 06:29:03","http://185.244.30.150/powerpc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123018/"
 "123017","2019-02-13 06:29:02","http://46.101.226.29/apache2","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123017/"
 "123016","2019-02-13 06:27:17","http://185.17.123.201/dat3.omg","offline","malware_download","exe,flawedammy,payload,rat","https://urlhaus.abuse.ch/url/123016/"
 "123015","2019-02-13 06:27:09","http://update365office.com/agp","offline","malware_download","exe,flawedammy,payload,rat","https://urlhaus.abuse.ch/url/123015/"
@@ -8132,13 +9573,13 @@
 "122914","2019-02-13 00:34:42","http://marconuenlist.ch/verif.accounts.docs.net/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122914/"
 "122913","2019-02-13 00:34:12","http://estacionclick.com/sec.accounts.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122913/"
 "122912","2019-02-13 00:34:05","http://emu4ios.biz/trust.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122912/"
-"122911","2019-02-13 00:33:12","http://daisychepkemoi.co.ke/verif.accounts.resourses.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122911/"
+"122911","2019-02-13 00:33:12","http://daisychepkemoi.co.ke/verif.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122911/"
 "122910","2019-02-13 00:33:08","http://agilife.pl/sec.myaccount.send.net/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122910/"
 "122909","2019-02-13 00:33:07","https://amarasrilankatours.com/engi/udf1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/122909/"
 "122908","2019-02-13 00:29:08","https://hes32-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2fbrazenfreight.co.za%2fde%5fDE%2fRERPSNQS6194206%2fgescanntes%2dDokument%2fRECHNUNG&umid=0597875c-971d-4dbb-86d5-d91ca85d7e23&auth=d22983323af54717a7788e8f4dad6cbd2e8e39b4-7ee0da30bd8f3627d703b9cbd3a/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/122908/"
 "122907","2019-02-13 00:29:07","http://www.seara.com.br/resources/En/llc/DmRIj-QB8rB_wQmAwnBh-lw/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/122907/"
 "122906","2019-02-13 00:29:03","https://amarasrilankatours.com/engi/nfg.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/122906/"
-"122905","2019-02-13 00:10:17","http://isaboke.co.ke/trust.accounts.docs.biz/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122905/"
+"122905","2019-02-13 00:10:17","http://isaboke.co.ke/trust.accounts.docs.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122905/"
 "122904","2019-02-13 00:10:16","http://coacig.com.br/secure.accounts.resourses.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122904/"
 "122903","2019-02-13 00:10:13","http://quoteshub.in/secure.myacc.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122903/"
 "122902","2019-02-13 00:10:11","http://admrent.com/secure.accounts.send.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122902/"
@@ -8158,7 +9599,7 @@
 "122888","2019-02-12 23:43:06","http://cleaneatologyblog.com/New_invoice/inFy-JO_mUqLLp-Ce/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122888/"
 "122887","2019-02-12 23:38:04","http://luvunoberyl.co.ke/US_us/rnnnL-Uye_ZKGBRhAYB-Kw4/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122887/"
 "122886","2019-02-12 23:33:04","http://jaqlee.co.za/EN_en/scan/kMxT-rX1DC_GUw-ck7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122886/"
-"122885","2019-02-12 23:29:03","http://dorispeter.co.ke/US/download/Invoice_number/VSYB-hdJ_uFqjk-cy/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122885/"
+"122885","2019-02-12 23:29:03","http://dorispeter.co.ke/US/download/Invoice_number/VSYB-hdJ_uFqjk-cy/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122885/"
 "122884","2019-02-12 23:24:54","https://bkkbubblebar.com/trust.accounts.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122884/"
 "122883","2019-02-12 23:24:51","http://irnanoshop.com/sec.myaccount.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122883/"
 "122882","2019-02-12 23:24:49","http://www.drberrinkarakuy.com/secure.myaccount.resourses.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122882/"
@@ -8184,7 +9625,7 @@
 "122862","2019-02-12 23:24:05","http://speckrot.pl/archiwum/trust.accs.resourses.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122862/"
 "122861","2019-02-12 23:24:03","http://uit.suharev.top/En/corporation/Invoice/piwfE-wK_IVL-V3S/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122861/"
 "122860","2019-02-12 23:20:08","http://www.useit.cc/imades/Invoice/nJfgJ-nD_NwNQeaTDR-r8J/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122860/"
-"122859","2019-02-12 23:16:03","http://yojolife.site/US_us/download/Copy_Invoice/hsxh-Bycx_FxUt-CI/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122859/"
+"122859","2019-02-12 23:16:03","http://yojolife.site/US_us/download/Copy_Invoice/hsxh-Bycx_FxUt-CI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122859/"
 "122858","2019-02-12 23:12:04","http://churchofgod.team/phpMyAdmin/US_us/xerox/fnCV-Ygfh_QXvrTT-Wv/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122858/"
 "122857","2019-02-12 23:08:02","http://admin.staging.buildsmart.io/US/doc/New_invoice/zswk-ai_mE-d1l/","offline","malware_download","None","https://urlhaus.abuse.ch/url/122857/"
 "122856","2019-02-12 23:04:07","http://rohrreinigung-klosterneuburg.at/US/doc/zqpNl-gE_ZLYCn-61/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122856/"
@@ -8739,15 +10180,15 @@
 "122302","2019-02-12 09:23:11","http://advocaciafreitas.com.br/DE_de/SIHDKA3817248/GER/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122302/"
 "122301","2019-02-12 09:18:06","http://www.madplac.com.br/IFZUVG1220472/Rechnungs-docs/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122301/"
 "122300","2019-02-12 09:15:04","http://emporiojf.com.br/Februar2019/IZBCDQSBH7485666/Rech/Zahlungserinnerung//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122300/"
-"122299","2019-02-12 09:12:28","http://185.172.110.203/mips","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122299/"
-"122297","2019-02-12 09:12:27","http://185.172.110.203/MG.ppc440","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122297/"
-"122298","2019-02-12 09:12:27","http://185.172.110.203/MG.sparc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122298/"
-"122295","2019-02-12 09:12:26","http://185.172.110.203/MG.m68k","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122295/"
-"122296","2019-02-12 09:12:26","http://185.172.110.203/MG.powerpc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122296/"
-"122293","2019-02-12 09:12:25","http://185.172.110.203/MG.i586","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122293/"
-"122294","2019-02-12 09:12:25","http://185.172.110.203/MG.i686","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122294/"
+"122299","2019-02-12 09:12:28","http://185.172.110.203/mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122299/"
+"122297","2019-02-12 09:12:27","http://185.172.110.203/MG.ppc440","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122297/"
+"122298","2019-02-12 09:12:27","http://185.172.110.203/MG.sparc","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122298/"
+"122295","2019-02-12 09:12:26","http://185.172.110.203/MG.m68k","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122295/"
+"122296","2019-02-12 09:12:26","http://185.172.110.203/MG.powerpc","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122296/"
+"122293","2019-02-12 09:12:25","http://185.172.110.203/MG.i586","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122293/"
+"122294","2019-02-12 09:12:25","http://185.172.110.203/MG.i686","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122294/"
 "122291","2019-02-12 09:12:24","http://134.209.4.184/adcvds","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122291/"
-"122292","2019-02-12 09:12:24","http://185.172.110.203/MG.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122292/"
+"122292","2019-02-12 09:12:24","http://185.172.110.203/MG.arm4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122292/"
 "122290","2019-02-12 09:12:23","http://134.209.4.184/qtmzbn","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122290/"
 "122289","2019-02-12 09:12:21","http://134.209.4.184/atxhua","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122289/"
 "122288","2019-02-12 09:12:20","http://134.209.4.184/fwdfvf","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/122288/"
@@ -8839,7 +10280,7 @@
 "122184","2019-02-12 06:32:02","https://protect2.fireeye.com/url?k=0d4338ba6a99edb2.0d431f0e-959af595966452a9&u=http://78.207.210.11/@eaDir/secure.myaccount.send.net/./","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/122184/"
 "122183","2019-02-12 06:30:04","http://www.dunveganbrewing.ca/index.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122183/"
 "122182","2019-02-12 06:19:05","http://www.dunveganbrewing.ca/hilda.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122182/"
-"122181","2019-02-12 06:13:16","http://config.ymw200.com/bug/hypic/Hypicsv.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122181/"
+"122181","2019-02-12 06:13:16","http://config.ymw200.com/bug/hypic/Hypicsv.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/122181/"
 "122180","2019-02-12 06:13:05","http://download.azaleanet.it/updates/proxy/azalea.net.proxy.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122180/"
 "122179","2019-02-12 05:53:04","https://crichcreative.com/taping/lol.msi","offline","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/122179/"
 "122178","2019-02-12 05:48:03","http://dunveganbrewing.ca/index.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/122178/"
@@ -8848,7 +10289,7 @@
 "122175","2019-02-12 04:46:19","http://delaker.info/app/winboxscan-0207.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122175/"
 "122174","2019-02-12 04:45:17","http://xyzeee.ml/z/crpt/nc.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/122174/"
 "122173","2019-02-12 04:37:04","http://xyzeee.ml/z/crpt/orc.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/122173/"
-"122171","2019-02-12 04:28:32","http://13.233.183.227/verif.accounts.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122171/"
+"122171","2019-02-12 04:28:32","http://13.233.183.227/verif.accounts.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122171/"
 "122172","2019-02-12 04:28:32","http://159.203.98.17/secure.myaccount.docs.biz/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122172/"
 "122170","2019-02-12 04:17:05","https://sql.merkadetodoa92.com/orderreceipt.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122170/"
 "122168","2019-02-12 02:32:08","http://kevinwest.net/secure.myacc.docs.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122168/"
@@ -8884,7 +10325,7 @@
 "122138","2019-02-12 01:11:17","http://adbord.com/css/sec.accs.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122138/"
 "122139","2019-02-12 01:11:17","https://secure.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122139/"
 "122137","2019-02-12 01:11:14","http://bachhoatructuyen.com.vn/trust.accs.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122137/"
-"122136","2019-02-12 01:11:11","http://ortotomsk.ru/trust.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122136/"
+"122136","2019-02-12 01:11:11","http://ortotomsk.ru/trust.accs.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122136/"
 "122135","2019-02-12 01:11:09","http://demo.pifasoft.cn/trust.myaccount.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122135/"
 "122134","2019-02-12 01:11:03","http://angullar.com.br/trust.myacc.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122134/"
 "122133","2019-02-12 01:04:25","http://delaker.info/app/updateprofile-0211.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122133/"
@@ -8912,13 +10353,13 @@
 "122111","2019-02-11 23:30:04","https://remitdocx.ga/Revised%20Quote.jar","online","malware_download","None","https://urlhaus.abuse.ch/url/122111/"
 "122110","2019-02-11 23:29:37","http://horse-moskva.ru/US_us/document/Invoice_Notice/hkuP-IVis_SdfMs-wH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122110/"
 "122109","2019-02-11 23:29:36","http://navigatorpojizni.ru/En_us/scan/Invoice_number/AqRSh-ppQ_rWAw-J67/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122109/"
-"122108","2019-02-11 23:29:35","http://clashofclansgems.nl/EN_en/Invoice_Notice/SerL-RiKTU_yYS-pb/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122108/"
+"122108","2019-02-11 23:29:35","http://clashofclansgems.nl/EN_en/Invoice_Notice/SerL-RiKTU_yYS-pb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122108/"
 "122107","2019-02-11 23:29:34","http://comfome.co.mz/EN_en/Invoice_Notice/jJieg-RcvH9_Z-fi/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122107/"
 "122106","2019-02-11 23:29:33","http://4drakona.ru/EN_en/company/Copy_Invoice/slub-i50fk_ROme-bHu/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122106/"
 "122105","2019-02-11 23:29:32","http://giancarloraso.com/En_us/doc/Invoice_number/Yyfzx-Ky7e_qwUn-la/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122105/"
 "122104","2019-02-11 23:25:05","http://solahartmentari.com/wp-content/themes/onetone2/images/frontpage/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/122104/"
 "122103","2019-02-11 23:21:14","http://solahartmentari.com/wp-content/themes/onetone2/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/122103/"
-"122102","2019-02-11 23:12:07","https://noithatshop.vn/En_us/corporation/04378129/baVj-GT2gt_lRS-YX/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/122102/"
+"122102","2019-02-11 23:12:07","https://noithatshop.vn/En_us/corporation/04378129/baVj-GT2gt_lRS-YX/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/122102/"
 "122101","2019-02-11 23:03:08","http://masjidsolar.nl/EN_en/Invoice_Notice/DzYtu-X4_BQETXE-016/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122101/"
 "122100","2019-02-11 22:58:10","http://bynana.nl/US_us/scan/Copy_Invoice/95731481431/uTpS-lza_PGJHjEAIM-O1e/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122100/"
 "122099","2019-02-11 22:54:12","http://betal-urfo.ru/En/doc/New_invoice/6392833/DUzfI-eB5_TtHqt-Mu3/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122099/"
@@ -9047,7 +10488,7 @@
 "121976","2019-02-11 20:56:14","http://accessequipmentcapital.ca/verif.accs.resourses.net/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121976/"
 "121974","2019-02-11 20:56:12","http://82.196.10.146/trust.accs.send.biz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121974/"
 "121975","2019-02-11 20:56:12","http://85.115.23.247/wp-content/uploads/verif.accs.send.biz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121975/"
-"121973","2019-02-11 20:56:11","http://211.238.147.196/@eaDir/secure.myacc.resourses.net/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121973/"
+"121973","2019-02-11 20:56:11","http://211.238.147.196/@eaDir/secure.myacc.resourses.net/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121973/"
 "121972","2019-02-11 20:56:08","http://114.34.129.103/trust.accs.docs.net/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121972/"
 "121971","2019-02-11 20:56:05","http://104.211.226.28/secure.myacc.send.net/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121971/"
 "121970","2019-02-11 20:56:04","http://35.193.106.214/wordpress/wp-content/En_us/download/Invoice_number/LsPHz-QZw_sT-x7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121970/"
@@ -9163,18 +10604,18 @@
 "121853","2019-02-11 19:12:07","http://82.253.156.136/wordpress/document/Invoice_Notice/bcAiU-CY33H_AyuNvJW-ua/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121853/"
 "121852","2019-02-11 19:12:04","http://94.177.233.190/wp/US/info/Invoice_Notice/3027157/EHLwm-zES_OWAjyir-lO/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121852/"
 "121851","2019-02-11 19:12:03","http://52.236.174.152/doc/New_invoice/OwcFW-cQVA_RD-lXj/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121851/"
-"121850","2019-02-11 19:12:02","http://54.38.35.144/US_us/llc/BRBk-OHo0r_GrEJNw-lH/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121850/"
+"121850","2019-02-11 19:12:02","http://54.38.35.144/US_us/llc/BRBk-OHo0r_GrEJNw-lH/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121850/"
 "121849","2019-02-11 19:11:03","http://equiestetic.pt/info/IyiO-Zkky2_JYvy-oY/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121849/"
 "121848","2019-02-11 19:09:02","https://drive.google.com/uc?export=download&id=1Y6zYraM9T9xLHrPCyzxnpgeVePAC3Ed8","offline","malware_download","dropper,payload,vbs","https://urlhaus.abuse.ch/url/121848/"
 "121847","2019-02-11 19:06:02","http://demo.evthemes.info/Invoice_Notice/qPBHn-RG7_oEZrS-XOb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121847/"
 "121846","2019-02-11 19:05:16","http://52.205.176.136/verif.accounts.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121846/"
-"121845","2019-02-11 19:05:15","http://54.202.85.204/trust.accs.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121845/"
+"121845","2019-02-11 19:05:15","http://54.202.85.204/trust.accs.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121845/"
 "121844","2019-02-11 19:05:13","http://rubylux.vn/secure.accounts.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121844/"
 "121843","2019-02-11 19:05:10","http://119.254.12.142/En/llc/UjBO-7i5MH_rh-hch/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121843/"
 "121842","2019-02-11 19:05:05","http://211.20.204.164/EN_en/document/Invoice/lXKc-EXZ_YnnTIO-1pt/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121842/"
 "121841","2019-02-11 19:04:55","http://141.136.47.32/c5pNnVVa/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121841/"
-"121840","2019-02-11 19:04:53","http://190.164.186.104/PNNakLQ9C/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121840/"
-"121839","2019-02-11 19:04:50","http://3.112.13.31/xktH3R1/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121839/"
+"121840","2019-02-11 19:04:53","http://190.164.186.104/PNNakLQ9C/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121840/"
+"121839","2019-02-11 19:04:50","http://3.112.13.31/xktH3R1/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121839/"
 "121838","2019-02-11 19:04:48","http://63.34.12.228/0XJHDqJq3/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121838/"
 "121837","2019-02-11 19:04:47","http://mesqen.eruapp.com/MVQI9xyqm/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121837/"
 "121836","2019-02-11 19:04:45","http://115.66.127.67/download/aDPLm-tqNX_xcoeRtq-rz/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121836/"
@@ -9185,7 +10626,7 @@
 "121831","2019-02-11 19:03:40","http://nami.com.uy/EN_en/info/Fexg-bK8R_jmz-F93/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/121831/"
 "121830","2019-02-11 19:03:09","http://devdatta.pacenashik.com/corporation/Invoice_number/hvCZ-55Ajt_TDw-Blv/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121830/"
 "121829","2019-02-11 19:03:08","http://celtis.company/En/doc/New_invoice/SqOe-3pcD1_ckvrT-H6I/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121829/"
-"121828","2019-02-11 19:03:07","http://botmechanic.io/document/Invoice/122815139860138/VZKR-YLT_syeTcnx-6gX/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121828/"
+"121828","2019-02-11 19:03:07","http://botmechanic.io/document/Invoice/122815139860138/VZKR-YLT_syeTcnx-6gX/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121828/"
 "121827","2019-02-11 19:03:05","http://daliomixa.com/En/info/Copy_Invoice/TwxDm-3K_fno-bf/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121827/"
 "121826","2019-02-11 19:03:04","http://drawme.lakbay.lk/Invoice_number/Tqdo-ko_rFB-oge/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121826/"
 "121825","2019-02-11 19:03:02","http://jerko.novi-net.net/mama-malog-zmaja/wp-includes/Invoice/pmst-TtZj2_wZnyKXk-qaM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121825/"
@@ -9200,7 +10641,7 @@
 "121816","2019-02-11 18:46:06","http://madrastrends.com/EN_en/scan/VBbW-YgV1_FlHNc-Ka/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121816/"
 "121815","2019-02-11 18:43:04","http://hifucancertreatment.com/wp-content/uploads/EN_en/scan/waVr-0A_mVwcJ-SBz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121815/"
 "121814","2019-02-11 18:33:17","http://35.154.50.228/sec.myaccount.resourses.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121814/"
-"121813","2019-02-11 18:33:15","http://52.202.101.89/trust.accounts.send.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121813/"
+"121813","2019-02-11 18:33:15","http://52.202.101.89/trust.accounts.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121813/"
 "121812","2019-02-11 18:32:44","http://vieclam.f5mobile.vn/med.microsoft.net/api/drm/ZPnmc58dAzsXuB/ZPnmc58dAzsXuB/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121812/"
 "121811","2019-02-11 18:32:37","http://cafevanuhm.nl/verif.accs.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121811/"
 "121810","2019-02-11 18:32:32","http://edax.com.pl/verif.myacc.resourses.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121810/"
@@ -9229,7 +10670,7 @@
 "121787","2019-02-11 17:23:13","http://abiataltib.ml/download/Invoice_number/fTvp-N8mZ_rD-PM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121787/"
 "121786","2019-02-11 17:23:07","http://66.42.78.2/En_us/CneA-P3sTk_OsvoGAV-kC/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121786/"
 "121785","2019-02-11 17:22:05","http://54.250.159.171/En_us/2446830/NqWP-TQObp_cgfZBBxnl-NP/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121785/"
-"121784","2019-02-11 17:22:01","http://54.153.245.124/En_us/Copy_Invoice/YhNNA-ZeEBY_ek-JfG/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121784/"
+"121784","2019-02-11 17:22:01","http://54.153.245.124/En_us/Copy_Invoice/YhNNA-ZeEBY_ek-JfG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121784/"
 "121783","2019-02-11 17:21:31","http://52.63.71.120/US_us/corporation/Invoice_number/45951863/OtwFS-R2FA_ZrXS-v72/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121783/"
 "121782","2019-02-11 17:21:00","http://52.63.119.3/En_us/doc/Invoice_Notice/1095987397054/IIPw-Eoa_M-au9/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121782/"
 "121781","2019-02-11 17:20:57","http://40.117.254.165/llc/lLotL-gYw_VcoeSlLq-vv/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/121781/"
@@ -9242,7 +10683,7 @@
 "121773","2019-02-11 17:20:09","http://78.207.210.11/@eaDir/secure.myaccount.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121773/"
 "121774","2019-02-11 17:20:09","http://89.98.154.157/@eaDir/trust.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121774/"
 "121772","2019-02-11 17:20:07","http://73.114.227.141/verif.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121772/"
-"121771","2019-02-11 17:20:05","http://54.234.174.153/sec.accs.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121771/"
+"121771","2019-02-11 17:20:05","http://54.234.174.153/sec.accs.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121771/"
 "121770","2019-02-11 17:20:04","http://51.77.192.138/sec.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121770/"
 "121769","2019-02-11 17:20:03","http://188.131.164.117/trust.myacc.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121769/"
 "121768","2019-02-11 17:19:04","https://www.dropbox.com/s/dl/6z3d23myuzzzvfm/Sign%20Sales%20Contract%20of%20PI=-98476YT.Pdf.z?dl=1","offline","malware_download","compressed,NanoCore,payload,rat,scr","https://urlhaus.abuse.ch/url/121768/"
@@ -9262,7 +10703,7 @@
 "121754","2019-02-11 15:55:04","http://www.dropbox.com/s/xfja85riokvg9xk/ORDER%20LIST.ace?dl=1","online","malware_download","ace,compressed,payload","https://urlhaus.abuse.ch/url/121754/"
 "121753","2019-02-11 15:54:32","http://18.184.16.5/EN_en/company/Invoice_number/34128416/Fdjmu-NQuzD_srNbU-G2p/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121753/"
 "121752","2019-02-11 15:50:06","http://94.177.233.190/wp/US/info/Invoice_Notice/3027157/EHLwm-zES_OWAjyir-lO//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121752/"
-"121751","2019-02-11 15:45:07","http://52.196.225.91/wordpress/US_us/document/aTUC-RQb_nAQiekDLJ-wbj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121751/"
+"121751","2019-02-11 15:45:07","http://52.196.225.91/wordpress/US_us/document/aTUC-RQb_nAQiekDLJ-wbj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121751/"
 "121750","2019-02-11 15:40:05","http://34.201.148.147/download/Inv/rwUu-GoD8Y_YsGNacwnq-Wi1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121750/"
 "121749","2019-02-11 15:39:14","http://3.92.174.100/FV5nbvVP/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121749/"
 "121748","2019-02-11 15:39:13","http://204.27.61.244/GWrMNkk/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121748/"
@@ -9271,16 +10712,16 @@
 "121745","2019-02-11 15:39:02","http://31.131.24.153/eYXaJRMd/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121745/"
 "121744","2019-02-11 15:37:48","http://128.199.207.179/d6JEQSR1V2hkqXqT1/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121744/"
 "121743","2019-02-11 15:37:46","http://178.236.210.22/tKMrxvGkHP/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121743/"
-"121742","2019-02-11 15:37:45","http://118.25.176.38/bmNCKBx/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121742/"
+"121742","2019-02-11 15:37:45","http://118.25.176.38/bmNCKBx/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121742/"
 "121741","2019-02-11 15:37:39","http://178.159.38.201/wcbrQ8LRfb_7pKaOP9z/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121741/"
 "121740","2019-02-11 15:37:38","http://104.198.17.119/h0Ya3P8r0O_cG/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121740/"
-"121739","2019-02-11 15:36:32","http://54.167.192.134/AwafJ-uSkG_fPlXdovJx-icC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121739/"
+"121739","2019-02-11 15:36:32","http://54.167.192.134/AwafJ-uSkG_fPlXdovJx-icC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121739/"
 "121738","2019-02-11 15:32:08","http://x-soft.tomsk.ru/US_us/document/Inv/edrFY-9l_UJZVmSeTe-iA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121738/"
-"121737","2019-02-11 15:30:03","http://54.38.35.144/US_us/llc/BRBk-OHo0r_GrEJNw-lH//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121737/"
+"121737","2019-02-11 15:30:03","http://54.38.35.144/US_us/llc/BRBk-OHo0r_GrEJNw-lH//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121737/"
 "121736","2019-02-11 15:28:04","http://35.165.83.118/wp-content/US_us/file/Invoice_number/387848224/mvrU-f28_sdBifmQ-65z/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121736/"
 "121735","2019-02-11 15:27:20","http://hopi.hopto.org/trust.accounts.docs.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121735/"
 "121734","2019-02-11 15:27:19","http://23.235.202.43/secure.myacc.resourses.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121734/"
-"121733","2019-02-11 15:27:17","http://13.112.69.225/wp-content/verif.myaccount.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121733/"
+"121733","2019-02-11 15:27:17","http://13.112.69.225/wp-content/verif.myaccount.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121733/"
 "121732","2019-02-11 15:27:15","http://37.139.27.218/sec.accs.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121732/"
 "121731","2019-02-11 15:27:14","http://159.89.153.180/trust.myaccount.send.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121731/"
 "121730","2019-02-11 15:27:13","http://178.128.54.239/sec.accs.docs.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121730/"
@@ -9295,7 +10736,7 @@
 "121721","2019-02-11 15:23:32","http://13.239.63.5/company/Invoice/MItGR-BX_YOeO-dF/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121721/"
 "121720","2019-02-11 15:20:04","http://35.190.186.53/EN_en/doc/Copy_Invoice/Nebk-gt3_ZZV-Ok//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121720/"
 "121719","2019-02-11 15:18:07","http://produccion.sanmartindelosandes.gov.ar/wp-content/uploads/En/download/Copy_Invoice/Ihpyw-WoX_N-lRv//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121719/"
-"121718","2019-02-11 15:17:06","http://35.202.250.4/document/Invoice_Notice/pnDo-aHDN_HzaHfarw-RWS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121718/"
+"121718","2019-02-11 15:17:06","http://35.202.250.4/document/Invoice_Notice/pnDo-aHDN_HzaHfarw-RWS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121718/"
 "121717","2019-02-11 15:13:10","http://139.59.182.250/En_us/doc/921630112996/rgbuP-SSFaG_aL-Mz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121717/"
 "121716","2019-02-11 15:13:06","http://www.anvd.ne/wp-content/corporation/UwlGE-b50Lg_Kv-lj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121716/"
 "121715","2019-02-11 15:10:32","http://34.242.190.144/EN_en/download/Invoice_number/vHScR-n1_PNvfJN-qJs/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121715/"
@@ -9303,7 +10744,7 @@
 "121713","2019-02-11 15:09:11","http://138.197.72.9/vRoDcTOZS_qq4qSrbs/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121713/"
 "121712","2019-02-11 15:09:09","http://13.126.61.11/TTLDQc4Su4n/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121712/"
 "121711","2019-02-11 15:09:08","http://139.59.64.173/hSQpezoBAp/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121711/"
-"121710","2019-02-11 15:09:06","http://13.126.61.22/ZersFqNzy4Dr/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121710/"
+"121710","2019-02-11 15:09:06","http://13.126.61.22/ZersFqNzy4Dr/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121710/"
 "121709","2019-02-11 15:09:02","http://3.120.147.8/info/gLfY-53_Rjy-2Ms/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121709/"
 "121708","2019-02-11 15:07:03","http://158.69.135.116/scan/VGIy-LJJq_rtJTwGJ-loZ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121708/"
 "121707","2019-02-11 15:05:15","http://34.243.4.98/document/Inv/whfgV-T5_OhosR-KjB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121707/"
@@ -9395,11 +10836,11 @@
 "121620","2019-02-11 13:55:02","http://13.92.177.54/secure.accs.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121620/"
 "121619","2019-02-11 13:48:07","http://aerveo.com/biztx/output1CB820.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/121619/"
 "121618","2019-02-11 13:48:06","https://lithi.io/file/a44bed.doc","online","malware_download","doc,exe,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121618/"
-"121617","2019-02-11 13:48:04","https://lithi.io/file/6cc96f.exe","online","malware_download","doc,exe,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121617/"
+"121617","2019-02-11 13:48:04","https://lithi.io/file/6cc96f.exe","offline","malware_download","doc,exe,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121617/"
 "121616","2019-02-11 13:47:16","http://mskhistory.ru/sAZpJs8/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/121616/"
 "121615","2019-02-11 13:47:14","http://maxtraidingru.437.com1.ru/NaOnFCqNz/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121615/"
 "121614","2019-02-11 13:47:10","http://wordpress-219768-716732.cloudwaysapps.com/EcUKpEfiLX/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121614/"
-"121613","2019-02-11 13:47:08","http://altuntuval.com/n4jkQZWtK/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121613/"
+"121613","2019-02-11 13:47:08","http://altuntuval.com/n4jkQZWtK/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121613/"
 "121612","2019-02-11 13:47:05","http://www.prowidor.com/KY5VHstRW/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121612/"
 "121611","2019-02-11 13:41:03","http://lithi.io/file/6cc96f.exe","offline","malware_download","doc,exe,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121611/"
 "121610","2019-02-11 13:41:02","http://lithi.io/file/a44bed.doc","offline","malware_download","doc,exe,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121610/"
@@ -9447,7 +10888,7 @@
 "121568","2019-02-11 12:50:40","http://azs-service.victoria-makeup.kz/Telekom/Transaktion/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121568/"
 "121567","2019-02-11 12:50:34","http://allopizzanuit.fr/mm.microsoft.ms/med/event/dNhfd4yt/dNhfd4yt/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121567/"
 "121566","2019-02-11 12:50:29","http://999.co.id/med.ms.net/med/event-uat/M1a22AL8NQdO/M1a22AL8NQdO/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/121566/"
-"121565","2019-02-11 12:50:27","http://81.56.198.200/Telekom/Rechnungen/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121565/"
+"121565","2019-02-11 12:50:27","http://81.56.198.200/Telekom/Rechnungen/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121565/"
 "121564","2019-02-11 12:50:21","http://67.209.114.215/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121564/"
 "121563","2019-02-11 12:50:17","http://54.165.253.1/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121563/"
 "121562","2019-02-11 12:50:12","http://52.89.55.218/wp-content/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121562/"
@@ -9534,7 +10975,7 @@
 "121481","2019-02-11 11:10:05","http://re-set.fr/wp-content/themes/theme1438/includes/images/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121481/"
 "121480","2019-02-11 11:07:03","http://54.224.240.34/Februar2019/FDJASWPO8400835/DE/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121480/"
 "121479","2019-02-11 11:03:09","http://agence.nucleus.odns.fr/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/121479/"
-"121478","2019-02-11 11:03:02","http://52.66.236.210/HQHGLKQXFF6297535/DE_de/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121478/"
+"121478","2019-02-11 11:03:02","http://52.66.236.210/HQHGLKQXFF6297535/DE_de/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121478/"
 "121477","2019-02-11 11:01:32","http://54.146.46.168/Februar2019/JYZTXITFS1861033/DE_de/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121477/"
 "121476","2019-02-11 11:00:07","http://vektorex.com/source/Z/10874000.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121476/"
 "121475","2019-02-11 10:55:04","http://62.141.55.98/wp/DE_de/WLSEDHREWI0259028/Rechnung/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121475/"
@@ -9717,10 +11158,10 @@
 "121298","2019-02-11 03:30:09","https://www.dropbox.com/s/j36iy9wmxvpkyhi/Please%20Quote.pdf.z?dl=1","offline","malware_download","compressed,exe,NanoCore,payload,rat,winrar","https://urlhaus.abuse.ch/url/121298/"
 "121297","2019-02-11 03:20:05","http://sylvaclouds.eu/20th/FABUARY-SPECIFICATION-04.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121297/"
 "121296","2019-02-11 03:15:09","http://sylvaclouds.eu/IFY2/program.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121296/"
-"121295","2019-02-11 02:56:31","http://nationallibrary.mn/nm/enterw/tekex.jpg","offline","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/121295/"
-"121294","2019-02-11 02:56:24","http://nationallibrary.mn/nm/enterw/sop.jpg","offline","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/121294/"
-"121293","2019-02-11 02:56:18","http://nationallibrary.mn/nm/enterw/ebu.jpg","offline","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/121293/"
-"121292","2019-02-11 02:56:10","http://nationallibrary.mn/nm/enterw/zee.jpg","offline","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/121292/"
+"121295","2019-02-11 02:56:31","http://nationallibrary.mn/nm/enterw/tekex.jpg","online","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/121295/"
+"121294","2019-02-11 02:56:24","http://nationallibrary.mn/nm/enterw/sop.jpg","online","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/121294/"
+"121293","2019-02-11 02:56:18","http://nationallibrary.mn/nm/enterw/ebu.jpg","online","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/121293/"
+"121292","2019-02-11 02:56:10","http://nationallibrary.mn/nm/enterw/zee.jpg","online","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/121292/"
 "121291","2019-02-11 01:52:47","https://files.catbox.moe/ojl5h1.jar","offline","malware_download","malicious","https://urlhaus.abuse.ch/url/121291/"
 "121290","2019-02-11 01:52:41","https://files.catbox.moe/j8hj2d.jar","offline","malware_download","malicious","https://urlhaus.abuse.ch/url/121290/"
 "121289","2019-02-11 01:52:34","https://files.catbox.moe/fgrwqq.jar","offline","malware_download","malicious","https://urlhaus.abuse.ch/url/121289/"
@@ -9754,7 +11195,7 @@
 "121261","2019-02-11 01:02:11","http://www.dropbox.com/s/m0hysy8h6ngwffd/TTAdvise890002365358299.jar?dl=1","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121261/"
 "121260","2019-02-11 01:02:07","http://www.dropbox.com/s/dl/49ng39szam8hwqb/TT41000046542894211.jar?dl=1","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121260/"
 "121259","2019-02-11 00:56:15","http://doom-66.ga/iedf(1).zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/121259/"
