diff --git a/src/URLhaus.csv b/src/URLhaus.csv
index 34f1fd53..73fdfd52 100644
--- a/src/URLhaus.csv
+++ b/src/URLhaus.csv
@@ -1,108 +1,574 @@
 ################################################################
 # abuse.ch URLhaus Database Dump (CSV)                         #
-# Last updated: 2019-01-30 12:17:07 (UTC)                      #
+# Last updated: 2019-01-31 00:14:09 (UTC)                      #
 #                                                              #
 # Terms Of Use: https://urlhaus.abuse.ch/api/                  #
 # For questions please contact urlhaus [at] abuse.ch           #
 ################################################################
 #
 # id,dateadded,url,url_status,threat,tags,urlhaus_link
+"114228","2019-01-31 00:14:09","http://157.230.214.229:80/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114228/"
+"114227","2019-01-31 00:14:07","http://157.230.214.229:80/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114227/"
+"114226","2019-01-31 00:14:03","http://178.128.237.177:80/bins/sora.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114226/"
+"114225","2019-01-31 00:12:02","http://178.128.237.177:80/bins/sora.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114225/"
+"114224","2019-01-30 23:54:02","http://80.211.4.5/Syn","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114224/"
+"114223","2019-01-30 23:53:08","http://157.230.214.229:80/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114223/"
+"114222","2019-01-30 23:53:07","http://80.211.4.5/berry","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114222/"
+"114221","2019-01-30 23:53:07","http://80.211.4.5/tuan","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114221/"
+"114220","2019-01-30 23:53:06","http://121.208.17.77:60952/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/114220/"
+"114219","2019-01-30 23:43:13","http://80.211.4.5/popper","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114219/"
+"114218","2019-01-30 23:43:10","http://80.211.4.5/ricky","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114218/"
+"114217","2019-01-30 23:43:08","http://157.230.214.229:80/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114217/"
+"114216","2019-01-30 23:43:03","http://80.211.4.5/pie","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114216/"
+"114215","2019-01-30 23:42:07","http://80.211.4.5/water","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114215/"
+"114214","2019-01-30 23:42:05","http://178.128.237.177:80/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114214/"
+"114213","2019-01-30 23:42:03","http://80.211.4.5/grape","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114213/"
+"114212","2019-01-30 23:41:09","http://80.211.4.5/flix","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114212/"
+"114211","2019-01-30 23:41:07","http://80.211.4.5/cax","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114211/"
+"114210","2019-01-30 23:41:05","http://80.211.4.5/roose","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114210/"
+"114209","2019-01-30 23:41:03","http://80.211.4.5/Axe","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/114209/"
+"114208","2019-01-30 23:34:03","http://oceanzacoustics.com/wp-content/themes/oceanzAcoustics/page-templates/Tax%20Payment%20Challan.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/114208/"
+"114207","2019-01-30 23:33:04","http://oceanzacoustics.com/wp-content/themes/oceanzAcoustics/js/Tax%20Payment%20Challan.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/114207/"
+"114206","2019-01-30 23:29:02","http://colmenacl.net/praet/torians.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114206/"
+"114205","2019-01-30 23:28:04","http://astravernici.es/wp-content/themes/sketch/ming.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114205/"
+"114204","2019-01-30 23:04:07","http://rc.ixiaoyang.cn/Single8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114204/"
+"114141","2019-01-30 22:16:14","http://garizzlas.top/kakabang.exe","online","malware_download","GandCrab,Ransomware,DEU,Sandiflux","https://urlhaus.abuse.ch/url/114141/"
+"114140","2019-01-30 22:14:13","http://traffic.wilmingtonbigtalker.com/PKAaWWW_wpUrXer_gF8AygHSS/Secure/Online_billing/Billing/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114140/"
+"114139","2019-01-30 22:14:11","http://noithatnghiakhiet.com/drNS-xAqQT_mUiKGJnx-FcN/InvoiceCodeChanges/EN_en/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114139/"
+"114138","2019-01-30 22:14:06","http://jaihanuman.us/wp-content/uploads/PH2hhe0aPx3_Fb17TW_Ad18c/Secure/Account/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114138/"
+"114137","2019-01-30 22:14:02","http://faternegar.ir/aQde_XQPORb_CnUIIdRllP/Organization/Account/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114137/"
+"114136","2019-01-30 22:09:03","https://linkprotect.cudasvc.com/url?a=http://jjtphoto.com/scan/En/Paid-Invoice-Credit-Card-Receipt&c=E","offline","malware_download","None","https://urlhaus.abuse.ch/url/114136/"
+"114130","2019-01-30 21:42:13","http://npbina.com/Details/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114130/"
+"114129","2019-01-30 21:42:07","http://www.jackservice.com.pl/Messages/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114129/"
+"114128","2019-01-30 21:38:18","https://buligbugto.org/bkVR-obFW_c-hBo/ACH/PaymentAdvice/US/Invoice-for-you/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/114128/"
+"114127","2019-01-30 21:38:17","http://alfemimoda.com/GYev-wEzP_Kh-mK/Southwire/EJP5666373967/EN_en/Invoices-attached/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/114127/"
+"114126","2019-01-30 21:38:13","http://ghazaldookht.ir/etZH-zyO7P_znCT-Olj/Inv/0120002972/US_us/Outstanding-Invoices/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/114126/"
+"114125","2019-01-30 21:38:06","http://cwc.vi-bus.com/vQoS-PW_nRNzc-gVi/INVOICE/US/Companies-Invoice-4520895/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/114125/"
+"114124","2019-01-30 21:34:08","http://oceanzacoustics.com/wp-content/js/GST%20Payment%20Challan.zip","online","malware_download","Kutaki,zipped-exe","https://urlhaus.abuse.ch/url/114124/"
+"114123","2019-01-30 20:36:38","http://www.tubeian.com/hXeM-gK7wt_xIHMbkmUJ-PDc/Inv/675530529/EN_en/Open-Past-Due-Orders/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114123/"
+"114122","2019-01-30 20:36:36","http://mexventure.co/ifJR-Cvd36_YdG-KCC/12355/SurveyQuestionsUS_us/Document-needed/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114122/"
+"114121","2019-01-30 20:36:34","http://fira.org.za/ArRw-d4_WACQ-lzn/En_us/Invoice-for-d/e-01/31/2019/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/114121/"
+"114120","2019-01-30 20:36:04","http://airshot.ir/QDVDp-wm5YI_AWVdIpb-tu/Inv/41842826895/En/Invoice-1766329/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114120/"
+"114119","2019-01-30 20:22:05","http://221.146.91.205:8260/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/114119/"
+"114118","2019-01-30 20:15:07","http://samoprogrammy.ru/IWbQZtYG_KuTiI1n_DHJLELX/Company/Account/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114118/"
+"114117","2019-01-30 20:15:06","http://noithatshop.vn/egPCRxQl_d3qsIprS_kxfyjDIfsj/Company/Online_billing/Billing/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/114117/"
+"114116","2019-01-30 20:15:02","http://maxtraidingru.437.com1.ru/4b3_aOhia0M_a9VlgWV4Mum/Secure/Business/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114116/"
+"114115","2019-01-30 20:14:02","http://5072610.ru/k4O4EYIBH_Chndeu4_eRE5XcRka5/Organization/Online_billing/Billing/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114115/"
+"114114","2019-01-30 19:57:03","http://moscow00.online/KeyMoscow00.35.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114114/"
+"114107","2019-01-30 19:37:03","http://157.230.216.122/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114107/"
+"114106","2019-01-30 19:37:02","http://157.230.216.122/bins/hoho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114106/"
+"114105","2019-01-30 19:34:10","http://www.rijschool-marketing.nl/FIZj-LX_xnNyDGY-dw/ACH/PaymentInfo/En_us/Invoice-Number-08274/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114105/"
+"114104","2019-01-30 19:34:09","http://woody.market/naDp-ma9w_fhFz-9n/4976459/SurveyQuestionsEn/Inv-958382-PO-5V471090/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114104/"
+"114103","2019-01-30 19:34:08","http://wieczniezywechoinki.pl/XvyWW-79O6U_RnYvXdd-nj/INVOICE/47797/OVERPAYMENT/US_us/Overdue-payment/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114103/"
+"114102","2019-01-30 19:34:07","http://viettalent.edu.vn/YvhqZ-rU_Io-Xvb/EXT/PaymentStatus/En/Need-to-send-the-attachment/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114102/"
+"114101","2019-01-30 19:34:04","http://thietkewebwp.com/wp-content/uploads/fJWV-373tT_DUNw-FDD/Invoice/36269303/En/Service-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114101/"
+"114100","2019-01-30 19:33:25","http://ssearthmovers.in/wWjjr-NgiP_XsjTnYYd-EQ/Ref/12071454US/Invoices-attached/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114100/"
+"114099","2019-01-30 19:33:23","http://okkyaditya.com/AVUH-Pv_mzCV-wj/ACH/PaymentInfo/En/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114099/"
+"114098","2019-01-30 19:33:20","http://nrnreklam.com/cappW-gxu_LCwTa-o5U/invoices/8123/2591/EN_en/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114098/"
+"114097","2019-01-30 19:33:18","http://hireanaccountant.ca/ariXN-4ATb_NIyvxHEQt-rG/ACH/PaymentInfo/En_us/1-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/114097/"
+"114096","2019-01-30 19:33:17","http://docs.web-x.com.my/yJoPP-GtDo_Wlvklkt-RN/062410/SurveyQuestionsEn_us/692-52-425970-830-692-52-425970-602/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114096/"
+"114095","2019-01-30 19:33:13","http://deltaviptemizlik.com/yShe-g2g9Z_jUI-W1/Invoice/202824801/En_us/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114095/"
+"114094","2019-01-30 19:33:12","http://comeinitiative.org/LurBA-ik_bsA-yxa/Invoice/04426868/EN_en/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114094/"
+"114093","2019-01-30 19:33:10","http://africanstitch.co.za/pucd-Uk0_J-MCO/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/En/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114093/"
+"114092","2019-01-30 19:33:03","http://157.230.216.122/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114092/"
+"114091","2019-01-30 19:33:02","http://157.230.216.122/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114091/"
+"114090","2019-01-30 19:32:29","http://xqu01.xyz/v0JD_OTnC7Q_8nPd1pxzi9/Secure/Accounts/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114090/"
+"114089","2019-01-30 19:32:25","http://www.tovbekapisi.com/ErohWS7a_gm4r73_hXtOeEc4/Organization/Online_billing/Billing/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/114089/"
+"114088","2019-01-30 19:32:21","http://progressivesehore.com/Clients_transactions/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114088/"
+"114087","2019-01-30 19:32:16","http://fergus.vn/iRdHow1_ffHDZbt6y_WnFyoJe5I/Organization/Accounts/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114087/"
+"114086","2019-01-30 19:32:10","http://altuntuval.com/QvfjIi5y5g_AAMFfmbUl_SksmcX/Secure/Online/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/114086/"
+"114085","2019-01-30 19:32:06","http://411.dreamhosters.com/Clients/2019-01/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/114085/"
+"114084","2019-01-30 19:24:08","http://157.230.216.122/bins/hoho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114084/"
+"114083","2019-01-30 19:24:06","http://157.230.216.122/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114083/"
+"114082","2019-01-30 19:24:04","http://157.230.216.122/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114082/"
+"114081","2019-01-30 19:20:02","http://157.230.216.122/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114081/"
+"114080","2019-01-30 19:02:13","http://palmspringsresorts.net/ta8ettuU/","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/114080/"
+"114079","2019-01-30 19:02:10","http://accountamatic.net/BmHU4GA/","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/114079/"
+"114078","2019-01-30 19:02:08","http://fixi.mobi/wp-content/plugins/tMp49efcr/","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/114078/"
+"114077","2019-01-30 19:02:07","http://africabootcampacademy.influencetec.net/gP2jFvH5te/","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/114077/"
+"114076","2019-01-30 19:02:05","http://labtcompany.com/kixeNn1wNu/","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/114076/"
+"114075","2019-01-30 19:01:14","http://dienlanhlehai.com/hoviejdk/wtuds/Messages/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114075/"
+"114074","2019-01-30 19:01:12","http://184.72.117.84/wordpress/Payments/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114074/"
+"114073","2019-01-30 19:01:11","http://bengalbreeze.com/wp-content/uploads/Orders_details/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114073/"
+"114072","2019-01-30 19:01:09","http://invfactor.cnr.it/sites/files/Orders-details/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114072/"
+"114071","2019-01-30 19:01:08","https://mandrillapp.com/track/click/31069138/www.traktorski-deli.si?p=eyJzIjoiOFhpOUQ3alltSXBuVDcxQ1hKM2dhcUtIUjY4IiwidiI6MSwicCI6IntcInVcIjozMTA2OTEzOCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvd3d3LnRyYWt0b3Jza2ktZGVsaS5zaVxcXC9UcmFuc2FjdGlvbnNcXFwvMDEyMDE5XCIsXCJpZFwiOlwiZTE3M2ZhZjFhOTNkNDZmNjlhYmJiODYxYjA1N2FiZDhcIixcInVybF9pZHNcIjpbXCJlOTJjM2EwYzEzY2IxNGRkZWEzNmRhODc4ZDM4OWIzMTk2NWVkMWM2XCJdfSJ9/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/114071/"
+"114070","2019-01-30 19:01:07","http://wstria.jp/uomisj2l/Transaction_details/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114070/"
+"114069","2019-01-30 19:01:04","http://antonwilliams.co.za/W9q7TlHg_E2YMAjU_V1NTJziHI/Secure/Business/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114069/"
+"114068","2019-01-30 18:57:07","http://dcfloraldecor.lt/Clients_transactions/012019/","online","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/114068/"
+"114067","2019-01-30 18:54:13","http://168.235.98.135:80/bins/PhantomATM.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114067/"
+"114066","2019-01-30 18:54:09","http://168.235.98.135/bins/PhantomATM.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114066/"
+"114065","2019-01-30 18:54:05","http://157.230.216.122:80/bins/hoho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114065/"
+"114064","2019-01-30 18:52:17","http://168.235.98.135/bins/PhantomATM.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114064/"
+"114063","2019-01-30 18:52:13","http://157.230.216.122:80/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114063/"
+"114062","2019-01-30 18:52:09","http://168.235.98.135:80/bins/PhantomATM.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114062/"
+"114061","2019-01-30 18:52:05","http://168.235.98.135/bins/PhantomATM.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114061/"
+"114060","2019-01-30 18:51:11","http://168.235.98.135:80/bins/PhantomATM.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114060/"
+"114059","2019-01-30 18:51:07","http://157.230.216.122:80/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114059/"
+"114058","2019-01-30 18:50:20","http://168.235.98.135:80/bins/PhantomATM.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114058/"
+"114057","2019-01-30 18:50:16","http://157.230.216.122:80/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114057/"
+"114056","2019-01-30 18:50:13","http://168.235.98.135/bins/PhantomATM.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114056/"
+"114055","2019-01-30 18:50:09","http://168.235.98.135/bins/PhantomATM.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114055/"
+"114054","2019-01-30 18:50:06","http://168.235.98.135:80/bins/PhantomATM.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114054/"
+"114053","2019-01-30 18:49:05","http://168.235.98.135:80/bins/PhantomATM.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114053/"
+"114052","2019-01-30 18:49:03","http://157.230.216.122/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114052/"
+"114051","2019-01-30 18:38:12","http://lidagamiro.ga/payment%20advice.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/114051/"
+"114050","2019-01-30 18:36:11","http://168.235.98.135/bins/PhantomATM.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114050/"
+"114049","2019-01-30 18:36:07","http://168.235.98.135:80/bins/PhantomATM.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114049/"
+"114048","2019-01-30 18:36:03","http://157.230.216.122:80/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114048/"
+"114047","2019-01-30 18:35:09","http://157.230.216.122:80/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114047/"
+"114046","2019-01-30 18:35:06","http://157.230.216.122:80/bins/hoho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114046/"
+"114045","2019-01-30 18:35:03","http://168.235.98.135:80/bins/PhantomATM.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114045/"
+"114044","2019-01-30 18:33:23","http://157.230.216.122:80/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114044/"
+"114043","2019-01-30 18:33:22","http://168.235.98.135/bins/PhantomATM.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114043/"
+"114042","2019-01-30 18:33:18","http://84.38.133.155/vn/PN14547DF.exe","online","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/114042/"
+"114041","2019-01-30 18:33:08","http://de.thevoucherstop.com/Clients/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/114041/"
+"114040","2019-01-30 18:22:10","http://84.38.133.155/vn/BB5EBFC50.exe","online","malware_download","exe,Neurevt","https://urlhaus.abuse.ch/url/114040/"
+"114039","2019-01-30 18:22:05","http://157.230.216.122:80/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114039/"
+"114038","2019-01-30 18:19:06","http://supergctcom/Orders_details/2019-01/","offline","malware_download","None","https://urlhaus.abuse.ch/url/114038/"
+"114037","2019-01-30 18:17:29","http://m0pedx9.ru/get-ip/ny2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114037/"
+"114036","2019-01-30 18:17:22","http://m0pedx9.ru/get-ip/awtup_game.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/114036/"
+"114035","2019-01-30 18:17:14","http://m0pedx9.ru/get-ip/sehost.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114035/"
+"114034","2019-01-30 18:16:14","http://yzbek.co.ug/l/loader.exe","online","malware_download","exe,tinynuke","https://urlhaus.abuse.ch/url/114034/"
+"114033","2019-01-30 18:16:09","http://supergct.com/Orders_details/2019-01/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/114033/"
+"114032","2019-01-30 18:15:08","http://84.38.133.155/vn/fb7e1a072f.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114032/"
+"114031","2019-01-30 18:09:14","http://moscow00.online/GetDataAVK.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114031/"
+"114030","2019-01-30 18:09:08","http://xsinet.pw/jay/jay.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114030/"
+"114029","2019-01-30 18:08:34","http://xsinet.pw/yugo/yugo.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114029/"
+"114028","2019-01-30 18:08:26","http://xsinet.pw/showmoney/showmoney.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/114028/"
+"114027","2019-01-30 18:08:17","http://xsinet.pw/nwama/nwama.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114027/"
+"114026","2019-01-30 18:08:09","http://xsinet.pw/kendrick/kendrick.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114026/"
+"114025","2019-01-30 18:00:27","http://nanichaouiloveaya.mygamesonline.org/new%20scata_Protect.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114025/"
+"114024","2019-01-30 18:00:11","http://asncustoms.ru/core/model/smarty/Information/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114024/"
+"114023","2019-01-30 18:00:06","http://phatgiaovn.net/wp-content/Orders_details/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114023/"
+"114022","2019-01-30 17:56:08","http://tapchisuckhoengaynay.com/wp-admin/Attachments/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/114022/"
+"114021","2019-01-30 17:47:00","http://wp3.dosanite.com/LVwxd-zOH1_nrFU-n3h/Southwire/YNV4565624457/En_us/Paid-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114021/"
+"114020","2019-01-30 17:46:56","http://trip70.com/JmaD-mAYMg_w-0Ka/ACH/PaymentAdvice/US/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114020/"
+"114019","2019-01-30 17:46:53","http://tradingmatic.youralgo.com/twUm-eq4og_tMXFTCF-GV/PaymentStatus/US_us/Invoice-Corrections-for-41/47/","online","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/114019/"
+"114018","2019-01-30 17:46:50","http://staging.tigertennisacademy.com/VHOlY-UDhP_VxipHJKOY-Jb/Southwire/DNJ70133401/En/Open-Past-Due-Orders/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114018/"
+"114017","2019-01-30 17:46:44","http://robotforex.youralgo.com/eeBXT-U0qS_uQslFZjEh-Cf/INV/22599FORPO/69387996715/EN_en/Invoice-43794268/","online","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/114017/"
+"114016","2019-01-30 17:46:40","http://b2grow.com/mOaad-jvlw_p-XKb/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/En/8-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/114016/"
+"114015","2019-01-30 17:46:35","http://summertour.com.br/Details/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114015/"
+"114014","2019-01-30 17:46:27","http://prisma.fp.ub.ac.id/wp-content/Orders_details/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114014/"
+"114013","2019-01-30 17:46:18","http://103.254.86.219/rdfcrm/custom/history/Payments/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114013/"
+"114012","2019-01-30 17:46:10","http://bachhoatrangia.com/IUwUK-Na_dTUBvQ-9g/Details/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114012/"
+"114011","2019-01-30 17:46:05","http://mutevazisaheserler.com/Clients_Messages/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114011/"
+"114010","2019-01-30 17:46:03","http://www.traktorski-deli.si/Transactions/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114010/"
+"114009","2019-01-30 17:43:02","http://fm963.top/380/2004/LoginUpdate/text.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/114009/"
+"114008","2019-01-30 17:42:07","http://fm963.top/380/2003/LoginUpdate/text2.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/114008/"
+"114007","2019-01-30 17:42:06","http://fm963.top/380/2003/LoginUpdate/text.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/114007/"
+"114006","2019-01-30 17:42:05","http://fm963.top/update/%e8%b5%a4%e9%9c%b8%e5%a4%a9%e5%a0%82/eatc.exe.bin","online","malware_download","exe","https://urlhaus.abuse.ch/url/114006/"
+"114005","2019-01-30 17:42:01","http://fm963.top/update/%e8%b5%a4%e9%9c%b8%e5%a4%a9%e5%a0%82/eat.exe.bin","online","malware_download","exe","https://urlhaus.abuse.ch/url/114005/"
+"114004","2019-01-30 17:41:10","http://fm963.top/update/%e6%b3%a2%e6%96%af%e5%a4%a9%e5%a0%82/eatlin.exe.bin","online","malware_download","exe","https://urlhaus.abuse.ch/url/114004/"
+"114003","2019-01-30 17:41:07","http://fm963.top/update/%e6%b3%a2%e6%96%af%e5%a4%a9%e5%a0%82/eat.exe.bin","online","malware_download","exe","https://urlhaus.abuse.ch/url/114003/"
+"114002","2019-01-30 17:41:06","http://fm963.top/cnt.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114002/"
+"114001","2019-01-30 17:38:01","http://xn----7sbhfd1a1b7g.xn--p1ai/Orders_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114001/"
+"114000","2019-01-30 17:32:40","http://ntan4president.org/RCiI-9yafJ_qWFvv-TtP/INV/81259FORPO/7887689383/En_us/Sales-Invoice/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/114000/"
+"113999","2019-01-30 17:32:35","http://dancesportcareers.com/ZSDq-BT67_VxMh-8B/Inv/784859244/US_us/Invoice-Corrections-for-35/76/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113999/"
+"113998","2019-01-30 17:32:30","http://batdongsanphonoi.vn/sTRli-ow_XPTZrwd-q6/Inv/5714703487/En/Invoice-receipt/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113998/"
+"113997","2019-01-30 17:32:26","http://kaplonoverseas.com/lKPN-ri_KhyTSjW-Pm/88377/SurveyQuestionsUS_us/Invoice-receipt/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113997/"
+"113996","2019-01-30 17:32:21","http://hosurbusiness.com/cnKgCjaDLegepf14/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113996/"
+"113995","2019-01-30 17:32:19","http://cam-tech.ir/zZXUD-vQp_d-uT/D59/invoicing/En_us/Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113995/"
+"113994","2019-01-30 17:32:17","http://boxpik.com/wp-content/LnCp-lwgPZ_oFBMERS-9Vf/EXT/PaymentStatus/US/Invoice-61142457-January/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113994/"
+"113993","2019-01-30 17:32:14","http://www.bxfwgc.com/soSw-zn7Bd_Eg-dXj/invoices/36822/54416/US/Invoice-Number-118935/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113993/"
+"113992","2019-01-30 17:32:07","http://canhogiaresaigon.net/salamediaz.com/Details/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113992/"
+"113991","2019-01-30 17:32:04","http://1flower.by/Clients_Messages/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113991/"
+"113990","2019-01-30 17:20:04","http://168.235.98.135/bins/PhantomATM.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113990/"
+"113989","2019-01-30 17:09:05","http://vario-reducer.com/wp-content/bGkoUUavZySGn","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113989/"
+"113988","2019-01-30 17:04:11","http://granpri.info/plugins/hDotX-zyC_KlmqeBMm-Lm/InvoiceCodeChanges/US_us/Invoice-Corrections-for-18/77/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113988/"
+"113987","2019-01-30 17:01:07","http://185.222.201.63/updates/x86_64/acdsee_ol2101_update_11cr32.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113987/"
+"113986","2019-01-30 16:57:27","http://spdemo.info/61vAYTg/","online","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113986/"
+"113985","2019-01-30 16:57:22","http://realgen-marketing.nl/TfjWQO5C/","online","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113985/"
+"113984","2019-01-30 16:57:19","http://eenjoy.live/lDtlQSa/","offline","malware_download","exe,emotet,epoch1","https://urlhaus.abuse.ch/url/113984/"
+"113983","2019-01-30 16:57:15","http://uckelecorp.com/UiJCpv1/","online","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113983/"
+"113982","2019-01-30 16:57:10","http://bbs.0210cc.com/EWRsSE082/","online","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113982/"
+"113981","2019-01-30 16:55:07","https://mandrillapp.com/track/click/31069138/integratedhomesllc.com?p=eyJzIjoiLVJBbDZYaXU4QUx3VktsaUJXbVRXYXEzR2lnIiwidiI6MSwicCI6IntcInVcIjozMTA2OTEzOCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvaW50ZWdyYXRlZGhvbWVzbGxjLmNvbVxcXC9Jc1A4TmE4X0tLNzlncWZfRTR3clVNczZnTFxcXC9Db21wYW55XFxcL09ubGluZV9iaWxsaW5nXFxcL0JpbGxpbmdcXFwvXCIsXCJpZFwiOlwiODBkOWVhZjcyYjRkNDIxN2JkZGRmNDQwNDdhMWEzOGNcIixcInVybF9pZHNcIjpbXCI3NzVjZWE5ZjM5ZmFkZTk5ZDVjMDk2NmJkZWRjMjY0MTQxZmU4MzNiXCJdfSJ9/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113981/"
+"113979","2019-01-30 16:54:31","http://hosurbusiness.com/cnKgCjaDLegepf14","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113979/"
+"113978","2019-01-30 16:54:27","http://tisoft.vn/MPLoA-fzk_Yas-qDO/Ref/176038759En_us/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113978/"
+"113977","2019-01-30 16:54:20","http://lostboysentertainment.com/wHSbn-g1Cz_Qf-fw/INV/55650FORPO/58435597932/En/4-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113977/"
+"113976","2019-01-30 16:54:15","http://lenvesti.ru/CRDnv-JIhD_jAHKT-Px/InvoiceCodeChanges/EN_en/Invoice-Corrections-for-47/48/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113976/"
+"113975","2019-01-30 16:54:07","http://kymviet.vn/ANEHB-k3k6_flfNTqfNo-7v/INV/17688FORPO/5730691123/En_us/Invoice-Corrections-for-66/89/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113975/"
+"113974","2019-01-30 16:53:12","http://khomyphamhanoi.com/pPdVf-jC_cjGHifx-J4/PS88/invoicing/En_us/Invoice-Number-373892/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113974/"
+"113973","2019-01-30 16:53:08","http://drapart.org/FtQgT-UR_yvOpLeNSs-9P7/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/En/Invoice-Number-30099/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113973/"
+"113972","2019-01-30 16:53:06","http://3kiloafvallen.nl/sWDlr-q5u_FsNMocV-3KF/invoices/41919/0909/En/Invoice-for-you/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113972/"
+"113971","2019-01-30 16:53:04","http://dominstalacje.pl/Transactions/012019/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113971/"
+"113970","2019-01-30 16:51:17","http://noscan.us/Transactions-details/012019/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/113970/"
+"113969","2019-01-30 16:51:13","http://jaspinformatica.com/Transactions-details/01_19/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/113969/"
+"113968","2019-01-30 16:51:08","http://demo.minecraft.edu.vn/Orders-details/2019-01/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/113968/"
+"113967","2019-01-30 16:51:05","http://heizungsnotdienst-sofort.de/Clients_transactions/012019/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/113967/"
+"113966","2019-01-30 16:40:37","http://joinjohndoeit.000webhostapp.com/wp-content/themes/shapely/inc/custom-controls/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113966/"
+"113965","2019-01-30 16:40:18","http://tontonfilms.com/wp-content/themes/garnish/admin/css/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113965/"
+"113964","2019-01-30 16:35:19","https://influenceinasia.com/documentation/important.eml","offline","malware_download","exe,GBR,Gozi","https://urlhaus.abuse.ch/url/113964/"
+"113963","2019-01-30 16:35:11","https://gsncloud-my.sharepoint.com/:u:/g/personal/lpower_gsn_com_au/ESQIlQzDaD9KnDCE0qnDTYgBqDrFTzxNTx8qvRWFJg9l1w?e=wlUeWV&download=1","offline","malware_download","zipped-VBS,GBR,Gozi","https://urlhaus.abuse.ch/url/113963/"
+"113962","2019-01-30 16:25:23","http://thanhlapdoanhnghiephnh.com/dWwuk-QHH_H-rJ8/PaymentStatus/En/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113962/"
+"113961","2019-01-30 16:25:18","http://naturalshine.eu/YkhM-Ea_hCT-ZhQ/Ref/824465152EN_en/Question/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113961/"
+"113960","2019-01-30 16:25:10","http://mayphatrasua.com/TIfXS-xI_l-SP/PaymentStatus/US_us/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113960/"
+"113959","2019-01-30 16:24:23","http://tkds.cl/wp-content/Clients_Messages/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113959/"
+"113958","2019-01-30 16:24:15","http://bobin-head.com/vyMNw-3njJp_Bs-k00/invoices/83169/1678/En_us/Open-Past-Due-Orders/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113958/"
+"113957","2019-01-30 16:24:10","http://nightonline.ru/images/9eD_UjK2Rol_ubQbSz3/Organization/Account/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113957/"
+"113956","2019-01-30 16:24:05","http://64.69.83.43/gacl/admin/templates_c/HKFTCW_CVcZyj3_fCHVr1V/Secure/Online/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113956/"
+"113955","2019-01-30 16:18:07","http://168.235.98.135:80/bins/PhantomATM.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113955/"
+"113954","2019-01-30 16:14:26","http://jawfin.net/jka/jkadmin.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113954/"
+"113953","2019-01-30 16:14:18","http://xmrcgpu.com/XMRCGPU.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113953/"
+"113952","2019-01-30 16:12:14","http://tree.sibcat.info/nik/steps/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113952/"
+"113951","2019-01-30 16:12:07","http://yzbek.co.ug/b/build.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113951/"
+"113950","2019-01-30 16:07:09","http://0qixri.thule.su/xCDUf-Ga_PgRWRt-2H/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/US/Inv-74740-PO-6W488365/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113950/"
+"113949","2019-01-30 16:07:03","http://posadaelnogal.000webhostapp.com/wp-content/themes/shapely/page-templates/mesg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113949/"
+"113948","2019-01-30 16:06:19","http://bienhieutrongnha.com/forum/cache/mesg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113948/"
+"113947","2019-01-30 16:06:09","http://www.sibcat.info/class/edfsit/adapters/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113947/"
+"113946","2019-01-30 16:05:10","http://saigonthinhvuong.net/wDfKY_MPY7jKYn_BScQX1c0NVt/Organization/Account/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/113946/"
+"113945","2019-01-30 16:00:09","http://sibcat.info/class/edfsit/adapters/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113945/"
+"113944","2019-01-30 15:59:30","http://www.win-speed.com/win-speed.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113944/"
+"113943","2019-01-30 15:59:22","http://win-speed.com/win-speed.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113943/"
+"113942","2019-01-30 15:59:14","http://www.jagadishchristian.com/tmp/jofb.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113942/"
+"113941","2019-01-30 15:59:08","http://homeinspector.bostonwebhelpforcontractors.com/yVSl6hmps2P_5wqmAcEJ_2tpbP/Secure/Business/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113941/"
+"113940","2019-01-30 15:53:24","http://tontonfilms.com/wp-content/themes/garnish/tinymce/css/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113940/"
+"113939","2019-01-30 15:53:12","http://turbineblog.ir/YHCHq-a8S4_BTVkjzNG-Y5/INVOICE/US/Companies-Invoice-57967180/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113939/"
+"113938","2019-01-30 15:53:08","http://sosh47.citycheb.ru/components/Lpwto-Fl_ZmQZ-sio/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/EN_en/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113938/"
+"113937","2019-01-30 15:52:06","http://mimiabner.com/bZXR-1PJ0L_sShoHooq-4M/INVOICE/1795/OVERPAYMENT/EN_en/Past-Due-Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113937/"
+"113936","2019-01-30 15:51:29","http://84.38.133.155/v/pn22J4518C0.exe","online","malware_download","BetaBot,AZORult,Formbook,Pony,fareit,trojan,exe,payload,stage2","https://urlhaus.abuse.ch/url/113936/"
+"113935","2019-01-30 15:51:25","http://84.38.133.155/v/fb55A8CC0.exe","online","malware_download","BetaBot,AZORult,Formbook,Pony,fareit,trojan,exe,payload,stage2","https://urlhaus.abuse.ch/url/113935/"
+"113934","2019-01-30 15:51:19","http://84.38.133.155/v/bb2FC8A50.exe","online","malware_download","BetaBot,AZORult,Formbook,Pony,fareit,trojan,exe,payload,stage2,Neurevt","https://urlhaus.abuse.ch/url/113934/"
+"113933","2019-01-30 15:51:13","http://84.38.133.155/v/az2291220.exe","online","malware_download","BetaBot,AZORult,Formbook,Pony,fareit,trojan,exe,payload,stage2","https://urlhaus.abuse.ch/url/113933/"
+"113932","2019-01-30 15:51:06","http://zdrowestopykoszalin.pl/Telekom/Rechnung/112019/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113932/"
+"113931","2019-01-30 15:50:37","http://svyyoursoft.com/Telekom/Rechnung/01_19/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113931/"
+"113930","2019-01-30 15:50:30","http://meetbg.com/zinrpPj_ERE8pQrmr_QILyvMtE/Organization/Accounts/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113930/"
+"113929","2019-01-30 15:50:19","http://4kopmarathon.in/mWYDKbCzTK0_bhOskI_yiKvnmdnAy/Organization/Account","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113929/"
+"113928","2019-01-30 15:50:14","http://admininfotech.in/Ay7YroI8I_XkUuQFG_XBtSmwulJ/Company/Account/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113928/"
+"113927","2019-01-30 15:50:09","http://firesafetytraining.in/FEQCNBxCCTw_fc2c2Bw_hLwsOYOwO/Organization/Account/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113927/"
+"113926","2019-01-30 15:50:02","http://aztel.ca/wp-content/plugins/PDGO-W3wSY_rYRJUe-6E/En/Invoice-for-q/y-01/30/2019/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113926/"
+"113925","2019-01-30 15:49:57","http://johnnycrap.com/fgvC-jkrB4_XA-4Q/PaymentStatus/US_us/Past-Due-Invoices/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113925/"
+"113924","2019-01-30 15:49:53","http://cooljam.sdssoftltd.co.uk/IHntz-J2_aYaPJiHgs-U6/InvoiceCodeChanges/En/Paid-Invoices/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113924/"
+"113923","2019-01-30 15:49:52","http://pozan.nl/cnfxR-Lf2_wsYjyMnT-vFN/PaymentStatus/US_us/Invoice-46565423/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113923/"
+"113922","2019-01-30 15:49:47","http://profreestyle.nl/dOgelemxcdT_H2lbGbr9_mzmpAhH3Wrk/Organization/Online_billing/Billing/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113922/"
+"113921","2019-01-30 15:49:42","http://s1517.ir/srxEi-UBMiy_l-2VN/PaymentStatus/US/Paid-Invoice/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113921/"
+"113920","2019-01-30 15:49:10","http://findascholarship.ga/maBO6Wlm_SrZydZ_z9w76xR0P/Secure/Account/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113920/"
+"113919","2019-01-30 15:49:08","http://kompozit.biz.tr/durqb-qAi_UKze-9P/Ref/5130210759EN_en/Invoice-20650703-January/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113919/"
+"113918","2019-01-30 15:48:59","http://imadsolutions.in/NKcI-wOJv_guW-ZC4/Invoice/279707595/En/New-order/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113918/"
+"113917","2019-01-30 15:48:57","http://khawatmico.com/wp-content/uploads/IWjs-Dx_IYDHFGLb-zx/X00/invoicing/En_us/Invoice-Number-669876/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/113917/"
+"113908","2019-01-30 15:48:06","http://rodaleitura.canoas.ifrs.edu.br/QAo4_YqNRQcE_KpLonDHgvFo/Organization/Account/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113908/"
+"113907","2019-01-30 15:45:05","http://centipedeusa.com/ExKgi-efv_C-Rx/ACH/PaymentInfo/En_us/Invoice-for-you/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113907/"
+"113906","2019-01-30 15:40:05","http://dreambigbuilder.com/iec_R7jwsfILh_3a9fRPH/Company/Accounts/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113906/"
+"113905","2019-01-30 15:37:05","http://integratedhomesllc.com/IsP8Na8_KK79gqf_E4wrUMs6gL/Company/Online_billing/Billing/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113905/"
+"113904","2019-01-30 15:35:09","http://buycaliforniacannabis.com/LvzJA-vFMtQ_RmsvNyG-MR/INVOICE/77239/OVERPAYMENT/US/Inv-89846-PO-7W559578/","online","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113904/"
+"113903","2019-01-30 15:34:18","http://laquintablinds.net/MdQC-vO42d_JWqkhUul-p9c/INVOICE/49964/OVERPAYMENT/En_us/Invoice-receipt/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113903/"
+"113902","2019-01-30 15:34:12","http://amocrmkrg.kz/Spmem-UX_OlFH-NZf/63363/SurveyQuestionsEn_us/Invoice-5046524-January/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113902/"
+"113901","2019-01-30 15:31:08","http://pauljcaradonna.com/iRz4lKHc9_c26zoOsF_g6kMyP/Secure/Online/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/113901/"
+"113900","2019-01-30 15:30:06","http://up2m.politanisamarinda.ac.id/wp-content/lJEEOCPY1_iim5VOL_XNgsFX/Company/Accounts/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113900/"
+"113899","2019-01-30 15:28:26","http://www.ledet.gov.za/CQkT-Xzv_rf-qA/NO662/invoicing/En/Invoice-Corrections-for-54/58/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113899/"
+"113898","2019-01-30 15:28:08","http://thales-las.cfdt-fgmm.fr/cgi-bin/xpga-NRvI_kkQovJftn-dL/INVOICE/En_us/Paid-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113898/"
+"113897","2019-01-30 15:23:05","http://www.kaplonoverseas.com/lKPN-ri_KhyTSjW-Pm/88377/SurveyQuestionsUS_us/Invoice-receipt/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113897/"
+"113896","2019-01-30 15:23:02","http://valkarm.ru/scripts_index/J8vVx_YeqRCr_KH4A2oU/Secure/Online/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113896/"
+"113895","2019-01-30 15:14:06","http://subramfamily.com/boyku/0rqwIdeqF_upGL0Oh3_sPRoo/Organization/Accounts/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113895/"
+"113894","2019-01-30 15:13:06","http://www.devitforward.com/bhNQR-RE_rnVjNQrM-2iF/X89/invoicing/US_us/Paid-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113894/"
+"113893","2019-01-30 15:12:11","http://185.189.149.137/vnc64.rar","online","malware_download","vnc,backconnect,Gozi,ITA","https://urlhaus.abuse.ch/url/113893/"
+"113892","2019-01-30 15:12:08","http://mumbaiganesha.com/QBAcRJtxMsg_DozBlCeZc_1ft4TTA6/Organization/Online/","offline","malware_download","None","https://urlhaus.abuse.ch/url/113892/"
+"113891","2019-01-30 15:11:02","http://185.189.149.137/vnc32.rar","online","malware_download","vnc,backconnect,Gozi,ITA","https://urlhaus.abuse.ch/url/113891/"
+"113890","2019-01-30 15:10:53","http://osteklenie-balkonov.tomsk.ru/LjDAjjjX4_t0bvwnt_vfCGVyGGsli/Company/Online/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113890/"
+"113889","2019-01-30 15:10:49","https://busshelters.ky/files/pass.msi","offline","malware_download","Loki,lokibot,exe,payload,stage2","https://urlhaus.abuse.ch/url/113889/"
+"113888","2019-01-30 15:10:41","https://busshelters.ky/files/pass.exe","offline","malware_download","Loki,lokibot,exe,payload,stage2","https://urlhaus.abuse.ch/url/113888/"
+"113887","2019-01-30 15:10:34","https://busshelters.ky/files/loop.msi","offline","malware_download","Loki,lokibot,exe,payload,stage2","https://urlhaus.abuse.ch/url/113887/"
+"113886","2019-01-30 15:10:27","https://busshelters.ky/files/loop.exe","offline","malware_download","Loki,lokibot,exe,payload,stage2","https://urlhaus.abuse.ch/url/113886/"
+"113885","2019-01-30 15:10:19","https://busshelters.ky/files/er%20datapro_signed.msi","offline","malware_download","Loki,lokibot,exe,payload,stage2","https://urlhaus.abuse.ch/url/113885/"
+"113884","2019-01-30 15:10:11","https://busshelters.ky/files/BASICDATA.exe","offline","malware_download","Loki,lokibot,exe,payload,stage2","https://urlhaus.abuse.ch/url/113884/"
+"113883","2019-01-30 15:04:18","http://zapmodulservice.ru/jszCT-d3_sJvCjYV-Rk3/INVOICE/US_us/Question/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113883/"
+"113882","2019-01-30 15:04:12","http://bank911.ru/GsRiF-J1E_wFfU-tR/ACH/PaymentInfo/US_us/Document-needed/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113882/"
+"113881","2019-01-30 15:04:07","http://sassearch.net/BBwEr_5l2Ui4h_f2BFR64/Organization/Online/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113881/"
+"113880","2019-01-30 14:59:25","http://zapmodulservice.ru/jszCT-d3_sJvCjYV-Rk3/INVOICE/US_us/Question```/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113880/"
+"113879","2019-01-30 14:59:21","http://trehoadatoanthan.net/djcX-VdgTw_eIRicw-hR/PaymentStatus/En_us/Companies-Invoice-09134758/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113879/"
+"113878","2019-01-30 14:59:14","http://saminvestmentsbv.com/BYSr-Pv40_hFznnfv-cc9/US/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113878/"
+"113877","2019-01-30 14:59:07","http://dentalradiografias.com/ltdC-uedM9_WvnKrtOlM-ttL/Inv/03406958751/US/Paid-Invoice-Credit-Card-Receipt/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113877/"
+"113876","2019-01-30 14:58:46","https://citizensportinstitute.org/VbkCM-xxG9A_br-n1/Invoice/385414496/US/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113876/"
+"113875","2019-01-30 14:58:39","http://citizensportinstitute.org/VbkCM-xxG9A_br-n1/Invoice/385414496/US/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113875/"
+"113874","2019-01-30 14:58:33","http://arieloutdoors.com/urxAb-AFq3_Gn-QwM/INVOICE/US/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113874/"
+"113873","2019-01-30 14:58:27","http://www.medifastpeoriaaz.com/EEzhrqh1nWP_rkkyYI_FzxZpLY/Organization/Account/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113873/"
+"113872","2019-01-30 14:58:18","http://www.forodigitalpyme.es/IJK0C_qOuE7J_i3vWPsyFuZn/Secure/Online/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113872/"
+"113871","2019-01-30 14:58:12","http://www.ahsengiyim.com.tr/zYBCIyU_lxpNvETp_MGB0At/Company/Account/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/113871/"
+"113870","2019-01-30 14:57:36","http://vanana.co.kr/4L5D9di8Xs_nn4yiop9_EBQMOL/Company/Online_billing/Billing/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113870/"
+"113869","2019-01-30 14:57:27","http://thptngochoi.edu.vn/cO7_ic1EPeI8_rvuTMkBzIX/Secure/Online/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113869/"
+"113868","2019-01-30 14:57:19","http://thefly.su/Mgh8bX_oaOIAkCWl_nR8Mkx/Company/Online_billing/Billing/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113868/"
+"113867","2019-01-30 14:57:11","http://takenpaybd.com/Telekom/RechnungOnline/012019/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/113867/"
+"113866","2019-01-30 14:57:05","http://studentslife.by/Rdv4vhxThw_4ZSyJhIR_MCcOWuoZ/Organization/Online_billing/Billing/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/113866/"
+"113865","2019-01-30 14:56:56","http://spinnersar.ru/ojf8H7oRLU7_lQnUGEG_Vv9OJa/Secure/Business/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113865/"
+"113864","2019-01-30 14:56:47","https://mandrillapp.com/track/click/31069138/canprotours.ca?p=eyJzIjoieUE5ZHRxRE5xUnRkX3BTVXJEcjZ1bTRzS2pBIiwidiI6MSwicCI6IntcInVcIjozMTA2OTEzOCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvY2FucHJvdG91cnMuY2FcXFwvcDBTYWNfSU9vVmwxN21IX3FoZUo3Q1oxekVcXFwvT3JnYW5pemF0aW9uXFxcL09ubGluZVxcXC9cIixcImlkXCI6XCIyNWY2ZTRjZjEyOTg0MzVkYmIwYmE3NjI2M2YzNGFkOFwiLFwidXJsX2lkc1wiOltcIjBiMGUwMTEwZGFhNmQzNjZjMzMyMzQ4ZGIyZmFmZDY1NWUyNTY3Y2JcIl19In0/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113864/"
+"113863","2019-01-30 14:56:41","https://mandrillapp.com/track/click/31069138/quantuminterior.xyz?p=eyJzIjoicDZIU1Y0cHpCekt5WU82UThVT01KNUdjYlVRIiwidiI6MSwicCI6IntcInVcIjozMTA2OTEzOCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvcXVhbnR1bWludGVyaW9yLnh5elxcXC9sMWZBcUwyZ2NRX2c1N3VLSEU4XzJEWm1JRkpVelxcXC9Db21wYW55XFxcL09ubGluZVxcXC9cIixcImlkXCI6XCI1Y2UwZDFkZjdjNWY0NDE5YTU0NjEwZjJkN2M4NTk1OVwiLFwidXJsX2lkc1wiOltcIjQyMDg0NzUyYTljNDRiYTZiOTUwM2JlOTg4OGUyMWQ1NTBkOWYwNTVcIl19In0/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113863/"
+"113862","2019-01-30 14:56:35","http://rielt911.ru/oev_pkYyOl1nN_Qn59poXrGF/Organization/Business/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113862/"
+"113861","2019-01-30 14:56:27","http://quantuminterior.xyz/l1fAqL2gcQ_g57uKHE8_2DZmIFJUz/Company/Online/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113861/"
+"113860","2019-01-30 14:56:15","http://rdkrussia.ru/Telekom/Transaktion/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113860/"
+"113859","2019-01-30 14:56:08","http://parmanandcollege.in/Kfq6revze2i_MGaujmp_KjgaJGFdGnK/Organization/Business/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113859/"
+"113858","2019-01-30 14:56:02","http://japaneseonline.com.sg/Telekom/Transaktion/112019/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/113858/"
+"113857","2019-01-30 14:55:57","http://giancarloraso.com/E6Gjc_XHkqUW_xNEWy1/Secure/Accounts/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113857/"
+"113856","2019-01-30 14:55:51","http://gezondheidscentrumdemare.nl/qJyBRGI6k7v_Ui0x5p_UPGRQ4/Company/Accounts/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113856/"
+"113855","2019-01-30 14:55:44","http://findascholarship.ga/maBO6Wlm_SrZydZ_z9w76xR0P/Secure/Account///","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113855/"
+"113854","2019-01-30 14:55:37","http://dolls.cayt.com/uITL2JXhEGi_bhHiJ4t4_7WS5w/Organization/Business/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/113854/"
+"113853","2019-01-30 14:55:29","http://canprotours.ca/p0Sac_IOoVl17mH_qheJ7CZ1zE/Organization/Online/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113853/"
+"113852","2019-01-30 14:55:21","http://berusaha.demiimpian.site/1g77X_UlaAClQh_NHHiXYf78/Company/Online/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113852/"
+"113851","2019-01-30 14:55:16","http://berdikari.site/kKvcP8651_sYeoHU6jK_vQvpO/Company/Account/","online","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/113851/"
+"113850","2019-01-30 14:55:08","http://4kopmarathon.in/mWYDKbCzTK0_bhOskI_yiKvnmdnAy/Organization/Account/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113850/"
+"113849","2019-01-30 14:45:51","http://kerusiinovasi.com/wp-includes/ID3/messg.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/113849/"
+"113848","2019-01-30 14:45:47","https://iphonedelivery.com/system/config/messg.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/113848/"
+"113847","2019-01-30 14:45:40","http://bienhieutrongnha.com/forum/cache/messg.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/113847/"
+"113846","2019-01-30 14:45:33","https://alfaqihuddin.com/forum/cache/messg.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/113846/"
+"113845","2019-01-30 14:45:28","https://madrascrackers.com/wp-content/themes/tyche/woocommerce/global/messg.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/113845/"
+"113844","2019-01-30 14:45:24","http://185.234.218.10/hakai.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113844/"
+"113843","2019-01-30 14:45:23","http://185.234.218.10/hakai.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113843/"
+"113842","2019-01-30 14:45:23","http://185.234.218.10/hakai.x86_64","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113842/"
+"113841","2019-01-30 14:45:22","http://185.234.218.10/hakai.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113841/"
+"113840","2019-01-30 14:45:21","http://185.234.218.10/hakai.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113840/"
+"113839","2019-01-30 14:45:20","http://185.234.218.10/hakai.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113839/"
+"113838","2019-01-30 14:45:19","http://185.234.218.10/hakai.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113838/"
+"113837","2019-01-30 14:45:19","http://185.234.218.10/hakai.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113837/"
+"113836","2019-01-30 14:45:18","http://185.234.218.10/hakai.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113836/"
+"113835","2019-01-30 14:45:17","http://185.234.218.10/hakai.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113835/"
+"113834","2019-01-30 14:45:16","http://193.34.144.131/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113834/"
+"113832","2019-01-30 14:45:15","http://193.34.144.131/AB4g5/Josho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113832/"
+"113833","2019-01-30 14:45:15","http://193.34.144.131/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113833/"
+"113831","2019-01-30 14:45:14","http://162.213.249.37/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113831/"
+"113830","2019-01-30 14:45:13","http://162.213.249.37/bins/sora.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113830/"
+"113829","2019-01-30 14:45:12","http://162.213.249.37/bins/sora.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113829/"
+"113828","2019-01-30 14:45:10","http://162.213.249.37/bins/sora.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113828/"
+"113827","2019-01-30 14:45:09","http://162.213.249.37/bins/sora.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113827/"
+"113826","2019-01-30 14:45:08","http://162.213.249.37/bins/sora.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113826/"
+"113825","2019-01-30 14:45:07","http://162.213.249.37/bins/sora.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113825/"
+"113824","2019-01-30 14:45:05","http://162.213.249.37/bins/sora.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113824/"
+"113823","2019-01-30 14:45:04","http://162.213.249.37/bins/sora.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113823/"
+"113822","2019-01-30 14:45:03","http://162.213.249.37/bins/sora.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113822/"
+"113821","2019-01-30 14:44:54","http://www.ontamada.ru/RDUstD0DxgOP/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113821/"
+"113820","2019-01-30 14:44:53","http://mingroups.vn/NYV82LSYWEs_s1/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113820/"
+"113819","2019-01-30 14:44:50","http://kadinveyasam.org/wp-content/languages/EZ22B35GBTu9z_N/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113819/"
+"113818","2019-01-30 14:44:49","http://www.vario-reducer.com/wp-content/bGkoUUavZySGn/","online","malware_download","emotet,exe,epoch2","https://urlhaus.abuse.ch/url/113818/"
+"113816","2019-01-30 14:44:48","http://fashionandme.ru/cache/preview/update_2018_01.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/113816/"
+"113817","2019-01-30 14:44:48","http://mail.saglikpersoneli.net/sohft/PTYGsf41Witt_k/","offline","malware_download","emotet,exe,epoch2","https://urlhaus.abuse.ch/url/113817/"
+"113815","2019-01-30 14:44:45","http://xn--80aae8aujdld9c.xn--p1ai/Scan031.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/113815/"
+"113814","2019-01-30 14:44:43","http://benstrange.co.uk/wp-content/themes/retro-blog/assets/css/massg.jpg","online","malware_download","Ransomware,Troldesh,Shade","https://urlhaus.abuse.ch/url/113814/"
+"113813","2019-01-30 14:44:41","http://noorda.org/wp-content/themes/HighendWP/functions/massg.jpg","offline","malware_download","Ransomware,Troldesh,Shade","https://urlhaus.abuse.ch/url/113813/"
+"113812","2019-01-30 14:44:40","http://nunez.pl/wp-content/themes/imprint/assets/admin/css/fonts/massg.jpg","offline","malware_download","Ransomware,Troldesh,Shade","https://urlhaus.abuse.ch/url/113812/"
+"113811","2019-01-30 14:44:38","https://motorent.mk/Swift46.000usd_pdf.zip","online","malware_download","lokibot","https://urlhaus.abuse.ch/url/113811/"
+"113810","2019-01-30 14:44:35","http://posadaelnogal.000webhostapp.com/wp-content/themes/shapely/template-parts/layouts/messg.jpg","offline","malware_download","Troldesh,Shade,Ransomware","https://urlhaus.abuse.ch/url/113810/"
+"113809","2019-01-30 14:44:32","http://www.qlcalendar.com/messg.jpg","offline","malware_download","Troldesh,Shade,Ransomware","https://urlhaus.abuse.ch/url/113809/"
+"113808","2019-01-30 14:44:30","http://good-deal.ml/image/cache/catalog/404/messg.jpg","offline","malware_download","Troldesh,Shade,Ransomware","https://urlhaus.abuse.ch/url/113808/"
+"113807","2019-01-30 14:44:26","http://tree.sibcat.info/images/full/messg.jpg","online","malware_download","Troldesh,Shade,Ransomware","https://urlhaus.abuse.ch/url/113807/"
+"113806","2019-01-30 14:44:23","http://thnxsupp.eu/e0vw6b/nvidia.exe","online","malware_download","exe,miner,stealer","https://urlhaus.abuse.ch/url/113806/"
+"113805","2019-01-30 14:44:17","http://thnxsupp.eu/e0vw6b/cpu64.exe","online","malware_download","exe,miner,stealer","https://urlhaus.abuse.ch/url/113805/"
+"113804","2019-01-30 14:44:13","http://thnxsupp.eu/e0vw6b/cpu.exe","online","malware_download","exe,miner,steWSS","https://urlhaus.abuse.ch/url/113804/"
+"113803","2019-01-30 14:44:10","http://www.actinix.com/wp-content/themes/ultra/images/massg.jpg","offline","malware_download","Troldesh,Ransomware,Shade","https://urlhaus.abuse.ch/url/113803/"
+"113802","2019-01-30 14:44:04","http://joinjohndoeit.000webhostapp.com/wp-content/themes/shapely/inc/custom-controls/messg.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/113802/"
+"113801","2019-01-30 14:44:02","http://tontonfilms.com/wp-content/themes/garnish/admin/css/messg.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/113801/"
+"113800","2019-01-30 14:43:17","http://osezrayonner.ma/uLoB-1qBU_IyHcqkL-hlO/K422/invoicing/EN_en/Sales-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113800/"
+"113799","2019-01-30 14:43:15","http://empresadereformasentenerife.com/apLg-XK_hRlOl-KjB/ACH/PaymentAdvice/EN_en/Inv-02661-PO-5R595153/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113799/"
+"113798","2019-01-30 14:43:15","https://installatiebedrijfroosendaal.nl/gKv_ubJUIvyna_dYwRh64/Company/Account/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113798/"
+"113797","2019-01-30 14:43:14","http://socialinvestmentaustralia.com.au/SxG0Nf_Ac5Lgc_kISJtI/Company/Online/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113797/"
+"113796","2019-01-30 14:43:11","http://162.213.249.37/bins/sora.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113796/"
+"113795","2019-01-30 14:43:09","http://159.89.235.73/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113795/"
+"113794","2019-01-30 14:43:08","http://159.89.235.73/bins/hoho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113794/"
+"113792","2019-01-30 14:43:07","http://159.89.235.73/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113792/"
+"113793","2019-01-30 14:43:07","http://159.89.235.73/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113793/"
+"113791","2019-01-30 14:43:06","http://159.89.235.73/bins/hoho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113791/"
+"113789","2019-01-30 14:43:05","http://159.89.235.73/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113789/"
+"113790","2019-01-30 14:43:05","http://159.89.235.73/bins/hoho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113790/"
+"113788","2019-01-30 14:43:04","http://159.89.235.73/bins/hoho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113788/"
+"113787","2019-01-30 14:43:03","http://159.89.235.73/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113787/"
+"113785","2019-01-30 14:43:02","http://159.89.235.73/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113785/"
+"113786","2019-01-30 14:43:02","http://159.89.235.73/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113786/"
+"113784","2019-01-30 14:42:05","http://stoutarc.com/AziDR-EFs4j_HZqEw-rr/ACH/PaymentInfo/En/Invoice-receipt/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113784/"
+"113783","2019-01-30 14:42:04","http://fyo.com/wp-content/uploads/vTFC-xx_uhnS-s8/V75/invoicing/En_us/Outstanding-Invoices/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113783/"
+"113782","2019-01-30 14:42:02","http://thefifthwall.in/AYWd-KEp_bGl-z0d/invoices/6275/8992/US/Past-Due-Invoice/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113782/"
+"113781","2019-01-30 14:40:03","http://paypal-document.com/issue/email/key/aiebeix/paypal.exe","offline","malware_download","Gozi,Task","https://urlhaus.abuse.ch/url/113781/"
+"113780","2019-01-30 14:30:31","http://185.244.150.121/Execution.arm6","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113780/"
+"113779","2019-01-30 14:30:01","http://185.244.150.121/Execution.ppc","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113779/"
+"113778","2019-01-30 14:29:31","http://185.244.150.121/Execution.mpsl","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113778/"
+"113777","2019-01-30 14:28:07","http://185.244.150.121/Execution.m68k","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113777/"
+"113776","2019-01-30 14:28:05","http://185.244.150.121/Execution.sparc","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113776/"
+"113775","2019-01-30 14:28:03","http://185.244.150.121/Execution.i686","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113775/"
+"113773","2019-01-30 14:13:03","http://185.244.150.121/Execution.arm4","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113773/"
+"113774","2019-01-30 14:13:03","http://185.244.150.121/Execution.x86","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113774/"
+"113772","2019-01-30 14:13:02","http://185.244.150.121/Execution.arm5","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113772/"
+"113771","2019-01-30 14:11:03","http://185.244.150.121/Execution.arm7","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113771/"
+"113769","2019-01-30 14:11:02","http://185.244.150.121/Execution.i586","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113769/"
+"113770","2019-01-30 14:11:02","http://185.244.150.121/Execution.mips","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113770/"
+"113768","2019-01-30 14:11:01","http://185.244.150.121/Execution.sh4","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113768/"
+"113767","2019-01-30 14:10:04","http://yusufsevim.com/De/OWLKOSMAM9673846/Rechnungs-Details/DOC-Dokument/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113767/"
+"113766","2019-01-30 14:10:03","http://xn--90aeb9ae9a.xn--p1ai/RakQb-T5CEu_PsQdDRDCa-WKx/3984552/SurveyQuestionsUS/Invoice-8217455/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113766/"
+"113765","2019-01-30 14:10:02","http://www.xn--888-pkl1gae7eta2fa0dbb7y5b4d.ga/AUbrG-nFCq_uhJTpVa-srk/WO51/invoicing/En/Paid-Invoices/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113765/"
+"113764","2019-01-30 14:09:59","http://www.wins-power.com/DE_de/XDCYRAKSBF9002474/Rech/Hilfestellung/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113764/"
+"113762","2019-01-30 14:09:58","http://www.rubisanmarino.org/upct-Qjc_nUIPIKMCg-ms/INVOICE/7179/OVERPAYMENT/En_us/Invoice-for-you/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113762/"
+"113763","2019-01-30 14:09:58","http://www.utransilvania.ro/wp-content/uploads/guHcW-hmuq_pPdXMY-YvJ/Ref/31093369En_us/Invoice-Number-059853/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113763/"
+"113760","2019-01-30 14:09:54","http://www.p23tv.studio/qXkt-X5H_BYn-4k/GW827/invoicing/US/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113760/"
+"113761","2019-01-30 14:09:54","http://www.panditshukla.com/inDwf-l3_qx-r9n/ACH/PaymentInfo/EN_en/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113761/"
+"113759","2019-01-30 14:09:53","http://www.mets.tech/WfFn-Ky_eoqmtmMJ-IXe/Ref/49812507En_us/Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113759/"
+"113758","2019-01-30 14:09:51","http://www.mamaannlovespells.com/zBOva-Lrgb_TUyO-Kf/INVOICE/3150/OVERPAYMENT/En/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113758/"
+"113757","2019-01-30 14:09:48","http://www.lianzhimen.net/EHLFg-gT_ymjmBKb-tc/US_us/370-36-096309-884-370-36-096309-257/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113757/"
+"113756","2019-01-30 14:09:46","http://www.lccem.com/jnTy-e7Ur_v-Sv6/invoices/1540/8520/US_us/ACH-form/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113756/"
+"113754","2019-01-30 14:09:44","http://www.iresearchledger.com/ucLq-qLeh_OvfGTVo-wy/US_us/Invoices-attached/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113754/"
+"113755","2019-01-30 14:09:44","http://www.laxsposure.com/oMfvb-GSC_IMLhUD-uzU/ACH/PaymentInfo/EN_en/Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113755/"
+"113753","2019-01-30 14:09:43","http://www.danataifco.ir/lwue-ts28_t-Gts/INV/698171FORPO/72528184935/En_us/Past-Due-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113753/"
+"113752","2019-01-30 14:09:42","http://www.dailynewslog.com/qTdPK-iFu_mz-oI/PaymentStatus/US_us/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113752/"
+"113751","2019-01-30 14:09:38","http://www.acesiansystems.com/KmhcG-fYSO_fuHx-O9B/EXT/PaymentStatus/EN_en/Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113751/"
+"113750","2019-01-30 14:09:37","http://westland-onderhoud.nl/XPzBv-0qCgJ_s-Xys/Invoice/485264834/US_us/Companies-Invoice-8454196/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113750/"
+"113749","2019-01-30 14:09:36","http://vrcarwash.pt/Januar2019/XTFEVSYVX2629930/gescanntes-Dokument/DOC-Dokument/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113749/"
+"113748","2019-01-30 14:09:35","http://vincitytaymo1.com/DE/LWAIQDEBN2111672/gescanntes-Dokument/Rechnungszahlung/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113748/"
+"113746","2019-01-30 14:09:33","http://urologyhifuusa.com/wp-content/uploads/de_DE/DTNYYT2191521/gescanntes-Dokument/DETAILS/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113746/"
+"113747","2019-01-30 14:09:33","http://villorg.hu/DE/JDTFDD6068105/Dokumente/Zahlung/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113747/"
+"113745","2019-01-30 14:09:32","http://trobotsautos.com/DE/PDDFTG6784836/DE_de/DETAILS/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113745/"
+"113744","2019-01-30 14:09:31","http://tinhdauhanoi.org/RGBIOOJA1624275/Rechnungs/FORM/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113744/"
+"113743","2019-01-30 14:09:29","http://thaithiennam.vn/De_de/AABZWU9092748/Scan/DETAILS/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113743/"
+"113742","2019-01-30 14:09:28","http://test.steelservice24.ru/De/RDYDOWQ6651031/Rechnungs-Details/Zahlung/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113742/"
+"113741","2019-01-30 14:09:27","http://temptest123.reveance.nl/xPNzU-y3P_e-cps/ACH/PaymentInfo/EN_en/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113741/"
+"113740","2019-01-30 14:09:26","http://technorio.com.np/WGNUDLBZPG9371607/Rechnung/DOC/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113740/"
+"113739","2019-01-30 14:09:23","http://syfuj.com.vn/DE_de/NNQHEBXRFR3294066/Bestellungen/Rechnungsanschrift/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113739/"
+"113738","2019-01-30 14:09:21","http://staging.superorbital.com.au/De/CNBELNFQRV3684275/Rechnung/DOC/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113738/"
+"113737","2019-01-30 14:09:16","http://socialmediamasters.tk/DE_de/VLEIUANTY8719232/Rech/FORM/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113737/"
+"113736","2019-01-30 14:09:15","http://siekojarzy.pl/DE/OCXNZLTY4106980/Rechnungskorrektur/RECH/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113736/"
+"113735","2019-01-30 14:09:14","http://shimge.omk.dp.ua/wp-content/cache/minify/De/XOLTGJHB3463498/GER/Zahlungserinnerung/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113735/"
+"113734","2019-01-30 14:09:12","http://sdvg-impuls.ru/QQANOCYMP6378906/Rechnungs/Rechnungsanschrift/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113734/"
+"113733","2019-01-30 14:09:11","http://scholarshipfinder.ga/De_de/DJDPUMFESE2478503/DE_de/RECHNUNG/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113733/"
+"113732","2019-01-30 14:09:10","http://scchurch.kr/wp-content/uploads/RIKNUMNRO8142543/Rech/Zahlung/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113732/"
+"113731","2019-01-30 14:09:04","http://ritimsports.com/DE_de/AFSWGAD6722149/Bestellungen/Rechnungszahlung/","online","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113731/"
+"113730","2019-01-30 14:09:03","http://rightbrainleftbrain.win/tcvPi-tZllN_h-xJ/EXT/PaymentStatus/En_us/Invoice-for-t/o-01/30/2019/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113730/"
+"113728","2019-01-30 14:09:01","http://pusqik.iainbengkulu.ac.id/wp-content/uploads/2018/DE_de/LEZFWDNT6750024/Dokumente/Fakturierung/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113728/"
+"113729","2019-01-30 14:09:01","http://realgen-webdesign.nl/gbZEy-inf_ZdTGE-0s/InvoiceCodeChanges/US_us/ACH-form/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113729/"
+"113727","2019-01-30 14:08:59","http://platinumalt.site/DE_de/OHOJDNCN5256148/Scan/DOC/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113727/"
+"113726","2019-01-30 14:08:57","http://pass4art.com/BiBsr-GEWfG_zVtNlcGf-S7/Inv/3532717420/US_us/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113726/"
+"113725","2019-01-30 14:08:56","http://optspiner.ru/mAjRu-3GrSg_Ozfl-ibB/Invoice/55709914/En_us/Service-Report-67296/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113725/"
+"113724","2019-01-30 14:08:55","http://okz.wloclawek.pl/n4uym2g/pxCzU-7Wv8e_fxRRb-xw/INV/39371FORPO/45098740680/En/Scan/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113724/"
+"113723","2019-01-30 14:08:53","http://ogilvy.africa/wp-content/uploads/De_de/SHGLTKZ4161730/de/FORM/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113723/"
+"113722","2019-01-30 14:08:50","http://lukahoward.com/kdJTV-UhBP_YcwlcFSI-uHH/INVOICE/US/Document-needed/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113722/"
+"113721","2019-01-30 14:08:49","http://lanco-flower.ir/TApQ-A9_QrSKaw-NN/invoices/43623/0732/US/Important-Please-Read/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113721/"
+"113720","2019-01-30 14:08:47","http://kurzal.ru/wordpress/wp-content/uploads/De_de/YINZDUHNM4763924/Rechnung/RECHNUNG/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113720/"
+"113719","2019-01-30 14:08:46","http://kreditorrf.ru/xsPJ-hck7_PgRfuqDh-mTf/En/Invoice-Corrections-for-79/66/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113719/"
+"113718","2019-01-30 14:08:44","http://k.iepedacitodecielo.edu.co/de_DE/GWHQRJKXN7367537/Rechnungs/Rechnungsanschrift/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113718/"
+"113717","2019-01-30 14:08:41","http://isoblogs.ir/zjDw-Gm_pc-nB/EXT/PaymentStatus/En/Paid-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113717/"
+"113716","2019-01-30 14:08:40","http://eclectiqueindustries.com/kswVS-dHBO_Zi-rD/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/US_us/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113716/"
+"113714","2019-01-30 14:08:38","http://blogg.postvaxel.se/TeVMh-tSRM_RDFBPA-OEH/PaymentStatus/US_us/415-91-094891-684-415-91-094891-378/","online","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113714/"
+"113715","2019-01-30 14:08:38","http://detectin.com/rweGV-5fml_doXfUYW-si/invoices/3170/83456/EN_en/Inv-922754-PO-9E249967/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113715/"
+"113713","2019-01-30 14:08:36","http://distinctiveblog.ir/YVEHJTJZ6118546/Bestellungen/DETAILS/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113713/"
+"113712","2019-01-30 14:08:35","http://bezoekbosnie.nl/tdvuZ-KBIim_Bj-M1/InvoiceCodeChanges/En_us/Service-Report-7381/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113712/"
+"113711","2019-01-30 14:08:34","http://astravision.nl/flLYH-QGS2o_HS-PI/Inv/03820719425/EN_en/Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113711/"
+"113710","2019-01-30 14:08:33","http://appliancestalk.com/sJaEa-uEg_gWljFCEy-MWW/Invoice/756536112/En_us/Question/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113710/"
+"113709","2019-01-30 14:08:03","http://3.dohodtut.ru/uJzt-Munx0_yCGtoVA-Eq/ACH/PaymentInfo/US_us/ACH-form/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113709/"
+"113708","2019-01-30 13:51:06","http://www.jawfin.net/jka/jkadmin.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113708/"
+"113707","2019-01-30 13:35:08","http://ereds6969.ru/ppna.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113707/"
+"113706","2019-01-30 13:33:35","http://ereds6969.ru/1d.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113706/"
+"113705","2019-01-30 13:33:25","http://ereds6969.ru/ppne.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113705/"
+"113704","2019-01-30 13:33:13","http://mikrotik.com.pe/gestion/inc/fpdf/p/AS23wq9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113704/"
+"113703","2019-01-30 13:28:05","https://ucf963700d6b8fe68fb5ec457e1a.dl.dropboxusercontent.com/cd/0/get/AaYhR13LDDKYPfpB4O95XjgWsVNq-icgIxF-9JKxl3zqXZDKuQQOkscLTfp3hjlHoqyBN4umKK4Di5o-u0OuL_vN-Ryj10LRlGAe1uCSN5FkPg/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/113703/"
+"113702","2019-01-30 13:21:02","http://185.246.154.75/binary/x86.h","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113702/"
+"113701","2019-01-30 13:18:05","http://www.eurocontrol-int.net/Remittance-Slip.jar","offline","malware_download","Adwind","https://urlhaus.abuse.ch/url/113701/"
+"113700","2019-01-30 13:18:04","http://www.eurocontrol-int.net/Remittance-Copy001.jar","offline","malware_download","Adwind","https://urlhaus.abuse.ch/url/113700/"
+"113699","2019-01-30 13:18:03","http://www.eurocontrol-int.net/Purchase-Order034.jar","offline","malware_download","Adwind","https://urlhaus.abuse.ch/url/113699/"
+"113698","2019-01-30 13:15:03","http://villakaffeebohne.com/scripts/_notes/asjbdqhwbe.rar","online","malware_download","Dridex,Encoded,Task","https://urlhaus.abuse.ch/url/113698/"
+"113697","2019-01-30 13:08:02","http://www.stockabbigliamento.it/tuzPp_VOL-HKwvTGyTA/nV/Clients_information/01_19/","offline","malware_download","emotet,doc","https://urlhaus.abuse.ch/url/113697/"
+"113696","2019-01-30 12:51:46","http://51.75.91.6/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113696/"
+"113695","2019-01-30 12:51:43","http://thnxsupp.eu/e0vw6b/amd.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113695/"
+"113694","2019-01-30 12:47:12","http://121.147.51.57:46641/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113694/"
+"113693","2019-01-30 12:47:09","http://213.57.13.135:41202/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113693/"
+"113692","2019-01-30 12:47:06","http://177.96.98.104:25613/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113692/"
+"113691","2019-01-30 12:46:04","http://176.97.211.183:29533/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113691/"
+"113690","2019-01-30 12:46:03","http://185.246.154.75:80/binary/x86.h","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113690/"
+"113689","2019-01-30 12:46:02","http://51.75.91.6/bins/hoho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113689/"
+"113687","2019-01-30 12:45:13","http://antigua.aguilarnoticias.com/3RLTYBn9/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/113687/"
+"113688","2019-01-30 12:45:13","http://www.seniortelefoni.com/owncloud/EhjPLh8/","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/113688/"
+"113686","2019-01-30 12:45:12","http://tehranbehdasht.org/BIlLuf0cg/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113686/"
+"113685","2019-01-30 12:45:11","http://sxyige.com/K1fpoP0/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/113685/"
+"113684","2019-01-30 12:45:05","http://leonardokubrick.com/iHA3JMyD5K/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/113684/"
+"113683","2019-01-30 12:41:03","http://78.128.92.27/MailspringSetup.exe","online","malware_download","Smokebot","https://urlhaus.abuse.ch/url/113683/"
+"113682","2019-01-30 12:37:04","http://radicocinas.com.mx/pl/lala.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113682/"
+"113681","2019-01-30 12:26:27","http://thnxsupp.eu/build.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113681/"
 "113680","2019-01-30 12:17:07","http://t12eleonore.city/xap_102b-AZ1/704e.php?l=elotem4.gas","offline","malware_download","exe,CAN,USA,geofenced,headersfenced,min-headers,Gozi","https://urlhaus.abuse.ch/url/113680/"
 "113679","2019-01-30 12:10:05","http://thnxsupp.eu/min.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113679/"
-"113678","2019-01-30 12:06:02","http://51.75.91.6/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113678/"
-"113677","2019-01-30 12:02:02","http://51.75.91.6/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113677/"
-"113676","2019-01-30 12:01:02","http://51.75.91.6/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113676/"
-"113675","2019-01-30 12:01:01","http://51.75.91.6/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113675/"
-"113674","2019-01-30 12:00:04","http://51.75.91.6/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113674/"
-"113673","2019-01-30 12:00:03","http://51.75.91.6/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113673/"
-"113672","2019-01-30 11:23:03","http://51.75.91.6:80/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113672/"
-"113670","2019-01-30 11:23:02","http://51.75.91.6:80/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113670/"
-"113671","2019-01-30 11:23:02","http://80.211.89.26:80/bins/daku.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113671/"
-"113669","2019-01-30 11:22:05","http://51.75.91.6:80/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113669/"
-"113668","2019-01-30 11:22:04","http://80.211.89.26:80/bins/daku.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113668/"
-"113667","2019-01-30 11:22:03","http://51.75.91.6:80/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113667/"
-"113666","2019-01-30 11:22:02","http://51.75.91.6:80/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113666/"
-"113665","2019-01-30 11:21:04","http://80.211.89.26:80/bins/daku.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113665/"
-"113663","2019-01-30 11:21:03","http://51.75.91.6:80/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113663/"
-"113664","2019-01-30 11:21:03","http://80.211.89.26:80/bins/daku.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113664/"
-"113662","2019-01-30 11:20:04","http://80.211.89.26:80/bins/daku.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113662/"
-"113661","2019-01-30 11:20:04","http://80.211.89.26:80/bins/daku.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113661/"
-"113660","2019-01-30 11:20:03","http://80.211.89.26:80/bins/daku.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113660/"
+"113678","2019-01-30 12:06:02","http://51.75.91.6/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113678/"
+"113677","2019-01-30 12:02:02","http://51.75.91.6/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113677/"
+"113676","2019-01-30 12:01:02","http://51.75.91.6/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113676/"
+"113675","2019-01-30 12:01:01","http://51.75.91.6/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113675/"
+"113674","2019-01-30 12:00:04","http://51.75.91.6/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113674/"
+"113673","2019-01-30 12:00:03","http://51.75.91.6/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113673/"
+"113672","2019-01-30 11:23:03","http://51.75.91.6:80/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113672/"
+"113670","2019-01-30 11:23:02","http://51.75.91.6:80/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113670/"
+"113671","2019-01-30 11:23:02","http://80.211.89.26:80/bins/daku.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113671/"
+"113669","2019-01-30 11:22:05","http://51.75.91.6:80/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113669/"
+"113668","2019-01-30 11:22:04","http://80.211.89.26:80/bins/daku.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113668/"
+"113667","2019-01-30 11:22:03","http://51.75.91.6:80/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113667/"
+"113666","2019-01-30 11:22:02","http://51.75.91.6:80/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113666/"
+"113665","2019-01-30 11:21:04","http://80.211.89.26:80/bins/daku.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113665/"
+"113663","2019-01-30 11:21:03","http://51.75.91.6:80/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113663/"
+"113664","2019-01-30 11:21:03","http://80.211.89.26:80/bins/daku.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113664/"
+"113662","2019-01-30 11:20:04","http://80.211.89.26:80/bins/daku.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113662/"
+"113661","2019-01-30 11:20:04","http://80.211.89.26:80/bins/daku.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113661/"
+"113660","2019-01-30 11:20:03","http://80.211.89.26:80/bins/daku.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113660/"
 "113659","2019-01-30 11:09:02","http://link.chillgrp.com/status.exe","offline","malware_download","ITA,Gozi","https://urlhaus.abuse.ch/url/113659/"
 "113658","2019-01-30 11:05:18","http://cdn.fixio.com/fixio14/cleaner/FIXIO_PC_Cleaner_Setup_v1.3.1_x64_m.msi","online","malware_download","msi","https://urlhaus.abuse.ch/url/113658/"
-"113657","2019-01-30 11:05:07","https://overhax.org/566tfghgf/","online","malware_download","ITA,geofenced,aced-js,Gozi","https://urlhaus.abuse.ch/url/113657/"
+"113657","2019-01-30 11:05:07","https://overhax.org/566tfghgf/","offline","malware_download","ITA,geofenced,aced-js,Gozi","https://urlhaus.abuse.ch/url/113657/"
 "113656","2019-01-30 11:03:02","http://vektorex.com/source/Z/107895085.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113656/"
 "113655","2019-01-30 10:58:06","http://qppl.angiang.gov.vn/vbpq.nsf/9e6a1e4b64680bd247256801000a8614/CED5C80F11172802472570EB0008541E/$file/3584QuychehoatdongBQLCho.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/113655/"
 "113654","2019-01-30 10:57:12","http://susirubin.com.br/UMRJWFNBV5028104/GER/Rechnungsanschrift/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113654/"
-"113653","2019-01-30 10:57:09","http://weiweinote.com/DE_de/CCPXHYNX2147354/Bestellungen/Zahlungserinnerung/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113653/"
+"113653","2019-01-30 10:57:09","http://weiweinote.com/DE_de/CCPXHYNX2147354/Bestellungen/Zahlungserinnerung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113653/"
 "113652","2019-01-30 10:57:08","http://okleika-auto.by/De/XTBHQBRRG9006233/Rechnungs/Fakturierung/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113652/"
-"113651","2019-01-30 10:57:07","http://quynhtienbridal.com/DE/GXVLTRBEA8029006/DE/Hilfestellung/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113651/"
-"113650","2019-01-30 10:57:03","http://oceangate.parkhomes.vn/DE_de/IWJGTEV2013397/Bestellungen/Rechnungsanschrift/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113650/"
+"113651","2019-01-30 10:57:07","http://quynhtienbridal.com/DE/GXVLTRBEA8029006/DE/Hilfestellung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113651/"
+"113650","2019-01-30 10:57:03","http://oceangate.parkhomes.vn/DE_de/IWJGTEV2013397/Bestellungen/Rechnungsanschrift/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113650/"
 "113649","2019-01-30 10:57:01","http://kiteletter.com/De_de/UNDQSPULXQ5616462/Rech/Fakturierung/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113649/"
-"113648","2019-01-30 10:56:59","http://sibtransauto-nsk.ru/BPHKNXAG1630253/Rech/RECHNUNG/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113648/"
-"113647","2019-01-30 10:56:58","http://sinhtrac.vn/wp-content/Telekom/Rechnungen/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113647/"
-"113646","2019-01-30 10:56:55","http://live.bhavishyagyan.com/Telekom/RechnungOnline/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113646/"
+"113648","2019-01-30 10:56:59","http://sibtransauto-nsk.ru/BPHKNXAG1630253/Rech/RECHNUNG/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113648/"
+"113647","2019-01-30 10:56:58","http://sinhtrac.vn/wp-content/Telekom/Rechnungen/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113647/"
+"113646","2019-01-30 10:56:55","http://live.bhavishyagyan.com/Telekom/RechnungOnline/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113646/"
 "113645","2019-01-30 10:56:54","http://ofmrchyk.store/css/Telekom/Transaktion/112019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113645/"
-"113644","2019-01-30 10:56:51","http://alicecaracciolo.it/RCBH_GtNL-IDdq/3a4/Payments/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113644/"
-"113643","2019-01-30 10:56:51","http://pmb.unugiri.ac.id/wp-content/uploads/Telekom/Rechnungen/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113643/"
-"113642","2019-01-30 10:56:50","http://myrltech.com/Telekom/Transaktion/112019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113642/"
+"113644","2019-01-30 10:56:51","http://alicecaracciolo.it/RCBH_GtNL-IDdq/3a4/Payments/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113644/"
+"113643","2019-01-30 10:56:51","http://pmb.unugiri.ac.id/wp-content/uploads/Telekom/Rechnungen/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113643/"
+"113642","2019-01-30 10:56:50","http://myrltech.com/Telekom/Transaktion/112019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113642/"
 "113641","2019-01-30 10:56:16","http://deepwebeye.com/bIOkIze/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113641/"
-"113640","2019-01-30 10:56:10","http://lusteri.com/Telekom/Rechnung/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113640/"
+"113640","2019-01-30 10:56:10","http://lusteri.com/Telekom/Rechnung/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113640/"
 "113639","2019-01-30 10:56:07","http://www.rrdm.co.in/Telekom/Rechnungen/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113639/"
-"113638","2019-01-30 10:56:03","http://marisel.com.ua/Rechnungs/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113638/"
-"113637","2019-01-30 10:56:01","http://regenerationcongo.com/Rechnung/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113637/"
-"113636","2019-01-30 10:55:59","http://www.hopeintlschool.org/Transaktion/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113636/"
-"113635","2019-01-30 10:55:56","http://askhenry.co.uk/Rechnungs/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113635/"
+"113638","2019-01-30 10:56:03","http://marisel.com.ua/Rechnungs/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113638/"
+"113637","2019-01-30 10:56:01","http://regenerationcongo.com/Rechnung/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113637/"
+"113636","2019-01-30 10:55:59","http://www.hopeintlschool.org/Transaktion/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113636/"
+"113635","2019-01-30 10:55:56","http://askhenry.co.uk/Rechnungs/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113635/"
 "113634","2019-01-30 10:55:54","http://www.newpavanchatcorner.com/Transaktion/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113634/"
-"113633","2019-01-30 10:55:52","http://www.pivmag02.ru/Rechnungs/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113633/"
+"113633","2019-01-30 10:55:52","http://www.pivmag02.ru/Rechnungs/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113633/"
 "113632","2019-01-30 10:55:49","http://chinesetimes.jp/chinanews3/Rechnungen/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113632/"
-"113631","2019-01-30 10:55:42","http://ulco.tv/Rechnung/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113631/"
-"113630","2019-01-30 10:55:38","http://designbrochure.us/vrwcaj/papkaa17/Rechnungs/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113630/"
-"113629","2019-01-30 10:55:34","https://dasco.kz/Rechnungen/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113629/"
-"113628","2019-01-30 10:55:30","http://zoomevents.pl/Rechnung/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113628/"
-"113627","2019-01-30 10:55:28","http://yeessol.com/Rechnung/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113627/"
-"113626","2019-01-30 10:55:25","http://regue.com.br/Rechnungen/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113626/"
+"113631","2019-01-30 10:55:42","http://ulco.tv/Rechnung/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113631/"
+"113630","2019-01-30 10:55:38","http://designbrochure.us/vrwcaj/papkaa17/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113630/"
+"113629","2019-01-30 10:55:34","https://dasco.kz/Rechnungen/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113629/"
+"113628","2019-01-30 10:55:30","http://zoomevents.pl/Rechnung/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113628/"
+"113627","2019-01-30 10:55:28","http://yeessol.com/Rechnung/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113627/"
+"113626","2019-01-30 10:55:25","http://regue.com.br/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113626/"
 "113625","2019-01-30 10:55:20","http://www.grantkulinar.ru/Rechnungs/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113625/"
-"113624","2019-01-30 10:55:17","http://shlifovka.by/Rechnungs/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113624/"
-"113623","2019-01-30 10:55:15","http://bag22.ru/Rechnungen/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113623/"
-"113622","2019-01-30 10:55:11","http://www.wahathalwancontracting.com/Rechnungen/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113622/"
-"113621","2019-01-30 10:55:07","http://www.vivaochoro.com.br/Rechnungen/01_19/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113621/"
+"113624","2019-01-30 10:55:17","http://shlifovka.by/Rechnungs/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113624/"
+"113623","2019-01-30 10:55:15","http://bag22.ru/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113623/"
+"113622","2019-01-30 10:55:11","http://www.wahathalwancontracting.com/Rechnungen/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113622/"
+"113621","2019-01-30 10:55:07","http://www.vivaochoro.com.br/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113621/"
 "113620","2019-01-30 10:46:05","http://qppl.angiang.gov.vn/vbpq/vbpq.nsf/ced5c80f11172802472570eb0008541e/$file/3584quychehoatdongbqlcho.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/113620/"
 "113619","2019-01-30 10:33:02","http://fanquonmtbes.com/temp/honry.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113619/"
-"113618","2019-01-30 10:30:05","http://coralsupplies.com/0076832364785967543/doc.php","online","malware_download","Macro-doc,USA,Dridex","https://urlhaus.abuse.ch/url/113618/"
+"113618","2019-01-30 10:30:05","http://coralsupplies.com/0076832364785967543/doc.php","offline","malware_download","Macro-doc,USA,Dridex","https://urlhaus.abuse.ch/url/113618/"
 "113617","2019-01-30 10:30:03","http://indenverarea.com/0076832364785967543/0076832364785967543/exe5675/exe.php","offline","malware_download","USA,Dridex,geofenced,headersfenced","https://urlhaus.abuse.ch/url/113617/"
 "113616","2019-01-30 10:00:07","http://qppl.angiang.gov.vn/vbpq.nsf/e52e33ef82896c3b47256f960028edba/3C191C16D67C587B472570E400143110/$file/QD3447-UBtinhQLNNveDL.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/113616/"
-"113615","2019-01-30 09:59:25","http://produccion.sanmartindelosandes.gov.ar/wp-content/uploads/Telekom/Rechnungen/012019/","online","malware_download","None","https://urlhaus.abuse.ch/url/113615/"
+"113615","2019-01-30 09:59:25","http://produccion.sanmartindelosandes.gov.ar/wp-content/uploads/Telekom/Rechnungen/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/113615/"
 "113614","2019-01-30 09:59:19","http://187.133.216.180:61412/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113614/"
 "113613","2019-01-30 09:59:16","http://112.197.238.164:42349/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113613/"
 "113612","2019-01-30 09:59:08","http://79.182.34.229:55164/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113612/"
 "113611","2019-01-30 09:59:06","http://1.53.211.23:20049/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113611/"
 "113610","2019-01-30 09:59:02","http://122.117.99.185:1691/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113610/"
-"113609","2019-01-30 09:58:58","http://80.211.89.26/bins/daku.arc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113609/"
-"113608","2019-01-30 09:58:58","http://80.211.89.26/bins/daku.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113608/"
-"113606","2019-01-30 09:58:57","http://80.211.89.26/bins/daku.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113606/"
-"113607","2019-01-30 09:58:57","http://80.211.89.26/bins/daku.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113607/"
-"113604","2019-01-30 09:58:56","http://80.211.89.26/bins/daku.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113604/"
-"113605","2019-01-30 09:58:56","http://80.211.89.26/bins/daku.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113605/"
-"113602","2019-01-30 09:58:55","http://80.211.89.26/bins/daku.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113602/"
-"113603","2019-01-30 09:58:55","http://80.211.89.26/bins/daku.ppc440","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113603/"
-"113601","2019-01-30 09:58:54","http://80.211.89.26/bins/daku.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113601/"
-"113600","2019-01-30 09:58:53","http://80.211.89.26/bins/daku.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113600/"
-"113599","2019-01-30 09:58:53","http://80.211.89.26/bins/daku.i586","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113599/"
-"113597","2019-01-30 09:58:52","http://80.211.89.26/bins/daku.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113597/"
-"113598","2019-01-30 09:58:52","http://80.211.89.26/bins/daku.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113598/"
+"113609","2019-01-30 09:58:58","http://80.211.89.26/bins/daku.arc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113609/"
+"113608","2019-01-30 09:58:58","http://80.211.89.26/bins/daku.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113608/"
+"113606","2019-01-30 09:58:57","http://80.211.89.26/bins/daku.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113606/"
+"113607","2019-01-30 09:58:57","http://80.211.89.26/bins/daku.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113607/"
+"113604","2019-01-30 09:58:56","http://80.211.89.26/bins/daku.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113604/"
+"113605","2019-01-30 09:58:56","http://80.211.89.26/bins/daku.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113605/"
+"113602","2019-01-30 09:58:55","http://80.211.89.26/bins/daku.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113602/"
+"113603","2019-01-30 09:58:55","http://80.211.89.26/bins/daku.ppc440","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113603/"
+"113601","2019-01-30 09:58:54","http://80.211.89.26/bins/daku.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113601/"
+"113600","2019-01-30 09:58:53","http://80.211.89.26/bins/daku.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113600/"
+"113599","2019-01-30 09:58:53","http://80.211.89.26/bins/daku.i586","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113599/"
+"113597","2019-01-30 09:58:52","http://80.211.89.26/bins/daku.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113597/"
+"113598","2019-01-30 09:58:52","http://80.211.89.26/bins/daku.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113598/"
 "113595","2019-01-30 09:58:51","http://185.101.105.173/ppc2","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113595/"
-"113596","2019-01-30 09:58:51","http://80.211.89.26/bins/daku.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113596/"
-"113594","2019-01-30 09:58:50","http://185.101.105.173/arm55","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113594/"
-"113593","2019-01-30 09:58:49","http://185.101.105.173/arm44","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113593/"
-"113592","2019-01-30 09:58:48","http://185.101.105.173/mk2","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113592/"
-"113591","2019-01-30 09:58:47","http://185.101.105.173/ar58","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113591/"
-"113590","2019-01-30 09:58:46","http://185.101.105.173/ppcp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113590/"
-"113589","2019-01-30 09:58:45","http://185.101.105.173/arm66","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113589/"
-"113588","2019-01-30 09:58:44","http://185.101.105.173/x86wtf","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113588/"
-"113587","2019-01-30 09:58:43","http://185.101.105.173/sshm8","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113587/"
-"113586","2019-01-30 09:58:42","http://185.101.105.173/mipsell","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113586/"
-"113585","2019-01-30 09:58:41","http://185.101.105.173/mippss","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113585/"
+"113596","2019-01-30 09:58:51","http://80.211.89.26/bins/daku.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113596/"
+"113594","2019-01-30 09:58:50","http://185.101.105.173/arm55","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113594/"
+"113593","2019-01-30 09:58:49","http://185.101.105.173/arm44","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113593/"
+"113592","2019-01-30 09:58:48","http://185.101.105.173/mk2","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113592/"
+"113591","2019-01-30 09:58:47","http://185.101.105.173/ar58","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113591/"
+"113590","2019-01-30 09:58:46","http://185.101.105.173/ppcp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113590/"
+"113589","2019-01-30 09:58:45","http://185.101.105.173/arm66","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113589/"
+"113588","2019-01-30 09:58:44","http://185.101.105.173/x86wtf","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113588/"
+"113587","2019-01-30 09:58:43","http://185.101.105.173/sshm8","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113587/"
+"113586","2019-01-30 09:58:42","http://185.101.105.173/mipsell","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113586/"
+"113585","2019-01-30 09:58:41","http://185.101.105.173/mippss","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113585/"
 "113584","2019-01-30 09:58:39","http://83.57.161.162:6759/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113584/"
 "113583","2019-01-30 09:58:23","http://209.141.33.126/brother/arm.bot","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113583/"
 "113582","2019-01-30 09:58:22","http://209.141.33.126/brother/arm5.bot","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113582/"
@@ -116,16 +582,16 @@
 "113574","2019-01-30 09:58:14","http://209.141.33.126/brother/x86.bot","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113574/"
 "113571","2019-01-30 09:58:13","http://144.217.241.195/mipsel","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113571/"
 "113573","2019-01-30 09:58:13","http://206.189.20.94/AB4g5/Josho.arm4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113573/"
-"113572","2019-01-30 09:58:13","http://206.189.20.94/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113572/"
+"113572","2019-01-30 09:58:13","http://206.189.20.94/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113572/"
 "113570","2019-01-30 09:58:12","http://144.217.241.195/mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113570/"
 "113569","2019-01-30 09:58:11","http://144.217.241.195/armv5l","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113569/"
 "113568","2019-01-30 09:58:10","http://144.217.241.195/440fp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113568/"
-"113566","2019-01-30 09:58:10","http://208.89.215.123/ftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113566/"
+"113566","2019-01-30 09:58:10","http://208.89.215.123/ftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113566/"
 "113567","2019-01-30 09:58:10","http://208.89.215.123/telnetd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113567/"
-"113565","2019-01-30 09:58:08","http://208.89.215.123/cron","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113565/"
-"113564","2019-01-30 09:58:06","http://208.89.215.123/wget","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113564/"
-"113563","2019-01-30 09:58:04","http://208.89.215.123/tftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113563/"
-"113562","2019-01-30 09:58:02","http://208.89.215.123/bash","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113562/"
+"113565","2019-01-30 09:58:08","http://208.89.215.123/cron","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113565/"
+"113564","2019-01-30 09:58:06","http://208.89.215.123/wget","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113564/"
+"113563","2019-01-30 09:58:04","http://208.89.215.123/tftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113563/"
+"113562","2019-01-30 09:58:02","http://208.89.215.123/bash","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113562/"
 "113560","2019-01-30 09:57:53","http://107.191.109.122/Bender.arm7","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113560/"
 "113561","2019-01-30 09:57:53","http://107.191.109.122/Bender.ppc440fp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113561/"
 "113559","2019-01-30 09:57:52","http://107.191.109.122/Bender.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113559/"
@@ -136,7 +602,7 @@
 "113554","2019-01-30 09:57:47","http://107.191.109.122/Bender.mpsl","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113554/"
 "113553","2019-01-30 09:57:46","http://107.191.109.122/Bender.mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113553/"
 "113552","2019-01-30 09:57:45","http://37.44.212.223/rig","online","malware_download","None","https://urlhaus.abuse.ch/url/113552/"
-"113551","2019-01-30 09:57:42","http://208.89.215.123/pftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113551/"
+"113551","2019-01-30 09:57:42","http://208.89.215.123/pftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113551/"
 "113549","2019-01-30 09:57:40","http://159.65.185.61/yakuza.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113549/"
 "113550","2019-01-30 09:57:40","http://159.65.185.61/yakuza.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113550/"
 "113548","2019-01-30 09:57:39","http://159.65.185.61/yakuza.arm6","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113548/"
@@ -149,12 +615,12 @@
 "113541","2019-01-30 09:55:06","http://103.114.163.197/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113541/"
 "113540","2019-01-30 09:54:36","http://103.114.163.197/AB4g5/Josho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113540/"
 "113539","2019-01-30 09:54:06","http://103.114.163.197/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113539/"
-"113538","2019-01-30 09:53:35","http://206.189.20.94/AB4g5/Josho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113538/"
-"113537","2019-01-30 09:53:33","http://206.189.20.94/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113537/"
-"113536","2019-01-30 09:53:31","http://206.189.20.94/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113536/"
-"113535","2019-01-30 09:53:28","http://206.189.20.94/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113535/"
-"113534","2019-01-30 09:53:26","http://206.189.20.94/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113534/"
-"113533","2019-01-30 09:53:24","http://206.189.20.94/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113533/"
+"113538","2019-01-30 09:53:35","http://206.189.20.94/AB4g5/Josho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113538/"
+"113537","2019-01-30 09:53:33","http://206.189.20.94/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113537/"
+"113536","2019-01-30 09:53:31","http://206.189.20.94/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113536/"
+"113535","2019-01-30 09:53:28","http://206.189.20.94/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113535/"
+"113534","2019-01-30 09:53:26","http://206.189.20.94/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113534/"
+"113533","2019-01-30 09:53:24","http://206.189.20.94/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113533/"
 "113532","2019-01-30 09:53:22","http://157.230.175.134/yakuza.mips","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113532/"
 "113531","2019-01-30 09:53:19","http://157.230.175.134/yakuza.sh4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113531/"
 "113530","2019-01-30 09:53:17","http://157.230.175.134/yakuza.arm6","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113530/"
@@ -162,27 +628,27 @@
 "113528","2019-01-30 09:53:12","http://157.230.175.134/yakuza.ppc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113528/"
 "113527","2019-01-30 09:53:09","http://157.230.175.134/yakuza.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113527/"
 "113526","2019-01-30 09:53:05","http://157.230.175.134/yakuza.arm5","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113526/"
-"113525","2019-01-30 09:43:03","http://80.211.89.26:80/bins/daku.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113525/"
-"113524","2019-01-30 09:40:03","http://80.211.89.26:80/bins/daku.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113524/"
+"113525","2019-01-30 09:43:03","http://80.211.89.26:80/bins/daku.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113525/"
+"113524","2019-01-30 09:40:03","http://80.211.89.26:80/bins/daku.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113524/"
 "113523","2019-01-30 09:33:04","http://motelfortpierce.com/wp-content/themes/Divi/epanel/css/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113523/"
 "113522","2019-01-30 09:17:19","http://getgeekgadgets.com/Java.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113522/"
 "113521","2019-01-30 09:16:30","http://motelfortpierce.com/wp-content/themes/Divi/epanel/css/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113521/"
 "113520","2019-01-30 09:16:14","http://htl.ru/soft/flux-setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113520/"
 "113519","2019-01-30 09:12:22","http://getgeekgadgets.com/Tests_Protected.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113519/"
 "113518","2019-01-30 09:12:09","http://140.82.33.56/file10.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113518/"
-"113517","2019-01-30 09:11:02","http://151.80.8.17/invoice.doc","online","malware_download","RTF","https://urlhaus.abuse.ch/url/113517/"
-"113516","2019-01-30 09:10:05","http://185.101.105.173/sparcc","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113516/"
-"113515","2019-01-30 09:10:04","http://185.101.105.173/arm62","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113515/"
+"113517","2019-01-30 09:11:02","http://151.80.8.17/invoice.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/113517/"
+"113516","2019-01-30 09:10:05","http://185.101.105.173/sparcc","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113516/"
+"113515","2019-01-30 09:10:04","http://185.101.105.173/arm62","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113515/"
 "113514","2019-01-30 08:57:06","http://bysourtoast.com/wordpress/wp-content/plugins/wp-akismet/css/ofylgv.msi","online","malware_download","msi","https://urlhaus.abuse.ch/url/113514/"
 "113513","2019-01-30 08:54:04","http://getgeekgadgets.com/AV.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113513/"
 "113512","2019-01-30 08:39:03","http://209.141.33.126/brother/arm7.bot","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113512/"
 "113511","2019-01-30 08:37:11","http://htl.ru/soft/setup-lightshot.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113511/"
-"113510","2019-01-30 08:37:04","http://adobedetails.gq/file/stealth.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113510/"
+"113510","2019-01-30 08:37:04","http://adobedetails.gq/file/stealth.exe","offline","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/113510/"
 "113509","2019-01-30 08:33:03","http://getgeekgadgets.com/protected.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113509/"
 "113508","2019-01-30 08:20:17","http://www.hosurbusiness.com/cnKgCjaDLegepf14/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113508/"
 "113507","2019-01-30 08:20:14","http://www.phyzicia.com/o7UkdcC660mC_fD36O6wM/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113507/"
 "113506","2019-01-30 08:20:13","http://mail.tgeeks.co.tz/pHnj6pZbAhM7_oEO7j/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113506/"
-"113505","2019-01-30 08:20:10","http://landmarkbytherivers.com/wp-includes/IXR/eiv8Zdszu1ro8/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113505/"
+"113505","2019-01-30 08:20:10","http://landmarkbytherivers.com/wp-includes/IXR/eiv8Zdszu1ro8/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113505/"
 "113504","2019-01-30 08:20:07","http://www.hotelinone.net/IzBYbmU9N3dF8R/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113504/"
 "113503","2019-01-30 08:07:02","http://144.217.241.195/i586","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113503/"
 "113502","2019-01-30 08:04:02","http://157.230.211.181/wget","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113502/"
@@ -194,16 +660,16 @@
 "113496","2019-01-30 07:58:03","http://144.217.241.195/m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113496/"
 "113495","2019-01-30 07:57:03","http://198.98.61.169/yakuza.m68k","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113495/"