-"121258","2019-02-11 00:47:15","http://cdn.file6.goodid.com/28758658/2018/04/28/c4284a2a6c1b60247944a03cbaf930c5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/121258/"
+"121258","2019-02-11 00:47:15","http://cdn.file6.goodid.com/28758658/2018/04/28/c4284a2a6c1b60247944a03cbaf930c5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121258/"
 "121257","2019-02-11 00:43:04","http://xlabsgaze.com/apps/News/Invoice_5241792.jar","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121257/"
 "121256","2019-02-11 00:43:03","http://johnbearross.com/payments/Invoice_870564.jar","online","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121256/"
 "121255","2019-02-11 00:14:13","http://members.iinet.net.au/~sambo75/usps/USPS-shipping(ecopy)22-3235-44-Labels.jar","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121255/"
@@ -9837,19 +11278,19 @@
 "121178","2019-02-10 21:28:09","https://i.postimg.cc/sjfbPNwh/big.jpg?dl=1","offline","malware_download","Gozi,https://otx.alienvault.com/pulse/5c5d5b477bf4ce2c5ff9cc72,steganography,stego,ursnif","https://urlhaus.abuse.ch/url/121178/"
 "121177","2019-02-10 21:28:07","https://i.postimg.cc/LmLydg9G/DSC-0665-Versione-2.jpg?dl=1","offline","malware_download","Gozi,https://otx.alienvault.com/pulse/5c5d5b477bf4ce2c5ff9cc72,steganography,stego,ursnif","https://urlhaus.abuse.ch/url/121177/"
 "121176","2019-02-10 21:28:03","https://i.postimg.cc/PH6QvFvF/mario.png?dl=1","offline","malware_download","Gozi,https://otx.alienvault.com/pulse/5c5d5b477bf4ce2c5ff9cc72,steganography,stego,ursnif","https://urlhaus.abuse.ch/url/121176/"
-"121175","2019-02-10 20:57:16","http://185.81.157.124/wget","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121175/"
-"121174","2019-02-10 20:57:14","http://185.81.157.124/tftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121174/"
-"121172","2019-02-10 20:57:08","http://185.81.157.124/sh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121172/"
-"121173","2019-02-10 20:57:08","http://185.81.157.124/sshd","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121173/"
-"121170","2019-02-10 20:57:07","http://185.81.157.124/openssh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121170/"
-"121171","2019-02-10 20:57:07","http://185.81.157.124/pftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121171/"
-"121169","2019-02-10 20:57:06","http://185.81.157.124/ntpd","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121169/"
-"121167","2019-02-10 20:57:05","http://185.81.157.124/cron","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121167/"
-"121168","2019-02-10 20:57:05","http://185.81.157.124/ftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121168/"
-"121166","2019-02-10 20:57:04","http://185.81.157.124/bins.sh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121166/"
-"121164","2019-02-10 20:57:03","http://185.81.157.124/apache2","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121164/"
-"121165","2019-02-10 20:57:03","http://185.81.157.124/bash","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121165/"
-"121163","2019-02-10 20:57:02","http://185.81.157.124/LauncherSurvieMod.exe","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121163/"
+"121175","2019-02-10 20:57:16","http://185.81.157.124/wget","online","malware_download","elf","https://urlhaus.abuse.ch/url/121175/"
+"121174","2019-02-10 20:57:14","http://185.81.157.124/tftp","online","malware_download","elf","https://urlhaus.abuse.ch/url/121174/"
+"121172","2019-02-10 20:57:08","http://185.81.157.124/sh","online","malware_download","elf","https://urlhaus.abuse.ch/url/121172/"
+"121173","2019-02-10 20:57:08","http://185.81.157.124/sshd","online","malware_download","elf","https://urlhaus.abuse.ch/url/121173/"
+"121170","2019-02-10 20:57:07","http://185.81.157.124/openssh","online","malware_download","elf","https://urlhaus.abuse.ch/url/121170/"
+"121171","2019-02-10 20:57:07","http://185.81.157.124/pftp","online","malware_download","elf","https://urlhaus.abuse.ch/url/121171/"
+"121169","2019-02-10 20:57:06","http://185.81.157.124/ntpd","online","malware_download","elf","https://urlhaus.abuse.ch/url/121169/"
+"121167","2019-02-10 20:57:05","http://185.81.157.124/cron","online","malware_download","elf","https://urlhaus.abuse.ch/url/121167/"
+"121168","2019-02-10 20:57:05","http://185.81.157.124/ftp","online","malware_download","elf","https://urlhaus.abuse.ch/url/121168/"
+"121166","2019-02-10 20:57:04","http://185.81.157.124/bins.sh","online","malware_download","elf","https://urlhaus.abuse.ch/url/121166/"
+"121164","2019-02-10 20:57:03","http://185.81.157.124/apache2","online","malware_download","elf","https://urlhaus.abuse.ch/url/121164/"
+"121165","2019-02-10 20:57:03","http://185.81.157.124/bash","online","malware_download","elf","https://urlhaus.abuse.ch/url/121165/"
+"121163","2019-02-10 20:57:02","http://185.81.157.124/LauncherSurvieMod.exe","online","malware_download","elf","https://urlhaus.abuse.ch/url/121163/"
 "121162","2019-02-10 20:42:06","http://47.88.21.111/wget","online","malware_download","elf","https://urlhaus.abuse.ch/url/121162/"
 "121161","2019-02-10 20:42:04","http://47.88.21.111/tftp","online","malware_download","elf","https://urlhaus.abuse.ch/url/121161/"
 "121160","2019-02-10 20:41:34","http://47.88.21.111/sshd","online","malware_download","elf","https://urlhaus.abuse.ch/url/121160/"
@@ -10229,7 +11670,7 @@
 "120784","2019-02-10 01:15:07","http://157.230.165.111/yakuza.mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/120784/"
 "120783","2019-02-10 01:15:04","http://157.230.165.111/yakuza.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/120783/"
 "120782","2019-02-10 01:14:04","http://157.230.165.111/yakuza.ppc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/120782/"
-"120781","2019-02-10 01:06:03","https://docs.google.com/uc?export=&id=17jp89aXCEAzHfw4_slHL17aep0fpvGwZ&718864998","online","malware_download","compressed,DanaBot,javascript,Loader,zip","https://urlhaus.abuse.ch/url/120781/"
+"120781","2019-02-10 01:06:03","https://docs.google.com/uc?export=&id=17jp89aXCEAzHfw4_slHL17aep0fpvGwZ&718864998","offline","malware_download","compressed,DanaBot,javascript,Loader,zip","https://urlhaus.abuse.ch/url/120781/"
 "120780","2019-02-10 00:56:03","https://bkyhig.dm.files.1drv.com/y4mTtcn7-7f3EjuIx_FcxqFoFGbqGwhggZLTKEHuG8aDvBxGrcYirAD8nE5dxrgGeTXpGrfhD3ulgNjI456uGCGaip7zcVdkBwqJSjspUVKz4iI-XN0WbwU3QRJyMjiR-iZ928TJx7jAHfj9h8n669XaSPpimpfae_n-dY6DtCcDAn7iacw3JQP5_LyWxdWhil5FaH--bShbq0TjClqAT3Pyg/USD%20PAYMENT%20(2).zip?download&psid=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/120780/"
 "120779","2019-02-10 00:53:25","http://kameyacat.ru/webstat/update_2018_02.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/120779/"
 "120778","2019-02-10 00:51:11","http://23.249.163.110/micros~1/excel/dd.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/120778/"
@@ -10612,11 +12053,11 @@
 "120397","2019-02-08 19:51:21","http://157.230.157.105/yakuza.sh4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/120397/"
 "120396","2019-02-08 19:51:20","http://157.230.157.105/yakuza.mpsl","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/120396/"
 "120395","2019-02-08 19:51:18","http://157.230.157.105/yakuza.mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/120395/"
-"120394","2019-02-08 19:51:15","http://185.172.110.203/MG.x86","online","malware_download","elf","https://urlhaus.abuse.ch/url/120394/"
-"120393","2019-02-08 19:51:13","http://185.172.110.203/MG.arm7","online","malware_download","elf","https://urlhaus.abuse.ch/url/120393/"
-"120392","2019-02-08 19:51:10","http://185.172.110.203/MG.mipsel","online","malware_download","elf","https://urlhaus.abuse.ch/url/120392/"
-"120391","2019-02-08 19:51:07","http://185.172.110.203/MG.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/120391/"
-"120390","2019-02-08 19:51:04","http://185.172.110.203/MG.arm5","online","malware_download","elf","https://urlhaus.abuse.ch/url/120390/"
+"120394","2019-02-08 19:51:15","http://185.172.110.203/MG.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120394/"
+"120393","2019-02-08 19:51:13","http://185.172.110.203/MG.arm7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120393/"
+"120392","2019-02-08 19:51:10","http://185.172.110.203/MG.mipsel","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120392/"
+"120391","2019-02-08 19:51:07","http://185.172.110.203/MG.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120391/"
+"120390","2019-02-08 19:51:04","http://185.172.110.203/MG.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120390/"
 "120389","2019-02-08 19:51:01","http://185.101.105.192/armv6l","offline","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/120389/"
 "120388","2019-02-08 19:50:58","http://185.101.105.192/armv5l","offline","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/120388/"
 "120387","2019-02-08 19:50:54","http://185.101.105.192/armv4l","offline","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/120387/"
@@ -10646,7 +12087,7 @@
 "120362","2019-02-08 19:05:11","http://lienquangiare.vn/US/info/New_invoice/GAqj-RiK_j-0A/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/120362/"
 "120363","2019-02-08 19:05:11","http://modernitiveconstruction.palab.info/US_us/document/jrEOl-YImZK_yf-SC/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/120363/"
 "120361","2019-02-08 19:05:08","http://holydayandstyle.eu/En_us/company/Invoice_Notice/zjOfy-DuF_HuUViCfc-rz/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/120361/"
-"120360","2019-02-08 19:05:06","http://clashofclansgems.nl/US/scan/Inv/APNMB-NVg_e-gv/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/120360/"
+"120360","2019-02-08 19:05:06","http://clashofclansgems.nl/US/scan/Inv/APNMB-NVg_e-gv/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/120360/"
 "120359","2019-02-08 19:05:04","http://superjjed.com/wp-content/uploads/document/Invoice/uQQV-3R_ZwP-JP9/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/120359/"
 "120358","2019-02-08 19:00:12","http://saleswork.nl/En/Invoice_number/HdIvk-eD_W-ba0/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/120358/"
 "120356","2019-02-08 19:00:05","http://newsfeedkings.palab.info/US_us/info/New_invoice/zJQc-bMEFO_KnPBXHgi-jmH/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/120356/"
@@ -11016,30 +12457,30 @@
 "119982","2019-02-08 08:31:10","http://sub7.mambaddd4.ru/DXOwdEpOSIixexqbZPHWJNEmIFX.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/119982/"
 "119981","2019-02-08 08:29:05","http://sub2.mambaddd4.ru/bin_2019-02-03_18-51.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/119981/"
 "119980","2019-02-08 08:24:08","https://docs.google.com/uc?export=&id=16pzlzpH7O_euQdSocbX_5V00iVhNyhZo","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119980/"
-"119979","2019-02-08 08:24:07","https://docs.google.com/uc?export=&id=15osXf3mIeT7WDLDbEd-UjRqIIKB59VHo","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119979/"
+"119979","2019-02-08 08:24:07","https://docs.google.com/uc?export=&id=15osXf3mIeT7WDLDbEd-UjRqIIKB59VHo","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119979/"
 "119978","2019-02-08 08:24:05","https://docs.google.com/uc?export=&id=10DH-vYZMpHvqyu861JptUurk8U3dQ5Rr","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119978/"
 "119977","2019-02-08 08:24:04","https://docs.google.com/uc?export=&id=1Z6HcnFYQMr3kCJYWbaBFD9diC5az4g_x","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119977/"
-"119976","2019-02-08 08:24:02","https://docs.google.com/uc?export=&id=1WvFJxDgobd1BWqBiutcOqwpiUj6wC3_Q","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119976/"
+"119976","2019-02-08 08:24:02","https://docs.google.com/uc?export=&id=1WvFJxDgobd1BWqBiutcOqwpiUj6wC3_Q","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119976/"
 "119975","2019-02-08 08:24:01","https://docs.google.com/uc?export=&id=1w1R_c9wg3z3r83Ff-LNMp-ixmNXxBdpL","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119975/"
-"119974","2019-02-08 08:23:59","https://docs.google.com/uc?export=&id=1TmYPo3YE3lUzaYN5w20MfYX6YaMp_UwY","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119974/"
+"119974","2019-02-08 08:23:59","https://docs.google.com/uc?export=&id=1TmYPo3YE3lUzaYN5w20MfYX6YaMp_UwY","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119974/"
 "119973","2019-02-08 08:23:58","https://docs.google.com/uc?export=&id=1SYsejolXobV64Rc4rklsz4IK9_2csiq5","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119973/"
 "119972","2019-02-08 08:23:57","https://docs.google.com/uc?export=&id=1sOmbFYwzacO6ksh9phgLtPtnS8ls5cS2","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119972/"
 "119971","2019-02-08 08:23:55","https://docs.google.com/uc?export=&id=1RJe46hywJ5y581vef13ipXUOnj1m8DKm","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119971/"
 "119970","2019-02-08 08:23:54","https://docs.google.com/uc?export=&id=1oaofepPwcwtcQLRSwSXkzGm563A9p1ja","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119970/"
 "119969","2019-02-08 08:23:52","https://docs.google.com/uc?export=&id=1NPgY2Op3kPNjv60pbfAQ_zdmb7RVZnuG","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119969/"
 "119968","2019-02-08 08:23:51","https://docs.google.com/uc?export=&id=1kk6FzeAFH2ISLcxQ4OYPRPRNHsMCYeZw","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119968/"
-"119967","2019-02-08 08:23:49","https://docs.google.com/uc?export=&id=1jYXSlIlTQwiJlUSigRsn8f0xl_rbrVLb","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119967/"
-"119966","2019-02-08 08:23:48","https://docs.google.com/uc?export=&id=1jRItcnp4neS59fOyJFYBGFxJCP2uNMvQ","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119966/"
-"119965","2019-02-08 08:23:46","https://docs.google.com/uc?export=&id=1j3uS2pkT1upWmAo6o_ICQd6kgAizdtva","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119965/"
+"119967","2019-02-08 08:23:49","https://docs.google.com/uc?export=&id=1jYXSlIlTQwiJlUSigRsn8f0xl_rbrVLb","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119967/"
+"119966","2019-02-08 08:23:48","https://docs.google.com/uc?export=&id=1jRItcnp4neS59fOyJFYBGFxJCP2uNMvQ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119966/"
+"119965","2019-02-08 08:23:46","https://docs.google.com/uc?export=&id=1j3uS2pkT1upWmAo6o_ICQd6kgAizdtva","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119965/"
 "119964","2019-02-08 08:23:16","https://docs.google.com/uc?export=&id=1fRvg4YvDGXn9XlxSM-P18Q025oAGeIt9","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119964/"
-"119963","2019-02-08 08:23:14","https://docs.google.com/uc?export=&id=1FmvO1GDj1Hhri-icUOgrTM2xQ1A5j4r2","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119963/"
+"119963","2019-02-08 08:23:14","https://docs.google.com/uc?export=&id=1FmvO1GDj1Hhri-icUOgrTM2xQ1A5j4r2","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119963/"
 "119962","2019-02-08 08:23:13","https://docs.google.com/uc?export=&id=1FfZ73oe8B0P503xOL57H3k_X9qdKacAL","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119962/"
 "119961","2019-02-08 08:23:12","https://docs.google.com/uc?export=&id=1eMBaWp_isvH_wp2u4HJ9qg1ZLfrVVzg4","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119961/"
 "119960","2019-02-08 08:23:10","https://docs.google.com/uc?export=&id=1D1nwUc5GAC8_a5ZU879FXJitlDWQMNie","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119960/"
-"119959","2019-02-08 08:23:08","https://docs.google.com/uc?export=&id=1bEsYM_0_KJ8fYxfsUdToTQBls91GFyQO","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119959/"
+"119959","2019-02-08 08:23:08","https://docs.google.com/uc?export=&id=1bEsYM_0_KJ8fYxfsUdToTQBls91GFyQO","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119959/"
 "119958","2019-02-08 08:23:07","https://docs.google.com/uc?export=&id=1aZ88AncMIhKMlKMXxepmvV5zusqTdX0Z","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119958/"
 "119957","2019-02-08 08:23:04","https://docs.google.com/uc?export=&id=1AdZklNdErUVKieHIj_17M4KA71fYFUgY","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119957/"
-"119956","2019-02-08 08:23:03","https://docs.google.com/uc?export=&id=1_l0iB7LGB-fWqToAazhfueLkiDWlGEXs","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119956/"
+"119956","2019-02-08 08:23:03","https://docs.google.com/uc?export=&id=1_l0iB7LGB-fWqToAazhfueLkiDWlGEXs","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119956/"
 "119955","2019-02-08 07:48:11","http://firemaplegames.com/NNtM6qj4fa/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/119955/"
 "119954","2019-02-08 07:48:10","http://www.sinbadvoyage.com/5V6LU9T/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/119954/"
 "119953","2019-02-08 07:48:07","http://punjabanmutyaar.com/XMsjd1E1S6/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/119953/"
@@ -11181,14 +12622,14 @@
 "119815","2019-02-08 03:30:04","https://www.int2float.com/wp-content/themes/qaengine/template/info.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/119815/"
 "119814","2019-02-08 03:28:04","http://vervedevelopments.com/fe6f81f.msi","offline","malware_download","msi,payload,stage2","https://urlhaus.abuse.ch/url/119814/"
 "119813","2019-02-08 03:25:20","http://home.webadmin.syscoinc.org/vYOvERlCtc.php","offline","malware_download","AUS,DanaBot,exe,geofenced,headersfenced,Sandiflux","https://urlhaus.abuse.ch/url/119813/"
-"119812","2019-02-08 03:22:15","https://docs.google.com/uc?export=&id=17jp89aXCEAzHfw4_slHL17aep0fpvGwZ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119812/"
+"119812","2019-02-08 03:22:15","https://docs.google.com/uc?export=&id=17jp89aXCEAzHfw4_slHL17aep0fpvGwZ","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119812/"
 "119811","2019-02-08 03:22:14","https://docs.google.com/uc?export=&id=1iTOuiJRlOHfinlkANWGsHaS7taDMWxjy","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119811/"
-"119810","2019-02-08 03:22:12","https://docs.google.com/uc?export=&id=1fQ8g504YfIigneDb6PkPPZH28Hl--8A-","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119810/"
+"119810","2019-02-08 03:22:12","https://docs.google.com/uc?export=&id=1fQ8g504YfIigneDb6PkPPZH28Hl--8A-","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119810/"
 "119809","2019-02-08 03:21:42","https://docs.google.com/uc?export=&id=1wqapdW8YblJoYnJiKgMZg2uiPX38QwEZ","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119809/"
 "119808","2019-02-08 03:21:41","https://docs.google.com/uc?export=&id=1Haoaqr13jBdbVnbkujcxPk_Q9jTt4qGJ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119808/"
-"119807","2019-02-08 03:21:39","https://docs.google.com/uc?export=&id=1vH0brV1wkVdLccmAXPmQXf7GVL26Kcj3","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119807/"
+"119807","2019-02-08 03:21:39","https://docs.google.com/uc?export=&id=1vH0brV1wkVdLccmAXPmQXf7GVL26Kcj3","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119807/"
 "119806","2019-02-08 03:21:09","https://docs.google.com/uc?export=&id=1P0boW2aSEFr_bJZ4GyUZjBji0ccL7UQQ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119806/"
-"119805","2019-02-08 03:21:07","https://docs.google.com/uc?export=&id=11m4Hol6AC4ursYm-seOCpuCM6fbT5CE5","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119805/"
+"119805","2019-02-08 03:21:07","https://docs.google.com/uc?export=&id=11m4Hol6AC4ursYm-seOCpuCM6fbT5CE5","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119805/"
 "119804","2019-02-08 03:21:06","https://docs.google.com/uc?export=&id=1SbH7bMmBsBilZQ4etzm3OR88t8wudVTz","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119804/"
 "119803","2019-02-08 03:21:04","https://docs.google.com/uc?export=&id=1a5awHDkse45yeZPN01MX9OPr6Eu7AxEA","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119803/"
 "119802","2019-02-08 03:21:03","https://docs.google.com/uc?export=&id=13YsxT47x2pcHBtyvpchwx4boab_vyLKU","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119802/"
@@ -11269,7 +12710,7 @@
 "119727","2019-02-07 23:54:33","http://lar.biz/US/info/Invoice_number/CSdY-Kop_ckG-XD/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119727/"
 "119726","2019-02-07 23:54:26","http://laprima.se/llc/Invoice_number/vvYUI-R9z_JZAnRfofa-TsR/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119726/"
 "119725","2019-02-07 23:54:23","http://kinesiocoach.ae/scan/WZLfd-CL_nEqBbuu-p4Z/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119725/"
-"119724","2019-02-07 23:54:18","http://greencampus.uho.ac.id/wp-content/uploads/En_us/document/Copy_Invoice/8458628/JnzUb-RS5pf_BQHzE-iw/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119724/"
+"119724","2019-02-07 23:54:18","http://greencampus.uho.ac.id/wp-content/uploads/En_us/document/Copy_Invoice/8458628/JnzUb-RS5pf_BQHzE-iw/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119724/"
 "119723","2019-02-07 23:54:13","http://further.tv/EN_en/company/Invoice_Notice/76200356901883/QieXO-su_M-5C/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119723/"
 "119722","2019-02-07 23:54:07","http://freelancer.rs/En/document/Inv/WGEOs-eVev_zKVOmBrNx-C1K/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119722/"
 "119721","2019-02-07 23:54:03","http://fondtomafound.org/wvvw/download/Invoice_Notice/19820688122/RKMFU-cs2cY_uL-3G/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119721/"
@@ -11283,7 +12724,7 @@
 "119713","2019-02-07 23:53:28","http://bmdigital.co.za/xerox/58207245743871/PAMvg-x5HDv_BI-HTU/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119713/"
 "119712","2019-02-07 23:53:22","http://blogg.postvaxel.se/US_us/mhny-eHHD9_AaMdgmpEr-3n/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119712/"
 "119711","2019-02-07 23:53:16","http://bgbg.us/file/NMhx-7cRXi_dqNi-GV/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119711/"
-"119710","2019-02-07 23:53:10","http://altuntuval.com/US/corporation/Invoice_number/KaAPH-xsX_A-9H0/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119710/"
+"119710","2019-02-07 23:53:10","http://altuntuval.com/US/corporation/Invoice_number/KaAPH-xsX_A-9H0/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119710/"
 "119709","2019-02-07 23:53:07","http://alexovicsattila.com/US/Invoice_Notice/cCYZ-u0Io6_NlOVLdS-C9G/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119709/"
 "119708","2019-02-07 23:52:49","https://www.dkstudy.com/vFqZM_JUEiF-gpglV/sw/Clients_Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119708/"
 "119707","2019-02-07 23:52:43","http://www.arizabakim.com/XtoIl_j4-dhIX/nb3/Information/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119707/"
@@ -12093,7 +13534,7 @@
 "118886","2019-02-07 02:11:23","http://kiathongind.com.my/wp-content/themes/WCM010013/js/megnor/admin/jscolor/mxr.pdf","online","malware_download","exe,payload,stage2,Troldesh","https://urlhaus.abuse.ch/url/118886/"
 "118885","2019-02-07 01:59:13","https://unabashed-clothes.000webhostapp.com/Agent/Chrome%20incognit%20history.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/118885/"
 "118884","2019-02-07 01:53:02","http://walemastande.com/view/orderid2341.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/118884/"
-"118883","2019-02-07 01:49:52","http://80.85.157.130:4577/vid.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/118883/"
+"118883","2019-02-07 01:49:52","http://80.85.157.130:4577/vid.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/118883/"
 "118882","2019-02-07 01:36:03","https://lotusconstructiontl.com/wp-content/uploads/updates.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/118882/"
 "118881","2019-02-07 01:30:16","http://www.turbolader.by/wp-content/themes/turbolader/css-components/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/118881/"
 "118880","2019-02-07 01:25:24","http://mcbusaccel.com/info/Inv/386880342120/TpMGn-Fy47_UNQf-Ws/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/118880/"
@@ -12298,7 +13739,7 @@
 "118680","2019-02-06 19:09:13","http://365ia.cf/dhsAy_WlDvR-mvxE/Ey/Transactions_details/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/118680/"
 "118679","2019-02-06 19:09:10","http://6306481-0.alojamiento-web.es/UrjP_9Qi-TPFFVN/J5/Attachments/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/118679/"
 "118678","2019-02-06 19:09:09","http://masjidsolar.nl/igGWm_bI5-HWDuhUkP/78/Clients/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/118678/"
-"118677","2019-02-06 19:09:08","http://clashofclansgems.nl/KdBDK_uem-PCOOcJfU/ejf/Messages/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/118677/"
+"118677","2019-02-06 19:09:08","http://clashofclansgems.nl/KdBDK_uem-PCOOcJfU/ejf/Messages/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/118677/"
 "118676","2019-02-06 19:09:07","http://tocsm.ru/PlRC_ba-vaWbTP/nMV/Transactions_details/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/118676/"
 "118675","2019-02-06 19:09:06","http://hiriazi.ir/vDWx_YVJ1-rKga/31f/Transaction_details/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/118675/"
 "118674","2019-02-06 19:09:03","http://4drakona.ru/PNUr_DqD-jUtu/pAC/Clients_information/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/118674/"
@@ -12742,7 +14183,7 @@
 "118235","2019-02-06 08:25:04","http://banditbars.com/ad.mini","offline","malware_download","Trickbot","https://urlhaus.abuse.ch/url/118235/"
 "118234","2019-02-06 08:24:44","http://atfalanabeebturkey.com/de_DE/KFZMYMV0656206/Scan/Hilfestellung/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/118234/"
 "118233","2019-02-06 08:24:43","http://signalcomtwo.studiosigel.com.br/LATXMC7473245/gescanntes-Dokument/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118233/"
-"118232","2019-02-06 08:24:20","http://monicagranitesandmarbles.com/DE/TTBGKG3648298/Rechnungs/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118232/"
+"118232","2019-02-06 08:24:20","http://monicagranitesandmarbles.com/DE/TTBGKG3648298/Rechnungs/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118232/"
 "118231","2019-02-06 08:24:18","http://mediarox.com/De/VLZVZAJ2068720/Bestellungen/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118231/"
 "118230","2019-02-06 08:24:17","http://clipestan.com/Februar2019/GBBSQP2993984/DE_de/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118230/"
 "118229","2019-02-06 08:24:15","http://gofy-tuinbouw.nl/ACLHLPNI0219285/DE/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118229/"
@@ -12750,7 +14191,7 @@
 "118227","2019-02-06 08:24:13","http://alirabv.nl/DE/YHWLKN8161591/GER/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118227/"
 "118226","2019-02-06 08:24:12","http://pioneerfitting.com/use/gym/bbb.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/118226/"
 "118225","2019-02-06 08:24:08","http://thietkewebwp.com/wp-content/uploads/En_us/Invoice_Notice/032228816834/joWRT-7bc_V-ky/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118225/"
-"118224","2019-02-06 08:24:05","http://altuntuval.com/EN_en/llc/Invoice_number/OTbyQ-smm_naWP-Jhq/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118224/"
+"118224","2019-02-06 08:24:05","http://altuntuval.com/EN_en/llc/Invoice_number/OTbyQ-smm_naWP-Jhq/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118224/"
 "118223","2019-02-06 08:24:04","http://blogg.postvaxel.se/file/Invoice/SJXh-e41Wp_MQYJxqWV-qTP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118223/"
 "118222","2019-02-06 07:57:03","http://villagevideo.com/Dettagli/Forma.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/118222/"
 "118221","2019-02-06 07:45:03","https://uc77d80861348aa70c6f9797c354.dl.dropboxusercontent.com/cd/0/get/Aaxjm8P5iAALtHXynZaJfIaVqyQha9I_AU9r0tbM80thG_uVSJoEVRNNxcsknO1tS-yLj2UJZSeO4HEXCZJMNYjGhbYnCOeUhdIO062pjz-GcA/file?dl=1#","offline","malware_download","xls","https://urlhaus.abuse.ch/url/118221/"
@@ -12964,7 +14405,7 @@
 "118008","2019-02-06 01:05:13","http://paysend.website/flash/adobe_flash.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/118008/"
 "118007","2019-02-06 00:56:05","http://fstd.com.tw/jihad.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/118007/"
 "118006","2019-02-06 00:50:35","http://studiowash.com/wp-content/themes/betheme/assets/animations/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/118006/"
-"118005","2019-02-06 00:50:16","http://xn--80adg3b.net/wp-content/Document.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/118005/"
+"118005","2019-02-06 00:50:16","http://xn--80adg3b.net/wp-content/Document.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/118005/"
 "118004","2019-02-06 00:48:10","http://vektorex.com/source/Z/960741.jpg","offline","malware_download","exe,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/118004/"
 "118003","2019-02-06 00:42:16","http://jessecloudserver.xyz/q/DEffzXxcTr1cryy.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/118003/"
 "118002","2019-02-06 00:40:27","http://studiowash.com/wp-content/themes/betheme/bbpress/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/118002/"
@@ -13220,7 +14661,7 @@
 "117749","2019-02-05 17:38:26","http://bezplatnebadania.martinschulz.sldc.pl/LXgS_828N-xNCkIj/DV/Payment_details/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117749/"
 "117748","2019-02-05 17:38:23","http://acenationalevent.ft.unand.ac.id/KSArVphFPBTi17xl/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117748/"
 "117747","2019-02-05 17:38:19","http://acm.kbtu.kz/p1bgBMnqGoNkh/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117747/"
-"117746","2019-02-05 17:38:15","http://ortotomsk.ru/O1v4nfV216KwNX/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117746/"
+"117746","2019-02-05 17:38:15","http://ortotomsk.ru/O1v4nfV216KwNX/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117746/"
 "117745","2019-02-05 17:38:14","http://jornalirece.com.br/JvPlToR8s4jFukCW1/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117745/"
 "117744","2019-02-05 17:38:11","http://maheshlunchhomeratnagiri.com/H6NW1MVHjhy1lhTXP/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117744/"
 "117743","2019-02-05 17:35:17","http://dcmax.com.br/EN_en/xerox/9558962232308/fJoJ-8bTwS_YQ-nf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/117743/"
@@ -13422,7 +14863,7 @@
 "117546","2019-02-05 13:44:24","http://giaim.org/Bacgw_rffE-kBVGtIY/0wQ/Documents/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117546/"
 "117544","2019-02-05 13:44:23","http://cedraflon.es/YQiB_sxGBH-FsMDrUtL/F6/Transactions_details/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117544/"
 "117545","2019-02-05 13:44:23","https://tischer.ro/XuFHe_C0Q-WIkbUR/4Q/Details/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117545/"
-"117543","2019-02-05 13:44:22","http://oceangate.parkhomes.vn/AKGX_a1dYE-kfKoWVOw/ZfH/Clients_Messages/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117543/"
+"117543","2019-02-05 13:44:22","http://oceangate.parkhomes.vn/AKGX_a1dYE-kfKoWVOw/ZfH/Clients_Messages/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117543/"
 "117542","2019-02-05 13:44:20","http://lightmusic.cocomet-china.com/ll.exe","offline","malware_download","NanoCore,rat","https://urlhaus.abuse.ch/url/117542/"
 "117541","2019-02-05 13:44:16","http://104.248.181.42:8000/static/3017/ddgs.x86_64","online","malware_download","elf","https://urlhaus.abuse.ch/url/117541/"
 "117540","2019-02-05 13:44:12","http://104.248.181.42:8000/static/3017/ddgs.i686","online","malware_download","elf","https://urlhaus.abuse.ch/url/117540/"
@@ -13475,8 +14916,8 @@
 "117494","2019-02-05 10:19:10","http://prax0zma.ru/bash","offline","malware_download","None","https://urlhaus.abuse.ch/url/117494/"
 "117492","2019-02-05 10:19:09","http://185.244.25.98/OwO/Tsunami.mips","offline","malware_download","None","https://urlhaus.abuse.ch/url/117492/"
 "117491","2019-02-05 10:19:09","http://prax0zma.ru/x.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/117491/"
-"117490","2019-02-05 10:19:07","http://r00ts.x398.ml/.o","online","malware_download","None","https://urlhaus.abuse.ch/url/117490/"
-"117489","2019-02-05 10:19:06","http://r00ts.x398.ml/.i","online","malware_download","None","https://urlhaus.abuse.ch/url/117489/"
+"117490","2019-02-05 10:19:07","http://r00ts.x398.ml/.o","offline","malware_download","None","https://urlhaus.abuse.ch/url/117490/"
+"117489","2019-02-05 10:19:06","http://r00ts.x398.ml/.i","offline","malware_download","None","https://urlhaus.abuse.ch/url/117489/"
 "117488","2019-02-05 10:19:05","http://hehe.x86-64.ru/.o","offline","malware_download","None","https://urlhaus.abuse.ch/url/117488/"
 "117486","2019-02-05 10:15:06","http://104.248.181.42:8000/usr/lib/hub/static/3020/ddgs.i686","offline","malware_download","None","https://urlhaus.abuse.ch/url/117486/"
 "117487","2019-02-05 10:15:06","http://104.248.181.42:8000/usr/lib/hub/static/3020/ddgs.x86_64","offline","malware_download","None","https://urlhaus.abuse.ch/url/117487/"
@@ -13626,7 +15067,7 @@
 "117342","2019-02-05 03:50:06","https://docs.wixstatic.com/ugd/73cceb_c17a8f0c9de44cf8893c44fad51c5c48.doc?dn=3m.doc","online","malware_download","Advanced,doc,stage2,UnknownMalware","https://urlhaus.abuse.ch/url/117342/"
 "117341","2019-02-05 03:49:33","http://khaledlakmes.com/wp-content/themes/Avada/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/117341/"
 "117340","2019-02-05 03:49:14","http://merikhagency.com/wp-content/uploads/2018/12/037.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/117340/"
-"117339","2019-02-05 03:35:06","http://www.seraflora.com/DOC/New-invoice-50853365/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/117339/"
+"117339","2019-02-05 03:35:06","http://www.seraflora.com/DOC/New-invoice-50853365/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/117339/"
 "117338","2019-02-05 03:35:05","http://ziziused.com/wp-content/themes/sober/images/options/carts/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/117338/"
 "117337","2019-02-05 03:34:28","https://viswavsp.com/macrowar/yahooozeeee.exe","offline","malware_download","avemaria,exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/117337/"
 "117336","2019-02-05 03:34:24","https://viswavsp.com/macrowar/winwinboy.exe","offline","malware_download","avemaria,exe,payload,stage2","https://urlhaus.abuse.ch/url/117336/"
@@ -13940,7 +15381,7 @@
 "117028","2019-02-04 18:21:51","http://xn----7sbabegkij8byaeq9c3hpc.xn--p1ai/ouRRG_PB0lZ-WaqJmU/pcT/Information/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117028/"
 "117027","2019-02-04 18:21:30","http://v-dom-teplo.ru/VJMa_gx-s/1B/Documents/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117027/"
 "117026","2019-02-04 18:21:24","http://ss7.vzw.com/is/image/VerizonWireless/vz-sig-verizon?$defaultscale$/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/117026/"
-"117025","2019-02-04 18:21:22","http://remavto66.ru/suar_rh-Aw/kC8/Clients/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117025/"
+"117025","2019-02-04 18:21:22","http://remavto66.ru/suar_rh-Aw/kC8/Clients/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117025/"
 "117024","2019-02-04 18:21:17","http://phaplysaigonland.com/TYhaR_cb-EKyVGA/gF/Clients_transactions/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117024/"
 "117023","2019-02-04 18:21:11","http://dolfin.ir/OyaqZ_M7v-LGqv/sY/Transaction_details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117023/"
 "117022","2019-02-04 18:21:06","http://create.place/yQOq_8YMF5-oH/jR/Attachments/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117022/"
@@ -13974,7 +15415,7 @@
 "116994","2019-02-04 17:43:12","http://ooo-severnoe.ru/sxos_AId-jF/9ca/Clients_Messages/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/116994/"
 "116993","2019-02-04 17:43:09","http://myfrigate.ru/WqlX_7z-UbjHuiG/hn/Payment_details/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/116993/"
 "116992","2019-02-04 17:43:07","http://www.seksmag.nl/PtOwh_s41-Shv/sDO/Clients_information/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/116992/"
-"116991","2019-02-04 17:43:03","http://clashofclansgems.nl/InGs_DH-yGcaFf/Eb/Messages/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/116991/"
+"116991","2019-02-04 17:43:03","http://clashofclansgems.nl/InGs_DH-yGcaFf/Eb/Messages/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/116991/"
 "116990","2019-02-04 17:42:17","http://airlife.bget.ru/LTBX_h3DTC-OBPpCJ/Maj/Messages/2019-02/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/116990/"
 "116989","2019-02-04 17:42:16","http://maramaljidi.com/Copy_Invoice/Zwhis-9KK_FfNyiT-KE/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/116989/"
 "116988","2019-02-04 17:42:13","http://helpeducateachild.com/wp-content/uploads/2015/09/temp_f665ae5af25a438cc65458a1f71cca40/company/Inv/paWRe-7owW_lOQz-n4/","offline","malware_download","None","https://urlhaus.abuse.ch/url/116988/"
@@ -14838,7 +16279,7 @@
 "116126","2019-02-02 16:25:09","http://205.185.122.135/nut","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116126/"
 "116125","2019-02-02 16:25:06","http://205.185.122.135/apache2","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116125/"