 "113494","2019-01-30 07:57:02","http://144.217.241.195/armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113494/"
-"113493","2019-01-30 07:55:04","http://208.89.215.123/apache2","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113493/"
+"113493","2019-01-30 07:55:04","http://208.89.215.123/apache2","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113493/"
 "113492","2019-01-30 07:55:02","http://198.98.61.169/yakuza.arm4","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113492/"
 "113491","2019-01-30 07:54:03","http://198.98.61.169/yakuza.ppc","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113491/"
 "113490","2019-01-30 07:53:03","http://144.217.241.195/powerpc","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113490/"
 "113488","2019-01-30 07:52:09","http://198.98.61.169/yakuza.x32","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113488/"
-"113489","2019-01-30 07:52:09","http://206.189.20.94/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113489/"
+"113489","2019-01-30 07:52:09","http://206.189.20.94/AB4g5/Josho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113489/"
 "113487","2019-01-30 07:52:08","http://107.191.109.122/Bender.sh4","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113487/"
 "113486","2019-01-30 07:50:08","http://144.217.241.195/armv7l","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113486/"
 "113485","2019-01-30 07:50:07","http://157.230.211.181/pftp","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113485/"
-"113484","2019-01-30 07:50:05","http://208.89.215.123/sshd","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113484/"
+"113484","2019-01-30 07:50:05","http://208.89.215.123/sshd","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113484/"
 "113483","2019-01-30 07:50:03","http://198.98.61.169/yakuza.sh4","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113483/"
 "113482","2019-01-30 07:49:06","http://159.65.185.61/yakuza.x86","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113482/"
 "113481","2019-01-30 07:49:04","http://107.191.109.122/Bender.ppc","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113481/"
@@ -212,21 +678,21 @@
 "113478","2019-01-30 07:48:08","http://157.230.211.181/cron","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113478/"
 "113477","2019-01-30 07:48:05","http://198.98.61.169/yakuza.arm6","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113477/"
 "113476","2019-01-30 07:47:07","http://159.65.185.61/yakuza.ppc","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113476/"
-"113475","2019-01-30 07:47:05","http://208.89.215.123/ntpd","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113475/"
+"113475","2019-01-30 07:47:05","http://208.89.215.123/ntpd","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113475/"
 "113474","2019-01-30 07:47:02","http://198.98.61.169/yakuza.mpsl","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113474/"
 "113473","2019-01-30 07:45:12","http://157.230.211.181/ftp","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113473/"
 "113472","2019-01-30 07:45:09","http://159.65.185.61/yakuza.mips","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113472/"
 "113471","2019-01-30 07:45:05","http://107.191.109.122/Bender.i686","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113471/"
 "113470","2019-01-30 07:44:12","http://103.114.163.197/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113470/"
 "113469","2019-01-30 07:44:08","http://157.230.175.134/yakuza.x86","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113469/"
-"113468","2019-01-30 07:44:05","http://208.89.215.123/openssh","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113468/"
+"113468","2019-01-30 07:44:05","http://208.89.215.123/openssh","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113468/"
 "113467","2019-01-30 07:42:09","http://159.65.185.61/yakuza.m68k","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113467/"
 "113466","2019-01-30 07:42:07","http://159.65.185.61/yakuza.x32","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113466/"
 "113465","2019-01-30 07:42:05","http://157.230.211.181/tftp","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113465/"
 "113464","2019-01-30 07:20:05","http://157.230.175.134/yakuza.mpsl","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113464/"
-"113463","2019-01-30 07:20:04","http://208.89.215.123/sh","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113463/"
-"113462","2019-01-30 07:18:08","http://206.189.20.94/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113462/"
-"113461","2019-01-30 07:18:05","http://206.189.20.94/AB4g5/Josho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113461/"
+"113463","2019-01-30 07:20:04","http://208.89.215.123/sh","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113463/"
+"113462","2019-01-30 07:18:08","http://206.189.20.94/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113462/"
+"113461","2019-01-30 07:18:05","http://206.189.20.94/AB4g5/Josho.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113461/"
 "113460","2019-01-30 07:18:03","http://103.114.163.197/AB4g5/Josho.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113460/"
 "113459","2019-01-30 07:17:07","http://157.230.175.134/yakuza.x32","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113459/"
 "113458","2019-01-30 07:17:06","http://198.98.61.169/yakuza.i586","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113458/"
@@ -240,7 +706,7 @@
 "113450","2019-01-30 07:14:06","http://157.230.211.181/bash","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113450/"
 "113449","2019-01-30 07:14:03","http://157.230.175.134/yakuza.i586","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113449/"
 "113448","2019-01-30 07:13:03","http://144.217.241.195/x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113448/"
-"113447","2019-01-30 07:12:09","http://206.189.20.94/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113447/"
+"113447","2019-01-30 07:12:09","http://206.189.20.94/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113447/"
 "113446","2019-01-30 07:12:05","http://144.217.241.195/sparc","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113446/"
 "113445","2019-01-30 06:55:05","http://www.peyzaj.site/wtRtG-cLFjV_OVgb-Qm/JP209/invoicing/EN_en/Invoice-receipt/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113445/"
 "113444","2019-01-30 06:55:04","http://drkulla.pl/zFBnL-FeTkD_oWl-KA/Invoice/9539682/En/ACH-form/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113444/"
@@ -251,12 +717,12 @@
 "113439","2019-01-30 06:50:06","http://www.ensleyortho.com/ES14ezQtPA/","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/113439/"
 "113438","2019-01-30 06:50:04","http://www.deepwebeye.com/bIOkIze/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113438/"
 "113437","2019-01-30 06:42:08","http://www.hopealso.com/fMgs_IzfYE-SwvIHElf/l7r/Clients_information/2019-01/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113437/"
-"113436","2019-01-30 06:42:06","http://www.maoyue.com/xVHSf_nUUw-Ik/m3Y/Clients_transactions/012019/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113436/"
+"113436","2019-01-30 06:42:06","http://www.maoyue.com/xVHSf_nUUw-Ik/m3Y/Clients_transactions/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113436/"
 "113435","2019-01-30 06:34:07","http://200.63.45.101/ibro.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113435/"
 "113434","2019-01-30 06:31:04","https://codeload.github.com/mastercoder23/03924802/zip/formulario?dl=1","online","malware_download","zip","https://urlhaus.abuse.ch/url/113434/"
 "113433","2019-01-30 06:26:05","http://getgeekgadgets.com/JAVA_Protected.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113433/"
 "113432","2019-01-30 06:23:08","http://clinicacasuo.com.br/img/reader.mp3","online","malware_download","exe","https://urlhaus.abuse.ch/url/113432/"
-"113431","2019-01-30 06:20:02","http://151.80.8.17/document.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/113431/"
+"113431","2019-01-30 06:20:02","http://151.80.8.17/document.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/113431/"
 "113430","2019-01-30 06:17:03","http://85.250.36.135:51458/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113430/"
 "113429","2019-01-30 06:15:12","http://128.65.183.8:17681/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113429/"
 "113428","2019-01-30 06:14:42","http://201.43.239.223:53562/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113428/"
@@ -296,16 +762,16 @@
 "113394","2019-01-30 05:01:04","http://www.australiaadventures.com/58.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113394/"
 "113393","2019-01-30 04:59:02","http://astravernici.es/wp-content/themes/sketch/ttr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113393/"
 "113392","2019-01-30 04:21:34","http://xn----8sbfbei3cieefbp6a.xn--p1ai/OdTu-04_vlKa-kQR/EXT/PaymentStatus/EN_en/Document-needed/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113392/"
-"113391","2019-01-30 04:21:33","http://46.29.167.53/nadek86","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113391/"
+"113391","2019-01-30 04:21:33","http://46.29.167.53/nadek86","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113391/"
 "113390","2019-01-30 04:21:03","http://leruwap.com/dOisN-xl_GTkcf-sj/Invoice/258214179/US_us/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113390/"
 "113389","2019-01-30 04:20:05","http://www.jteng.cn.com/HaVVs_FMDaX-U/Qvh/Clients_transactions/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113389/"
 "113388","2019-01-30 04:20:02","http://bwspragueconsultingservices.com/qLSF_IHo4m-QoMYB/bly/Clients_tra/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/113388/"
-"113387","2019-01-30 04:17:04","http://46.29.167.53/nadek","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113387/"
-"113386","2019-01-30 04:17:02","http://46.29.167.53/nadekel","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113386/"
+"113387","2019-01-30 04:17:04","http://46.29.167.53/nadek","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113387/"
+"113386","2019-01-30 04:17:02","http://46.29.167.53/nadekel","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/113386/"
 "113385","2019-01-30 03:47:11","http://www.pbsa-benin.org/dNlTR-nE_yA-T9/083242/SurveyQuestionsEn_us/Document-needed/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113385/"
 "113384","2019-01-30 03:47:10","http://www.luhguesthouse.co.za/ODEe-d0_pHLQEON-ck/INVOICE/79903/OVERPAYMENT/En_us/Companies-Invoice-9624879/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113384/"
-"113383","2019-01-30 03:47:07","http://www.dreferparafusos.com.br/PKvO-HU_UfhskiiI-yp/Southwire/JFU694396545/En_us/Paid-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113383/"
-"113382","2019-01-30 03:47:03","http://talkstolearn.com/NlxE-kJ_UDSBk-dGw/US/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113382/"
+"113383","2019-01-30 03:47:07","http://www.dreferparafusos.com.br/PKvO-HU_UfhskiiI-yp/Southwire/JFU694396545/En_us/Paid-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113383/"
+"113382","2019-01-30 03:47:03","http://talkstolearn.com/NlxE-kJ_UDSBk-dGw/US/Paid-Invoice-Credit-Card-Receipt/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113382/"
 "113381","2019-01-30 03:46:03","http://narkology-vikont.ru/QbZWc-wtM_RgQO-bKT/Southwire/LYW13018896/EN_en/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113381/"
 "113380","2019-01-30 03:40:08","http://hydra100.staroundi.com/ztvbi2274/jsmk2801.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113380/"
 "113379","2019-01-30 03:26:03","https://uca57dbf6d27dc01131f01b11f1a.dl.dropboxusercontent.com/cd/0/get/AaXs04wKkTcz_DIhY42ToqgVhky4YaMOpeyLGvQapF6RfTSp0TfXXBF4PhgYU3T9t5ng_jhOIRoPvn4ihKNMKAjd9wcRps2vjJ0hy9F87w_txg/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/113379/"
@@ -334,7 +800,6 @@
 "113352","2019-01-30 02:55:29","http://mostkuafor.com/XIYq_tfI-iXr/Nr/Attachments/012019//","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113352/"
 "113351","2019-01-30 02:55:27","http://www.mocar.com.ar/wDdf_CDC-vfZ/WN0/Clients_information/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113351/"
 "113349","2019-01-30 02:55:22","http://www.bhanu.vetgat.com/taYks_cX-VVLPWkdH/rmX/Clients_information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113349/"
-"113350","2019-01-30 02:55:22","https://linkprotect.cudasvc.com/url?a=http://www.ingrossostock.it/MPrKc-qC5R_xaOCooI-d6/invoices/1098/2298/En/Outstanding-Invoices&c=E,1,-uAU5TDC2VNzDO586vtOZaG8s7TZPSNrTDoA9aMWnMzRs_DIwaiZq5Beaxogd_txisAtC9dRndM5goyIQlAU5jXvf6ktwLHMoOtBLkabXxHxmEg_RJRAWd/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113350/"
 "113348","2019-01-30 02:55:19","http://www.idalabs.com/wp-content/oIwG_6LfTM-F/iX/Messages/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113348/"
 "113347","2019-01-30 02:55:17","http://new.kgc.ac.bd/kfra_Kj-C/w9I/Clients_information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113347/"
 "113346","2019-01-30 02:55:12","http://www.cybuzz.in/yGrc_Ur-Ft/rS/Clients_information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113346/"
@@ -344,7 +809,7 @@
 "113342","2019-01-30 02:55:03","http://www.ksimex.com.ua/veaKR_iFA-bhb/2Pl/Attachments/2019-01/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113342/"
 "113341","2019-01-30 02:47:06","http://www.ychynt.com/Jun2018/Customer-Invoice-CT-34471630/","online","malware_download","doc","https://urlhaus.abuse.ch/url/113341/"
 "113340","2019-01-30 02:46:30","http://anhhunghaokiet.net/autoupdate/vlbs_pk_12/vlbs_pk.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113340/"
-"113339","2019-01-30 02:39:13","http://kbfqatar.org/qa/wp-includes/js/jquery/query/files/brwnfile19/Ofwin1960.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/113339/"
+"113339","2019-01-30 02:39:13","http://kbfqatar.org/qa/wp-includes/js/jquery/query/files/brwnfile19/Ofwin1960.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/113339/"
 "113338","2019-01-30 02:39:08","https://www.dropbox.com/s/dl/q64ulp70zo7c8j6/New%20PO_output4065E50.doc.z","online","malware_download","zip","https://urlhaus.abuse.ch/url/113338/"
 "113337","2019-01-30 02:38:08","http://acharyagroup.net/a/good.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113337/"
 "113336","2019-01-30 02:23:02","http://sylvanbrandt.com/wp-content/themes/sylvan-brandt/templates/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113336/"
@@ -371,13 +836,13 @@
 "113315","2019-01-29 23:58:03","http://23.249.163.110/microsoft/excel/adobe.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113315/"
 "113314","2019-01-29 23:51:09","http://23.249.163.110/microsoft/word/outlook.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113314/"
 "113313","2019-01-29 23:37:23","http://d95589oy.beget.tech/Overlay.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113313/"
-"113312","2019-01-29 23:23:09","http://pjfittedkitchens.com/uerfWET_jrbze/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113312/"
+"113312","2019-01-29 23:23:09","http://pjfittedkitchens.com/uerfWET_jrbze/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113312/"
 "113311","2019-01-29 23:23:08","http://katariahospital.com/tquLevYG/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113311/"
 "113310","2019-01-29 23:23:06","http://gclubfan.com/ahjpTwNsvu2X_Q7h/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113310/"
 "113309","2019-01-29 23:23:05","http://bilanacc.com/P7BuwLoQsTjP0hBVF/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113309/"
-"113308","2019-01-29 23:23:04","http://ttobus.com/ZtzZFiHGL_r/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113308/"
+"113308","2019-01-29 23:23:04","http://ttobus.com/ZtzZFiHGL_r/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113308/"
 "113307","2019-01-29 23:05:05","http://152.250.124.4:63402/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113307/"
-"113306","2019-01-29 22:55:19","http://www.littlemonkeysfunhouse.com/QRCu-NfJ_AAxztlGBz-lH/YJ804/invoicing/US/Outstanding-Invoices/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113306/"
+"113306","2019-01-29 22:55:19","http://www.littlemonkeysfunhouse.com/QRCu-NfJ_AAxztlGBz-lH/YJ804/invoicing/US/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113306/"
 "113305","2019-01-29 22:55:15","http://www.gdrif.org/iJPq-c8zx_hMIVSiuu-LA/5384631/SurveyQuestionsUS_us/Question/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113305/"
 "113304","2019-01-29 22:55:08","http://moneylang.com/bZZpC-Rh_JPmUB-MVq/EXT/PaymentStatus/US_us/Overdue-payment/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113304/"
 "113303","2019-01-29 22:55:05","http://wellactivity.com/XPNh_rSF-tsyZOoz/us/Payments/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113303/"
@@ -395,7 +860,7 @@
 "113291","2019-01-29 22:37:55","http://www.danataifco.com/YomQu-wrZs_bIrLyo-hX/US_us/Invoice-receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113291/"
 "113290","2019-01-29 22:37:52","http://vps216382.vps.ovh.ca/ZsSv-KI_UXMIINDN-3k/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/US/New-order/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113290/"
 "113289","2019-01-29 22:37:51","http://thebrickguys.co.uk/yYop-fA_ixv-6Kr/Southwire/RRG9568831059/En/Invoices-Overdue/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113289/"
-"113288","2019-01-29 22:37:47","http://segurivil.cl/CaXae-HL9UX_ZE-MPL/invoices/95501/45752/US_us/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113288/"
+"113288","2019-01-29 22:37:47","http://segurivil.cl/CaXae-HL9UX_ZE-MPL/invoices/95501/45752/US_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113288/"
 "113287","2019-01-29 22:37:43","http://pcltechtest2.com/zwBbb-8m9r_nWxFr-Xu3/0361297/SurveyQuestionsEn_us/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113287/"
 "113286","2019-01-29 22:37:39","http://paulmears.com/iLwqH-va7iR_il-MW/ACH/PaymentAdvice/US/Invoices-attached/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113286/"
 "113285","2019-01-29 22:37:38","http://nutraplus.in/LVnq-sv9_P-qff/Ref/311644016EN_en/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113285/"
@@ -403,18 +868,18 @@
 "113283","2019-01-29 22:37:27","http://latuagrottaferrata.it/HvVo-Ymh_mQocHkiC-VBb/S393/invoicing/En/190-19-553553-676-190-19-553553-679/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113283/"
 "113282","2019-01-29 22:37:26","http://kreyta.com/aJgG-sVW_lNM-HY/Inv/321353811/En_us/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113282/"
 "113281","2019-01-29 22:37:23","http://k2mobile.net/qQjO-m0S_y-aGb/B67/invoicing/US_us/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113281/"
-"113280","2019-01-29 22:37:20","http://imo-xis.com/lqWbq-v9_mf-J9M/ACH/PaymentAdvice/EN_en/New-order/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113280/"
+"113280","2019-01-29 22:37:20","http://imo-xis.com/lqWbq-v9_mf-J9M/ACH/PaymentAdvice/EN_en/New-order/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113280/"
 "113279","2019-01-29 22:37:19","http://gritcoworks.com/wp-content/themes/twentyfifteen/lqIjn-3tix_JGcVVHidJ-Vds/invoices/23850/6486/EN_en/Invoices-attached/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113279/"
 "113278","2019-01-29 22:37:17","http://goodmorningsleeperbus.com/GADl-ui_ifM-hyy/INVOICE/2008/OVERPAYMENT/US/Past-Due-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113278/"
 "113277","2019-01-29 22:37:14","http://fight2fit.in/Ldgu-d2M_j-f2/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/EN_en/Need-to-send-the-attachment/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113277/"
-"113276","2019-01-29 22:37:13","http://chsud.futminna.edu.ng/VtHZ-wro_N-sod/ACH/PaymentInfo/En_us/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113276/"
-"113275","2019-01-29 22:37:11","http://chopoodlehanoi.com/GXANk-LG_ofrxefk-uh/INV/62826FORPO/3254590038/US_us/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113275/"
+"113276","2019-01-29 22:37:13","http://chsud.futminna.edu.ng/VtHZ-wro_N-sod/ACH/PaymentInfo/En_us/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113276/"
+"113275","2019-01-29 22:37:11","http://chopoodlehanoi.com/GXANk-LG_ofrxefk-uh/INV/62826FORPO/3254590038/US_us/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113275/"
 "113274","2019-01-29 22:37:08","http://blogbizopp.com/AMKlt-yDm_g-UKI/EXT/PaymentStatus/US/660-63-745930-182-660-63-745930-184/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/113274/"
 "113273","2019-01-29 22:37:06","http://biensante.com/VyXxN-ubNJe_h-vmR/Ref/661289335En/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113273/"
-"113272","2019-01-29 22:37:05","http://alaturkadoner.net/Rfuhw-0YPrR_NhxEzKOhe-KB/Ref/91744541En/Scan/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113272/"
+"113272","2019-01-29 22:37:05","http://alaturkadoner.net/Rfuhw-0YPrR_NhxEzKOhe-KB/Ref/91744541En/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113272/"
 "113271","2019-01-29 22:36:44","http://www.flottmerkt.is/HxoWs_Cixb-h/r82/Information/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113271/"
 "113270","2019-01-29 22:36:42","http://suckhoevang24h.org/kbGKh_FVtej-vgrdQeL/NJ/Clients_Messages/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113270/"
-"113269","2019-01-29 22:36:40","http://sls-eg.com/ruJKp_6qfz-njKS/wv/Details/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113269/"
+"113269","2019-01-29 22:36:40","http://sls-eg.com/ruJKp_6qfz-njKS/wv/Details/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113269/"
 "113268","2019-01-29 22:36:39","http://shopatease.bajwadairy.com/IKGfB_4Sm5e-rPdl/Mt/Attachments/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113268/"
 "113267","2019-01-29 22:36:38","http://musikaclassifieds.com/sxlEB_0sh-pKRUCrE/rC2/Details/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113267/"
 "113266","2019-01-29 22:36:37","http://mldvpichathras.com/eEtrQ_wM-QjJqLIyO/hzn/Transactions/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113266/"
@@ -424,8 +889,8 @@
 "113262","2019-01-29 22:18:13","http://xaydungphuongdong.net/C2AGBs7Ah/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113262/"
 "113261","2019-01-29 22:18:10","http://maisonvoltaire.org/EsUDRwECHV/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113261/"
 "113260","2019-01-29 22:18:09","http://shoesstockshop.ru/xxLR1CX/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113260/"
-"113259","2019-01-29 22:18:05","http://www.pabloteixeira.com/xoUPk7FI/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113259/"
-"113258","2019-01-29 22:18:01","http://bestprogrammingbooks.com/wp-admin/caD67CPRUd/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113258/"
+"113259","2019-01-29 22:18:05","http://www.pabloteixeira.com/xoUPk7FI/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/113259/"
+"113258","2019-01-29 22:18:01","http://bestprogrammingbooks.com/wp-admin/caD67CPRUd/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/113258/"
 "113257","2019-01-29 22:16:40","http://www.dampbageriet.no/tVjA_vL-iSVAfiQN/d1/Transactions/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113257/"
 "113256","2019-01-29 22:16:35","http://baohohungngoc.vn/KRRRr_O5r-nR/5v/Attachments/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113256/"
 "113255","2019-01-29 22:16:29","http://teszt.szauna-epites.hu/BKuUg_1Gf-qIfv/qO/Clients_information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113255/"
@@ -441,7 +906,7 @@
 "113245","2019-01-29 22:15:25","http://lplogistics.in/Xbsw_F0mr-YedQwQ/vlR/Transactions/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113245/"
 "113244","2019-01-29 22:15:20","http://moneyclap.com/CyDo_D1cxm-tv/xs/Attachments/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113244/"
 "113243","2019-01-29 22:15:15","http://ikaroo.at/gXtWY_Drlj-uTVGkOGR/555/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113243/"
-"113242","2019-01-29 22:15:10","http://jonathandocksey.co.uk/bQhkz_TW-HL/GU/Clients_Messages/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113242/"
+"113242","2019-01-29 22:15:10","http://jonathandocksey.co.uk/bQhkz_TW-HL/GU/Clients_Messages/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113242/"
 "113241","2019-01-29 22:15:03","http://peninsulals.com/ffhPQ_u2isl-xDfc/faW/Clients_information/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113241/"
 "113240","2019-01-29 22:14:56","http://escorter.info/selT_aAQz2-TZdPVOr/hO/Clients/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113240/"
 "113239","2019-01-29 22:14:51","http://npkhurai.com/VHda_3y3K-hzpdQH/0ni/Transactions/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113239/"
@@ -449,7 +914,6 @@
 "113237","2019-01-29 22:14:31","http://escuelabuceoaventura.com/iKNnM_QQIm-TmsFdC/bRg/Clients_information/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113237/"
 "113236","2019-01-29 22:14:25","http://bangmang888.com/Cfsz_1VuMu-ArDdUVTmf/Nd/Payments/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113236/"
 "113235","2019-01-29 22:14:10","http://finet.com/lAUdm_t57-cVShF/4YM/Messages/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113235/"
-"113234","2019-01-29 22:14:05","https://linkprotect.cudasvc.com/url?a=http://www.ingrossostock.it/MPrKc-qC5R_xaOCooI-d6/invoices/1098/2298/En/Outstanding-Invoices&c=E,1,-uAU5TDC2VNzDO586vtOZaG8s7TZPSNrTDoA9aMWnMzRs_DIwaiZq5Beaxogd_txisAtC9dRndM5goyIQlAU5jXvf6ktwLHMoOtBLkabXxHxmEg_RJRAWds,&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113234/"
 "113233","2019-01-29 22:14:03","https://url.emailprotection.link/?aNq1wGX5So370OvUhhADJMiOyCD89r4JkItO2q70L11tl6QUW0c0xFvVCn4mo2YdDpWBhVdDyeJPOIc_5IPeOfw~~/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113233/"
 "113232","2019-01-29 21:20:02","http://80.87.197.123/ummydownload.exe","online","malware_download","exe, ursnif,AZORult","https://urlhaus.abuse.ch/url/113232/"
 "113231","2019-01-29 21:04:16","http://globalexporthouse.com/wp-content/themes/shop-isle/inc/customizer/class/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/113231/"
@@ -477,11 +941,11 @@
 "113209","2019-01-29 19:48:09","http://dfzm.91756.cn/plugin/iasetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113209/"
 "113208","2019-01-29 19:41:09","http://dfcf.91756.cn/plugin/iasetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113208/"
 "113207","2019-01-29 19:24:13","http://jmtc.91756.cn/plugin/iasetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113207/"
-"113206","2019-01-29 19:23:25","http://travourway.com/CmZyz_3YjE0-BFoq/QU/Clients/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113206/"
-"113205","2019-01-29 19:23:20","http://www.wadspay.com/ts/update.exe","online","malware_download","IcedID","https://urlhaus.abuse.ch/url/113205/"
-"113204","2019-01-29 19:23:15","http://www.mmefoundation.org/wp-content/themes/pridmag/ws/update.exe","online","malware_download","IcedID","https://urlhaus.abuse.ch/url/113204/"
+"113206","2019-01-29 19:23:25","http://travourway.com/CmZyz_3YjE0-BFoq/QU/Clients/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113206/"
+"113205","2019-01-29 19:23:20","http://www.wadspay.com/ts/update.exe","offline","malware_download","IcedID","https://urlhaus.abuse.ch/url/113205/"
+"113204","2019-01-29 19:23:15","http://www.mmefoundation.org/wp-content/themes/pridmag/ws/update.exe","offline","malware_download","IcedID","https://urlhaus.abuse.ch/url/113204/"
 "113203","2019-01-29 19:23:10","http://laborbar.ru/wp-content/themes/pridmag/ws/update.exe","offline","malware_download","IcedID","https://urlhaus.abuse.ch/url/113203/"
-"113202","2019-01-29 19:23:06","http://www.smartsavunma.com.tr/ts/update.exe","online","malware_download","IcedID","https://urlhaus.abuse.ch/url/113202/"
+"113202","2019-01-29 19:23:06","http://www.smartsavunma.com.tr/ts/update.exe","offline","malware_download","IcedID","https://urlhaus.abuse.ch/url/113202/"
 "113201","2019-01-29 19:10:13","http://batelco-bh.com/Wordpress/whe.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/113201/"
 "113200","2019-01-29 19:10:09","http://batelco-bh.com/Wordpress/vic.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/113200/"
 "113199","2019-01-29 19:09:59","http://batelco-bh.com/Wordpress/passy.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/113199/"
@@ -495,7 +959,7 @@
 "113191","2019-01-29 19:00:25","http://poli.videoingenieria.es/MUPeI-J6BG0_vhkvXH-qfJ/COMET/SIGNS/PAYMENT/NOTIFICATION/01/29/2019/US_us/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113191/"
 "113190","2019-01-29 19:00:22","http://weilu.org/XgfrM_8ezB-dwlCHB/jVk/Information/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113190/"
 "113189","2019-01-29 19:00:17","http://nepaliglobal.com/application/log/sCZC_OS-ZbHF/dg/Clients_Messages/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113189/"
-"113188","2019-01-29 19:00:14","http://caffemichelangelo.com/oqPjQ-en_sqnF-sk/5872997/SurveyQuestionsEn_us/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113188/"
+"113188","2019-01-29 19:00:14","http://caffemichelangelo.com/oqPjQ-en_sqnF-sk/5872997/SurveyQuestionsEn_us/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113188/"
 "113187","2019-01-29 19:00:11","http://babetrekkingtour.com/KPnC-pSk_nd-Lw0/Southwire/EOC355375735/En/Invoice-Corrections-for-27/96/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113187/"
 "113186","2019-01-29 19:00:06","http://attaqwapreneur.com/LJqq-dJ_xh-mz/Southwire/MUU676539181/En/Need-to-send-the-attachment/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113186/"
 "113185","2019-01-29 18:59:20","http://khoedepsang.vn/rkXJX_DN-zDyYveZqq/xa/Transactions/2019-01/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/113185/"
@@ -509,12 +973,12 @@
 "113177","2019-01-29 18:57:14","http://hitapradyo.com/TCsVI_Eo-XBomMnKK/xnR/Transactions/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/113177/"
 "113176","2019-01-29 18:57:11","http://bashtea.com/tgdO-Tv1_DqDwM-1P/InvoiceCodeChanges/En_us/New-order/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/113176/"
 "113175","2019-01-29 18:57:05","http://aviwulandari.com/uyzN_vQwV-GdLUtmj/wOq/Documents/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113175/"
-"113173","2019-01-29 18:55:25","http://backpacker.view-indonesia.com/EYWe_uBSQU-fi/ky7/Clients_transactions/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113173/"
+"113173","2019-01-29 18:55:25","http://backpacker.view-indonesia.com/EYWe_uBSQU-fi/ky7/Clients_transactions/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113173/"
 "113174","2019-01-29 18:55:25","http://x.jmxded153.net/y.z?l=http%3a%2f%2fshivmotor.com%2fNMVA-SVa_XGhzimAE-gtc%2f49390%2fSurveyQuestionsUS_us%2fSales-Invoice&r=11943112279&d=271873&p=1&t=h/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/113174/"
 "113172","2019-01-29 18:55:22","http://authenticity.id/Nees_9to-FznivI/Pq/Payment_details/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113172/"
 "113171","2019-01-29 18:55:17","http://software.sathome.org/DAzeU_B6N9-eDQmOEij/ldJ/Transactions/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113171/"
-"113170","2019-01-29 18:55:15","http://domainflying.com/Ezhd_rAk-SSI/Xk/Clients/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113170/"
-"113169","2019-01-29 18:55:12","http://fr.buzzimag.com/cDFKb_t4oAf-mrA/6B3/Information/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113169/"
+"113170","2019-01-29 18:55:15","http://domainflying.com/Ezhd_rAk-SSI/Xk/Clients/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113170/"
+"113169","2019-01-29 18:55:12","http://fr.buzzimag.com/cDFKb_t4oAf-mrA/6B3/Information/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113169/"
 "113168","2019-01-29 18:55:08","http://myracc.com/YcKe_lBGYi-RGToXv/nS/Messages/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113168/"
 "113167","2019-01-29 18:55:05","http://tbadool.com/fZNn_bnpvc-BUq/F6A/Information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113167/"
 "113166","2019-01-29 18:38:18","http://czsl.91756.cn/plugin/iasetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113166/"
@@ -537,8 +1001,8 @@
 "113149","2019-01-29 18:25:09","http://165.227.36.38:80/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113149/"
 "113148","2019-01-29 18:25:08","http://165.227.36.38:80/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113148/"
 "113147","2019-01-29 18:25:07","http://165.227.36.38/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113147/"
-"113146","2019-01-29 18:25:06","http://promocja.iwnirz.pl/AUpM_mSj-RG/ju/Clients_information/2019-01/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113146/"
-"113145","2019-01-29 18:25:05","http://thuysinhlongthanh.com/wyVwP_zL-xNwRntaK/L0o/Attachments/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113145/"
+"113146","2019-01-29 18:25:06","http://promocja.iwnirz.pl/AUpM_mSj-RG/ju/Clients_information/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113146/"
+"113145","2019-01-29 18:25:05","http://thuysinhlongthanh.com/wyVwP_zL-xNwRntaK/L0o/Attachments/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113145/"
 "113144","2019-01-29 18:24:06","http://165.227.36.38/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113144/"
 "113143","2019-01-29 18:24:05","http://165.227.36.38:80/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113143/"
 "113142","2019-01-29 18:24:04","http://165.227.36.38/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113142/"
@@ -568,25 +1032,25 @@
 "113118","2019-01-29 17:20:18","http://likino.com/bolOP1vO8/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113118/"
 "113117","2019-01-29 17:20:10","http://pioneerhometution.com/5yC6663Mp/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113117/"
 "113116","2019-01-29 17:20:08","http://dolibarr.ph-prod.com/LIjJChqbe/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113116/"
-"113115","2019-01-29 17:20:07","http://korvital.com/4IAgICJ5/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113115/"
-"113114","2019-01-29 17:20:04","http://miamifloridainvestigator.com/ErpKgzfU/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/113114/"
-"113113","2019-01-29 17:16:46","http://frostime.net/HFtCV_pYFP0-KzpMjW/svB/Clients_information/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113113/"
+"113115","2019-01-29 17:20:07","http://korvital.com/4IAgICJ5/","offline","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/113115/"
+"113114","2019-01-29 17:20:04","http://miamifloridainvestigator.com/ErpKgzfU/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/113114/"
+"113113","2019-01-29 17:16:46","http://frostime.net/HFtCV_pYFP0-KzpMjW/svB/Clients_information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113113/"
 "113112","2019-01-29 17:16:39","http://maheswaritourandtravel.com/wLHqC_oS-hPmCdlIdu/oi/Documents/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113112/"
 "113111","2019-01-29 17:16:34","http://aolpunjab.org/GRZZ_dBv-NKkr/SQM/Clients_information/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113111/"
-"113110","2019-01-29 17:16:30","http://ebabi.fun/Dhqd_Qbv1-cDPhfYXC/LjA/Clients_information/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113110/"
+"113110","2019-01-29 17:16:30","http://ebabi.fun/Dhqd_Qbv1-cDPhfYXC/LjA/Clients_information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113110/"
 "113109","2019-01-29 17:16:19","http://projectaisha.com/YLLwK_LvDd-UZQA/5aG/Clients_information/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113109/"
 "113108","2019-01-29 17:16:16","http://carspy24.com/fUJEb-gFQ_JcpoXcw-qwF/Inv/52424345995/En_us/Past-Due-Invoices/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113108/"
 "113105","2019-01-29 17:10:15","http://landglobaltrip.com/wp-content/uploads/Ct7RmUgZ2CtBS0_2OlCwM10Y/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113105/"
 "113104","2019-01-29 17:10:10","http://evaproekt.ru/fxva2GvvPr31Y7o5T/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113104/"
 "113103","2019-01-29 17:10:08","http://mirattrakcionov.kz/txeH5NCYL/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113103/"
 "113102","2019-01-29 17:10:04","http://amelyy.thememove.com/CWEsAqeReO122gZz_6sPH55mEx/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/113102/"
-"113101","2019-01-29 17:06:14","http://cp.tayedi.com/VBvv-gEFX_a-wop/Southwire/FKN720905614/EN_en/Paid-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113101/"
+"113101","2019-01-29 17:06:14","http://cp.tayedi.com/VBvv-gEFX_a-wop/Southwire/FKN720905614/EN_en/Paid-Invoice/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113101/"
 "113100","2019-01-29 17:06:11","http://206.189.68.184/bPsL-q3Z_MQ-FCI/TK55/invoicing/EN_en/Companies-Invoice-4754491/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113100/"
 "113099","2019-01-29 17:06:10","http://gjsdiscos.org.uk/xZAw-Rbzn0_CEig-dQ/INV/946819FORPO/65837795454/EN_en/Invoice-for-x/q-01/29/2019/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113099/"
 "113098","2019-01-29 17:06:09","http://maximcom.in/dtVSy-Sxf3D_pgLCAR-01U/OQ33/invoicing/En_us/Inv-02056-PO-5Q971975/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113098/"
 "113097","2019-01-29 17:06:05","http://markbit.io/VfSm-2nZz_s-jA/EXT/PaymentStatus/US/Invoice-6939803/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113097/"
 "113096","2019-01-29 17:03:03","http://109.169.89.4/job/job.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/113096/"
-"113095","2019-01-29 17:02:02","http://salongolenarges.ir/urEO_Gj9-Ze/hsk/Clients_information/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/113095/"
+"113095","2019-01-29 17:02:02","http://salongolenarges.ir/urEO_Gj9-Ze/hsk/Clients_information/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113095/"
 "113094","2019-01-29 16:50:10","http://dawaphoto.co.kr/software/HANAPHOTO.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113094/"
 "113093","2019-01-29 16:49:09","http://dawaphoto.co.kr/software/DAWAPHOTOBB.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113093/"
 "113092","2019-01-29 16:48:03","http://165.227.36.38:80/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113092/"
@@ -627,7 +1091,7 @@
 "113058","2019-01-29 16:32:33","http://rizproduction.online/wIPC_0dq1G-hNOsOe/Lh/Payments/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113058/"
 "113056","2019-01-29 16:32:32","http://alquilaauto.cl/bkXQp-w8yX_AbPFDLL-NAy/PaymentStatus/EN_en/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113056/"
 "113055","2019-01-29 16:32:28","http://allens.youcheckit.ca/bgXI-mY5Xg_gtPiHsnUC-Pb/invoices/99995/2336/En/Past-Due-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113055/"
-"113054","2019-01-29 16:32:27","http://pay.hudavaqt.com/RBsmJ_Xh-VlNUvWFJF/Rg/Messages/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113054/"
+"113054","2019-01-29 16:32:27","http://pay.hudavaqt.com/RBsmJ_Xh-VlNUvWFJF/Rg/Messages/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113054/"
 "113053","2019-01-29 16:32:25","http://afivesusu.com/shmu-kN9b_MnRnEGE-e7u/I575/invoicing/US_us/Service-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/113053/"
 "113052","2019-01-29 16:32:24","http://onk-motocross.nl/gAbwk_X0-aqstm/cl/Information/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113052/"
 "113051","2019-01-29 16:32:23","http://mcno.kz/YXbt_VE-aObx/2FA/Transactions/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113051/"
@@ -637,7 +1101,7 @@
 "113047","2019-01-29 16:32:10","http://diagnosticosdevibracion.com/CTWhv_tAuJr-gOQCCudSG/oj/Transactions/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113047/"
 "113046","2019-01-29 16:32:09","http://ciperdy.com/wp-content/gyCG_kHv-eW/FoX/Payments/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113046/"
 "113045","2019-01-29 16:32:05","http://celadoncity.sandiaocviet.com/YAxQj_xl0-hoTV/Ktx/Information/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113045/"
-"113044","2019-01-29 16:31:10","http://bwspragueconsultingservices.com/qLSF_IHo4m-QoMYB/bly/Clients_transactions/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113044/"
+"113044","2019-01-29 16:31:10","http://bwspragueconsultingservices.com/qLSF_IHo4m-QoMYB/bly/Clients_transactions/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113044/"
 "113043","2019-01-29 16:31:08","http://bucharest-independent-escort.com/cdXRd_GwP8A-XPyDc/v2K/Clients_information/012019/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113043/"
 "113042","2019-01-29 16:31:07","http://avlchemicals.com/ENYXA_dK3-IZFUUu/Ko/Messages/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113042/"
 "113041","2019-01-29 16:31:05","http://alexxrvra.com/dKDWJ_bmd5E-RCRSAs/Ib0/Transactions/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/113041/"
@@ -654,7 +1118,7 @@
 "113030","2019-01-29 16:10:05","http://www.shrikailashlogicity.in/55.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113030/"
 "113029","2019-01-29 16:09:01","https://files.dropmybin.me/jgccbb.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/113029/"
 "113028","2019-01-29 16:09:01","https://files.dropmybin.me/xykoik.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/113028/"
-"113027","2019-01-29 16:07:03","http://villakaffeebohne.com/scripts/_notes/qwdqdqsadgsdfsf.rar","online","malware_download","Dridex,Encoded,Task","https://urlhaus.abuse.ch/url/113027/"
+"113027","2019-01-29 16:07:03","http://villakaffeebohne.com/scripts/_notes/qwdqdqsadgsdfsf.rar","offline","malware_download","Dridex,Encoded,Task","https://urlhaus.abuse.ch/url/113027/"
 "113026","2019-01-29 16:02:03","http://powerfm.gr/TurkishAir.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/113026/"
 "113025","2019-01-29 15:56:03","http://194.147.35.54/ankit/os.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113025/"
 "113024","2019-01-29 15:47:02","http://greenterminal.nl/ZWjsI_Ly2-K/KD7/Documents/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113024/"
@@ -677,7 +1141,6 @@
 "113007","2019-01-29 15:03:08","https://my.mixtape.moe/vartac.jpg","offline","malware_download","Formbook","https://urlhaus.abuse.ch/url/113007/"
 "113006","2019-01-29 15:03:05","http://shop.theirishlinenstore.com/bino.png","online","malware_download","Formbook","https://urlhaus.abuse.ch/url/113006/"
 "113005","2019-01-29 14:55:32","http://kozaimarinsaat.com/TLEXF-tCM_IZCTG-m4/Ref/3480519939En_us/Paid-Invoice-Credit-Card-Receipt/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113005/"
-"113004","2019-01-29 14:55:31","http://email.marmodesign-trade.com/wf/click?upn=2ANo3lmiG84Fpd1pP2wjg7kpLD8CsT3Hj0T5ypRvvixTMOSJt6BRdnEdaj8u8dZdi5mKXIjQaDpIlRur4MF4Lf1mGGCmiRvxokFizww4e0cutn-2FDf-2By-2BHmVS23u-2BDafTWEQSTyR3oHh9ePgPNerOQA-3D-3D_HDu-2BON2WuckNVJ2U1s3AlLFRI7A8VRVfygrZPxOjyLQBQ-2BKeMfaAyYWZppxWYcW6XXR-2FZ4-2FYHF2J-2B05hDR5Qmr6yTCfrOFcu92WuqVR4s2h5GPtGO2Pzti4yuzY71N8rTBteDyLfx2h5mR5eZ5NRzO1n-2F14jgRnlaHC6-2BJPhfNJXQN45WYwrYM5AJR-2BbFE4E3TDHRUffKtUTJk7pj-2FjkjryJj8o1czoW3LO-2F07DA8TY-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113004/"
 "113003","2019-01-29 14:55:30","http://test.veddhama.com/IKFl_qLy-QJyXqkP/zsW/Payment_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113003/"
 "113002","2019-01-29 14:55:27","http://gagandevelopers.com/uyea_KEUXr-OCipjWa/IKq/Clients/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113002/"
 "113001","2019-01-29 14:55:24","http://mostkuafor.com/XIYq_tfI-iXr/Nr/Attachments/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113001/"
@@ -698,7 +1161,7 @@
 "112986","2019-01-29 14:46:03","https://uc59f2436825d3a31cdd9f379cca.dl.dropboxusercontent.com/cd/0/get/AaWOGe1hHj489ui5zIc8cHnButFq3H0YBlZyaveZ3kAO_QHOJK7-6jArVIWJIJQDDIIS07LZA17T74KdAi1qUvRqE1y6nUj09dFfVpAju7hA2Q/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/112986/"
 "112985","2019-01-29 14:36:31","https://myboysand.me/wp-content/ai1wm-backups/messg.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112985/"
 "112984","2019-01-29 14:36:28","http://www.scotts-grotto.org/packages/asmiller_gallery/blocks/asmiller_gallery/templates/default/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112984/"
-"112983","2019-01-29 14:36:26","https://kasutwakai.com/admin/controller/catalog/messg.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112983/"
+"112983","2019-01-29 14:36:26","https://kasutwakai.com/admin/controller/catalog/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112983/"
 "112982","2019-01-29 14:36:21","https://the-bombay-summit.000webhostapp.com/wp-content/themes/llorix-one-lite/fonts/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112982/"
 "112981","2019-01-29 14:36:18","http://stonescrossing.com/wp-content/themes/stones-crossing/assets/css/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112981/"
 "112980","2019-01-29 14:36:15","https://kokoon.co.uk/wp-content/themes/kokoon/css/fonts/bebasneue/messg.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112980/"
@@ -708,7 +1171,7 @@
 "112976","2019-01-29 14:22:04","https://www.dropbox.com/s/q64ulp70zo7c8j6/New%20PO_output4065E50.doc.z?dl=1","online","malware_download","zip","https://urlhaus.abuse.ch/url/112976/"
 "112975","2019-01-29 14:17:03","http://foulturrin.com/siu_d16e-2cf/i28_stream.php?l=xotpoez5.relink","offline","malware_download","Gozi,USA,CAN,geofenced,exe","https://urlhaus.abuse.ch/url/112975/"
 "112974","2019-01-29 14:17:02","http://hysthrolot.com/siu_d16e-2cf/i28_stream.php?l=xotpoez2.relink","offline","malware_download","Gozi,USA,CAN,geofenced,exe","https://urlhaus.abuse.ch/url/112974/"
-"112971","2019-01-29 13:58:27","http://xxxxlk.com/YWpVk-GvD_IYRUTpF-C48/Invoice/26036534/EN_en/Invoices-Overdue/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112971/"
+"112971","2019-01-29 13:58:27","http://xxxxlk.com/YWpVk-GvD_IYRUTpF-C48/Invoice/26036534/EN_en/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112971/"
 "112970","2019-01-29 13:58:24","http://www.topstick.co.kr/wp-content/uploads/HBgM-Z5g_X-iy0/INV/08511FORPO/4598477039/EN_en/New-order/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112970/"
 "112969","2019-01-29 13:58:20","http://www.livingbranchanimalsciences.com/xPRw-WuwZ_KHEyo-9Dy/invoices/19221/1926/EN_en/Document-needed/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112969/"
 "112968","2019-01-29 13:58:19","http://www.kcstv.si/wp-content/uploads/Mhvg-Yj4en_DLEAcRON-s7/invoices/33794/8939/En_us/Sales-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112968/"
@@ -723,13 +1186,13 @@
 "112959","2019-01-29 13:58:00","http://nanodigestmag.com/De_de/OVVCWPO0725313/de/DETAILS/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112959/"
 "112958","2019-01-29 13:57:58","http://markfathers.com/De/KNHMWYUEPD9098242/de/DETAILS/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112958/"
 "112957","2019-01-29 13:57:56","http://lrservice.com.ua/wp-includes/HKTISBM6445447/Rechnungs/DETAILS/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112957/"
-"112956","2019-01-29 13:57:55","http://locarx.dev4you.net/jYJch-uEy_k-L6/ACH/PaymentInfo/EN_en/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112956/"
+"112956","2019-01-29 13:57:55","http://locarx.dev4you.net/jYJch-uEy_k-L6/ACH/PaymentInfo/EN_en/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112956/"
 "112955","2019-01-29 13:57:54","http://lltq.info/ITVVUDT7513625/DE_de/Hilfestellung/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/112955/"
 "112954","2019-01-29 13:57:53","http://littleangelkop.in/de_DE/HTNWVWHH3176377/Dokumente/Rechnungsanschrift/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112954/"
 "112953","2019-01-29 13:57:51","http://liitgroup.co.za/osro-qS_NeLHV-Pr/PaymentStatus/En_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/112953/"
 "112952","2019-01-29 13:57:20","http://lesprivatzenith.com/LCQVYF7148610/Rechnungs/RECHNUNG/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112952/"
-"112951","2019-01-29 13:57:18","http://kyty810.com/wp/wp-content/uploads/RSXQSYSQQZ1830630/Rechnungskorrektur/Rechnungszahlung/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112951/"
-"112950","2019-01-29 13:57:17","http://kinginfogamer.com/de_DE/JGQQHIL7359455/Rechnungs/Rechnungszahlung/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112950/"
+"112951","2019-01-29 13:57:18","http://kyty810.com/wp/wp-content/uploads/RSXQSYSQQZ1830630/Rechnungskorrektur/Rechnungszahlung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112951/"
+"112950","2019-01-29 13:57:17","http://kinginfogamer.com/de_DE/JGQQHIL7359455/Rechnungs/Rechnungszahlung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112950/"
 "112949","2019-01-29 13:57:16","http://jaydipchowdharyblog.com/DE/GJDMXIRUA7806046/Dokumente/Fakturierung/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/112949/"
 "112948","2019-01-29 13:57:15","http://innoohvation.com/VTmz-43hW6_RSwbVpPlQ-Kkr/38589/SurveyQuestionsEn/Invoice-67384572-January/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112948/"
 "112947","2019-01-29 13:57:14","http://hourofcode.cn/vNYSw-CbL9S_UgPbnPbi-Rcm/En/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112947/"
@@ -793,10 +1256,10 @@
 "112889","2019-01-29 12:55:37","http://mhni.xyz/OofZ0m8/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112889/"
 "112888","2019-01-29 12:55:26","http://lar.biz/zlEUch3D/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112888/"
 "112887","2019-01-29 12:55:12","http://privateinvestigatorbroward.com/MG2E1q8KC/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112887/"
-"112886","2019-01-29 12:55:08","http://mncprojects.com/qyICGbxbB/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112886/"
+"112886","2019-01-29 12:55:08","http://mncprojects.com/qyICGbxbB/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/112886/"
 "112885","2019-01-29 12:51:48","http://davisjkane.com/Transaktion/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/112885/"
 "112884","2019-01-29 12:51:44","http://biroekon.sumutprov.go.id/Rechnung/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112884/"
-"112883","2019-01-29 12:51:38","http://ngoshakarpura.online/Rechnung/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112883/"
+"112883","2019-01-29 12:51:38","http://ngoshakarpura.online/Rechnung/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112883/"
 "112882","2019-01-29 12:51:35","http://disgruntledbadger.com/Rechnungen/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/112882/"
 "112881","2019-01-29 12:51:26","http://dailydemand.in/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112881/"
 "112880","2019-01-29 12:51:23","http://www.citrajatiagung.com/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112880/"
@@ -809,7 +1272,7 @@
 "112873","2019-01-29 12:11:20","http://belyi.ug/t.exe","online","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/112873/"
 "112872","2019-01-29 12:11:10","http://belyi.ug/us.exe","online","malware_download","exe,AZORult,tinynuke","https://urlhaus.abuse.ch/url/112872/"
 "112871","2019-01-29 12:09:32","https://sportverein-kleinwalsertal.at/templates/shaper_helix3/css/presets/ssj.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112871/"
-"112870","2019-01-29 12:09:30","https://takhnit.co.il/components/com_ajax/ssj.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112870/"
+"112870","2019-01-29 12:09:30","https://takhnit.co.il/components/com_ajax/ssj.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112870/"
 "112869","2019-01-29 12:09:24","https://podologoalicante.com.es/css/icons/demo-files/ssj.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112869/"
 "112868","2019-01-29 12:09:16","http://demo.pentasi.net/app-surveypenta-old/storage/logs/Rechnungen/01_19/","offline","malware_download","None","https://urlhaus.abuse.ch/url/112868/"
 "112867","2019-01-29 12:09:10","http://185.101.105.164/bins/daku.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112867/"
@@ -841,9 +1304,9 @@
 "112841","2019-01-29 10:56:07","http://artistan.net/De_de/MQYCCIQDY8240687/Rechnung/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112841/"
 "112840","2019-01-29 10:56:04","http://daleroxas.com/dImUE-tVv_d-nb/PaymentStatus/US_us/Scan/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112840/"
 "112839","2019-01-29 10:56:00","http://ec2-35-180-41-210.eu-west-3.compute.amazonaws.com/DE_de/SFRIBWUZ0307607/Scan/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112839/"
-"112838","2019-01-29 10:55:57","http://ielts-india.in/De_de/UCJZSOM2395243/DE/DOC/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112838/"
+"112838","2019-01-29 10:55:57","http://ielts-india.in/De_de/UCJZSOM2395243/DE/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112838/"
 "112837","2019-01-29 10:55:55","http://bellink.by/CHONPJRUQ2064232/Rech/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112837/"
-"112836","2019-01-29 10:55:48","http://photomoura.ir/Januar2019/IISNSSGJ9829326/Rechnungskorrektur/RECH/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112836/"
+"112836","2019-01-29 10:55:48","http://photomoura.ir/Januar2019/IISNSSGJ9829326/Rechnungskorrektur/RECH/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112836/"
 "112835","2019-01-29 10:55:44","http://ski-rm.y0.pl/De/PRJSNSWKBE2397881/Rechnung/RECH/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112835/"
 "112834","2019-01-29 10:55:38","http://rajamritha.com/QZXLZZNWC0338141/Rechnungs/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112834/"
 "112833","2019-01-29 10:55:34","http://basarilisunum.com/wp-includes/Rechnungs/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112833/"
@@ -857,10 +1320,10 @@
 "112825","2019-01-29 10:37:10","http://sm.fq520000.com:443/by.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112825/"
 "112824","2019-01-29 10:35:08","http://cosmocolordip.com/npmiw5ld/Transaktion/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112824/"
 "112823","2019-01-29 10:28:59","http://karamba.pw/thrUPD.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112823/"
-"112822","2019-01-29 10:23:09","http://hairpd.com/stat/stip.exe","online","malware_download","gootkit,CAN,Task","https://urlhaus.abuse.ch/url/112822/"