 "116124","2019-02-02 15:48:03","http://energiisolare.com/includes/languages/english/upload.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116124/"
-"116123","2019-02-02 15:41:03","http://80.85.157.130:4577/last.exe","online","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/116123/"
+"116123","2019-02-02 15:41:03","http://80.85.157.130:4577/last.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/116123/"
 "116122","2019-02-02 15:18:02","http://safekar.online/15XHKBqL9B9_xSn1fL_v41Kq","offline","malware_download","doc","https://urlhaus.abuse.ch/url/116122/"
 "116121","2019-02-02 14:31:05","http://185.62.190.159/mk2","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116121/"
 "116120","2019-02-02 14:31:04","http://185.62.190.159/ar58","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116120/"
@@ -15011,7 +16452,7 @@
 "115953","2019-02-02 05:47:39","http://home.earthlink.net/~craigslane/FedEx-Shipment~label.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115953/"
 "115952","2019-02-02 05:47:38","http://home.earthlink.net/~p3nd3r/Shipping-label.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115952/"
 "115951","2019-02-02 05:47:37","http://home.earthlink.net/~p3nd3r/Shipment~label.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115951/"
-"115950","2019-02-02 05:47:36","http://home.earthlink.net/~banderso1066/e~label.jar","online","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115950/"
+"115950","2019-02-02 05:47:36","http://home.earthlink.net/~banderso1066/e~label.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115950/"
 "115949","2019-02-02 05:47:35","http://home.earthlink.net/~rwhall38/01/3-28-2018.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115949/"
 "115948","2019-02-02 05:47:34","http://home.earthlink.net/~cvaleallen/your-shipping-details.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115948/"
 "115947","2019-02-02 05:47:33","http://home.earthlink.net/~cvaleallen/delivery-report.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115947/"
@@ -15034,8 +16475,8 @@
 "115930","2019-02-02 05:47:10","http://home.earthlink.net/~morrisonb/date/FedEx.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115930/"
 "115929","2019-02-02 05:47:06","http://home.earthlink.net/~pepper12/shipping-label.jar","offline","malware_download","Adwind,jar,java,JBifrost,payload","https://urlhaus.abuse.ch/url/115929/"
 "115928","2019-02-02 05:47:05","http://home.earthlink.net/~pepper12/UPS_invoice.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115928/"
-"115927","2019-02-02 05:47:04","http://home.earthlink.net/~ebony319/ShippingLabel(e-copy).jar","online","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115927/"
-"115926","2019-02-02 05:47:03","http://home.earthlink.net/~palmermusic/1-04-2018.jar","online","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115926/"
+"115927","2019-02-02 05:47:04","http://home.earthlink.net/~ebony319/ShippingLabel(e-copy).jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115927/"
+"115926","2019-02-02 05:47:03","http://home.earthlink.net/~palmermusic/1-04-2018.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115926/"
 "115925","2019-02-02 05:44:01","http://159.203.36.162/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/115925/"
 "115924","2019-02-02 05:43:31","http://159.203.36.162/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/115924/"
 "115923","2019-02-02 05:39:07","http://huhuhu.cf/1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115923/"
@@ -15048,14 +16489,14 @@
 "115916","2019-02-02 05:10:20","http://home.earthlink.net/~timstaacke/ecopy/ecopy.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115916/"
 "115915","2019-02-02 05:10:19","http://home.earthlink.net/~vehanes/12-20-17.jar","online","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115915/"
 "115914","2019-02-02 05:10:18","http://home.earthlink.net/~thfenner/Shipping-label-ecopy.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115914/"
-"115913","2019-02-02 05:10:17","http://home.earthlink.net/~jmzegan/your-order.jar","online","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115913/"
+"115913","2019-02-02 05:10:17","http://home.earthlink.net/~jmzegan/your-order.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115913/"
 "115912","2019-02-02 05:10:16","http://home.earthlink.net/~ncgreen2/E-log.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115912/"
 "115911","2019-02-02 05:10:15","http://home.earthlink.net/~loubill/ups.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115911/"
 "115910","2019-02-02 05:10:14","http://home.earthlink.net/~damturney/invoice/Invoice_05122017_outputCCA6AAF.scr","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115910/"
 "115909","2019-02-02 05:10:13","http://home.earthlink.net/~damturney/specification/invoice04122017_output13026B0.scr","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115909/"
 "115908","2019-02-02 05:10:12","http://home.earthlink.net/~damturney/invoice27112017/Invoice_output68CF6B0.scr","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115908/"
 "115907","2019-02-02 05:10:12","http://home.earthlink.net/~damturney/invoice27112017/newinvoice/invoice_04122017_output7BCA030.scr","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115907/"
-"115906","2019-02-02 05:10:11","http://home.earthlink.net/~craigbayhi/1-9-2018.jar","online","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115906/"
+"115906","2019-02-02 05:10:11","http://home.earthlink.net/~craigbayhi/1-9-2018.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115906/"
 "115905","2019-02-02 05:10:10","http://home.earthlink.net/~flajobs/fedex/ecopy.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115905/"
 "115904","2019-02-02 05:10:08","http://home.earthlink.net/~flajobs/shipment~label.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115904/"
 "115903","2019-02-02 05:10:07","http://home.earthlink.net/~flajobs/e~label.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115903/"
@@ -15206,7 +16647,7 @@
 "115759","2019-02-02 01:44:03","http://80.211.8.182/Okami.x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115759/"
 "115757","2019-02-02 01:44:02","http://80.211.8.182/Okami.mipsel","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115757/"
 "115756","2019-02-02 01:44:02","http://80.211.8.182/Okami.sparc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115756/"
-"115754","2019-02-02 01:42:21","http://45.127.97.4:8081/fseve","offline","malware_download","elf","https://urlhaus.abuse.ch/url/115754/"
+"115754","2019-02-02 01:42:21","http://45.127.97.4:8081/fseve","online","malware_download","elf","https://urlhaus.abuse.ch/url/115754/"
 "115755","2019-02-02 01:42:21","http://80.211.8.182/Okami.mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115755/"
 "115753","2019-02-02 01:42:12","http://45.127.97.4:8081/ls","offline","malware_download","elf","https://urlhaus.abuse.ch/url/115753/"
 "115752","2019-02-02 01:38:09","http://home.earthlink.net/~ersinc/order/order.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115752/"
@@ -15229,7 +16670,7 @@
 "115735","2019-02-02 01:36:19","http://home.earthlink.net/~sherylhagen/usps-shipment-label.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115735/"
 "115734","2019-02-02 01:36:11","http://home.earthlink.net/~sherylhagen/Usps~Label.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115734/"
 "115733","2019-02-02 01:28:12","http://rationalalliance.com/templates/protostar/images/system/chrome.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115733/"
-"115732","2019-02-02 01:27:10","http://home.earthlink.net/~carwashregional/ship/ups~label.jar","online","malware_download","Adwind,jar,java,JBifrost,payload","https://urlhaus.abuse.ch/url/115732/"
+"115732","2019-02-02 01:27:10","http://home.earthlink.net/~carwashregional/ship/ups~label.jar","offline","malware_download","Adwind,jar,java,JBifrost,payload","https://urlhaus.abuse.ch/url/115732/"
 "115731","2019-02-02 01:24:09","http://home.earthlink.net/~mnludvik/1-21-2019.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115731/"
 "115730","2019-02-02 01:22:06","http://home.earthlink.net/~ellenweiss/New_message.jar","offline","malware_download","Adwind,jar,java,payload","https://urlhaus.abuse.ch/url/115730/"
 "115729","2019-02-02 01:21:02","http://noithatnghiakhiet.com/drNS-xAqQT_mUiKGJnx-FcN/InvoiceCodeChanges/EN_en/Past-Due-Invoices","offline","malware_download","doc","https://urlhaus.abuse.ch/url/115729/"
@@ -15295,7 +16736,7 @@
 "115669","2019-02-01 23:55:07","http://center.1team.pro/VYkK_iPT-sETL/yqQ/Attachments/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115669/"
 "115668","2019-02-01 23:48:20","https://www.4sync.com/web/directDownload/DHSPXwcW/lTur99AA.4935b0b05d06c6a0b801341be02e09ed","offline","malware_download","compressed,exe,payload,vbs,zip","https://urlhaus.abuse.ch/url/115668/"
 "115667","2019-02-01 23:48:14","http://51.15.73.212/dashboard/fconnect/authorize/dashboard.db","offline","malware_download","compressed,exe,payload,vbs,zip","https://urlhaus.abuse.ch/url/115667/"
-"115666","2019-02-01 23:20:10","http://saleswork.nl/ojVdu_YXU-cFABzNWf/Nz/Documents/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115666/"
+"115666","2019-02-01 23:20:10","http://saleswork.nl/ojVdu_YXU-cFABzNWf/Nz/Documents/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115666/"
 "115665","2019-02-01 23:20:09","http://mask.studio/ANdD_OQF8-RUS/g3/Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115665/"
 "115664","2019-02-01 23:20:08","http://marcin-wojtynek.pl/Wfbbk_UPY-SUPPphD/tW/Clients_transactions/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115664/"
 "115663","2019-02-01 23:20:06","http://longhauriverside.com.vn/xuSml_HO7-VLCro/HN/Clients_transactions/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115663/"
@@ -15331,7 +16772,7 @@
 "115633","2019-02-01 21:40:09","http://subramfamily.com/boyku/company/Invoice/075677436/mHzCm-o0_SHMduFub-Ay/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115633/"
 "115632","2019-02-01 21:40:06","http://ssearthmovers.in/xerox/Copy_Invoice/GlAYR-xN_BbfKAE-yZ/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115632/"
 "115631","2019-02-01 21:40:04","http://smemy.com/En/doc/Invoice/xlCl-YrThr_vMn-e6/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115631/"
-"115630","2019-02-01 21:40:01","http://oceangate.parkhomes.vn/info/New_invoice/VVKvv-P0z_FN-qq/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115630/"
+"115630","2019-02-01 21:40:01","http://oceangate.parkhomes.vn/info/New_invoice/VVKvv-P0z_FN-qq/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115630/"
 "115629","2019-02-01 21:39:58","http://noithatshop.vn/US_us/file/140304883/POGv-ggJW_wwjH-YL2/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/115629/"
 "115628","2019-02-01 21:39:57","http://nightonline.ru/images/US/llc/Invoice_number/jGgh-U3p_zzsUsmIF-Lbz/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115628/"
 "115627","2019-02-01 21:39:55","http://maximcom.in/En_us/scan/Invoice/fuesH-Vxvfz_HscL-f7U/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115627/"
@@ -15404,7 +16845,7 @@
 "115560","2019-02-01 21:07:07","http://shade-vapedistro.ru/US_us/Invoice/iGquC-B4_JSP-kqb/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115560/"
 "115559","2019-02-01 21:07:06","http://meetbg.com/wp-admin/EN_en/file/bLMz-vD_nouY-9C9/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115559/"
 "115558","2019-02-01 21:07:03","http://dancesportcareers.com/EN_en/xerox/Inv/8536456021/Rsgi-i1nu_FWhdr-vE/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115558/"
-"115557","2019-02-01 20:46:02","http://altuntuval.com/En_us/download/Invoice_Notice/yzwG-H2Qcc_CnESUCWM-YL/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/115557/"
+"115557","2019-02-01 20:46:02","http://altuntuval.com/En_us/download/Invoice_Notice/yzwG-H2Qcc_CnESUCWM-YL/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/115557/"
 "115556","2019-02-01 20:39:05","http://62.34.210.232:45809/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115556/"
 "115555","2019-02-01 20:39:02","http://185.203.116.150/yakuza.sh4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115555/"
 "115554","2019-02-01 20:37:04","http://185.203.116.150/yakuza.ppc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115554/"
@@ -15459,7 +16900,7 @@
 "115505","2019-02-01 19:42:06","http://belyi.ug/eu.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/115505/"
 "115504","2019-02-01 18:34:03","http://www.moh.sk.gov.ng/files/treu.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/115504/"
 "115503","2019-02-01 18:23:09","http://steam-money.ru/load.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115503/"
-"115502","2019-02-01 18:23:07","http://183.99.140.11:20134/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115502/"
+"115502","2019-02-01 18:23:07","http://183.99.140.11:20134/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115502/"
 "115501","2019-02-01 18:23:04","http://46.249.127.224:7849/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115501/"
 "115500","2019-02-01 18:21:06","http://189.18.170.50:23583/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115500/"
 "115499","2019-02-01 18:11:06","http://7-chicken.multishop.co.id/US_us/llc/5534=905732028/qoIo-wyD_plk-4S/","offline","malware_download","doc,emotet,url","https://urlhaus.abuse.ch/url/115499/"
@@ -15701,7 +17142,7 @@
 "115263","2019-02-01 12:05:12","http://www.zxminer.com/miner/download/ZXMiner.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115263/"
 "115262","2019-02-01 12:05:08","http://106.14.42.35:9789/3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115262/"
 "115261","2019-02-01 11:44:08","http://xlv.f3322.net:9789/DhlServer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115261/"
-"115260","2019-02-01 11:31:12","http://jdsoftdados.com.br/TempJD/downloadjd/output/setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115260/"
+"115260","2019-02-01 11:31:12","http://jdsoftdados.com.br/TempJD/downloadjd/output/setup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115260/"
 "115259","2019-02-01 10:53:09","http://177.197.65.8:59130/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115259/"
 "115258","2019-02-01 10:51:04","http://zxminer.com/miner/download/ZXMiner.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115258/"
 "115257","2019-02-01 10:07:01","https://uc442c25e47ad62fb4c380b50e70.dl.dropboxusercontent.com/cd/0/get/AainS270IAVx6wtY2lPMNncn2T4NKzDGquVApHFhWRRoj69fnIPMUiclz9ZOdzndoJy0tougEpfOs51rJ2jFVarcxorXlrmgejg4Ke3Sd8GwAA/file?dl=1#","offline","malware_download","scr,zip","https://urlhaus.abuse.ch/url/115257/"
@@ -15728,9 +17169,9 @@
 "115236","2019-02-01 08:23:04","http://185.222.202.118:80/bins/x86","online","malware_download","elf","https://urlhaus.abuse.ch/url/115236/"
 "115235","2019-02-01 08:23:03","http://168.235.81.176:80/bins/kowai.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/115235/"
 "115234","2019-02-01 08:22:05","http://187.153.80.185:13676/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115234/"
-"115233","2019-02-01 08:15:04","http://sanghyun.nfile.net/files/sanghyun-guest.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115233/"
+"115233","2019-02-01 08:15:04","http://sanghyun.nfile.net/files/sanghyun-guest.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115233/"
 "115232","2019-02-01 08:11:09","http://thelvws.com/Igor/Soft/UltraVNC-102-Setup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115232/"
-"115231","2019-02-01 08:07:09","http://sanghyun.nfile.net/files/sanghyun.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115231/"
+"115231","2019-02-01 08:07:09","http://sanghyun.nfile.net/files/sanghyun.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115231/"
 "115230","2019-02-01 08:07:05","http://proexdra.com/assets/plugindata/poolb/FxPROBOT.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/115230/"
 "115229","2019-02-01 08:03:01","http://209.97.187.164/fwdfvf","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115229/"
 "115228","2019-02-01 08:01:06","http://185.244.25.98/OwO/Tsunami.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/115228/"
@@ -15989,7 +17430,7 @@
 "114961","2019-01-31 23:05:09","http://likecoin.site/AT_T_Online/sR0oVcX7Ck8_9HbyrQ_ooQID/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114961/"
 "114960","2019-01-31 23:05:08","http://a1-incasso.nl/AT_T/9DPpMFtkJT_UrsN3j_xB2lZuMq/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114960/"
 "114959","2019-01-31 23:05:06","http://aranda.su/ATT/iL5_ZIPg5v4_sJj5y/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114959/"
-"114958","2019-01-31 23:05:03","http://monicagranitesandmarbles.com/AT_T_Online/xYnPizviH_AJBFrSDu4_FmjSWN/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114958/"
+"114958","2019-01-31 23:05:03","http://monicagranitesandmarbles.com/AT_T_Online/xYnPizviH_AJBFrSDu4_FmjSWN/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114958/"
 "114957","2019-01-31 22:55:58","http://xn--22-xlchp9ao.xn--p1ai/US/doc/HEFI-CBR_mGsPgefX-ZL/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/114957/"
 "114956","2019-01-31 22:55:56","http://www.pabloteixeira.com/download/Invoice/ucNzO-FNqc6_nkH-TQ/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114956/"
 "114955","2019-01-31 22:55:26","http://www.fenismuratsitesi.com/EN_en/llc/ryquW-2xuK0_BiwhsP-3ay/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114955/"
@@ -16240,7 +17681,7 @@
 "114702","2019-01-31 15:41:06","https://aialogisticsltd.com/wp-content/themes/erzen/css/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114702/"
 "114701","2019-01-31 15:35:15","http://online-printing.c.api-central.net/ATTBusiness/bi8_e0nMBsnnu_EOrfiV61/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114701/"
 "114700","2019-01-31 15:35:10","http://staffkabattle.ru/myATT/4hjYbVkhRo_452JUjB_nOn8bhKx/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114700/"
-"114698","2019-01-31 15:35:05","http://xn--80adg3b.net/kE9_6iaxBF_WWLBR8Mxnu/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114698/"
+"114698","2019-01-31 15:35:05","http://xn--80adg3b.net/kE9_6iaxBF_WWLBR8Mxnu/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114698/"
 "114697","2019-01-31 15:35:04","http://villaprinsenhonk.nl/AT_T/TUx4sK_ltkR6QZG_pkCF4/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114697/"
 "114696","2019-01-31 15:35:03","http://magikmag5.ru/ATT/iuwv5D6eM_MrB7pDIk_vlxNlUb/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114696/"
 "114695","2019-01-31 15:33:06","http://vsochi-park-hotel.ru/HBZNy-7LTa_MhLC-VNN/En/Document-needed/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/114695/"
@@ -16298,7 +17739,7 @@
 "114642","2019-01-31 15:02:02","https://karahlee.com/.nuovoportale/notifica-documentazione-VP17401-BD","offline","malware_download","geofenced,ITA,sLoad,zipped-lnk","https://urlhaus.abuse.ch/url/114642/"
 "114644","2019-01-31 15:02:02","https://techtimesnow.com/.nuovoportale/notifica-documentazione-IL13028-NG","offline","malware_download","geofenced,ITA,sLoad,zipped-lnk","https://urlhaus.abuse.ch/url/114644/"
 "114641","2019-01-31 14:47:11","http://bit-com.info/bana/_notes/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114641/"
-"114640","2019-01-31 14:44:10","http://www.careersatltd.com/wp-content/themes/careersat/library/css/massg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114640/"
+"114640","2019-01-31 14:44:10","http://www.careersatltd.com/wp-content/themes/careersat/library/css/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114640/"
 "114639","2019-01-31 14:41:11","http://wallpapershd.xyz/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114639/"
 "114638","2019-01-31 14:28:11","http://clubmestre.com/BQgHXCngNDO/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/114638/"
 "114637","2019-01-31 14:28:11","http://new-standart-outsourcing.com.ua/9EXmLER4jWqED_P1kz/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/114637/"
@@ -16354,7 +17795,7 @@
 "114586","2019-01-31 13:00:08","https://share.dmca.gripe/1uyCdHGCBWOJumQM.png","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114586/"
 "114584","2019-01-31 12:56:36","https://autolikely.com/wp-content/themes/Divi/lang/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114584/"
 "114583","2019-01-31 12:56:32","http://www.dixo.se/templates/siteground-j15-34/images/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114583/"
-"114582","2019-01-31 12:56:25","http://orhangencebay.gen.tr/templates/rhuk_milkyway/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114582/"
+"114582","2019-01-31 12:56:25","http://orhangencebay.gen.tr/templates/rhuk_milkyway/css/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114582/"
 "114581","2019-01-31 12:56:22","http://caraccessonriesr9.com/aewiklm/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114581/"
 "114580","2019-01-31 12:56:18","http://nienkevanhijum.nl/wp-content/themes/elastico/includes/postformats/single/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114580/"
 "114579","2019-01-31 12:56:17","https://berkje.com/wp-content/themes/berkje/slider/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114579/"
@@ -16389,7 +17830,7 @@
 "114550","2019-01-31 12:53:45","http://alongthelines.com/includes/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114550/"
 "114549","2019-01-31 12:53:42","https://www.insperide.nl/wp-admin/css/colors/blue/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114549/"
 "114548","2019-01-31 12:53:37","http://www.sale-petit-bonhomme.com/wp-content/themes/twentythirteen/languages/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114548/"
-"114547","2019-01-31 12:53:36","http://www.careersatltd.com/wp-content/themes/careersat/library/css/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114547/"
+"114547","2019-01-31 12:53:36","http://www.careersatltd.com/wp-content/themes/careersat/library/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114547/"
 "114546","2019-01-31 12:53:34","http://creativeapparel.co.uk/templates/themza_j15_69/js/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114546/"
 "114545","2019-01-31 12:53:33","http://rheniumsolutions.co.ke/wp-content/themes/oceanwp/inc/customizer/assets/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114545/"
 "114544","2019-01-31 12:52:15","http://portaleconsult.com.br/art.exe","offline","malware_download","Cobalt","https://urlhaus.abuse.ch/url/114544/"
@@ -16438,7 +17879,7 @@
 "114501","2019-01-31 09:09:04","http://ausby.5gbfree.com/shedy/shedy.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114501/"
 "114500","2019-01-31 08:50:02","http://reutero.unsigloconelrealracingclub.com/timcwy/947638","offline","malware_download","zip","https://urlhaus.abuse.ch/url/114500/"
 "114499","2019-01-31 08:48:04","http://reutero.unsigloconelrealracingclub.com/timcwy/31-01-18.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/114499/"
-"114498","2019-01-31 08:48:03","http://hydra100.staroundi.com/thepalm28/csmk2801.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114498/"
+"114498","2019-01-31 08:48:03","http://hydra100.staroundi.com/thepalm28/csmk2801.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114498/"
 "114497","2019-01-31 08:43:02","http://hissuppliesuk.com/docs/test.jar","offline","malware_download","jar","https://urlhaus.abuse.ch/url/114497/"
 "114496","2019-01-31 08:41:03","http://vektorex.com/source/Z/0115257.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114496/"
 "114495","2019-01-31 08:16:18","http://23.95.26.126/dashboard/usama.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/114495/"
@@ -16790,31 +18231,31 @@
 "114070","2019-01-30 19:01:07","http://wstria.jp/uomisj2l/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114070/"
 "114069","2019-01-30 19:01:04","http://antonwilliams.co.za/W9q7TlHg_E2YMAjU_V1NTJziHI/Secure/Business/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114069/"
 "114068","2019-01-30 18:57:07","http://dcfloraldecor.lt/Clients_transactions/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/114068/"
-"114067","2019-01-30 18:54:13","http://168.235.98.135:80/bins/PhantomATM.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114067/"
-"114066","2019-01-30 18:54:09","http://168.235.98.135/bins/PhantomATM.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114066/"
+"114067","2019-01-30 18:54:13","http://168.235.98.135:80/bins/PhantomATM.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114067/"
+"114066","2019-01-30 18:54:09","http://168.235.98.135/bins/PhantomATM.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114066/"
 "114065","2019-01-30 18:54:05","http://157.230.216.122:80/bins/hoho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114065/"
-"114064","2019-01-30 18:52:17","http://168.235.98.135/bins/PhantomATM.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114064/"
+"114064","2019-01-30 18:52:17","http://168.235.98.135/bins/PhantomATM.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114064/"
 "114063","2019-01-30 18:52:13","http://157.230.216.122:80/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114063/"
-"114062","2019-01-30 18:52:09","http://168.235.98.135:80/bins/PhantomATM.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114062/"
-"114061","2019-01-30 18:52:05","http://168.235.98.135/bins/PhantomATM.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114061/"
-"114060","2019-01-30 18:51:11","http://168.235.98.135:80/bins/PhantomATM.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114060/"
+"114062","2019-01-30 18:52:09","http://168.235.98.135:80/bins/PhantomATM.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114062/"
+"114061","2019-01-30 18:52:05","http://168.235.98.135/bins/PhantomATM.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114061/"
+"114060","2019-01-30 18:51:11","http://168.235.98.135:80/bins/PhantomATM.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114060/"
 "114059","2019-01-30 18:51:07","http://157.230.216.122:80/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114059/"
-"114058","2019-01-30 18:50:20","http://168.235.98.135:80/bins/PhantomATM.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114058/"
+"114058","2019-01-30 18:50:20","http://168.235.98.135:80/bins/PhantomATM.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114058/"
 "114057","2019-01-30 18:50:16","http://157.230.216.122:80/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114057/"
-"114056","2019-01-30 18:50:13","http://168.235.98.135/bins/PhantomATM.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114056/"
-"114055","2019-01-30 18:50:09","http://168.235.98.135/bins/PhantomATM.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114055/"
-"114054","2019-01-30 18:50:06","http://168.235.98.135:80/bins/PhantomATM.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114054/"
-"114053","2019-01-30 18:49:05","http://168.235.98.135:80/bins/PhantomATM.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114053/"
+"114056","2019-01-30 18:50:13","http://168.235.98.135/bins/PhantomATM.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114056/"
+"114055","2019-01-30 18:50:09","http://168.235.98.135/bins/PhantomATM.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114055/"
+"114054","2019-01-30 18:50:06","http://168.235.98.135:80/bins/PhantomATM.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114054/"
+"114053","2019-01-30 18:49:05","http://168.235.98.135:80/bins/PhantomATM.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114053/"
 "114052","2019-01-30 18:49:03","http://157.230.216.122/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114052/"
 "114051","2019-01-30 18:38:12","http://lidagamiro.ga/payment%20advice.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/114051/"
-"114050","2019-01-30 18:36:11","http://168.235.98.135/bins/PhantomATM.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114050/"
-"114049","2019-01-30 18:36:07","http://168.235.98.135:80/bins/PhantomATM.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114049/"
+"114050","2019-01-30 18:36:11","http://168.235.98.135/bins/PhantomATM.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114050/"
+"114049","2019-01-30 18:36:07","http://168.235.98.135:80/bins/PhantomATM.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114049/"
 "114048","2019-01-30 18:36:03","http://157.230.216.122:80/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114048/"
 "114047","2019-01-30 18:35:09","http://157.230.216.122:80/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114047/"
 "114046","2019-01-30 18:35:06","http://157.230.216.122:80/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114046/"
-"114045","2019-01-30 18:35:03","http://168.235.98.135:80/bins/PhantomATM.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114045/"
+"114045","2019-01-30 18:35:03","http://168.235.98.135:80/bins/PhantomATM.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114045/"
 "114044","2019-01-30 18:33:23","http://157.230.216.122:80/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114044/"
-"114043","2019-01-30 18:33:22","http://168.235.98.135/bins/PhantomATM.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114043/"
+"114043","2019-01-30 18:33:22","http://168.235.98.135/bins/PhantomATM.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114043/"
 "114042","2019-01-30 18:33:18","http://84.38.133.155/vn/PN14547DF.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/114042/"
 "114041","2019-01-30 18:33:08","http://de.thevoucherstop.com/Clients/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/114041/"
 "114040","2019-01-30 18:22:10","http://84.38.133.155/vn/BB5EBFC50.exe","offline","malware_download","exe,Neurevt","https://urlhaus.abuse.ch/url/114040/"
@@ -16867,7 +18308,7 @@
 "113993","2019-01-30 17:32:14","http://www.bxfwgc.com/soSw-zn7Bd_Eg-dXj/invoices/36822/54416/US/Invoice-Number-118935/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113993/"
 "113992","2019-01-30 17:32:07","http://canhogiaresaigon.net/salamediaz.com/Details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113992/"
 "113991","2019-01-30 17:32:04","http://1flower.by/Clients_Messages/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113991/"
-"113990","2019-01-30 17:20:04","http://168.235.98.135/bins/PhantomATM.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113990/"
+"113990","2019-01-30 17:20:04","http://168.235.98.135/bins/PhantomATM.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113990/"
 "113989","2019-01-30 17:09:05","http://vario-reducer.com/wp-content/bGkoUUavZySGn","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113989/"
 "113988","2019-01-30 17:04:11","http://granpri.info/plugins/hDotX-zyC_KlmqeBMm-Lm/InvoiceCodeChanges/US_us/Invoice-Corrections-for-18/77/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113988/"
 "113987","2019-01-30 17:01:07","http://185.222.201.63/updates/x86_64/acdsee_ol2101_update_11cr32.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113987/"
@@ -16901,7 +18342,7 @@
 "113958","2019-01-30 16:24:15","http://bobin-head.com/vyMNw-3njJp_Bs-k00/invoices/83169/1678/En_us/Open-Past-Due-Orders/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113958/"
 "113957","2019-01-30 16:24:10","http://nightonline.ru/images/9eD_UjK2Rol_ubQbSz3/Organization/Account/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113957/"
 "113956","2019-01-30 16:24:05","http://64.69.83.43/gacl/admin/templates_c/HKFTCW_CVcZyj3_fCHVr1V/Secure/Online/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113956/"
-"113955","2019-01-30 16:18:07","http://168.235.98.135:80/bins/PhantomATM.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113955/"
+"113955","2019-01-30 16:18:07","http://168.235.98.135:80/bins/PhantomATM.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113955/"
 "113954","2019-01-30 16:14:26","http://jawfin.net/jka/jkadmin.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113954/"
 "113953","2019-01-30 16:14:18","http://xmrcgpu.com/XMRCGPU.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113953/"
 "113952","2019-01-30 16:12:14","http://tree.sibcat.info/nik/steps/massg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113952/"
@@ -17197,7 +18638,7 @@
 "113653","2019-01-30 10:57:09","http://weiweinote.com/DE_de/CCPXHYNX2147354/Bestellungen/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113653/"
 "113652","2019-01-30 10:57:08","http://okleika-auto.by/De/XTBHQBRRG9006233/Rechnungs/Fakturierung/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113652/"
 "113651","2019-01-30 10:57:07","http://quynhtienbridal.com/DE/GXVLTRBEA8029006/DE/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113651/"
-"113650","2019-01-30 10:57:03","http://oceangate.parkhomes.vn/DE_de/IWJGTEV2013397/Bestellungen/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113650/"
+"113650","2019-01-30 10:57:03","http://oceangate.parkhomes.vn/DE_de/IWJGTEV2013397/Bestellungen/Rechnungsanschrift/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113650/"
 "113649","2019-01-30 10:57:01","http://kiteletter.com/De_de/UNDQSPULXQ5616462/Rech/Fakturierung/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113649/"
 "113648","2019-01-30 10:56:59","http://sibtransauto-nsk.ru/BPHKNXAG1630253/Rech/RECHNUNG/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113648/"
 "113647","2019-01-30 10:56:58","http://sinhtrac.vn/wp-content/Telekom/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113647/"
@@ -17467,7 +18908,7 @@
 "113383","2019-01-30 03:47:07","http://www.dreferparafusos.com.br/PKvO-HU_UfhskiiI-yp/Southwire/JFU694396545/En_us/Paid-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113383/"
 "113382","2019-01-30 03:47:03","http://talkstolearn.com/NlxE-kJ_UDSBk-dGw/US/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113382/"
 "113381","2019-01-30 03:46:03","http://narkology-vikont.ru/QbZWc-wtM_RgQO-bKT/Southwire/LYW13018896/EN_en/Outstanding-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113381/"
-"113380","2019-01-30 03:40:08","http://hydra100.staroundi.com/ztvbi2274/jsmk2801.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113380/"
+"113380","2019-01-30 03:40:08","http://hydra100.staroundi.com/ztvbi2274/jsmk2801.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113380/"
 "113379","2019-01-30 03:26:03","https://uca57dbf6d27dc01131f01b11f1a.dl.dropboxusercontent.com/cd/0/get/AaXs04wKkTcz_DIhY42ToqgVhky4YaMOpeyLGvQapF6RfTSp0TfXXBF4PhgYU3T9t5ng_jhOIRoPvn4ihKNMKAjd9wcRps2vjJ0hy9F87w_txg/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/113379/"
 "113378","2019-01-30 03:23:32","http://anhhunghaokiet.net/autoupdate/Game.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113378/"
 "113377","2019-01-30 03:23:05","http://193.34.144.131:80/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113377/"
@@ -17808,8 +19249,8 @@
 "113034","2019-01-29 16:17:02","http://194.147.35.54/ankit/os.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113034/"
 "113033","2019-01-29 16:16:05","http://www.thebagforum.com/Dokument_77725_211118728.doc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113033/"
 "113032","2019-01-29 16:16:03","http://194.147.35.54/ankit/os.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113032/"
-"113031","2019-01-29 16:11:03","http://www.shrikailashlogicity.in/AA.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113031/"
-"113030","2019-01-29 16:10:05","http://www.shrikailashlogicity.in/55.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113030/"
+"113031","2019-01-29 16:11:03","http://www.shrikailashlogicity.in/AA.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113031/"
+"113030","2019-01-29 16:10:05","http://www.shrikailashlogicity.in/55.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113030/"
 "113029","2019-01-29 16:09:01","https://files.dropmybin.me/jgccbb.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/113029/"
 "113028","2019-01-29 16:09:01","https://files.dropmybin.me/xykoik.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/113028/"
 "113027","2019-01-29 16:07:03","http://villakaffeebohne.com/scripts/_notes/qwdqdqsadgsdfsf.rar","offline","malware_download","Dridex,Encoded,Task","https://urlhaus.abuse.ch/url/113027/"
@@ -17830,7 +19271,7 @@
 "113012","2019-01-29 15:18:02","http://be.thevoucherstop.com/suFJ_WqXu-jh/lx/Messages/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113012/"
 "113011","2019-01-29 15:17:10","http://the-bombay-summit.000webhostapp.com/wp-content/themes/llorix-one-lite/js/vendor/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113011/"
 "113010","2019-01-29 15:16:03","https://yzzqdz.com/jk.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/113010/"
-"113009","2019-01-29 15:10:13","http://www.shrikailashlogicity.in/XX.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/113009/"
+"113009","2019-01-29 15:10:13","http://www.shrikailashlogicity.in/XX.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/113009/"
 "113008","2019-01-29 15:09:05","http://thebagforum.com/document.pdf.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113008/"
 "113007","2019-01-29 15:03:08","https://my.mixtape.moe/vartac.jpg","offline","malware_download","Formbook","https://urlhaus.abuse.ch/url/113007/"
 "113006","2019-01-29 15:03:05","http://shop.theirishlinenstore.com/bino.png","offline","malware_download","Formbook","https://urlhaus.abuse.ch/url/113006/"
@@ -18162,7 +19603,7 @@
 "112676","2019-01-29 07:14:06","http://185.244.25.98/AB4g5/Cult.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112676/"
 "112675","2019-01-29 07:14:05","http://185.244.25.98/AB4g5/Cult.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112675/"
 "112674","2019-01-29 07:14:04","http://185.244.25.98/AB4g5/Cult.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112674/"
-"112673","2019-01-29 06:57:06","http://212.150.222.45:8152/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/112673/"
+"112673","2019-01-29 06:57:06","http://212.150.222.45:8152/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/112673/"
 "112672","2019-01-29 06:57:02","http://185.244.25.194:80/dwabniduawdbwad/memhoncho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112672/"
 "112671","2019-01-29 06:56:02","http://185.244.25.194/dwabniduawdbwad/memhoncho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112671/"
 "112670","2019-01-29 06:56:01","http://185.244.25.194/dwabniduawdbwad/memhoncho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112670/"
@@ -18545,7 +19986,7 @@
 "112283","2019-01-28 16:42:14","http://noscan.us/Amazon/EN/Clients_transactions/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112283/"
 "112282","2019-01-28 16:42:11","http://noithatshop.vn/Amazon/Transactions-details/012019/","offline","malware_download","None","https://urlhaus.abuse.ch/url/112282/"
 "112281","2019-01-28 16:42:10","http://tisoft.vn/public/Amazon/Clients_Messages/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112281/"
-"112280","2019-01-28 16:42:07","http://altuntuval.com/wp-admin/Amazon/En/Details/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112280/"
+"112280","2019-01-28 16:42:07","http://altuntuval.com/wp-admin/Amazon/En/Details/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112280/"
 "112279","2019-01-28 16:30:27","http://dx74.downyouxi.com/chiseyaosaifczhanche.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112279/"
 "112278","2019-01-28 16:25:05","http://newscommer.com/app/winboxscan-1003-2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112278/"
 "112277","2019-01-28 16:14:06","http://headbuild.info/app/winboxtest.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112277/"
@@ -18948,7 +20389,7 @@
 "111873","2019-01-28 08:27:12","http://54.37.77.56/vi/mpsl.yakuza","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111873/"
 "111872","2019-01-28 08:27:10","http://185.101.105.164/wget","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111872/"
 "111871","2019-01-28 08:27:08","http://79.124.78.82/armv5l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111871/"
-"111870","2019-01-28 08:27:06","http://oceangate.parkhomes.vn/Vodafone/RechnungOnline/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/111870/"
+"111870","2019-01-28 08:27:06","http://oceangate.parkhomes.vn/Vodafone/RechnungOnline/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/111870/"
 "111869","2019-01-28 08:25:40","http://54.37.77.56/vi/sh4.yakuza","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111869/"
 "111868","2019-01-28 08:25:38","http://51.68.172.161/pftp","offline","malware_download","elf,tsunami","https://urlhaus.abuse.ch/url/111868/"
 "111867","2019-01-28 08:25:37","http://206.189.120.191/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111867/"
@@ -19198,7 +20639,7 @@
 "111614","2019-01-27 19:37:03","http://183.110.79.42:8/buffffff.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111614/"
 "111613","2019-01-27 19:29:14","http://ca.posthash.org:443/123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111613/"
 "111612","2019-01-27 19:29:04","http://183.110.79.42:8/445.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111612/"
-"111611","2019-01-27 19:25:06","http://ms.fq520000.com:443/1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111611/"
+"111611","2019-01-27 19:25:06","http://ms.fq520000.com:443/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111611/"
 "111610","2019-01-27 19:22:17","http://jagadishchristian.com/tmp/fbet.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/111610/"
 "111609","2019-01-27 19:22:11","http://amd.alibuf.com:7723/DSP12.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/111609/"
 "111608","2019-01-27 19:18:05","http://dns.fq520000.com:443/9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111608/"
@@ -20269,7 +21710,7 @@
 "110529","2019-01-25 20:57:12","http://baixenoibai24h.com/wBNX-ee4_DLoyeljlC-usD/InvoiceCodeChanges/EN_en/ACH-form/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110529/"
 "110528","2019-01-25 20:57:08","http://ayot.ir/QHKFa-2l6q_GMd-ljW/INVOICE/75844/OVERPAYMENT/EN_en/Past-Due-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110528/"
 "110527","2019-01-25 20:57:03","http://163.172.233.237/mzFL-88_LR-Zkn/ACH/PaymentInfo/En/Paid-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110527/"
-"110526","2019-01-25 20:50:31","http://update-res.100public.com/rwx-init/init_bfb_yingxiaoqqfuzhu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110526/"
+"110526","2019-01-25 20:50:31","http://update-res.100public.com/rwx-init/init_bfb_yingxiaoqqfuzhu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110526/"
 "110525","2019-01-25 20:50:13","http://f915003w.beget.tech/GUNBOT.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110525/"
 "110524","2019-01-25 20:49:23","http://06.bd-pcgame.xiazai24.com/tools/gongju/%E6%B8%B8%E8%BF%85%E7%BD%91_%E6%96%87%E6%98%8E5%EF%BC%9A%E7%BE%8E%E4%B8%BD%E6%96%B0%E4%B8%96%E7%95%8C%E5%85%AD%E9%A1%B9%E4%BF%AE%E6%94%B9%E5%99%A8%E4%BF%AE%E6%AD%A3%E7%89%881.0.3.18.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110524/"
 "110523","2019-01-25 20:48:12","http://manoulaland.com/wp-content/themes/sydney/plugins/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110523/"
@@ -20288,7 +21729,7 @@
 "110509","2019-01-25 19:14:05","http://cididlawfirm.com/wp-snapshots/vxBi-Nj_r-VN/COMET/SIGNS/PAYMENT/NOTIFICATION/01/25/2019/En/Outstanding-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110509/"
 "110508","2019-01-25 19:02:21","http://zmogui.lt/yhVcH-GJUwG_vt-fg/ACH/PaymentAdvice/EN_en/Invoice-for-you/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110508/"
 "110507","2019-01-25 19:02:18","http://turbineblog.ir/deyh-NlkTd_KmhedwOn-93K/INVOICE/En/Open-invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110507/"
-"110506","2019-01-25 19:02:14","http://oceangate.parkhomes.vn/giVC-hS_YOLHdGgAJ-J6/Southwire/ILW69911308/EN_en/Open-invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110506/"
+"110506","2019-01-25 19:02:14","http://oceangate.parkhomes.vn/giVC-hS_YOLHdGgAJ-J6/Southwire/ILW69911308/EN_en/Open-invoices/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110506/"
 "110505","2019-01-25 19:02:10","http://mayphatrasua.com/tIVm-0uC_d-p3l/InvoiceCodeChanges/US/Scan/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110505/"
 "110504","2019-01-25 19:02:05","http://copsnailsanddrinks.fr/QbkXD-Zt_TcFJCv-d1/72962/SurveyQuestionsUS_us/Invoices-attached/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110504/"
 "110503","2019-01-25 18:35:06","http://193.238.47.118/blog/files/2401_2019-01-24_12-52.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110503/"
@@ -20351,7 +21792,7 @@
 "110443","2019-01-25 16:57:03","http://31.184.198.154/bins/qlu.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110443/"
 "110444","2019-01-25 16:57:03","http://31.184.198.154/bins/qlu.arm6","offline","malware_download","None","https://urlhaus.abuse.ch/url/110444/"
 "110442","2019-01-25 16:57:02","http://31.184.198.154/bins/qlu.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110442/"
-"110441","2019-01-25 16:52:48","http://update-res.100public.com/rwx-init/init_baifenbai.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110441/"
+"110441","2019-01-25 16:52:48","http://update-res.100public.com/rwx-init/init_baifenbai.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110441/"
 "110440","2019-01-25 16:51:10","http://mistersanji.com/admin/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110440/"
 "110439","2019-01-25 16:51:06","http://indoxxi.mistersanji.com/.well-known/pki-validation/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110439/"
 "110438","2019-01-25 16:50:07","http://www.biometricsystems.ru/IcGDV-mjWxd_ooO-Hz/INVOICE/91634/OVERPAYMENT/US_us/4-Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110438/"
@@ -20553,7 +21994,7 @@
 "110238","2019-01-25 12:21:16","http://ksviet.com/wp-content/themes/siteorigin-north/woocommerce/cart/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110238/"
 "110237","2019-01-25 12:14:08","http://www.cartomanzia-al-telefono.org/risten.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110237/"
 "110236","2019-01-25 12:14:07","http://down.54nb.com/%D0%E9%C4%E2%BB%FA%BC%EC%B2%E2%B9%A4%BE%DF.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110236/"
-"110235","2019-01-25 12:13:25","http://seyh9.com/wp-content/themes/specia/inc/breadcrumb/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110235/"
+"110235","2019-01-25 12:13:25","http://seyh9.com/wp-content/themes/specia/inc/breadcrumb/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110235/"
 "110234","2019-01-25 12:13:04","http://vpa.lu/wp-content/themes/vp/fonts/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110234/"
 "110233","2019-01-25 12:07:30","http://218.92.218.38/FavriteAdd.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110233/"
 "110232","2019-01-25 12:05:03","http://cartomanzia-al-telefono.org/risten.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110232/"
@@ -20629,7 +22070,7 @@
 "110162","2019-01-25 11:26:05","http://formettic.be/jeuxepn/apprendresouris/dragdrop.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110162/"
 "110161","2019-01-25 11:24:04","https://bestcontrol.at/sqlite.dll","online","malware_download","exe","https://urlhaus.abuse.ch/url/110161/"
 "110160","2019-01-25 11:18:02","http://gamedoithe.net/meta/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110160/"
-"110159","2019-01-25 11:17:24","http://seyh9.com/wp-content/themes/specia/templates/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110159/"
+"110159","2019-01-25 11:17:24","http://seyh9.com/wp-content/themes/specia/templates/mxr.pdf","online","malware_download","exe","https://urlhaus.abuse.ch/url/110159/"
 "110158","2019-01-25 11:17:03","http://e-vel.by/themes/bartik/color/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110158/"
 "110157","2019-01-25 11:15:10","http://drrozinaakter.com/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110157/"
 "110156","2019-01-25 11:15:08","http://vpa.lu/wp-content/themes/vp/fonts/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110156/"
@@ -20751,7 +22192,7 @@
 "110031","2019-01-25 02:57:15","http://lartisto-cocina.com/wp-content/themes/oceanwp/templates/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110031/"
 "110030","2019-01-25 02:57:12","http://up.ksbao.com/updateKSBD/UpdateFiles/app/testupdata/5.2/ExamBible201405324.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110030/"
 "110029","2019-01-25 02:46:06","http://mortest.ug/3.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/110029/"
-"110028","2019-01-25 02:27:32","http://update-res.100public.com/rwx-init/init_bfb_caiji.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110028/"
+"110028","2019-01-25 02:27:32","http://update-res.100public.com/rwx-init/init_bfb_caiji.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110028/"
 "110027","2019-01-25 02:23:03","http://fristpolychem.download/mods/info1.exe","offline","malware_download","Formbook","https://urlhaus.abuse.ch/url/110027/"
 "110026","2019-01-25 02:22:03","https://docs.google.com/uc?id=1q4wYe0iCIJcfgZ-iJKAp6kl2SwWaRCxS","online","malware_download","IcedID,Macro-doc","https://urlhaus.abuse.ch/url/110026/"
 "110025","2019-01-25 02:12:03","http://40.121.158.163/sniff","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/110025/"
@@ -20791,7 +22232,7 @@
 "109985","2019-01-25 00:47:09","http://electricam.by/templates/electrica/html/com_contact/category/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109985/"
 "109984","2019-01-25 00:47:06","http://bdcarezone.com/wp-content/themes/theshop/page-templates/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109984/"
 "109983","2019-01-25 00:47:01","http://cosmictv.xyz/wp-content/ai1wm-backups/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109983/"
-"109982","2019-01-25 00:45:29","http://quatanggiaminh.com/wp-content/themes/thv/css/admin/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109982/"
+"109982","2019-01-25 00:45:29","http://quatanggiaminh.com/wp-content/themes/thv/css/admin/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109982/"
 "109981","2019-01-25 00:45:21","http://shly.fsygroup.com/flvplayer/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109981/"
 "109980","2019-01-25 00:45:15","http://itcomputernarsingdi.com/wp-content/themes/astra/inc/assets/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109980/"
 "109979","2019-01-25 00:45:10","http://shly.fsygroup.com/aspnet_client/system_web/4_0_30319/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109979/"
@@ -20800,13 +22241,13 @@
 "109976","2019-01-25 00:42:07","http://5techexplore.com/wp-content/themes/betheme/betheme/css/skins/blue/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109976/"
 "109975","2019-01-25 00:42:04","http://empresasmudanzaszaragoza.com.es/fonts/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109975/"
 "109974","2019-01-25 00:41:14","http://59.126.40.253:64130/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109974/"
-"109973","2019-01-25 00:41:09","http://82.166.24.224:4197/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109973/"
+"109973","2019-01-25 00:41:09","http://82.166.24.224:4197/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109973/"
 "109972","2019-01-25 00:41:05","http://220.70.183.53:56657/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109972/"
 "109971","2019-01-25 00:40:05","http://217.139.86.228:13546/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109971/"
 "109970","2019-01-25 00:40:03","http://barondigital.com/ketoultra/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109970/"
 "109969","2019-01-25 00:39:10","http://eurotnetshop.com/wp-content/themes/Nikikala/languages/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109969/"
 "109968","2019-01-25 00:25:05","http://systemnet.work/wp-content/themes/Newspaper/images/demo/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109968/"
-"109967","2019-01-25 00:24:12","http://thuytienacademy.com/wp-content/themes/generatepress/css/admin/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109967/"
+"109967","2019-01-25 00:24:12","http://thuytienacademy.com/wp-content/themes/generatepress/css/admin/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109967/"
 "109966","2019-01-25 00:24:08","http://shly.fsygroup.com/wp-content/themes/whiteangel/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109966/"
 "109965","2019-01-25 00:24:04","http://rulamart.com/wp-content/plugins/akismet/_inc/img/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109965/"
 "109964","2019-01-25 00:22:38","http://barondigital.com/purefitketo/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109964/"
@@ -20816,9 +22257,9 @@
 "109960","2019-01-25 00:21:09","http://5techexplore.com/wp-content/themes/betheme/betheme/css/skins/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109960/"
 "109959","2019-01-25 00:21:07","http://cosmictv.xyz/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109959/"
 "109958","2019-01-25 00:21:07","http://khicongnghiepvn.com/wp-content/themes/flash/js/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109958/"
-"109957","2019-01-25 00:19:13","http://quatanggiaminh.com/wp-content/themes/thv/js/admin/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109957/"
-"109956","2019-01-25 00:19:11","http://quatanggiaminh.com/wp-content/themes/thv/css/admin/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109956/"
-"109955","2019-01-25 00:19:06","http://thuytienacademy.com/wp-content/themes/generatepress/css/admin/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109955/"
+"109957","2019-01-25 00:19:13","http://quatanggiaminh.com/wp-content/themes/thv/js/admin/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109957/"
+"109956","2019-01-25 00:19:11","http://quatanggiaminh.com/wp-content/themes/thv/css/admin/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109956/"
+"109955","2019-01-25 00:19:06","http://thuytienacademy.com/wp-content/themes/generatepress/css/admin/zinf.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109955/"
 "109954","2019-01-25 00:18:09","http://shly.fsygroup.com/mysql_backup/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109954/"
 "109953","2019-01-25 00:18:05","http://shly.fsygroup.com/wp-content/themes/whiteangel/videos/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109953/"
 "109952","2019-01-25 00:18:00","http://bellepiscine.net/wp-content/themes/bellepiscine/img/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109952/"
@@ -20836,7 +22277,7 @@
 "109940","2019-01-24 23:56:18","http://yonedasalon.com/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109940/"
 "109939","2019-01-24 23:56:10","http://shly.fsygroup.com/mobile/config/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109939/"
 "109938","2019-01-24 23:55:13","http://ismailbeezhimagar.com/wp-content/themes/Divi/core/admin/css/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109938/"
-"109937","2019-01-24 23:55:06","http://thuytienacademy.com/wp-content/themes/generatepress/inc/customizer/controls/css/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109937/"
+"109937","2019-01-24 23:55:06","http://thuytienacademy.com/wp-content/themes/generatepress/inc/customizer/controls/css/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109937/"
 "109936","2019-01-24 23:45:55","http://satpolpp.balangankab.go.id/uBso-tYYCc_vz-EWF/invoices/7550/27490/US/Paid-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109936/"
 "109935","2019-01-24 23:45:50","http://privateinvestigatormiamibeach.com/ZtmEf-iqVJ_TR-FG/EN_en/Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109935/"
 "109934","2019-01-24 23:45:48","http://pos.vi-bus.com/UnzH-OGGwO_RnguWpC-nso/INVOICE/En_us/Companies-Invoice-8939908/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109934/"
@@ -20971,7 +22412,7 @@
 "109801","2019-01-24 20:06:08","http://famtripsandinspectionvisits.com/bLCb-lI9Wo_Bzf-yoy/ACH/PaymentInfo/US_us/Scan/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109801/"
 "109800","2019-01-24 20:06:04","http://eswardentalclinic.com/WCAU-xIi3F_WYV-yR/COMET/SIGNS/PAYMENT/NOTIFICATION/01/24/2019/US/Invoices-Overdue/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109800/"
 "109799","2019-01-24 20:05:08","http://adobedetails.cf/xfile/yaskream.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/109799/"
-"109798","2019-01-24 20:04:03","http://92.63.197.153/2.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/109798/"
+"109798","2019-01-24 20:04:03","http://92.63.197.153/2.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/109798/"
 "109797","2019-01-24 20:00:07","http://old.decani.ru/file/aspc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/109797/"
 "109796","2019-01-24 19:43:24","http://noscan.us/MAMp-2aWNR_vC-IGr/94136/SurveyQuestionsUS_us/Overdue-payment/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109796/"
 "109795","2019-01-24 19:43:21","http://numlian.com/nHGU-jAgoQ_a-GTN/Inv/04109288952/EN_en/Invoices-Overdue/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109795/"
@@ -21201,12 +22642,12 @@
 "109568","2019-01-24 19:02:51","http://studentloans.credezen.com/wp-includes/ID3/ssj.jpg","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109568/"
 "109567","2019-01-24 19:02:47","http://cedartreegroup.com/wp-content/themes/the-unknown/bootstrap/css/ssj.jpg","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109567/"
 "109566","2019-01-24 19:02:45","http://fevzihoca.com.tr/img/Subeler/akcaabatsube/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109566/"
-"109565","2019-01-24 19:02:42","http://elitegrowth.net/wp-includes/ID3/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109565/"
+"109565","2019-01-24 19:02:42","http://elitegrowth.net/wp-includes/ID3/ssj.jpg","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109565/"
 "109564","2019-01-24 19:02:40","http://bedroomcritic.com/wp-content/themes/generatepress/js/admin/ssj.jpg","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109564/"
 "109563","2019-01-24 19:02:37","http://yongrupresidence.com/cache/com_templates/templates/flex/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109563/"
 "109562","2019-01-24 19:02:35","http://cellulosic.logicalatdemo.co.in/.well-known/pki-validation/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109562/"
 "109561","2019-01-24 19:02:33","https://kobac-yamato.com/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109561/"
-"109560","2019-01-24 19:02:27","https://thuytienacademy.com/wp-content/themes/generatepress/fonts/sserv.jpg","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109560/"
+"109560","2019-01-24 19:02:27","https://thuytienacademy.com/wp-content/themes/generatepress/fonts/sserv.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109560/"
 "109559","2019-01-24 19:02:22","https://motioncrane.net/wp-content/themes/flatsome/woocommerce/back-comp/cart/sserv.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109559/"
 "109558","2019-01-24 19:02:21","https://www.una-studios.com/wp-content/themes/business-startup/assets/images/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109558/"
 "109557","2019-01-24 19:02:16","https://truongdayhoclaixe.edu.vn/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109557/"
@@ -21538,7 +22979,7 @@
 "109224","2019-01-24 09:52:29","http://mvidl.site/wp-content/themes/dooplay/assets/admin/assets/css/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109224/"
 "109223","2019-01-24 09:52:23","http://scjelah.com/wp-includes/ID3/mxr.pdf","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109223/"
 "109222","2019-01-24 09:52:17","http://diota-ar.com/.well-known/acme-challenge/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109222/"
-"109221","2019-01-24 09:52:14","http://air-team-service.com/wp-content/languages/plugins/mxr.pdf","online","malware_download","exe","https://urlhaus.abuse.ch/url/109221/"
+"109221","2019-01-24 09:52:14","http://air-team-service.com/wp-content/languages/plugins/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109221/"
 "109220","2019-01-24 09:49:12","http://blogs.sokun.jp/DE_de/TEJQSYF3366492/GER/Rechnungszahlung/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/109220/"
 "109219","2019-01-24 09:45:10","http://xn----htbybfcxh3h.xn--p1ai/bin/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109219/"
 "109218","2019-01-24 09:44:40","http://eurotnetshop.com/wp-content/themes/Nikikala/dokan/global/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109218/"
@@ -21577,7 +23018,7 @@
 "109185","2019-01-24 07:43:37","http://185.244.25.241/powerpc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109185/"
 "109184","2019-01-24 07:42:32","http://185.244.25.241/mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109184/"
 "109183","2019-01-24 07:41:20","http://185.244.25.241/armv5l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109183/"
-"109182","2019-01-24 07:40:32","http://185.244.25.176/bins/kwari.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109182/"
+"109182","2019-01-24 07:40:32","http://185.244.25.176/bins/kwari.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109182/"
 "109181","2019-01-24 07:38:03","http://185.244.25.241/sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109181/"
 "109180","2019-01-24 07:38:02","http://185.244.25.241/mipsel","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109180/"
 "109179","2019-01-24 07:37:02","http://185.244.25.241/i586","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109179/"
@@ -21601,13 +23042,13 @@
 "109135","2019-01-24 07:26:33","http://ccyqgdy.gq/wp-admin/VxpBz-vP_w-HmL/US_us/Scan/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109135/"
 "109134","2019-01-24 07:26:17","http://ceexpress.ca/Clients/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109134/"
 "109130","2019-01-24 07:26:06","http://autosarir.ir/qWFB-n4_xJMF-HYY/8930060/SurveyQuestionsUS_us/Need-to-send-the-attachment/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109130/"
-"109129","2019-01-24 07:26:02","http://185.244.25.176/bins/kwari.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109129/"
-"109128","2019-01-24 07:24:16","http://185.244.25.176/bins/kwari.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109128/"
-"109127","2019-01-24 07:24:15","http://185.244.25.176/bins/kwari.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109127/"
-"109126","2019-01-24 07:24:14","http://185.244.25.176/bins/kwari.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109126/"
-"109125","2019-01-24 07:24:10","http://185.244.25.176/bins/kwari.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109125/"
-"109123","2019-01-24 07:24:02","http://185.244.25.176/bins/kwari.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109123/"
-"109124","2019-01-24 07:24:02","http://185.244.25.176/bins/kwari.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109124/"
+"109129","2019-01-24 07:26:02","http://185.244.25.176/bins/kwari.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109129/"
+"109128","2019-01-24 07:24:16","http://185.244.25.176/bins/kwari.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109128/"
+"109127","2019-01-24 07:24:15","http://185.244.25.176/bins/kwari.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109127/"
+"109126","2019-01-24 07:24:14","http://185.244.25.176/bins/kwari.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109126/"
+"109125","2019-01-24 07:24:10","http://185.244.25.176/bins/kwari.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109125/"
+"109123","2019-01-24 07:24:02","http://185.244.25.176/bins/kwari.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109123/"
+"109124","2019-01-24 07:24:02","http://185.244.25.176/bins/kwari.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109124/"
 "109122","2019-01-24 07:22:02","http://mohammadishmam.com/wp-includes/AvCJonsPUZBl4k/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109122/"
 "109121","2019-01-24 07:17:23","http://synesius17.com/lCLTTSU/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/109121/"
 "109120","2019-01-24 07:17:18","http://trumpfalls.com/xwNBy6o4Dt/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/109120/"
@@ -21615,14 +23056,14 @@
 "109118","2019-01-24 07:17:11","http://underkits.com/TNVqFVZlX/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/109118/"
 "109117","2019-01-24 07:17:07","http://tpulmano.com/l19wwjS/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/109117/"
 "109116","2019-01-24 07:15:06","http://takenpaybd.com/Messages/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109116/"
-"109115","2019-01-24 06:58:03","http://185.244.25.176/bins/kwari.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109115/"
+"109115","2019-01-24 06:58:03","http://185.244.25.176/bins/kwari.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109115/"
 "109114","2019-01-24 06:56:11","http://185.244.25.241/armv7l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109114/"
 "109113","2019-01-24 06:56:10","http://157.230.60.248/lnkfmx","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/109113/"
 "109112","2019-01-24 06:56:07","http://157.230.60.248/nvitpj","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/109112/"
 "109111","2019-01-24 06:56:04","http://185.244.25.241/x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109111/"
-"109110","2019-01-24 06:55:09","http://185.244.25.176/bins/kwari.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109110/"
+"109110","2019-01-24 06:55:09","http://185.244.25.176/bins/kwari.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109110/"
 "109109","2019-01-24 06:55:08","http://157.230.60.248/razdzn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/109109/"
-"109108","2019-01-24 06:53:04","http://185.244.25.176/bins/kwari.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109108/"
+"109108","2019-01-24 06:53:04","http://185.244.25.176/bins/kwari.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109108/"
 "109107","2019-01-24 06:53:02","http://185.244.25.241/armv6l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109107/"
 "109105","2019-01-24 06:52:08","http://185.244.25.241/armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109105/"
 "109106","2019-01-24 06:52:08","http://185.244.25.241/sparc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109106/"
@@ -21949,7 +23390,7 @@
 "108777","2019-01-23 19:22:16","http://www.smefood.com/muON-7y_QChNJCfv-D8A/InvoiceCodeChanges/En_us/Invoice-receipt/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108777/"
 "108776","2019-01-23 19:22:04","http://satstore.kz/KXLC-6VZ_r-IyL/EXT/PaymentStatus/En/Invoices-Overdue/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108776/"
 "108775","2019-01-23 19:06:33","http://earnbdt.com/wp-content/themes/martfury/wc-vendors/front/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108775/"
-"108774","2019-01-23 19:06:26","http://xzc.198424.com/wrar56b5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108774/"
+"108774","2019-01-23 19:06:26","http://xzc.198424.com/wrar56b5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108774/"
 "108773","2019-01-23 19:01:16","http://microsoftpro.dns-report.com/host/162.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108773/"
 "108772","2019-01-23 19:01:08","http://139.180.195.93/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108772/"
 "108771","2019-01-23 19:01:04","http://139.180.195.93/bins/hoho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108771/"
@@ -21974,7 +23415,7 @@
 "108752","2019-01-23 18:59:55","http://206.189.229.119/yakuza.sh4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108752/"
 "108751","2019-01-23 18:59:52","http://206.189.229.119/yakuza.mpsl","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108751/"
 "108750","2019-01-23 18:59:44","http://206.189.229.119/yakuza.mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108750/"
-"108749","2019-01-23 18:59:41","http://jeponautoparts.ru/opuba/unit.exe","online","malware_download","smokeloader","https://urlhaus.abuse.ch/url/108749/"
+"108749","2019-01-23 18:59:41","http://jeponautoparts.ru/opuba/unit.exe","offline","malware_download","smokeloader","https://urlhaus.abuse.ch/url/108749/"
 "108748","2019-01-23 18:59:33","https://kobac-shizuoka01.com/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/108748/"
 "108747","2019-01-23 18:59:22","http://grupoasesoria.coazgt.com/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/108747/"
 "108746","2019-01-23 18:59:12","http://semestr.by/cache/mod_sp_smart_slider/ssj.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/108746/"
@@ -22175,7 +23616,7 @@
 "108550","2019-01-23 15:09:04","http://riaztex.com/update/file.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/108550/"
 "108549","2019-01-23 15:09:03","http://adambenny.org/wp-content/themes/god-grace/languages/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108549/"
 "108548","2019-01-23 15:08:06","http://wakalad.com/safe_download/741326/speedownloader.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108548/"
-"108547","2019-01-23 15:08:04","https://shrikailashlogicity.in/jupiteri.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/108547/"
+"108547","2019-01-23 15:08:04","https://shrikailashlogicity.in/jupiteri.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/108547/"
 "108546","2019-01-23 15:06:21","http://test.flyingsteel.com/MVXd8Eic6/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108546/"
 "108545","2019-01-23 15:06:16","http://kadinveyasam.org/FJzoe10vel/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108545/"
 "108544","2019-01-23 15:06:12","http://trehoadatoanthan.net/9nz3IWjX/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108544/"
@@ -22210,7 +23651,7 @@
 "108511","2019-01-23 14:44:06","http://north-bear.ru/SLiZjYZC4ZYAVon/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/108511/"
 "108510","2019-01-23 14:44:05","http://gencbafralilar.com/wp-admin/css/MSTealncf2Y_JI/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/108510/"
 "108509","2019-01-23 14:44:04","http://www.imarketsforextrading.com/vpFtztlmbWLmXZWL/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/108509/"
-"108508","2019-01-23 14:42:04","http://computerwiz.cc/remote/Mobile.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108508/"
+"108508","2019-01-23 14:42:04","http://computerwiz.cc/remote/Mobile.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108508/"
 "108507","2019-01-23 14:41:10","http://www.pargahome.com/wp-admin/css/colors/blue/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108507/"
 "108506","2019-01-23 14:39:07","http://www.wins-power.com/wxRm-lj_LNY-PCo/ACH/PaymentAdvice/EN_en/Need-to-send-the-attachment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108506/"
 "108505","2019-01-23 14:39:06","http://lokanou.webinview.com/DE_de/UTHOJAQ3035981/DE_de/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108505/"
@@ -22220,7 +23661,7 @@
 "108501","2019-01-23 14:37:05","http://burasiaksaray.com/assets/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108501/"
 "108500","2019-01-23 14:31:01","http://www.trainforcare.co.uk/iXEx-Uv_uPpf-la/PaymentStatus/EN_en/Invoices-Overdue/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/108500/"
 "108499","2019-01-23 14:30:03","http://uborka-snega.spectehnika.novosibirsk.ru/Messages/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108499/"
-"108498","2019-01-23 14:28:04","http://www.computerwiz.cc/remote/Mobile.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108498/"
+"108498","2019-01-23 14:28:04","http://www.computerwiz.cc/remote/Mobile.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108498/"
 "108497","2019-01-23 14:26:15","http://globallegacyfreight.com/wp-content/themes/enfold/config-events-calendar/views/pro/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108497/"
 "108496","2019-01-23 14:26:11","http://www.topstick.co.kr/wp-content/uploads/Transactions/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108496/"
 "108495","2019-01-23 14:26:07","http://www.kottadickal.org/Messages/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108495/"
@@ -22387,7 +23828,7 @@
 "108334","2019-01-23 11:23:37","http://web63.s150.goserver.host/Januar2019/AGTJPOD8031288/Rechnung/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108334/"
 "108333","2019-01-23 11:23:36","http://subramfamily.com/boyku/DE/EWIRRF5937200/GER/Rechnungszahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108333/"
 "108332","2019-01-23 11:23:34","http://dirc-madagascar.ru/DE/WLXQKGW2476670/de/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108332/"
-"108331","2019-01-23 11:23:31","http://oceangate.parkhomes.vn/DE_de/VTGQADYH2100711/Rechnungs-Details/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108331/"
+"108331","2019-01-23 11:23:31","http://oceangate.parkhomes.vn/DE_de/VTGQADYH2100711/Rechnungs-Details/RECHNUNG/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108331/"
 "108330","2019-01-23 11:23:28","https://gtp.usgtf.com/De_de/KZNMTLEYOJ6696163/Bestellungen/Zahlungserinnerung/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/108330/"
 "108329","2019-01-23 11:23:27","http://millennialsberkarya.com/wp-admin/de_DE/WUCHZZ6988312/Scan/Zahlung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108329/"
 "108328","2019-01-23 11:23:24","http://www.petroc.org.tw/Januar2019/UKXFADDS6748715/DE_de/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108328/"
@@ -22574,7 +24015,7 @@
 "108131","2019-01-23 09:36:02","http://142.93.168.40/ntpd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108131/"
 "108130","2019-01-23 09:34:02","http://142.93.168.40/openssh","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108130/"