+"112822","2019-01-29 10:23:09","http://hairpd.com/stat/stip.exe","offline","malware_download","gootkit,CAN,Task","https://urlhaus.abuse.ch/url/112822/"
 "112821","2019-01-29 10:05:16","http://amthanhanhsangtheanh.com/wp-content/uploads/Rechnung/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112821/"
 "112820","2019-01-29 10:05:08","http://benimax.com.br/Rechnungen/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112820/"
-"112819","2019-01-29 10:03:11","http://tirnotrade.com/bytin/gvive.exe","online","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/112819/"
+"112819","2019-01-29 10:03:11","http://tirnotrade.com/bytin/gvive.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/112819/"
 "112818","2019-01-29 09:48:07","http://thiagoconcer.com.br/GST%20Tax.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/112818/"
 "112817","2019-01-29 09:42:32","http://usa-market.org/wp-content/themes/emarket/templates/presets/massg.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112817/"
 "112816","2019-01-29 09:42:24","http://taxispalamos.es/blogs/media/massg.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112816/"
@@ -920,7 +1383,7 @@
 "112761","2019-01-29 08:40:09","http://daleroxas.com/dImUE-tVv_d-nb/PaymentStatus/US=/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112761/"
 "112760","2019-01-29 08:40:03","http://vipcatering.lt/Phaq-Ypt_rraDYYr-Cc/INVOICE/9942/OVERPAYMEN=/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112760/"
 "112759","2019-01-29 08:40:00","http://vipcatering.lt/Phaq-Ypt_rraDYYr-Cc/INVOICE/9942/OVERPAYMENT/En_us/In=/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112759/"
-"112758","2019-01-29 08:39:56","http://pmpclasses.net/KmRZz-Pu_FeZzAHFl-XbY/COMET/SIGNS/PAYMENT/NOTIFICATION/01/29/2019/En_us/Invoice/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112758/"
+"112758","2019-01-29 08:39:56","http://pmpclasses.net/KmRZz-Pu_FeZzAHFl-XbY/COMET/SIGNS/PAYMENT/NOTIFICATION/01/29/2019/En_us/Invoice/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112758/"
 "112757","2019-01-29 08:39:53","http://cse.com.ge/RUaH-ghrW_hBlRNRwz-2r1/Ref/66652989En/Sales-Invoice/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112757/"
 "112756","2019-01-29 08:39:49","http://207.180.213.67/wp-content/Clients_information/2019-01//","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112756/"
 "112755","2019-01-29 08:39:49","http://xn--n8jubwa3apfa1b1h1gq597d.xyz/sNlw-ju97_B-JV/G82/invoicing/US/Overdue-payment/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112755/"
@@ -930,14 +1393,14 @@
 "112751","2019-01-29 08:39:35","http://web113.s152.goserver.host/FmsBK-f2jt_Tf-Oey/COMET/SIGNS/PAYMENT/NOTIFICATION/01/26/2019/En_us/8-Past-Due-Invoices/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112751/"
 "112750","2019-01-29 08:39:33","http://nightonline.ru/images/WxOF-XbCd2_CbFEO-ZP4/EXT/PaymentStatus/EN_en/Invoice-Number-992023//","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112750/"
 "112749","2019-01-29 08:39:32","http://k.iepedacitodecielo.edu.co/Vodafone/DE/Rechnungen/012019//","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112749/"
-"112748","2019-01-29 08:39:31","http://nigeriafasbmbcongress.futminna.edu.ng/fEVJX-YjNHu_qsnxBKO-AQ/Southwire/WJG5280046228/EN_en/Invoices-attached/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112748/"
+"112748","2019-01-29 08:39:31","http://nigeriafasbmbcongress.futminna.edu.ng/fEVJX-YjNHu_qsnxBKO-AQ/Southwire/WJG5280046228/EN_en/Invoices-attached/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112748/"
 "112747","2019-01-29 08:39:27","http://103.254.86.219/rdfcrm/custom/history/vJFmtKUqgWcBr//","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112747/"
 "112746","2019-01-29 08:39:06","http://kamelot.marketing-pr.biz/ql7XeiqG28//","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112746/"
 "112745","2019-01-29 08:39:04","http://accountamatic.net/XVRY-d9_DmgJNlry-uCK/INVOICE/04075/OVERPAYMENT/En/Need-to-send-the-attachment/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112745/"
 "112744","2019-01-29 08:38:59","http://olapixels.com/NshtV-Q5_QyPdfCdT-Nul/INV/43673FORPO/98943916653/US_us/Inv-687269-PO-0J586891/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112744/"
 "112743","2019-01-29 08:38:56","http://berani.or.id/dLZGS-aIqN_tvaUxjc-7t9/EXT/PaymentStatus/EN_en/Question/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112743/"
 "112742","2019-01-29 08:38:50","http://ybhkdy.cf/ZFpMi-YVa_MyiTVlNM-2PD/INVOICE/EN_en/Outstanding-Invoices/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112742/"
-"112741","2019-01-29 08:38:37","http://kosarhaber.com/NGnUo-byRf_EhwjlWECj-XqC/EXT/PaymentStatus/US/Question/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112741/"
+"112741","2019-01-29 08:38:37","http://kosarhaber.com/NGnUo-byRf_EhwjlWECj-XqC/EXT/PaymentStatus/US/Question/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112741/"
 "112740","2019-01-29 08:38:05","http://184.72.117.84/wordpress/gJgHx-RlwWm_YinSeua-3EQ/ACH/PaymentAdvice/EN_en/Paid-Invoice-Credit-Card-Receipt/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112740/"
 "112739","2019-01-29 08:37:12","http://hiperbikes.com.mx/ijreQ-LL_bPUXL-9n/EN_en/Paid-Invoices/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112739/"
 "112738","2019-01-29 08:37:06","http://shlifovka.by/Vodafone/DE/RechnungOnline/012019","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112738/"
@@ -946,10 +1409,10 @@
 "112735","2019-01-29 08:31:04","http://46.29.167.240/earyzq","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/112735/"
 "112734","2019-01-29 08:28:05","http://46.29.167.240/atxhua","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/112734/"
 "112733","2019-01-29 08:26:03","http://46.29.167.240/vvglma","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/112733/"
-"112732","2019-01-29 08:25:37","http://www.housesittingreference.com/FDPiAA10q8/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112732/"
+"112732","2019-01-29 08:25:37","http://www.housesittingreference.com/FDPiAA10q8/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/112732/"
 "112731","2019-01-29 08:25:28","http://impresainsights.com/I9JqmxlH/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112731/"
 "112730","2019-01-29 08:25:22","http://hialeahprivateinvestigators.com/2H285fo3/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112730/"
-"112729","2019-01-29 08:25:17","http://www.drivingwitharrow.com/gdU454g26/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112729/"
+"112729","2019-01-29 08:25:17","http://www.drivingwitharrow.com/gdU454g26/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/112729/"
 "112728","2019-01-29 08:25:10","http://www.kheiriehsalehin.com/Mpsb3J4/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112728/"
 "112727","2019-01-29 08:25:06","http://46.29.167.240/cemtop","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/112727/"
 "112726","2019-01-29 08:25:03","http://46.29.167.240/lnkfmx","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/112726/"
@@ -970,18 +1433,18 @@
 "112711","2019-01-29 07:55:10","https://files.dropmybin.me/kccdie.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112711/"
 "112710","2019-01-29 07:55:06","https://files.dropmybin.me/ravdet.hta","offline","malware_download","hta,downloader","https://urlhaus.abuse.ch/url/112710/"
 "112709","2019-01-29 07:15:24","http://157.230.209.246/telnetd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112709/"
-"112708","2019-01-29 07:15:22","http://157.230.209.246/apache2","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112708/"
-"112707","2019-01-29 07:15:20","http://157.230.209.246/nut","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112707/"
-"112706","2019-01-29 07:15:17","http://157.230.209.246/sh","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112706/"
-"112705","2019-01-29 07:15:14","http://157.230.209.246/pftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112705/"
-"112704","2019-01-29 07:15:12","http://157.230.209.246/ftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112704/"
-"112703","2019-01-29 07:15:10","http://157.230.209.246/cron","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112703/"
-"112702","2019-01-29 07:15:08","http://157.230.209.246/wget","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112702/"
-"112701","2019-01-29 07:15:06","http://157.230.209.246/tftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112701/"
-"112700","2019-01-29 07:15:03","http://157.230.209.246/bash","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112700/"
-"112699","2019-01-29 07:15:00","http://157.230.209.246/openssh","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112699/"
-"112698","2019-01-29 07:14:58","http://157.230.209.246/sshd","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112698/"
-"112697","2019-01-29 07:14:55","http://157.230.209.246/ntpd","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112697/"
+"112708","2019-01-29 07:15:22","http://157.230.209.246/apache2","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112708/"
+"112707","2019-01-29 07:15:20","http://157.230.209.246/nut","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112707/"
+"112706","2019-01-29 07:15:17","http://157.230.209.246/sh","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112706/"
+"112705","2019-01-29 07:15:14","http://157.230.209.246/pftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112705/"
+"112704","2019-01-29 07:15:12","http://157.230.209.246/ftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112704/"
+"112703","2019-01-29 07:15:10","http://157.230.209.246/cron","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112703/"
+"112702","2019-01-29 07:15:08","http://157.230.209.246/wget","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112702/"
+"112701","2019-01-29 07:15:06","http://157.230.209.246/tftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112701/"
+"112700","2019-01-29 07:15:03","http://157.230.209.246/bash","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112700/"
+"112699","2019-01-29 07:15:00","http://157.230.209.246/openssh","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112699/"
+"112698","2019-01-29 07:14:58","http://157.230.209.246/sshd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112698/"
+"112697","2019-01-29 07:14:55","http://157.230.209.246/ntpd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112697/"
 "112696","2019-01-29 07:14:50","http://209.141.50.57/telnetd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112696/"
 "112695","2019-01-29 07:14:49","http://209.141.50.57/apache2","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112695/"
 "112694","2019-01-29 07:14:46","http://209.141.50.57/nut","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/112694/"
@@ -1177,14 +1640,12 @@
 "112504","2019-01-28 23:24:09","http://campeonatodemaquiagem.com.br/Ixxj-y33P_yhpPDSiHq-hQ/InvoiceCodeChanges/En/Invoices-attached/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112504/"
 "112503","2019-01-28 23:23:32","http://download.security.baidu.co.th/softmgr/C9_Thailand_Downloader_1.062.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112503/"
 "112502","2019-01-28 23:08:10","https://my.mixtape.moe/chhsmy.htaa","offline","malware_download","Formbook,hta,stage2","https://urlhaus.abuse.ch/url/112502/"
-"112501","2019-01-28 23:04:04","https://linkprotect.cudasvc.com/url?a=http://www.devitforward.com/oHMG-YW_k-DP1/invoices/35953/32140/En/Overdue-payment&c=E12K81ivlRwJEbGHWz5rkuD4zz45zc649JANxiM_g_N6XT-ygijWKStfF5G7EOXE6S9bHU9Ikp-E6BhOshhH7G5ucJprdtouSNTovHCKACA3t6OQ3UJ103oyc&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/112501/"
 "112500","2019-01-28 23:02:09","http://www.pesei.it/old/joiyk.jpg","online","malware_download","smoke,Loader,stage2,Smoke Loader","https://urlhaus.abuse.ch/url/112500/"
 "112499","2019-01-28 22:58:09","http://acor.cz/acor/files/f9/diskfrag.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112499/"
-"112498","2019-01-28 22:55:05","https://linkprotect.cudasvc.com/url?a=http://www.devitforward.com/oHMG-YW_k-DP1/invoices/35953/32140/En/Overdue-payment&c=E,1,2K81ivlRwJEbGHWz5rkuD4zz45zc649JANxiM_g_N6XT-ygijWKStfF5G7EOXE6S9bHU9Ikp-E6BhOshhH7G5ucJprdtouSNTovHCKACA3t6OQ3UJ103oyc,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/112498/"
 "112497","2019-01-28 22:47:47","http://zizzy.eu/rFmwe-2SE_IA-QZ/COMET/SIGNS/PAYMENT/NOTIFICATION/01/29/2019/En/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112497/"
 "112496","2019-01-28 22:47:44","http://www.paulownia-online.ro/VHlX-8C7_yG-Xo/Invoice/264120211/EN_en/Companies-Invoice-55672640/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112496/"
-"112495","2019-01-28 22:47:39","http://www.fyo.com/wp-content/uploads/vTFC-xx_uhnS-s8/V75/invoicing/En_us/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112495/"
-"112494","2019-01-28 22:47:31","http://view-indonesia.com/bVoqy-yxTn_jan-xu/Inv/87272621414/En_us/739-39-182432-089-739-39-182432-807/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112494/"
+"112495","2019-01-28 22:47:39","http://www.fyo.com/wp-content/uploads/vTFC-xx_uhnS-s8/V75/invoicing/En_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112495/"
+"112494","2019-01-28 22:47:31","http://view-indonesia.com/bVoqy-yxTn_jan-xu/Inv/87272621414/En_us/739-39-182432-089-739-39-182432-807/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112494/"
 "112493","2019-01-28 22:47:27","http://truongtaynama.edu.vn/dyhW-n44e6_i-ox/COMET/SIGNS/PAYMENT/NOTIFICATION/01/29/2019/En_us/Question/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112493/"
 "112492","2019-01-28 22:47:21","http://teknikakuten.com/lhlN-jeTpj_El-1DE/invoices/6023/30895/EN_en/6-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112492/"
 "112491","2019-01-28 22:47:14","http://stonerholidays.com/AXITK-OvFmm_zWiYddo-En/Ref/77641969EN_en/Important-Please-Read/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112491/"
@@ -1199,7 +1660,7 @@
 "112482","2019-01-28 22:46:19","http://environglobalstaging.co.za/vbsW-1YE_rsCtBvEmv-aXi/INVOICE/5158/OVERPAYMENT/US/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112482/"
 "112481","2019-01-28 22:46:13","http://cbfund.io/DYBNy-1c_IMrbWd-zB/InvoiceCodeChanges/EN_en/Need-to-send-the-attachment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112481/"
 "112480","2019-01-28 22:46:08","http://carolineredaction.fr/DLxTU-uQs_XLiy-fTb/Southwire/MZP9246709562/En_us/Invoice-55318384/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112480/"
-"112479","2019-01-28 22:46:05","http://alucorex.com/EewP-6D8S_EdVbgw-Zu/InvoiceCodeChanges/EN_en/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112479/"
+"112479","2019-01-28 22:46:05","http://alucorex.com/EewP-6D8S_EdVbgw-Zu/InvoiceCodeChanges/EN_en/Invoices-Overdue/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112479/"
 "112478","2019-01-28 22:44:26","http://www.comamigos.com.br/XMye-wY_t-wh6/ACH/PaymentInfo/US/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112478/"
 "112477","2019-01-28 22:44:21","http://www.carspy24.com/fUJEb-gFQ_JcpoXcw-qwF/Inv/52424345995/En_us/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112477/"
 "112476","2019-01-28 22:44:18","http://viablecareers.org/UXoqy-QTX_fXiD-yvL/PaymentStatus/EN_en/727-70-172785-996-727-70-172785-395/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112476/"
@@ -1219,7 +1680,7 @@
 "112462","2019-01-28 22:14:08","http://pop3.lacuisine2maman.fr/wp-content/aiowps_backups/8DHD4NKpNc/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/112462/"
 "112461","2019-01-28 22:14:05","http://techtiqdemo.co.uk/3o37iwk1Qyiu_h9/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/112461/"
 "112460","2019-01-28 22:12:27","http://www.mbaisetopseed.org/CTAZn-4AVk_xAXhg-II5/Southwire/IVA426640832/En_us/Overdue-payment/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112460/"
-"112459","2019-01-28 22:12:21","http://huurwoningdirect.nl/YSMMl-OSqc_K-p1D/INV/99120FORPO/1087504003/EN_en/Service-Report-03966/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112459/"
+"112459","2019-01-28 22:12:21","http://huurwoningdirect.nl/YSMMl-OSqc_K-p1D/INV/99120FORPO/1087504003/EN_en/Service-Report-03966/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112459/"
 "112458","2019-01-28 22:11:20","http://hfmid.bjcma.top/cguba/ztjll/v1.03/zhangtjl.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112458/"
 "112457","2019-01-28 22:11:15","http://www.kobacco.com/shop/haoa.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112457/"
 "112456","2019-01-28 22:09:02","http://163.172.233.237/eHIz-vewid_Q-8D/InvoiceCodeChanges/En_us/Invoices-attached/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112456/"
@@ -1234,15 +1695,15 @@
 "112447","2019-01-28 21:33:34","http://www.pronodujour.fr/MhkqX-oMP_X-qN/INVOICE/5506/OVERPAYMENT/US_us/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112447/"
 "112446","2019-01-28 21:33:29","http://uanatabeer.com/wp-content/yipBn-Yi_K-exH/INVOICE/3139/OVERPAYMENT/US/Overdue-payment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112446/"
 "112445","2019-01-28 21:33:21","http://tttcoiran.com/ufpxq-pxxxE_IPCoFDcbU-qlw/EXT/PaymentStatus/US_us/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112445/"
-"112444","2019-01-28 21:33:16","http://stationhousepubandgrill.ca/bZfce-Iw_uK-JZ/ACH/PaymentAdvice/En_us/New-order/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112444/"
-"112443","2019-01-28 21:33:08","http://pnneuroeducacao.pt/PifW-s8RU_gaILJP-MK/INVOICE/US/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112443/"
-"112442","2019-01-28 21:33:06","http://iccl.club/cHiMU-hL_CZbOd-dPq/Invoice/75229868/US_us/Service-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112442/"
+"112444","2019-01-28 21:33:16","http://stationhousepubandgrill.ca/bZfce-Iw_uK-JZ/ACH/PaymentAdvice/En_us/New-order/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112444/"
+"112443","2019-01-28 21:33:08","http://pnneuroeducacao.pt/PifW-s8RU_gaILJP-MK/INVOICE/US/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112443/"
+"112442","2019-01-28 21:33:06","http://iccl.club/cHiMU-hL_CZbOd-dPq/Invoice/75229868/US_us/Service-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112442/"
 "112441","2019-01-28 21:32:10","http://hoatangthainguyen.com/SNpq-H9k_lpu-ir/invoices/8060/91517/En/Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/112441/"
 "112440","2019-01-28 21:32:06","http://franklincovey.co.ke/wREv-Lmuv_xeFnU-u7/INVOICE/En_us/Service-Report-94585/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112440/"
 "112439","2019-01-28 21:32:03","http://foladsotoon.com/vdhxQ-0kT_q-mR/YO00/invoicing/US/Important-Please-Read/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112439/"
 "112438","2019-01-28 21:31:59","http://fira.org.za/jMOCy-k3A_yew-dxp/Southwire/VML801821328/En/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/112438/"
 "112437","2019-01-28 21:31:27","http://d-trump.jp/fAMB-2714_Pawh-Nk/47410/SurveyQuestionsEn/Past-Due-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112437/"
-"112436","2019-01-28 21:31:20","http://cwc.vi-bus.com/TvfUd-WhN_mMCAgz-aI/INV/21387FORPO/21687766112/US_us/Invoices-Overdue/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112436/"
+"112436","2019-01-28 21:31:20","http://cwc.vi-bus.com/TvfUd-WhN_mMCAgz-aI/INV/21387FORPO/21687766112/US_us/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112436/"
 "112435","2019-01-28 21:31:17","http://autopart.tomsk.ru/fNJe-F6f6_R-lyL/INV/249003FORPO/50655035572/En_us/Invoice-Number-08552/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112435/"
 "112434","2019-01-28 21:31:14","http://askthuto.com/DVij-ph_aBMXfZi-RQ/ACH/PaymentAdvice/US/Important-Please-Read/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112434/"
 "112433","2019-01-28 21:30:41","http://www.ipoptv.co.kr/images/site_menu/setup_3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112433/"
@@ -1273,7 +1734,7 @@
 "112407","2019-01-28 20:39:21","https://www.holzheuer.de/Amazon/EN/Orders-details/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112407/"
 "112406","2019-01-28 20:39:19","https://noithatshop.vn/Amazon/Transactions-details/012019/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112406/"
 "112405","2019-01-28 20:39:10","http://www.jackservice.com.pl/sTWSh-GQ_zPVpXA-ifn/878509/SurveyQuestionsUS_us/Paid-Invoices/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112405/"
-"112404","2019-01-28 20:39:06","http://jostmed.futminna.edu.ng/Amazon/En/Transactions/01_19//","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112404/"
+"112404","2019-01-28 20:39:06","http://jostmed.futminna.edu.ng/Amazon/En/Transactions/01_19//","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112404/"
 "112403","2019-01-28 20:32:16","http://s3.didiyunapi.com/eth/cheats.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112403/"
 "112402","2019-01-28 20:32:11","http://dgnj.cn/clbweb2005/FMCMS/MarketWatch/xdview.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112402/"
 "112401","2019-01-28 20:31:08","http://rus-fishing.com/images/main/2/2/elsdell_outputab206bf.msi","online","malware_download","msi","https://urlhaus.abuse.ch/url/112401/"
@@ -1285,10 +1746,9 @@
 "112395","2019-01-28 20:17:20","http://www.tubeian.com/PXXp-2zve_XjwQzHm-oE/EXT/PaymentStatus/US_us/Inv-48182-PO-3D523287/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112395/"
 "112394","2019-01-28 20:17:13","http://educamedico.com.br/fbNsB-PYM_ZotrWf-Qb/invoices/7320/5253/US_us/Service-Report-6739/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112394/"
 "112393","2019-01-28 20:17:05","http://clubmestre.com/tCfQX-4HR_P-D9o/PaymentStatus/US_us/Paid-Invoices/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112393/"
-"112392","2019-01-28 20:16:06","http://vskaze.ru/vskaze_install.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112392/"
 "112391","2019-01-28 20:15:18","http://hfmid.bjcma.top/cguba/tongbujl/v1.28/tongbujl.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112391/"
 "112390","2019-01-28 20:13:32","http://ustpharm89.net/sYr7xBoXx/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112390/"
-"112389","2019-01-28 20:13:25","http://bietthunghiduong24h.info/oVQCPSWV/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112389/"
+"112389","2019-01-28 20:13:25","http://bietthunghiduong24h.info/oVQCPSWV/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/112389/"
 "112388","2019-01-28 20:13:18","http://5072610.ru/YjNBdzFKT9/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112388/"
 "112387","2019-01-28 20:13:12","http://maquinadefalaringles.info/Us1uHMn/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112387/"
 "112386","2019-01-28 20:13:08","http://mhnew.enabledware.com/wp-content/upgrade/1Qvuku8g/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112386/"
@@ -1322,13 +1782,12 @@
 "112358","2019-01-28 19:54:12","http://tsn-shato.ru/EDLpH-wHV_h-93/InvoiceCodeChanges/US/9-Past-Due-Invoices/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/112358/"
 "112357","2019-01-28 19:54:08","http://ybhkdy.cf/AMAZON/Clients/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112357/"
 "112355","2019-01-28 19:52:03","http://185.244.25.241/bins/cock.arm","online","malware_download","elf","https://urlhaus.abuse.ch/url/112355/"
-"112354","2019-01-28 19:50:15","http://vskaze.ru/base_installer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112354/"
 "112353","2019-01-28 19:50:10","http://elibrary.co.ke/Remittance_HULWIB171218_PDF.jar","online","malware_download","zip","https://urlhaus.abuse.ch/url/112353/"
 "112352","2019-01-28 19:00:10","http://91.121.30.169:8000/91msE95B/actiV.bin","offline","malware_download","Dridex,exe","https://urlhaus.abuse.ch/url/112352/"
-"112351","2019-01-28 19:00:07","http://162.243.137.61:8000/7rj9Iw28/OpenFonts.bin","online","malware_download","Dridex,exe","https://urlhaus.abuse.ch/url/112351/"
+"112351","2019-01-28 19:00:07","http://162.243.137.61:8000/7rj9Iw28/OpenFonts.bin","offline","malware_download","Dridex,exe","https://urlhaus.abuse.ch/url/112351/"
 "112350","2019-01-28 18:56:39","http://docs.web-x.com.my/mEJfO-Om_Li-gSG/invoices/72482/46092/US/Important-Please-Read/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112350/"
 "112349","2019-01-28 18:56:32","http://invfactor.cnr.it/sites/files/YZod-XqHJ_rjfHhBGq-STt/Southwire/FYH2691283986/US/Companies-Invoice-72445385/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112349/"
-"112348","2019-01-28 18:56:23","http://www.rijschool-marketing.nl/nkRfr-y2U_hE-Quy/A623/invoicing/En_us/Paid-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112348/"
+"112348","2019-01-28 18:56:23","http://www.rijschool-marketing.nl/nkRfr-y2U_hE-Quy/A623/invoicing/En_us/Paid-Invoice/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112348/"
 "112347","2019-01-28 18:56:11","http://smemy.com/NEQl-QaW_yaoYr-Ivv/Inv/8256500998/En_us/Invoice-Number-434525/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112347/"
 "112346","2019-01-28 18:56:03","http://gelikatakoy.com/FCFVP-apO_IulAiwrp-TdF/20227/SurveyQuestionsUS_us/9-Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112346/"
 "112345","2019-01-28 18:55:51","http://girlsphonenumbers.online/nDiJu-Z8WF_mSMXHA-Ze/523408/SurveyQuestionsEn/Invoice-97962184/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112345/"
@@ -1337,7 +1796,7 @@
 "112342","2019-01-28 18:55:31","http://wieczniezywechoinki.pl/Amazon/EN/Attachments/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112342/"
 "112341","2019-01-28 18:55:27","http://olapixels.com/Amazon/EN/Details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112341/"
 "112340","2019-01-28 18:55:20","http://yodmpdy.cf/wp-admin/Amazon/EN/Clients/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112340/"
-"112339","2019-01-28 18:55:13","http://ssearthmovers.in/Amazon/En/Orders_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112339/"
+"112339","2019-01-28 18:55:13","http://ssearthmovers.in/Amazon/En/Orders_details/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112339/"
 "112338","2019-01-28 18:55:05","http://dcfloraldecor.lt/Amazon/Transactions-details/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112338/"
 "112337","2019-01-28 18:17:12","https://upload.moe/files/xdiwku.exe","online","malware_download","exe,rat,NanoCore","https://urlhaus.abuse.ch/url/112337/"
 "112336","2019-01-28 18:15:09","http://erux.gq/x/dd.exe","offline","malware_download","exe,stealer","https://urlhaus.abuse.ch/url/112336/"
@@ -1345,10 +1804,10 @@
 "112334","2019-01-28 17:30:15","http://ylosfnetdy.cf/VMPPo-mF_t-7UP/INVOICE/EN_en/Invoice-0784171-January/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112334/"
 "112332","2019-01-28 17:28:59","http://www.odishahr.xyz/pQSS-n1_xwRKva-Lta/ACH/PaymentAdvice/En_us/New-order/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112332/"
 "112331","2019-01-28 17:28:44","http://visiskirtingivisilygus.lt/BtLG-x53FA_YAmJC-Hsr/PaymentStatus/US_us/Companies-Invoice-8021965/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112331/"
-"112330","2019-01-28 17:28:38","http://queekebook.com/sDmpl-Lz_fUbpeZNBY-X5H/Ref/447376029En/5-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112330/"
+"112330","2019-01-28 17:28:38","http://queekebook.com/sDmpl-Lz_fUbpeZNBY-X5H/Ref/447376029En/5-Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112330/"
 "112328","2019-01-28 17:28:28","http://mywoods.by/AaLDx-y4n_nsYpLFOvd-T0/ACH/PaymentAdvice/En/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112328/"
 "112327","2019-01-28 17:28:24","http://mutevazisaheserler.com/wp-admin/images/CbBN-u6voJ_A-UWl/INV/990951FORPO/349615905750/US_us/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112327/"
-"112326","2019-01-28 17:28:20","http://mississipi2011.com.br/YjlLZ-93C_gyNsdMS-LS/InvoiceCodeChanges/En/9-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112326/"
+"112326","2019-01-28 17:28:20","http://mississipi2011.com.br/YjlLZ-93C_gyNsdMS-LS/InvoiceCodeChanges/En/9-Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112326/"
 "112325","2019-01-28 17:28:16","http://mike.trmbldigital.xyz/NvCfP-WW_C-Lo2/invoices/57170/8048/US_us/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112325/"
 "112324","2019-01-28 17:28:13","http://kamelot.marketing-pr.biz/PVtMe-r4MK_o-At/Invoice/0777488/US_us/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112324/"
 "112323","2019-01-28 17:28:10","http://fixi.mobi/wp-content/plugins/hKrac-Cb9t0_KYWDCu-3P/Southwire/QSS7548092840/US_us/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112323/"
@@ -1356,7 +1815,7 @@
 "112321","2019-01-28 17:27:43","http://summertour.com.br/Amazon/Clients/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112321/"
 "112320","2019-01-28 17:27:39","http://phatgiaovn.net/wp-content/Amazon/Details/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112320/"
 "112319","2019-01-28 17:27:35","http://maktronicmedical.com/Amazon/En/Payments/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112319/"
-"112318","2019-01-28 17:27:30","http://jostmed.futminna.edu.ng/Amazon/En/Transactions/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112318/"
+"112318","2019-01-28 17:27:30","http://jostmed.futminna.edu.ng/Amazon/En/Transactions/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112318/"
 "112317","2019-01-28 17:27:27","http://blogtintuc.tk/server/Amazon/Transactions/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112317/"
 "112316","2019-01-28 17:27:21","http://103.254.86.219/rdfcrm/custom/history/Amazon/En/Information/012019/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112316/"
 "112315","2019-01-28 17:26:18","http://dolartakip.online/wp-content/themes/jannah/inc/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112315/"
@@ -1366,21 +1825,19 @@
 "112311","2019-01-28 17:24:13","http://107.173.104.203/table.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/112311/"
 "112310","2019-01-28 17:24:09","http://107.173.104.203/radiance.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/112310/"
 "112309","2019-01-28 17:22:06","http://headbuild.info/app/mrt.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112309/"
-"112308","2019-01-28 17:19:11","http://arturn.co.uk/as.tral","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/112308/"
+"112308","2019-01-28 17:19:11","http://arturn.co.uk/as.tral","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/112308/"
 "112307","2019-01-28 17:18:11","http://universitytransplantcenter.com/templates/utc/images/utc/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/112307/"
 "112306","2019-01-28 17:15:10","http://prisma.fp.ub.ac.id/wp-content/Amazon/EN/Information/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112306/"
 "112305","2019-01-28 17:09:05","http://newscommer.com/app/al/latest32.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112305/"
 "112304","2019-01-28 17:08:05","http://www.traktorski-deli.si/FRSi-b5KK_CtJbc-Sd/INVOICE/67622/OVERPAYMENT/US_us/Invoice-Number-73756/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112304/"
-"112303","2019-01-28 17:08:02","https://u9362720.ct.sendgrid.net/wf/click?upn=FkgLVrkReMLPH6rsf3o6UTC4y8Xn9TTELg5Dj-2FEvJKLssnyOlB5dszNlwH-2F4-2BvbT-2FJk8HItsL9T5-2BbDYQVXuqSAii8r44th1OWcbT3ZEqoKD-2BTBcS3F9J2g2JMaz-2BPei_zjKNohKKy6zvRGb51v-2BzNkRVmLUMRSNk6d1gNPNOWdIcSIx8OKOsbsVagGv1CSDDV1u9uBwzlJgDATvEYj3srBki-2FcOOrOZuUAL6gB1Ywvj78eVYjSX17o39dy-2FSsR9ZCDDxp1HeT8veK8SAteN0nL5DL7ffRsgOaWOEB-2FcN24CsJG7XCyp3Lcxnm0yFDsoPfXrBtOEnXH1fsJyVUNUoUg-3D-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/112303/"
 "112302","2019-01-28 17:07:58","http://zmogui.lt/jSda-p8Q_puHqDgG-Zp/Inv/7297704586/US/Question/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112302/"
-"112301","2019-01-28 17:07:52","http://ijabr.futminna.edu.ng/kwMKB-o07Y_XEe-v2M/EN_en/Past-Due-Invoice/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112301/"
-"112300","2019-01-28 17:07:46","https://u9362720.ct.sendgrid.net/wf/click?upn=vdSKdPosac-2F09EF2p1pq1bHikaLLHkeYrJRcHX7suw8EQXtcmAsBQiHnHdn4W6Y8vuzfpWYMxy0TS8N-2FcatETJyX6ae1LzmMvASEdhpioRBk5IJpuhUUbpCJEuGKxMVl_L-2BLqrZY11HurY9nk3ij4uEbx2h5r9sT-2Bw8i0Y1yTKnxHHkaATDeJkaujbPEveDpSaMvlzNyffBjGs-2Bk2YdzmqcuuRLOLxUTapNQbBBfC8SFUeZ0GNPH-2Bmz-2F9mxJdNCJVbXUTmBXGgyJPyUgKRqRRKIu-2BGsBZ4BkDCfoaTyYFUtREOzsOrr-2BEX9NBi3Dv14juSvlYUmJ9T25AA8gdQmJWOHAmvrbW0DZpvlq7r3jOvhI-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/112300/"
+"112301","2019-01-28 17:07:52","http://ijabr.futminna.edu.ng/kwMKB-o07Y_XEe-v2M/EN_en/Past-Due-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112301/"
 "112299","2019-01-28 17:07:42","http://bachhoatrangia.com/IUwUK-Na_dTUBvQ-9g/InvoiceCodeChanges/US_us/Invoice/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112299/"
-"112298","2019-01-28 17:07:38","http://drapart.org/nPOi41tV/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112298/"
+"112298","2019-01-28 17:07:38","http://drapart.org/nPOi41tV/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/112298/"
 "112297","2019-01-28 17:07:32","http://dinhdaiphat.com/wp-content/uploads/rRsvlNI/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112297/"
 "112296","2019-01-28 17:07:23","http://dolartakip.online/ieQZgNVJH/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112296/"
 "112295","2019-01-28 17:07:18","http://dev03.codebuzzers.com/7JJwTSZ/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112295/"
-"112294","2019-01-28 17:07:10","http://jaspinformatica.com/kNuIiaBnH/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/112294/"
+"112294","2019-01-28 17:07:10","http://jaspinformatica.com/kNuIiaBnH/","online","malware_download","emotet,exe,epoch1,heodo,AZORult","https://urlhaus.abuse.ch/url/112294/"
 "112293","2019-01-28 17:01:07","http://mcdel.chat.ru/programs/errorbox.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112293/"
 "112292","2019-01-28 16:57:02","http://207.180.213.67/wp-content/Amazon/Attachments/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112292/"
 "112291","2019-01-28 16:56:18","http://www.holzheuer.de/Amazon/EN/Orders-details/2019-01/","offline","malware_download","None","https://urlhaus.abuse.ch/url/112291/"
@@ -1398,13 +1855,13 @@
 "112279","2019-01-28 16:30:27","http://dx74.downyouxi.com/chiseyaosaifczhanche.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112279/"
 "112278","2019-01-28 16:25:05","http://newscommer.com/app/winboxscan-1003-2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112278/"
 "112277","2019-01-28 16:14:06","http://headbuild.info/app/winboxtest.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112277/"
-"112276","2019-01-28 16:13:44","http://www.tovbekapisi.com/ceFx-688_RiglAtJ-L3J/US_us/ACH-form/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112276/"
+"112276","2019-01-28 16:13:44","http://www.tovbekapisi.com/ceFx-688_RiglAtJ-L3J/US_us/ACH-form/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112276/"
 "112275","2019-01-28 16:13:41","http://saigonthinhvuong.net/BBPJ-ghmmb_PLTKk-NkC/INVOICE/76712/OVERPAYMENT/En/Paid-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112275/"
 "112274","2019-01-28 16:13:36","http://nightonline.ru/images/WxOF-XbCd2_CbFEO-ZP4/EXT/PaymentStatus/EN_en/Invoice-Number-992023/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112274/"
-"112273","2019-01-28 16:13:32","http://mimiabner.com/inDi-nWBI_Dz-FEA/Inv/370605467/En_us/Invoices-attached/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112273/"
-"112272","2019-01-28 16:13:28","http://icta.futminna.edu.ng/hDmDR-mY_QdQoMIYLa-EPi/ACH/PaymentInfo/US/Service-Report-92561/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112272/"
+"112273","2019-01-28 16:13:32","http://mimiabner.com/inDi-nWBI_Dz-FEA/Inv/370605467/En_us/Invoices-attached/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112273/"
+"112272","2019-01-28 16:13:28","http://icta.futminna.edu.ng/hDmDR-mY_QdQoMIYLa-EPi/ACH/PaymentInfo/US/Service-Report-92561/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112272/"
 "112271","2019-01-28 16:13:25","http://hotelkian.com/CLNG-bwMFJ_kdC-VV/INVOICE/1747/OVERPAYMENT/US_us/Service-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112271/"
-"112270","2019-01-28 16:13:22","http://fergus.vn/jaqq-J7_q-i9/invoices/74832/98582/EN_en/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112270/"
+"112270","2019-01-28 16:13:22","http://fergus.vn/jaqq-J7_q-i9/invoices/74832/98582/EN_en/Paid-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112270/"
 "112269","2019-01-28 16:13:16","http://amocrmkrg.kz/pbFgW-L292A_SGbXnYuA-uu/ACH/PaymentInfo/US_us/Invoice-receipt/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112269/"
 "112268","2019-01-28 16:13:09","http://64.69.83.43/gacl/admin/templates_c/XTlF-6k_SwjIrETT-lSd/En/Invoices-attached/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112268/"
 "112267","2019-01-28 16:13:06","http://3kiloafvallen.nl/EmpcL-FI_pJZjhYNB-zzG/34522/SurveyQuestionsEn/Need-to-send-the-attachment/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112267/"
@@ -1413,11 +1870,11 @@
 "112264","2019-01-28 16:09:12","http://www.sp11dzm.ru/osPN-j6_TaargVDi-95/US/New-order/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112264/"
 "112263","2019-01-28 16:09:07","http://batdongsanphonoi.vn/Amazon/Transactions/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112263/"
 "112262","2019-01-28 16:08:08","http://habitacaosocial.org.br/bFHSc-ass_rviqgP-CZ/invoices/34036/20577/US_us/Need-to-send-the-attachment/index.php.suspected/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112262/"
-"112261","2019-01-28 16:04:08","http://khomyphamhanoi.com/Amazon/En/Clients/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112261/"
+"112261","2019-01-28 16:04:08","http://khomyphamhanoi.com/Amazon/En/Clients/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112261/"
 "112260","2019-01-28 16:01:07","http://headbuild.info/app/winboxscan-1001.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112260/"
 "112259","2019-01-28 15:58:19","http://headbuild.info/app/e7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112259/"
 "112258","2019-01-28 15:58:11","https://gastrohero.zendesk.com/attachments/token/cmomz9xlkrjs9rjwou8pmx17t/?name=dokument_id1784788022.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/112258/"
-"112257","2019-01-28 15:58:09","http://its.futminna.edu.ng/Amazon/En/Orders_details/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112257/"
+"112257","2019-01-28 15:58:09","http://its.futminna.edu.ng/Amazon/En/Orders_details/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112257/"
 "112256","2019-01-28 15:56:10","http://thanhlapdoanhnghiephnh.com/Amazon/EN/Transactions/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112256/"
 "112255","2019-01-28 15:54:05","http://newscommer.com/app/mrt.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112255/"
 "112254","2019-01-28 15:51:15","http://southgatetower.cdd.vn/eKvu-xUU9_PVpPIeWCZ-Ky/Southwire/RCY27635492/US/3-Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112254/"
@@ -1430,7 +1887,7 @@
 "112247","2019-01-28 15:48:18","http://mayphatrasua.com/AMAZON/Transactions-details/2019-01/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112247/"
 "112246","2019-01-28 15:48:10","http://copsnailsanddrinks.fr/Amazon/En/Transactions-details/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112246/"
 "112245","2019-01-28 15:48:05","http://web-cude.com/wp-admin/rqyG-lwkKC_lVVM-Zl/INVOICE/US/Invoices-attached/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/112245/"
-"112244","2019-01-28 15:48:00","http://www.juntoalbarrio.cl/old-site/wp-content/plugins/login-logo/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/112244/"
+"112244","2019-01-28 15:48:00","http://www.juntoalbarrio.cl/old-site/wp-content/plugins/login-logo/3","online","malware_download","None","https://urlhaus.abuse.ch/url/112244/"
 "112243","2019-01-28 15:47:53","http://www.juntoalbarrio.cl/old-site/wp-content/plugins/login-logo/2","online","malware_download","None","https://urlhaus.abuse.ch/url/112243/"
 "112242","2019-01-28 15:47:47","http://www.juntoalbarrio.cl/old-site/wp-content/plugins/login-logo/1","online","malware_download","None","https://urlhaus.abuse.ch/url/112242/"
 "112241","2019-01-28 15:47:39","http://ved-trading.ru/assets/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/112241/"
@@ -1480,7 +1937,7 @@
 "112197","2019-01-28 15:08:21","http://megandilmore.com/eCbC-Z4_wURIx-JgN/INVOICE/9060/OVERPAYMENT/En/Important-Please-Read/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112197/"
 "112196","2019-01-28 15:08:16","http://lepdecor.kz/gpEit-ES_wuIlxq-JIj/Southwire/CGW6869413828/US_us/Companies-Invoice-1818417/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112196/"
 "112195","2019-01-28 15:08:11","http://hillcricketballs.co.za/SHso-vDNY_vPjejWu-5Qw/ACH/PaymentAdvice/En/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112195/"
-"112194","2019-01-28 15:08:05","http://cam-tech.ir/guCa-40Ht9_Km-Gf/ACH/PaymentAdvice/En/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112194/"
+"112194","2019-01-28 15:08:05","http://cam-tech.ir/guCa-40Ht9_Km-Gf/ACH/PaymentAdvice/En/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112194/"
 "112193","2019-01-28 15:07:04","https://typo3.aktemo.de/Amazon/Clients_Messages/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112193/"
 "112192","2019-01-28 15:02:43","http://ema-trans.kz/Amazon/Transaction_details/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112192/"
 "112191","2019-01-28 15:02:41","http://up2m.politanisamarinda.ac.id/wp-content/Amazon/Transactions-details/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112191/"
@@ -1490,11 +1947,11 @@
 "112187","2019-01-28 15:02:10","http://vsbreveance.nl/AMAZON/Clients_Messages/01_19/","offline","malware_download","None","https://urlhaus.abuse.ch/url/112187/"
 "112186","2019-01-28 15:02:07","http://vsb.reveance.nl/AMAZON/Clients_Messages/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112186/"
 "112185","2019-01-28 14:40:06","http://valkarm.ru/scripts_index/FpWrH-UkN74_gXD-qN/25517/SurveyQuestionsEN_en/Question/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112185/"
-"112184","2019-01-28 14:40:03","http://osteklenie-balkonov.tomsk.ru/ziXn-hS4_ZIFzQZ-cK/INV/2166303FORPO/5509690939/En_us/Invoice-Corrections-for-57/96/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112184/"
-"112183","2019-01-28 14:39:03","http://sassearch.net/AMAZON/Payments_details/012019/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112183/"
+"112184","2019-01-28 14:40:03","http://osteklenie-balkonov.tomsk.ru/ziXn-hS4_ZIFzQZ-cK/INV/2166303FORPO/5509690939/En_us/Invoice-Corrections-for-57/96/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112184/"
+"112183","2019-01-28 14:39:03","http://sassearch.net/AMAZON/Payments_details/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112183/"
 "112182","2019-01-28 14:31:15","http://zapmodulservice.ru/ITrgE-3BI_OXECDMa-i0/COMET/SIGNS/PAYMENT/NOTIFICATION/01/28/2019/En_us/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112182/"
 "112181","2019-01-28 14:31:14","http://weresolve.ca/fpPb-BdXn_iUXzU-QI/invoices/19509/1739/EN_en/New-order/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112181/"
-"112180","2019-01-28 14:31:13","http://uogauoga.lt/paxPm-TtZxW_gzi-4A/ACH/PaymentAdvice/En/Invoice-receipt/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112180/"
+"112180","2019-01-28 14:31:13","http://uogauoga.lt/paxPm-TtZxW_gzi-4A/ACH/PaymentAdvice/En/Invoice-receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112180/"
 "112179","2019-01-28 14:31:12","http://trehoadatoanthan.net/dBsSs-Kbz_I-lLs/EXT/PaymentStatus/En/Service-Report-15060/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112179/"
 "112178","2019-01-28 14:31:08","http://satstore.kz/gmcogp0/KteM-N4_BGLMkVPih-jA/ACH/PaymentInfo/US_us/Question/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112178/"
 "112177","2019-01-28 14:31:07","http://old.norsec.kz/WELx-7b_e-50G/EXT/PaymentStatus/EN_en/Invoices-attached/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112177/"
@@ -1502,13 +1959,13 @@
 "112175","2019-01-28 14:31:03","http://vysotnye-raboty.tomsk.ru/Amazon/En/Orders-details/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112175/"
 "112174","2019-01-28 14:27:04","http://tarjetaenlinea.com.ve/Amazon/Payments/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112174/"
 "112173","2019-01-28 14:26:04","http://185.244.25.194/dwabniduawdbwad/memhoncho.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/112173/"
-"112172","2019-01-28 14:26:03","http://sozdanie-sajtov.rise-up.nsk.ru/Amazon/Attachments/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112172/"
+"112172","2019-01-28 14:26:03","http://sozdanie-sajtov.rise-up.nsk.ru/Amazon/Attachments/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112172/"
 "112171","2019-01-28 14:15:04","http://empresadereformasentenerife.com/Amazon/Clients_Messages/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112171/"
 "112170","2019-01-28 14:14:08","http://thuraya.kz/iVIg-wWj_tCpHue-kR/EXT/PaymentStatus/En/Past-Due-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112170/"
 "112169","2019-01-28 14:14:06","http://igsm.co/SKkWK-AO_MweTYfa-cV/XN307/invoicing/US/3-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112169/"
 "112168","2019-01-28 14:14:03","http://bobors.se/DUfQf-yNL_oLC-Hsd/Invoice/242890029/EN_en/Important-Please-Read/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112168/"
 "112167","2019-01-28 14:14:02","http://baza-dekora.ru/IXsw-dM4y_QCsd-U66/EXT/PaymentStatus/En/Scan/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/112167/"
-"112166","2019-01-28 14:12:02","http://xn--90aeb9ae9a.xn--p1ai/Amazon/En/Clients_information/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112166/"
+"112166","2019-01-28 14:12:02","http://xn--90aeb9ae9a.xn--p1ai/Amazon/En/Clients_information/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/112166/"
 "112165","2019-01-28 14:08:04","http://lemycofreight.com/temp/catrads.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/112165/"
 "112164","2019-01-28 14:08:02","https://installatiebedrijfroosendaal.nl/Amazon/Details/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112164/"
 "112163","2019-01-28 13:59:08","http://www.forodigitalpyme.es/AMAZON/Transactions/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112163/"
@@ -1560,7 +2017,6 @@
 "112118","2019-01-28 13:01:01","http://balireveance.nl/Amazon/En/Clients/2019-01/","offline","malware_download","None","https://urlhaus.abuse.ch/url/112118/"
 "112116","2019-01-28 12:59:03","http://216.170.120.102/ppony.exe","online","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/112116/"
 "112115","2019-01-28 12:58:02","http://rfi.zendesk.com/attachments/token/BM8cxrE6XzoQmvPqmDGKY0lL0/","offline","malware_download","zip","https://urlhaus.abuse.ch/url/112115/"
-"112114","2019-01-28 12:49:02","https://u6547982.ct.sendgrid.net/wf/click?upn=3D9FWmq-2BIJYJouvHijx3kL5ceyucmCNjt-2BNHlrkJdC4v3AFcaVm5BFNuLMv1CK2zyWOYFxCGU0-2F59jjuRfhAKj4igHOU-2FuydmOeDxdU-2F-2Fw9Mca5fyZ5u5UlFbJanAAkfQAa8-2B3GZ29nZU0a1KtG164-2FXU-2F-2FPrGnyL0iBuI-2B2kFsaMlJCI4Gx1H1MRUQnogSSlUOTxZ8L-2F3URCVDPxVwVHfTQGW2pfJCLDi-2BPKjBb1qe9M-3D_7G8vDI6mSm0GXu7guNpW-2BuGr69QxZX2ai6mFMFK0lLgodSc7EhpdmhlaAxA9mt8-2BCQ92SdiqybTU9Pog2s1FDh0-2FN3d0-2F8QcAbz6xb32ZeorgkbO0wK8BDn0HdNIin4zL5IW8JHkulvGeEcSuR9sR9f3UN4JLVHDaa6bk6WHpz-2F0cyTB0eJKwAcw4c5ec1w1zi83gByCBoE5oadkqHyVzw-3D-3D/","offline","malware_download","None","https://urlhaus.abuse.ch/url/112114/"
 "112113","2019-01-28 12:45:05","http://104.200.137.129/bins/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112113/"
 "112112","2019-01-28 12:42:07","http://104.200.137.129/bins/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112112/"
 "112111","2019-01-28 12:42:04","http://104.200.137.129/bins/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112111/"
@@ -1571,10 +2027,10 @@
 "112106","2019-01-28 12:27:02","http://westland-onderhoud.nl/Amazon/Details/2019-01/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112106/"
 "112105","2019-01-28 12:17:12","http://billfritzjr.com/6RR99em0pT/","online","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112105/"
 "112104","2019-01-28 12:17:10","http://jongewolf.nl/95I0jws/","offline","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112104/"
-"112103","2019-01-28 12:17:08","http://eclectiqueindustries.com/eieC5cE/","online","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112103/"
+"112103","2019-01-28 12:17:08","http://eclectiqueindustries.com/eieC5cE/","offline","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112103/"
 "112102","2019-01-28 12:17:06","http://www.ermaproduction.com/wp-content/dX9Qujq88/","offline","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112102/"
 "112101","2019-01-28 12:17:04","http://symbisystems.com/33jw2vz/","online","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112101/"
-"112100","2019-01-28 12:16:04","http://appliancestalk.com/Amazon/En/Information/2019-01/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/112100/"
+"112100","2019-01-28 12:16:04","http://appliancestalk.com/Amazon/En/Information/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112100/"
 "112099","2019-01-28 12:14:16","http://112.164.54.238:33191/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/112099/"
 "112098","2019-01-28 12:14:05","http://104.200.137.129:80/bins/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112098/"
 "112097","2019-01-28 12:14:03","http://35.198.207.164:80/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112097/"
@@ -1618,7 +2074,7 @@
 "112056","2019-01-28 11:48:13","https://jbnortonandco.com/wp-content/themes/piko-construct/piko-construct/languages/ssj.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112056/"
 "112055","2019-01-28 11:48:09","http://chita02.xsrv.jp/ssj.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112055/"
 "112054","2019-01-28 11:48:07","https://kobac-yokohama01.com/wp-admin/css/colors/blue/messg.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112054/"
-"112053","2019-01-28 11:47:35","https://ericotv.com/wp-admin/css/colors/blue/messg.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112053/"
+"112053","2019-01-28 11:47:35","https://ericotv.com/wp-admin/css/colors/blue/messg.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112053/"
 "112052","2019-01-28 11:47:18","https://kobac-suzuka.com/wp-admin/css/colors/blue/messg.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112052/"
 "112051","2019-01-28 11:46:46","http://citylawab.com/wp-content/themes/envo-business/lib/customizer/css/messg.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112051/"
 "112050","2019-01-28 11:46:41","https://anket.kalthefest.org/messg.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/112050/"
@@ -1679,7 +2135,7 @@
 "111992","2019-01-28 10:44:09","http://35.198.207.164:80/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111992/"
 "111991","2019-01-28 10:44:05","http://35.198.207.164:80/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111991/"
 "111990","2019-01-28 10:41:08","http://185.244.25.241:80/bins/cock.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111990/"
-"111989","2019-01-28 10:40:14","http://decobrevo.com/vszowt/daixt.exe","online","malware_download","exe,RemcosRAT,NetWire","https://urlhaus.abuse.ch/url/111989/"
+"111989","2019-01-28 10:40:14","http://decobrevo.com/vszowt/daixt.exe","offline","malware_download","exe,RemcosRAT,NetWire","https://urlhaus.abuse.ch/url/111989/"
 "111988","2019-01-28 10:24:06","http://mortest.ug/1111.exe","offline","malware_download","AZORult,Brazzzers","https://urlhaus.abuse.ch/url/111988/"
 "111987","2019-01-28 10:23:02","http://128.199.45.93/atxhua","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/111987/"
 "111986","2019-01-28 10:02:06","http://martinoag.com/zuu/pw.exe","online","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/111986/"
@@ -1703,7 +2159,7 @@
 "111968","2019-01-28 09:42:06","http://dhoffmanfan.chat.ru/syscfg.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111968/"
 "111967","2019-01-28 09:41:05","http://fm963.top/360/243/wsvchosr.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111967/"
 "111966","2019-01-28 09:39:43","http://185.244.25.241:80/bins/cock.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111966/"
-"111965","2019-01-28 09:39:19","http://80.174.87.250:26715/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111965/"
+"111965","2019-01-28 09:39:19","http://80.174.87.250:26715/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111965/"
 "111964","2019-01-28 09:39:13","http://187.10.249.226:59957/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111964/"
 "111963","2019-01-28 09:39:07","http://206.189.120.191/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111963/"
 "111962","2019-01-28 09:38:13","http://alexhhh.chat.ru/download/moscow.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/111962/"
@@ -1715,7 +2171,7 @@
 "111956","2019-01-28 09:30:10","http://alexhhh.chat.ru/download/NuKe.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/111956/"
 "111955","2019-01-28 09:29:07","http://alexhhh.chat.ru/download/XStlth.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/111955/"
 "111954","2019-01-28 09:27:03","http://alexhhh.chat.ru/download/melissa.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/111954/"
-"111953","2019-01-28 09:12:43","http://regenerationcongo.com/UL2s3PGpv0/","online","malware_download","heodo,emotet,exe","https://urlhaus.abuse.ch/url/111953/"
+"111953","2019-01-28 09:12:43","http://regenerationcongo.com/UL2s3PGpv0/","offline","malware_download","heodo,emotet,exe","https://urlhaus.abuse.ch/url/111953/"
 "111952","2019-01-28 09:12:39","http://antigua.aguilarnoticias.com/t1JnOLFO/","online","malware_download","heodo,emotet,exe","https://urlhaus.abuse.ch/url/111952/"