 "108129","2019-01-23 09:28:03","https://dropmyb.in/f/wjlqhm.jpg","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/108129/"
-"108128","2019-01-23 09:24:04","http://www.shrikailashlogicity.in/33.exe","online","malware_download","#malware,Formbook","https://urlhaus.abuse.ch/url/108128/"
+"108128","2019-01-23 09:24:04","http://www.shrikailashlogicity.in/33.exe","offline","malware_download","#malware,Formbook","https://urlhaus.abuse.ch/url/108128/"
 "108127","2019-01-23 09:19:07","http://180.76.114.169:8081/Yuming","offline","malware_download","ddos,elf","https://urlhaus.abuse.ch/url/108127/"
 "108126","2019-01-23 09:14:02","http://198.167.140.146/yakuza.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108126/"
 "108125","2019-01-23 09:09:03","http://dotshopify.com/wp-includes/ID3/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108125/"
@@ -22811,7 +24252,7 @@
 "107893","2019-01-23 05:32:10","https://noithatshop.vn/EgUmS-0Kmb7_lrQlB-QiP/Ref/2245560680US_us/Sales-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107893/"
 "107892","2019-01-23 05:32:03","https://mandrillapp.com/track/click/30891409/saffroniran.org?p=eyJzIjoiSGpiVWlQRGk5RnBKRTN3VmxxX0QxTnpRczh3IiwidiI6MSwicCI6IntcInVcIjozMDg5MTQwOSxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvc2FmZnJvbmlyYW4ub3JnXFxcL0VMSHpzLUloS194YnV0RS12U0tcXFwvRU5fZW5cXFwvU2VydmljZS1SZXBvcnQtNjEzOFwiLFwiaWRcIjpcImY3NTM1MGMzYmEzNjQ2ZTFiMDdlNTAyMTM5ODVlYzVhXCIsXCJ1cmxfaWRzXCI6W1wiYmQ2NDNjNDgzMWY2YzQ4M2UxMTUyNmJhMzAwNmVhNjhkYTEwZWVmZlwiXX0ifQ/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/107892/"
 "107889","2019-01-23 05:20:06","http://gulfclouds.site/cp/ok/oki.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107889/"
-"107888","2019-01-23 05:18:05","http://shrikailashlogicity.in/33.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/107888/"
+"107888","2019-01-23 05:18:05","http://shrikailashlogicity.in/33.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/107888/"
 "107887","2019-01-23 05:10:08","http://loygf-33.ml/yuio/ebu.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/107887/"
 "107886","2019-01-23 04:54:05","https://telegrainformatics.com/wp-admin-tmp/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107886/"
 "107885","2019-01-23 04:42:08","https://kemmypham.com/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107885/"
@@ -22875,12 +24316,12 @@
 "107826","2019-01-23 00:19:10","http://hataydaskebap.com/wp-admin/css/colors/blue/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107826/"
 "107825","2019-01-23 00:13:22","http://cfs11.planet.daum.net/upload_control/pcp_download.php?fhandle=M3VmMHhAZnMxMS5wbGFuZXQuZGF1bS5uZXQ6LzExNTYzODMvMC82NC5leGU=&amp","online","malware_download","exe","https://urlhaus.abuse.ch/url/107825/"
 "107824","2019-01-23 00:08:07","http://bepcuicaitien.com/wp-content/themes/flatsome/languages/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107824/"
-"107823","2019-01-23 00:07:12","http://konjacteaturkiye.com/wp-admin/css/colors/blue/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107823/"
-"107822","2019-01-23 00:07:10","http://pds36.cafe.daum.net/attach/4/cafe/2007/04/28/19/53/46332745e43fc&.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107822/"
+"107823","2019-01-23 00:07:12","http://konjacteaturkiye.com/wp-admin/css/colors/blue/zinf.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107823/"
+"107822","2019-01-23 00:07:10","http://pds36.cafe.daum.net/attach/4/cafe/2007/04/28/19/53/46332745e43fc&.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107822/"
 "107821","2019-01-23 00:06:13","http://cfs11.planet.daum.net/upload_control/pcp_download.php?fhandle=M3VmMHhAZnMxMS5wbGFuZXQuZGF1bS5uZXQ6LzExNTYzODMvMC82NC5leGU=&filename=64.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107821/"
 "107820","2019-01-23 00:06:03","http://nanomineraller.com/wp-admin/css/colors/blue/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107820/"
-"107819","2019-01-23 00:05:04","http://nanokesif.com/wp-content/languages/plugins/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107819/"
-"107818","2019-01-22 23:57:13","http://cfs9.tistory.com/upload_control/download.blog?fhandle=YmxvZzE3MTk1M0BmczkudGlzdG9yeS5jb206L2F0dGFjaC8wLzI1LmV4ZQ%3D%3D&amp","online","malware_download","exe","https://urlhaus.abuse.ch/url/107818/"
+"107819","2019-01-23 00:05:04","http://nanokesif.com/wp-content/languages/plugins/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107819/"
+"107818","2019-01-22 23:57:13","http://cfs9.tistory.com/upload_control/download.blog?fhandle=YmxvZzE3MTk1M0BmczkudGlzdG9yeS5jb206L2F0dGFjaC8wLzI1LmV4ZQ%3D%3D&amp","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107818/"
 "107817","2019-01-22 23:47:04","http://nanomineraller.com/wp-admin/css/colors/blue/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107817/"
 "107816","2019-01-22 23:46:21","http://cfs9.tistory.com/upload_control/download.blog?fhandle=YmxvZzE3MTk1M0BmczkudGlzdG9yeS5jb206L2F0dGFjaC8wLzI1LmV4ZQ==&filename=update_51plugins_2008-05-24.part01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107816/"
 "107815","2019-01-22 23:39:24","http://hophophop.pw/startlaunch.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107815/"
@@ -23756,7 +25197,7 @@
 "106920","2019-01-22 07:20:03","http://st-medical.pl/wp-content/themes/divi-4/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106920/"
 "106919","2019-01-22 07:14:03","http://st-medical.pl/wp-content/themes/divi-4/css/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106919/"
 "106918","2019-01-22 07:13:03","http://dreamzshop.xyz/wp-content/themes/shopline/template/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106918/"
-"106917","2019-01-22 07:12:05","http://www.worldlinkaddress.com/rgrtgtd/kjfdjjh.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106917/"
+"106917","2019-01-22 07:12:05","http://www.worldlinkaddress.com/rgrtgtd/kjfdjjh.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106917/"
 "106916","2019-01-22 07:12:02","http://st-medical.pl/wp-content/themes/divi-4/includes/builder/fonts/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106916/"
 "106915","2019-01-22 07:00:16","http://yjbexnetdy.cf/wp-admin/includes/Attachments/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/106915/"
 "106914","2019-01-22 07:00:14","http://www.idgnet.nl/Januar2019/NFDAXF8050789/Rechnungs/FORM/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/106914/"
@@ -24222,7 +25663,7 @@
 "106454","2019-01-21 14:36:01","http://photomoura.ir/AKAKXIPTR3763530/Rechnungs-docs/DOC/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106454/"
 "106453","2019-01-21 14:35:07","http://phelieuasia.com/De/NYSPUHR0404414/gescanntes-Dokument/RECH/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106453/"
 "106452","2019-01-21 14:35:06","http://offblack.de/De_de/PBEPTPAQ3759053/DE_de/RECHNUNG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106452/"
-"106451","2019-01-21 14:35:05","http://oceangate.parkhomes.vn/De/TRNDTSST2042561/DE_de/Hilfestellung/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106451/"
+"106451","2019-01-21 14:35:05","http://oceangate.parkhomes.vn/De/TRNDTSST2042561/DE_de/Hilfestellung/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106451/"
 "106449","2019-01-21 14:35:03","http://nghiataman.com/DE/IRXLICAZBL1302586/Scan/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106449/"
 "106450","2019-01-21 14:35:03","http://northernpost.in/DE/KXIMFNOSPW5298241/Rechnungs/RECHNUNG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106450/"
 "106448","2019-01-21 14:35:02","http://nbhgroup.in/Januar2019/FBAHKDQBMQ7553976/Rechnungs/DETAILS/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106448/"
@@ -24576,7 +26017,7 @@
 "106098","2019-01-20 18:55:49","http://cdnpic.mgyun.com/files/products/vRoot/2013/17235968/VRoot_1.7.0.3825_Setup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106098/"
 "106097","2019-01-20 18:36:59","http://cdnpic.mgyun.com/files/products/vRoot/2013/17039360/VRoot_1.4.0.2955_Setup_183.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106097/"
 "106096","2019-01-20 17:56:07","http://ocrn597v5.bkt.clouddn.com/cjtaoke2.9.5.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106096/"
-"106095","2019-01-20 17:08:24","http://down.leyoucoc.cn/LYSetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106095/"
+"106095","2019-01-20 17:08:24","http://down.leyoucoc.cn/LYSetup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106095/"
 "106094","2019-01-20 16:54:32","http://download.rising.com.cn/zsgj/ravmofei.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106094/"
 "106093","2019-01-20 16:50:33","http://download.rising.com.cn/zsgj/RavMGF.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106093/"
 "106092","2019-01-20 16:47:33","http://futurealind.com/a.exe","online","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/106092/"
@@ -24587,7 +26028,7 @@
 "106087","2019-01-20 14:07:36","http://ninabijoux.com.br/js/fancybox/zxcv09h8g76f5d4f5g6hj7k8lj7h6g5f4dsg4h5j6kl78ytf4uh5ij67hygt6dr5ej9nhbgyvfty87vyg6b5hu4jnikm3j4n5hu6ygtu7f8yrdtfu7yg6hnji5m4n5hbgvf6cd7xtc6r7tf6uo5ij4/dolbysoud.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106087/"
 "106086","2019-01-20 14:06:04","http://fxtraderlog.com/downloads/fxtraderlog_upgrade.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106086/"
 "106085","2019-01-20 13:41:05","http://files.hrloo.com/bbs/data/attachment/forum/201212/20/10301044ex3m3s62emr1r7.doc?n=weyvuwtgv3lkzjlt6xln7norq3nrqhnkiblilbluqyuzg9j","online","malware_download","doc","https://urlhaus.abuse.ch/url/106085/"
-"106084","2019-01-20 13:37:17","http://download.fahpvdxw.cn/xbpic/fmt/v1.0.1.17/fmt_01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106084/"
+"106084","2019-01-20 13:37:17","http://download.fahpvdxw.cn/xbpic/fmt/v1.0.1.17/fmt_01.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106084/"
 "106083","2019-01-20 13:37:08","http://down.xrpdf.com/softdownloadol/xrpdfol5024.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106083/"
 "106082","2019-01-20 13:12:42","http://45.62.249.171/d/xd.spc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106082/"
 "106081","2019-01-20 13:12:41","http://45.62.249.171/d/xd.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106081/"
@@ -24644,7 +26085,7 @@
 "106029","2019-01-20 04:09:06","http://sgm.pc6.com/xiao2/H0MM4Trainer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106029/"
 "106028","2019-01-20 03:50:04","http://r.chaoxin.com/d29889e/2018-10-19_14/9ebbc/7e408/1539931621_225246.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106028/"
 "106027","2019-01-20 02:46:14","http://upgrade.shihuizhu.net/wgz174/%E5%BE%AE%E8%B4%AD%E7%8C%AA.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106027/"
-"106026","2019-01-20 02:41:50","http://update.yalian1000.com/updatefiles/client.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/106026/"
+"106026","2019-01-20 02:41:50","http://update.yalian1000.com/updatefiles/client.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/106026/"
 "106025","2019-01-20 02:26:32","http://dl.hzkfgs.com/djiejie.20171123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106025/"
 "106024","2019-01-20 02:22:06","http://img54.hbzhan.com/5/20121217/634913135817656250813.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106024/"
 "106023","2019-01-20 01:27:13","http://sgm.pc6.com/xiao4/baiwangfuweng_70563.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106023/"
@@ -24710,7 +26151,7 @@
 "105963","2019-01-19 17:51:02","http://kristinka2.life/payload.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/105963/"
 "105962","2019-01-19 17:42:04","http://iocho.org/wp-content/languages/loco/themes/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/105962/"
 "105961","2019-01-19 17:40:45","http://clarabellebaby.com/.tmb/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105961/"
-"105960","2019-01-19 17:39:07","http://startupinternetmarketing.com/free/cash.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105960/"
+"105960","2019-01-19 17:39:07","http://startupinternetmarketing.com/free/cash.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105960/"
 "105959","2019-01-19 17:33:06","https://almasoodgroup.com/js2/cwq1","offline","malware_download","None","https://urlhaus.abuse.ch/url/105959/"
 "105958","2019-01-19 17:33:03","https://almasoodgroup.com/js2/cwq","offline","malware_download","None","https://urlhaus.abuse.ch/url/105958/"
 "105957","2019-01-19 17:30:04","http://integramultimedia.com.mx/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105957/"
@@ -25007,7 +26448,7 @@
 "105650","2019-01-18 19:58:15","http://petparents.com.br/bqshe-KO_yXFudV-FS/Ref/740935652En/Outstanding-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105650/"
 "105649","2019-01-18 19:57:44","http://pe-co.nl/EvtAY-g1_KJjAmq-jj/INVOICE/US_us/Invoice-receipt/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105649/"
 "105648","2019-01-18 19:57:43","http://offblack.de/vPhT-jn2_eohiYtJyr-Dm/InvoiceCodeChanges/En/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105648/"
-"105647","2019-01-18 19:57:42","http://oceangate.parkhomes.vn/laRsA-lKx_mQ-vd/Ref/817226888EN_en/Invoice-receipt/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105647/"
+"105647","2019-01-18 19:57:42","http://oceangate.parkhomes.vn/laRsA-lKx_mQ-vd/Ref/817226888EN_en/Invoice-receipt/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105647/"
 "105646","2019-01-18 19:57:40","http://northernpost.in/HSHvT-nbQB_E-VD/15150/SurveyQuestionsEn/Open-invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105646/"
 "105645","2019-01-18 19:57:39","http://nhakhoavieta.com/lplB-PwLai_rSROuND-om/83053/SurveyQuestionsEN_en/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105645/"
 "105644","2019-01-18 19:57:34","http://msobrasciviles.cl/Gvuu-u3_brGnf-LN/10753/SurveyQuestionsEn/Invoice-Corrections-for-87/47/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105644/"
@@ -26462,7 +27903,7 @@
 "104133","2019-01-16 12:21:02","http://ipeople.vn/DE_de/OYAGWVN8100931/Scan/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104133/"
 "104132","2019-01-16 12:20:59","http://gunk.insol.be/drupal-6.15/sites/default/files/De_de/WUILSXVJV9707369/Rechnungs/Rechnungszahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104132/"
 "104131","2019-01-16 12:20:58","https://itp25.com/de_DE/DRIZICTI7514162/Rechnungs-docs/RECH/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/104131/"
-"104130","2019-01-16 12:20:55","http://oceangate.parkhomes.vn/DE_de/PDYIKWOT9286173/Rechnung/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104130/"
+"104130","2019-01-16 12:20:55","http://oceangate.parkhomes.vn/DE_de/PDYIKWOT9286173/Rechnung/RECHNUNG/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104130/"
 "104129","2019-01-16 12:20:47","http://homeafrica.co.tz/PVAZYRR9694081/de/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104129/"
 "104128","2019-01-16 12:20:45","http://bem.hukum.ub.ac.id/VDTDCC2636944/Scan/Rechnungszahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104128/"
 "104127","2019-01-16 12:20:37","http://runtah.com/De_de/LTRUAFMY3068566/DE/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104127/"
@@ -27851,7 +29292,7 @@
 "102716","2019-01-12 14:11:04","http://189.79.123.51:19637/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/102716/"
 "102715","2019-01-12 13:59:04","http://newjobinusa.com/image/image.jpg","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/102715/"
 "102714","2019-01-12 11:53:05","http://small.bxamp.com/bd/klkuaida.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102714/"
-"102713","2019-01-12 11:41:28","http://uuuuu.com.tw/5.0yahoo.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102713/"
+"102713","2019-01-12 11:41:28","http://uuuuu.com.tw/5.0yahoo.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102713/"
 "102712","2019-01-12 11:37:06","http://game.baihanxiao.com/int.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102712/"
 "102711","2019-01-12 10:24:25","http://zdy.17110.com/Controls/Control.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102711/"
 "102710","2019-01-12 09:48:05","http://179.110.22.175:29472/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/102710/"
@@ -28854,7 +30295,7 @@
 "101712","2019-01-06 07:16:04","http://142.11.219.20/bins/katana.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101712/"
 "101711","2019-01-06 07:16:03","http://142.11.219.20/bins/katana.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101711/"
 "101710","2019-01-06 07:15:03","http://104.168.171.186/cron","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/101710/"
-"101709","2019-01-06 05:42:18","http://c.pieshua.com/exe/Setup_402.gif","online","malware_download","exe","https://urlhaus.abuse.ch/url/101709/"
+"101709","2019-01-06 05:42:18","http://c.pieshua.com/exe/Setup_402.gif","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101709/"
 "101708","2019-01-06 04:10:05","http://209.141.57.94/Josho.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/101708/"
 "101707","2019-01-06 04:09:06","http://209.141.57.94/Josho.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/101707/"
 "101706","2019-01-06 04:09:04","http://209.141.57.94/Josho.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/101706/"
@@ -30453,7 +31894,7 @@
 "100107","2018-12-28 06:08:04","http://o24o.ru/interes.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100107/"
 "100106","2018-12-28 06:08:03","http://o24o.ru/dg.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100106/"
 "100105","2018-12-28 05:54:05","http://o24o.ru/bies.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100105/"
-"100104","2018-12-28 05:53:10","http://p2.lingpao8.com/Dragoon/20150218_L.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/100104/"
+"100104","2018-12-28 05:53:10","http://p2.lingpao8.com/Dragoon/20150218_L.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/100104/"
 "100103","2018-12-28 05:32:03","https://uploadexe.com/uploads/5c0eea9d8b1caunimat.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/100103/"
 "100102","2018-12-28 05:28:03","https://uploadexe.com/uploads/5c130869bde72mshta.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/100102/"
 "100101","2018-12-28 05:27:03","http://upload-exe.me/lT3CWbUKQj.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/100101/"
@@ -30693,7 +32134,7 @@
 "99866","2018-12-26 11:29:27","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/Trojan-Dropper.Win32.ZomJoiner.25.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99866/"
 "99865","2018-12-26 11:29:26","http://dx111.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99865/"
 "99864","2018-12-26 11:29:02","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2016%20Hacking%20Webservers/webdav-gui/webdav-gui.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99864/"
-"99863","2018-12-26 11:27:07","http://www.softhy.net/softhy.net_down/cs4softhy.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99863/"
+"99863","2018-12-26 11:27:07","http://www.softhy.net/softhy.net_down/cs4softhy.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99863/"
 "99861","2018-12-26 11:26:29","http://dx111.downyouxi.com/ailisizhisi3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99861/"
 "99862","2018-12-26 11:26:29","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2005%20Scanning/Tiny%20TCP%20Firewall/afxfw.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99862/"
 "99860","2018-12-26 11:25:33","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/netbus17/NetBus.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99860/"
@@ -30711,7 +32152,7 @@
 "99848","2018-12-26 10:20:31","http://www.softhy.net/softhy.net_down/cs6softhy.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/99848/"
 "99847","2018-12-26 10:20:20","http://tantarantantan23.ru/24/a_Protected.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/99847/"
 "99846","2018-12-26 10:18:29","http://www.softhy.net/softhy.net_down/dedesupertabs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99846/"
-"99845","2018-12-26 10:09:15","http://www.softhy.net/softhy.net_down/5qq0free.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99845/"
+"99845","2018-12-26 10:09:15","http://www.softhy.net/softhy.net_down/5qq0free.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99845/"
 "99844","2018-12-26 10:07:00","http://tantarantantan23.ru/24/_output55A1800ars.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/99844/"
 "99843","2018-12-26 10:06:30","http://tantarantantan23.ru/24/ajhvguygjhl_signed.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99843/"
 "99842","2018-12-26 10:01:07","http://tantarantantan23.ru/24/r2_Protected.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/99842/"
@@ -31634,7 +33075,7 @@
 "98912","2018-12-21 20:01:33","http://wt120.downyouxi.com/dadaopengke.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98912/"
 "98911","2018-12-21 20:01:18","http://wt120.downyouxi.com/wujinmaoxianzhilv.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98911/"
 "98910","2018-12-21 19:57:23","http://wt120.downyouxi.com/xiangsuqishi.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98910/"
-"98909","2018-12-21 19:56:11","http://patch3.51mag.com/2011/FarCry2v1.03T9.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98909/"
+"98909","2018-12-21 19:56:11","http://patch3.51mag.com/2011/FarCry2v1.03T9.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98909/"
 "98908","2018-12-21 19:54:05","http://wt120.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98908/"
 "98907","2018-12-21 19:45:09","https://uc0345930e4753c66fb4311de6e2.dl.dropboxusercontent.com/cd/0/get/AX7Ju47fNMElBkXjaWpfl2WoRpvjphrT4Js8QH9lrIb3hhrmwkc_PTjO2g6o7r3Tj8wDGgEnJbSY9n5oY3658r_GD2i3ppabDH6BTAVI_JEdQqo-M6s2Sgx9DexK34CiT16Cxk5i2Ic6OQ6Hkf1uD7Q2yyQaLRaDqOGozvxozSJrwXKVb9po_Aaq7UX2TwMvlTE/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98907/"
 "98906","2018-12-21 19:44:10","http://suporteatendimentorh.com/web?NBOXamp;xc75362dad4a9da06941b7dc3d6915ac64selectedfolderINBOX","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98906/"
@@ -31642,7 +33083,7 @@
 "98904","2018-12-21 19:42:57","http://patch3.51mag.com/2013/ALI213-PLANTS.VS.ZOMBIES.V1.2.0.1073.PLUS11TRN.DENKA003.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98904/"
 "98903","2018-12-21 19:42:51","http://patch3.51mag.com/newpatch14/sango9tcup_date.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98903/"
 "98902","2018-12-21 19:42:29","http://wt120.downyouxi.com/22loujialidibeiju.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98902/"
-"98901","2018-12-21 19:41:24","http://patch3.51mag.com/2013/ali213-alienscolonialmarine.8_aobeta_fixed.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98901/"
+"98901","2018-12-21 19:41:24","http://patch3.51mag.com/2013/ali213-alienscolonialmarine.8_aobeta_fixed.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98901/"
 "98900","2018-12-21 19:41:15","http://wt120.downyouxi.com/tankedajuezhan.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98900/"
 "98899","2018-12-21 19:36:51","http://patch3.51mag.com/2013/ali213-mp3+11tr-lng_v1.0.0.114.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98899/"
 "98898","2018-12-21 19:36:29","http://patch3.51mag.com/2012/cry2me+7tr-lng.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98898/"
@@ -31905,7 +33346,7 @@
 "98631","2018-12-21 06:01:17","http://wikaconsulting.com/js/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/98631/"
 "98630","2018-12-21 06:01:08","https://fastimmo.fr/wp-includes/ID3/sserv.jpg","online","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/98630/"
 "98629","2018-12-21 06:01:04","http://jenniferdouglasliterarypublicist.com/wp-content/themes/superfast/languages/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/98629/"
-"98628","2018-12-21 06:01:03","https://www.hostingcloud.science/6NQq.js","online","malware_download","None","https://urlhaus.abuse.ch/url/98628/"
+"98628","2018-12-21 06:01:03","https://www.hostingcloud.science/6NQq.js","offline","malware_download","None","https://urlhaus.abuse.ch/url/98628/"
 "98627","2018-12-21 06:00:11","https://tagmanager.vn//wp-content/themes/pridmag/sup.exe","offline","malware_download","exe,Retefe","https://urlhaus.abuse.ch/url/98627/"
 "98626","2018-12-21 05:52:04","http://dianneholman.com/R4YEKTW.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98626/"
 "98625","2018-12-21 05:51:13","http://patch3.51mag.com/newpatch21/ss4trn.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98625/"
@@ -32614,7 +34055,7 @@
 "97916","2018-12-19 18:32:04","https://akamai-stat3.club/uploads/lev.exe","offline","malware_download","Gozi,USA","https://urlhaus.abuse.ch/url/97916/"
 "97915","2018-12-19 18:32:03","http://95.142.46.253/Urgent%20notice.doc","offline","malware_download","doc,Gozi,USA","https://urlhaus.abuse.ch/url/97915/"
 "97914","2018-12-19 18:22:05","http://xuatbangiadinh.vn/OGqC-Tj3OwlsN_zrOznAK-Z7/INVOICE/files/US_us/Invoice-03167583-December","offline","malware_download"," malware,email","https://urlhaus.abuse.ch/url/97914/"
-"97913","2018-12-19 18:22:04","http://fst.gov.pk/images/winsvc","online","malware_download","None","https://urlhaus.abuse.ch/url/97913/"
+"97913","2018-12-19 18:22:04","http://fst.gov.pk/images/winsvc","offline","malware_download","None","https://urlhaus.abuse.ch/url/97913/"
 "97912","2018-12-19 18:02:05","http://feaservice.com/GXoZA-os_hCmiCUO-Wn7/CD62/invoicing/En_us/Important-Please-Read/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/97912/"
 "97911","2018-12-19 18:02:03","http://ninepenguins.com/AT_T/3PFEl_aNTsgcHU_jYXUWe","offline","malware_download","doc","https://urlhaus.abuse.ch/url/97911/"
 "97910","2018-12-19 17:44:13","http://tantarantantan23.ru/18/_output3A58A80azoslr1.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/97910/"
@@ -32725,7 +34166,7 @@
 "97805","2018-12-19 14:42:04","http://voapros.com/isPGE-e8cp4EJMV_YOwHSrSvT-i3U/ACH/PaymentInfo/newsletter/US/Invoices-attached/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97805/"
 "97804","2018-12-19 14:41:29","http://totalcommunicationinc.com/wp-content/uploads/2016/De_de/DBATYGF1305567/Bestellungen/RECHNUNG/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97804/"
 "97803","2018-12-19 14:41:27","http://thefanembassy.com/CrnCb-7a6PAiKE2_DYSD-gpq/COMET/SIGNS/PAYMENT/NOTIFICATION/12/19/2018/FILE/En_us/Invoices-attached/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97803/"
-"97802","2018-12-19 14:41:25","http://thedopplershift.co.uk/aOefH-SQEf03g2_C-s3/ACH/PaymentAdvice/INFO/En_us/Need-to-send-the-attachment/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97802/"
+"97802","2018-12-19 14:41:25","http://thedopplershift.co.uk/aOefH-SQEf03g2_C-s3/ACH/PaymentAdvice/INFO/En_us/Need-to-send-the-attachment/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97802/"
 "97801","2018-12-19 14:41:24","http://street-fashion-guide.ru/De/XFBMFU6227781/Rechnung/Hilfestellung/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97801/"
 "97800","2018-12-19 14:41:22","http://sosh47.citycheb.ru/DE_de/NNXSNNL8323484/Rechnungskorrektur/DETAILS/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97800/"
 "97799","2018-12-19 14:41:21","http://segmentsolutions.com/tjnDE-FuBQhD6b_my-P6N/INVOICE/xerox/En_us/Past-Due-Invoices/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97799/"
@@ -34713,7 +36154,7 @@
 "95759","2018-12-15 21:55:04","http://tecnologiatech.com/wp-content/themes/poseidon/images/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/95759/"
 "95758","2018-12-15 21:54:48","https://immobiliere-olivier.com/wp-includes/ID3/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95758/"
 "95757","2018-12-15 21:54:45","http://obseques-conseils.com/wp-content/cache/busting/sserv.jpg","online","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/95757/"
-"95756","2018-12-15 21:54:44","http://cesan-yuni.com/templates/protostar/less/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95756/"
+"95756","2018-12-15 21:54:44","http://cesan-yuni.com/templates/protostar/less/sserv.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95756/"
 "95755","2018-12-15 21:54:41","http://phukienmayphatdien.xyz/wp-content/themes/twentyseventeen/assets/css/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95755/"
 "95754","2018-12-15 21:54:33","http://spicenday.com/wp-content/themes/advance-portfolio/template-parts/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95754/"
 "95753","2018-12-15 21:54:29","http://dash.simplybackers.com/api/css/images/sserv.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95753/"
@@ -35070,7 +36511,7 @@
 "95395","2018-12-14 22:48:05","http://dwellingplace.tv/LrIM-zdG177rqk094dpp_qAEBepkL-2Y/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/95395/"
 "95394","2018-12-14 22:48:04","http://designartin.com/Inv/558633510305146626/Document/US_us/Invoice-Corrections-for-13/57/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95394/"
 "95393","2018-12-14 22:47:08","http://colbydix.com/RbZg-Z4GHm6qTwFqYnr_zUHutehoY-6Y/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95393/"
-"95392","2018-12-14 22:47:07","http://changemindbusiness.com/ACH/PaymentAdvice/Download/EN_en/Invoice-Number-392688/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95392/"
+"95392","2018-12-14 22:47:07","http://changemindbusiness.com/ACH/PaymentAdvice/Download/EN_en/Invoice-Number-392688/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95392/"
 "95391","2018-12-14 22:47:05","http://billfritzjr.com/1QebEVBvcfE/SEPA/200-Jahre/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95391/"
 "95390","2018-12-14 22:47:04","http://article.suipianny.com/LJDNt-3vvPiypGGfV2g2l_sMyhwLtdo-bm/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95390/"
 "95389","2018-12-14 22:37:03","http://ismandanismanlik.com.tr/En_us/Clients/2018-12/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/95389/"
@@ -35751,7 +37192,7 @@
 "94711","2018-12-14 00:25:59","http://scglobal.co.th/XLx/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94711/"
 "94710","2018-12-14 00:25:57","http://kkorner.net/czRv-TPCxHYXPm24aIa2_JgDIDHLg-iO/PAYROLL/Business/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94710/"
 "94709","2018-12-14 00:25:55","https://misophoniatreatment.com/UXIh-DHbnGRYXQRqFsi_UdZKkRrqM-ttH/ACH/US/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94709/"
-"94708","2018-12-14 00:25:53","http://coneymedia.com/hJEX-1bABplMRoYe6V25_vADFplCXy-lQM/SEP/Smallbusiness/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94708/"
+"94708","2018-12-14 00:25:53","http://coneymedia.com/hJEX-1bABplMRoYe6V25_vADFplCXy-lQM/SEP/Smallbusiness/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94708/"
 "94707","2018-12-14 00:25:51","http://avresume.com/mkzh-EeVWYTs2GjYIAS_udIztuZb-fV/PAYROLL/Commercial/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94707/"
 "94706","2018-12-14 00:25:49","http://firemaplegames.com/CKhl-Q60awPKKA17j6mv_GylTFWfTp-rr/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94706/"
 "94705","2018-12-14 00:25:47","http://allsortschildcare.co.uk/kMpLI-yImDa6GKzlvjIyw_WzcSpncFS-qM/PAYMENT/US/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94705/"
@@ -36330,7 +37771,7 @@
 "94053","2018-12-13 03:59:10","http://skycnxz2.wy119.com/2/qqkjspcj_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94053/"
 "94052","2018-12-13 03:59:01","http://31.207.35.116/wordpress/doc/US_us/Invoices-Overdue","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94052/"
 "94051","2018-12-13 03:58:02","http://31.207.35.116/wordpress/PaymentStatus/LLC/En_us/Invoice-for-b/k-12/10/2018","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94051/"
-"94050","2018-12-13 03:40:08","http://skycnxz2.wy119.com/2/jxwzgj_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94050/"
+"94050","2018-12-13 03:40:08","http://skycnxz2.wy119.com/2/jxwzgj_fr.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94050/"
 "94049","2018-12-13 03:39:02","http://travelcentreny.com/Inv/5547289622/Corporation/En_us/Invoices-attached","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94049/"
 "94048","2018-12-13 03:22:12","http://skycnxz2.wy119.com/yuegft_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94048/"
 "94047","2018-12-13 03:07:11","http://wxbsc.hzgjp.com/fz2/setup/silverlight5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/94047/"
@@ -36983,7 +38424,7 @@
 "93365","2018-12-12 03:39:43","http://nolife.antonov.ooo/EXT/PaymentStatus/Download/US/309-93-222183-923-309-93-222183-518/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93365/"
 "93364","2018-12-12 03:39:39","http://lostivale.celsur.eu/IRS/IRS-Transcript-treasury-gov/Tax-Return-Transcript/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93364/"
 "93363","2018-12-12 03:39:37","http://lanele.co.za/IRS-Online-Center/Record-of-Account-Transcript/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93363/"
-"93362","2018-12-12 03:39:30","http://karamina.com/IRS/IRS-Press-treasury-gov/Verification-of-Non-filing-Letter/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/93362/"
+"93362","2018-12-12 03:39:30","http://karamina.com/IRS/IRS-Press-treasury-gov/Verification-of-Non-filing-Letter/","online","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/93362/"
 "93361","2018-12-12 03:39:23","http://elixtra.com.ng/IRS/IRS-Online-Center/Tax-Account-Transcript/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93361/"
 "93360","2018-12-12 03:39:20","http://demo.letuscode.com/IRS.GOV/IRS-Transcript-treasury-gov/Record-of-Account-Transcript/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93360/"
 "93359","2018-12-12 03:39:18","http://dayphoihoaphat.org/IRS.GOV/IRS-Online-Center/Tax-Return-Transcript/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93359/"
@@ -40026,7 +41467,7 @@
 "90260","2018-12-06 16:12:07","http://minterburn.co.uk/newsletter/En_us/Invoice","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90260/"
 "90259","2018-12-06 16:12:05","http://mtaconsulting.com/newsletter/EN_en/Invoice-for-o/k-12/06/2018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90259/"
 "90258","2018-12-06 16:12:03","http://kolny.cz/IRS.GOV/IRS-Transcript-treasury-gov/Verification-of-Non-filing-Letter/December-06-2018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90258/"
-"90257","2018-12-06 16:04:21","http://tcy.198424.com/12YKGYY.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/90257/"
+"90257","2018-12-06 16:04:21","http://tcy.198424.com/12YKGYY.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/90257/"
 "90256","2018-12-06 15:55:26","http://arreyhotels.com.br/wp-admin/includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90256/"
 "90255","2018-12-06 15:55:25","http://seasonsfamilymedicine.com/wp-includes/pomo/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90255/"
 "90254","2018-12-06 15:55:23","http://silverstoltsen.com/wp-content/plugins/facebook-comments-plugin/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90254/"
@@ -41232,7 +42673,7 @@
 "89037","2018-12-05 00:12:07","http://iberias.ge/PFGbVX0Nl","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89037/"
 "89036","2018-12-05 00:12:05","http://fortifi.com/bECoyZ4dr","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89036/"
 "89035","2018-12-05 00:12:03","http://kosses.nl/s7U7gvF","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89035/"
-"89034","2018-12-04 23:21:13","http://tcy.198424.com/SUIJICHOUQIANCX.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/89034/"
+"89034","2018-12-04 23:21:13","http://tcy.198424.com/SUIJICHOUQIANCX.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/89034/"
 "89033","2018-12-04 23:21:09","http://46.17.47.73/vodity.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/89033/"
 "89032","2018-12-04 22:46:09","http://websitedesigngarden.com/k7Xp","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/89032/"
 "89031","2018-12-04 22:46:06","http://itbparnamirim.org/fj","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/89031/"
@@ -41812,7 +43253,7 @@
 "88452","2018-12-04 00:33:05","http://tom-steed.com/pYP5mhsWm/SEP/PrivateBanking","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88452/"
 "88451","2018-12-04 00:33:05","http://venusnevele.be/LLC/En/Outstanding-Invoices","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88451/"
 "88450","2018-12-04 00:33:03","http://adsmith.in/9zPcEumvy1","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/88450/"
-"88449","2018-12-04 00:30:14","http://tcy.198424.com/FOLDERENCRYPTORPJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88449/"
+"88449","2018-12-04 00:30:14","http://tcy.198424.com/FOLDERENCRYPTORPJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88449/"
 "88448","2018-12-04 00:19:03","http://carminewarren.com/AwanSite/newsletter/En/Invoices-Overdue","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88448/"
 "88447","2018-12-03 23:52:06","https://a.doko.moe/tkencn.jpg","offline","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/88447/"
 "88446","2018-12-03 23:24:06","http://laparomag.ru/9113BKSMFTUQ/identity/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88446/"
@@ -42156,10 +43597,10 @@
 "88090","2018-12-03 02:28:05","http://142.93.163.62/armv6l","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88090/"
 "88089","2018-12-03 02:28:04","http://142.93.243.137/bins/hoho.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88089/"
 "88088","2018-12-03 02:28:03","http://142.93.243.137/bins/hoho.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88088/"
-"88087","2018-12-03 02:18:31","http://tcy.198424.com/ZDZWMMSDW.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88087/"
-"88086","2018-12-03 02:17:35","http://tcy.198424.com/CFXCBSFYJWSBMDGJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88086/"
+"88087","2018-12-03 02:18:31","http://tcy.198424.com/ZDZWMMSDW.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88087/"
+"88086","2018-12-03 02:17:35","http://tcy.198424.com/CFXCBSFYJWSBMDGJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88086/"
 "88085","2018-12-03 02:17:04","http://205.209.176.202:2018/999","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88085/"
-"88084","2018-12-03 02:10:09","http://tcy.198424.com/FYP2PZZSSQ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88084/"
+"88084","2018-12-03 02:10:09","http://tcy.198424.com/FYP2PZZSSQ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88084/"
 "88083","2018-12-03 02:09:06","http://owwwc.com/mm/BX.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88083/"
 "88082","2018-12-03 01:54:04","http://sad-kurbatovo.nubex.ru/resources/doc-5571-file-block_files_5571-5572.file/name","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88082/"
 "88081","2018-12-03 01:44:08","http://art.nfile.net/files/art.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/88081/"
@@ -43259,7 +44700,7 @@
 "86983","2018-11-29 15:15:03","http://radiotaxilaguna.com/files/En/Need-to-send-the-attachment/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/86983/"
 "86982","2018-11-29 15:08:05","http://nasdacoin.ru/xmrig.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86982/"
 "86981","2018-11-29 14:50:07","http://update-prog.com/update.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/86981/"
-"86980","2018-11-29 14:49:40","http://tcy.198424.com/WINSOCKZBGJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86980/"
+"86980","2018-11-29 14:49:40","http://tcy.198424.com/WINSOCKZBGJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86980/"
 "86979","2018-11-29 14:38:50","http://en.avtoprommarket.ru/Document/En_us/Open-Past-Due-Orders","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86979/"
 "86978","2018-11-29 14:38:48","http://terrats.biz/default/US_us/ACH-form","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86978/"
 "86977","2018-11-29 14:38:46","http://venturemeets.com/wp-content/sites/US/Service-Invoice","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86977/"
@@ -43285,13 +44726,13 @@
 "86957","2018-11-29 14:20:00","http://31.214.240.105/florid/darkrat/plugins/miner/gpuamd.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86957/"
 "86956","2018-11-29 14:19:58","http://31.214.240.105/florid/darkrat/plugins/updater/system.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86956/"
 "86955","2018-11-29 14:19:57","http://31.214.240.105/florid/darkrat/plugins/miner/cpu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86955/"
-"86954","2018-11-29 14:19:54","http://tcy.198424.com/YIJIANJUYUWANGWENJIANGXRJ.RAR","offline","malware_download","rar","https://urlhaus.abuse.ch/url/86954/"
+"86954","2018-11-29 14:19:54","http://tcy.198424.com/YIJIANJUYUWANGWENJIANGXRJ.RAR","online","malware_download","rar","https://urlhaus.abuse.ch/url/86954/"
 "86953","2018-11-29 14:17:06","http://symbisystems.com/PL9qSNRM6","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86953/"
 "86952","2018-11-29 14:17:03","http://sevensites.es/NhG0JMO","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86952/"
 "86951","2018-11-29 14:17:01","http://tccrennes.fr/n7KoD5DB5W","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86951/"
 "86950","2018-11-29 14:17:00","http://reflectionpress.com/mm7GGS7ie","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86950/"
 "86949","2018-11-29 14:16:58","http://rabinovicionline.com/GWBhWrqx0","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86949/"
-"86948","2018-11-29 14:16:55","http://tcy.198424.com/GTQQKJSSCQQ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86948/"
+"86948","2018-11-29 14:16:55","http://tcy.198424.com/GTQQKJSSCQQ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86948/"
 "86947","2018-11-29 14:14:04","http://sjpowersolution.com/wp-content/themes/store/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86947/"
 "86946","2018-11-29 14:11:12","http://shannonmolloy.com/En/CyberMonday2018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86946/"
 "86945","2018-11-29 14:11:10","http://siteme.com/En/Clients_CM_Coupons","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86945/"
@@ -43895,7 +45336,7 @@
 "86340","2018-11-28 14:50:05","http://201.68.165.46:26272/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86340/"
 "86339","2018-11-28 14:49:08","http://175.151.123.42:27756/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86339/"
 "86338","2018-11-28 14:38:12","http://gonorthhalifax.com/ffmoJjv8/de_DE/IhreSparkasse","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86338/"
-"86337","2018-11-28 14:29:09","http://tcy.198424.com/JIUYUANQQALICEFREE.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86337/"
+"86337","2018-11-28 14:29:09","http://tcy.198424.com/JIUYUANQQALICEFREE.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86337/"
 "86336","2018-11-28 14:28:04","https://omalleyco-my.sharepoint.com/:u:/g/personal/emma_sho_co_nz/EbQRIY4HsDlHhnMvJxGtgwoB9UgiLMLTNvyfdl5CFWqSbw?e=GftPPW&download=1","offline","malware_download","Gozi,vbs,zip","https://urlhaus.abuse.ch/url/86336/"
 "86335","2018-11-28 14:27:11","http://borich.ru/dkYtO2YM","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86335/"
 "86334","2018-11-28 14:27:09","http://shreeconstructions.co.in/737ZDAS/SEP/S6rjgxh","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86334/"
@@ -46931,7 +48372,7 @@
 "83255","2018-11-20 22:44:03","http://telechargini.com/last/update/UpdateJava8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/83255/"
 "83254","2018-11-20 22:43:05","http://178.128.202.253/bins/onryo.arm6","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83254/"
 "83253","2018-11-20 22:43:04","http://178.128.202.253/bins/onryo.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83253/"
-"83252","2018-11-20 22:43:03","http://201.168.151.182:61146/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83252/"
+"83252","2018-11-20 22:43:03","http://201.168.151.182:61146/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/83252/"
 "83251","2018-11-20 22:34:06","http://www.xeggufhxmczp.tw/ooqnlm/20272_889200.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/83251/"
 "83250","2018-11-20 22:34:03","http://www.yxuwxpqjtdmj.tw/jqcyeo/180212_403464.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/83250/"
 "83249","2018-11-20 22:24:05","http://rutesil.com/US/Payments/112018/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/83249/"
@@ -48377,7 +49818,7 @@
 "81780","2018-11-17 07:17:03","http://198.211.113.55/Arcane.i586","offline","malware_download","elf","https://urlhaus.abuse.ch/url/81780/"
 "81779","2018-11-17 07:17:02","http://198.211.113.55/Arcane.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/81779/"
 "81778","2018-11-17 07:05:14","http://apoolcondo.com/images/dew002.exe","online","malware_download","AZORult","https://urlhaus.abuse.ch/url/81778/"
-"81777","2018-11-17 07:05:08","http://sparkuae.com/PL_Remittances_210918_pdf.jar","offline","malware_download","None","https://urlhaus.abuse.ch/url/81777/"
+"81777","2018-11-17 07:05:08","http://sparkuae.com/PL_Remittances_210918_pdf.jar","online","malware_download","None","https://urlhaus.abuse.ch/url/81777/"
 "81776","2018-11-17 07:05:06","http://idontknow.moe/files/huxlzv.jpg","offline","malware_download","NanoCore","https://urlhaus.abuse.ch/url/81776/"
 "81775","2018-11-17 07:05:05","http://banjojimonline.com/wp-content/languages/plugins/sserv.jpg","online","malware_download","exe,Ransomware,Troldesh","https://urlhaus.abuse.ch/url/81775/"
 "81774","2018-11-17 07:05:03","http://javcoservices.com/wp-content/themes/pressroom/languages/sserv.jpg","online","malware_download","exe,Ransomware,Troldesh","https://urlhaus.abuse.ch/url/81774/"
@@ -51097,8 +52538,8 @@
 "78978","2018-11-13 00:28:03","https://waraboo.com/0ne6CK/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/78978/"
 "78977","2018-11-13 00:28:02","http://thenutnofastflix2.com/156XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78977/"
 "78975","2018-11-13 00:27:03","http://thenutnofastflix2.com/161XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78975/"
-"78976","2018-11-13 00:27:03","http://thenutnofastflix2.com/38XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78976/"
-"78974","2018-11-13 00:18:05","http://thenutnofastflix2.com/123XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78974/"
+"78976","2018-11-13 00:27:03","http://thenutnofastflix2.com/38XKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78976/"
+"78974","2018-11-13 00:18:05","http://thenutnofastflix2.com/123XKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78974/"
 "78973","2018-11-12 23:28:12","http://www.vcorset.com/wp-content/uploads/hJwC","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/78973/"
 "78972","2018-11-12 23:28:09","http://waraboo.com/0ne6CK","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/78972/"
 "78971","2018-11-12 23:28:07","http://hotelmarina.es/wp-content/uploads/hDDPC2X","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/78971/"
@@ -51118,7 +52559,7 @@
 "78957","2018-11-12 23:14:04","http://dzunnuroin.org/eXWGz2nzw4/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78957/"
 "78956","2018-11-12 23:13:08","http://clubcoras.com/649BRQJNXK/SEP/Smallbusiness/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78956/"
 "78955","2018-11-12 23:13:07","http://arbaniwisata.com/wp-admin/DKKBEUPW/de/IhreSparkasse/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78955/"
-"78954","2018-11-12 23:13:05","http://anyes.com.cn/28UKARLIFN/PAY/Smallbusiness/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78954/"
+"78954","2018-11-12 23:13:05","http://anyes.com.cn/28UKARLIFN/PAY/Smallbusiness/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78954/"
 "78953","2018-11-12 23:13:03","http://altaredlife.com/954675G/com/US/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78953/"
 "78952","2018-11-12 23:13:02","http://184.154.53.181/chatlocaly_live/8824H/WIRE/Commercial/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78952/"
 "78951","2018-11-12 23:12:05","http://sanchezgacha.com/FUD1111.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/78951/"
@@ -51129,7 +52570,7 @@
 "78946","2018-11-12 23:11:04","http://iclikoftesiparisalinir.com/AiF52tK6sNenhTpK/SEP/PrivateBanking","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78946/"
 "78945","2018-11-12 23:11:03","http://zerenprofessional.com/4408FKJYPIRL/SEP/Business","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78945/"
 "78944","2018-11-12 23:11:02","http://fire42.com/4327973OZXPQOK/SEP/Personal","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78944/"
-"78943","2018-11-12 23:11:00","http://anyes.com.cn/28UKARLIFN/PAY/Smallbusiness","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78943/"
+"78943","2018-11-12 23:11:00","http://anyes.com.cn/28UKARLIFN/PAY/Smallbusiness","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78943/"
 "78942","2018-11-12 23:10:53","http://emilyxu.com/cxDjtxJd/DE/Privatkunden","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78942/"
 "78941","2018-11-12 23:10:49","http://tempodecelebrar.org.br/54120MIAYQL/SWIFT/US","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78941/"
 "78940","2018-11-12 23:10:46","http://u2434969.ct.sendgrid.net/wf/click?upn=WD6m8SjAakLxmIWnIo-2Bhx28pOEn7kpWTh16DjNMnBiRHrm-2B-2FIa2rYjV8DOgZNp6r_uX-2B-2FOWVk0wQO-2FiLAN-2FRXf4GdZ40wtMzyBkhASagjL9D5FcYhIkjq3YH7jPizD6wnjNDf8tOowyhY4CuijpI-2Bq3qQa1jiifRbj-2F2vfqwupVGQA5tYyQPKQOSDHJOh7WwIUs7S6p5esx-2BNv-2FyIg1dj5YRP1Tm9wbsG8F5DuO-2FrkAJ1Ib1u0QF9rfZvPcxp8zF9K7Na-2BDFCIsOxe-2BYMzlVRmppUjrKWN7Rxp2WDzunTYaE-3D","offline","malware_download","emotet","https://urlhaus.abuse.ch/url/78940/"
@@ -52036,7 +53477,7 @@
 "77984","2018-11-09 18:56:04","http://chstarkeco.com/En_us/Clients/11_18","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/77984/"
 "77983","2018-11-09 18:56:02","http://c-dole.com/En_us/Clients_Messages/112018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/77983/"
 "77982","2018-11-09 18:51:08","http://104.206.242.208/nwininilog.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/77982/"
-"77981","2018-11-09 18:51:08","http://thenutnofastflix2.com/17XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/77981/"
+"77981","2018-11-09 18:51:08","http://thenutnofastflix2.com/17XKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/77981/"
 "77980","2018-11-09 18:51:06","http://49.143.126.72:22216/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/77980/"
 "77979","2018-11-09 18:30:04","http://conceptsacademy.co.in/wp-content/uploads/2018/US/Clients_transactions/2018-11","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/77979/"
 "77978","2018-11-09 18:29:07","http://gubo.hu/FILE/New-Invoice-KG33572-OB-6714/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/77978/"
@@ -53607,7 +55048,7 @@
 "76369","2018-11-08 00:54:55","http://remingtonarchitecture.com/wp-content/Corporation/EN_en/Paid-Invoices/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/76369/"
 "76368","2018-11-08 00:54:54","http://qinyongjin.net/yqkjgqgj/979KVTDSKKY/PAYMENT/Personal/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/76368/"
 "76367","2018-11-08 00:54:52","http://pstore.info/986896Y/PAYROLL/Business/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/76367/"
-"76365","2018-11-08 00:54:50","http://preladoprisa.com/399379RHZ/SWIFT/Commercial/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/76365/"
+"76365","2018-11-08 00:54:50","http://preladoprisa.com/399379RHZ/SWIFT/Commercial/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/76365/"
 "76366","2018-11-08 00:54:50","http://profamilin.com/default/En_us/Invoice-Corrections-for-51/66/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/76366/"
 "76364","2018-11-08 00:54:49","http://poc.rscube.com/mstar/wdir/runtime/418PRMVSVM/SWIFT/Business/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/76364/"
 "76363","2018-11-08 00:54:47","http://phaimanhdanong.com/multimedia/99EGMMQ/PAYROLL/Business/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/76363/"
@@ -53705,7 +55146,7 @@
 "76271","2018-11-08 00:52:02","http://162.243.23.45/Download/EN_en/New-order/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/76271/"
 "76270","2018-11-08 00:47:06","http://14.249.139.35:60426/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/76270/"
 "76269","2018-11-08 00:09:02","http://rickenbbacker.westeurope.cloudapp.azure.com/cmd.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/76269/"
-"76268","2018-11-08 00:08:03","http://thenutnofastflix2.com/74XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76268/"
+"76268","2018-11-08 00:08:03","http://thenutnofastflix2.com/74XKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76268/"
 "76267","2018-11-08 00:07:02","http://kulikovonn.ru/Download/US_us/Invoices-Overdue/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76267/"
 "76266","2018-11-08 00:06:02","http://salon-semeynaya.ru/6878768ISGB/oamo/Commercial/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76266/"
 "76265","2018-11-08 00:00:25","http://www.waverunnerball.com/EN_US/Payments/11_18/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76265/"
@@ -53765,7 +55206,7 @@
 "76212","2018-11-07 23:57:31","http://ez64.ru/En_us/Transactions/2018-11/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/76212/"
 "76210","2018-11-07 23:57:30","http://ethiccert.com/8004784PXIUFAZ/EN_US/Clients/112018","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76210/"
 "76209","2018-11-07 23:57:29","http://ecsconsultancy.com.au/En_us/Transactions/2018-11/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76209/"
-"76208","2018-11-07 23:57:27","http://dllanka.net/EN_US/Clients_transactions/112018/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76208/"
+"76208","2018-11-07 23:57:27","http://dllanka.net/EN_US/Clients_transactions/112018/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76208/"
 "76207","2018-11-07 23:57:26","http://dingesgang.com/En_us/Clients_information/112018/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76207/"
 "76206","2018-11-07 23:57:25","http://dingesgang.com/En_us/Clients_information/112018","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76206/"
 "76204","2018-11-07 23:57:23","http://demo.wearemedia.us/asc/EN_US/Details/2018-11/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76204/"
@@ -53889,7 +55330,7 @@
 "76087","2018-11-07 17:56:03","https://thdidm.zendesk.com/attachments/token/90twtLKKvofUaiNKT8vhMBab4/","offline","malware_download","emotet","https://urlhaus.abuse.ch/url/76087/"
 "76085","2018-11-07 17:36:01","http://www.deepakasso.com/19LYVXOMHG/SWIFT/Personal/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/76085/"
 "76084","2018-11-07 17:34:01","http://www.govt-yojna-form.online/Corporation/EN_en/Question/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76084/"
-"76083","2018-11-07 17:22:02","http://www.exclusiv-residence.ro/kL3WB8vE/","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/76083/"
+"76083","2018-11-07 17:22:02","http://www.exclusiv-residence.ro/kL3WB8vE/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/76083/"
 "76082","2018-11-07 16:59:39","http://bsmassage.hu/wXEUi4mRT","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/76082/"
 "76081","2018-11-07 16:59:37","http://charliefox.com.br/wCcfLmN5Iu","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/76081/"
 "76080","2018-11-07 16:59:07","http://siamagricultureproduce.com/modules/8aOVdK8","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/76080/"
@@ -53904,12 +55345,12 @@
 "76071","2018-11-07 16:51:07","http://www.fraserfrance.fr/T","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/76071/"
 "76070","2018-11-07 16:51:06","http://www.codestic.net/Bm93","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/76070/"
 "76069","2018-11-07 16:51:04","http://steelstraightening.com/sDCqr","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/76069/"
-"76068","2018-11-07 16:50:09","http://www.dllanka.net/EN_US/Clients_transactions/112018/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76068/"
+"76068","2018-11-07 16:50:09","http://www.dllanka.net/EN_US/Clients_transactions/112018/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76068/"
 "76066","2018-11-07 16:50:08","http://magicmoove.com/497910JJP/PAY/Smallbusiness/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76066/"
 "76067","2018-11-07 16:50:08","http://www.fancygoods17.org/INFO/En/Paid-Invoice/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76067/"
 "76065","2018-11-07 16:50:06","http://www.growthfunnels.com.au/4929SATBEUYI/PAY/Personal/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76065/"
 "76064","2018-11-07 16:48:07","http://www.bouncequest.com/En_us/Attachments/11_18/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76064/"
-"76062","2018-11-07 16:48:05","http://exclusiv-residence.ro/kL3WB8vE/","online","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/76062/"
+"76062","2018-11-07 16:48:05","http://exclusiv-residence.ro/kL3WB8vE/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/76062/"
 "76063","2018-11-07 16:48:05","http://www.dominantdelivery.com/themes/flatsome-child/US/Documents/2018-11/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76063/"
 "76061","2018-11-07 16:48:03","http://ivcontent.info/LLC/En/Important-Please-Read/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76061/"
 "76060","2018-11-07 16:47:06","http://hungariagumiszerviz.hu/US/Information/2018-11/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76060/"
@@ -53917,7 +55358,7 @@
 "76058","2018-11-07 16:47:04","http://enakievo.org/Document/US_us/Invoice-Corrections-for-27/99/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76058/"
 "76057","2018-11-07 16:47:03","http://www.greenbuildingacademy.org/727EDSVSB/SEP/Smallbusiness/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76057/"
 "76056","2018-11-07 16:46:13","http://www.guru-sale-today.desi/US/Attachments/2018-11/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76056/"
-"76055","2018-11-07 16:46:11","http://dllanka.net/EN_US/Clients_transactions/112018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/76055/"
+"76055","2018-11-07 16:46:11","http://dllanka.net/EN_US/Clients_transactions/112018","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/76055/"
 "76054","2018-11-07 16:46:10","http://agrarszakkepzes.hu/En_us/Clients_transactions/112018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/76054/"
 "76053","2018-11-07 16:46:09","http://hotelatithilodging.com/En_us/Information/11_18","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/76053/"
 "76052","2018-11-07 16:46:07","http://bottrettuong.net/DOC/En/Past-Due-Invoice","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/76052/"
@@ -53934,14 +55375,14 @@
 "76041","2018-11-07 16:39:04","http://www.astropandit.ca/DOC/EN_en/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76041/"
 "76040","2018-11-07 16:39:02","http://www.bakeryupdate.org/xerox/EN_en/Past-Due-Invoice/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76040/"
 "76039","2018-11-07 16:19:04","http://electiveelectronics.com/RFQ/sdffghkhkl.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/76039/"
-"76038","2018-11-07 16:07:16","http://thenutnofastflix2.com/38Kjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76038/"
-"76036","2018-11-07 16:07:15","http://thenutnofastflix2.com/123KKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76036/"
-"76037","2018-11-07 16:07:15","http://thenutnofastflix2.com/226Kjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76037/"
-"76035","2018-11-07 16:07:14","http://thenutnofastflix2.com/viviKjddnnsa.exe","online","malware_download","exe,Neutrino,Smoke Loader","https://urlhaus.abuse.ch/url/76035/"
-"76034","2018-11-07 16:07:13","http://thenutnofastflix2.com/74Kjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76034/"
-"76033","2018-11-07 16:07:12","http://thenutnofastflix2.com/17KKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76033/"
+"76038","2018-11-07 16:07:16","http://thenutnofastflix2.com/38Kjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76038/"
+"76036","2018-11-07 16:07:15","http://thenutnofastflix2.com/123KKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76036/"
+"76037","2018-11-07 16:07:15","http://thenutnofastflix2.com/226Kjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76037/"
+"76035","2018-11-07 16:07:14","http://thenutnofastflix2.com/viviKjddnnsa.exe","offline","malware_download","exe,Neutrino,Smoke Loader","https://urlhaus.abuse.ch/url/76035/"
+"76034","2018-11-07 16:07:13","http://thenutnofastflix2.com/74Kjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76034/"
+"76033","2018-11-07 16:07:12","http://thenutnofastflix2.com/17KKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76033/"
 "76032","2018-11-07 16:07:11","http://thenutnofastflix2.com/85aKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76032/"
-"76031","2018-11-07 16:07:10","http://thenutnofastflix2.com/156aKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76031/"
+"76031","2018-11-07 16:07:10","http://thenutnofastflix2.com/156aKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76031/"
 "76030","2018-11-07 16:07:08","https://teal.download.pdfforge.org/op/op.exe","online","malware_download","adware,exe,lavasoft","https://urlhaus.abuse.ch/url/76030/"
 "76029","2018-11-07 16:07:05","https://a.doko.moe/xkqogu.jpg","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/76029/"
 "76028","2018-11-07 16:07:02","http://mandala.mn/update/tk1.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/76028/"
@@ -53993,7 +55434,7 @@
 "75982","2018-11-07 15:54:04","http://46.173.218.72/andro.med","offline","malware_download","Trickbot","https://urlhaus.abuse.ch/url/75982/"
 "75981","2018-11-07 15:54:03","http://46.173.218.70/andro.med","offline","malware_download","Trickbot","https://urlhaus.abuse.ch/url/75981/"
 "75980","2018-11-07 15:41:03","http://cdn.ofifinancial.com/inv_4318.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/75980/"
-"75978","2018-11-07 15:39:03","http://exclusiv-residence.ro/kL3WB8vE","online","malware_download","heodo","https://urlhaus.abuse.ch/url/75978/"
+"75978","2018-11-07 15:39:03","http://exclusiv-residence.ro/kL3WB8vE","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/75978/"
 "75979","2018-11-07 15:39:03","http://relogiostore.com/sHOSQ39w37","offline","malware_download","None","https://urlhaus.abuse.ch/url/75979/"
 "75976","2018-11-07 15:31:08","https://javierocasio.info/documentazione-online/documento-aggiornato-IK-4159639M6B","offline","malware_download","geofenced,ITA,sLoad,zipped-lnk","https://urlhaus.abuse.ch/url/75976/"
 "75975","2018-11-07 15:31:08","https://vfce.org/documentazione-online/documento-aggiornato-JS-3003623XE","offline","malware_download","geofenced,ITA,sLoad,zipped-lnk","https://urlhaus.abuse.ch/url/75975/"
@@ -54030,7 +55471,7 @@
 "75944","2018-11-07 15:09:07","http://www.sempatikopekoteli.com/Corporation/US_us/Invoice-46582575-November","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75944/"
 "75943","2018-11-07 15:09:06","http://www.danaodragonjfarm.com/420717NFHE/WIRE/Commercial","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75943/"
 "75942","2018-11-07 15:09:03","http://enakievo.org/Document/US_us/Invoice-Corrections-for-27/99","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75942/"
-"75941","2018-11-07 15:09:02","http://www.dllanka.net/EN_US/Clients_transactions/112018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75941/"
+"75941","2018-11-07 15:09:02","http://www.dllanka.net/EN_US/Clients_transactions/112018","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75941/"
 "75940","2018-11-07 15:09:00","http://sproutsschools.org/781HCFWVWR/PAYMENT/Smallbusiness","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75940/"
 "75939","2018-11-07 15:08:58","http://comcelco.com/23218W/ACH/Commercial","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75939/"
 "75938","2018-11-07 15:08:55","http://exeterpremedia.com/1PIKISST/SWIFT/Business","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75938/"
@@ -54144,7 +55585,7 @@
 "75830","2018-11-07 11:20:13","http://dkv.fikom.budiluhur.ac.id/UyMHyte","offline","malware_download","emotet,exe,heodo,Trickbot","https://urlhaus.abuse.ch/url/75830/"
 "75829","2018-11-07 11:20:08","http://www.f-34.jp/wp/wp-content/uploads/2018/X1HP9F","offline","malware_download","emotet,exe,heodo,Trickbot","https://urlhaus.abuse.ch/url/75829/"
 "75828","2018-11-07 11:20:03","http://grupoperezdevargas.com/kGI7","offline","malware_download","emotet,exe,heodo,Trickbot","https://urlhaus.abuse.ch/url/75828/"
-"75827","2018-11-07 11:17:03","http://www.exclusiv-residence.ro:80/kL3WB8vE","online","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/75827/"
+"75827","2018-11-07 11:17:03","http://www.exclusiv-residence.ro:80/kL3WB8vE","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/75827/"
 "75826","2018-11-07 11:15:04","http://visiontomotion.com/LMS/question/engine/upgrade/A65Ha6KY/biz/IhreSparkasse","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/75826/"
 "75825","2018-11-07 11:15:02","https://xa.yimg.com/kq/groups/14713148/147251921/name/INV-UEQ8328875-444.doc","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/75825/"
 "75824","2018-11-07 11:13:03","https://mbninformatics.com/wind.msi","offline","malware_download","exe,msi","https://urlhaus.abuse.ch/url/75824/"
@@ -54171,7 +55612,7 @@
 "75801","2018-11-07 07:56:10","http://ibjapiim.com/FriCUOBo3B","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/75801/"
 "75800","2018-11-07 07:56:09","http://www.relogiostore.com/sHOSQ39w37","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/75800/"
 "75799","2018-11-07 07:56:05","http://kupi-vip.com.ua/bbbnKLsz8d","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/75799/"
-"75798","2018-11-07 07:56:04","http://www.exclusiv-residence.ro/kL3WB8vE","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/75798/"
+"75798","2018-11-07 07:56:04","http://www.exclusiv-residence.ro/kL3WB8vE","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/75798/"
 "75797","2018-11-07 07:56:03","http://dol.dance/WqolzWoR2","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/75797/"
 "75796","2018-11-07 07:55:44","https://ougadikhalkhuntec.nl/hgb/nytbin.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/75796/"
 "75795","2018-11-07 07:55:30","http://85.100.41.71:26754/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/75795/"
@@ -54585,8 +56026,8 @@
 "75384","2018-11-06 23:54:10","http://indoqualitycleaning.com/58G/BIZ/Commercial","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75384/"
 "75383","2018-11-06 23:54:08","http://help-win.ru/2272LXO/ACH/US/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75383/"
 "75382","2018-11-06 23:54:07","http://help-win.ru/2272LXO/ACH/US","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75382/"
-"75381","2018-11-06 23:54:06","http://exclusiv-residence.ro/78PHBVLIA/oamo/Smallbusiness/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75381/"
-"75380","2018-11-06 23:54:05","http://exclusiv-residence.ro/78PHBVLIA/oamo/Smallbusiness","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75380/"
+"75381","2018-11-06 23:54:06","http://exclusiv-residence.ro/78PHBVLIA/oamo/Smallbusiness/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75381/"
+"75380","2018-11-06 23:54:05","http://exclusiv-residence.ro/78PHBVLIA/oamo/Smallbusiness","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75380/"
 "75379","2018-11-06 23:54:04","http://alakhbar-usa.com/xerox/En_us/Inv-27037-PO-3Q297161/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75379/"
 "75378","2018-11-06 23:54:03","http://alakhbar-usa.com/xerox/En_us/Inv-27037-PO-3Q297161","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/75378/"
 "75377","2018-11-06 23:53:12","http://www.prochembio.com.ar/EN_US/Information/2018-11/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/75377/"
@@ -56109,7 +57550,7 @@
 "73843","2018-11-02 17:53:03","http://moscow33.online/proxy/assno.chickenkiller.com.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/73843/"
 "73842","2018-11-02 17:52:03","http://167.88.161.40/adb.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73842/"
 "73841","2018-11-02 17:51:06","http://moscow33.online/KeyMoscow33.35.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/73841/"
-"73840","2018-11-02 17:51:05","http://178.131.61.0:31835/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/73840/"
+"73840","2018-11-02 17:51:05","http://178.131.61.0:31835/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73840/"
 "73839","2018-11-02 17:04:04","http://www.elpqthnskbbf.tw/ltggle/030002_848137.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/73839/"
 "73838","2018-11-02 16:35:07","http://nomoprints.com/wp-content/themes/llorix-one-lite/ti-customizer-notify/css/sserv.jpg","offline","malware_download","None","https://urlhaus.abuse.ch/url/73838/"
 "73837","2018-11-02 16:35:04","http://votebrycerobertson.com/wp-includes/ID3/sserv.jpg","offline","malware_download","None","https://urlhaus.abuse.ch/url/73837/"
@@ -58343,7 +59784,7 @@
 "71598","2018-10-27 17:48:04","http://46.59.101.173:63217/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71598/"
 "71597","2018-10-27 16:53:05","http://micropcsystem.com/condim/ert.exe","offline","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/71597/"
 "71596","2018-10-27 15:59:06","http://194.5.98.70:4560/fis.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/71596/"
-"71595","2018-10-27 15:59:03","http://193.200.50.136:14828/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/71595/"
+"71595","2018-10-27 15:59:03","http://193.200.50.136:14828/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71595/"
 "71594","2018-10-27 15:14:03","http://67.191.253.79:18411/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71594/"
 "71593","2018-10-27 14:09:03","http://5.8.88.242/1/crypt.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71593/"
 "71592","2018-10-27 14:03:04","http://102.185.40.234:42766/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71592/"
@@ -59495,7 +60936,7 @@
 "70412","2018-10-23 03:27:08","http://xzgxls.com/wp-content/themes/twentysixteen/css/Tax%20Payment%20Challan.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/70412/"
 "70411","2018-10-23 03:24:06","https://www.dropbox.com/s/jqq43sbr56mmieo/DETALLE%20DE%20%20CONFIRMACION%20DE%20PAGO%20DE%20PROVEEDORES%20%20DETALLE%20Y%20SOPORTE%20%20IMG--987-876--87654-356787654-567876543-456789-87654323456-7898765-543.uue?dl=1","offline","malware_download","rar","https://urlhaus.abuse.ch/url/70411/"
 "70410","2018-10-23 03:24:03","https://uc2570e1b13ec78ef802a7db44bf.dl.dropboxusercontent.com/cd/0/get/ATtEmMIl656ymskUmyUJf0Ca351VGvJ53trt5Wlfs4Dtpxvj8pJ31yI8A7kN8T63WsIXgLuiL93YFcwwvyRrE70oqCNLry51_4o3M9XZMKRq_i65GM8bFjgk29Mx6Sll9lkzG2BYAwi5PdDZmP2hCsY3PFAYOxcUpx2W8loJqBEy9nPi1R6N51EYWmzk8L-lDMw/file?dl=1","offline","malware_download","rar","https://urlhaus.abuse.ch/url/70410/"
-"70409","2018-10-23 02:27:05","http://59.127.1.67:30237/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/70409/"
+"70409","2018-10-23 02:27:05","http://59.127.1.67:30237/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/70409/"
 "70408","2018-10-23 02:21:31","http://doughal.tk/wp-admin/css/young.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/70408/"
 "70406","2018-10-23 01:38:02","http://104.248.35.116/TrioSec.i586","offline","malware_download","elf","https://urlhaus.abuse.ch/url/70406/"
 "70407","2018-10-23 01:38:02","http://104.248.35.116/TrioSec.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/70407/"
@@ -62360,8 +63801,8 @@
 "67529","2018-10-13 05:02:07","http://www.aractidf.org/misc/rl8109.jpg","offline","malware_download","exxe","https://urlhaus.abuse.ch/url/67529/"
 "67528","2018-10-13 05:02:06","http://www.aractidf.org/misc/pw8109.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67528/"
 "67527","2018-10-13 05:02:02","http://www.aractidf.org/misc/dr8109.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67527/"
-"67526","2018-10-13 04:13:41","http://ftpcnc-p2sp.pconline.com.cn/pub/download/200509/CH-Nebula_225_PConline.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/67526/"
-"67525","2018-10-13 03:28:41","http://ftpcnc-p2sp.pconline.com.cn/pub/download/200408/001TV.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67525/"
+"67526","2018-10-13 04:13:41","http://ftpcnc-p2sp.pconline.com.cn/pub/download/200509/CH-Nebula_225_PConline.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67526/"
+"67525","2018-10-13 03:28:41","http://ftpcnc-p2sp.pconline.com.cn/pub/download/200408/001TV.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/67525/"
 "67524","2018-10-13 03:14:05","http://www.msmapparelsourcing.com/wp-admin/users/newnaocor.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67524/"
 "67523","2018-10-13 02:30:18","http://smplmods-ru.1gb.ru/ptss_crypted.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/67523/"
 "67522","2018-10-13 02:30:15","http://down5.mqego.com/SOFT1/RC2009.RAR","online","malware_download","rar","https://urlhaus.abuse.ch/url/67522/"
@@ -63112,11 +64553,11 @@
 "66776","2018-10-11 11:22:03","https://d.coka.la/mD8KuC.jpg","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/66776/"
 "66775","2018-10-11 11:01:03","http://akznqw.com/classa.doc","offline","malware_download","Formbook,RTF","https://urlhaus.abuse.ch/url/66775/"
 "66774","2018-10-11 11:01:02","http://akznqw.com/marlboro.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/66774/"
-"66773","2018-10-11 10:54:24","http://dxdown.2cto.com/ware/201306/0607QQgzzBsq.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66773/"