 "111951","2019-01-28 09:12:35","http://leonardokubrick.com/VvJBwtEF5w/","online","malware_download","heodo,emotet,exe","https://urlhaus.abuse.ch/url/111951/"
 "111950","2019-01-28 09:12:29","http://stoutarc.com/J8htynMd3/","online","malware_download","heodo,emotet,exe","https://urlhaus.abuse.ch/url/111950/"
@@ -1831,7 +2287,7 @@
 "111840","2019-01-28 08:09:35","http://mingroups.vn/Vodafone/DE/Rechnung/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/111840/"
 "111831","2019-01-28 08:07:05","https://nmi1gw.bn.files.1drv.com/y4m5sm-ov2pfdQy3aIPboExjS3b0XCItuGzu1qpI5HyyDExRJwuWj0mnlPbjPOGZUskqdXzCdihgswXR-5ZY3QUhvZpRC62ONazR9R4A1yZ0otnwAatu7k9-iDwo6EaFwT2M35Rdqh7OZ4BxhNVaUXvSUWhNiykhGDbsDTu3djfMTw2-58fZcHicQzyiYMxcTn7j4i2Jynn_zIbbUXpLSPzEQ/Document3.doc?download&psid=1","offline","malware_download","doc","https://urlhaus.abuse.ch/url/111831/"
 "111830","2019-01-28 08:05:14","http://www.europeanautos.tech/admin/ion.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111830/"
-"111829","2019-01-28 08:01:07","http://www.ontamada.ru/Vodafone/DE/Rechnung/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/111829/"
+"111829","2019-01-28 08:01:07","http://www.ontamada.ru/Vodafone/DE/Rechnung/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/111829/"
 "111828","2019-01-28 07:57:04","http://www.biometricsystems.ru/Vodafone_Gmbh/Rechnungen/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/111828/"
 "111827","2019-01-28 07:50:06","http://sevensites.es/Vodafone_Gmbh/RechnungOnline/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/111827/"
 "111826","2019-01-28 07:49:26","http://www.europeanautos.tech/admin/ago.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111826/"
@@ -1851,8 +2307,8 @@
 "111812","2019-01-28 07:27:05","http://www.pivmag02.ru/Vodafone_Gmbh/Transaktion/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/111812/"
 "111811","2019-01-28 07:19:41","http://www.grantkulinar.ru/Vodafone/DE/RechnungOnline/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/111811/"
 "111810","2019-01-28 07:19:36","http://www.glazastiks.ru/Vodafone/DE/Rechnung/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/111810/"
-"111809","2019-01-28 07:19:27","http://154.85.35.82/bins/hoho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111809/"
-"111808","2019-01-28 07:19:24","http://154.85.35.82/bins/hoho.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111808/"
+"111809","2019-01-28 07:19:27","http://154.85.35.82/bins/hoho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111809/"
+"111808","2019-01-28 07:19:24","http://154.85.35.82/bins/hoho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111808/"
 "111807","2019-01-28 07:19:20","http://lanhodiepuytin.com/Vodafone/RechnungOnline/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/111807/"
 "111806","2019-01-28 07:19:11","http://shlifovka.by/Vodafone/DE/RechnungOnline/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/111806/"
 "111805","2019-01-28 07:19:02","http://173.234.25.61/bins/nisha.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111805/"
@@ -1952,7 +2408,7 @@
 "111711","2019-01-28 04:45:41","http://fm963.top/360/bbc/T1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111711/"
 "111710","2019-01-28 04:45:38","http://moto-bazar.xf.cz/k8E4.exe","offline","malware_download","exe,zeus","https://urlhaus.abuse.ch/url/111710/"
 "111709","2019-01-28 04:33:41","http://www.jijiquan.net/Tools/start.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111709/"
-"111708","2019-01-28 04:25:44","http://raspain.chat.ru/x.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111708/"
+"111708","2019-01-28 04:25:44","http://raspain.chat.ru/x.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111708/"
 "111707","2019-01-28 04:15:07","http://163.172.186.209/nut","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/111707/"
 "111706","2019-01-28 04:15:04","http://163.172.186.209/sshd","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/111706/"
 "111705","2019-01-28 04:14:08","http://163.172.186.209/cron","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/111705/"
@@ -2031,7 +2487,7 @@
 "111631","2019-01-27 21:58:42","http://97.125.231.53:20864/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111631/"
 "111630","2019-01-27 21:58:38","http://189.180.253.216:29339/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111630/"
 "111629","2019-01-27 21:58:34","http://177.68.147.145:1142/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111629/"
-"111628","2019-01-27 21:58:28","http://37.34.244.167:16848/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111628/"
+"111628","2019-01-27 21:58:28","http://37.34.244.167:16848/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111628/"
 "111627","2019-01-27 21:52:04","http://amd.alibuf.com:7723/dsc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111627/"
 "111626","2019-01-27 21:51:06","http://66.117.6.174/wpd.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/111626/"
 "111625","2019-01-27 21:08:06","http://moha-group.ir/nazy/PurchaseOrder.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/111625/"
@@ -2046,7 +2502,7 @@
 "111616","2019-01-27 19:45:02","http://moha-group.com/cli/waplord/doc/PurchaseOrder.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/111616/"
 "111615","2019-01-27 19:44:03","http://moha-group.com/cli/waplord/PurchaseOrder.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111615/"
 "111614","2019-01-27 19:37:03","http://183.110.79.42:8/buffffff.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111614/"
-"111613","2019-01-27 19:29:14","http://ca.posthash.org:443/123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111613/"
+"111613","2019-01-27 19:29:14","http://ca.posthash.org:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111613/"
 "111612","2019-01-27 19:29:04","http://183.110.79.42:8/445.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111612/"
 "111611","2019-01-27 19:25:06","http://ms.fq520000.com:443/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111611/"
 "111610","2019-01-27 19:22:17","http://jagadishchristian.com/tmp/fbet.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/111610/"
@@ -2054,7 +2510,7 @@
 "111608","2019-01-27 19:18:05","http://dns.fq520000.com:443/9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111608/"
 "111607","2019-01-27 19:14:02","http://165.227.212.62/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111607/"
 "111606","2019-01-27 19:00:08","http://dns.alibuf.com:7723/dsc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111606/"
-"111605","2019-01-27 18:48:17","http://ca.fq520000.com:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111605/"
+"111605","2019-01-27 18:48:17","http://ca.fq520000.com:443/123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111605/"
 "111604","2019-01-27 18:44:26","http://dns.alibuf.com:7723/dsp12.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111604/"
 "111603","2019-01-27 18:44:18","http://165.227.212.62/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111603/"
 "111602","2019-01-27 18:44:17","http://dns.fq520000.com:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111602/"
@@ -2114,7 +2570,7 @@
 "111548","2019-01-27 18:36:09","http://themebirth.ir/cgi-bin/ssj.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/111548/"
 "111547","2019-01-27 18:36:06","https://yemekolsa.com/protected/components/ssj.jpg","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/111547/"
 "111546","2019-01-27 18:36:02","http://vilion-works.com/atsugi/ssj.jpg","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/111546/"
-"111545","2019-01-27 18:34:15","http://config.younoteba.top/bug/yypdf/yycheckup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111545/"
+"111545","2019-01-27 18:34:15","http://config.younoteba.top/bug/yypdf/yycheckup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111545/"
 "111544","2019-01-27 18:30:03","http://165.227.212.62/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111544/"
 "111543","2019-01-27 18:21:14","http://208.51.63.150/b.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111543/"
 "111542","2019-01-27 18:21:08","http://208.51.63.150/downs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111542/"
@@ -2123,14 +2579,14 @@
 "111539","2019-01-27 18:17:05","http://ca.monerov8.com:443/123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111539/"
 "111538","2019-01-27 18:12:03","http://www.moha-group.com/cli/waplord/PurchaseOrder.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/111538/"
 "111537","2019-01-27 18:05:17","http://dnn.alibuf.com:7723/DSP12.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111537/"
-"111536","2019-01-27 18:05:10","http://down.eebbk.net/ddjsoftware/Webber.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111536/"
+"111536","2019-01-27 18:05:10","http://down.eebbk.net/ddjsoftware/Webber.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111536/"
 "111535","2019-01-27 16:52:04","http://185.101.105.162/bins/Solstice.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111535/"
 "111534","2019-01-27 16:52:03","http://35.237.236.148/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111534/"
 "111533","2019-01-27 16:52:02","http://80.211.110.193/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111533/"
 "111532","2019-01-27 16:51:02","http://185.101.105.162/bins/Solstice.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111532/"
 "111531","2019-01-27 16:42:03","http://185.101.105.162/bins/Solstice.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/111531/"
 "111530","2019-01-27 16:41:01","http://80.211.110.193/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111530/"
-"111529","2019-01-27 16:12:26","http://down.soft.yypdf.cn/YYPDFSetupTxsp.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111529/"
+"111529","2019-01-27 16:12:26","http://down.soft.yypdf.cn/YYPDFSetupTxsp.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111529/"
 "111528","2019-01-27 16:09:26","http://8dx.pc6.com/xjq6/WinRAR_5.60_Beta5_x64_SC.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111528/"
 "111527","2019-01-27 15:36:08","http://craftresortphuket.com/wp-admin/css/colors/ectoplasm/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111527/"
 "111526","2019-01-27 15:28:02","http://moha-group.ir/nazy/doc/Neworder.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/111526/"
@@ -2216,7 +2672,7 @@
 "111446","2019-01-27 15:08:07","http://www.majesticintltravel.com/web/ow.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111446/"
 "111445","2019-01-27 15:00:03","http://92.63.197.153/m/1.exe","offline","malware_download","exe,Ransomware,GandCrab,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111445/"
 "111444","2019-01-27 14:58:02","http://92.63.197.153/blowjob.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111444/"
-"111443","2019-01-27 14:49:29","http://sm.fq520000.com:443/9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111443/"
+"111443","2019-01-27 14:49:29","http://sm.fq520000.com:443/9.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111443/"
 "111442","2019-01-27 14:49:26","http://sm.fq520000.com:443/8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111442/"
 "111441","2019-01-27 14:49:24","http://sm.fq520000.com:443/7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111441/"
 "111440","2019-01-27 14:49:20","http://sm.fq520000.com:443/6.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111440/"
@@ -2282,7 +2738,7 @@
 "111380","2019-01-27 12:58:11","http://80.211.110.193:80/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111380/"
 "111379","2019-01-27 12:58:09","http://95.246.44.155:20787/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111379/"
 "111378","2019-01-27 12:58:05","http://185.101.105.162:80/bins/Solstice.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111378/"
-"111377","2019-01-27 12:53:03","http://getgeekgadgets.com/v/testes.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111377/"
+"111377","2019-01-27 12:53:03","http://getgeekgadgets.com/v/testes.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111377/"
 "111376","2019-01-27 12:16:04","http://citylawab.com/wp-content/themes/envo-business/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/111376/"
 "111375","2019-01-27 12:13:04","http://getgeekgadgets.com/test_Protected.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/111375/"
 "111374","2019-01-27 12:01:02","http://files.dropmybin.me/wvchh.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111374/"
@@ -2336,7 +2792,7 @@
 "111326","2019-01-27 10:03:05","http://168.235.66.17/pl0xmipsel","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/111326/"
 "111325","2019-01-27 10:03:03","http://185.244.25.169/sparc","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/111325/"
 "111324","2019-01-27 10:03:03","http://46.29.163.204/fearlesstftp","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/111324/"
-"111323","2019-01-27 10:02:04","http://www.gallerygraphics.com/order_form.bin","online","malware_download","Dridex,exe","https://urlhaus.abuse.ch/url/111323/"
+"111323","2019-01-27 10:02:04","http://www.gallerygraphics.com/order_form.bin","offline","malware_download","Dridex,exe","https://urlhaus.abuse.ch/url/111323/"
 "111322","2019-01-27 09:58:03","http://91.121.30.169:8000/p65ACSIk/order_form.bin","offline","malware_download","Dridex,exe","https://urlhaus.abuse.ch/url/111322/"
 "111321","2019-01-27 09:25:07","http://46.29.163.204/fearlesssh","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/111321/"
 "111320","2019-01-27 09:25:04","http://95.179.153.246/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111320/"
@@ -2478,10 +2934,10 @@
 "111185","2019-01-27 08:09:05","http://testingskapss.ru/ftp06/dl/anative.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111185/"
 "111183","2019-01-27 08:09:03","http://testingskapss.ru/ftp06/dl/aaa.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/111183/"
 "111182","2019-01-27 08:08:03","http://vektorex.com/source/Z/7460138.exe","online","malware_download","Formbook,exe","https://urlhaus.abuse.ch/url/111182/"
-"111181","2019-01-27 07:53:02","http://154.85.35.82/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111181/"
+"111181","2019-01-27 07:53:02","http://154.85.35.82/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111181/"
 "111180","2019-01-27 07:49:47","http://morganbits.com/.well-known/acme-challenge/mxr.pdf","offline","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/111180/"
 "111179","2019-01-27 07:49:40","https://braecarautos.com/Screen_shot_confimation_slip_56017_67547.scr","offline","malware_download","HawkEye,keylogger,exe","https://urlhaus.abuse.ch/url/111179/"
-"111178","2019-01-27 07:49:36","http://154.85.35.82/bins/hoho.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/111178/"
+"111178","2019-01-27 07:49:36","http://154.85.35.82/bins/hoho.x86","online","malware_download","None","https://urlhaus.abuse.ch/url/111178/"
 "111177","2019-01-27 07:49:35","http://usupdatereply.xyz/1/23/CLONE.exe","offline","malware_download","exe,stealer,AZORult,RemcosRAT","https://urlhaus.abuse.ch/url/111177/"
 "111176","2019-01-27 07:49:30","http://usupdatereply.xyz/1/23/RETURN2.jpg","offline","malware_download","exe,stealer,AZORult,RemcosRAT","https://urlhaus.abuse.ch/url/111176/"
 "111174","2019-01-27 07:49:19","http://199.38.243.9/apache2","offline","malware_download","None","https://urlhaus.abuse.ch/url/111174/"
@@ -2526,33 +2982,33 @@
 "111136","2019-01-27 05:48:13","http://www.adcash.ga/20190118/ppi02.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111136/"
 "111135","2019-01-27 05:23:31","http://game111.52zsoft.com/shenmibowuguan.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111135/"
 "111134","2019-01-27 05:02:10","http://setupadsfile.yxdown.com/launch_uid=yxdown&suid=bh.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111134/"
-"111133","2019-01-27 04:30:35","http://154.85.35.82/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111133/"
+"111133","2019-01-27 04:30:35","http://154.85.35.82/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111133/"
 "111132","2019-01-27 04:30:34","http://157.230.218.54/bins/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111132/"
-"111131","2019-01-27 04:30:04","http://154.85.35.82/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111131/"
-"111130","2019-01-27 04:30:03","http://154.85.35.82/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111130/"
-"111129","2019-01-27 04:26:06","http://154.85.35.82/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111129/"
-"111128","2019-01-27 04:26:04","http://154.85.35.82/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111128/"
-"111127","2019-01-27 04:26:03","http://154.85.35.82/bins/hoho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111127/"
+"111131","2019-01-27 04:30:04","http://154.85.35.82/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111131/"
+"111130","2019-01-27 04:30:03","http://154.85.35.82/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111130/"
+"111129","2019-01-27 04:26:06","http://154.85.35.82/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111129/"
+"111128","2019-01-27 04:26:04","http://154.85.35.82/bins/hoho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111128/"
+"111127","2019-01-27 04:26:03","http://154.85.35.82/bins/hoho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111127/"
 "111126","2019-01-27 04:02:06","http://185.244.25.194/dwabniduawdbwad/headhoncho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111126/"
-"111125","2019-01-27 04:02:05","http://154.85.35.82:80/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111125/"
-"111124","2019-01-27 04:02:04","http://154.85.35.82:80/bins/hoho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111124/"
+"111125","2019-01-27 04:02:05","http://154.85.35.82:80/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111125/"
+"111124","2019-01-27 04:02:04","http://154.85.35.82:80/bins/hoho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111124/"
 "111123","2019-01-27 04:02:02","http://162.220.165.89/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111123/"
-"111122","2019-01-27 04:00:04","http://154.85.35.82:80/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111122/"
-"111121","2019-01-27 04:00:03","http://154.85.35.82/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111121/"
-"111120","2019-01-27 03:55:04","http://154.85.35.82:80/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111120/"
+"111122","2019-01-27 04:00:04","http://154.85.35.82:80/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111122/"
+"111121","2019-01-27 04:00:03","http://154.85.35.82/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111121/"
+"111120","2019-01-27 03:55:04","http://154.85.35.82:80/bins/hoho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111120/"
 "111119","2019-01-27 03:55:02","http://185.244.25.194/dwabniduawdbwad/headhoncho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111119/"
 "111118","2019-01-27 03:53:08","http://162.220.165.89/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111118/"
 "111117","2019-01-27 03:53:05","http://atteuqpotentialunlimited.com/tracklist/tracking_number.pdf..exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111117/"
 "111116","2019-01-27 03:52:06","http://162.220.165.89/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111116/"
 "111115","2019-01-27 03:52:04","http://162.220.165.89/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111115/"
 "111114","2019-01-27 03:47:05","http://35.235.102.123/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111114/"
-"111113","2019-01-27 03:45:05","http://154.85.35.82:80/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111113/"
-"111112","2019-01-27 03:45:03","http://154.85.35.82:80/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111112/"
-"111111","2019-01-27 03:44:08","http://154.85.35.82:80/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111111/"
+"111113","2019-01-27 03:45:05","http://154.85.35.82:80/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111113/"
+"111112","2019-01-27 03:45:03","http://154.85.35.82:80/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111112/"
+"111111","2019-01-27 03:44:08","http://154.85.35.82:80/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111111/"
 "111110","2019-01-27 03:44:04","http://35.235.102.123/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111110/"
 "111109","2019-01-27 03:31:02","http://glazastiks.ru/fTq86CZSl/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/111109/"
 "111108","2019-01-27 03:26:03","http://funfineart.com/images/lightbox/fonts/update.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111108/"
-"111107","2019-01-27 03:24:10","http://154.85.35.82:80/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111107/"
+"111107","2019-01-27 03:24:10","http://154.85.35.82:80/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111107/"
 "111106","2019-01-27 03:24:08","http://177.222.163.32:37827/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111106/"
 "111105","2019-01-27 03:24:04","http://50.242.141.75:20196/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111105/"
 "111104","2019-01-27 03:11:06","http://atteuqpotentialunlimited.com/tracklist/tracking_number.pdf.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111104/"
@@ -2752,7 +3208,7 @@
 "110910","2019-01-26 20:12:25","http://185.244.25.148/fdasza.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110910/"
 "110909","2019-01-26 20:12:24","http://185.244.25.148/fsdada.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110909/"
 "110908","2019-01-26 20:12:22","http://185.244.25.148/dsfdsaza.ppc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110908/"
-"110907","2019-01-26 20:12:20","http://185.244.25.148/sdfza.m68k","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110907/"
+"110907","2019-01-26 20:12:20","http://185.244.25.148/sdfza.m68k","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110907/"
 "110906","2019-01-26 20:12:18","http://185.244.25.148/sddfs.i586","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110906/"
 "110905","2019-01-26 20:12:11","http://185.244.25.148/fdsadfa.ppc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110905/"
 "110904","2019-01-26 20:12:10","http://185.244.25.148/dfd.x32","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110904/"
@@ -2797,7 +3253,7 @@
 "110865","2019-01-26 19:33:05","http://191.250.236.164:57885/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110865/"
 "110864","2019-01-26 19:29:19","http://chefpromoter.com/wp-content/cache/supercache/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110864/"
 "110863","2019-01-26 19:29:09","http://quoidevert.com/templates/shaper_newsplus/js/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110863/"
-"110862","2019-01-26 19:25:08","http://www.newxing.com/D4894DD65482/server.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110862/"
+"110862","2019-01-26 19:25:08","http://www.newxing.com/D4894DD65482/server.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110862/"
 "110861","2019-01-26 19:22:17","http://down11.downyouxi.com/gaojizhanzheng2heidongshengqizhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110861/"
 "110860","2019-01-26 19:07:17","http://dx115.downyouxi.com/saierdachuanshuosizhijianzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110860/"
 "110859","2019-01-26 19:06:01","http://dx115.downyouxi.com/fcrentiantanghongbaijizhongwenmoniqi500jingdianyouxidajihe.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110859/"
@@ -2809,13 +3265,13 @@
 "110853","2019-01-26 18:23:55","http://wt111.downyouxi.com/koudaiguaishoujingjichang.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110853/"
 "110852","2019-01-26 18:18:45","http://wt112.downyouxi.com/saierdachuanshuosizhijianzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110852/"
 "110851","2019-01-26 18:00:35","http://wt112.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110851/"
-"110850","2019-01-26 18:00:13","http://xzd.197946.com/winrar-x64.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/110850/"
+"110850","2019-01-26 18:00:13","http://xzd.197946.com/winrar-x64.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/110850/"
 "110849","2019-01-26 17:56:19","http://wt110.downyouxi.com/qiaobingkuaiaisijimoren.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110849/"
 "110848","2019-01-26 17:48:44","http://wt110.downyouxi.com/shumabaobeidouhunchuanshuo2danjiban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110848/"
 "110847","2019-01-26 17:45:08","http://rarejewelry.net/.well-known/acme-challenge/messg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110847/"
 "110846","2019-01-26 16:36:10","http://37.255.196.22:61857/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110846/"
 "110845","2019-01-26 16:36:05","http://98.116.131.34:10242/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110845/"
-"110844","2019-01-26 16:19:09","http://www.newxing.com/DE8BD3F2F296/QQ2009.exe","online","malware_download","zip","https://urlhaus.abuse.ch/url/110844/"
+"110844","2019-01-26 16:19:09","http://www.newxing.com/DE8BD3F2F296/QQ2009.exe","offline","malware_download","zip","https://urlhaus.abuse.ch/url/110844/"
 "110843","2019-01-26 16:04:05","http://resys.pt/n/winnilog.png","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/110843/"
 "110842","2019-01-26 16:02:08","http://imoustapha.me/M.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/110842/"
 "110841","2019-01-26 15:54:30","http://159.65.155.170/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110841/"
@@ -2837,11 +3293,11 @@
 "110825","2019-01-26 15:54:06","http://142.93.211.141/kira1/kirai.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110825/"
 "110824","2019-01-26 15:54:04","http://142.93.211.141/kira1/kirai.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110824/"
 "110823","2019-01-26 15:54:03","http://142.93.211.141/kira1/kirai.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110823/"
-"110822","2019-01-26 15:50:06","http://www.newxing.com/d6c9a8a921847/prjfire.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110822/"
+"110822","2019-01-26 15:50:06","http://www.newxing.com/d6c9a8a921847/prjfire.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110822/"
 "110821","2019-01-26 15:13:06","http://imoustapha.me/N.exe","offline","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/110821/"
 "110820","2019-01-26 14:30:05","http://rarejewelry.net/.well-known/acme-challenge/mxr.pdf","online","malware_download","Troldesh,exe","https://urlhaus.abuse.ch/url/110820/"
 "110819","2019-01-26 13:42:05","http://171.38.147.237:17462/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110819/"
-"110818","2019-01-26 13:31:17","http://www.newxing.com/DDB3AC763452/StandardPalette.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110818/"
+"110818","2019-01-26 13:31:17","http://www.newxing.com/DDB3AC763452/StandardPalette.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110818/"
 "110817","2019-01-26 13:18:12","http://gamblchange.club/update.rar","online","malware_download","Encoded,Task,Kpot,CAN","https://urlhaus.abuse.ch/url/110817/"
 "110816","2019-01-26 13:18:05","https://globalinvoice.club/update.php","offline","malware_download","geofenced,CAN,Gozi","https://urlhaus.abuse.ch/url/110816/"
 "110815","2019-01-26 13:14:21","http://viswavsp.com/war/winepress.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/110815/"
@@ -2964,26 +3420,16 @@
 "110698","2019-01-26 00:49:40","http://yclasdy.cf/vhzV-Okb_pAkDId-rxm/EXT/PaymentStatus/EN_en/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110698/"
 "110697","2019-01-26 00:49:30","http://kortinakomarno.sk/Rechnungen/012019./","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110697/"
 "110696","2019-01-26 00:49:27","http://quangninh.biz/UsyAz-WG_UGLsGnX-zPq/INVOICE/US/Invoice-Number-84807/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110696/"
-"110695","2019-01-26 00:49:21","http://ontamada.ru/LohV-gqh_mAFfNxUU-9G/EXT/PaymentStatus/En/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110695/"
+"110695","2019-01-26 00:49:21","http://ontamada.ru/LohV-gqh_mAFfNxUU-9G/EXT/PaymentStatus/En/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110695/"
 "110694","2019-01-26 00:49:17","http://ielts-india.in/dsCrP-arVG_y-Ajx/ACH/PaymentAdvice/US_us/326-57-461082-240-326-57-461082-316/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110694/"
 "110693","2019-01-26 00:49:11","http://iccl.club/Rzjye-QwV_Xlx-4Zu/InvoiceCodeChanges/En/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110693/"
 "110692","2019-01-26 00:49:06","http://billfritzjr.com/Lngr-D7bH_cKnuPBV-tC/Ref/12481130En/Inv-653966-PO-4D904439/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110692/"
-"110691","2019-01-25 23:45:45","https://linkprotect.cudasvc.com/url?a=http://www.hopeintlschool.org/jygh-gVX_wTfkm-Z2E/Invoice/406132370/EN_en/Invoice-for-you&c=E1_6Zs8wxvd1C3-RFr1-4cHexIsQ7q1KeezfPKIElDfetZHfI1T4Hf5p5kpip1g4lOEHQqWyGHFq0E4aTmCbbBA4ZtR-tMuY9KUtfB5noki2T8bBMd583NEvsFSg&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110691/"
-"110690","2019-01-25 23:45:40","https://linkprotect.cudasvc.com/url?a=http://tarjetaenlinea.com.ve/vpMJE-qmhWI_tFMAEF-4Ao/Inv/4565122370/En/Past-Due-Invoices&c=E1xis073an1r2zG67syRMa1jplwws8T-1fN8nka_rVIkkCNa52fNJlrmLW9SfxQXfYHxVHeZhEJRHErW-PpyFepCfkKSF-pMWmbUJ3bh-E&typo=0/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110690/"
-"110689","2019-01-25 23:45:35","https://linkprotect.cudasvc.com/url?a=http://iccl.club/Rzjye-QwV_Xlx-4Zu/InvoiceCodeChanges/En/Open-invoices&c=E1PvV5eByM7tY9kjzRd2_jFmRkx7sYjxCouS92NqpmVnWJ56tsMc8pz-Pm6c37W5zFyXHkrO63FRuPDjE2whMIxCOw1e5yleFTGEh62ZdxPzs1Eg&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110689/"
-"110688","2019-01-25 23:45:31","https://linkprotect.cudasvc.com/url?a=http://amjradvogados.com.br/byag-H4C_EVSQ-bcC/En_us/Overdue-payment&c=E1YkQdkVeWlZEB5QHIdGIrxZpUcyauS16kERroZtf8JJsAtoRPQOVWTNDTGOYzrAtTaS0xORPU_rhB9Wr48dcBxeUmL_7oJ5uh3qI1jyCJxw&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110688/"
 "110687","2019-01-25 23:45:25","http://www.editocom.info/UUrM-psOAi_T-13g/PaymentStatus/EN_en/Invoice-Number-88846/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110687/"
 "110686","2019-01-25 23:45:19","http://test.laitspa.it/cinepromozione/LZdP-MCwZ_mb-Ua/invoices/9347/4001/EN_en/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110686/"
 "110685","2019-01-25 23:45:13","http://techfactory.pk/d0vjo7vRJw26C_G3JYE01qG","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110685/"
 "110684","2019-01-25 23:45:10","http://elinmobiliario.com.ec/hHsmR-CeT_zrDyM-OMe/Inv/476835203/En_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110684/"
-"110683","2019-01-25 23:31:22","https://u8349684.ct.sendgrid.net/wf/click?upn=c9mPpkfVPAGHXqKep1Y1sI7okRwUsAt0FQhFGAx7T2FnZ4pKxlOYvxJTghWwCcNOrd3oyx64sYB6IRm2flGkSMnK2zi5qjlgjpb9tKTg-2BeA-3D_FHtOPhcNAbksvWcpoFmyAjGoKC2wZHQTuxFktl8MtUb0-2FTJ-2B7xLimcPJc01tkzsveyGD5pBV9Koo2qkw0OI9hKkkXHz-2FOG-2BTykAb1WuxdpbjdCkguRT91Essc1dilgbsUxMZutw9WYWy7-2BTlcIhG62Q6v3wSDcqYRbUU-2F5Ddjhcu9RhlSvjvhH4aiHfztm2ME1biGmeJCNw2Vzde6CbA-3D-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110683/"
-"110682","2019-01-25 23:31:20","https://u7071798.ct.sendgrid.net/wf/click?upn=VdUB2A0IWnktGssGSY4JIvn-2F6e-2FdrvF1E-2BzRQSsLLo4rnl-2F9erZ2GWJM-2FiyT7kdc4pR3GhjoBg9Yz56oClMPIjiBFJCdHeauzI-2FXEVUDf8c-3D_Umzh8971vhGbDHjh3kZT5exKux3BxZDw8Pan-2BC4zMnD-2Fv5xnoL3j4WAXD28sOfUdWOzhbSWSUJ6HKGFYFDEu-2BHJY41dcvCDBSYQSw8pxmKvLJQR7Nw-2BCQXxym9KzBuXV1ZC-2BBsq1kEYvWAL-2Bpq-2FXIbopaSaHK6ppA6yfDrPVezrx7XyxUl6hYGwAoWHyYFm5Bhvea2i9J-2BH4vTstlCdJsAIPH6DJxYGtGkmu6b7oU-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110682/"
-"110681","2019-01-25 23:31:17","https://u7071798.ct.sendgrid.net/wf/click?upn=PFRZ3XBQrAlIUMLzSa5eBBKBzsFQREjzVFGOBNAETvwC8m2dyxZ0aiaYMRV-2FXNnCD-2FfEK0z5-2B2RVursgBvXrpA-3D-3D_-2BimExKXCkNmfgAsC-2B7i0Qw43OHqMHcX3ChY-2FSAqe92F7fHAsa74CZUPvHL6nSeEOfabUlUFW12O-2BDZHoB49fg2XmPLmY-2BKxuEqBKjYi0PHBgPJClg6XelsXMyNlXIT9NVb77-2FRp-2FNCwrCtmxOsZXzMv6oRO5gMjfWHBB6QwfHBAIXzyFQQhZpkJG1g-2BNWEh8Tk53aF0axLpLC1QVOtNJzqC-2F8pHZeMM-2BEHY0dxxRg-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110681/"
-"110680","2019-01-25 23:31:15","https://u7071798.ct.sendgrid.net/wf/click?upn=G-2ByCp-2B1j4sBoQiDdxUODHivbI1uk8yz7hnUHPl129zw9WT18pCPzNt5BRyfLiOK-2FodNXgjeiCzqauSqZpz50sLdVaW-2FPBtSzI4Z20Hd31V4-3D_URLxTgkT0241B622CTIw8tPSpcs-2F0SJ33TanX3ZQot82xjtUmqAUhrqegpIRROsV5XhIYeAscmL8DVpOgtPRAPGuEEOlB5SH1RK-2FSkp7gcFQXvxRfW-2FNuIQu3QqV6uroJuLQJTYHlMt5cown6-2BhVxanbBBgdgqr4VhjKZERW4YSmEekvUmlRvWWEi0pAdL46Qrdj-2FMZNQ-2FC4otkXq-2Bb9Iocwc07qsgtGb4xEQ3FYE-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110680/"
 "110679","2019-01-25 23:31:12","https://noithatshop.vn/KKBit-LMAx05IFBvvNDA_VOGjgNyLB-XI9/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/110679/"
-"110678","2019-01-25 23:31:06","https://u7071798.ct.sendgrid.net/wf/click?upn=VdUB2A0IWnktGssGSY4JIvn-2F6e-2FdrvF1E-2BzRQSsLLo4rnl-2F9erZ2GWJM-2FiyT7kdc4pR3GhjoBg9Yz56oClMPIjiBFJCdHeauzI-2FXEVUDf8c-3D_Umzh8971vhGbDHjh3kZT5exKux3BxZDw8Pan-2BC4zMnD-2Fv5xnoL3j4WAXD28sOfUdWOzhbSWSUJ6HKGFYFDEu-2BHJY41dcvCfJDBSYQSw8pxmKvLJQR7Nw-2BCQXxym9KzBuXV1ZC-2BBsq1kEYvWAL-2Bpq-2FXIbopaSaHK6ppA6yfDrPVezrx7XyxUl6hYGwAoWHyYFm5Bhvea2i9J-2BH4vTstlCdJsAIPH6DJxYGtGkmu6b7oU-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/110678/"
 "110677","2019-01-25 23:22:20","http://biquyettansoi.com/tSqEV-PJLF_g-bAj/Inv/219383978/En_us/New-order/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110677/"
-"110676","2019-01-25 23:22:14","https://linkprotect.cudasvc.com/url?a=http://iccl.club/Rzjye-QwV_Xlx-4Zu/InvoiceCodeChanges/En/Open-invoices&c=E,1,PvV5eByM7tY9kjzRd2_jFmRkx7sYjxCouS92NqpmVnWJ56tsMc8pz-Pm6c37W5zFyXHkrO63FRuPDjE2whMIxCOw1e5yleFTGEh62ZdxPzs1Eg,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/110676/"
 "110675","2019-01-25 23:22:10","http://asncustoms.ru/fXAAv-pqq_tkPVxs-4WZ/ACH/PaymentAdvice/En_us/Inv-829711-PO-0M133564/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110675/"
 "110674","2019-01-25 23:13:06","https://tulip-remodeling.com/wp-content/themes/piko-construct/languages/bs.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110674/"
 "110673","2019-01-25 23:07:06","http://flek1.free.fr/tmp/SearchIndexer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110673/"
@@ -2999,7 +3445,6 @@
 "110663","2019-01-25 22:22:11","http://rockmayak.ru/uDwCv6rHyzRXC/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110663/"
 "110662","2019-01-25 22:22:08","http://gpsalagoas.com.br/mZb9Ev99/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110662/"
 "110661","2019-01-25 22:18:12","http://www.cashcow.ai/test1/vdENx-as_nKglpxB-Ta/G820/invoicing/EN_en/Document-needed/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110661/"
-"110660","2019-01-25 22:18:10","https://linkprotect.cudasvc.com/url?a=http://tarjetaenlinea.com.ve/vpMJE-qmhWI_tFMAEF-4Ao/Inv/4565122370/En/Past-Due-Invoices&c=E,1,xis073an1r2zG67syRMa1jplwws8T-1fN8nka_rVIkkCNa52fNJlrmLW9SfxQXfYHxVHeZhEJRHErW-PpyFepCfkKSF-pMWmbUJ3bh-E&typo=0>/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/110660/"
 "110659","2019-01-25 22:18:08","http://www.focusbrand.cn/xGVmS-PML_lc-Cro/invoices/4694/4884/EN_en/New-order/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110659/"
 "110658","2019-01-25 22:18:05","http://www.tomorrow-foundation.com/fr/wp-content/uploads/xhgV-hGf6W_XVYZ-MUS/Southwire/MRR7854427356/US_us/Paid-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110658/"
 "110657","2019-01-25 22:14:09","http://tulipremodeling.com/.well-known/acme-challenge/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110657/"
@@ -3130,7 +3575,7 @@
 "110529","2019-01-25 20:57:12","http://baixenoibai24h.com/wBNX-ee4_DLoyeljlC-usD/InvoiceCodeChanges/EN_en/ACH-form/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110529/"
 "110528","2019-01-25 20:57:08","http://ayot.ir/QHKFa-2l6q_GMd-ljW/INVOICE/75844/OVERPAYMENT/EN_en/Past-Due-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110528/"
 "110527","2019-01-25 20:57:03","http://163.172.233.237/mzFL-88_LR-Zkn/ACH/PaymentInfo/En/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110527/"
-"110526","2019-01-25 20:50:31","http://update-res.100public.com/rwx-init/init_bfb_yingxiaoqqfuzhu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110526/"
+"110526","2019-01-25 20:50:31","http://update-res.100public.com/rwx-init/init_bfb_yingxiaoqqfuzhu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110526/"
 "110525","2019-01-25 20:50:13","http://f915003w.beget.tech/GUNBOT.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110525/"
 "110524","2019-01-25 20:49:23","http://06.bd-pcgame.xiazai24.com/tools/gongju/%E6%B8%B8%E8%BF%85%E7%BD%91_%E6%96%87%E6%98%8E5%EF%BC%9A%E7%BE%8E%E4%B8%BD%E6%96%B0%E4%B8%96%E7%95%8C%E5%85%AD%E9%A1%B9%E4%BF%AE%E6%94%B9%E5%99%A8%E4%BF%AE%E6%AD%A3%E7%89%881.0.3.18.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110524/"
 "110523","2019-01-25 20:48:12","http://manoulaland.com/wp-content/themes/sydney/plugins/messg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110523/"
@@ -3139,8 +3584,7 @@
 "110520","2019-01-25 19:50:08","http://www.jagadishchristian.com/tmp/fbet.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/110520/"
 "110519","2019-01-25 19:38:08","http://www.yulimaria.com/wp-content/uploads/qFoh-Ax_QzXXBz-EZU/Invoice/2480086/US_us/Invoice-39198173-January/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110519/"
 "110518","2019-01-25 19:38:04","http://www.holzheuer.de/QUec-mrbSN_FuyOen-JY/US_us/Invoice-for-c/g-01/25/2019/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110518/"
-"110517","2019-01-25 19:31:03","https://u7071798.ct.sendgrid.net/wf/click?upn=PFRZ3XBQrAlIUMLzSa5eBBKBzsFQREjzVFGOBNAETvwC8m2dyxZ0aiaYMRV-2FXNnCD-2FfEK0z5-2B2RVursgBvXrpA-3D-3D_-2BimExKXCkNmfgAsC-2B7i0Qw43OHqMHcX3ChY-2FSAqe92F7fHAsa74CZUPvHL6nSeEOfabUlUFW12O-2BDZHoB49fg2XmPLmY-2BKxuEqBKjYi0PHBgPJClg6sBXelsXMyNlXIT9NVb77-2FRp-2FNCwrCtmxOsZXzMv6oRO5gMjfWHBB6QwfHBAIXzyFQQhZpkJG1g-2BNWEh8Tk53aF0axLpLC1QVOtNJzqC-2F8pHZeMM-2BEHY0dxxRg-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/110517/"
-"110516","2019-01-25 19:29:21","http://www.kredyty-hipoteczne24.com.pl/Luiss-ujzG_KtZ-CWp/COMET/SIGNS/PAYMENT/NOTIFICATION/01/25/2019/EN_en/Important-Please-Read/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110516/"
+"110516","2019-01-25 19:29:21","http://www.kredyty-hipoteczne24.com.pl/Luiss-ujzG_KtZ-CWp/COMET/SIGNS/PAYMENT/NOTIFICATION/01/25/2019/EN_en/Important-Please-Read/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110516/"
 "110515","2019-01-25 19:29:17","http://fuckcraigslist.com/oIWM-o5_wUyuqoWp-AX/invoices/1128/46925/US/Open-invoices/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110515/"
 "110514","2019-01-25 19:29:13","http://corretordejoanete.site/hetWw-iiVD_iPk-Gt0/INV/7764369FORPO/38005552944/US_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110514/"
 "110513","2019-01-25 19:29:05","http://childrenrightsfoundation.org/LWLX-nGc5_o-bZ/EXT/PaymentStatus/US/Service-Report-04048/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110513/"
@@ -3151,7 +3595,7 @@
 "110508","2019-01-25 19:02:21","http://zmogui.lt/yhVcH-GJUwG_vt-fg/ACH/PaymentAdvice/EN_en/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110508/"
 "110507","2019-01-25 19:02:18","http://turbineblog.ir/deyh-NlkTd_KmhedwOn-93K/INVOICE/En/Open-invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110507/"
 "110506","2019-01-25 19:02:14","http://oceangate.parkhomes.vn/giVC-hS_YOLHdGgAJ-J6/Southwire/ILW69911308/EN_en/Open-invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110506/"
-"110505","2019-01-25 19:02:10","http://mayphatrasua.com/tIVm-0uC_d-p3l/InvoiceCodeChanges/US/Scan/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110505/"
+"110505","2019-01-25 19:02:10","http://mayphatrasua.com/tIVm-0uC_d-p3l/InvoiceCodeChanges/US/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110505/"
 "110504","2019-01-25 19:02:05","http://copsnailsanddrinks.fr/QbkXD-Zt_TcFJCv-d1/72962/SurveyQuestionsUS_us/Invoices-attached/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110504/"
 "110503","2019-01-25 18:35:06","http://193.238.47.118/blog/files/2401_2019-01-24_12-52.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110503/"
 "110502","2019-01-25 18:33:41","http://ratemystartup.ru/MA1kLb23SIUs/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110502/"
@@ -3166,8 +3610,6 @@
 "110493","2019-01-25 18:28:28","http://www.pattani.mcu.ac.th/wp-content/uploads/XnUjR-IDqf_YIllRQ-Q17/PaymentStatus/US/Important-Please-Read/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110493/"
 "110492","2019-01-25 18:28:20","http://www.zsz-spb.ru/vEGZ-JnKM0_eQes-Q7/ACH/PaymentInfo/En_us/Invoice-3782853-January/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110492/"
 "110491","2019-01-25 18:28:16","http://jk-consulting.nl/xYgVO-9Uy_Qvdot-JnP/COMET/SIGNS/PAYMENT/NOTIFICATION/01/25/2019/En_us/Open-Past-Due-Orders/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110491/"
-"110490","2019-01-25 18:28:12","https://linkprotect.cudasvc.com/url?a=http://amjradvogados.com.br/byag-H4C_EVSQ-bcC/En_us/Overdue-payment&c=E,1,YkQdkVeWlZEB5QHIdGIrxZpUcyauS16kERroZtf8JJsAtoRPQOVWTNDTGOYzrAtTaS0xORPU_rhB9Wr48dcBxeUmL_7oJ5uh3qI1jyCJxw,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/110490/"
-"110489","2019-01-25 18:28:06","https://linkprotect.cudasvc.com/url?a=http://www.hopeintlschool.org/jygh-gVX_wTfkm-Z2E/Invoice/406132370/EN_en/Invoice-for-you&c=E,1,_6Zs8wxvd1C3-RFr1-4cHexIsQ7q1KeezfPKIElDfetZHfI1T4Hf5p5kpip1g4lOEHQqWyGHFq0E4aTmCbbBA4ZtR-tMuY9KUtfB5noki2T8bBMd583NEvsFSg,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/110489/"
 "110488","2019-01-25 18:26:24","http://www.glazastiks.ru/fTq86CZSl/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/110488/"
 "110487","2019-01-25 18:26:17","http://www.grantkulinar.ru/NCTIn4jMv/","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/110487/"
 "110486","2019-01-25 18:26:15","http://dev.umasterov.org/Ks930TSSPA/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/110486/"
@@ -3223,7 +3665,7 @@
 "110436","2019-01-25 16:49:58","http://otdelka-balkona.tomsk.ru/NFqak-IHRaK_Vtjiwjt-kjE/INVOICE/0927/OVERPAYMENT/En_us/Invoice-5710554/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110436/"
 "110435","2019-01-25 16:49:54","http://marisel.com.ua/JRgp-0bODz_svAIgilqL-Rj7/ACH/PaymentInfo/US/Service-Report-87144/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110435/"
 "110434","2019-01-25 16:49:51","http://gitrgc17.gribbio.com/suteU-Ejt_o-Ik/invoices/10528/47996/US/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110434/"
-"110433","2019-01-25 16:49:17","http://geshtalt.mk/fMmMr-fKg_aAeeqo-Zp/INV/5495510FORPO/8488195105/EN_en/New-order/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110433/"
+"110433","2019-01-25 16:49:17","http://geshtalt.mk/fMmMr-fKg_aAeeqo-Zp/INV/5495510FORPO/8488195105/EN_en/New-order/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110433/"
 "110432","2019-01-25 16:49:09","http://amjradvogados.com.br/byag-H4C_EVSQ-bcC/En_us/Overdue-payment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110432/"
 "110431","2019-01-25 16:46:11","http://trading.mistersanji.com/.well-known/pki-validation/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110431/"
 "110430","2019-01-25 16:44:13","http://tricks.tips/wp-content/themes/azonbooster/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110430/"
@@ -3241,7 +3683,7 @@
 "110418","2019-01-25 16:33:05","http://87.120.36.240/OwO/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110418/"
 "110416","2019-01-25 16:33:04","http://87.120.36.240/OwO/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110416/"
 "110415","2019-01-25 16:33:03","http://amocrmkrg.kz/PayPal/En/Orders-details/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/110415/"
-"110414","2019-01-25 16:30:03","http://osteklenie-balkonov.tomsk.ru/PayPal/EN/Messages/012019/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/110414/"
+"110414","2019-01-25 16:30:03","http://osteklenie-balkonov.tomsk.ru/PayPal/EN/Messages/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/110414/"
 "110413","2019-01-25 16:29:05","http://jetguvenlik.com/templates/ja_larix/css/colors/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110413/"
 "110412","2019-01-25 16:29:04","http://circolokomotiv.com/PayPal/Orders-details/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/110412/"
 "110411","2019-01-25 16:29:02","http://smeg-center.ru/PayPal/Orders_details/2019-01","offline","malware_download","None","https://urlhaus.abuse.ch/url/110411/"
@@ -3257,10 +3699,10 @@
 "110401","2019-01-25 16:23:06","http://www.hopeintlschool.org/jygh-gVX_wTfkm-Z2E/Invoice/406132370/EN_en/Invoice-for-you/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110401/"
 "110399","2019-01-25 16:22:56","http://uborka-snega.spectehnika.novosibirsk.ru/KiFu-2098i_aKBXtW-kJ/Ref/8727086170US/ACH-form/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110399/"
 "110398","2019-01-25 16:22:53","http://tarjetaenlinea.com.ve/vpMJE-qmhWI_tFMAEF-4Ao/Inv/4565122370/En/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110398/"
-"110397","2019-01-25 16:22:48","http://sozdanie-sajtov.rise-up.nsk.ru/zwZQ-88_ab-Mw/PaymentStatus/US/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110397/"
+"110397","2019-01-25 16:22:48","http://sozdanie-sajtov.rise-up.nsk.ru/zwZQ-88_ab-Mw/PaymentStatus/US/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110397/"
 "110396","2019-01-25 16:22:46","http://sinotopoutdoor.com/YgjjE-QLfFS_OOSm-39/InvoiceCodeChanges/US_us/Inv-871526-PO-3V606193/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110396/"
 "110395","2019-01-25 16:22:41","http://sevensites.es/woSw-o7K_VZ-b4/Inv/34554975163/US/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110395/"
-"110394","2019-01-25 16:22:39","http://sassearch.net/GAYsI-cID4_jbBAl-ikf/Invoice/654623054/US_us/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110394/"
+"110394","2019-01-25 16:22:39","http://sassearch.net/GAYsI-cID4_jbBAl-ikf/Invoice/654623054/US_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110394/"
 "110393","2019-01-25 16:22:36","http://realgen-marketing.nl/FOela-tj6d_yMQjNKZWe-3G/Ref/25880599En/Invoice-for-you/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110393/"
 "110392","2019-01-25 16:22:35","http://quahandmade.org/TErCM-y4BQh_aTVhq-pL/PaymentStatus/En/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110392/"
 "110391","2019-01-25 16:22:30","http://mrcleaner.ca/nGGW-glHw_tTUVEY-TF/invoices/7414/8418/EN_en/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110391/"
@@ -3381,7 +3823,7 @@
 "110275","2019-01-25 14:07:14","http://wordpress-147603-423492.cloudwaysapps.com/KeqK-v7Tq_JFfCuxvm-Xpw/EXT/PaymentStatus/US/Invoices-attached/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110275/"
 "110274","2019-01-25 14:07:10","http://towerchina.com.cn/FdtBG-cO_sxJNbVSij-xM/INVOICE/En_us/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110274/"
 "110273","2019-01-25 14:07:05","http://saintjohnscba.com.ar/QFyPQ-UrED_J-imi/ACH/PaymentAdvice/En_us/Need-to-send-the-attachment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110273/"
-"110272","2019-01-25 14:07:02","http://otohondavungtau.com/JuzGd-T9KQq_PeMJUtREb-p9/Southwire/TTY45653086/En/Overdue-payment/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110272/"
+"110272","2019-01-25 14:07:02","http://otohondavungtau.com/JuzGd-T9KQq_PeMJUtREb-p9/Southwire/TTY45653086/En/Overdue-payment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110272/"
 "110271","2019-01-25 14:06:58","http://lioiousdy.cf/yAfH-xk_elbwzFly-qt/ACH/PaymentInfo/En_us/Invoices-attached/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110271/"
 "110270","2019-01-25 14:06:27","http://kosolve.com/tcmAD-gw6lG_xETleF-tlo/EXT/PaymentStatus/EN_en/Invoice-receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110270/"
 "110269","2019-01-25 14:06:24","http://k.iepedacitodecielo.edu.co/PZkmv-u45wQ_xL-6D/InvoiceCodeChanges/En_us/Question/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110269/"
@@ -3395,16 +3837,16 @@
 "110261","2019-01-25 13:58:03","http://airmanship.nl/PayPal/EN/Orders-details/012019/","offline","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/110261/"
 "110260","2019-01-25 13:52:07","http://stoutarc.com/Paypal/En/Orders_details/2019-01/","online","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/110260/"
 "110259","2019-01-25 13:18:20","http://sskymedia.com/EMuTsy5/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/110259/"
-"110258","2019-01-25 13:18:15","http://mimiabner.com/5hGe52Hrj/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/110258/"
+"110258","2019-01-25 13:18:15","http://mimiabner.com/5hGe52Hrj/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/110258/"
 "110257","2019-01-25 13:18:14","http://regenerationcongo.com/JCgol5mc3/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/110257/"
 "110256","2019-01-25 13:18:12","http://rahkarinoo.com/F3e1JB1FQG/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/110256/"
 "110255","2019-01-25 13:18:09","http://johnnycrap.com/F3lAO3lioJ/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/110255/"
 "110254","2019-01-25 13:16:04","http://ryesandshine.com/campaign/email.eml","offline","malware_download","Gozi,GBR,exe,geofenced","https://urlhaus.abuse.ch/url/110254/"
 "110253","2019-01-25 13:14:12","http://latuagrottaferrata.it/TVcAO-1zoyJssmUoeZTS_pAxGXxnH-kPy/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/110253/"
-"110252","2019-01-25 13:14:08","http://shopfit.com.sg/ZBxH-wlJrUX7MSqma6LN_VLRpgAFF-3g/index.php.suspected/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/110252/"
+"110252","2019-01-25 13:14:08","http://shopfit.com.sg/ZBxH-wlJrUX7MSqma6LN_VLRpgAFF-3g/index.php.suspected/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/110252/"
 "110251","2019-01-25 13:13:26","http://clubmestre.com/qRd7K5sf5_4/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110251/"
 "110250","2019-01-25 13:13:24","http://leonardokubrick.com/TCx3yCt8wf3/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110250/"
-"110249","2019-01-25 13:13:18","http://therxreview.com/BYT1D3keQi/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110249/"
+"110249","2019-01-25 13:13:18","http://therxreview.com/BYT1D3keQi/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110249/"
 "110248","2019-01-25 13:13:13","http://allinmadagascar.com/8j74oPGHNf_aHuw08Hib/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110248/"
 "110247","2019-01-25 13:13:06","http://beyondbathroomsandplumbing.co.uk/hNCIxykdZ85/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/110247/"
 "110245","2019-01-25 13:00:12","http://down.54nb.com/%D3%CE%CF%B7%B6%E0%BF%AA%C6%F7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110245/"
@@ -3417,7 +3859,7 @@
 "110238","2019-01-25 12:21:16","http://ksviet.com/wp-content/themes/siteorigin-north/woocommerce/cart/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110238/"
 "110237","2019-01-25 12:14:08","http://www.cartomanzia-al-telefono.org/risten.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110237/"
 "110236","2019-01-25 12:14:07","http://down.54nb.com/%D0%E9%C4%E2%BB%FA%BC%EC%B2%E2%B9%A4%BE%DF.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110236/"
-"110235","2019-01-25 12:13:25","http://seyh9.com/wp-content/themes/specia/inc/breadcrumb/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110235/"
+"110235","2019-01-25 12:13:25","http://seyh9.com/wp-content/themes/specia/inc/breadcrumb/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110235/"
 "110234","2019-01-25 12:13:04","http://vpa.lu/wp-content/themes/vp/fonts/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110234/"
 "110233","2019-01-25 12:07:30","http://218.92.218.38/FavriteAdd.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110233/"
 "110232","2019-01-25 12:05:03","http://cartomanzia-al-telefono.org/risten.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110232/"
@@ -3493,8 +3935,8 @@
 "110162","2019-01-25 11:26:05","http://formettic.be/jeuxepn/apprendresouris/dragdrop.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110162/"
 "110161","2019-01-25 11:24:04","https://bestcontrol.at/sqlite.dll","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110161/"
 "110160","2019-01-25 11:18:02","http://gamedoithe.net/meta/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110160/"
-"110159","2019-01-25 11:17:24","http://seyh9.com/wp-content/themes/specia/templates/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110159/"
-"110158","2019-01-25 11:17:03","http://e-vel.by/themes/bartik/color/mxr.pdf","online","malware_download","exe","https://urlhaus.abuse.ch/url/110158/"
+"110159","2019-01-25 11:17:24","http://seyh9.com/wp-content/themes/specia/templates/mxr.pdf","online","malware_download","exe","https://urlhaus.abuse.ch/url/110159/"
+"110158","2019-01-25 11:17:03","http://e-vel.by/themes/bartik/color/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110158/"
 "110157","2019-01-25 11:15:10","http://drrozinaakter.com/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110157/"
 "110156","2019-01-25 11:15:08","http://vpa.lu/wp-content/themes/vp/fonts/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110156/"
 "110155","2019-01-25 11:15:03","http://aa-publisher.com/.well-known/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110155/"
@@ -3516,9 +3958,9 @@
 "110139","2019-01-25 09:06:08","http://bugivena.club/RegFile228.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110139/"
 "110138","2019-01-25 09:05:08","http://wowepic.net/autopatch/newlight/clientfiles////autopatcher.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110138/"
 "110137","2019-01-25 09:05:05","http://wowepic.net/autopatch/modernnew/clientfiles////autopatcher.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110137/"
-"110136","2019-01-25 09:03:08","http://218.92.218.38/3103/InstallHP(8).exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110136/"
+"110136","2019-01-25 09:03:08","http://218.92.218.38/3103/InstallHP(8).exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110136/"
 "110135","2019-01-25 08:57:09","http://wowepic.net/Autopatch/FullClientModern/Installer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110135/"
-"110134","2019-01-25 08:54:08","http://926cs.com/test.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110134/"
+"110134","2019-01-25 08:54:08","http://926cs.com/test.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110134/"
 "110133","2019-01-25 08:53:23","http://wowepic.net/Autopatch/Classic/clientfiles/Autopatcher.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110133/"
 "110132","2019-01-25 08:53:17","http://static.ilclock.com/gcld/updates_tw/gcmgr_tw.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110132/"
 "110131","2019-01-25 08:44:03","http://wowepic.net/AUTOPATCH/MODERN/CLIENTFILES/AUTOPATCHER.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/110131/"
@@ -3561,9 +4003,9 @@
 "110093","2019-01-25 06:11:03","http://13r.lg.ua/IsvJO35t6kj/","offline","malware_download","heodo,emotet,exe","https://urlhaus.abuse.ch/url/110093/"
 "110092","2019-01-25 06:10:07","http://up.ksbao.com/updateKSBD/UpdateFiles/app/testupdata/5.2/ExamBible201405307.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110092/"
 "110091","2019-01-25 05:59:09","http://up.ksbao.com/updateKSBD/UpdateFiles/app/testupdata/5.2/ExamBible201405278.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110091/"
-"110090","2019-01-25 05:57:12","http://fristpolychem.download/sysmgr/wedmons.exe","online","malware_download","exe,stealer,Formbook","https://urlhaus.abuse.ch/url/110090/"
-"110089","2019-01-25 05:57:10","http://fristpolychem.download/sysmgr/systemgr.exe","online","malware_download","exe,stealer","https://urlhaus.abuse.ch/url/110089/"
-"110088","2019-01-25 05:57:08","http://fristpolychem.download/sysmgr/mons.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/110088/"
+"110090","2019-01-25 05:57:12","http://fristpolychem.download/sysmgr/wedmons.exe","offline","malware_download","exe,stealer,Formbook","https://urlhaus.abuse.ch/url/110090/"
+"110089","2019-01-25 05:57:10","http://fristpolychem.download/sysmgr/systemgr.exe","offline","malware_download","exe,stealer","https://urlhaus.abuse.ch/url/110089/"
+"110088","2019-01-25 05:57:08","http://fristpolychem.download/sysmgr/mons.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/110088/"
 "110087","2019-01-25 05:57:04","http://gmlsoftlabs.com/wp.png","offline","malware_download","HawkEye,keylogger,exe","https://urlhaus.abuse.ch/url/110087/"
 "110086","2019-01-25 05:55:08","http://pcgame.cdn0.hf-game.com/%E5%8D%95%E6%9C%BA/%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C_%E5%AD%A4%E5%B2%9B%E6%83%8A%E9%AD%823.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110086/"
 "110085","2019-01-25 05:40:06","http://up.ksbao.com/updateKSBD/UpdateFiles/app/testupdata/100321-1/ExamBible2015-5-13.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110085/"
@@ -3574,8 +4016,6 @@
 "110080","2019-01-25 04:01:39","https://info.citibank.com/17cb1edbdlayfiusib76tcxiaaaaabfnkp2ahq6er4myaaaaa/C?V=emlwX2NvZGUBAWdfaW5kZXgBAVNPTUVfVVJMAQF1cmwBAVZJRVdfQUNDVAEBbF9pbmRleAEBcHJvZmlsZV9pZAEyNTEwOTc4Njg4AUNPTlRBQ1RfVVMBAV9QTElTVF9JRF8BMjE1NjE4MDgBX1dBVkVfSURfATg5MTg5MTM3MQFCUkFORF9JRAFDWgFQQVlfT05MSU5FAQFlbWFpbF9hZGRyAXJhdml2YXJtYW4ua2FuZGFzYW15QGNpdGkuY29tAV9TQ0hEX1RNXwEyMDE2MDMxNTE3MjQxNAFWSUVXX1NUTVQBAXByb2ZpbGVfa2V5ATEwMTE0NjQwMjI2&X+pEb/jtoOQotkvPOd9o8g","offline","malware_download","None","https://urlhaus.abuse.ch/url/110080/"
 "110079","2019-01-25 03:55:16","https://www.holzheuer.de/TMUz-I9S_xawmGmKfY-gs/EXT/PaymentStatus/EN_en/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110079/"
 "110078","2019-01-25 03:55:14","https://vazhkovyk.com.ua/DE_de/OPNRWKPH4053283/GER/FORM/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110078/"
-"110077","2019-01-25 03:55:11","https://linkprotect.cudasvc.com/url?a=http://upcom-pro.be/Januar2019/LGZTHVO1701615/Rechnungs-Details/DOC&c=E1F5YJotBw3PyJjLcBtqFaBS6_droQc7wL-pkMBUlxcq9OSwcVO4u4kqSFldfATTYoXkDwFubjaN3rfun4n7xnb-8Bry-aaVAZiK_oXvynPzI5_IejEVnHFA&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110077/"
-"110076","2019-01-25 03:55:09","https://linkprotect.cudasvc.com/url?a=http://kefas-bv.nl/gCpiA-LD_ET-XD5/ACH/PaymentAdvice/EN_en/Invoice&c=E1hB1UrU_bea5DDj2nsd1a97JhC3p0F9_3Mw0X0j2VmlvRuv1ZrpfEwZm3F-fN79Be-52ofglFixMep0AwJrVax98NYyeDDNtp0JU8hez8Xg&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110076/"
 "110075","2019-01-25 03:55:06","https://holzheuer.de/TMUz-I9S_xawmGmKfY-gs/EXT/PaymentStatus/EN_en/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/110075/"
 "110074","2019-01-25 03:54:15","http://test.suvreconsultants.co.tz/Crqi-YrVqD_IT-KoE/INV/528119FORPO/642655631765/EN_en/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110074/"
 "110073","2019-01-25 03:54:13","http://shengen.ru/sites/default/files/WeXGe-xTM7d_YDzeG-OO/Southwire/MCI076856304/US/Service-Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/110073/"
@@ -3585,20 +4025,17 @@
 "110069","2019-01-25 03:48:05","http://faucetbaby.com/wp-content/themes/suevafree/assets/css/header/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110069/"
 "110067","2019-01-25 03:44:05","https://rng064.serversur.net/FaNum-WH-68011.doc/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110067/"
 "110066","2019-01-25 03:44:03","https://mandrillapp.com/track/click/30970997/safia.tk?p=eyJzIjoiWXNTclB4SmloTnVHZE9uTkFHYU1ObDltNXN3IiwidiI6MSwicCI6IntcInVcIjozMDk3MDk5NyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvc2FmaWEudGtcXFwvd29yZHByZXNzXFxcL2lLUWN1LTBub0lIRm1ZUzgzQTA0eV9qbVZPUWJLZlQtWWsxXCIsXCJpZFwiOlwiNjJhMjY1YzZlZjUyNDE5YWI0ZThjOTJhYjIyNjBhMTBcIixcInVybF9pZHNcIjpbXCI2N2Q4OWFiMzFiNjBjMjhjMTM4NDY3ODZmODY1NjBlMTVlMzkxNTNlXCJdfSJ9/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110066/"
-"110065","2019-01-25 03:44:02","https://linkprotect.cudasvc.com/url?a=http://3d-universal.com/re/wp-content/wptouch-data/Payments/01_19&c=E11qWcTkyCqrC6dFowKo_ue7Zm7wvaVP5zN6JbevmUOoLnBVWWb3EnoenXe4kFqX63t7M3qpPAh8kzqeT7iOQj4fiWirF0wFFNt7xcMJQkbA&typo=1/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110065/"
 "110064","2019-01-25 03:43:11","http://tsg-orbita.ru/Amazon/DE/Bestelldetails/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/110064/"
 "110063","2019-01-25 03:43:10","http://sebastien-marot.fr/Clients_Messages/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/110063/"
 "110062","2019-01-25 03:43:09","http://rifon.org.np/LWGNr-A4ksZZ5gw51UIwo_SkDOyowa-8n/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/110062/"
 "110061","2019-01-25 03:43:08","http://locarx.dev4you.net/wvxFZ-KlSYsf6ZY9yyQQi_cvztMesDm-Ry/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/110061/"
 "110060","2019-01-25 03:43:06","http://link100.cc/NBNZ-lFVFTKdg7Ioo1v_wHncQwuC-Lx/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/110060/"
 "110059","2019-01-25 03:43:04","http://brandforest.net/Transaktion/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/110059/"
-"110057","2019-01-25 03:31:19","http://email.marmodesign-trade.com/wf/click?upn=f6-2FOKChNl05oZxN1RLwH0Os7D9CTJuIMGUGgGHbTK1eygyTRNyGtAC9MzNm8ge8Vqg2-2BtQLkmXvsDwHhr9ByrQ-3D-3D_jUjSbL-2FneTVnk7lVFML3315SAHNqY8zsmNUevmev4Kj8maxG0zKXOjR0mtbBM3wcNfCZOQjB9ApU1OFU6h5giemlup61d1p6e2jTd7PJ9tnkgFVnim6-2ByZEC5olQbcOll0H5VYenWbbgqLQKR6IZXQ0NVpMPNsQgwpKKWGIoG9-2FVPDLHhw5wN8SnQMlEm932Wqk1CyoLUUewpLbsP-2Bjqc3e4oU595fskJ2qvW0t-2FzEc-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/110057/"
 "110056","2019-01-25 03:31:17","https://mandrillapp.com/track/click/30970997/noveltybankstatement.com?p=eyJzIjoiVG1RLUVvbHZyTmdNQ0tDVDRaTExMQzVaYWt3IiwidiI6MSwicCI6IntcInVcIjozMDk3MDk5NyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvbm92ZWx0eWJhbmtzdGF0ZW1lbnQuY29tXFxcL0NnTFJOLWd2ZXR6U1JIUVVIYVpSX0NTSXF6TnFXSi1tWVwiLFwiaWRcIjpcImUyNmRiZGExY2I1NjRlYjBhZjU3Mzg2NDM4YTI3MGU4XCIsXCJ1cmxfaWRzXCI6W1wiYmVjN2Q2YTUzNGFmYzg5YTcyYTQ1ZDVkZTJmOWY4MDQ0MTBjMWUxNlwiXX0ifQ/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/110056/"
 "110055","2019-01-25 03:31:14","http://anello.it/qgGSW-EFT3YemXaG4dPO_KoxnuXAtL-7J/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/110055/"
 "110054","2019-01-25 03:31:12","http://estab.org.tr/AshUK-OrR2tde1LpKqTY_QpHjiOvt-iCg/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/110054/"
-"110053","2019-01-25 03:31:09","http://tovbekapisi.com/bZqmB-Ky38FVKRTRykJt_FVSPCbtY-ria/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/110053/"
+"110053","2019-01-25 03:31:09","http://tovbekapisi.com/bZqmB-Ky38FVKRTRykJt_FVSPCbtY-ria/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/110053/"
 "110052","2019-01-25 03:31:07","http://standart-uk.ru/OIya-8ArWqESHIKp3HqJ_eBYnxNuXV-6T/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/110052/"
-"110051","2019-01-25 03:31:04","https://u8349684.ct.sendgrid.net/wf/click?upn=Z-2BPEOWWMXmMg6LDchlsDNi3S5ELZyeJptPlXL0iVKb0mRwmthavv7pDyrOI-2FHcH3-2FHOkPMXWY2GPjQmZ162FMw-3D-3D_sTRzPYUCkTETc17zao6NU1j9v8x90et-2FkUgilUj2bHq8W8EegMJ3o50wi2roStvfEdJnjSl5fi7a7VDkNaqZCJgDNW2jac3DL82rILmu-2Fn4eVugcrZ2RlYqr-2BkOLAT4Npy-2BSHgAdl5aWreZP3UdMG5vIzK0sZiE7vPq-2F5QO0DYqfJ1hhi8MHFqI9Ys865soy2u9K4ohZ3-2Fm7Q3vxac0FgEplHaLg401AewMWOveU-2F8A-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/110051/"
 "110050","2019-01-25 03:22:47","http://fcbpl110.com/wp-content/themes/Divi/core/admin/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110050/"
 "110049","2019-01-25 03:22:44","http://www.lynx-energy-group.com/s4nN3PcnLRzPa5YN_EbxlFoDh/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110049/"
 "110048","2019-01-25 03:22:42","http://gustochain.com/hQSJH-dlE5_HmlZdQt-nwn/Southwire/QGV5273031915/US/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110048/"
@@ -3611,7 +4048,7 @@
 "110041","2019-01-25 03:22:27","http://yuhaike.com/nfHBy-oeiF_oKGZWgE-xA/ACH/PaymentInfo/EN_en/Inv-460754-PO-4H170032/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110041/"
 "110040","2019-01-25 03:22:22","http://snsdriver.com/FcpN-chXCl_sF-03/INVOICE/81473/OVERPAYMENT/US_us/Service-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110040/"
 "110039","2019-01-25 03:22:17","http://alternance84.fr/kovTl-hbI1_yUmcQOjFT-tT/Invoice/81263158/En_us/Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110039/"
-"110038","2019-01-25 03:22:15","http://sosacres.com/lMMe-Wgmlc_ebV-bE/invoices/31256/74457/En_us/6-Past-Due-Invoices/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110038/"
+"110038","2019-01-25 03:22:15","http://sosacres.com/lMMe-Wgmlc_ebV-bE/invoices/31256/74457/En_us/6-Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110038/"
 "110037","2019-01-25 03:22:13","http://livingbranchanimalsciences.com/YUMB-9DyRL_pZ-xy/Invoice/767373341/En/Important-Please-Read/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110037/"
 "110036","2019-01-25 03:22:09","http://holzheuer.de/TMUz-I9S_xawmGmKfY-gs/EXT/PaymentStatus/EN_en/Invoices-Overdue/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/110036/"
 "110035","2019-01-25 03:22:08","http://tomorrow-foundation.com/fr/wp-content/uploads/JULla-HR_PgTvifut-WL/invoices/31801/03616/US/Invoice-Number-97428/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110035/"
@@ -3621,7 +4058,7 @@
 "110030","2019-01-25 02:57:12","http://up.ksbao.com/updateKSBD/UpdateFiles/app/testupdata/5.2/ExamBible201405324.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110030/"
 "110029","2019-01-25 02:46:06","http://mortest.ug/3.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/110029/"
 "110028","2019-01-25 02:27:32","http://update-res.100public.com/rwx-init/init_bfb_caiji.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110028/"
-"110027","2019-01-25 02:23:03","http://fristpolychem.download/mods/info1.exe","online","malware_download","Formbook","https://urlhaus.abuse.ch/url/110027/"
+"110027","2019-01-25 02:23:03","http://fristpolychem.download/mods/info1.exe","offline","malware_download","Formbook","https://urlhaus.abuse.ch/url/110027/"
 "110026","2019-01-25 02:22:03","https://docs.google.com/uc?id=1q4wYe0iCIJcfgZ-iJKAp6kl2SwWaRCxS","online","malware_download","Macro-doc,IcedID","https://urlhaus.abuse.ch/url/110026/"
 "110025","2019-01-25 02:12:03","http://40.121.158.163/sniff","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/110025/"
 "110024","2019-01-25 02:12:02","http://40.121.158.163/dirtysex","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/110024/"
@@ -3642,7 +4079,7 @@
 "110009","2019-01-25 01:56:02","http://209.141.55.226/26.jpg","offline","malware_download","IcedID,geofenced,USA,exe","https://urlhaus.abuse.ch/url/110009/"
 "110007","2019-01-25 01:33:14","http://libertycastle.com.pk/oBCF-FBkXaEbTmyiuaxs_DeQQsjsUA-x6q/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/110007/"
 "110006","2019-01-25 01:33:09","http://gtctravel.com.vn/wJLR-DwSszXcNSbr9uh_fOmtPVEq-ph7/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/110006/"
-"110005","2019-01-25 01:33:03","http://queekebook.com/SSDA-tp8LOUiYjmmkx3D_JZkRXEZu-wq/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/110005/"
+"110005","2019-01-25 01:33:03","http://queekebook.com/SSDA-tp8LOUiYjmmkx3D_JZkRXEZu-wq/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/110005/"
 "110004","2019-01-25 01:33:00","http://evertriumph.com/hXdO-7RFDLAHeWjdcO28_aBHHwOvYM-Zo/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/110004/"
 "110002","2019-01-25 01:32:48","http://lbuliwawdy.cf/VjHe-yy_nLHoXmnpl-Ly/ACH/PaymentAdvice/En_us/Need-to-send-the-attachment/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/110002/"
 "109999","2019-01-25 01:32:09","http://mohasaneh.com/UAuF-PDO9wbZbucDXHVc_gRTHPCDm-RM/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/109999/"
@@ -3708,7 +4145,7 @@
 "109937","2019-01-24 23:55:06","http://thuytienacademy.com/wp-content/themes/generatepress/inc/customizer/controls/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109937/"
 "109936","2019-01-24 23:45:55","http://satpolpp.balangankab.go.id/uBso-tYYCc_vz-EWF/invoices/7550/27490/US/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109936/"
 "109935","2019-01-24 23:45:50","http://privateinvestigatormiamibeach.com/ZtmEf-iqVJ_TR-FG/EN_en/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109935/"
-"109934","2019-01-24 23:45:48","http://pos.vi-bus.com/UnzH-OGGwO_RnguWpC-nso/INVOICE/En_us/Companies-Invoice-8939908/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109934/"
+"109934","2019-01-24 23:45:48","http://pos.vi-bus.com/UnzH-OGGwO_RnguWpC-nso/INVOICE/En_us/Companies-Invoice-8939908/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109934/"
 "109933","2019-01-24 23:45:47","http://phongkhamhong.com/zJBU-s4X_jjzzdVI-vsr/Invoice/047607748/EN_en/Invoice-Corrections-for-63/59/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109933/"
 "109932","2019-01-24 23:45:27","http://motoprimerj.com.br/nciR-Jhq_XpfJYYh-aUQ/Ref/34880099En/Invoice-receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109932/"
 "109931","2019-01-24 23:45:23","http://light-tree.com/dLTp-x4LG6_Tuteo-xHA/EXT/PaymentStatus/US_us/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109931/"
@@ -3729,13 +4166,10 @@
 "109916","2019-01-24 23:37:12","http://faucetbaby.com/wp-content/themes/suevafree/woocommerce/cart/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109916/"
 "109915","2019-01-24 23:36:22","http://thucphammena.com/.well-known/acme-challenge/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109915/"
 "109914","2019-01-24 23:36:12","http://tukitaki.info/wp-content/themes/adifier/fonts/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109914/"
-"109913","2019-01-24 23:31:53","https://u8349684.ct.sendgrid.net/wf/click?upn=c9mPpkfVPAGHXqKep1Y1sI7okRwUsAt0FQhFGAx7T2FnZ4pKxlOYvxJTghWwCcNOrd3oyx64sYB6IRm2flGkSMnK2zi5qjlgjpb9tKTg-2BeA-3D_FHtOPhcNAbksvWcpoFmyAjGoKC2wZHQTuxFktl8MtUb0-2FTJ-2B7xLimcPJc01tkzsveyGD5pBV9Koo2qkw0OI9hKkkXHz-2FOG-2BTykAb1WARuxdpbjdCkguRT91Essc1dilgbsUxMZutw9WYWy7-2BTlcIhG62Q6v3wSDcqYRbUU-2F5Ddjhcu9RhlSvjvhH4aiHfztm2ME1biGmeJCNw2Vzde6CbA-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109913/"
 "109912","2019-01-24 23:31:51","http://shopfit.com.sg/ZBxH-wlJrUX7MSqma6LN_VLRpgAFF-3g/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109912/"
-"109911","2019-01-24 23:31:44","https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fnysswea.org%2FaNoPt-Ts26qwycF1fYrL_HcfAWBtP-rY&data=02%7C01%7Cseth.williams%40cerner.com%7Cc69898bb12174f84b5ee08d6824cd85e%7Cfbc493a80d244454a815f4ca58e8c09d%7C0%7C0%7C636839663931842732&sdata=rgSy%2B7XA%2BcpatVcRVe0w87R4zg8JcE1T%2FpIov3vFwk4%3D&reserved=0/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109911/"
 "109910","2019-01-24 23:31:41","http://nysswea.org/aNoPt-Ts26qwycF1fYrL_HcfAWBtP-rY/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109910/"
 "109909","2019-01-24 23:31:37","http://humanointegral.cl/qxvjR-OO4eFa0qRDY4JBG_ALDYWEuUw-2w/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109909/"
 "109908","2019-01-24 23:31:32","http://marineservice.lt/QPqT-8ce9joyHYKSYGA_IYPxcCKht-w2/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109908/"
-"109907","2019-01-24 23:31:28","http://email.marmodesign-trade.com/wf/click?upn=uie4mGXuy6nMkNc0rbuHnyTFRHvYz-2BJPRr4F8zZ4mqQWU-2F3V2W7xJI8H7KT8fJ7XRbZ0U6cHMgetU26Da7nU6g-3D-3D_TBIS3FG0B4qH0BY4J2vmTmiOyWYLuktb5V8gqwPELWcRvT5EuG8q0zmsldpAbgJeH5qlXOkgbTUQVAe-2FpxKH90zmYuSU9DP7BdTt3QGuYChJkD3vOx-2FDUihV1cFMRZW7YwrRzudSdN4iCyh-2B9HIgah8LuArgHqFUNN8Llxd7yFP2s67YR4aL-2FpQOKbIKiWtMdOE-2BLmtmAei4X6JtnnLTONKwSquWx8wbQAWy7tYuFMM-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109907/"
 "109906","2019-01-24 23:31:24","http://ikola.sk/hsPcK-XJU59H5pvZRbFe_ldgPYzqLV-NP/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109906/"
 "109905","2019-01-24 23:31:14","http://lomax.com.gt/ZHyCn-AggOnd0xCvkLk7J_jTZBCMWu-L1/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109905/"
 "109904","2019-01-24 23:26:03","http://blogs.cricskill.com/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109904/"
@@ -3744,7 +4178,6 @@
 "109901","2019-01-24 23:22:08","http://testesfuncionais.pt/XPak-BNRs_SBoZEjQ-zzI/FT138/invoicing/EN_en/Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109901/"
 "109899","2019-01-24 23:22:07","http://kampoeng.tulungagung.net/CRjKP-eS_WRiVKoUL-YTy/COMET/SIGNS/PAYMENT/NOTIFICATION/01/24/2019/En/Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109899/"
 "109900","2019-01-24 23:22:07","http://praca.artibau.pl/NzfP-xm_ufZPJsVAA-pq/PaymentStatus/En_us/Companies-Invoice-5128872/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109900/"
-"109898","2019-01-24 23:22:02","https://linkprotect.cudasvc.com/url?a=http://kefas-bv.nl/gCpiA-LD_ET-XD5/ACH/PaymentAdvice/EN_en/Invoice&c=E,1,hB1UrU_bea5DDj2nsd1a97JhC3p0F9_3Mw0X0j2VmlvRuv1ZrpfEwZm3F-fN79Be-52ofglFixMep0AwJrVax98NYyeDDNtp0JU8hez8Xg,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/109898/"
 "109897","2019-01-24 23:21:17","http://deka-asiaresearch.com/wp-content/themes/icorporate/css/fonts/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109897/"
 "109896","2019-01-24 23:21:11","http://shly.fsygroup.com/aspnet_client/system_web/4_0_30319/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109896/"
 "109895","2019-01-24 23:21:06","http://khicongnghiepvn.com/wp-content/themes/flash/template-parts/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109895/"
@@ -3779,7 +4212,7 @@
 "109866","2019-01-24 22:36:35","http://khewrahimalayansalt.com/FBARq-CN_sRJRe-SC/WB55/invoicing/US_us/Invoice-Corrections-for-82/64/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109866/"
 "109865","2019-01-24 22:36:32","http://kaktussurucukursu.com/tEtF-ocPO_TDEgp-wbg/INVOICE/US/Invoice-for-k/f-01/25/2019/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109865/"
 "109864","2019-01-24 22:36:31","http://japaneseonline.com.sg/jRANY-u15_itXgCa-aF/COMET/SIGNS/PAYMENT/NOTIFICATION/01/25/2019/US_us/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109864/"
-"109863","2019-01-24 22:36:22","http://ijabr.futminna.edu.ng/kcqV-H9NM_PPAqHpIP-9yD/03977/SurveyQuestionsEn/Past-Due-Invoices/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109863/"
+"109863","2019-01-24 22:36:22","http://ijabr.futminna.edu.ng/kcqV-H9NM_PPAqHpIP-9yD/03977/SurveyQuestionsEn/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109863/"
 "109862","2019-01-24 22:36:20","http://gbrand.com.vn/sYshl-mI_WJy-Y3/InvoiceCodeChanges/En/Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109862/"
 "109861","2019-01-24 22:36:16","http://davytopiol.creation-site.info/oXCk-wbDe_wXGAwUiKP-uTV/INVOICE/08232/OVERPAYMENT/En_us/Invoice-9519614-January/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/109861/"
 "109860","2019-01-24 22:36:15","http://ayse-nuraltan.com/DXyE-o5_U-pL/InvoiceCodeChanges/En_us/Important-Please-Read/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109860/"
@@ -3807,7 +4240,7 @@
 "109838","2019-01-24 21:56:06","http://cabare-mebel.ru/ayLV-pSr2MSq07AUuIze_xvZBsylAr-Eko/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/109838/"
 "109837","2019-01-24 21:56:02","http://cabare-mebel.ru/ayLV-pSr2MSq07AUuIze_xvZBsylAr-Eko","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/109837/"
 "109836","2019-01-24 21:33:20","http://partnerkamany.ru/SbNT5IaaWb9/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/109836/"
-"109835","2019-01-24 21:33:18","http://mississipi2011.com.br/lQ4J8mzYEU6OWt/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/109835/"
+"109835","2019-01-24 21:33:18","http://mississipi2011.com.br/lQ4J8mzYEU6OWt/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/109835/"
 "109834","2019-01-24 21:33:15","http://khoahoc.bluebird.vn/4vfxvww/tketlmqsBZdRPw_U/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/109834/"
 "109833","2019-01-24 21:33:11","http://shopsabz.com/wp-content/wbUYqG8BHG4xos_otiOmeHxN/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/109833/"
 "109832","2019-01-24 21:33:04","http://scholarshipfinder.ga/J7GiTu9gH1HL_P/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/109832/"
@@ -3868,12 +4301,9 @@
 "109777","2019-01-24 19:31:27","https://mandrillapp.com/track/click/30970997/www.estab.org.tr?p=eyJzIjoiTGdjaWFBYlREa3I4WXAzd1NEbnNteElZTlR3IiwidiI6MSwicCI6IntcInVcIjozMDk3MDk5NyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvd3d3LmVzdGFiLm9yZy50clxcXC9Bc2hVSy1PclIydGRlMUxwS3FUWV9RcEhqaU92dC1pQ2dcIixcImlkXCI6XCIzMjUyYmIwMWMyZmE0NzAzYmU0ZWYxZWIwZGEzMGRiNlwiLFwidXJsX2lkc1wiOltcImY0MmFhNzU1YTM2MTIwYjFhYzQ2ODhkYTM3ODNlNmQ3ZDE5MjQxMTBcIl19In0/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109777/"
 "109776","2019-01-24 19:31:25","http://yromszady.cf/otSxe-FVqaPFtxvcvUvVG_sSGjDcWNT-48/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109776/"
 "109775","2019-01-24 19:31:17","https://mandrillapp.com/track/click/30970997/fergus.vn?p=eyJzIjoiV3hxVm5hZVdXNEVVcnZ6VC1uaGVfcmtvMzdJIiwidiI6MSwicCI6IntcInVcIjozMDk3MDk5NyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvZmVyZ3VzLnZuXFxcL0tBdlctYWZSOExDaVpWZTczVkhfZnlOTGhMeXQteXlQXCIsXCJpZFwiOlwiMmE3YWViZTU5ZDNkNGExMWFjNmZjMDMzMWQyOTA4OGJcIixcInVybF9pZHNcIjpbXCJlZWUwMzM1MTA3YTFlYWUzMjQ4MDA2MDU4YmVmYzlkNDM5Zjc1MDI0XCJdfSJ9/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109775/"
-"109774","2019-01-24 19:31:16","https://u8349684.ct.sendgrid.net/wf/click?upn=Y9coYHDrrHkGWsPsjyjsv0XoJDuFc7TfN8KC-2BrMAerKSjhaQ-2FfP31VgvgdECixoK3aroizz-2Bg-2FHlFTvwHnvOFg-3D-3D_gP0nLq6IgPCiUXX9BoGokwsy3d8JHVY46Z29YXdtzDb-2FM-2F17676yyG0-2FL-2BzXDwBQbs7CMFYqCs7x8aGg2t8YDy29qGDRcw-2BUg9FcsgQ7VM4NcH9onohBePTrxWq5ffzvVRUde8FPjh1N1QLTXWwSAokHIojgsmYN-2FXtBaYwryWrC8BsSd7pO57J11XvM8Za4XxGAo-2BLIwiSkMXk2xxA-2BtQ-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109774/"
-"109773","2019-01-24 19:31:14","http://email.marmodesign-trade.com/wf/click?upn=-2B7AAi0Wr2yyQOGt6uzXpd5U7Gh8g7V4BfAD8Rwz-2BQqx291rz-2B6lURViJI31iyX1ApRDm5ekY2Yy9YuESqLnMc9i8iwFVOPLVDN0U36kzI4s-3D_ZBtOe-2BVXKqrAq4znSAXw8lZYRH03q3sn6EQVBOBOG3mfIrEXtX-2ByK2eu8P31A4mFyY53S-2F2a-2FH560RwdXjSVcna8GHvLjJKOfTx4Dz-2Bx5TmqkKBXAQW7nvs4Cp1GivMpUWK0LOxlN3CNVVtGhcE6TMGlQM3jPG7kcGTInr2GwETSOS-2FnVidCDtM43xeBfMSzGijwG6-2BguV5cs3Tcp7rHrYkSodWgU8iK1xAflQn3u5Y-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109773/"
 "109772","2019-01-24 19:31:13","https://url.emailprotection.link/?a38JunaghClvpnP9g_nk5BCP0dpXgp2YMDbWMdcsqwINyloReJV8PI-AA8LsHJPuo_TIgpSm_AA7bxILcF8c9Og~~/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109772/"
 "109771","2019-01-24 19:31:12","http://just2web.com/OIPDP-5VTu9JttE7ARUZo_JMHWmJBm-zSt/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109771/"
 "109770","2019-01-24 19:31:07","http://zizzy.eu/ZhoE-X2rADvnya8EgylR_RDCjeDPDY-Ir3/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109770/"
-"109769","2019-01-24 19:31:05","https://u8349684.ct.sendgrid.net/wf/click?upn=zHaTLxWyqmoHWUU1A7SIb0ihwUj19FKSFsS6dymrfNl6sJD-2FDDRX8CoWKs6xzHRbu1V3GCrS839ggNLu7PtHYQ-3D-3D_p9c2Pq5BRWXelYclnUuZY-2FcRmHgQKJYcZBsQKNJVfUXSjiwAE5rjxizP8xhnsCYXs1WajftRc7aUxJ8uMO1EgwxjxBRa1i7d1HOOklGk486A-2Ffz-2FhH9HNtfqZiSOxuw-2F4JSvJ7Ss3jTpM0nz2IMBTFznc0yuKhfPQTnsmBC5Vpou-2FUGh3Qesvve-2B-2Brv5aQO8DO1VC6vVq3z6BA2mKXfdwZaV414SV2voQZDsxtTP2pU-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109769/"
 "109768","2019-01-24 19:31:03","https://mandrillapp.com/track/click/30970997/favorite-sport.by?p=eyJzIjoiNU56STlCMW41TlhSZEhRdE9PNFY5OWtNbTJBIiwidiI6MSwicCI6IntcInVcIjozMDk3MDk5NyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvZmF2b3JpdGUtc3BvcnQuYnlcXFwvVW9ycy1wbmVYZkpiR1FxTkFRWWhfa256R3hjeXlHLTBDXCIsXCJpZFwiOlwiMTczMDIyMmVjMGQzNDBjNGIwYzQwODQ4ZWZlZjM3YTdcIixcInVybF9pZHNcIjpbXCJjNThlZWI1ZTcxZDBkY2VhYWVkMzE3ZTYzYzI5MzdkNmI2NTZiNDdlXCJdfSJ9/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109768/"
 "109767","2019-01-24 19:22:14","http://lybid-plaza.ua/Dqpw-aN4lw_prGG-dg/ACH/PaymentAdvice/En/Overdue-payment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109767/"
 "109766","2019-01-24 19:22:07","http://innoohvation.com/GgHz-CM_ygn-9p/invoices/2558/63907/EN_en/Important-Please-Read//","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109766/"
@@ -3884,7 +4314,7 @@
 "109761","2019-01-24 19:20:50","http://dynamo.kz/sGJW-IHSVIAt4E7PAHtw_enNyJbnn-uhm/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/109761/"
 "109760","2019-01-24 19:20:48","http://drcarrico.com.br/dfljt-wKB6MiFXqquEJf_TmLCFMRot-TRJ/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109760/"
 "109759","2019-01-24 19:20:45","http://demo1.gtcticket.com/seabu-3DPf5FDL40UYZLG_eFtaRkOO-I3/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109759/"
-"109758","2019-01-24 19:20:41","https://installatiebedrijfroosendaal.nl/rASD-A84w_xTC-Oa2/En_us/Service-Report-35114/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109758/"
+"109758","2019-01-24 19:20:41","https://installatiebedrijfroosendaal.nl/rASD-A84w_xTC-Oa2/En_us/Service-Report-35114/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109758/"
 "109757","2019-01-24 19:20:37","http://tisoft.vn/TSgW-WJ6_NHRhtxOJ-Hp/INVOICE/US/Invoice-Corrections-for-93/96/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109757/"
 "109756","2019-01-24 19:20:32","http://thuraya.kz/wbQOM-AHOf7_TnPMDSYM-rT/EXT/PaymentStatus/US_us/6-Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109756/"
 "109755","2019-01-24 19:20:28","http://swiftley.com/KKanU-dH_gOqcGf-zU/08764/SurveyQuestionsUS_us/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109755/"
@@ -3924,7 +4354,7 @@
 "109721","2019-01-24 19:18:27","https://cosmictv.xyz/.well-known/acme-challenge/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109721/"
 "109720","2019-01-24 19:18:24","http://www.csinspirations.com/wtuds/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109720/"
 "109719","2019-01-24 19:18:16","https://hokkori-hyoutanjima.com/bk/css/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109719/"
-"109718","2019-01-24 19:18:11","https://gameonlinedoithuong.com/meta/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109718/"
+"109718","2019-01-24 19:18:11","https://gameonlinedoithuong.com/meta/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109718/"
 "109717","2019-01-24 19:18:05","https://kobac-yamato.com/wp-admin/css/colors/blue/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109717/"
 "109716","2019-01-24 19:17:57","http://peinture-marseille.com/wp-includes/ID3/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109716/"
 "109715","2019-01-24 19:17:50","http://trasp3.xsrv.jp/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109715/"
@@ -3943,7 +4373,7 @@
 "109702","2019-01-24 19:16:34","https://bparj.xyz/wp-includes/ID3/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109702/"
 "109701","2019-01-24 19:16:32","https://plomberie-touil.com/wp-includes/ID3/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109701/"
 "109700","2019-01-24 19:16:30","http://descubrecartagena.com/wp-content/themes/traveltour/admin/core/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109700/"
-"109699","2019-01-24 19:16:28","http://justfordemos.tk/wp-admin/css/colors/blue/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109699/"
+"109699","2019-01-24 19:16:28","http://justfordemos.tk/wp-admin/css/colors/blue/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109699/"
 "109698","2019-01-24 19:16:25","https://artburo.moscow/help/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109698/"
 "109697","2019-01-24 19:16:22","http://jk-lubricants.com/wp-content/themes/jklub/assets/css/ssj.jpg","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109697/"
 "109696","2019-01-24 19:15:55","http://olmaa.org/__MACOSX/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109696/"
@@ -3958,15 +4388,15 @@
 "109687","2019-01-24 19:14:44","https://drrozinaakter.com/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109687/"
 "109686","2019-01-24 19:14:36","https://kobac-takamatsu01.com/wp-admin/css/colors/blue/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109686/"
 "109685","2019-01-24 19:14:27","https://kobac-ebina.com/wp-admin/css/colors/blue/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109685/"
-"109684","2019-01-24 19:14:19","https://e-vel.by/themes/bartik/color/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109684/"
+"109684","2019-01-24 19:14:19","https://e-vel.by/themes/bartik/color/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109684/"
 "109683","2019-01-24 19:14:15","https://www.dailyshoping.org/wp-content/themes/Newspaper/vc_templates/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109683/"
-"109682","2019-01-24 19:14:07","https://gamedoithe.net/meta/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109682/"
+"109682","2019-01-24 19:14:07","https://gamedoithe.net/meta/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109682/"
 "109681","2019-01-24 19:14:02","https://mail.credisol.hn/skins/classic/images/buttons/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109681/"
 "109680","2019-01-24 19:13:55","https://credisol.hn/wp-content/themes/credisol/shortcodes/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109680/"
 "109679","2019-01-24 19:13:51","http://theotokis.gr/.well-known/pki-validation/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109679/"
 "109678","2019-01-24 19:13:44","https://olxmobiles.pk/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109678/"
 "109677","2019-01-24 19:13:39","https://www.seyh9.com/wp-content/themes/specia/templates/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109677/"
-"109676","2019-01-24 19:13:34","https://soivip.net/meta/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109676/"
+"109676","2019-01-24 19:13:34","https://soivip.net/meta/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109676/"
 "109675","2019-01-24 19:13:28","https://kobac-shizuoka01.com/wp-admin/css/colors/blue/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109675/"
 "109674","2019-01-24 19:13:22","http://quvalda.by/templates/quvalda/fonts/vendor/font-awesome/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109674/"
 "109673","2019-01-24 19:13:18","http://gnb.uz/.well-known/pki-validation/ssj.jpg","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109673/"
@@ -3993,7 +4423,7 @@
 "109652","2019-01-24 19:10:37","https://rulamart.com/wp-content/plugins/akismet/_inc/img/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109652/"
 "109651","2019-01-24 19:10:30","https://nagornyschool.by/wp-content/themes/nagornyschool/inc/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109651/"
 "109650","2019-01-24 19:10:25","https://mudassarnazir.com/captcha/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109650/"
-"109649","2019-01-24 19:10:17","https://e-vel.by/images/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109649/"
+"109649","2019-01-24 19:10:17","https://e-vel.by/images/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109649/"
 "109648","2019-01-24 19:10:10","https://marianalypova.com/wp-admin/css/colors/blue/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109648/"
 "109647","2019-01-24 19:10:04","http://systemnet.work/wp-content/themes/Newspaper/woocommerce/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109647/"
 "109646","2019-01-24 19:09:51","https://agent.ken.by/profiles/adv_minimal/libraries/chosen/docsupport/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109646/"
@@ -4074,7 +4504,7 @@
 "109571","2019-01-24 19:03:03","https://www.faujuladnan.com/wp-content/themes/materialis/inc/general-options/ssj.jpg","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109571/"
 "109570","2019-01-24 19:03:00","http://www.hebros.id/wp-admin/css/colors/blue/mxr.pdf","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109570/"
 "109569","2019-01-24 19:02:52","http://villacare.holiday/modules/php/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109569/"
-"109568","2019-01-24 19:02:51","http://studentloans.credezen.com/wp-includes/ID3/ssj.jpg","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109568/"
+"109568","2019-01-24 19:02:51","http://studentloans.credezen.com/wp-includes/ID3/ssj.jpg","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109568/"
 "109567","2019-01-24 19:02:47","http://cedartreegroup.com/wp-content/themes/the-unknown/bootstrap/css/ssj.jpg","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109567/"
 "109566","2019-01-24 19:02:45","http://fevzihoca.com.tr/img/Subeler/akcaabatsube/mxr.pdf","offline","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109566/"
 "109565","2019-01-24 19:02:42","http://elitegrowth.net/wp-includes/ID3/ssj.jpg","online","malware_download","Troldesh,","https://urlhaus.abuse.ch/url/109565/"
@@ -4161,7 +4591,7 @@
 "109484","2019-01-24 15:56:47","http://akcer.cz/sGpwf-0HQoA4aMhU3pbVz_QlJGdXSP-sf/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/109484/"
 "109483","2019-01-24 15:56:43","http://www.sos-secretariat.be/WnjZ-hC_VnX-u9/En/Need-to-send-the-attachment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109483/"
 "109482","2019-01-24 15:56:39","http://www.devitforward.com/gVuAe-Nx_WBXMmu-9h/Invoice/6215502/US/Question/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109482/"
-"109481","2019-01-24 15:56:35","http://pruebas.zecaenergia.com/pZdCD-9OPyr_zREtUm-I4/En_us/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109481/"
+"109481","2019-01-24 15:56:35","http://pruebas.zecaenergia.com/pZdCD-9OPyr_zREtUm-I4/En_us/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109481/"
 "109480","2019-01-24 15:56:33","http://mamquatrongoi.com/RAwo-t8_GiBMdNz-PWp/Invoice/4444779/En_us/ACH-form/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109480/"
 "109479","2019-01-24 15:56:29","http://maminsecret.ru/eeSEY-Yiop9_x-ytm/INV/265339FORPO/5990170956/EN_en/Service-Report-1296/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109479/"
 "109478","2019-01-24 15:56:27","http://lukahoward.com/IJSi-mUOvM_vYlLQ-eI/EXT/PaymentStatus/EN_en/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109478/"
@@ -4187,16 +4617,14 @@
 "109457","2019-01-24 15:20:23","http://realgen-webdesign.nl/nE8npUCGq/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/109457/"
 "109456","2019-01-24 15:20:18","http://cannabiswebsite10.info/n0VCPGVYD/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/109456/"
 "109455","2019-01-24 15:20:12","http://iranbody.xyz/LLRFYL7/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/109455/"
-"109454","2019-01-24 15:20:07","http://khomyphamhanoi.com/TvTwWqcK0/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/109454/"
+"109454","2019-01-24 15:20:07","http://khomyphamhanoi.com/TvTwWqcK0/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/109454/"
 "109453","2019-01-24 15:18:14","https://www.staraba.com/wp-content/themes/star-aba/css/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109453/"
 "109452","2019-01-24 15:18:10","http://31.168.70.230:38896/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109452/"
 "109451","2019-01-24 15:18:09","http://170.83.209.223:41110/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109451/"
-"109450","2019-01-24 15:17:26","https://u8349684.ct.sendgrid.net/wf/click?upn=PVFZ4WK2o6PXcDMCHDRARI-2FMcOqqCFnh4gU00NLmInmlrMsSgeGIVndR4VRyt0l7Vux8F4gtMy5MW5SGQY-2BhmCkv36Zm79eNpQGGJ-2Fazizw-3D_Qg5VyiEAg1Nne289JL06FFwhMl58Gj3jFt11HdVN6p8cQErSFfK7ZCAjcSfLzRRjiyIImCz44mlRl6tlJHEG7mx7F1IYbAVRxlqqTWg62oc1mNWpyrSQTwKRAAQcbhJm-2BAGxh29tlFhoY4LTZgMhagLHA2CW7aW-2FF2YsH-2FKC2N7-2Fz8Sl8nz7qDmrLCpEluYpcrutZoTnYY41G6lrC943Dryl6O5vNGrj1J2IPMIAG5M-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109450/"
 "109449","2019-01-24 15:17:23","http://trajetto.nl/aRFJl-K3ZpSpTwgKqlIuA_DOQmjDAUf-o8t/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109449/"
 "109448","2019-01-24 15:17:21","http://jonaspavao.com/wZljL-NEEFXA0rNmfKxh_LkPZxKrE-1D/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109448/"
 "109447","2019-01-24 15:17:17","http://www.ledet.gov.za/NQNIu-YttWj29sUixlYZX_MMKIEwuNw-Ph/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109447/"
 "109446","2019-01-24 15:17:07","http://iridairk.ru/zlms-eQWOZ8H0XRc2sF_eTfcBKWh-0EN/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109446/"
-"109445","2019-01-24 15:17:06","https://linkprotect.cudasvc.com/url?a=http://3d-universal.com/re/wp-content/wptouch-data/Payments/01_19&c=E,1,1qWcTkyCqrC6dFowKo_ue7Zm7wvaVP5zN6JbevmUOoLnBVWWb3EnoenXe4kFqX63t7M3qpPAh8kzqeT7iOQj4fiWirF0wFFNt7xcMJQkbA,,&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/109445/"
 "109444","2019-01-24 15:17:04","http://icelscs.fib.uns.ac.id/qMaH-FBMzerOhp6qSIn_soGtzpxT-KY/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109444/"
 "109443","2019-01-24 15:09:01","http://80.211.86.9/vb/Amakano.x86","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109443/"
 "109442","2019-01-24 15:01:13","http://80.211.86.9/vb/Amakano.spc","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109442/"
@@ -4227,12 +4655,12 @@
 "109417","2019-01-24 14:47:06","http://garrystutz.top/qXOlw-IMQpa_jRXedt-6p/INVOICE/En_us/560-51-824245-725-560-51-824245-722/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/109417/"
 "109416","2019-01-24 14:46:30","http://fzs.ma/jyZzy-FUHXN_zNIiJ-naV/EXT/PaymentStatus/US_us/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109416/"
 "109415","2019-01-24 14:46:25","http://ebrubozkurt.com/MXPws-RglrV_ZkuIP-mv/INVOICE/US/Document-needed/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109415/"
-"109414","2019-01-24 14:46:21","http://www.tovbekapisi.com/bZqmB-Ky38FVKRTRykJt_FVSPCbtY-ria/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/109414/"
+"109414","2019-01-24 14:46:21","http://www.tovbekapisi.com/bZqmB-Ky38FVKRTRykJt_FVSPCbtY-ria/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/109414/"
 "109413","2019-01-24 14:46:17","http://skrentertainmentgroup.com/RYcr-sMMbELmx5YDzZGx_hLgotZOYS-2BI/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/109413/"
 "109412","2019-01-24 14:45:45","http://s1099098-26593.home-whs.pl/Sqbh-WdY50fRGaVU4QyM_ejFFZVES-CXC/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/109412/"
 "109411","2019-01-24 14:45:39","http://nightonline.ru/images/bKPX-yT3RSMWKFrNeULX_kDwzYhgq-xJ/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/109411/"
 "109410","2019-01-24 14:45:35","http://m.otel-serov.ru/bCIix-xTXGfJOnqrrru5J_MIzQRpFF-qj4/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/109410/"
-"109409","2019-01-24 14:45:20","http://fergus.vn/KAvW-afR8LCiZVe73VH_fyNLhLyt-yyP/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/109409/"
+"109409","2019-01-24 14:45:20","http://fergus.vn/KAvW-afR8LCiZVe73VH_fyNLhLyt-yyP/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/109409/"
 "109408","2019-01-24 14:45:13","http://favorite-sport.by/Uors-pneXfJbGQqNAQYh_knzGxcyyG-0C/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/109408/"
 "109407","2019-01-24 14:45:07","http://bloomspor.com/FMJw-YNITloWAvLPl74l_xFyquTtBT-O7/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/109407/"
 "109406","2019-01-24 14:43:09","http://www.integraga.com/wp-content/themes/integra/inc/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109406/"
@@ -4250,7 +4678,7 @@
 "109394","2019-01-24 14:15:06","https://tischer.ro/NFOF-0yGc_UUj-9x/EXT/PaymentStatus/US_us/Document-needed/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/109394/"
 "109391","2019-01-24 14:14:47","http://ypicsdy.cf/dqGG-sru_kpEmhXB-jZ/ACH/PaymentAdvice/En/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109391/"
 "109390","2019-01-24 14:14:13","http://ykwkmdy.cf/oYvz-MwYyJ_oV-j0/Southwire/AYM7852992933/US/Past-Due-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109390/"
-"109389","2019-01-24 14:13:38","http://www.ontamada.ru/LohV-gqh_mAFfNxUU-9G/EXT/PaymentStatus/En/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109389/"
+"109389","2019-01-24 14:13:38","http://www.ontamada.ru/LohV-gqh_mAFfNxUU-9G/EXT/PaymentStatus/En/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109389/"
 "109388","2019-01-24 14:13:33","http://www.mmtc.edu.my/dhZgP-ocp_DzcrICpXO-ELX/Invoice/814781364/En_us/Invoice-Number-139221/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109388/"
 "109387","2019-01-24 14:13:24","http://www.lineageforum.ru/slEq-xeE0_fr-EX/COMET/SIGNS/PAYMENT/NOTIFICATION/01/24/2019/EN_en/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109387/"
 "109386","2019-01-24 14:13:19","http://www.amazon-dz.com/TnvM-C1_BzzyRXtFC-IK/Southwire/KYW1656413239/En_us/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/109386/"
@@ -4278,7 +4706,7 @@
 "109364","2019-01-24 14:10:19","http://lazylorgdy.cf/ZlSFd-Fp5CF_FZpvBLJd-jt/Ref/529223077En_us/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109364/"
 "109363","2019-01-24 14:09:38","http://kartina32.ru/dFdP-g3IeI_RRfGm-io/invoices/67515/67331/En/Companies-Invoice-3990520/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109363/"
 "109362","2019-01-24 14:09:31","http://istorie.usm.md/wp-content/uploads/eMDhA-O2QEp_j-puA/invoices/4072/9929/US_us/Service-Report-3530/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109362/"
-"109361","2019-01-24 14:09:27","http://icta.futminna.edu.ng/cTtX-L6sS_FdVFmrXnm-Am/Invoice/1227197/EN_en/Inv-770648-PO-8N316873/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109361/"
+"109361","2019-01-24 14:09:27","http://icta.futminna.edu.ng/cTtX-L6sS_FdVFmrXnm-Am/Invoice/1227197/EN_en/Inv-770648-PO-8N316873/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109361/"
 "109360","2019-01-24 14:09:23","http://ema-trans.kz/De/BRVWCRI0031559/Rechnungs/RECHNUNG/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109360/"
 "109359","2019-01-24 14:09:19","http://domainsharing.geonetry.com/JIczD-4lQw_UMXfT-xI/InvoiceCodeChanges/En_us/ACH-form/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109359/"
 "109358","2019-01-24 14:09:11","http://dm.xn----ctbbln2ahbdthck.xn--p1ai/aZARf-JtVD_DJjNx-Cxx/US_us/ACH-form/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109358/"
@@ -4298,7 +4726,7 @@
 "109344","2019-01-24 14:06:25","http://visiskirtingivisilygus.lt/IOMQp-1umMKOp3l97PmPA_tSHHYpYAY-9G/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109344/"
 "109343","2019-01-24 14:06:20","http://ski.fib.uns.ac.id/rqWH-z8oNsQQrrg0v6Gs_XiEOaIkCe-9y/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109343/"
 "109341","2019-01-24 13:53:07","http://vektorex.com/source/Z/6588910.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109341/"
-"109340","2019-01-24 13:41:31","http://its.futminna.edu.ng/AEDy-cd1DMevRqMyZm0_ZnJlyiXpW-xJ/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109340/"
+"109340","2019-01-24 13:41:31","http://its.futminna.edu.ng/AEDy-cd1DMevRqMyZm0_ZnJlyiXpW-xJ/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109340/"
 "109339","2019-01-24 13:41:25","http://www.fitografia.net/ZFZXo-xAdYApCw7VM0eK4_URIdXpKUs-XgF/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109339/"
 "109338","2019-01-24 13:41:16","http://etsj.futminna.edu.ng/kWTG-Qv3R8Q6FvOzA6P_hZALUOmZ-E3/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109338/"
 "109337","2019-01-24 13:41:11","http://www.anello.it/qgGSW-EFT3YemXaG4dPO_KoxnuXAtL-7J/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109337/"
@@ -4332,9 +4760,9 @@
 "109309","2019-01-24 12:10:06","http://eidos-sociology.ru/file/build__2017.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109309/"
 "109308","2019-01-24 12:08:55","http://takhnit.co.il/components/com_ajax/ssj.jpg","offline","malware_download","emotet,Ransomware,Shade,exe","https://urlhaus.abuse.ch/url/109308/"
 "109307","2019-01-24 12:08:51","http://mazharul-hossain.info/wp-content/themes/storecommerce/demo-content/default/ssj.jpg","online","malware_download","emotet,Ransomware,Shade,exe","https://urlhaus.abuse.ch/url/109307/"
-"109306","2019-01-24 12:08:47","http://www.tours.pt/templates/tours.pt_red/img/ssj.jpg","online","malware_download","emotet,Ransomware,Shade,exe","https://urlhaus.abuse.ch/url/109306/"
+"109306","2019-01-24 12:08:47","http://www.tours.pt/templates/tours.pt_red/img/ssj.jpg","offline","malware_download","emotet,Ransomware,Shade,exe","https://urlhaus.abuse.ch/url/109306/"
 "109305","2019-01-24 12:08:16","http://tamagocin.com/wp-content/themes/relic-fashion-store/themerelic/customizers/assets/js/ssj.jpg","online","malware_download","emotet,Ransomware,Shade,exe","https://urlhaus.abuse.ch/url/109305/"
-"109304","2019-01-24 12:08:08","http://xn----htbybfcxh3h.xn--p1ai/bin/ssj.jpg","online","malware_download","emotet,Ransomware,Shade,exe","https://urlhaus.abuse.ch/url/109304/"
+"109304","2019-01-24 12:08:08","http://xn----htbybfcxh3h.xn--p1ai/bin/ssj.jpg","offline","malware_download","emotet,Ransomware,Shade,exe","https://urlhaus.abuse.ch/url/109304/"
 "109303","2019-01-24 12:08:05","http://simplisal.co.uk/wp-content/ai1wm-backups/ssj.jpg","online","malware_download","emotet,Ransomware,Shade,exe","https://urlhaus.abuse.ch/url/109303/"
 "109302","2019-01-24 12:07:15","http://ro7o.fun/wp-content/cache/blogs/mxr.pdf","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/109302/"
 "109301","2019-01-24 12:07:07","http://cb2.fun/wp-content/cache/blogs/mxr.pdf","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/109301/"
@@ -4365,7 +4793,7 @@
 "109276","2019-01-24 11:33:05","http://yjbexnetdy.cf/Transactions/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109276/"
 "109275","2019-01-24 11:32:59","http://myprobatedeals.com/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109275/"
 "109274","2019-01-24 11:32:54","http://thanhlapdoanhnghiephnh.com/Transaktion/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109274/"
-"109273","2019-01-24 11:32:50","http://lrprealestate.vi-bus.com/Rechnungen/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109273/"
+"109273","2019-01-24 11:32:50","http://lrprealestate.vi-bus.com/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109273/"
 "109272","2019-01-24 11:32:43","http://ykpunetdy.cf/Rechnung/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109272/"
 "109271","2019-01-24 11:32:38","http://legpnnldy.cf/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109271/"
 "109270","2019-01-24 11:32:34","http://appliancestalk.com/cgi-bin/Rechnungs/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109270/"
@@ -4378,7 +4806,7 @@
 "109263","2019-01-24 11:32:01","http://tugas2.syauqi.web.id/wp-includes/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109263/"
 "109262","2019-01-24 11:31:54","http://www.amayayurveda.com/Amazon/Zahlungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109262/"
 "109261","2019-01-24 11:31:51","http://www.aaadriving.co.nz/Amazon/DE/Kunden_informationen/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109261/"
-"109260","2019-01-24 11:31:48","http://cwc.vi-bus.com/AMAZON/DE/Kunden-transaktion/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109260/"
+"109260","2019-01-24 11:31:48","http://cwc.vi-bus.com/AMAZON/DE/Kunden-transaktion/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109260/"
 "109259","2019-01-24 11:31:46","http://new.cinqueterrewinetasting.com/Amazon/DE/Zahlungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109259/"
 "109258","2019-01-24 11:31:14","http://fanarticho.com/AMAZON/DE/Kunden_transaktion/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109258/"
 "109257","2019-01-24 11:31:11","http://www.anzelikosgracija.lt/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109257/"
@@ -4387,7 +4815,6 @@
 "109254","2019-01-24 11:29:19","http://top-persona.by/themes/engines/phptemplate/mxr.pdf","online","malware_download","exe","https://urlhaus.abuse.ch/url/109254/"
 "109253","2019-01-24 11:29:14","http://alexandrasonline.co.uk/templates/protostar/css/@eaDir/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109253/"
 "109252","2019-01-24 11:29:07","http://no70.fun/wp-content/cache/blogs/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109252/"
-"109251","2019-01-24 11:22:32","https://linkprotect.cudasvc.com/url?a=http://upcom-pro.be/Januar2019/LGZTHVO1701615/Rechnungs-Details/DOC&c=E,1,F5YJotBw3PyJjLcBtqFaBS6_droQc7wL-pkMBUlxcq9OSwcVO4u4kqSFldfATTYoXkDwFubjaN3rfun4n7xnb-8Bry-aaVAZiK_oXvynPzI5_IejEVnHFA,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/109251/"
 "109250","2019-01-24 11:22:29","http://isoblogs.ir/De_de/ZGQYOTGNH7764495/Rechnungs-Details/Zahlungserinnerung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109250/"
 "109249","2019-01-24 11:22:27","http://xn----dtbhwpgtp5b1b.xn--p1ai/de_DE/KTDKOYSVR2495087/Rechnungs/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109249/"
 "109248","2019-01-24 11:22:24","http://proautorubberpinetown.co.za/de_DE/IFWMXVVDO3182550/Rech/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109248/"
@@ -4599,7 +5026,7 @@
 "109013","2019-01-24 01:14:09","http://ruoubiaplaza.com/wp-content/themes/storefront/assets/css/admin/customizer/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109013/"
 "109012","2019-01-24 01:07:21","http://taxplus.co.in/rBOYX-Rg_bzY-yQ/INVOICE/En_us/Invoice-for-you//","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109012/"
 "109011","2019-01-24 01:07:17","http://rosalindacademy.it/zVWy-2lPC_BDKTd-CCY/Southwire/UWT1986389353/US_us/Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/109011/"
-"109010","2019-01-24 01:07:13","http://ontamada.ru/nOGFU-1ic8e_t-xWX/COMET/SIGNS/PAYMENT/NOTIFICATION/01/19/2019/En_us/7-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109010/"
+"109010","2019-01-24 01:07:13","http://ontamada.ru/nOGFU-1ic8e_t-xWX/COMET/SIGNS/PAYMENT/NOTIFICATION/01/19/2019/En_us/7-Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109010/"
 "109009","2019-01-24 01:07:12","http://oculista.com.br/De_de/ZHDNOCCWKX6808005/Rechnungskorrektur/RECH/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109009/"
 "109008","2019-01-24 01:07:05","http://lineageforum.ru/lLFft-ElDzH_gdqCXTGsj-S6A/INVOICE/09549/OVERPAYMENT/US/Invoice-4643497-January/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109008/"
 "109007","2019-01-24 01:07:04","http://latuagrottaferrata.it/UYCxN-Tmx_CW-QN/InvoiceCodeChanges/EN_en/Overdue-payment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/109007/"
@@ -4660,7 +5087,7 @@
 "108952","2019-01-23 23:31:12","http://tusconparklandkharadi.com/wp-admin/Payments/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108952/"
 "108951","2019-01-23 23:31:07","http://tourwall.com/Payments/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108951/"
 "108950","2019-01-23 23:31:04","http://villorg.hu/Details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108950/"
-"108949","2019-01-23 23:22:12","http://lanhodiepuytin.com/spFOu-lMI_NJ-VGE/InvoiceCodeChanges/US_us/Document-needed/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108949/"
+"108949","2019-01-23 23:22:12","http://lanhodiepuytin.com/spFOu-lMI_NJ-VGE/InvoiceCodeChanges/US_us/Document-needed/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108949/"
 "108948","2019-01-23 23:22:06","http://www.shengen.ru/sites/default/files/WeXGe-xTM7d_YDzeG-OO/Southwire/MCI076856304/US/Service-Invoice/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108948/"
 "108947","2019-01-23 23:22:03","http://tadcleaves.com/pRdwb-FGc5Q_RNFnGjsKp-SG/InvoiceCodeChanges/En/Invoice-05537474/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108947/"
 "108946","2019-01-23 23:02:03","http://treinamentos.konia.com.br/Transaction_details/012019/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108946/"
@@ -4719,13 +5146,9 @@
 "108893","2019-01-23 21:34:03","http://microsoftupdate.dns-report.com/download/update.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/108893/"
 "108892","2019-01-23 21:33:06","http://cliniqueelmenzah.com/bloom.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108892/"