+"66773","2018-10-11 10:54:24","http://dxdown.2cto.com/ware/201306/0607QQgzzBsq.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/66773/"
 "66772","2018-10-11 10:54:10","http://www.bygoldi.com/wp-content/themes/wipi/includes/chrome.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/66772/"
 "66771","2018-10-11 10:54:05","http://ashifrifat.com/wp-content/themes/agama/includes/chrome.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/66771/"
 "66770","2018-10-11 10:52:02","http://104.244.76.210/bins/dark.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66770/"
-"66769","2018-10-11 10:45:18","http://dxdown.2cto.com/ware/201307/0719qqzcrqckq.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/66769/"
+"66769","2018-10-11 10:45:18","http://dxdown.2cto.com/ware/201307/0719qqzcrqckq.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66769/"
 "66768","2018-10-11 10:43:03","http://dxdown.2cto.com/ware/0739/macdzsmq.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/66768/"
 "66767","2018-10-11 10:42:18","http://dxdown.2cto.com/ware/774710/netbox.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66767/"
 "66766","2018-10-11 10:36:11","http://dxdown.2cto.com/ware/9/skiller3.6.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/66766/"
@@ -68224,14 +69665,14 @@
 "61580","2018-09-27 22:45:14","http://pixelcrush.net/En_us/Documents/092018/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61580/"
 "61579","2018-09-27 22:35:07","http://palfx.info/Document/En/Invoices-attached","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61579/"
 "61578","2018-09-27 22:25:05","http://177.132.77.115:17590/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/61578/"
-"61577","2018-09-27 22:14:06","http://uxz.didiwl.com/PC/NMCQBTFZ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61577/"
-"61576","2018-09-27 22:13:11","http://uxz.didiwl.com/pc/dsgjrja.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61576/"
+"61577","2018-09-27 22:14:06","http://uxz.didiwl.com/PC/NMCQBTFZ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61577/"
+"61576","2018-09-27 22:13:11","http://uxz.didiwl.com/pc/dsgjrja.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/61576/"
 "61575","2018-09-27 22:13:06","http://baatzconsulting.com/487390VLLB/BIZ/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61575/"
-"61574","2018-09-27 22:04:21","http://uxz.didiwl.com/PC/YSDXYQNFZ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61574/"
-"61573","2018-09-27 22:03:08","http://uxz.didiwl.com/PC/KEKOUKYKCJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61573/"
+"61574","2018-09-27 22:04:21","http://uxz.didiwl.com/PC/YSDXYQNFZ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61574/"
+"61573","2018-09-27 22:03:08","http://uxz.didiwl.com/PC/KEKOUKYKCJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61573/"
 "61572","2018-09-27 22:03:04","http://ruforum.uonbi.ac.ke/wp-content/uploads/En_us/Payments/092018","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61572/"
 "61571","2018-09-27 22:02:05","http://kantauri.com/Document/En/Past-Due-Invoices","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61571/"
-"61570","2018-09-27 22:01:06","http://uxz.didiwl.com/PC/LNBCZCJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61570/"
+"61570","2018-09-27 22:01:06","http://uxz.didiwl.com/PC/LNBCZCJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61570/"
 "61569","2018-09-27 21:42:45","http://egomall.net/US/Payments/092018","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61569/"
 "61568","2018-09-27 21:33:08","http://www.dobre-instalacje.pl/logs/recu.exe","offline","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/61568/"
 "61567","2018-09-27 21:33:07","http://49.71.118.101:62734/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/61567/"
@@ -69744,7 +71185,7 @@
 "60038","2018-09-24 23:09:58","http://sweatshop.org/3WDQQK/SEP/Business","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60038/"
 "60037","2018-09-24 23:09:57","http://jedecouvrelemaroc.com/92892URVHHDNS/WIRE/Business","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60037/"
 "60036","2018-09-24 23:09:53","http://buckeyeoptical.com/2880390OD/WIRE/Business","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60036/"
-"60035","2018-09-24 23:09:51","http://johnscevolaseo.com/393SG/ACH/Business","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60035/"
+"60035","2018-09-24 23:09:51","http://johnscevolaseo.com/393SG/ACH/Business","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60035/"
 "60034","2018-09-24 23:09:49","http://afan.xin/2610121O/554999SW/identity/Smallbusiness","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60034/"
 "60033","2018-09-24 23:09:46","http://roingenieria.cl/LLC/En_us/Service-Report-3528","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60033/"
 "60032","2018-09-24 23:09:43","http://mobileappo.com/DOC/En/Invoice-78944009","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60032/"
@@ -69780,12 +71221,12 @@
 "60002","2018-09-24 21:42:03","http://pbt-demo.web2de.com/LLC/US_us/Invoices-attached","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60002/"
 "60001","2018-09-24 21:41:04","http://mbr.kill0604.ru/upsnew2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60001/"
 "60000","2018-09-24 21:26:06","http://67.21.81.79/dtacard.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/60000/"
-"59999","2018-09-24 21:25:35","http://soft.duote.com.cn/sycpdf_1.0.0.0.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59999/"
+"59999","2018-09-24 21:25:35","http://soft.duote.com.cn/sycpdf_1.0.0.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59999/"
 "59998","2018-09-24 21:25:09","http://dc.amegt.com/wp-content/sites/En/New-Order-Upcoming/Invoice","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59998/"
 "59997","2018-09-24 21:24:10","http://hotellaspalmashmo.com/92WKNDMR/PAYMENT/Smallbusiness","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59997/"
 "59996","2018-09-24 21:24:05","http://67.21.81.79/datacard.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/59996/"
 "59995","2018-09-24 21:23:53","http://www.skayweb.com/rr.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/59995/"
-"59994","2018-09-24 21:23:42","http://soft.duote.com.cn/wyzdjk_7.2.0.2.exe","online","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/59994/"
+"59994","2018-09-24 21:23:42","http://soft.duote.com.cn/wyzdjk_7.2.0.2.exe","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/59994/"
 "59993","2018-09-24 21:21:15","http://manatour.cl/pdf/EN_en/Invoice-for-sent/Invoice-92978","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59993/"
 "59992","2018-09-24 21:21:04","http://manatour.cl/DOC/New-Invoice-EI1978-AT-5653","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59992/"
 "59991","2018-09-24 21:20:07","http://hd.pe/470076SC/ACH/Smallbusiness/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/59991/"
@@ -69798,7 +71239,7 @@
 "59984","2018-09-24 21:09:17","http://hukuki.site/LLC/US/Paid-Invoice","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59984/"
 "59983","2018-09-24 21:09:12","http://weinraub.net/helpdesk/default/En/Outstanding-Invoices","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59983/"
 "59982","2018-09-24 21:09:05","http://diainc.com/Document/EN_en/Past-Due-Invoices","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59982/"
-"59980","2018-09-24 21:07:09","http://soft.duote.com.cn/ddmfwifi_1.1.5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59980/"
+"59980","2018-09-24 21:07:09","http://soft.duote.com.cn/ddmfwifi_1.1.5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59980/"
 "59979","2018-09-24 21:02:03","http://aluigi.altervista.org/poc/dirtysky.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59979/"
 "59978","2018-09-24 21:00:11","http://aluigi.altervista.org/poc/ut2004null.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59978/"
 "59977","2018-09-24 20:48:58","http://ossi4.51cto.com/attachment/201203/4594712_1333015433.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/59977/"
@@ -69867,7 +71308,7 @@
 "59913","2018-09-24 17:55:06","http://uploader.sx/uploads/2018/5b8f1783.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59913/"
 "59912","2018-09-24 17:42:04","http://uploader.sx/uploads/2018/5b9fe536.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59912/"
 "59911","2018-09-24 17:41:32","http://dx.qqtn.com/qq1/mfqzsprj.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59911/"
-"59910","2018-09-24 17:41:30","http://dx.qqtn.com/qq1/weibollq.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59910/"
+"59910","2018-09-24 17:41:30","http://dx.qqtn.com/qq1/weibollq.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/59910/"
 "59909","2018-09-24 17:41:09","http://gmina.barlinek.sisco.info/zalaczniki/997/Regulamin_4D.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/59909/"
 "59908","2018-09-24 17:41:06","http://www.winmend.com/pad/download/WinMend-Auto-Shutdown.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59908/"
 "59907","2018-09-24 17:40:05","http://gmina.barlinek.sisco.info/zalaczniki/863/UCHWALA_NR_XXVI_202_2004.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/59907/"
@@ -70482,7 +71923,7 @@
 "59295","2018-09-23 20:41:17","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/inf.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59295/"
 "59294","2018-09-23 20:41:10","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/car.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59294/"
 "59293","2018-09-23 20:41:02","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/jiz.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59293/"
-"59292","2018-09-23 20:40:49","http://soft.duote.com.cn/baohusan_1.4.3.3.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/59292/"
+"59292","2018-09-23 20:40:49","http://soft.duote.com.cn/baohusan_1.4.3.3.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/59292/"
 "59291","2018-09-23 20:25:12","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/joo.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59291/"
 "59290","2018-09-23 20:25:10","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/jizz.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59290/"
 "59289","2018-09-23 20:25:09","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/md.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59289/"
@@ -70635,7 +72076,7 @@
 "59141","2018-09-23 05:02:04","http://chantellelouiseweddings.com/695NNPAYMENT/LX51530188546XFIGDR/72360062132/IN-ILB-Aug-10-2018","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59141/"
 "59140","2018-09-23 04:54:04","http://familiekoning.net/Past-Due-Invoices","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59140/"
 "59139","2018-09-23 04:39:21","http://dx.qqtn.com/qq5/qqkjgzmz.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59139/"
-"59138","2018-09-23 04:39:18","http://dx.qqtn.com/qq1/fluxay.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59138/"
+"59138","2018-09-23 04:39:18","http://dx.qqtn.com/qq1/fluxay.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/59138/"
 "59137","2018-09-23 04:38:05","http://rosirs-edu.com/4508U/biz/Business/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59137/"
 "59136","2018-09-23 04:37:03","http://familiekoning.net/FILE/Invoice","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59136/"
 "59135","2018-09-23 04:27:03","http://docs.qualva.io/files/EN_en/Service-Invoice/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59135/"
@@ -70907,7 +72348,7 @@
 "58869","2018-09-21 18:28:19","http://d1.paopaoche.net/x1/Hexxagon.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/58869/"
 "58868","2018-09-21 18:26:28","http://d1.paopaoche.net/x1/handoumaoxian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/58868/"
 "58867","2018-09-21 18:25:51","http://123.249.71.230/mysqldd.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/58867/"
-"58866","2018-09-21 18:25:45","http://d1.paopaoche.net/x1/djfs.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/58866/"
+"58866","2018-09-21 18:25:45","http://d1.paopaoche.net/x1/djfs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/58866/"
 "58865","2018-09-21 18:16:12","http://imcfilmproduction.com/sites/EN_en/Invoice/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/58865/"
 "58864","2018-09-21 18:15:57","http://d1.paopaoche.net/x1/pengzhuangdataosha.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/58864/"
 "58863","2018-09-21 18:14:07","http://www.skayweb.com/8i.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/58863/"
@@ -72542,7 +73983,7 @@
 "57201","2018-09-17 18:35:27","http://birmetalciningezinotlari.com/8NE/PAYROLL/Cpf2tl","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57201/"
 "57200","2018-09-17 18:35:17","http://betwext.com/PTa1a1aF","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57200/"
 "57199","2018-09-17 18:35:08","http://brkini.net/Rfb","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57199/"
-"57198","2018-09-17 18:32:03","http://van-wonders.co.uk/wwvvv/862RNNE/73846WN/com/US/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/57198/"
+"57198","2018-09-17 18:32:03","http://van-wonders.co.uk/wwvvv/862RNNE/73846WN/com/US/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/57198/"
 "57197","2018-09-17 18:31:18","http://www.ultigamer.com/wp-admin/includes/216ZVOKXLK/PAY/Business","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/57197/"
 "57196","2018-09-17 18:31:12","http://www.thefxgroup.co.za/Document/EN_en/Paid-Invoice-Credit-Card-Receipt","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/57196/"
 "57195","2018-09-17 18:31:09","http://roingenieria.cl/files/US/Invoice-for-you","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/57195/"
@@ -77955,7 +79396,7 @@
 "51681","2018-09-05 02:29:11","http://159.65.232.56/bins/hoderi.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/51681/"
 "51680","2018-09-05 02:29:07","http://stevecommunication.ga/bebenlo/bencosept.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/51680/"
 "51679","2018-09-05 02:28:05","http://crasemerzom.com/condooo/condax.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/51679/"
-"51678","2018-09-05 02:28:02","http://121.121.42.75:1080/word_sample_20180903065545.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/51678/"
+"51678","2018-09-05 02:28:02","http://121.121.42.75:1080/word_sample_20180903065545.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/51678/"
 "51677","2018-09-05 02:27:06","http://stevecommunication.ga/smart/smartONE.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/51677/"
 "51676","2018-09-05 02:27:02","http://159.65.232.56/bins/hoderi.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/51676/"
 "51675","2018-09-05 02:22:07","http://stevecommunication.ga/smart2/hdkhle.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/51675/"
@@ -79157,10 +80598,10 @@
 "50464","2018-09-01 05:27:05","http://www.stahuj.cz/primo/downloader/3510ae15166efc627853dc93f31a7a37/adobeacrobatreader-seznam-listicka.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/50464/"
 "50463","2018-09-01 05:27:04","http://tnjlgs.loan/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50463/"
 "50462","2018-09-01 05:27:02","http://robotop.cn/v3G158/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/50462/"
-"50461","2018-09-01 05:26:58","http://uebhyhxw.afgktv.cn/1/44278-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50461/"
+"50461","2018-09-01 05:26:58","http://uebhyhxw.afgktv.cn/1/44278-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50461/"
 "50460","2018-09-01 05:26:50","http://iuwrwcvz.applekid.cn/1/44217-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50460/"
 "50459","2018-09-01 05:26:44","http://aimmvqsf.ahhxdl.cn/1/42062-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50459/"
-"50458","2018-09-01 05:26:37","http://xblbnlws.appdoit.cn/1/42046-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50458/"
+"50458","2018-09-01 05:26:37","http://xblbnlws.appdoit.cn/1/42046-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50458/"
 "50457","2018-09-01 05:26:23","http://aygwzxqa.applekid.cn/1/42046-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50457/"
 "50456","2018-09-01 05:26:10","http://tpjsgq.loan/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50456/"
 "50455","2018-09-01 05:26:06","http://one.wing138.info/glib","offline","malware_download","None","https://urlhaus.abuse.ch/url/50455/"
@@ -89479,7 +90920,7 @@
 "40067","2018-08-08 13:02:04","http://futureproofsolutions.nl/236QSRFILE/SA2709841437NST/3333234739/OONK-CTLZ-Aug-08-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/40067/"
 "40066","2018-08-08 12:47:08","https://ikhlasaqiqah.com/main/1/outputa211bff.msi","offline","malware_download","exe","https://urlhaus.abuse.ch/url/40066/"
 "40065","2018-08-08 12:45:02","http://94.250.251.134/build_startup_2018-08-07_23-51.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/40065/"
-"40064","2018-08-08 12:34:08","http://jigneshjhaveri.com/INFO/JB21160UDEMK/719973186/BNCI-NLQ/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/40064/"
+"40064","2018-08-08 12:34:08","http://jigneshjhaveri.com/INFO/JB21160UDEMK/719973186/BNCI-NLQ/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40064/"
 "40063","2018-08-08 12:34:06","http://dc.amegt.com/wp-content/PAY/DTO15075LJ/419146/THPD-ZPDVM/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40063/"
 "40062","2018-08-08 12:34:05","http://leodruker.com/wp-content/uploads/2014/sites/US/Address-and-payment-info/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40062/"
 "40061","2018-08-08 12:34:03","http://frankdeleeuw.com/DOC/OVTL71553846120CWRE/86957/VED-UREYC-Aug-06-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40061/"
@@ -90271,7 +91712,7 @@
 "39250","2018-08-07 02:51:59","http://lonestarcustompainting.com/CARD/FEQB144877ICJ/Aug-03-2018-0597999/OQF-WPEEY-Aug-03-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39250/"
 "39249","2018-08-07 02:51:57","http://kulikovonn.ru/PAY/HEY1872516JK/Aug-06-2018-28507440338/IDRT-BGIQ","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39249/"
 "39248","2018-08-07 02:51:56","http://kristianmarlow.com/LLC/HNJ20152919WUYRE/206028/CZB-TWQ/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39248/"
-"39247","2018-08-07 02:51:54","http://jigneshjhaveri.com/newsletter/US/Bill-address-change/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39247/"
+"39247","2018-08-07 02:51:54","http://jigneshjhaveri.com/newsletter/US/Bill-address-change/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39247/"
 "39246","2018-08-07 02:51:52","http://hudsonmartialarts.com.au/Corporation/BDI88478S/Aug-03-2018-58989544/JU-YZDX-Aug-03-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39246/"
 "39245","2018-08-07 02:51:48","http://hk5d.com/@eaDir/doc/GER/RECHNUNG/RechnungsDetails-WX-21-40739","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39245/"
 "39244","2018-08-07 02:51:46","http://geocoal.co.za/INFO/UZ86805770015O/303134438/PZV-WBYD-Aug-03-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39244/"
@@ -91466,7 +92907,7 @@
 "38044","2018-08-02 14:55:24","http://scrapgoldpile.com/wp-content/plugins/google-sitemap-generator/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/38044/"
 "38043","2018-08-02 14:55:22","http://zsgmm.com/wp-content/plugins/themegrill-demo-importer/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/38043/"
 "38042","2018-08-02 14:55:21","http://carimint.com/wp-content/plugins/jetpack/modules/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/38042/"
-"38041","2018-08-02 14:55:20","http://cadencespa.net/wp-content/plugins/kadence-slider/redux/3","online","malware_download","None","https://urlhaus.abuse.ch/url/38041/"
+"38041","2018-08-02 14:55:20","http://cadencespa.net/wp-content/plugins/kadence-slider/redux/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/38041/"
 "38040","2018-08-02 14:55:19","http://estrindesign.com/wp-content/plugins/option-tree/includes/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/38040/"
 "38039","2018-08-02 14:55:18","http://scrapgoldpile.com/wp-content/plugins/google-sitemap-generator/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/38039/"
 "38037","2018-08-02 14:55:17","http://carimint.com/wp-content/plugins/jetpack/modules/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/38037/"
@@ -91476,7 +92917,7 @@
 "38034","2018-08-02 14:55:14","http://scrapgoldpile.com/wp-content/plugins/google-sitemap-generator/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38034/"
 "38033","2018-08-02 14:55:10","http://zsgmm.com/wp-content/plugins/themegrill-demo-importer/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38033/"
 "38032","2018-08-02 14:55:08","http://carimint.com/wp-content/plugins/jetpack/modules/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38032/"
-"38031","2018-08-02 14:55:06","http://cadencespa.net/wp-content/plugins/kadence-slider/redux/1","online","malware_download","None","https://urlhaus.abuse.ch/url/38031/"
+"38031","2018-08-02 14:55:06","http://cadencespa.net/wp-content/plugins/kadence-slider/redux/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38031/"
 "38030","2018-08-02 14:55:04","http://estrindesign.com/wp-content/plugins/option-tree/includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38030/"
 "38029","2018-08-02 14:39:09","https://dl.dropboxusercontent.com/s/tlcud74elo1pslx/flashplayer_39.14_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/38029/"
 "38028","2018-08-02 14:39:07","https://dl.dropboxusercontent.com/s/6wbcteo6lfz0ncs/flashplayer_39.13_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/38028/"
@@ -93767,7 +95208,7 @@
 "35706","2018-07-25 03:58:38","http://joynt.net/tank/default/Rechnung/DOC-Dokument/Unsere-Rechnung-vom-24-Juli-NN-77-56202/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35706/"
 "35705","2018-07-25 03:58:36","http://johnnipe.com/newsletter/EN_en/Statement/HRI-Monthly-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35705/"
 "35704","2018-07-25 03:58:33","http://jimmyjohansson.net/files/EN_en/Past-Due-Invoices/invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35704/"
-"35703","2018-07-25 03:58:31","http://jigneshjhaveri.com/default/Rechnungs/Rechnungsanschrift/Ihre-Rechnung-AJW-87-91079/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35703/"
+"35703","2018-07-25 03:58:31","http://jigneshjhaveri.com/default/Rechnungs/Rechnungsanschrift/Ihre-Rechnung-AJW-87-91079/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35703/"
 "35702","2018-07-25 03:58:30","http://jdmsport.com.au/newsletter/En_us/Jul2018/ACCOUNT3426911/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35702/"
 "35701","2018-07-25 03:58:26","http://jacobyodesign.com/doc/Rechnung/Zahlung/Rechnungsanschrift-korrigiert-PN-54-83319/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/35701/"
 "35700","2018-07-25 03:58:25","http://irontech.com.tr/DHL-Express/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35700/"
@@ -94886,7 +96327,7 @@
 "34572","2018-07-19 18:07:07","http://supplierslip.com/Q10/c15281bd2de23ae948749934ea5ef7a650308.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/34572/"
 "34571","2018-07-19 18:07:06","http://supplierslip.com/Q10/c1528ea1562a3659bbafa665defc1665bd279.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/34571/"
 "34570","2018-07-19 18:07:05","http://legrand.ba/typo3conf/ext/7878.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/34570/"
-"34569","2018-07-19 18:04:13","http://lhzs.923yx.com/others/down/lhzs2323yx.exe","online","malware_download","exe,Fuery,trojan","https://urlhaus.abuse.ch/url/34569/"
+"34569","2018-07-19 18:04:13","http://lhzs.923yx.com/others/down/lhzs2323yx.exe","offline","malware_download","exe,Fuery,trojan","https://urlhaus.abuse.ch/url/34569/"
 "34568","2018-07-19 17:49:04","http://uploadtops.is/3/T/2u8uYBb","offline","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/34568/"
 "34567","2018-07-19 17:32:06","http://daytonohseo.com/new.qz","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/34567/"
 "34566","2018-07-19 17:32:04","http://clevelandohseo.com/new.qz","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/34566/"
@@ -96547,7 +97988,7 @@
 "32843","2018-07-16 16:49:13","http://consorciosserragaucha.com.br/Bestellungen/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32843/"
 "32842","2018-07-16 16:49:08","http://call4soft.com/EL-RECH/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32842/"
 "32841","2018-07-16 16:49:06","http://arcsoluciones.cl/Bestellungen/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32841/"
-"32840","2018-07-16 16:49:04","http://202.28.110.204/qr/Rechnungs/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32840/"
+"32840","2018-07-16 16:49:04","http://202.28.110.204/qr/Rechnungs/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32840/"
 "32839","2018-07-16 16:45:07","http://whoizzupp.com/files/ph.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/32839/"
 "32838","2018-07-16 16:45:06","http://holdthatpaper33.com/bim/nine.exe","offline","malware_download","exe,Loki,Pony","https://urlhaus.abuse.ch/url/32838/"
 "32837","2018-07-16 16:45:05","http://185.148.241.52:4560/clu.exe","offline","malware_download","exe,Loki,Pony","https://urlhaus.abuse.ch/url/32837/"
@@ -98189,7 +99630,7 @@
 "31178","2018-07-12 05:50:27","http://abstractandreal.eu//default/En/Statement/invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/31178/"
 "31177","2018-07-12 05:49:05","http://home.earthlink.net/~suzystar/Ups~costomer~service.jar","offline","malware_download","Adwind,java,JBifrost","https://urlhaus.abuse.ch/url/31177/"
 "31176","2018-07-12 04:45:37","http://abby2.checkallserver.xyz/panel/shit.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/31176/"
-"31175","2018-07-12 04:45:36","http://cryptovoip.in/update/Zip.exe","online","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/31175/"
+"31175","2018-07-12 04:45:36","http://cryptovoip.in/update/Zip.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/31175/"
 "31174","2018-07-12 04:45:33","http://mozaks.net/imozaks/Documents/wo.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/31174/"
 "31173","2018-07-12 02:39:26","https://www.sx-zj.net/default/US_us/DOC/HRI-Monthly-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/31173/"
 "31172","2018-07-12 02:39:21","https://urldefense.proofpoint.com/v2/url?u=http-3A__www.sx-2Dzj.net_default_US-5Fus_DOC_HRI-2DMonthly-2DInvoice_&d=DwIFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=FtoDw-zJB1U6oMHnvDnv5XPE4nk-1jws78C28VGfoGApKVXV5MLUlNefW3g60a0o&m=qS8iZQf3b77bbBV4CE5xetvb_lJ3d6tP8YC7H7b_J_4&s=hgffFU7pH5QUrVWxahcnJCN8_J3-Kc-VY2U6jAveHTQ&e/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/31172/"
@@ -99537,7 +100978,7 @@
 "29771","2018-07-10 08:01:02","http://idontknow.moe/files/xzeihw","offline","malware_download","exe","https://urlhaus.abuse.ch/url/29771/"
 "29770","2018-07-10 07:59:03","http://idontknow.moe/files/giotzr","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/29770/"
 "29769","2018-07-10 07:59:03","https://u.teknik.io/RuMP7.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/29769/"
-"29768","2018-07-10 07:58:02","http://ngyusa.com/payment/htanelson.hta","online","malware_download","hta","https://urlhaus.abuse.ch/url/29768/"
+"29768","2018-07-10 07:58:02","http://ngyusa.com/payment/htanelson.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/29768/"
 "29767","2018-07-10 07:55:18","https://lomale.xyz/shaq999999.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/29767/"
 "29765","2018-07-10 07:43:03","http://idontknow.moe/files/fjnfhx","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/29765/"
 "29766","2018-07-10 07:43:03","http://idontknow.moe/files/injwgl","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/29766/"
@@ -99940,8 +101381,8 @@
 "29367","2018-07-09 12:07:08","http://www.powernetups.com/default/En/Order/Invoice-538038/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29367/"
 "29366","2018-07-09 12:07:05","http://www.prensas.net/pdf/En_us/New-Order-Upcoming/invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29366/"
 "29365","2018-07-09 12:07:03","http://www.test-zwangerschap.nl/newsletter/En/STATUS/Invoice-07-09-18/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29365/"
-"29364","2018-07-09 11:42:02","http://ngyusa.com/payment/htazeco.hta","online","malware_download","hta","https://urlhaus.abuse.ch/url/29364/"
-"29363","2018-07-09 11:41:03","http://ngyusa.com/payment/htaallofus.hta","online","malware_download","hta","https://urlhaus.abuse.ch/url/29363/"
+"29364","2018-07-09 11:42:02","http://ngyusa.com/payment/htazeco.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/29364/"
+"29363","2018-07-09 11:41:03","http://ngyusa.com/payment/htaallofus.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/29363/"
 "29362","2018-07-09 11:40:04","http://tanpiupiu.com/mypanel/sand.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/29362/"
 "29361","2018-07-09 11:33:13","http://www.palmtipsheet.com/wp-content/calc1.exe","offline","malware_download","Retefe","https://urlhaus.abuse.ch/url/29361/"
 "29360","2018-07-09 10:45:11","http://jpnc.co.kr/report_N_0054_451419FA2B04CA01-3FAC333342C3D101-5CF92FE53FC3D101-A6490EE03FC3D101_57414C4B45522D5043_57414C4B4552_732477A4_90622BF2_0_started_ext_ALRRR_N_OSBBB_32_OSNNN_Windows_7_Enterprise_CNNN_WALKER-PC_UNNN_WALKER_EXXX_04C7845E8E0D9FD1F5C49FC71D48B937_544768_c__users_traktor_appdata_local_temp_7GJIP9HD36FC01ZF.exe__Device_HarddiskVolume2_utils_c2ae_uiproxy.exe_","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/29360/"
@@ -100734,7 +102175,7 @@
 "28561","2018-07-05 11:31:54","http://www.asifabih.com/jzo/","offline","malware_download","emotet,epoch2,heodo,payload","https://urlhaus.abuse.ch/url/28561/"
 "28560","2018-07-05 11:29:30","http://www.127yjs.com/9c4AhsAGN/","offline","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/28560/"
 "28559","2018-07-05 11:29:27","http://www.omurmakina.net/tpXT9IxgY/","offline","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/28559/"
-"28558","2018-07-05 11:29:25","http://www.tectumhydraulicandbuildingservices.com/ouZabhKm/","offline","malware_download","emotet,epoch1,payload","https://urlhaus.abuse.ch/url/28558/"
+"28558","2018-07-05 11:29:25","http://www.tectumhydraulicandbuildingservices.com/ouZabhKm/","online","malware_download","emotet,epoch1,payload","https://urlhaus.abuse.ch/url/28558/"
 "28557","2018-07-05 11:29:22","http://wildpete.com/9Kk56A/","offline","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/28557/"
 "28556","2018-07-05 11:29:10","http://vakit24.com/gc5Kk3WO8/","offline","malware_download","emotet,epoch1,payload","https://urlhaus.abuse.ch/url/28556/"
 "28550","2018-07-05 11:08:16","http://www.dokassessoria.com.br/cCeI3/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/28550/"
@@ -101028,7 +102469,7 @@
 "28258","2018-07-04 16:05:40","http://yann-artes.com/Documents/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28258/"
 "28257","2018-07-04 16:05:39","http://valquathailand.com/En_us/Statement/tracking-number-and-invoice-of-your-order/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28257/"
 "28256","2018-07-04 16:05:35","http://realleadershipacademy.com/EN_en/New-Order-Upcoming/Invoice-6249291/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28256/"
-"28255","2018-07-04 16:05:33","http://pokorassociates.com/Documents/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28255/"
+"28255","2018-07-04 16:05:33","http://pokorassociates.com/Documents/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28255/"
 "28254","2018-07-04 16:05:30","http://www.prensas.net/4th-July-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/28254/"
 "28253","2018-07-04 16:05:29","http://www.svaistore.ru/Agreements/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/28253/"
 "28252","2018-07-04 16:05:27","https://ky663.com/vs4Prld/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28252/"
@@ -101054,7 +102495,7 @@
 "28232","2018-07-04 16:04:12","http://salinzada.com/4A3bU8Pb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28232/"
 "28231","2018-07-04 16:04:10","http://ruqyahbekam.com/En_us/Order/Invoice-826196/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28231/"
 "28230","2018-07-04 16:04:08","http://product-and-services.iibank.co/En_us/ACCOUNT/Invoice-943812/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28230/"
-"28229","2018-07-04 16:04:07","http://pokorassociates.com/US/Payment-and-address/Invoice-73673/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28229/"
+"28229","2018-07-04 16:04:07","http://pokorassociates.com/US/Payment-and-address/Invoice-73673/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28229/"
 "28228","2018-07-04 16:04:06","http://pointcomputers.kz/US_us/FILE/Invoice/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28228/"
 "28227","2018-07-04 16:04:04","http://pintattoo.cn/Documents-07-2018/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28227/"
 "28226","2018-07-04 16:03:59","http://pdt-pinsk.by/EN_en/Client/91762/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/28226/"
@@ -101423,7 +102864,7 @@
 "27860","2018-07-04 11:29:40","http://www.socialbee.me/Corrections/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27860/"
 "27859","2018-07-04 11:29:37","http://www.skupkakorobok.ru/Agreements2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27859/"
 "27858","2018-07-04 11:29:36","http://www.ruqyahbekam.com/En_us/Order/Invoice-826196/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/27858/"
-"27857","2018-07-04 11:29:35","http://www.pokorassociates.com/Documents/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27857/"
+"27857","2018-07-04 11:29:35","http://www.pokorassociates.com/Documents/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27857/"
 "27856","2018-07-04 11:29:33","http://www.optonaf.ma/En/Purchase/Invoice-750886/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27856/"
 "27855","2018-07-04 11:29:29","http://www.lispharma.vn/Past-Due-Invoices/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27855/"
 "27854","2018-07-04 11:29:26","http://www.jagxsecurity.com/Contracts-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27854/"
@@ -101543,7 +102984,7 @@
 "27740","2018-07-04 07:31:33","http://www.vitinhtamnhinviet.com/wp-admin/js/En/Payment-and-address/Invoice-98444/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/27740/"
 "27739","2018-07-04 07:31:30","http://www.thegoofychic.com/En/DOC/Invoice-3000220/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/27739/"
 "27738","2018-07-04 07:31:28","http://www.serdarozturk.com.tr/EN_en/FILE/Invoice-93546/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/27738/"
-"27737","2018-07-04 07:31:26","http://www.pokorassociates.com/US/Payment-and-address/Invoice-73673/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/27737/"
+"27737","2018-07-04 07:31:26","http://www.pokorassociates.com/US/Payment-and-address/Invoice-73673/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/27737/"
 "27736","2018-07-04 07:31:25","http://www.otvindia.com/US_us/FILE/Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/27736/"
 "27735","2018-07-04 07:31:23","http://www.lakshmidentalclinic.in/US_us/INVOICE-STATUS/Invoice-652650603-070318/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/27735/"
 "27734","2018-07-04 07:31:21","http://www.lactest.by/En_us/Order/ACCOUNT1932672/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/27734/"
@@ -107287,7 +108728,7 @@
 "21896","2018-06-21 05:36:23","http://aptrunggabk.com/STATUS/Account-02338/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21896/"
 "21895","2018-06-21 05:35:59","http://anhstructure.com/Statement/Auditor-of-State-Notification-of-EFT-Depoist/","offline","malware_download","None","https://urlhaus.abuse.ch/url/21895/"
 "21894","2018-06-21 05:35:46","http://adventuretext.com/FILE/Invoice/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21894/"
-"21893","2018-06-21 05:35:25","http://202.28.110.204/joomla/Order/tracking-number-and-invoice-of-your-order/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21893/"
+"21893","2018-06-21 05:35:25","http://202.28.110.204/joomla/Order/tracking-number-and-invoice-of-your-order/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/21893/"
 "21892","2018-06-21 05:35:03","http://187.217.207.75/OVERDUE-ACCOUNT/84740/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21892/"
 "21891","2018-06-21 05:34:02","http://185.246.153.136/AB4g5/Josho.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/21891/"
 "21890","2018-06-21 05:13:05","http://simplicityprojects.com/Q88/benucrypted.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/21890/"