 "108891","2019-01-23 21:32:16","https://www.norsterra.cn/kwhts-4y_BLft-df/Ref/052883920US/ACH-form/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108891/"
-"108890","2019-01-23 21:32:12","https://linkprotect.cudasvc.com/url?a=http://seotubers.com/dPQK-WE9w_iUOf-Hn/invoices/81014/3230/En_us/Document-needed&c=E1MeN7T72c6RYKAVFcQVuxOKYC5broaVx0hJJgxWOjvuiMhF6WtcVyyyFNHBJ7wEK1ogrxTxl-EntxdLvToxC9fTpFtfnv0sOdJUk4R1qTc5g5Pjei-RVie78&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/108890/"
-"108889","2019-01-23 21:32:04","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fseotubers.com%2fdPQK-WE9w_iUOf-Hn%2finvoices%2f81014%2f3230%2fEn_us%2fDocument-needed&c=E1MeN7T72c6RYKAVFcQVuxOKYC5broaVx0hJJgxWOjvuiMhF6WtcVyyyFNHBJ7wEK1ogrxTxl-EntxdLvToxC9fTpFtfnv0sOdJUk4R1qTc5g5Pjei-RVie78&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/108889/"
 "108888","2019-01-23 21:22:21","https://www.promonoble.com/wp-admin/Documents/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108888/"
 "108887","2019-01-23 21:22:20","https://register.srru.ac.th/Amazon/Bestellung_details/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108887/"
 "108886","2019-01-23 21:22:17","https://monsterpanels.com/Information/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108886/"
-"108884","2019-01-23 21:22:16","https://linkprotect.cudasvc.com/url?a=http://cauumdy.gq/wp-admin/includes/Payment_details/012019&c=E1tyhHyARKNk1i1Suntea3YZadCAIAELORCuZT20BhEAOIFeX8lEZ1lFamB-4q-UTMnu39FEr2rGdKHH8AFLziZDsE9H9KWEf_IvlG5rxKvQ&typo=1/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108884/"
-"108885","2019-01-23 21:22:16","https://linkprotect.cudasvc.com/url?a=http://doyoto.com/Clients_transactions/2019-01&c=E1k4-pwiLKIctlhQZvopu6I6EaAOvoeb3uhow1WGnDuj2L8o4iSxPfYikElKvKzjQMWzFnG3anBN9RdxTeW9fwqelcH8yGGO8RZtB7x8KsJ6pW9p6nPr25xA&typo=1/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108885/"
 "108883","2019-01-23 21:22:15","http://yulimaria.com/wp-content/uploads/Documents/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108883/"
 "108882","2019-01-23 21:22:07","http://xn--d1albnc.xn--p1ai/Amazon/Zahlungen/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108882/"
 "108880","2019-01-23 21:22:05","http://www.xn----8sbef8axpew9i.xn--p1ai/entertainment/wp-content/Amazon/DE/Kunden_Messages/01_19/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108880/"
@@ -4775,7 +5198,7 @@
 "108835","2019-01-23 20:19:45","http://www.tomorrow-foundation.com/fr/wp-content/uploads/JULla-HR_PgTvifut-WL/invoices/31801/03616/US/Invoice-Number-97428/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108835/"
 "108834","2019-01-23 20:19:42","http://www.qimocci.com/GpAO-2p_JaIjDpf-5S/US_us/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108834/"
 "108833","2019-01-23 20:19:34","http://www.osteriamontegrappa.it/XBcC-WI7g7_qufuCos-Ed/invoices/7252/5423/US_us/Invoice-9694166/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108833/"
-"108832","2019-01-23 20:19:31","http://www.kredyty-hipoteczne24.com.pl/cUbD-UBn_itm-N1r/Invoice/6181676/US_us/Invoice-for-you/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108832/"
+"108832","2019-01-23 20:19:31","http://www.kredyty-hipoteczne24.com.pl/cUbD-UBn_itm-N1r/Invoice/6181676/US_us/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108832/"
 "108831","2019-01-23 20:19:24","http://www.holzheuer.de/TMUz-I9S_xawmGmKfY-gs/EXT/PaymentStatus/EN_en/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/108831/"
 "108830","2019-01-23 20:19:18","http://www.hayatihusada.com/LsaZx-bX_mijmcuP-bxM/INVOICE/0248/OVERPAYMENT/En/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108830/"
 "108829","2019-01-23 20:19:12","http://www.cashcow.ai/test1/PhqC-5mM_JgvMW-JM/9450838/SurveyQuestionsEn_us/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108829/"
@@ -4819,7 +5242,6 @@
 "108791","2019-01-23 19:31:22","http://cididlawfirm.com/wp-snapshots/Payment_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108791/"
 "108790","2019-01-23 19:31:20","http://www.smallblue.club/Attachments/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108790/"
 "108789","2019-01-23 19:31:15","http://xn--8dbcknjy3bgq.co.il/Clients_information/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108789/"
-"108788","2019-01-23 19:31:11","https://linkprotect.cudasvc.com/url?a=http://cauumdy.gq/wp-admin/includes/Payment_details/012019&c=E,1,tyhHyARKNk1i1Suntea3YZadCAIAELORCuZT20BhEAOIFeX8lEZ1lFamB-4q-UTMnu39FEr2rGdKHH8AFLziZDsE9H9KWEf_IvlG5rxKvQ,,&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/108788/"
 "108787","2019-01-23 19:31:06","http://bemap.eu/Attachments/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108787/"
 "108786","2019-01-23 19:30:03","http://81.169.230.101:8080/3lB3rRd0/sprite-mouse.bin","offline","malware_download","exe,Dridex","https://urlhaus.abuse.ch/url/108786/"
 "108785","2019-01-23 19:29:06","http://199.230.109.154:8080/0qIC02Lt/ActiveFonts.bin","offline","malware_download","exe,Dridex","https://urlhaus.abuse.ch/url/108785/"
@@ -4889,7 +5311,7 @@
 "108721","2019-01-23 18:08:52","http://xcsales.info/wp-content_NOT/uploads/nZsFu-zs_sfujKX-8ed/PaymentStatus/En/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108721/"
 "108720","2019-01-23 18:08:50","http://www.zlatna-dolina.hr/lwPXN-Pb_zRrZkAYB-05/InvoiceCodeChanges/EN_en/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/108720/"
 "108719","2019-01-23 18:08:49","http://www.villagenp.org/ARUHk-Mc_zP-UXM/Invoice/198834933/US_us/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108719/"
-"108718","2019-01-23 18:08:48","http://www.sosacres.com/lMMe-Wgmlc_ebV-bE/invoices/31256/74457/En_us/6-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108718/"
+"108718","2019-01-23 18:08:48","http://www.sosacres.com/lMMe-Wgmlc_ebV-bE/invoices/31256/74457/En_us/6-Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108718/"
 "108717","2019-01-23 18:08:45","http://www.sisaketfarmermarket.com/cJlmx-Ac_mzhQcR-0O0/EXT/PaymentStatus/En/Document-needed/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/108717/"
 "108716","2019-01-23 18:08:38","http://www.savecannabis.org/spkPj-seB_FBTsIBk-9C/INVOICE/0703/OVERPAYMENT/US_us/Service-Report-5328/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108716/"
 "108715","2019-01-23 18:08:20","http://www.reksadanainvestasitanpabatas.com/Ktwm-N3y9_F-fOJ/Inv/70771899502/US/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108715/"
@@ -4957,27 +5379,27 @@
 "108654","2019-01-23 16:51:19","http://tours.pt/templates/tours.pt_red/img/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108654/"
 "108652","2019-01-23 16:51:12","http://thehungrydodo.ca/wp-content/themes/dine-and-drink-theme/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108652/"
 "108651","2019-01-23 16:49:35","http://forest-media.com/img/soc/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108651/"
-"108650","2019-01-23 16:49:30","http://lpru.antalogic.com/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108650/"
+"108650","2019-01-23 16:49:30","http://lpru.antalogic.com/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108650/"
 "108649","2019-01-23 16:49:23","http://pettsi.org/wp-content/themes/oceanwp/sass/base/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108649/"
 "108648","2019-01-23 16:49:16","http://mogilevcity.by/administrator/cache/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108648/"
 "108647","2019-01-23 16:48:16","http://earnbdt.com/wp-content/themes/martfury/images/sidebars/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108647/"
 "108646","2019-01-23 16:48:13","http://tantiendoor.com/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108646/"
 "108645","2019-01-23 16:48:07","http://jbnortonandco.com/wp-content/themes/piko-construct/piko-construct/languages/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108645/"
 "108644","2019-01-23 16:48:03","http://svadebka.by/wp-content/themes/twentyseventeen/inc/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108644/"
-"108643","2019-01-23 16:46:13","http://kl82.belpravo.by/misc/farbtastic/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108643/"
+"108643","2019-01-23 16:46:13","http://kl82.belpravo.by/misc/farbtastic/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108643/"
 "108642","2019-01-23 16:46:11","http://lefurle.by/wp-content/themes/underscores/template-parts/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108642/"
 "108641","2019-01-23 16:46:08","http://streettalk.website/wp-content/themes/businessx/assets/css/admin/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108641/"
 "108640","2019-01-23 16:46:07","http://nepra.by/cache/_system/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108640/"
 "108639","2019-01-23 16:45:14","http://hoadaklak.com/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108639/"
 "108638","2019-01-23 16:45:12","http://engbaze.win/wp-content/themes/flex-mag/admin/images/colorpicker/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108638/"
 "108637","2019-01-23 16:45:10","http://gogolwanaagpoultry.com/wp-content/themes/calio2/bootstrap/css/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108637/"
-"108636","2019-01-23 16:45:07","http://afrika.by/links/60ac84f9d8c40e723e3d44b5b90c079447f25ad6/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108636/"
+"108636","2019-01-23 16:45:07","http://afrika.by/links/60ac84f9d8c40e723e3d44b5b90c079447f25ad6/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108636/"
 "108635","2019-01-23 16:43:25","http://idemitsu-ilm.com.my/wp-content/themes/bridge/templates/blog-parts/chequered/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108635/"
 "108634","2019-01-23 16:43:14","http://practicalenotes.com/wp-content/themes/twentynineteen/template-parts/content/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108634/"
 "108633","2019-01-23 16:43:10","http://kbkoyilandy.in/wp-content/themes/allegiant/includes/libraries/epsilon-framework/assets/css/scss/controls/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108633/"
-"108632","2019-01-23 16:43:04","http://xn--80ajicwc0afqf.xn--p1ai/includes/custom/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108632/"
+"108632","2019-01-23 16:43:04","http://xn--80ajicwc0afqf.xn--p1ai/includes/custom/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108632/"
 "108631","2019-01-23 16:42:18","http://cryptoera.pro/cli/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108631/"
-"108630","2019-01-23 16:42:13","http://fg24.am/cache/sh404sef_rconfig/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108630/"
+"108630","2019-01-23 16:42:13","http://fg24.am/cache/sh404sef_rconfig/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108630/"
 "108629","2019-01-23 16:42:10","http://maxpower.group/wp-content/themes/scholarship/templates/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108629/"
 "108628","2019-01-23 16:41:12","http://diaryofamrs.com/wp-content/themes/create/images/gallery/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108628/"
 "108627","2019-01-23 16:41:08","http://tattoohane.com/wp-content/themes/ninezeroseven/vc_templates/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108627/"
@@ -4986,7 +5408,7 @@
 "108624","2019-01-23 16:39:04","http://xn----ctbjthakkrgv2hg.xn--p1ai/OIVdx-le_W-b0N/Invoice/510441950/En/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108624/"
 "108623","2019-01-23 16:38:48","http://wiki.pst.team/CfXY-5eCkn_IEAERTjn-8nI/PaymentStatus/US_us/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108623/"
 "108622","2019-01-23 16:38:45","http://tienskosice.sk/qAGu-9P_GBqo-Idt/S73/invoicing/US/Invoice-receipt/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/108622/"
-"108621","2019-01-23 16:38:42","http://sassearch.net/AhXN-LB_RQzVhvGZ-lu/Southwire/ZIL805187492/US/Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108621/"
+"108621","2019-01-23 16:38:42","http://sassearch.net/AhXN-LB_RQzVhvGZ-lu/Southwire/ZIL805187492/US/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108621/"
 "108619","2019-01-23 16:38:41","http://ljrssindy.cf/yzlVb-ZvUS_zGuqG-PI/V524/invoicing/En/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108619/"
 "108620","2019-01-23 16:38:41","http://reyesfitnessclub.com/tVxxU-ui_ASaaPl-6VR/Ref/33339923US/Need-to-send-the-attachment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108620/"
 "108618","2019-01-23 16:38:10","http://koyotrader.com/JLDj-bqE3_FAHvlfsoD-hg/InvoiceCodeChanges/EN_en/Invoices-attached/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108618/"
@@ -5053,7 +5475,6 @@
 "108557","2019-01-23 15:42:15","http://canhogiaresaigon.net/wCRo-7zpkO_YI-Skr/Invoice/201168739/US_us/Invoice-12577688/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108557/"
 "108555","2019-01-23 15:31:07","http://modern-autoparts.com/ezFUGpI/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108555/"
 "108556","2019-01-23 15:31:07","https://url.emailprotection.link/?awsu1K8aw4qAy7TU6V91StoYzD9XLahm-7litnPmfXlsT1ikNgjZKkQK01RzGj24zs_WlBRkJF4TRCEIoB39lHA~~/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/108556/"
-"108554","2019-01-23 15:22:12","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fseotubers.com%2fdPQK-WE9w_iUOf-Hn%2finvoices%2f81014%2f3230%2fEn_us%2fDocument-needed&c=E,1,MeN7T72c6RYKAVFcQVuxOKYC5broaVx0hJJgxWOjvuiMhF6WtcVyyyFNHBJ7wEK1ogrxTxl-EntxdLvToxC9fTpFtfnv0sOdJUk4R1qTc5g5Pjei-RVie78,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/108554/"
 "108553","2019-01-23 15:22:09","http://www.atocan.eu/zJUWR-yMAs_FdpuyN-FG/Inv/23206675010/EN_en/Inv-326267-PO-0J728868/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108553/"
 "108552","2019-01-23 15:22:06","http://improve-it.uy/nCIu-lQc_xC-7Q/7600251/SurveyQuestionsUS/Invoice-16349384-January/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108552/"
 "108551","2019-01-23 15:11:03","http://burasiaksaray.com/.well-known/pki-validation/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108551/"
@@ -5068,8 +5489,6 @@
 "108542","2019-01-23 15:06:02","http://dromertontus.com/Y7klprmAh/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/108542/"
 "108541","2019-01-23 15:02:36","http://www.odishahr.xyz/Payment_details/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/108541/"
 "108540","2019-01-23 15:02:13","http://coldstar.pk/Details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108540/"
-"108539","2019-01-23 15:02:11","https://linkprotect.cudasvc.com/url?a=http://doyoto.com/Clients_transactions/2019-01&c=E,1,k4-pwiLKIctlhQZvopu6I6EaAOvoeb3uhow1WGnDuj2L8o4iSxPfYikElKvKzjQMWzFnG3anBN9RdxTeW9fwqelcH8yGGO8RZtB7x8KsJ6pW9p6nPr25xA,,&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/108539/"
-"108538","2019-01-23 15:02:02","https://linkprotect.cudasvc.com/url?a=http://controlpro.hu/Documents/2019-01&c=E,1,Ff1sNpl1G9USfi3iPPpURkUoSyStkV06mhOv2BlK-MTVhwgOj3dbdCdQN9o_JABkeoCjI3DiDkeLQ6sv02pHbVEhBgLfuXeQkwQCsMwgY_0J1A,,&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/108538/"
 "108537","2019-01-23 14:58:07","http://globallegacyfreight.com/wp-content/themes/enfold/config-events-calendar/views/pro/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108537/"
 "108536","2019-01-23 14:58:05","http://wakalad.com/4/127474/notersave.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108536/"
 "108535","2019-01-23 14:56:07","http://www.idiaiteraioannina.com/wp-admin/css/colors/blue/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108535/"
@@ -5082,13 +5501,11 @@
 "108528","2019-01-23 14:45:04","http://mrcleaner.ca/FmHIw-lpP_KBXwvk-Mk/INVOICE/7415/OVERPAYMENT/US_us/046-50-016857-594-046-50-016857-294/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108528/"
 "108527","2019-01-23 14:45:03","http://isalver.com/lkXwr-zyxv_tzI-WB/Invoice/932325577/En/Inv-651471-PO-7O870622/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108527/"
 "108526","2019-01-23 14:44:37","https://marsandbarzini.crownmanagers.com/Details/2019-01/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108526/"
-"108525","2019-01-23 14:44:36","https://linkprotect.cudasvc.com/url?a=http://controlpro.hu/Documents/2019-01&c=E1Ff1sNpl1G9USfi3iPPpURkUoSyStkV06mhOv2BlK-MTVhwgOj3dbdCdQN9o_JABkeoCjI3DiDkeLQ6sv02pHbVEhBgLfuXeQkwQCsMwgY_0J1A&typo=1/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108525/"
 "108524","2019-01-23 14:44:35","http://www.khatri-maza.xyz/Payment_details/012019/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108524/"
 "108523","2019-01-23 14:44:21","http://www.grantkulinar.ru/AMAZON/DE/Kunden_informationen/01_19/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108523/"
 "108522","2019-01-23 14:44:20","http://www.biometricsystems.ru/AMAZON/Bestelldetails/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108522/"
 "108521","2019-01-23 14:44:19","http://ubuntusocietyfx.co.za/Information/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108521/"
 "108519","2019-01-23 14:44:17","http://sskymedia.com/Amazon/DE/Details/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108519/"
-"108520","2019-01-23 14:44:17","http://u6547982.ct.sendgrid.net/wf/click?upn=gZzAZsqCdL82HnVLGMfnEjM7ETIouxfgcc3GRXOaeV72L5B-2BD8WkY66-2B9FbdjxxVmN-2Fir440kKU-2B8l34okQk34trJLIdrJquIX7rv6Cy-2BYY-3D_18OFKTR-2FlMcCiRVgVLVc8ZSUI35CFSWxjcsJRx2c6MbDHEVQ9c7XQk0JeTyS72o3QAhn1fOfSM0R8mXmZKAtQTE-2BuXFV8LxnCUaJGUA2CVQomSBnL8kEMXuMev7-2FlhP0i8DUImQaObQpzfcojVnKLieZXVXcpM3zM-2B9FrGJx6tgBYZThdubg0HLwO2H0grpeL1mgBRADA1MhqK3cC0OE-2Fg-3D-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108520/"
 "108518","2019-01-23 14:44:15","http://print4purpose.com/public_html/Messages/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108518/"
 "108517","2019-01-23 14:44:13","http://hicub.by/Amazon/DE/Kunden-informationen/2019-01/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/108517/"
 "108516","2019-01-23 14:44:12","http://genius360.fr/Documents/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108516/"
@@ -5101,7 +5518,7 @@
 "108509","2019-01-23 14:44:04","http://www.imarketsforextrading.com/vpFtztlmbWLmXZWL/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/108509/"
 "108508","2019-01-23 14:42:04","http://computerwiz.cc/remote/Mobile.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108508/"
 "108507","2019-01-23 14:41:10","http://www.pargahome.com/wp-admin/css/colors/blue/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108507/"
-"108506","2019-01-23 14:39:07","http://www.wins-power.com/wxRm-lj_LNY-PCo/ACH/PaymentAdvice/EN_en/Need-to-send-the-attachment/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108506/"
+"108506","2019-01-23 14:39:07","http://www.wins-power.com/wxRm-lj_LNY-PCo/ACH/PaymentAdvice/EN_en/Need-to-send-the-attachment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108506/"
 "108505","2019-01-23 14:39:06","http://lokanou.webinview.com/DE_de/UTHOJAQ3035981/DE_de/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108505/"
 "108504","2019-01-23 14:39:05","http://fresh2deathbeatz.com/pNCFt-wMC_sXBKq-H9l/INVOICE/28400/OVERPAYMENT/US/New-order/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108504/"
 "108503","2019-01-23 14:38:03","http://pargahome.com/wp-admin/css/colors/blue/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108503/"
@@ -5163,13 +5580,13 @@
 "108446","2019-01-23 13:05:14","http://rdweb.ir/de_DE/PPUAZCSI0206010/Scan/DOC-Dokument/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108446/"
 "108447","2019-01-23 13:05:14","http://realgen-marketing.nl/De/CEDRDCOH2867240/Rechnung/RECH/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108447/"
 "108445","2019-01-23 13:05:13","http://quahandmade.org/de_DE/EDNINPNGYT8305615/gescanntes-Dokument/RECH/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108445/"
-"108444","2019-01-23 13:05:10","http://otohondavungtau.com/NIKSYTG8173339/Rechnungs/RECH/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108444/"
+"108444","2019-01-23 13:05:10","http://otohondavungtau.com/NIKSYTG8173339/Rechnungs/RECH/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108444/"
 "108443","2019-01-23 13:05:07","http://nihaobuddy.com/de_DE/YHIKFNMSG5447997/Rechnungs/DOC/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/108443/"
 "108442","2019-01-23 13:05:04","http://navsreps.co.uk/ZZKHLEY1592751/de/Rechnungsanschrift/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108442/"
 "108441","2019-01-23 13:05:03","http://nanesenie-tatu.granat.nsk.ru/ZPVBAUQ3191653/GER/FORM/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108441/"
 "108440","2019-01-23 13:05:02","http://mskala2.rise-up.nsk.ru/De/OVWJCIM3355305/Rechnungs/Zahlung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108440/"
 "108439","2019-01-23 13:05:01","http://montessori-violay.fr/de_DE/HITTOKMXO0347571/Rechnungs-docs/Rechnungsanschrift/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108439/"
-"108438","2019-01-23 13:04:56","http://mimiabner.com/Januar2019/KKLNCJRM9305924/Dokumente/Rechnungszahlung/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108438/"
+"108438","2019-01-23 13:04:56","http://mimiabner.com/Januar2019/KKLNCJRM9305924/Dokumente/Rechnungszahlung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108438/"
 "108437","2019-01-23 13:04:55","http://migoshen.org/De_de/TOBRRR1680791/Rechnungs-Details/Zahlungserinnerung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108437/"
 "108436","2019-01-23 13:04:54","http://mayak.com.ua/logs/De_de/NMXSMGO8605791/Scan/DOC/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108436/"
 "108435","2019-01-23 13:04:51","http://leodruker.com/De_de/VSLVFEAU8161484/de/DETAILS/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/108435/"
@@ -5198,7 +5615,7 @@
 "108412","2019-01-23 13:03:26","http://rapport-de-stage-tevai-sallaberry.fr/AMAZON/Details/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108412/"
 "108411","2019-01-23 13:03:25","http://rahkarinoo.com/AMAZON/DE/Bestellung-details/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108411/"
 "108410","2019-01-23 13:03:24","http://nhakhoavieta.com/AMAZON/DE/Kunden-informationen/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108410/"
-"108409","2019-01-23 13:03:13","http://mayphatrasua.com/Amazon/DE/Kunden/012019/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108409/"
+"108409","2019-01-23 13:03:13","http://mayphatrasua.com/Amazon/DE/Kunden/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108409/"
 "108408","2019-01-23 13:03:10","http://jcpersonaliza.com.br/Amazon/Kunden_informationen/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108408/"
 "108407","2019-01-23 13:03:08","http://gephesf.pontocritico.org/AMAZON/Bestelldetails/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108407/"
 "108406","2019-01-23 13:03:03","http://copsnailsanddrinks.fr/Amazon/DE/Kunden_Messages/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/108406/"
@@ -5216,12 +5633,12 @@
 "108394","2019-01-23 12:05:05","http://www.mytrains.net/administrator/templates/isis/less/bootstrap/Payment%20Challan.zip","online","malware_download","zipped-exe,Kutaki","https://urlhaus.abuse.ch/url/108394/"
 "108393","2019-01-23 11:58:16","http://yesky.xzstatic.com/2017/08/02/yxlmLOLpfzj_v14.6.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108393/"
 "108392","2019-01-23 11:56:05","http://iparkingtest.com/wp-content/themes/noyah/css/theme/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108392/"
-"108391","2019-01-23 11:55:32","http://ceronamtinclube.icu/opuba/unit.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108391/"
+"108391","2019-01-23 11:55:32","http://ceronamtinclube.icu/opuba/unit.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108391/"
 "108390","2019-01-23 11:51:03","http://csb-co-id.ga/file/sweed.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108390/"
 "108389","2019-01-23 11:45:03","http://aliancerubber.com/sysmain/sysmain.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/108389/"
 "108388","2019-01-23 11:31:33","http://dijitalbaskicenter.com/Amazon/Kunden-transaktion/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108388/"
 "108387","2019-01-23 11:31:32","http://kosolve.com/Amazon/Kunden_informationen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108387/"
-"108386","2019-01-23 11:31:30","http://sozdanie-sajtov.rise-up.nsk.ru/Amazon/DE/Bestelldetails/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108386/"
+"108386","2019-01-23 11:31:30","http://sozdanie-sajtov.rise-up.nsk.ru/Amazon/DE/Bestelldetails/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108386/"
 "108385","2019-01-23 11:31:29","http://www.sp11dzm.ru/Amazon/DE/Kunden_informationen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108385/"
 "108384","2019-01-23 11:31:28","http://inspireworksmarketing.com/AMAZON/DE/Kunden_Messages/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108384/"
 "108383","2019-01-23 11:31:27","http://somov-igor.ru/Amazon/DE/Kunden/2019-01/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/108383/"
@@ -5435,7 +5852,7 @@
 "108159","2019-01-23 10:21:20","http://zeusdatabase.com/z/aXM64.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108159/"
 "108158","2019-01-23 10:20:08","http://205.185.117.187/olalala/putty.exe","online","malware_download","GandCrab,exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/108158/"
 "108157","2019-01-23 10:14:08","http://stablinost.ug/2.exe","offline","malware_download","tinynuke,Brazzzers","https://urlhaus.abuse.ch/url/108157/"
-"108156","2019-01-23 10:14:05","http://stablinost.ug/1.exe","offline","malware_download","AZORult,Brazzzers","https://urlhaus.abuse.ch/url/108156/"
+"108156","2019-01-23 10:14:05","http://stablinost.ug/1.exe","online","malware_download","AZORult,Brazzzers","https://urlhaus.abuse.ch/url/108156/"
 "108155","2019-01-23 10:11:03","http://a0.kl.com.ua/Gege.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108155/"
 "108154","2019-01-23 09:57:07","http://www.offtechitbd.com/uctv/narese45.exe","offline","malware_download","NanoCore,rat,exe","https://urlhaus.abuse.ch/url/108154/"
 "108153","2019-01-23 09:57:03","http://blskcollege.co.in/barry.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/108153/"
@@ -5518,7 +5935,7 @@
 "108076","2019-01-23 07:31:44","http://157.230.49.191/yakuza.ppc","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/108076/"
 "108075","2019-01-23 07:31:42","http://157.230.61.82/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108075/"
 "108074","2019-01-23 07:31:41","http://157.230.49.191/yakuza.arm6","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/108074/"
-"108073","2019-01-23 07:31:40","http://therxreview.com/Amazon/DE/Kunden_informationen/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108073/"
+"108073","2019-01-23 07:31:40","http://therxreview.com/Amazon/DE/Kunden_informationen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108073/"
 "108072","2019-01-23 07:31:38","http://songlinhtran.vn/wp-content/Amazon/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108072/"
 "108071","2019-01-23 07:31:07","http://yeuromndy.cf/Amazon/DE/Kunden_Messages/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108071/"
 "108070","2019-01-23 07:30:06","http://157.230.92.196/cron","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/108070/"
@@ -5697,11 +6114,8 @@
 "107897","2019-01-23 06:05:06","http://gulfclouds.site/cp/bb/bob.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107897/"
 "107896","2019-01-23 06:05:03","http://loygf-33.ml/yuio/ernest.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107896/"
 "107895","2019-01-23 06:04:03","http://loygf-33.ml/yuio/sop.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/107895/"
-"107894","2019-01-23 05:32:11","https://u3591409.ct.sendgrid.net/wf/click?upn=9adNaz2el99ChgFXkRFdruye0b-2FvvcF-2B5TkzWwAkPaCO9aj67dFyGlsQ6-2FFidHIrYiuQbYYmjoB5w-2FmjNGUUFou7PSTMs3ouOuYukBcXp4w3zldC512sfIp3ik0IpEgD_qP8kFMJ66M0kYtrAcsH-2FI9iYyrfcSaoJC2PR142pqgtUO6CNcGwRn-2BlQuDhXTg5-2BIYoXaPhNA-2BM4UGOgIQQQBCoTJqK-2BDTyVSMwIOtZNAwiIvaT9iDIrbGPqVTy5AJPDRB4eDXpAcvt4YZXbPzdZVS7RCH6LgLYZ-2Fr2fNWPFc-2F5P9LvjeKJmeakDo6ClzTRj2xImwkGBw9aypd23dvXw7AQtxKy-2FmYiKOlVp2br-2FFB4-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107894/"
 "107893","2019-01-23 05:32:10","https://noithatshop.vn/EgUmS-0Kmb7_lrQlB-QiP/Ref/2245560680US_us/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107893/"
 "107892","2019-01-23 05:32:03","https://mandrillapp.com/track/click/30891409/saffroniran.org?p=eyJzIjoiSGpiVWlQRGk5RnBKRTN3VmxxX0QxTnpRczh3IiwidiI6MSwicCI6IntcInVcIjozMDg5MTQwOSxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvc2FmZnJvbmlyYW4ub3JnXFxcL0VMSHpzLUloS194YnV0RS12U0tcXFwvRU5fZW5cXFwvU2VydmljZS1SZXBvcnQtNjEzOFwiLFwiaWRcIjpcImY3NTM1MGMzYmEzNjQ2ZTFiMDdlNTAyMTM5ODVlYzVhXCIsXCJ1cmxfaWRzXCI6W1wiYmQ2NDNjNDgzMWY2YzQ4M2UxMTUyNmJhMzAwNmVhNjhkYTEwZWVmZlwiXX0ifQ/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107892/"
-"107890","2019-01-23 05:32:02","http://u3591409.ct.sendgrid.net/wf/click?upn=MpkhbQ9A7ghXsilGlb8JaMaAODoPYRPhWLFPW8p76-2FIoXLE9oOWw25sLf0yAtve1a2dt2WTpa-2Bw-2FOHkLiMwvPNpVdJSpnpXLW3Sw0aVmccmQCgt2DS5M67lAL4dcGCou_cthq0z3adJO3eRdfaqambrdlNWmiBU1pAImjqPZGN1zY2vz0-2F-2B0uoYhbUymmwjLhoeH0rG2nvYMWst8Lzsb08bplQMqsepcg8AJTMqrqWyMAoNJFR2wvDKH9DkL7Ip8EoTRRD58-2F7XvvI3FYxqK3eVuBvTrz74lkgkfSJiAfjIon4ws5vULXVmaNvljTcWVYAT7rcFMM-2FRRar9ZpmzJ9teN8sD-2Fffu-2Bw8wiWe5X3q5g-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107890/"
-"107891","2019-01-23 05:32:02","https://linkprotect.cudasvc.com/url?a=http://cadog.nl/geCXU-iVA_svi-1e/Inv/48311516320/US_us/Invoice-for-you&c=E11xlg07LDIuUpl85H2ovWjH0WZUmv9ZO0x2m8JMHEm93gxBEVVPssH7r_Xu8pM7bTCIuSSK2EdTCstlc7V3TcgEG_Af8jI2KO7AD-MnojAwp8R6MHzQ&typo=1>/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107891/"
 "107889","2019-01-23 05:20:06","http://gulfclouds.site/cp/ok/oki.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107889/"
 "107888","2019-01-23 05:18:05","http://shrikailashlogicity.in/33.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/107888/"
 "107887","2019-01-23 05:10:08","http://loygf-33.ml/yuio/ebu.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/107887/"
@@ -5709,7 +6123,7 @@
 "107885","2019-01-23 04:42:08","https://kemmypham.com/wp-admin/css/colors/blue/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107885/"
 "107884","2019-01-23 03:31:13","http://www.velerosa.it/wp-admin/css/Payment_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107884/"
 "107883","2019-01-23 03:31:09","http://forodigitalpyme.es/3WYithg/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107883/"
-"107882","2019-01-23 03:31:07","http://tovbekapisi.com/Transaction_details/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107882/"
+"107882","2019-01-23 03:31:07","http://tovbekapisi.com/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107882/"
 "107881","2019-01-23 03:31:03","http://www.pojbez31.ru/Details/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107881/"
 "107880","2019-01-23 03:22:19","http://www.goldtrader.sg/LBUE-gYsbQ_ijxD-zb/EXT/PaymentStatus/EN_en/Service-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107880/"
 "107879","2019-01-23 03:22:15","http://universalsmile.org/De_de/BHAODQUAKF3039265/de/DETAILS/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107879/"
@@ -5722,10 +6136,10 @@
 "107872","2019-01-23 03:22:06","http://idgnet.nl/Januar2019/NFDAXF8050789/Rechnungs/FORM/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107872/"
 "107871","2019-01-23 03:22:05","http://forma-31.ru/De/KVHFNE8175184/Bestellungen/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107871/"
 "107870","2019-01-23 03:22:04","http://xn--d1albnc.xn--p1ai/De_de/OYAOFAFYXM7852452/GER/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107870/"
-"107869","2019-01-23 03:04:04","http://delili.net/_installation/angie/views/ftpbrowser/tmpl/roll.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/107869/"
-"107868","2019-01-23 03:00:05","http://delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/images/serv.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/107868/"
-"107866","2019-01-23 02:50:03","http://delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/Mail.Settings/Mail.Settings.Setup.2.1.1v.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107866/"
-"107867","2019-01-23 02:50:03","http://delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/Mail_Security_Settings_Setup%2059.0.2.doc","online","malware_download","RTF","https://urlhaus.abuse.ch/url/107867/"
+"107869","2019-01-23 03:04:04","http://delili.net/_installation/angie/views/ftpbrowser/tmpl/roll.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/107869/"
+"107868","2019-01-23 03:00:05","http://delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/images/serv.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/107868/"
+"107866","2019-01-23 02:50:03","http://delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/Mail.Settings/Mail.Settings.Setup.2.1.1v.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107866/"
+"107867","2019-01-23 02:50:03","http://delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/Mail_Security_Settings_Setup%2059.0.2.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/107867/"
 "107865","2019-01-23 02:44:11","http://ereservices.com/.well-known/pki-validation/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107865/"
 "107864","2019-01-23 02:42:37","http://cacaonguyenchat.com/wp-includes/ID3/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107864/"
 "107863","2019-01-23 02:42:22","http://tsumu.xyz/upload/signature.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107863/"
@@ -5756,8 +6170,7 @@
 "107838","2019-01-23 01:46:05","http://198.167.140.146/yakuza.m68k","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/107838/"
 "107837","2019-01-23 01:26:04","http://175.206.44.197:57622/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/107837/"
 "107836","2019-01-23 01:11:35","http://rmklogistics.co.za/Clients_transactions/01_19/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/107836/"
-"107835","2019-01-23 01:11:31","http://pos.vi-bus.com/Payments/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107835/"
-"107834","2019-01-23 01:09:04","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.scanliftmaskin.no%2fDe%2fODSFOXQPVE1928168%2fRechnungskorrektur%2fDOC&c=E1qNPmjSP92muSYMHkXPduya4DgDB12ls4XKFzxoOWWoT-s8uxaeZxe_iOlTaz91Hu-w0yOoLr2Sf8cOSqkt3-pkF2w5iONBkd6P90pz09q50DisMqdDg&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107834/"
+"107835","2019-01-23 01:11:31","http://pos.vi-bus.com/Payments/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107835/"
 "107833","2019-01-23 01:08:25","http://modalook.com.tr/EeILG-6j_bgQKpwcmU-2Rc/INVOICE/US/Invoices-attached/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107833/"
 "107832","2019-01-23 01:08:22","http://magazine.suvreconsultants.co.tz/hRbp-grY6Z_NaqrtZ-tK/INVOICE/En_us/502-67-893726-012-502-67-893726-181/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107832/"
 "107831","2019-01-23 01:08:20","http://lvksdy.cf/Oibll-Iy_Czrg-RO/INVOICE/En_us/Service-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107831/"
@@ -5777,8 +6190,7 @@
 "107817","2019-01-22 23:47:04","http://nanomineraller.com/wp-admin/css/colors/blue/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107817/"
 "107816","2019-01-22 23:46:21","http://cfs9.tistory.com/upload_control/download.blog?fhandle=YmxvZzE3MTk1M0BmczkudGlzdG9yeS5jb206L2F0dGFjaC8wLzI1LmV4ZQ==&filename=update_51plugins_2008-05-24.part01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107816/"
 "107815","2019-01-22 23:39:24","http://hophophop.pw/startlaunch.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107815/"
-"107813","2019-01-22 23:31:02","https://u6547982.ct.sendgrid.net/wf/click?upn=gZzAZsqCdL82HnVLGMfnEjM7ETIouxfgcc3GRXOaeV72L5B-2BD8WkY66-2B9FbdjxxVmN-2Fir440kKU-2B8l34okQk34trJLIdrJquIX7rv6Cy-2BYY-3D_18OFKTR-2FlMcCiRVgVLVc8ZSUI35CFSWxjcsJRx2c6MbDHEVQ9c7XQk0JeTyS72o3QAhn1fOfSM0R8mXmZKAtQTE-2BuXFV8LxnCUaJGUA2CVQomSBnL8kEMXuMev7-2FlhP0i8DUImQaObQpzfcojVnKLieZXVXcpM3zM-2B9FrGJx6tgBYZThdubg0HLwO2H0grpeL1mgBRADA1MhqK3cC0OE-2Fg-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107813/"
-"107812","2019-01-22 23:22:02","http://www.ontamada.ru/nOGFU-1ic8e_t-xWX/COMET/SIGNS/PAYMENT/NOTIFICATION/01/19/2019/En_us/7-Past-Due-Invoices/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107812/"
+"107812","2019-01-22 23:22:02","http://www.ontamada.ru/nOGFU-1ic8e_t-xWX/COMET/SIGNS/PAYMENT/NOTIFICATION/01/19/2019/En_us/7-Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107812/"
 "107811","2019-01-22 23:15:07","https://url.emailprotection.link/?ajzZkb6Opvix4O5BJSFHTDFBLeFb7DXimc0Kbk4VMXjXr94NpBfWnoyaDJEs9aJt41HoporDrYthrC-yI61X1Bw~~/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/107811/"
 "107810","2019-01-22 23:15:06","http://sonqoba.co.za/Payment_details/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107810/"
 "107809","2019-01-22 23:15:04","http://fashionstreets.net/Clients_information/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107809/"
@@ -5789,7 +6201,7 @@
 "107804","2019-01-22 22:57:04","http://104.248.215.146/bins/kowai.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107804/"
 "107803","2019-01-22 22:45:15","http://davytopiol.creation-site.info/OLyagh9cCtf7UQ_fx/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107803/"
 "107802","2019-01-22 22:45:13","http://testesfuncionais.pt/DpzKQykE_Ust6OJ/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107802/"
-"107801","2019-01-22 22:45:11","http://rukiyekayabasi.com/UIGJtOpITZZN/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107801/"
+"107801","2019-01-22 22:45:11","http://rukiyekayabasi.com/UIGJtOpITZZN/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107801/"
 "107800","2019-01-22 22:45:08","http://ismail-ceylan.com/MOFkpZeJ1j/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107800/"
 "107799","2019-01-22 22:45:05","http://vinsportiataymo.com/wp-includes/YtLEOv6oxsuGYM_7/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107799/"
 "107798","2019-01-22 22:44:11","https://rosalindacademy.it/zVWy-2lPC_BDKTd-CCY/Southwire/UWT1986389353/US_us/Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107798/"
@@ -5816,14 +6228,14 @@
 "107776","2019-01-22 22:14:16","http://screwwith.us/FcPQR-X3_EvdmW-aQ/Invoice/708636935/En/ACH-form/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107776/"
 "107775","2019-01-22 22:14:14","http://scm.ma/PDUU-owYp_rZiZkCh-ze/ZW244/invoicing/En_us/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107775/"
 "107774","2019-01-22 22:14:12","http://sailingwheels.com/cXti-XQ_Vyozsc-dRP/En_us/Invoice-for-s/d-01/23/2019/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107774/"
-"107773","2019-01-22 22:14:09","http://pinarilata.com/wp-admin/Omwfv-XJ_NC-aB3/COMET/SIGNS/PAYMENT/NOTIFICATION/01/23/2019/En/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107773/"
+"107773","2019-01-22 22:14:09","http://pinarilata.com/wp-admin/Omwfv-XJ_NC-aB3/COMET/SIGNS/PAYMENT/NOTIFICATION/01/23/2019/En/Open-Past-Due-Orders/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107773/"
 "107772","2019-01-22 22:14:07","http://notverglasung-24.at/genY-I7lXo_D-Zp/invoices/4335/22326/US/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107772/"
 "107771","2019-01-22 22:14:05","http://nongnghiepgiaphat.com/LeYa-DnvZd_TWfWa-sp/invoices/7652/5808/US/Invoice-95885310/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107771/"
 "107770","2019-01-22 22:14:02","http://noithatshop.vn/EgUmS-0Kmb7_lrQlB-QiP/Ref/2245560680US_us/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107770/"
 "107769","2019-01-22 22:13:59","http://muscleoctane.com/weNp-uMDpr_gC-V5/ACH/PaymentAdvice/US/Invoices-Overdue/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107769/"
 "107768","2019-01-22 22:13:57","http://karczmaczarnabialostocka.pl/PaLJf-7giNF_WRwWb-hT/ACH/PaymentAdvice/En_us/Invoices-attached/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107768/"
 "107767","2019-01-22 22:13:55","http://kaktussurucukursu.com/NNTJw-eoD0Z_UBfnLEArW-zck/EXT/PaymentStatus/En/Document-needed/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107767/"
-"107766","2019-01-22 22:13:45","http://ijabr.futminna.edu.ng/wUWP-mmDs_M-DHl/6448992/SurveyQuestionsUS/Invoice-40779117-January/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107766/"
+"107766","2019-01-22 22:13:45","http://ijabr.futminna.edu.ng/wUWP-mmDs_M-DHl/6448992/SurveyQuestionsUS/Invoice-40779117-January/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107766/"
 "107765","2019-01-22 22:13:43","http://hourofcode.cn/vUJZh-Ig_gWzvxpF-UCV/Southwire/FBY5148225724/US_us/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107765/"
 "107764","2019-01-22 22:13:15","http://frontlineinsure.com/Abux-WWF_JBHe-S4/PaymentStatus/EN_en/Question/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107764/"
 "107763","2019-01-22 22:13:12","http://fara.rise-up.nsk.ru/USiXe-97d_vaFkfCNnj-tn/Southwire/LDV40885704/En/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107763/"
@@ -5850,7 +6262,7 @@
 "107740","2019-01-22 21:52:29","http://samet-celik.com/wp-admin/Payment_details/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107740/"
 "107738","2019-01-22 21:52:27","http://retisenzafrontiere.org/Details/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107738/"
 "107739","2019-01-22 21:52:27","http://salonbellasa.sk/Amazon/Bestellung_details/2019-01/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/107739/"
-"107737","2019-01-22 21:52:26","http://queekebook.com/Information/2019-01/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107737/"
+"107737","2019-01-22 21:52:26","http://queekebook.com/Information/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107737/"
 "107736","2019-01-22 21:52:22","http://nongamptu.com/Transactions/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107736/"
 "107735","2019-01-22 21:52:20","http://maritime.co.id/vyztj/Transaction_details/012019/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107735/"
 "107734","2019-01-22 21:52:17","http://magazine.suvreconsultants.co.tz/Transactions/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107734/"
@@ -5861,19 +6273,19 @@
 "107729","2019-01-22 21:52:05","http://drcarrico.com.br/Attachments/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107729/"
 "107728","2019-01-22 21:52:04","http://chimie.usm.md/wp-content/uploads/Transaction_details/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107728/"
 "107727","2019-01-22 21:52:02","http://allinmadagascar.com/Details/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/107727/"
-"107717","2019-01-22 21:36:08","https://installatiebedrijfroosendaal.nl/ONWFP-gO_YnJ-5Yu/ACH/PaymentAdvice/En_us/Sales-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107717/"
+"107717","2019-01-22 21:36:08","https://installatiebedrijfroosendaal.nl/ONWFP-gO_YnJ-5Yu/ACH/PaymentAdvice/En_us/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107717/"
 "107715","2019-01-22 21:36:06","http://symbisystems.com/cqLe-wmF_YeaBrnSA-22/QE12/invoicing/EN_en/Service-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107715/"
 "107714","2019-01-22 21:36:04","http://sgtsrl.it/Januar2019/BUBJUPBDLV2330255/Rechnungs-Details/DOC-Dokument/index.php.suspected/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107714/"
 "107713","2019-01-22 21:36:03","http://prestijkonutlarisitesi.com/JhMrI-fD_rWRPsrV-lzk/Ref/247520167EN_en/Service-Report-0675/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107713/"
 "107712","2019-01-22 21:36:02","http://lletenldy.cf/QNvi-TGl_X-J9/InvoiceCodeChanges/En_us/ACH-form/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107712/"
-"107711","2019-01-22 21:35:19","http://khomyphamhanoi.com/kwlgp-mz5y_vtT-13S/SB279/invoicing/En/Need-to-send-the-attachment/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107711/"
+"107711","2019-01-22 21:35:19","http://khomyphamhanoi.com/kwlgp-mz5y_vtT-13S/SB279/invoicing/En/Need-to-send-the-attachment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107711/"
 "107710","2019-01-22 21:35:15","http://intranet-nsml.com/JxbLo-zx_h-2hw/InvoiceCodeChanges/En_us/9-Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107710/"
 "107709","2019-01-22 21:35:14","http://fastrackapp.es/UYWni-2NQ_xbyis-CQ/INVOICE/EN_en/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107709/"
 "107708","2019-01-22 21:35:13","http://countynewsnetwork.co.ke/de_DE/FGORNNJ6489940/DE/Fakturierung/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/107708/"
 "107707","2019-01-22 21:35:11","http://carolineredaction.fr/PFtg-xk_Suheje-ie/8874376/SurveyQuestionsEn_us/465-24-710645-507-465-24-710645-071/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107707/"
 "107706","2019-01-22 21:35:10","http://bietthunghiduong24h.info/de_DE/NEGGSD3208841/Rechnungs-Details/RECHNUNG/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107706/"
 "107705","2019-01-22 21:35:06","http://baystreetbbs.org/XZDH-Xj_y-TS/INVOICE/60139/OVERPAYMENT/US_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107705/"
-"107704","2019-01-22 21:35:04","http://ahmetcanbektas.com/dMylR-rAOG_OIOQNLyJ-FxZ/Invoice/341990756/En_us/Paid-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107704/"
+"107704","2019-01-22 21:35:04","http://ahmetcanbektas.com/dMylR-rAOG_OIOQNLyJ-FxZ/Invoice/341990756/En_us/Paid-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107704/"
 "107703","2019-01-22 21:35:03","http://3.dohodtut.ru/lHdS-QLH_aNimt-qzT/ACH/PaymentInfo/En/Important-Please-Read/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/107703/"
 "107702","2019-01-22 20:56:06","http://senda.bmt.city/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107702/"
 "107701","2019-01-22 20:56:04","http://jambanswers.org/.well-known/pki-validation/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107701/"
@@ -5936,8 +6348,8 @@
 "107644","2019-01-22 19:57:16","http://mariposaplus.com/idyudJzd/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/107644/"
 "107643","2019-01-22 19:57:04","http://jumesamedina.com/FKcXltRa/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/107643/"
 "107642","2019-01-22 19:56:13","http://boyabadanaustasi.net/wp-content/Clients/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107642/"
-"107641","2019-01-22 19:56:11","http://alexpopow.com/wp-includes/Clients_information/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107641/"
-"107640","2019-01-22 19:56:09","http://erolatak.com/wp-admin/Clients_Messages/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107640/"
+"107641","2019-01-22 19:56:11","http://alexpopow.com/wp-includes/Clients_information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107641/"
+"107640","2019-01-22 19:56:09","http://erolatak.com/wp-admin/Clients_Messages/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107640/"
 "107639","2019-01-22 19:56:08","http://zirvekonutlari.com/bin/forum/cache/Details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107639/"
 "107638","2019-01-22 19:56:03","http://tasmatbaa.com/Attachments/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107638/"
 "107637","2019-01-22 19:50:06","http://midnightsunnigltd.com/fonts/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107637/"
@@ -5989,14 +6401,12 @@
 "107591","2019-01-22 18:39:39","http://apf-entreprises80.com/gH9Eq6Qp2qBAsbN/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107591/"
 "107590","2019-01-22 18:39:35","https://mandrillapp.com/track/click/30891409/www.gazenap.ru?p=eyJzIjoiUDU1R2VSaVVkOURneDI4NjRtZjk0dlF2d1lVIiwidiI6MSwicCI6IntcInVcIjozMDg5MTQwOSxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvd3d3LmdhemVuYXAucnVcXFwvRUJ2VnEtTm5LQWlfQk9kWG5DcC1tbTBcXFwvQUNIXFxcL1BheW1lbnRJbmZvXFxcL0VOX2VuXFxcL0ludm9pY2UtcmVjZWlwdFwiLFwiaWRcIjpcImFkZGMxMTNkZjZjYTQwNjJhMTIzMWY1ZWQ1MmRkN2MwXCIsXCJ1cmxfaWRzXCI6W1wiZTgwODQ5NjI1N2I1NTFmYjEwNTdhMjI1MzBiMzVlOTc1Njk5ZjEwYlwiXX0ifQ/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107590/"
 "107589","2019-01-22 18:39:33","https://mandrillapp.com/track/click/30891409/www.gazenap.ru?p=eyJzIjoiNzhQMnRCVGJaZDhiQnphTE1HSGdfaXhKUng4IiwidiI6MSwicCI6IntcInVcIjozMDg5MTQwOSxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvd3d3LmdhemVuYXAucnVcXFwvRUJ2VnEtTm5LQWlfQk9kWG5DcC1tbTBcXFwvQUNIXFxcL1BheW1lbnRJbmZvXFxcL0VOX2VuXFxcL0ludm9pY2UtcmVjZWlwdFwiLFwiaWRcIjpcImI0ZGNlMTVlZTE0YjRiYzY5NDg2YTE1MDA1MTgyMjA5XCIsXCJ1cmxfaWRzXCI6W1wiZTgwODQ5NjI1N2I1NTFmYjEwNTdhMjI1MzBiMzVlOTc1Njk5ZjEwYlwiXX0ifQ/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107589/"
-"107588","2019-01-22 18:39:31","http://bastien27.net/Ihhcg-AQNN1_h-2ZY/Inv/30311375828/US_us/Invoice-Number-41369/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107588/"
+"107588","2019-01-22 18:39:31","http://bastien27.net/Ihhcg-AQNN1_h-2ZY/Inv/30311375828/US_us/Invoice-Number-41369/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107588/"
 "107587","2019-01-22 18:39:27","http://bobors.se/fvaz-nT_tr-SD/YL33/invoicing/En/7-Past-Due-Invoices/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107587/"
 "107586","2019-01-22 18:39:23","http://saffroniran.org/ELHzs-IhK_xbutE-vSK/EN_en/Service-Report-6138/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107586/"
-"107585","2019-01-22 18:39:21","https://linkprotect.cudasvc.com/url?a=http://cadog.nl/geCXU-iVA_svi-1e/Inv/48311516320/US_us/Invoice-for-you&c=E,1,1xlg07LDIuUpl85H2ovWjH0WZUmv9ZO0x2m8JMHEm93gxBEVVPssH7r_Xu8pM7bTCIuSSK2EdTCstlc7V3TcgEG_Af8jI2KO7AD-MnojAwp8R6MHzQ,,&typo=1>/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107585/"
 "107584","2019-01-22 18:39:18","http://metservice.su/QrRh-poPhd_piiQTHSwn-skb/26275/SurveyQuestionsEn/Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107584/"
 "107583","2019-01-22 18:39:14","https://mandrillapp.com/track/click/30891409/motorowka-zegrze.pl?p=eyJzIjoiQzREVUozTE10RDlGelZoODA2amxQak4wQ0JNIiwidiI6MSwicCI6IntcInVcIjozMDg5MTQwOSxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvbW90b3Jvd2thLXplZ3J6ZS5wbFxcXC9ZbmFuRi0wd2NmZV9qSE5JQU5rUS1ibW5cXFwvRU5fZW5cXFwvSW52b2ljZXMtYXR0YWNoZWRcIixcImlkXCI6XCI5MWRjMWEyN2E4ODE0ODEwOTRjZDgxOWRmYjViNmY1NFwiLFwidXJsX2lkc1wiOltcIjlkNGE4YjA1YmYzNzg3MDNmNGNmNDJhZDI1Y2FlZmZjYzFmM2RhMjBcIl19In0/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107583/"
 "107582","2019-01-22 18:39:11","http://mijn.912app.nl/ZZXL-YX_bSpnx-Lh/InvoiceCodeChanges/US_us/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107582/"
-"107581","2019-01-22 18:39:08","https://u6324807.ct.sendgrid.net/wf/click?upn=Hh9bd7K7MTzSofwGD8-2BiWJKKIsMpGHCQRKtSR9X4g5RI2-2FOfMCmGZdACcUjm-2FDPbKQbnn7a7CM-2BNcL9ye8-2Bl7gMe82eNmSHCi2vFjdlGa1InmP8IguneawWSbfxVXbur_Hf5wqqoVjPGOZQHjMxdY4gLoovNdei0sc7ar0ruJ4v-2B0m3BL67r3t3-2BFlcmcNHARpFTB4COhbCJVk7-2Bnlwdp-2F9QQD9zjU2D3uwWm5u3btXKQXEdygBKngAs0mfonOe6YR1SG5oqaF8iiWikpRCVuNDyqPCBAXCsLEQPyn3UbB-2BL9YlerJ7CJ0-2BN5TTB3JyVxHt8FhXSvOHWj8-2BRBtz6QXbg8VsU5Jw-2FwS55nhKyBePw-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107581/"
 "107580","2019-01-22 18:39:06","http://www.nbargaincentre.co.za/xTxVK-L75WH_Ybd-vW/06304/SurveyQuestionsEn/Past-Due-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107580/"
 "107579","2019-01-22 18:38:54","http://pro-align.co.za/WoMWc-TKeVl_slSDHKxD-RZ/Inv/044451523/US_us/069-90-165347-997-069-90-165347-399/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107579/"
 "107578","2019-01-22 18:38:51","http://igsm.co/rufF-pjEu_KXoX-gm/Inv/12238480468/EN_en/ACH-form/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107578/"
@@ -6004,7 +6414,7 @@
 "107576","2019-01-22 18:38:46","http://whiskeywords.ru/GOydl-xZaD_WgLXCrR-7qx/ACH/PaymentInfo/En_us/Scan/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107576/"
 "107575","2019-01-22 18:38:42","http://tisoft.vn/XBsdB-8E8gQ_VfwyMxej-Z6F/Invoice/82943128/US/Service-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107575/"
 "107574","2019-01-22 18:38:38","http://artcinema.pro/Xayd-mi_JrSNdr-d1/F07/invoicing/US/Inv-98755-PO-4S418650/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107574/"
-"107573","2019-01-22 18:38:36","http://its.futminna.edu.ng/zCCmh-JFD4_IHId-8A/INVOICE/En_us/ACH-form/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107573/"
+"107573","2019-01-22 18:38:36","http://its.futminna.edu.ng/zCCmh-JFD4_IHId-8A/INVOICE/En_us/ACH-form/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107573/"
 "107572","2019-01-22 18:38:33","http://dreamswork.tk/XafG-V9j24_VMLLoLvZa-mP6/InvoiceCodeChanges/En_us/Service-Report-1015/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107572/"
 "107571","2019-01-22 18:38:30","https://mandrillapp.com/track/click/30891409/cannabiswebsite10.info?p=eyJzIjoiaUdYWTdHejl4Y2dJLWIwQ25IR015d0dwR1lzIiwidiI6MSwicCI6IntcInVcIjozMDg5MTQwOSxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvY2FubmFiaXN3ZWJzaXRlMTAuaW5mb1xcXC9DVEpTZS1RdzV5V19uLWVvWlxcXC9FWFRcXFwvUGF5bWVudFN0YXR1c1xcXC9Fbl91c1xcXC9PcGVuLVBhc3QtRHVlLU9yZGVyc1wiLFwiaWRcIjpcImQwYjMwYmI1NGJlNTQyOWRhMjU3NWE1ZDA1OTZlODM0XCIsXCJ1cmxfaWRzXCI6W1wiMmJkMmIwY2Y3MDI0NTA3ZjU4ZWU4NDAxZjI4MzVhMzQ1OWYwZTk0OFwiXX0ifQ/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107571/"
 "107570","2019-01-22 18:38:29","http://gatamode.com/tADyB-D0q_bnjfQu-X5L/PaymentStatus/EN_en/Scan/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107570/"
@@ -6178,8 +6588,7 @@
 "107402","2019-01-22 15:33:03","http://89.46.223.195/bins/x86","online","malware_download","elf","https://urlhaus.abuse.ch/url/107402/"
 "107400","2019-01-22 15:33:02","http://iwantallthesmoke.club/bins/mips64","offline","malware_download","elf","https://urlhaus.abuse.ch/url/107400/"
 "107399","2019-01-22 15:32:43","https://us-west-2.protection.sophos.com/?d=fergus.vn&u=aHR0cDovL2Zlcmd1cy52bi9UcmFuc2FjdGlvbl9kZXRhaWxzLzAxMjAxOQ==&e=bGhpY2tleUBtaXNzb3VsYWNvdW50eS51cw==&t=SW9UZyszNFBzSGZwOTZraUtENzJORnc2MWdEMm1ucVVwbUwxTmRVZStyUT0=/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107399/"