@@ -108973,7 +110414,7 @@
 "20151","2018-06-15 18:32:14","http://tutorial9.net/FILE/Please-pull-invoice-34645/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/20151/"
 "20150","2018-06-15 18:32:12","http://tuflemca.com.mx/Inv-20507-PO-2G317039/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/20150/"
 "20149","2018-06-15 18:32:08","http://tubanprinting.com/INVOICE/KX-63345944/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/20149/"
-"20148","2018-06-15 18:32:04","http://tsg339.com/Invoice/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/20148/"
+"20148","2018-06-15 18:32:04","http://tsg339.com/Invoice/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/20148/"
 "20147","2018-06-15 18:32:00","http://triboteen.com.br/IRS-Tax-Transcipts-June-2018-8815/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/20147/"
 "20146","2018-06-15 18:31:58","http://totaltilestore.ca/IRS-Accounts-Transcipts-09/0/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/20146/"
 "20145","2018-06-15 18:31:57","http://totalsigorta.com/vYY9Skrrhd/","offline","malware_download","None","https://urlhaus.abuse.ch/url/20145/"
@@ -109357,7 +110798,7 @@
 "19767","2018-06-15 15:40:18","http://ranokel.de/QYIL088549/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19767/"
 "19766","2018-06-15 15:40:15","http://ramerman.nl/o/HZLQN39/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19766/"
 "19765","2018-06-15 15:40:14","http://ptmskonuco.me.gob.ve/wp-content/INV/AG-39561134196/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/19765/"
-"19764","2018-06-15 15:40:10","http://pracowniaroznosci.pl/LLC/JOO91036945211AE/Feb-28-2018-223147224/EFXA-EZAG-Feb-28-2018/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/19764/"
+"19764","2018-06-15 15:40:10","http://pracowniaroznosci.pl/LLC/JOO91036945211AE/Feb-28-2018-223147224/EFXA-EZAG-Feb-28-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19764/"
 "19763","2018-06-15 15:40:09","http://phunutoiyeu.com/C6V3PNRD43UOWBFC/Corporation/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19763/"
 "19761","2018-06-15 15:32:07","http://onebrickmusic.com/XbPnH/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19761/"
 "19762","2018-06-15 15:32:07","http://pekny.eu/AGD-1959810481/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19762/"
@@ -109592,7 +111033,7 @@
 "19523","2018-06-15 11:37:04","http://fortuna3.myhostpoint.ch/jand/cnano.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19523/"
 "19522","2018-06-15 11:36:04","http://uploadtops.is/1/f/clZMC7n","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19522/"
 "19521","2018-06-15 11:34:07","http://novec-power.com/wordpress/wp-content/lofyt.msi","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19521/"
-"19520","2018-06-15 11:32:07","http://www.cryptovoip.in/jb/DOTNET.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/19520/"
+"19520","2018-06-15 11:32:07","http://www.cryptovoip.in/jb/DOTNET.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19520/"
 "19519","2018-06-15 11:29:05","http://fortuna3.myhostpoint.ch/jand/jnano.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19519/"
 "19518","2018-06-15 10:46:06","http://185.206.145.171/files/1132.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/19518/"
 "19517","2018-06-15 10:46:03","http://wetransfers.tk/bp/pan.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/19517/"
@@ -111889,7 +113330,7 @@
 "17170","2018-06-11 09:03:03","http://mail.betr8.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17170/"
 "17169","2018-06-11 09:03:03","http://mail.gotomydaddy.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17169/"
 "17168","2018-06-11 08:53:02","http://wonderfuldavid.com/allyson/slycharleshta.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/17168/"
-"17167","2018-06-11 08:52:14","http://www.cryptovoip.in/gy/HJ.exe","online","malware_download","Loki,lokibot","https://urlhaus.abuse.ch/url/17167/"
+"17167","2018-06-11 08:52:14","http://www.cryptovoip.in/gy/HJ.exe","offline","malware_download","Loki,lokibot","https://urlhaus.abuse.ch/url/17167/"
 "17166","2018-06-11 08:52:04","http://mail.electronheaven.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17166/"
 "17165","2018-06-11 08:52:03","http://mail.artcontroller.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17165/"
 "17164","2018-06-11 08:51:23","http://mail.eduify.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17164/"
@@ -117575,19 +119016,19 @@
 "11183","2018-05-18 14:19:40","http://mindsitter.com/Gremlini/ALLWin_RESTART.vbs","offline","malware_download","None","https://urlhaus.abuse.ch/url/11183/"
 "11182","2018-05-18 14:19:37","http://mindsitter.com/Gremlini/ALLWin_NORMAL.vbs","offline","malware_download","None","https://urlhaus.abuse.ch/url/11182/"
 "11181","2018-05-18 14:19:29","http://wiki.hping.org/uploadedfiles/22/chrome%20wifi%20qiran.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11181/"
-"11180","2018-05-18 14:10:25","http://dl.bypass.network/bypasstools/StaticCrypt4.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11180/"
-"11179","2018-05-18 13:57:47","http://dl.bypass.network/bypasstools/SpyNote5.0.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11179/"
+"11180","2018-05-18 14:10:25","http://dl.bypass.network/bypasstools/StaticCrypt4.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11180/"
+"11179","2018-05-18 13:57:47","http://dl.bypass.network/bypasstools/SpyNote5.0.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11179/"
 "11178","2018-05-18 13:53:37","http://dl.bypass.network/bypasstools/SearchIndexer.exe","offline","malware_download","Golroted","https://urlhaus.abuse.ch/url/11178/"
-"11177","2018-05-18 13:51:28","http://dl.bypass.network/bypasstools/PsychonixCrypter.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11177/"
-"11176","2018-05-18 13:47:52","http://dl.bypass.network/bypasstools/Plasma%20Rat%201.7.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11176/"
-"11175","2018-05-18 13:40:11","http://dl.bypass.network/bypasstools/Njrat%20CRYPTER%20V3.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11175/"
-"11174","2018-05-18 13:39:12","http://dl.bypass.network/bypasstools/NjRat%20Lime%20Edition%200.8.0.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11174/"
-"11173","2018-05-18 13:09:05","http://dl.bypass.network/bypasstools/NjRat%20Lime%20Edition%200.7.9.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11173/"
-"11172","2018-05-18 13:06:05","http://dl.bypass.network/bypasstools/Kingspy%20net%20crypter.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11172/"
-"11171","2018-05-18 13:05:38","http://dl.bypass.network/bypasstools/Kingspy%20Crypter%20v2.0.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11171/"
-"11170","2018-05-18 13:05:19","http://dl.bypass.network/bypasstools/Kingspy%20Crypter%20v1.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11170/"
-"11169","2018-05-18 13:04:48","http://dl.bypass.network/bypasstools/File%20Crypter.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11169/"
-"11168","2018-05-18 13:04:16","http://dl.bypass.network/bypasstools/Barut%20Crypter.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11168/"
+"11177","2018-05-18 13:51:28","http://dl.bypass.network/bypasstools/PsychonixCrypter.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11177/"
+"11176","2018-05-18 13:47:52","http://dl.bypass.network/bypasstools/Plasma%20Rat%201.7.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11176/"
+"11175","2018-05-18 13:40:11","http://dl.bypass.network/bypasstools/Njrat%20CRYPTER%20V3.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11175/"
+"11174","2018-05-18 13:39:12","http://dl.bypass.network/bypasstools/NjRat%20Lime%20Edition%200.8.0.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11174/"
+"11173","2018-05-18 13:09:05","http://dl.bypass.network/bypasstools/NjRat%20Lime%20Edition%200.7.9.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11173/"
+"11172","2018-05-18 13:06:05","http://dl.bypass.network/bypasstools/Kingspy%20net%20crypter.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11172/"
+"11171","2018-05-18 13:05:38","http://dl.bypass.network/bypasstools/Kingspy%20Crypter%20v2.0.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11171/"
+"11170","2018-05-18 13:05:19","http://dl.bypass.network/bypasstools/Kingspy%20Crypter%20v1.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11170/"
+"11169","2018-05-18 13:04:48","http://dl.bypass.network/bypasstools/File%20Crypter.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11169/"
+"11168","2018-05-18 13:04:16","http://dl.bypass.network/bypasstools/Barut%20Crypter.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11168/"
 "11167","2018-05-18 13:02:56","http://qualityoflife-lb.com/crypted/tony.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11167/"
 "11166","2018-05-18 13:01:38","http://qualityoflife-lb.com/crypted/success.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11166/"
 "11165","2018-05-18 13:00:17","http://qualityoflife-lb.com/crypted/hono.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11165/"
diff --git a/urlhaus-filter.txt b/urlhaus-filter.txt
index 8acb1efd..f8ecbde9 100644
--- a/urlhaus-filter.txt
+++ b/urlhaus-filter.txt
@@ -1,5 +1,5 @@
 ! Title: abuse.ch URLhaus Malicious URL Blocklist
-! Updated: Mon, 18 Feb 2019 00:24:58 UTC
+! Updated: Mon, 18 Feb 2019 12:23:27 UTC
 ! Expires: 1 day (update frequency)
 ! Repo: https://gitlab.com/curben/urlhaus-filter
 ! License: https://creativecommons.org/publicdomain/zero/1.0/
@@ -15,6 +15,7 @@
 1.34.238.15
 1.34.72.99
 1.9.124.131
+1.9.178.128
 1.almaz13.z8.ru
 101.200.214.249
 101.254.225.145
@@ -30,10 +31,8 @@
 104.203.170.198
 104.219.235.147
 104.223.40.40
-104.248.140.207
 104.248.173.249
 104.248.181.42
-104.248.187.115
 104.248.229.149
 104.32.48.59
 106.105.197.111
@@ -82,6 +81,7 @@
 12.25.14.44
 120.192.64.10
 120.52.51.13
+121.121.42.75
 121.147.51.57
 121.149.49.178
 121.41.0.159
@@ -101,15 +101,13 @@
 128.199.187.124
 128.199.207.179
 128.199.68.28
+128.199.96.104
 128.65.183.8
-13.112.69.225
 13.126.20.237
 13.126.28.98
 13.126.61.11
-13.126.61.22
 13.209.81.235
 13.233.173.191
-13.233.183.227
 13.233.31.203
 13.239.63.5
 130.211.205.139
@@ -123,7 +121,6 @@
 139.59.25.145
 139.59.6.216
 139.59.64.173
-139.99.186.18
 14.183.241.169
 14.200.65.79
 14.230.232.48
@@ -139,10 +136,10 @@
 14.51.127.79
 14.54.121.194
 141.226.28.195
-142.11.206.115
 142.129.111.185
 142.93.211.141
 142.93.219.170
+142.93.227.149
 150.co.il
 151.236.38.234
 151.80.8.17
@@ -171,11 +168,9 @@
 15k.xyz
 160.16.198.220
 163.22.51.1
-165.227.26.16
 166.70.72.209
 167.99.10.129
 167.99.24.159
-168.235.98.135
 169.50.86.213
 172.85.185.216
 173.167.154.35
@@ -191,9 +186,9 @@
 176.97.211.183
 177.189.220.179
 177.68.147.145
+178.128.127.231
 178.128.155.191
 178.128.54.239
-178.131.61.0
 178.236.210.22
 178.62.102.110
 178.62.213.188
@@ -215,17 +210,17 @@
 182.235.29.89
 183.110.79.42
 183.234.11.91
+183.99.140.11
 184.11.126.250
-185.101.105.130
 185.11.146.84
 185.154.15.36
-185.172.110.203
 185.179.169.118
 185.189.149.137
 185.191.229.180
 185.195.236.165
 185.22.152.122
 185.222.202.118
+185.234.216.239
 185.234.217.21
 185.244.25.133
 185.244.25.134
@@ -233,7 +228,6 @@
 185.244.25.148
 185.244.25.173
 185.244.25.174
-185.244.25.176
 185.244.25.182
 185.244.25.194
 185.244.25.199
@@ -241,8 +235,10 @@
 185.244.25.230
 185.244.25.234
 185.244.25.249
+185.244.30.150
 185.244.30.151
 185.26.31.94
+185.81.157.124
 185.94.33.22
 185.96.235.210
 186.149.12.84
@@ -265,19 +261,16 @@
 189.180.253.216
 189.198.67.249
 189.32.232.54
-190.164.186.104
 190.194.44.136
 190.250.124.10
 190.68.44.60
 190.69.81.172
 190.7.27.69
 190.88.184.137
-191.184.241.71
 191.92.234.159
 192.210.146.45
 192.99.142.235
 192.99.242.13
-193.200.50.136
 193.238.47.118
 193.248.246.94
 193.77.216.20
@@ -287,7 +280,6 @@
 198.12.125.130
 198.23.201.215
 198.46.160.158
-198.98.58.235
 198.98.60.232
 198.98.62.207
 199.38.245.221
@@ -304,7 +296,10 @@
 200.38.79.134
 200.63.45.101
 200.63.45.123
+201.168.151.182
 201.26.11.173
+201.92.84.134
+202.28.110.204
 202.55.178.35
 202.75.223.155
 203.146.208.208
@@ -329,16 +324,17 @@
 211.194.183.51
 211.204.165.173
 211.21.205.207
+211.238.147.196
 211.48.208.144
 211.55.144.196
 211.73.73.2
 211.73.73.3
 212.150.200.21
-212.150.222.45
 212.36.31.215
 212.77.144.84
 213.183.60.7
 213.57.13.135
+216.176.179.106
 217.139.86.228
 217.160.51.208
 217.218.219.146
@@ -372,6 +368,7 @@
 222.119.40.240
 222.232.168.248
 223.111.145.197
+23.239.9.56
 23.249.161.100
 23.249.163.110
 23.249.164.131
@@ -391,7 +388,6 @@
 2cbio.com
 2d73.ru
 2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
-3.112.13.31
 3.92.174.100
 3.dohodtut.ru
 30-by-30.com
@@ -402,9 +398,9 @@
 31.168.24.115
 31.168.70.230
 31.179.251.36
-31.184.198.158
 31.211.138.227
 31.211.159.149
+34.73.163.194
 34.80.131.135
 35.176.197.139
 35.184.197.183
@@ -430,12 +426,14 @@
 3dcrystalart.com.ua
 3dx.pc6.com
 4.kuai-go.com
+40.69.23.131
 40seg.com
 41.32.210.2
 41.32.23.132
 430development.com
-45.33.0.176
+45.127.97.4
 45.55.107.240
+46.101.232.155
 46.117.176.102
 46.17.45.226
 46.183.218.243
@@ -465,6 +463,7 @@
 49.159.8.123
 49.255.48.5
 4pointinspection.net
+5.152.203.104
 5.201.128.15
 5.201.130.81
 5.29.137.12
@@ -473,21 +472,14 @@
 50.242.141.75
 50.250.107.139
 52.15.227.66
-52.196.225.91
-52.202.101.89
 52.63.119.3
-54.153.245.124
+52.66.236.210
 54.164.84.17
-54.167.192.134
 54.175.140.118
-54.202.85.204
-54.234.174.153
 54.250.159.171
-54.38.35.144
 579custom.space
 58.230.89.42
 59.124.90.231
-59.127.1.67
 59.29.160.214
 59.29.178.187
 59.31.110.106
@@ -511,7 +503,6 @@
 64.62.250.41
 66.117.2.182
 66.117.6.174
-68.183.157.144
 68.183.41.164
 68.235.84.140
 69.202.198.255
@@ -547,7 +538,6 @@
 80.11.38.244
 80.184.103.175
 80.211.113.14
-80.85.157.130
 80.87.197.123
 81.133.236.83
 81.213.166.175
@@ -555,6 +545,7 @@
 81.43.101.247
 81.56.198.200
 82.137.216.202
+82.166.24.224
 82.166.27.140
 82.253.156.136
 82.80.143.205
@@ -563,7 +554,6 @@
 82.81.27.115
 82.81.44.37
 83.132.244.60
-83.166.241.99
 83.170.193.178
 84.108.209.36
 84.183.153.108
@@ -657,7 +647,6 @@ agulino.com
 ah.download.cycore.cn
 ahmadalhanandeh.com
 aierswatch.com
-air-team-service.com
 airmasterbh.com
 airmod.com.br
 aiwaviagens.com
@@ -670,19 +659,16 @@ akiko.izmsystem.net
 akili.ro
 aksaraycocukaktivitemerkezi.com
 al-wahd.com
-alabarderomadrid.es
 alainghazal.com
 alaskanmarineministries.com
 alba1004.co.kr
 alesya.es
 alexhhh.chat.ru
-alexlema.com
 alexzstroy.ru
 alfaqihuddin.com
 algoritm2.ru
 alhabib7.com
 ali-apk.wdjcdn.com
-alisa-photo.com.ua
 all4mums.ru
 allaboutpoolsnbuilder.com
 allens.youcheckit.ca
@@ -695,12 +681,10 @@ alongthelines.com
 alpha.intouchreminder.com
 alsafeeradvt.com
 alsahagroup.com
-altuntuval.com
 aluigi.altervista.org
 am-tex.net
 amariaapartsminaclavero.000webhostapp.com
 amasa.be
-amatiran.online
 amazonvietnampharma.com.vn
 amd.alibuf.com
 amigosforever.net
@@ -709,14 +693,12 @@ andam3in1.com
 andonia.com
 andreysharanov.info
 angelageorgesphotography.com
-anhsangtuthien.com
 ankarabeads.com
 ankaraliderlikzirvesi.com
 anket.kalthefest.org
 ansabstud.com
 anvietpro.com
 anwalt-mediator.com
-anyes.com.cn
 apceemanpower.com
 api.iwangsen.com
 apk05.appcms.3xiazai.com
@@ -780,7 +762,6 @@ aygwzxqa.applekid.cn
 azaelindia.com
 azraglobalnetwork.com.my
 b7center.com
-babaunangdong.com
 babyparrots.it
 baixenoibai24h.com
 balkaniks.de
@@ -796,7 +777,6 @@ barhat.info
 barjockeysclub.com
 barrycaputo.com
 basch.eu
-base.n24rostov.ru
 batdongsan3b.com
 batdongsanphonoi.vn
 baza-dekora.ru
@@ -845,7 +825,6 @@ biquyettansoi.com
 birchgroupllc.com
 biurorachunkowe24.waw.pl
 bizqsoft.com
-bizresilience.com
 bjkumdo.com
 bjnrwwww.watchdogdns.duckdns.org
 bkm-adwokaci.pl
@@ -861,7 +840,6 @@ bohobitches.co.uk
 bonex.it
 bonheur-salon.net
 bonzi.top
-botmechanic.io
 bottraxanhtini.com
 bounces.duoliprudential.com.watchdogdns.duckdns.org
 bouresmau-gsf.com
@@ -880,8 +858,8 @@ bundle.kpzip.com
 buonbantenmien.com
 buralistesdugard.fr
 burasiaksaray.com
+businessmanagemewww.watchdogdns.duckdns.org
 bynana.nl
-c.pieshua.com
 c2c.webprojemiz.com
 ca.fq520000.com
 ca.hashpost.org
@@ -890,7 +868,6 @@ ca.posthash.org
 caassure.ovh
 cache.windowsdefenderhost.com
 cadencespa.net
-cafe.tgeeks.co.tz
 caferaclete.pt
 cafesoft.ru
 camasdecks.com
@@ -900,7 +877,6 @@ campusfinancial.net
 canhokhangdien.net
 canhooceangate.com
 caraccessonriesr9.com
-careersatltd.com
 careforthesheep.org
 carefreepet.com
 caringsoul.org
@@ -911,23 +887,20 @@ cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org
 carsonbiz.com
 casadasquintas.com
 casanbenito.com
-casfetaudsm.org
+cash-lovers.com
 cash888.net
 cashin.ca
 cathome.org.tw
 catk.hbca.org.cn
 cbmagency.com
 cbup1.cache.wps.cn
-ccbaike.cn
 cccb-dz.org
 ccowan.com
 cdn-10049480.file.myqcloud.com
-cdn.file6.goodid.com
 cdn.fixio.com
 cdn.fullpccare.com
 cdn4.css361.com
 cds.w2w3w6q4.hwcdn.net
-cech.gdansk.pl
 cedartreegroup.com
 celiavaladao.com.br
 centerline.co.kr
@@ -935,6 +908,7 @@ ceo.org.my
 ceoseguros.com
 cerebro-coaching.fr
 cerotex.webprojemiz.com
+cesan-yuni.com
 ceu-hosting.upload.de
 cf.uuu9.com
 cfs11.planet.daum.net
@@ -948,7 +922,6 @@ chalesmontanha.com
 champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org
 championsportspune.com
 changematterscounselling.com
-changemindbusiness.com
 chanvribloc.com
 charavoilebzh.org
 charihome.com
@@ -959,11 +932,13 @@ chilenoscroatas.cl
 chinhdropfile.myvnc.com
 chinhdropfile80.myvnc.com
 chippingscottage.customer.netspace.net.au
+choinkimarkus.pl
 chrnywalibari.com
 chrstiansagainstpoverty-my.sharepoint.com
 chuletas.fr
 chungkhoannews.com
 churchofgod.team
+chuthapdobg.org.vn
 chuyensacdep.com
 cicekciilhan.com
 cild.edu.vn
@@ -979,7 +954,6 @@ ckobcameroun.com
 cl.ssouy.com
 claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 clarte-thailand.com
-clashofclansgems.nl
 classishinejewelry.com
 claudio.locatelli.free.fr
 clean.crypt24.in
@@ -989,6 +963,7 @@ clients.nashikclick.com
 clinicacasuo.com.br
 clinicasense.com
 cliniqueelmenzah.com
+clinkupon.com
 clipestan.com
 cloud.kryptonia.fr
 cloudme.com
@@ -1015,7 +990,6 @@ comcom-finances.com
 comduoliprudential.com.watchdogdns.duckdns.org
 compitec.be
 comprendrepouragir.org
-computerwiz.cc
 computewww.watchdogdns.duckdns.org
 comtechadsl.com
 conciliodeprincipedepazusa.org
@@ -1024,7 +998,6 @@ coneymedia.com
 config.cqhbkjzx.com
 config.wulishow.top
 config.wwmhdq.com
-config.ymw200.com
 config.younoteba.top
 conseil-btp.fr
 construccionesrm.com.ar
@@ -1036,6 +1009,7 @@ coronadodirectory.com
 corporaciondelsur.com.pe
 cortijodebornos.es
 costartechnology.com
+cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 craftmartonline.com
 craftyz.shop
 crittersbythebay.com
@@ -1045,6 +1019,7 @@ cryptovoip.in
 crystalmind.ru
 csetv.net
 csnsoft.com
+csvina.vn
 ctwabenefits.com
 cuahangstore.com
 currencyavenue.com
@@ -1066,7 +1041,6 @@ d9.driver.160.com
 da.alibuf.com
 dadieubavithuyphuong.vn
 dailywaiz.com
-daisychepkemoi.co.ke
 danceman.club
 daocoxachilangnam.org.vn
 daoudi-services.com
@@ -1098,7 +1072,6 @@ demo.dsistemas.net
 demo.esoluz.com
 demo.liuzhixiong.top
 demo.minecraft.edu.vn
-demo1.parsnet.space
 demosthene.org
 denizyildizikresi.com
 dentalradiografias.com
@@ -1124,6 +1097,7 @@ dichvuvesinhcongnghiep.top
 die-tauchbar.de
 diehardvapers.com
 dienlanhlehai.com
+difalabarghoo.ir
 diggerkrot.ru
 digilib.dianhusada.ac.id
 digimacmobiles.com
@@ -1140,17 +1114,18 @@ dkck.com.tw
 dkstudy.com
 dl-gameplayer.dmm.com
 dl.008.net
-dl.bypass.network
 dl.hzkfgs.com
 dl.teeqee.com
 dl1.mqego.com
 dlainzyniera.pl
 dld.jxwan.com
+dllanka.net
 dlqz4.oss-cn-hangzhou.aliyuncs.com
 dmsta.com
 dnn.alibuf.com
 dns.alibuf.com
 dns.fq520000.com
+doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 docteurga.com
 doctorjuliandiaz.com
 doeschapartment.com
@@ -1160,7 +1135,6 @@ domekan.ru
 dominusrex.fr
 domproekt56.ru
 donsworld.org
-dorispeter.co.ke
 dorukhankumbet.com
 dosame.com
 doservicework.com
@@ -1173,7 +1147,6 @@ down.ecubefile.com
 down.eebbk.net
 down.haote.com
 down.kuwo.cn
-down.leyoucoc.cn
 down.pcclear.com
 down.pdf.cqmjkjzx.com
 down.pdflist.cqhbkjzx.com
@@ -1182,6 +1155,7 @@ down.soft.6789.net
 down.soft.hyzmbz.com
 down.soft.yypdf.cn
 down.softlist.hyzmbz.com
+down.softlist.tcroot.cn
 down.startools.co.kr
 down.topsadon.com
 down.travma.site
@@ -1263,13 +1237,13 @@ dx93.downyouxi.com
 dxdown.2cto.com
 e-basvur.com
 e-online.fr
+e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
 ea-no7.net
 earnbdt.com
 earplasticsurgeon.com
 easydown.stnts.com
 easydown.workday360.cn
 eatyergreens.com
-ec2-13-112-69-225.ap-northeast-1.compute.amazonaws.com
 ec2-13-126-174-234.ap-south-1.compute.amazonaws.com
 ec2-18-218-56-72.us-east-2.compute.amazonaws.com
 eclairesuits.com
@@ -1287,6 +1261,7 @@ electricam.by
 elegance-bio.com
 elena.podolinski.com
 elibrary.co.ke
+elitegrowth.net
 elizaygust.cocospark.com.ve
 ellallc.org
 elsgroup.mk
@@ -1317,7 +1292,6 @@ esence.com.br
 estab.org.tr
 esundaryatayat.com
 eticaretdanismani.com
-etka.com.tr
 etliche.pw
 etouchbd.net
 etravelaway.com
@@ -1342,12 +1316,12 @@ familiasexitosascondayan.com
 fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 fantaziamod.by
 farmcomputewww.watchdogdns.duckdns.org
-farmsys.in
 farzandeshad.com
 fastimmo.fr
 fastsolutions-france.com
 faucetbaby.com
 fayzi-khurshed.tj
+fctu.xyz
 fd.laomaotao.org
 fd.uqidong.com
 fenlabenergy.com
@@ -1369,7 +1343,6 @@ files6.uludagbilisim.com
 filowserve.com
 finndev.net
 firephonesex.com
-firstcryptobank.io
 firstdobrasil.com.br
 firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
 fjorditservices.com
@@ -1394,7 +1367,6 @@ frankraffaeleandsons.com
 freelancecommunication.fr
 friendsstarintl.com
 frog.cl
-fst.gov.pk
 fstd.com.tw
 ftp.doshome.com
 ftp.smartcarpool.co.kr
@@ -1419,7 +1391,6 @@ galinakulesh.ru
 galladoria.de
 game111.52zsoft.com
 gamehack.chat.ru
-gaminggo.website
 ganapatihelp.com
 garenanow.myvnc.com
 garenanow4.myvnc.com
@@ -1469,7 +1440,6 @@ greatescapesworkshop.com
 greatissoftware.com
 greattechnical.com
 greeksoft.gr
-greencampus.uho.ac.id
 greenwhitegranit.com
 greyradical.com
 ground-africa.com
@@ -1482,7 +1452,6 @@ h-bva.ru
 h-guan.com
 h-h-h.jp
 h.eurotrading.com.pl
-h809171554.nichost.ru
 ha5kdq.hu
 hackdownload.free.fr
 haeum.nfile.net
@@ -1502,9 +1471,11 @@ harmonyinternationalschools.com
 hashkorea.com
 hashtagvietnam.com
 hataydaskebap.com
+haunnhyundaibacninh.com
 hbr0.icu
 hcchanpin.com
 headbuild.info
+headshotsni.co.uk
 headstride.com
 healingisnotanaccident.com
 heartseasealpacas.com
@@ -1515,7 +1486,6 @@ hellodocumentary.com
 help3in1.oss-cn-hangzhou.aliyuncs.com
 helpdesk.lesitedemamsp.fr
 helpingpawsrescueinc.org
-helpyouman.tk
 hemiaitbd.com
 hexacam.com
 hezi.91danji.com
@@ -1538,7 +1508,6 @@ holzheuer.de
 homecaregurgaon.com
 homedeco.com.ua
 hondaparadise.co.th
-hongcheng.org.hk
 hopperfinishes.com
 horizont.az
 hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
@@ -1552,11 +1521,9 @@ htxl.cn
 hubertpascal.org
 huc-hkh.orciprudential.com.watchdogdns.duckdns.org
 huhuhu.cf
-huyushop.com
 hvacofportland.com
 hwasungchem.co.kr
 hyboriansolutions.net
-hydra100.staroundi.com
 hyey.cn
 hygienic.co.th
 hyunmoon.nfile.net
@@ -1578,6 +1545,7 @@ ililform.se
 illdy.azteam.vn
 illmob.org
 ilo-drink.nl
+images.hbsc-banking.com
 images.tax861.gov.cn
 imatrade.cz
 imf.ru
@@ -1622,7 +1590,6 @@ irenecairo.com
 irnanoshop.com
 ironworks.net
 irvingbestlocksmith.com
-isaboke.co.ke
 isgno.net
 ishqekamil.com
 isis.com.ar
@@ -1652,13 +1619,13 @@ javcoservices.com
 jayc-productions.com
 jbcc.asia
 jbnortonandco.com
-jeponautoparts.ru
+jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+jdsoftdados.com.br
 jessicalinden.net
 jetwaysairlines.us
 jghorse.com
 jhandiecohut.com
 jifendownload.2345.cn
-jigneshjhaveri.com
 jijiquan.net
 jimbagnola.ro
 jitkla.com
@@ -1672,12 +1639,10 @@ joerath.ca
 jogjaimpactforum.org
 johkar.net
 johnbearross.com
-johnscevolaseo.com
 johnsonearth.com
 jordanembassy.org.au
 joseantony.info
 josephreynolds.net
-josjuniour.co.ke
 jplymell.com
 jsksolutions.co.za
 jsrwaco.watchdogdns.duckdns.org
@@ -1693,9 +1658,11 @@ jy-property.com
 jzny.com.cn
 k-investigations.com
 k.iepedacitodecielo.edu.co
+kamagra4uk.com
 kamasu11.cafe24.com
 kameyacat.ru
 kapelazradomia.pl
+karamina.com
 karassov.ru
 karavantekstil.com
 kardelenozelegitim.com
@@ -1705,11 +1672,9 @@ katharinen-apotheke-braunschweig.de
 kblpartners.com
 kdjf.guzaosf.com
 kdoorviet.com
-kebunrayabaturraden.id
 kendinyap.club
 kennyandka.com
 kerusiinovasi.com
-keshtafzoon.com
 kevinjonasonline.com
 kgr.kirov.spb.ru
 khobep.com
@@ -1720,10 +1685,12 @@ kientrucviet24h.com
 kimberly5esthetique.com
 kimono-kor.com
 kimyen.net
+kinhbacchemical.com
 kirtifoods.com
 kittipakdee.com
 klotho.net
 kmet.us
+kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 kn-paradise.net.vn
 knaufdanoline.cf
@@ -1760,10 +1727,8 @@ labersa.com
 labphon15.labphon.org
 laflamme-heli.com
 lakematheson.com
-lakornhot.com
 lakshmicollege.org
 lalie-bioty.fr
-lam.cz
 lameguard.ru
 lamesadelossenores.com
 lanco-flower.ir
@@ -1775,7 +1740,6 @@ laurapetrioli.com
 lawindenver.com
 lawlabs.ru
 laylalanemusic.com
-lazell.pl
 ld.mediaget.com
 le-castellino.fr
 lead.bilisim2023.com
@@ -1785,7 +1749,6 @@ leclix.com
 leeericsmith.com
 leeth.org
 lefurle.by
-legalserv.in
 legalth.com
 lelcrb.by
 lemonremodeling.com
@@ -1798,7 +1761,6 @@ level1collective.com
 lextrend.net
 lfenjoy.com
 lg4square.com
-lhzs.923yx.com
 lianglinyiyou.com
 lianzhimen.net
 liceulogoga.ro
@@ -1820,6 +1782,7 @@ lists.coqianlong.watchdogdns.duckdns.org
 lists.ibiblio.org
 lists.reading.ac.uk
 lithi.io
+lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 littleumbrellas.net
 live.cricskill.com
 livechallenge.fr
@@ -1838,7 +1801,6 @@ looktravel.ge
 louiskazan.com
 lovecookingshop.com
 lsn.standard-om.net
-luckeepaulsza.com
 lun.otrweb.ru
 lussos.com
 lutnikwitwicki.pl
@@ -1864,13 +1826,11 @@ manatwork.ru
 manhattan.dangcaphoanggia.com
 manhattan.yamy.vn
 manhattanluxuryrealestatelistings.com
-manhtructhanhtin.com
 mantoerika.yazdvip.ir
 manualquickbooksespanol.com
 manukadesign.co.uk
 maocg.com
 mapleleafsb.com
-marasopel.com
 marchitec.com.br
 maria-tours.com
 marianalypova.com
@@ -1919,8 +1879,8 @@ media1.webgarden.es
 mediarox.com
 medicalfarmitalia.it
 medicinaonline.rjsrwaco.watchdogdns.duckdns.org
-megl.ca
 melonacreations.co.za
+menardvidal.com
 menderesbalabankirdugunsalonu.com
 menromenglobaltravels.com.ng
 menzway.com
@@ -1928,6 +1888,7 @@ mercedes-club-bg.com
 mercurysroadie.com
 mettek.com.tr
 meunasahbaro.desa.id
+mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 miamifloridainvestigator.com
 miceeventsint.com
 micronet-solutions.com
@@ -1961,15 +1922,19 @@ mkcelectric.com
 mkk09.kr
 mm2017mmm.com
 mmctalent.com
+mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org
 mmgsk.com
 mmmnasdjhqweqwe.com
 mmmooma.zz.am
 mnarat8.com
+mnyn.ir
 mobile.tourism.poltava.ua
 mod.sibcat.info
 modexcommunications.eu
 moha-group.com
+mohinhgohandmadedtoys.com
 molministries.org
+monicagranitesandmarbles.com
 monkeyinferno.net
 monumentcleaning.co.uk
 morganceken.se
@@ -1980,11 +1945,8 @@ mothershiproductions.co
 mowbaza.chat.ru
 mozarthof.com
 mpdpro.sk
-mrbr.net.pl
-mrdp.net.pl
 mrhinkydink.com
 mrm.lt
-ms.fq520000.com
 msao.net
 mtt.nichost.ru
 muapromotion.com
@@ -2020,6 +1982,7 @@ napier.eu
 natboutique.com
 nathaninteractive.com
 nathannewman.org
+nationallibrary.mn
 naturaltaiwan.asia
 nauticalpromo.com
 nemetboxer.com
@@ -2037,7 +2000,6 @@ next-vision.ro
 nextsearch.co.kr
 nexusinfor.com
 nexusonedegoogle.com
-ngkidshop.com
 ngmaservice.com
 ngtcclub.org
 nguyenthanhriori.com
@@ -2059,13 +2021,10 @@ nklj.com
 nmce2015.nichost.ru
 nn-webdesign.be
 nobleartproject.pl
-noithatchungcudep.info
-noithatshop.vn
 nongkerongnews.com
 norsterra.cn
 northcityspb.ru
 northmaint.se
-nosomosgenios.com
 notes.town.tillsonburg.on.ca
 notesteacher.ru
 novichek-britam-v-anus.000webhostapp.com
@@ -2075,6 +2034,7 @@ nuibunsonglong.com
 numb-inside.info
 oa.kingsbase.com
 obseques-conseils.com
+oceangate.parkhomes.vn
 oceanzacoustics.com
 odesagroup.com
 oganiru.in
@@ -2096,12 +2056,14 @@ ongac.org
 onggiodieuhoa.com
 onlinedown.down.123ch.cn
 onlinekushshop.com
+opcbgpharma.com
 opticalexpressbd.com
 optimasaludmental.com
 optionscity.com
 orciprudential.com.watchdogdns.duckdns.org
 orderauto.es
 orglux.site
+orhangencebay.gen.tr
 orion.kim
 orishinecarwash.com
 ortotomsk.ru
@@ -2109,7 +2071,6 @@ osdsoft.com
 ossi4.51cto.com
 ostappnp.myjino.ru
 ostyle-shop.net
-otosude.com
 otterloo.nl
 ouie.studio
 outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
@@ -2135,16 +2096,16 @@ patch2.99ddd.com
 patch3.51mag.com
 patch3.99ddd.com
 patriciafurtado.pt
-pattani.mcu.ac.th
 paul.falcogames.com
 pay.aqiu6.com
 pc6.down.123ch.cn
 pcr1.pc6.com
 pcsoft.down.123ch.cn
 pds36.cafe.daum.net
+peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
 penfocus.com
 pesei.it
-pestguard.com.bd
+peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 petexpertises.com
 phantasy-ent.com
 phattrienviet.com.vn
@@ -2161,6 +2122,7 @@ plum.joburg
 pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org
 pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 pocketmate.com
+pokorassociates.com
 pontotocdistrictba.com
 porn-games.tv
 pornbeam.com
@@ -2173,20 +2135,16 @@ powerdrive-eng.com
 powertec-sy.com
 powerwield.com
 ppp-au.com
-pracowniaroznosci.pl
 pravara-mi.com
 prdbrasil.com.br
-precounterbrand.com
-preladoprisa.com
 premier-pavers.com
 prenak.com
 prfancy-th.com
-primeeast.net
 princetonsuppliers.co.uk
 print.abcreative.com
-printingphuket.com
 prithvigroup.net
 private.cgex.in
+priveeprimeltd.co.uk
 projectonebuilding.com.au
 promoagency.sk
 propolisterbaik.com
@@ -2202,25 +2160,24 @@ pujjr-cs.oss-cn-hangzhou.aliyuncs.com
 pushmail.presto-solutions.com
 pw-financial.net
 pw.wasaqiya.com
+pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
 pzhsz.ltd
 qianlong.watchdogdns.duckdns.org
 qppl.angiang.gov.vn
 qqenglish.com.cn
 qsongchihotel.com
 quarenta.eu
-quatanggiaminh.com
 quebrangulo.al.gov.br
 quintoesquerdo.net
-r00ts.x398.ml
 rabhomes.com
 radio312.com
 radugaru.com
+rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 ramenproducciones.com.ar
 rapidc.co.nz
 rarejewelry.net
 rationalalliance.com
 rc.ixiaoyang.cn
-rdk.kz
 rdmarmotte.net
 re-set.fr
 realdealhouse.eu
@@ -2234,7 +2191,6 @@ redrhinofilms.com
 refurbished.my
 rehmantrader.com
 remarkablesteam.org
-remavto66.ru
 remitdocx.ga
 remoiksms.com.ng
 rensgeubbels.nl
@@ -2253,7 +2209,6 @@ riaztex.com
 rightsense.in
 rjsrwaco.watchdogdns.duckdns.org
 rkverify.securestudies.com
-rms.uzelbilisim.com.tr
 rncnica.net
 rnosrati.com
 roadart.it
@@ -2263,8 +2218,6 @@ robhogg.com
 robjunior.com
 rockenstein-gmbh.de
 roffers.com
-rohrreinigung-klosterneuburg.at
-rohrreinigung-wiener-neustadt.at
 romantis.penghasilan.website
 romanyaciftevatandaslik.com
 romeosretail-my.sharepoint.com
@@ -2287,7 +2240,6 @@ rtcfruit.com
 ruforum.uonbi.ac.ke
 rumahsuluh.or.id
 ruoubiaplaza.com
-rupbasanbandung.com
 rus-fishing.com
 s-pl.ru
 s.51shijuan.com
@@ -2307,12 +2259,11 @@ sainashabake.com
 saint-mike.com
 sale-petit-bonhomme.com
 salesround.com
-saleswork.nl
 samar.media
 saminvestmentsbv.com
 samix-num.com
 samjonesrepairs.co.uk
-samuelkageche.co.ke
+sanghyun.nfile.net
 sanliurfakarsiyakataksi.com
 satilik.webprojemiz.com
 satsantafe.com.ar
@@ -2342,6 +2293,7 @@ sempet.com.tr
 send.webprojemiz.com
 senital.co.uk
 sentrypc.download
+seraflora.com
 server28.onlineappupdater.com
 server33.onlineappupdater.com
 servet.000webhostapp.com
@@ -2351,6 +2303,7 @@ setembroamarelo.org.br
 setincon.com
 setupadsfile.yxdown.com
 sexualharassment.in
+seyh9.com
 seyidogullaripeyzaj.com
 sfbienetre.com
 sfpixs123.dothome.co.kr
@@ -2376,13 +2329,11 @@ shirikuh.com
 shirtproductionengineering.com
 shirtsforpatriots.com
 shivadrit.com
-shlifovka.by
 shly.fsygroup.com
 shop.theirishlinenstore.com
 shophousephuquoc.top
 shopseaman.com
 shoreshot.photos
-shrikailashlogicity.in
 shrimahaveerinfrastate.in
 shrimalisonimahamandal.com
 sibcat.info
@@ -2435,10 +2386,8 @@ soccer4peaceacademy.com
 socialworkacademy.in
 sofrehgard.com
 soft.114lk.com
-soft.duote.com.cn
 soft.mgyun.com
 soft2.mgyun.com
-softhy.net
 software.rasekhoon.net
 sohaans.com
 sohointeriors.org
@@ -2458,6 +2407,7 @@ sosh47.citycheb.ru
 soulassociates.in
 soumaille.fr
 spamitback.com
+sparkuae.com
 spb0969.ru
 speakingadda.com
 speechwar.com
@@ -2482,14 +2432,12 @@ ssgarments.pk
 sshousingnproperties.com
 sssgf.in
 st-medical.pl
+stablecoinswar.com
 stairnaheireann.ie
 standart-uk.ru
 starcomb.com
-stardenteurope.com
-starlineyapi.xyz
 starnslabs.com
 staroil.info
-startupinternetmarketing.com
 startupwish.com
 statewidehomesavings.com
 static.3001.net
@@ -2526,7 +2474,6 @@ sunroofeses.info
 super-industries.co
 supersnacks.rocks
 supplementcashback.com
-supreme.net.pl
 surearmllc.com
 suviajeaunclick.com
 suzannababyshop.com
@@ -2544,7 +2491,6 @@ synergyconsultantsindia.com
 syntek.net
 systemtechnology.ru
 syubbanulakhyar.com
-szkolarodzenia.sos.pl
 t.honker.info
 ta107s3.watchdogdns.duckdns.org
 tabaslotbpress.com
@@ -2552,7 +2498,6 @@ tadilatmadilat.com
 tahmincik.webprojemiz.com
 tamagocin.com
 tantrung.com
-taoday.net
 taplamnguoi.com
 tapnprint.co.uk
 taraward.com
@@ -2565,20 +2510,20 @@ tb.ostroleka.pl
 tc-jaureguiberry.fr
 tck136.com
 tcoqianlong.watchdogdns.duckdns.org
+tcy.198424.com
 td111.com
 teambored.co.uk
 teamfluegel.com
 techidra.com.br
 techrecyclers.info
 tecnologiaz.com
-teelam9.com
+tectumhydraulicandbuildingservices.com
 tekacars.com
 tekirmak.com.tr
 telegram-tools.ru
 tendep.com
 terifischer.com
 terrible.wine
-tesonisitma.com
 test.aimakinvest.kz
 test.sies.uz
 testcrowd.nl
@@ -2596,8 +2541,6 @@ thatoilchick.com
 thebagforum.com
 theboltchick.com
 thecostatranphu.com
-thedopplershift.co.uk
-theengineersguild.com
 thegiddystitcher.com
 thegioicongdungcu.com
 thehivecreative.com
@@ -2619,15 +2562,12 @@ theshoremalacca.com
 theshowzone.com
 theslimyjay.ml
 thewaysistemas.com.br
-thewordrelianceinternational.org
 thiensonha.com
-thinhlv.vn
 thorxer.de
 thosewebbs.com
 threemenandamovie.com
 thu-san-world-challenges.org
 thuducland.net
-thuytienacademy.com
 tianangdep.com
 tiaoma.org.cn
 tienlambds.com
@@ -2652,7 +2592,6 @@ topwintips.com
 torontoluxuryrealestatelistings.com
 tours-fantastictravel.com
 trafficpullz.co.in
-traktor.parsnet.space
 trakyapeyzajilaclama.com
 tramper.cn
 trandinhtuan.edu.vn
@@ -2670,7 +2609,7 @@ trinidadnorth.com
 triozon.net
 troysumpter.com
 truenorthtimber.com
-tsogomediakit.co.za
+tsg339.com
 tsport88.com
 tuananhhotel.com
 tuandecal.net
@@ -2687,7 +2626,7 @@ tych.pe
 u5.innerpeer.com
 ucanbisiklet.com
 ucitsaanglicky.sk
-uebhyhxw.afgktv.cn
+udential.com.watchdogdns.duckdns.org
 ujet.infointsale.com
 ulco.tv
 underluckystar.ru
@@ -2697,9 +2636,7 @@ unixfit.moscow
 unknown-soft.com
 up.ksbao.com
 up.vltk1ctc.com
-update-res.100public.com
 update.link66.cn
-update.yalian1000.com
 updater.inomiu.com
 upgrade.shihuizhu.net
 upgrade.xaircraft.cn
@@ -2713,7 +2650,7 @@ usep75.fr
 useraccount.co
 usmantea.com
 ussrback.com
-uuuuu.com.tw
+uxz.didiwl.com
 uycqawua.applekid.cn
 uzopeanspecialisthospital.com
 uzri.net
@@ -2721,11 +2658,9 @@ vaatzit.autoever.com
 vadhuvarparichay.com
 vaeaincorp-my.sharepoint.com
 valencecontrols.com
-van-wonders.co.uk
 vangout.com
 variantmag.com
 vaz-synths.com
-vcpesaas.com
 velatoursrls.com
 venta72.ru
 veryboys.com
@@ -2741,7 +2676,6 @@ vincity-oceanpark-gialam.com
 vincopharmang.com
 vinhomeshalongxanh.xyz
 visionoflifefoundation.com
-viticomvietnam.com
 viztarinfotech.com
 voip96.ru
 volammienphi.net
@@ -2757,7 +2691,6 @@ wansaiful.com
 wasasamfi.com
 watchdogdns.duckdns.org
 watchdogdns.duckdns.orgwatchdogdns.duckdns.org
-watwotunumili.co.ke
 wavemusicstore.com
 wbd.5636.com
 wcf-old.sibcat.info
@@ -2791,6 +2724,7 @@ wmd9e.a3i1vvv.feteboc.com
 wonderful-davinci-e6a9e8.netlify.com
 wordpress-219768-716732.cloudwaysapps.com
 wordwave.academy
+worldlinkaddress.com
 worldrunner.co.uk
 worshipped-washer.000webhostapp.com
 wowepic.net
@@ -2814,6 +2748,7 @@ wxbsc.hzgjp.com
 wxw.jackservice.com.pl
 wyptk.com
 xavietime.com
+xblbnlws.appdoit.cn
 xeroxyaziciservisi.istanbul
 xethugomrac.com.vn
 xfit.kz
@@ -2834,10 +2769,9 @@ xn----dtbicbmcv0cdfeb.xn--p1ai
 xn--116-eddot8cge.xn--p1ai
 xn--42c9ajcvlnf2e4cncez70aza.com
 xn--5dbalbrcab0al1jnj.co.il
-xn--777-9cdpxv4b3g4a.xn--p1ai
 xn--80abhfbusccenm1pyb.xn--p1ai
+xn--80adg3b.net
 xn--90achbqoo0ahef9czcb.xn--p1ai
-xn--90aeb9ae9a.xn--p1ai
 xn--b1afnmjcis3f.xn--p1ai
 xn--h1agffkv.xn--p1ai
 xri4pork.s3.amazonaws.com
@@ -2862,9 +2796,7 @@ ygraphx.com
 yildiriminsaat.com.tr
 yiluzhuanqian.com
 ylgcelik.site
-yojolife.site
 yokocobra.com
-yolanda.co.ke
 yonetim.yonpf.com
 yourcurrencyrates.com
 yulv.net