-"107398","2019-01-22 15:32:42","https://u8349684.ct.sendgrid.net/wf/click?upn=XCc5xlLKXxB-2Bj1QCZ0nyFoau-2F1t-2B7divjSdbXI9GP9oD0uiyNthwPs643coGMuiV-2FuUlLlpKXFMzX-2FdXl-2B5LToSqNs6eYo-2BMyDlCdcoQ9nc-3D_vZkxKSgXWAdtPmYdYcmAtGo-2FHn4ry4ehbIOCFkyIvWZvLj0DyayLa7FJ8-2FKj1b-2BOKn1qIr0zZROB7chYS0R02QrIjFOIItynZSKs4eEXePsIctHgslL7TAMh-2BBELV3Wh-2Bl-2F36nC4342dUQEwVCaHwrTX5zSmLOzcaXHKEJaLijVGtdpE4BVkqou-2Fs7rr7UJHLf0wW1T3gf3KL9OyVrEUSg-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107398/"
-"107397","2019-01-22 15:32:41","http://pruebas.zecaenergia.com/Clients_information/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107397/"
+"107397","2019-01-22 15:32:41","http://pruebas.zecaenergia.com/Clients_information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107397/"
 "107396","2019-01-22 15:32:40","http://kanticzkos.bernardinai.lt/Amazon/DE/Zahlungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107396/"
 "107395","2019-01-22 15:32:39","http://mediaboxadvertising.com/Information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107395/"
 "107394","2019-01-22 15:32:37","http://mrcleaner.ca/Transactions/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107394/"
@@ -6194,14 +6603,14 @@
 "107385","2019-01-22 15:32:25","http://boldreflectionsmn.com/Amazon/DE/Transaktion-details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107385/"
 "107384","2019-01-22 15:32:23","http://bloomspor.com/Clients/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107384/"
 "107383","2019-01-22 15:32:22","http://aspireedifice.com/Clients_transactions/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107383/"
-"107382","2019-01-22 15:32:21","http://fergus.vn/Transaction_details/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107382/"
+"107382","2019-01-22 15:32:21","http://fergus.vn/Transaction_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107382/"
 "107381","2019-01-22 15:32:17","http://cristalizacaodepintura.com.br/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107381/"
 "107380","2019-01-22 15:32:14","http://agatawierzbicka.com/MdM5N5SCi/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107380/"
 "107379","2019-01-22 15:32:13","http://stjames.co.ke/Clients_Messages/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107379/"
 "107378","2019-01-22 15:32:11","http://ynopyxyzdy.cf/Details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107378/"
 "107377","2019-01-22 15:31:57","http://yikatdy.cf/Information/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107377/"
 "107376","2019-01-22 15:31:41","http://multisignes.com/Details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107376/"
-"107375","2019-01-22 15:31:39","http://www.tovbekapisi.com/Transaction_details/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107375/"
+"107375","2019-01-22 15:31:39","http://www.tovbekapisi.com/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107375/"
 "107374","2019-01-22 15:31:38","http://zizzy.eu/Clients_transactions/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107374/"
 "107373","2019-01-22 15:31:37","http://isalver.com/Messages/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107373/"
 "107372","2019-01-22 15:31:36","http://4b-immobilier.ch/Payments/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107372/"
@@ -6249,7 +6658,6 @@
 "107330","2019-01-22 15:13:17","http://gipertonia.site/DE_de/ZGXZBZB4858958/Bestellungen/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107330/"
 "107329","2019-01-22 15:13:14","http://cannabiswebsite10.info/CTJSe-Qw5yW_n-eoZ/EXT/PaymentStatus/En_us/Open-Past-Due-Orders/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107329/"
 "107328","2019-01-22 15:13:11","http://dtrendz.site/awFkk-av_MgseRMvj-qlf/COMET/SIGNS/PAYMENT/NOTIFICATION/01/22/2019/En_us/Invoice-Corrections-for-72/94/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107328/"
-"107327","2019-01-22 15:13:08","https://u3591409.ct.sendgrid.net/wf/click?upn=YbnhSJuNvqPYTarvTneeWqgzQPHc6YuwaukpjpTZAB8NToeWtDe6UU83wRC1PMPgntpJihXum-2BXovLW2GsFVftPguEa8KfQF8lQHVmMIkmJJ4atRM5QcQch7hpMrwDPo_W77bTy6YRdHySgTK0Dy8RZGA4Gw4OBKpSKdKgjodepEE5TAQq7LpSU4Id9564fJDgQuVItNj4vAdlQgl0DUZ4NwbGLPyAX1E5NwDtacDcDeTQcfdOU4SjkV-2BiWo1MVtX9c0Ke8jOhzNRdrBcxcMN2hedFYp6iLj-2F7BpVMAO94Gv18M7XWV3T7FLKT49-2BdBauOdWyAayIWx1Ls-2FZapQKi-2F0B3Qrh-2FHi3sM9pndpzMJiM-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107327/"
 "107326","2019-01-22 15:13:06","http://shantiniketangranthalay.com/pdZdy-d03g_L-F3c/InvoiceCodeChanges/US/Invoices-Overdue/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107326/"
 "107325","2019-01-22 15:13:05","http://talhency-rh.fr/tIoGR-Tbd_nJL-iQ/8093503/SurveyQuestionsEn_us/Service-Report-91187/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107325/"
 "107324","2019-01-22 15:13:03","http://deelfiets-zwolle.nl/mIoX-lfgDp_Bk-sES/InvoiceCodeChanges/US_us/Invoices-Overdue/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107324/"
@@ -6310,8 +6718,8 @@
 "107268","2019-01-22 14:28:05","http://159.65.148.180/kira1/kirai.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107268/"
 "107267","2019-01-22 14:28:04","http://46.36.41.247/Execution.i586","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/107267/"
 "107266","2019-01-22 14:28:03","http://lamson.danang.today/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","Shade,exe","https://urlhaus.abuse.ch/url/107266/"
-"107265","2019-01-22 13:55:02","http://www.delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/Mail_Security_Settings_Setup%2059.0.2.doc","online","malware_download","RTF","https://urlhaus.abuse.ch/url/107265/"
-"107264","2019-01-22 13:54:36","http://www.delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/images/serv.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/107264/"
+"107265","2019-01-22 13:55:02","http://www.delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/Mail_Security_Settings_Setup%2059.0.2.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/107265/"
+"107264","2019-01-22 13:54:36","http://www.delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/images/serv.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/107264/"
 "107263","2019-01-22 13:54:33","http://faujuladnan.com/wp-content/themes/materialis/inc/general-options/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107263/"
 "107262","2019-01-22 13:44:07","http://179.99.203.85:8326/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/107262/"
 "107261","2019-01-22 13:44:04","http://103.217.213.163:21906/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/107261/"
@@ -6329,7 +6737,6 @@
 "107249","2019-01-22 13:27:08","http://ptof.club/wcy1UGRiD991_fsn/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107249/"
 "107248","2019-01-22 13:27:06","http://www.megafighton.sandboxph.com/wHOiUtFwIBj_vu/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107248/"
 "107247","2019-01-22 13:27:04","http://ahluniversity.com/lW8Z9O0kOlt/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107247/"
-"107246","2019-01-22 13:26:33","https://u3591409.ct.sendgrid.net/wf/click?upn=MpkhbQ9A7ghXsilGlb8JaMaAODoPYRPhWLFPW8p76-2FIoXLE9oOWw25sLf0yAtve1a2dt2WTpa-2Bw-2FOHkLiMwvPNpVdJSpnpXLW3Sw0aVmccmQCgt2DS5M67lAL4dcGCou_cthq0z3adJO3eRdfaqambrdlNWmiBU1pAImjqPZGN1zY2vz0-2F-2B0uoYhbUymmwjLhoeH0rG2nvYMWst8Lzsb08bplQMqsepcg8AJTMqrqWyMAoNJFR2wvDKH9DkL7Ip8EoTRRD58-2F7XvvI3FYxqK3eVuBvTrz74lkgkfSJiAfjIon4ws5vULXVmaNvljTcWVYAT7rcFMM-2FRRar9ZpmzJ9teN8sD-2Fffu-2Bw8wiWe5X3q5g-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107246/"
 "107245","2019-01-22 13:26:31","http://skrentertainmentgroup.com/OKubS-8PWU_njYJwMJf-37/Invoice/93434659/En/Open-Past-Due-Orders/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/107245/"
 "107244","2019-01-22 13:26:01","http://smtp.coolgamesonline.xyz/PMEADOY5656929/DE/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107244/"
 "107243","2019-01-22 13:26:00","http://thewindexperience.nl/DE/NKJSFZ8081865/Rechnungskorrektur/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107243/"
@@ -6337,7 +6744,7 @@
 "107241","2019-01-22 13:25:57","http://lazylorgdy.cf/f9xqudI9/zcWad-GWH_baBAY-Uui/COMET/SIGNS/PAYMENT/NOTIFICATION/01/22/2019/EN_en/Invoices-attached/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107241/"
 "107240","2019-01-22 13:25:38","http://yspihdy.cf/lnqXo-8H_ZLu-FGc/Southwire/ZWZ3698864733/US_us/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107240/"
 "107239","2019-01-22 13:25:15","http://etsj.futminna.edu.ng/WHvQ-WIc3g_uGAeYuBrE-1p/Ref/17270744US_us/Important-Please-Read/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107239/"
-"107238","2019-01-22 13:25:13","http://icta.futminna.edu.ng/nghh-Qid_Ch-kB2/CQ07/invoicing/En_us/Past-Due-Invoices/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107238/"
+"107238","2019-01-22 13:25:13","http://icta.futminna.edu.ng/nghh-Qid_Ch-kB2/CQ07/invoicing/En_us/Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107238/"
 "107237","2019-01-22 13:25:12","http://mail.saffroniran.org/eXSr-ucR8_jOK-pGw/INV/7639695FORPO/8152729465/US/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107237/"
 "107236","2019-01-22 13:25:10","http://mokelys.com/De_de/UCRMMLHCKL0591388/Rechnungs/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107236/"
 "107235","2019-01-22 13:25:09","http://appliancestalk.com/MYVRCNIKC1402342/Rechnungskorrektur/Fakturierung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107235/"
@@ -6374,7 +6781,7 @@
 "107204","2019-01-22 12:32:10","http://www.testandersonline.nl/Amazon/DE/Informationen/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107204/"
 "107203","2019-01-22 12:32:08","http://meuwi.com/Amazon/Details/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107203/"
 "107202","2019-01-22 12:32:06","http://laiagency.co.tz/Amazon/Zahlungen/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107202/"
-"107201","2019-01-22 11:59:06","http://www.delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/Mail.Settings/Mail.Settings.Setup.2.1.1v.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107201/"
+"107201","2019-01-22 11:59:06","http://www.delili.net/_installation/angie/views/ftpbrowser/tmpl/xBlack_Configs/Fish/Mail.Settings/Mail.Settings.Setup.2.1.1v.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107201/"
 "107200","2019-01-22 11:55:07","http://skyehoppus.com/873gfhi3f3r","offline","malware_download","exe,Locky","https://urlhaus.abuse.ch/url/107200/"
 "107199","2019-01-22 11:36:02","http://ntmovingnorthyork.com/contactform/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107199/"
 "107198","2019-01-22 11:34:15","https://raw.githubusercontent.com/lidranopsi/vendas/master/processo%20judicial%20ref%2000022959595.rar","offline","malware_download","exe,rar","https://urlhaus.abuse.ch/url/107198/"
@@ -6403,7 +6810,7 @@
 "107175","2019-01-22 11:26:10","http://mehmetatmaca.net/contactform/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107175/"
 "107174","2019-01-22 11:22:20","http://permiandev.com/Januar2019/JJTYTKP1866775/DE_de/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107174/"
 "107173","2019-01-22 11:22:18","http://truongtaynama.edu.vn/De_de/XVPFYFYQ5517649/Rechnungs/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107173/"
-"107172","2019-01-22 11:22:09","http://njeas.futminna.edu.ng/Januar2019/JDAZITDBBZ5251482/Rechnungskorrektur/Zahlungserinnerung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107172/"
+"107172","2019-01-22 11:22:09","http://njeas.futminna.edu.ng/Januar2019/JDAZITDBBZ5251482/Rechnungskorrektur/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107172/"
 "107171","2019-01-22 11:22:07","http://alittlebitdeeper.co.ke/De/ZMYQRVBD4533272/Rech/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107171/"
 "107170","2019-01-22 11:22:03","http://tabouwadvies.nl/De_de/AKEQCGME9448111/Rechnungs/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107170/"
 "107169","2019-01-22 11:22:02","http://yurtdisindayim.com/src/wordpress/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107169/"
@@ -6424,7 +6831,7 @@
 "107154","2019-01-22 11:00:09","http://server2003.cc/x-files/x-file-mjacksonskiller.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107154/"
 "107153","2019-01-22 10:57:19","http://salah.mobiilat.com/Ege0DjfQROgWlvJZl_nsNvv/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107153/"
 "107152","2019-01-22 10:57:16","http://sos-debouchage-dumeny.com/wp-admin/VcGJydR8IFS9/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107152/"
-"107151","2019-01-22 10:57:13","http://nigeriafasbmbcongress.futminna.edu.ng/3RM25C7m8hXE78O_L/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107151/"
+"107151","2019-01-22 10:57:13","http://nigeriafasbmbcongress.futminna.edu.ng/3RM25C7m8hXE78O_L/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107151/"
 "107150","2019-01-22 10:57:10","http://agentfox.io/N4OfVEQC4BuUvFCV/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107150/"
 "107149","2019-01-22 10:57:07","http://www.translampung.com/ShChnEBbnCO/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/107149/"
 "107148","2019-01-22 10:56:08","http://kortinakomarno.sk/De/URIICQR7061932/gescanntes-Dokument/RECHNUNG/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107148/"
@@ -6443,7 +6850,7 @@
 "107135","2019-01-22 10:54:25","http://bali.reveance.nl/DE/IYEIYVX7125403/Rechnung/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107135/"
 "107134","2019-01-22 10:54:22","http://www.universalsmile.org/De_de/BHAODQUAKF3039265/de/DETAILS/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107134/"
 "107133","2019-01-22 10:54:20","http://n98827cr.beget.tech/NPANZDQWOL7699377/gescanntes-Dokument/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107133/"
-"107132","2019-01-22 10:54:18","http://lrprealestate.vi-bus.com/de_DE/EDDEVZ4864988/Rechnungs-Details/Fakturierung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107132/"
+"107132","2019-01-22 10:54:18","http://lrprealestate.vi-bus.com/de_DE/EDDEVZ4864988/Rechnungs-Details/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107132/"
 "107131","2019-01-22 10:54:16","http://masswheyshop.com/Januar2019/EBUWCUX4615385/Rechnungs-docs/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107131/"
 "107130","2019-01-22 10:54:13","http://wtede.com/De/VXGBVFID6503464/Rech/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107130/"
 "107129","2019-01-22 10:54:11","http://bancanhovinhomes.vn/Januar2019/VXHEQTNMIQ8993875/Dokumente/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107129/"
@@ -6466,13 +6873,13 @@
 "107112","2019-01-22 10:15:10","http://xri4pork.s3.amazonaws.com/xxx_video.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107112/"
 "107111","2019-01-22 10:15:09","http://wisdom-services.com/templates/finance/css/zinf.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107111/"
 "107110","2019-01-22 10:13:04","http://43.231.185.100:8027/lmmms.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107110/"
-"107109","2019-01-22 10:13:04","http://www.signcutpro.com/files/plugins/corelx10.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107109/"
+"107109","2019-01-22 10:13:04","http://www.signcutpro.com/files/plugins/corelx10.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107109/"
 "107108","2019-01-22 10:12:04","http://amariaapartsminaclavero.000webhostapp.com/wp-content/themes/bulk/img/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107108/"
 "107107","2019-01-22 10:10:11","http://43.231.185.100:8027/iexplo2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107107/"
 "107106","2019-01-22 10:10:10","http://201.42.174.200:20427/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/107106/"
 "107105","2019-01-22 10:10:05","http://83.41.0.41:4533/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/107105/"
 "107104","2019-01-22 10:10:03","http://83.132.244.60:64008/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/107104/"
-"107103","2019-01-22 10:00:05","http://signcutpro.com/files/plugins/corelx10.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107103/"
+"107103","2019-01-22 10:00:05","http://signcutpro.com/files/plugins/corelx10.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107103/"
 "107102","2019-01-22 09:57:02","http://92.63.197.147/socks.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107102/"
 "107101","2019-01-22 09:56:03","http://43.231.185.100:8027/Z.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107101/"
 "107100","2019-01-22 09:56:02","http://43.231.185.100:8027/445.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107100/"
@@ -6645,19 +7052,19 @@
 "106933","2019-01-22 07:40:05","http://107.172.153.90/armv4l","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/106933/"
 "106932","2019-01-22 07:40:04","http://107.172.153.90/armv6l","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/106932/"
 "106931","2019-01-22 07:38:04","http://107.172.153.90/i586","online","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/106931/"
-"106930","2019-01-22 07:37:05","http://dreamzshop.xyz/wp-content/themes/shopline/images/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106930/"
+"106930","2019-01-22 07:37:05","http://dreamzshop.xyz/wp-content/themes/shopline/images/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106930/"
 "106929","2019-01-22 07:37:03","http://tur.000webhostapp.com/ftc/Alawar.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106929/"
 "106928","2019-01-22 07:35:05","https://grenshawtech.com/feature/problem.eml","offline","malware_download","exe,Gozi,NZL,AUS,geofenced","https://urlhaus.abuse.ch/url/106928/"
 "106927","2019-01-22 07:34:06","https://lusimon-my.sharepoint.com/:u:/g/personal/knoxia_lusimon_com_au/Ed0rHtJkJa9BtlNzjDwF_owBrDHjol1_SOoA6ujlZjSkTg?e=lIT55H&download=1","offline","malware_download","zipped-VBS,AUS,NZL,Gozi","https://urlhaus.abuse.ch/url/106927/"
 "106926","2019-01-22 07:29:04","http://st-medical.pl/wp-content/themes/divi-4/et-pagebuilder/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106926/"
 "106925","2019-01-22 07:29:02","http://applicablebeam.com/ddawdew/trjgje.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106925/"
 "106924","2019-01-22 07:27:03","http://st-medical.pl/wp-content/themes/divi-4/js/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106924/"
-"106923","2019-01-22 07:22:03","http://dreamzshop.xyz/wp-content/themes/shopline/images/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106923/"
+"106923","2019-01-22 07:22:03","http://dreamzshop.xyz/wp-content/themes/shopline/images/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106923/"
 "106922","2019-01-22 07:21:04","http://tur.000webhostapp.com/ftc/USD.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106922/"
 "106921","2019-01-22 07:21:03","http://wisdom-services.com/templates/finance/fonts/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106921/"
 "106920","2019-01-22 07:20:03","http://st-medical.pl/wp-content/themes/divi-4/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106920/"
 "106919","2019-01-22 07:14:03","http://st-medical.pl/wp-content/themes/divi-4/css/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106919/"
-"106918","2019-01-22 07:13:03","http://dreamzshop.xyz/wp-content/themes/shopline/template/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106918/"
+"106918","2019-01-22 07:13:03","http://dreamzshop.xyz/wp-content/themes/shopline/template/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106918/"
 "106917","2019-01-22 07:12:05","http://www.worldlinkaddress.com/rgrtgtd/kjfdjjh.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106917/"
 "106916","2019-01-22 07:12:02","http://st-medical.pl/wp-content/themes/divi-4/includes/builder/fonts/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106916/"
 "106915","2019-01-22 07:00:16","http://yjbexnetdy.cf/wp-admin/includes/Attachments/012019/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/106915/"
@@ -6667,7 +7074,7 @@
 "106911","2019-01-22 07:00:05","http://turbineblog.ir/LPJJTUCPW8747762/GER/FORM/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/106911/"
 "106910","2019-01-22 07:00:03","http://xyzfilamenten.nl/CNANCHGC0379679/gescanntes-Dokument/DOC/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/106910/"
 "106909","2019-01-22 07:00:02","http://www.pwpami.pl//Amazon/DE/Kunden/01_19/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/106909/"
-"106908","2019-01-22 06:58:04","http://dreamzshop.xyz/wp-content/themes/shopline/font-awesome/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106908/"
+"106908","2019-01-22 06:58:04","http://dreamzshop.xyz/wp-content/themes/shopline/font-awesome/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106908/"
 "106907","2019-01-22 06:58:03","http://vektorex.com/jobs/cgi/582681109.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106907/"
 "106906","2019-01-22 06:56:03","http://vektorex.com/jobs/cgi/50289713.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106906/"
 "106905","2019-01-22 06:51:03","http://vektorex.com/jobs/cgi/9110562.jpg","online","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/106905/"
@@ -6767,7 +7174,7 @@
 "106811","2019-01-22 01:46:04","http://oeb-up.000webhostapp.com/uploads/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106811/"
 "106810","2019-01-22 01:44:13","http://jesseworld.eu/blessed/blessed.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106810/"
 "106809","2019-01-22 01:44:05","http://setrals.net/siwnk/crtyl.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106809/"
-"106808","2019-01-22 01:35:04","http://www.ontamada.ru/De_de/PVFOPGUPDT4647941/Rechnungs-docs/FORM/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106808/"
+"106808","2019-01-22 01:35:04","http://www.ontamada.ru/De_de/PVFOPGUPDT4647941/Rechnungs-docs/FORM/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106808/"
 "106806","2019-01-22 01:35:03","http://nancycheng.nl/ibEhu-5NL_KP-qHJ/ACH/PaymentInfo/US/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106806/"
 "106807","2019-01-22 01:35:03","http://pwpami.pl/nfSsn-qp_WtSxvlgb-NYu/PaymentStatus/En/New-order/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/106807/"
 "106803","2019-01-22 01:34:02","http://dsltech.co.uk/ZQQP-WaI_sTENQmYGW-hAP/QB24/invoicing/US/Service-Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/106803/"
@@ -6830,7 +7237,7 @@
 "106748","2019-01-21 22:51:03","http://iplb.ir/LXXmnXsEIzp62Vu/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/106748/"
 "106747","2019-01-21 22:50:06","http://bellevega.com/5kHlMGxAbssU_i3YAv/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/106747/"
 "106746","2019-01-21 22:50:04","http://artemvqe.beget.tech/XrG1F6F2N_6yHn/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/106746/"
-"106745","2019-01-21 22:50:03","http://www.wins-power.com/de_DE/GBHUDKMML1035567/Rechnungs-Details/Zahlungserinnerung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106745/"
+"106745","2019-01-21 22:50:03","http://www.wins-power.com/de_DE/GBHUDKMML1035567/Rechnungs-Details/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106745/"
 "106744","2019-01-21 22:47:03","http://parga360.com/wp-content/themes/econo/layout/blog/ssj.jpg","offline","malware_download","Troldesh,Shade,Ransomware","https://urlhaus.abuse.ch/url/106744/"
 "106743","2019-01-21 22:39:02","http://194.36.173.43/4j65g5az","offline","malware_download","elf,tsunami","https://urlhaus.abuse.ch/url/106743/"
 "106742","2019-01-21 22:35:10","http://194.36.173.43/44d9zhr5","offline","malware_download","elf,tsunami","https://urlhaus.abuse.ch/url/106742/"
@@ -6858,7 +7265,7 @@
 "106720","2019-01-21 22:22:09","http://remont-okon.tomsk.ru/Y7fQwCMUaw/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/106720/"
 "106719","2019-01-21 22:22:08","http://andyclark.xyz/jzy5xdn/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/106719/"
 "106718","2019-01-21 22:22:07","http://saigonthinhvuong.net/Vayv0I7/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/106718/"
-"106717","2019-01-21 22:22:04","http://lanhodiepuytin.com/lGvDuh0D/","online","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/106717/"
+"106717","2019-01-21 22:22:04","http://lanhodiepuytin.com/lGvDuh0D/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/106717/"
 "106716","2019-01-21 22:07:10","http://194.36.173.43/69rp5g8k","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106716/"
 "106715","2019-01-21 22:07:08","http://194.36.173.43/jwb9z332","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106715/"
 "106714","2019-01-21 22:07:06","http://194.36.173.43/wu46g2q7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106714/"
@@ -7033,16 +7440,16 @@
 "106545","2019-01-21 16:43:27","http://kurumsal.webprojemiz.com/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106545/"
 "106544","2019-01-21 16:43:20","http://hepsiniizle.com/public/adminlte/bootstrap/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106544/"
 "106543","2019-01-21 16:43:14","http://air-sym.com/wp-content/themes/twentyseventeen/assets/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106543/"
-"106542","2019-01-21 16:43:08","http://nuevasoportunidades.net/wp-content/themes/astra/languages/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106542/"
+"106542","2019-01-21 16:43:08","http://nuevasoportunidades.net/wp-content/themes/astra/languages/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106542/"
 "106541","2019-01-21 16:42:24","http://st-medical.pl/wp-content/themes/divi-4/lang/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106541/"
 "106540","2019-01-21 16:42:16","http://hakronteknoloji.com/wp-content/themes/specia/languages/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106540/"
 "106539","2019-01-21 16:42:08","http://yemekolsa.com/font/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106539/"
 "106538","2019-01-21 16:42:05","http://izmitkombiyedekparca.com/wp-content/themes/buildpress/bower_components/acf/core/actions/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106538/"
-"106537","2019-01-21 16:41:03","http://dreamzshop.xyz/wp-content/themes/shopline/inc/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106537/"
+"106537","2019-01-21 16:41:03","http://dreamzshop.xyz/wp-content/themes/shopline/inc/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106537/"
 "106536","2019-01-21 16:31:17","http://shopocmama.com/wp-content/languages/plugins/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106536/"
 "106535","2019-01-21 16:31:10","http://adetunjibakareandco.com/wp-content/themes/athena/template-parts/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106535/"
 "106534","2019-01-21 16:31:02","http://lapiadinadellacioza.it/templates/piadina/assets/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106534/"
-"106533","2019-01-21 16:29:22","http://widztech.com/wp-content/themes/total/inc/css/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106533/"
+"106533","2019-01-21 16:29:22","http://widztech.com/wp-content/themes/total/inc/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106533/"
 "106532","2019-01-21 16:29:21","http://baonghetinh.com/wp-content/languages/plugins/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106532/"
 "106531","2019-01-21 16:29:12","http://egyptiti.com/wp-content/themes/poseidon/template-parts/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106531/"
 "106530","2019-01-21 16:29:09","http://myphamnarguerite.vn/wp-admin/css/colors/blue/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106530/"
@@ -7128,7 +7535,7 @@
 "106449","2019-01-21 14:35:03","http://nghiataman.com/DE/IRXLICAZBL1302586/Scan/Zahlungserinnerung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106449/"
 "106450","2019-01-21 14:35:03","http://northernpost.in/DE/KXIMFNOSPW5298241/Rechnungs/RECHNUNG/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106450/"
 "106448","2019-01-21 14:35:02","http://nbhgroup.in/Januar2019/FBAHKDQBMQ7553976/Rechnungs/DETAILS/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106448/"
-"106446","2019-01-21 14:35:01","http://mayphatrasua.com/de_DE/TBWAXYXGA0601308/Rechnungs-docs/Rechnungsanschrift/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106446/"
+"106446","2019-01-21 14:35:01","http://mayphatrasua.com/de_DE/TBWAXYXGA0601308/Rechnungs-docs/Rechnungsanschrift/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106446/"
 "106447","2019-01-21 14:35:01","http://migoshen.org/DE/KBGRUOQQA8984685/Rechnungs/Hilfestellung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106447/"
 "106444","2019-01-21 14:34:55","http://ktml.org/DE_de/JXDXFPLFLC5606213/Rechnung/Hilfestellung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106444/"
 "106445","2019-01-21 14:34:55","http://lagbag.it/De_de/AVTOSDHJVP4735513/Dokumente/RECHNUNG/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/106445/"
@@ -7203,7 +7610,7 @@
 "106375","2019-01-21 13:44:55","http://rapport-de-stage-tevai-sallaberry.fr/AMAZON/DE/Kunden_informationen/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/106375/"
 "106374","2019-01-21 13:44:54","http://rahkarinoo.com/Amazon/Kunden-informationen/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/106374/"
 "106373","2019-01-21 13:44:52","http://quahandmade.org/Amazon/DE/Transaktion-details/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/106373/"
-"106372","2019-01-21 13:44:50","http://otohondavungtau.com/Amazon/Bestelldetails/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/106372/"
+"106372","2019-01-21 13:44:50","http://otohondavungtau.com/Amazon/Bestelldetails/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/106372/"
 "106371","2019-01-21 13:44:47","http://oculista.com.br/Amazon/Dokumente/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/106371/"
 "106370","2019-01-21 13:44:43","http://nhakhoavieta.com/Amazon/DE/Bestelldetails/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/106370/"
 "106369","2019-01-21 13:44:31","http://nanesenie-tatu.granat.nsk.ru/Amazon/DE/Dokumente/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/106369/"
@@ -7282,10 +7689,10 @@
 "106294","2019-01-21 11:05:27","http://185.244.25.234/bins/armv5l","online","malware_download","elf","https://urlhaus.abuse.ch/url/106294/"
 "106295","2019-01-21 11:05:27","http://185.244.25.234/bins/armv6l","online","malware_download","elf","https://urlhaus.abuse.ch/url/106295/"
 "106293","2019-01-21 11:04:50","https://serrasimone.com/wp-content/themes/solonick/solonick-widget/widget/css/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106293/"
-"106292","2019-01-21 11:03:46","http://desatisfier.com/wp-content/themes/fashionhub/ssj.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106292/"
+"106292","2019-01-21 11:03:46","http://desatisfier.com/wp-content/themes/fashionhub/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106292/"
 "106291","2019-01-21 11:03:38","http://epsintel.com/wp-includes/ID3/ssj.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106291/"
 "106290","2019-01-21 11:02:56","http://www.nitsinternational.com/wp-content/themes/autema/css/font-awesome/css/ssj.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106290/"
-"106289","2019-01-21 11:02:16","http://www.illuminedroma.com/wp-content/themes/miami/inc/alpha-color-picker/ssj.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106289/"
+"106289","2019-01-21 11:02:16","http://www.illuminedroma.com/wp-content/themes/miami/inc/alpha-color-picker/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106289/"
 "106288","2019-01-21 11:01:44","http://crfzine.org/wp-includes/ID3/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106288/"
 "106287","2019-01-21 11:01:10","http://cerotex.webprojemiz.com/js/ssj.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/106287/"
 "106285","2019-01-21 11:00:38","http://167.99.85.214/bins/sora.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106285/"
@@ -7437,23 +7844,23 @@
 "106139","2019-01-21 03:02:03","https://www.mensajerosatiempo.com/wp-content/themes/sketch/css/l/s/wid.msi","offline","malware_download","Formbook","https://urlhaus.abuse.ch/url/106139/"
 "106138","2019-01-21 02:24:03","https://www.mensajerosatiempo.com/wp-content/themes/sketch/css/l/het.msi","offline","malware_download","msi","https://urlhaus.abuse.ch/url/106138/"
 "106137","2019-01-21 01:22:03","https://www.mensajerosatiempo.com/wp-content/themes/sketch/css/l/s/updates.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/106137/"
-"106136","2019-01-21 00:58:06","http://d1.udashi.com/soft/bgrj/5148/qxw_setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106136/"
-"106135","2019-01-21 00:57:12","http://d1.udashi.com/soft/dnyx/19557/M3K4edit.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106135/"
-"106134","2019-01-21 00:57:10","http://d1.udashi.com/soft/ltgj/16392/weixin.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106134/"
+"106136","2019-01-21 00:58:06","http://d1.udashi.com/soft/bgrj/5148/qxw_setup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106136/"
+"106135","2019-01-21 00:57:12","http://d1.udashi.com/soft/dnyx/19557/M3K4edit.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106135/"
+"106134","2019-01-21 00:57:10","http://d1.udashi.com/soft/ltgj/16392/weixin.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106134/"
 "106133","2019-01-21 00:50:31","http://d1.udashi.com/soft/dnyx/20333/%E4%B8%89%E5%9B%BD%E5%B0%8F%E9%95%87%E8%BF%BD%E6%A2%A6%E4%BF%AE%E6%94%B9%E5%99%A8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106133/"
 "106132","2019-01-21 00:50:21","http://d1.udashi.com/soft/wlyy/16594/byadsl.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106132/"
 "106131","2019-01-21 00:24:05","http://d1.udashi.com/soft/wlyy/14962/panda.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106131/"
-"106130","2019-01-21 00:14:08","http://d1.udashi.com/soft/wlyy/13963/%E7%94%B5%E5%BD%B1%E5%AF%B9%E8%AF%9D%20%E7%BC%96%E8%BE%91%E5%99%A8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106130/"
-"106129","2019-01-20 23:53:07","http://d1.udashi.com/soft/llq/7673/NetWorker.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106129/"
+"106130","2019-01-21 00:14:08","http://d1.udashi.com/soft/wlyy/13963/%E7%94%B5%E5%BD%B1%E5%AF%B9%E8%AF%9D%20%E7%BC%96%E8%BE%91%E5%99%A8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106130/"
+"106129","2019-01-20 23:53:07","http://d1.udashi.com/soft/llq/7673/NetWorker.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106129/"
 "106128","2019-01-20 23:53:02","http://media.dropdo.com.s3.amazonaws.com/bXl/plus.exe","offline","malware_download","exe,Xtrat","https://urlhaus.abuse.ch/url/106128/"
 "106127","2019-01-20 23:51:02","http://files.voicecurve.com.s3.amazonaws.com/TC_Root/Update/LIVE/FileUpdater/TCServerPatch_1_0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106127/"
 "106126","2019-01-20 23:50:02","http://kcespolska.pl//Details/2019-01/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/106126/"
-"106125","2019-01-20 23:43:08","http://d1.udashi.com/soft/ltgj/16750/qiyi.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106125/"
+"106125","2019-01-20 23:43:08","http://d1.udashi.com/soft/ltgj/16750/qiyi.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106125/"
 "106124","2019-01-20 23:17:03","http://media.dropdo.com.s3.amazonaws.com/bVN/serverxc.exe","offline","malware_download","exe,Xtrat","https://urlhaus.abuse.ch/url/106124/"
 "106123","2019-01-20 23:01:03","http://media.dropdo.com.s3.amazonaws.com/9RG/video.HD.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106123/"
 "106122","2019-01-20 22:54:38","http://d1.udashi.com/soft/ltgj/18066/qqf78.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106122/"
 "106121","2019-01-20 22:54:35","http://dl01.s3.amazonaws.com/offers/2/chrome_search.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106121/"
-"106120","2019-01-20 22:28:07","http://d1.udashi.com/soft/yysp/8561/flvxti_75558.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106120/"
+"106120","2019-01-20 22:28:07","http://d1.udashi.com/soft/yysp/8561/flvxti_75558.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106120/"
 "106119","2019-01-20 22:12:08","http://d1.udashi.com/soft/ltgj/18303/qqfhjfrj.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106119/"
 "106118","2019-01-20 21:42:03","http://64.74.98.177/ftp","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/106118/"
 "106117","2019-01-20 21:42:02","http://64.74.98.177/pftp","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/106117/"
@@ -7478,14 +7885,14 @@
 "106098","2019-01-20 18:55:49","http://cdnpic.mgyun.com/files/products/vRoot/2013/17235968/VRoot_1.7.0.3825_Setup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106098/"
 "106097","2019-01-20 18:36:59","http://cdnpic.mgyun.com/files/products/vRoot/2013/17039360/VRoot_1.4.0.2955_Setup_183.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106097/"
 "106096","2019-01-20 17:56:07","http://ocrn597v5.bkt.clouddn.com/cjtaoke2.9.5.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106096/"
-"106095","2019-01-20 17:08:24","http://down.leyoucoc.cn/LYSetup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106095/"
+"106095","2019-01-20 17:08:24","http://down.leyoucoc.cn/LYSetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106095/"
 "106094","2019-01-20 16:54:32","http://download.rising.com.cn/zsgj/ravmofei.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106094/"
 "106093","2019-01-20 16:50:33","http://download.rising.com.cn/zsgj/RavMGF.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106093/"
 "106092","2019-01-20 16:47:33","http://futurealind.com/a.exe","online","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/106092/"
 "106091","2019-01-20 15:53:36","http://179.162.177.249:21381/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106091/"
-"106090","2019-01-20 15:48:09","http://config.myjhxl.com/updater/newupate.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106090/"
+"106090","2019-01-20 15:48:09","http://config.myjhxl.com/updater/newupate.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106090/"
 "106089","2019-01-20 15:14:23","http://ninabijoux.com.br/css/javaw.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106089/"
-"106088","2019-01-20 14:22:57","http://pc.xzstatic.com/2017/06/lxsetupv8.1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106088/"
+"106088","2019-01-20 14:22:57","http://pc.xzstatic.com/2017/06/lxsetupv8.1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106088/"
 "106087","2019-01-20 14:07:36","http://ninabijoux.com.br/js/fancybox/zxcv09h8g76f5d4f5g6hj7k8lj7h6g5f4dsg4h5j6kl78ytf4uh5ij67hygt6dr5ej9nhbgyvfty87vyg6b5hu4jnikm3j4n5hu6ygtu7f8yrdtfu7yg6hnji5m4n5hbgvf6cd7xtc6r7tf6uo5ij4/dolbysoud.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106087/"
 "106086","2019-01-20 14:06:04","http://fxtraderlog.com/downloads/fxtraderlog_upgrade.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106086/"
 "106085","2019-01-20 13:41:05","http://files.hrloo.com/bbs/data/attachment/forum/201212/20/10301044ex3m3s62emr1r7.doc?n=weyvuwtgv3lkzjlt6xln7norq3nrqhnkiblilbluqyuzg9j","online","malware_download","doc","https://urlhaus.abuse.ch/url/106085/"
@@ -7511,12 +7918,12 @@
 "106065","2019-01-20 12:10:29","http://kimyen.net/upload/LoginCTCus.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106065/"
 "106064","2019-01-20 11:35:36","http://files.hrloo.com/bbs/data/attachment/forum/201212/20/10301044ex3m3s62emr1r7.doc?n=w+eyvuwtgv3lkzjlt6xln7norq3nrqhnkiblilbluqyuzg9j","online","malware_download","doc","https://urlhaus.abuse.ch/url/106064/"
 "106063","2019-01-20 11:34:10","http://download.fahpvdxw.cn/xbpic/mini/v1.0.1.17/mini_01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106063/"
-"106062","2019-01-20 11:16:09","http://www.wyptk.com/openlink/openlink1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106062/"
+"106062","2019-01-20 11:16:09","http://www.wyptk.com/openlink/openlink1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106062/"
 "106061","2019-01-20 11:16:04","http://wbd.5636.com/d5/5636.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106061/"
 "106060","2019-01-20 11:07:12","http://kimyen.net/upload/CTCTanthu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106060/"
 "106059","2019-01-20 10:57:56","http://download.rising.com.cn/zsgj/ravnetsky.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106059/"
 "106058","2019-01-20 10:53:12","http://kimyen.net/upload/VLTKNhatRac.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106058/"
-"106057","2019-01-20 10:47:12","http://d1.udashi.com/soft/dnyx/20348/%E5%B0%8F%E8%8D%89%E8%BE%85%E5%8A%A9%E6%9C%80%E6%96%B0%E7%89%88.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106057/"
+"106057","2019-01-20 10:47:12","http://d1.udashi.com/soft/dnyx/20348/%E5%B0%8F%E8%8D%89%E8%BE%85%E5%8A%A9%E6%9C%80%E6%96%B0%E7%89%88.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106057/"
 "106056","2019-01-20 10:40:16","http://kimyen.net/upload/VLTKBacdau.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106056/"
 "106054","2019-01-20 10:35:41","http://adobe-flashplayer.hopto.org/adobe_fplayerv51.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106054/"
 "106053","2019-01-20 10:09:35","http://wbd.5636.com/d5/Client62156.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106053/"
@@ -7535,11 +7942,11 @@
 "106040","2019-01-20 08:09:33","http://5.204.170.150:43899/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106040/"
 "106039","2019-01-20 08:02:14","http://pcr1.pc6.com/rm/fixvidio.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/106039/"
 "106038","2019-01-20 08:00:13","http://station.brinkleyspubs.com/wp-includes/rssp.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106038/"
-"106037","2019-01-20 08:00:11","http://config.wwmhdq.com/bug/jkpic/JikePicUpFile.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106037/"
+"106037","2019-01-20 08:00:11","http://config.wwmhdq.com/bug/jkpic/JikePicUpFile.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106037/"
 "106036","2019-01-20 06:11:48","http://kimyen.net/upload/CTCKeoxe2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106036/"
 "106035","2019-01-20 05:26:31","http://sgm.pc6.com/xiao/llk00.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106035/"
 "106034","2019-01-20 05:26:18","http://sgm.pc6.com/xiao4/kongjiangbing_65337.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106034/"
-"106033","2019-01-20 05:20:09","http://config.wwmhdq.com/bug/jkpic/sub/GeekPicMPage.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106033/"
+"106033","2019-01-20 05:20:09","http://config.wwmhdq.com/bug/jkpic/sub/GeekPicMPage.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106033/"
 "106032","2019-01-20 05:03:09","http://cu.dodonew.com/dodonew1137/donewk.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106032/"
 "106031","2019-01-20 04:52:23","http://sgm.pc6.com/xiao5/AlphaBallSetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106031/"
 "106030","2019-01-20 04:43:10","http://sgm.pc6.com/xiao1/Flashxiuxian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106030/"
@@ -7548,14 +7955,14 @@
 "106027","2019-01-20 02:46:14","http://upgrade.shihuizhu.net/wgz174/%E5%BE%AE%E8%B4%AD%E7%8C%AA.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106027/"
 "106026","2019-01-20 02:41:50","http://update.yalian1000.com/updatefiles/client.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/106026/"
 "106025","2019-01-20 02:26:32","http://dl.hzkfgs.com/djiejie.20171123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106025/"
-"106024","2019-01-20 02:22:06","http://img54.hbzhan.com/5/20121217/634913135817656250813.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106024/"
+"106024","2019-01-20 02:22:06","http://img54.hbzhan.com/5/20121217/634913135817656250813.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106024/"
 "106023","2019-01-20 01:27:13","http://sgm.pc6.com/xiao4/baiwangfuweng_70563.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106023/"
-"106022","2019-01-20 01:16:30","http://upgrade.shihuizhu.net/102015/%E5%AE%9E%E6%83%A0%E7%8C%AA.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106022/"
+"106022","2019-01-20 01:16:30","http://upgrade.shihuizhu.net/102015/%E5%AE%9E%E6%83%A0%E7%8C%AA.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106022/"
 "106021","2019-01-20 00:38:02","http://193.148.69.33/bins/telnet.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106021/"
 "106020","2019-01-20 00:33:36","http://201.42.23.66:23423/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106020/"
 "106019","2019-01-20 00:20:06","http://d2.udashi.com/soft/25956/cs.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106019/"
 "106018","2019-01-20 00:19:32","http://ah.download.cycore.cn/rrt/c3cd4f987c6a3cde42d9115e83f24ca0/46080855/5e28b83e42d0acb1659d2df5be51faa0.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/106018/"
-"106017","2019-01-20 00:03:12","http://config.wulishow.top/bug/LightningZip/sub/LightningZipEx.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106017/"
+"106017","2019-01-20 00:03:12","http://config.wulishow.top/bug/LightningZip/sub/LightningZipEx.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106017/"
 "106016","2019-01-20 00:03:10","http://config.wulishow.top/bug/LightningZip/sub/LightningZipPage.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106016/"
 "106015","2019-01-20 00:02:07","http://d2.udashi.com/soft/27947/Yourzyxf.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106015/"
 "106014","2019-01-19 23:50:05","http://d2.udashi.com/soft/24536/sina2.5.1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106014/"
@@ -7564,30 +7971,30 @@
 "106011","2019-01-19 23:24:19","http://d2.udashi.com/soft/27957/dqeswds1.0.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106011/"
 "106010","2019-01-19 23:20:59","http://down.soft.hyzmbz.com/setup4308.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106010/"
 "106009","2019-01-19 23:07:05","http://listmyfloor.com/file.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106009/"
-"106008","2019-01-19 22:27:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin135.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106008/"
+"106008","2019-01-19 22:27:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin135.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106008/"
 "106007","2019-01-19 22:24:35","http://220.135.8.93:1543/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106007/"
 "106006","2019-01-19 22:20:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin128.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106006/"
 "106005","2019-01-19 22:19:59","http://121.41.0.159/mjsoft/Config/llctk/LLCTK.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106005/"
-"106004","2019-01-19 22:18:18","http://down.softlist.hyzmbz.com/xunjieSetup_4338.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106004/"
-"106003","2019-01-19 22:08:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin133.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106003/"
-"106002","2019-01-19 22:05:07","http://cdn-10049480.file.myqcloud.com/jd/jd156.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106002/"
-"106001","2019-01-19 21:56:54","http://down.softlist.hyzmbz.com/xunjieSetup_4308.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106001/"
-"106000","2019-01-19 21:55:08","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin130.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106000/"
+"106004","2019-01-19 22:18:18","http://down.softlist.hyzmbz.com/xunjieSetup_4338.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106004/"
+"106003","2019-01-19 22:08:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin133.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106003/"
+"106002","2019-01-19 22:05:07","http://cdn-10049480.file.myqcloud.com/jd/jd156.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106002/"
+"106001","2019-01-19 21:56:54","http://down.softlist.hyzmbz.com/xunjieSetup_4308.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106001/"
+"106000","2019-01-19 21:55:08","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin130.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106000/"
 "105999","2019-01-19 21:43:05","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin142.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105999/"
-"105998","2019-01-19 21:43:03","http://cdn-10049480.file.myqcloud.com/jd/jd124.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105998/"
+"105998","2019-01-19 21:43:03","http://cdn-10049480.file.myqcloud.com/jd/jd124.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105998/"
 "105997","2019-01-19 21:42:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin141.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105997/"
-"105996","2019-01-19 21:32:05","http://cdn-10049480.file.myqcloud.com/jd/jd127.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105996/"
+"105996","2019-01-19 21:32:05","http://cdn-10049480.file.myqcloud.com/jd/jd127.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105996/"
 "105995","2019-01-19 21:31:34","http://wt90.downyouxi.com/huanlezuqiuzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105995/"
-"105994","2019-01-19 21:31:03","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin146.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105994/"
+"105994","2019-01-19 21:31:03","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin146.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105994/"
 "105993","2019-01-19 21:29:10","http://ah.download.cycore.cn/rrt/32287da69c40a12819fe3874d0b63e66/73728155/684642c35e6d9fa859d961031ed2f626.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/105993/"
 "105992","2019-01-19 21:29:07","http://cdn-10049480.file.myqcloud.com/jd/jd145.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105992/"
 "105991","2019-01-19 21:29:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin140.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105991/"
 "105990","2019-01-19 21:21:19","http://clarabellebaby.com/wp-content/themes/wpex-pytheas/functions/meta/gallery-metabox/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105990/"
 "105989","2019-01-19 21:13:05","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin131.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105989/"
 "105988","2019-01-19 21:10:07","http://cdn-10049480.file.myqcloud.com/jd/jd144.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105988/"
-"105987","2019-01-19 21:05:05","http://cdn-10049480.file.myqcloud.com/jd/jd138.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105987/"
+"105987","2019-01-19 21:05:05","http://cdn-10049480.file.myqcloud.com/jd/jd138.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105987/"
 "105986","2019-01-19 21:03:28","http://wt90.downyouxi.com/jianlingminzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105986/"
-"105985","2019-01-19 20:56:16","http://cdn-10049480.file.myqcloud.com/jd/jd136.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105985/"
+"105985","2019-01-19 20:56:16","http://cdn-10049480.file.myqcloud.com/jd/jd136.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105985/"
 "105984","2019-01-19 20:56:15","http://www-bsac.eecs.berkeley.edu/~pister/245/fa99/hw/hw1/EE2451.doc","offline","malware_download","None","https://urlhaus.abuse.ch/url/105984/"
 "105983","2019-01-19 20:55:34","http://104.248.197.246/bins/furasshu.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/105983/"
 "105982","2019-01-19 20:55:04","http://193.148.69.33/bins/telnet.x32","offline","malware_download","elf","https://urlhaus.abuse.ch/url/105982/"
@@ -7595,13 +8002,13 @@
 "105981","2019-01-19 20:55:03","http://193.148.69.33/bins/telnet.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/105981/"
 "105979","2019-01-19 20:55:02","http://193.148.69.33/bins/telnet.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/105979/"
 "105978","2019-01-19 20:54:13","http://wt90.downyouxi.com/chaojimanhuayingxiongduijietoubawang.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105978/"
-"105977","2019-01-19 20:30:14","http://files.fqapps.com/hl3.3.8.0.exe","offline","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/105977/"
-"105976","2019-01-19 20:20:07","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin139.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105976/"
+"105977","2019-01-19 20:30:14","http://files.fqapps.com/hl3.3.8.0.exe","online","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/105977/"
+"105976","2019-01-19 20:20:07","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin139.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105976/"
 "105975","2019-01-19 20:20:05","http://cdn-10049480.file.myqcloud.com/jd/jd137.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105975/"
 "105974","2019-01-19 20:15:10","http://down.soft.hyzmbz.com/Setupxunjie.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105974/"
 "105973","2019-01-19 19:44:06","http://89.165.4.105:60255/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105973/"
 "105972","2019-01-19 19:43:34","http://179.110.14.13:31367/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105972/"
-"105971","2019-01-19 19:31:18","http://down.softlist.hyzmbz.com/xunjieSetup_4317.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105971/"
+"105971","2019-01-19 19:31:18","http://down.softlist.hyzmbz.com/xunjieSetup_4317.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105971/"
 "105970","2019-01-19 19:27:12","http://iocho.org/wp-content/languages/loco/themes/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105970/"
 "105969","2019-01-19 19:26:09","http://brainchildmultimediagroup.com/Podcast/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/105969/"
 "105968","2019-01-19 19:11:13","http://nexusdental.com.mx/.well-known/acme-challenge/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/105968/"
@@ -7612,7 +8019,7 @@
 "105963","2019-01-19 17:51:02","http://kristinka2.life/payload.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/105963/"
 "105962","2019-01-19 17:42:04","http://iocho.org/wp-content/languages/loco/themes/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105962/"
 "105961","2019-01-19 17:40:45","http://clarabellebaby.com/.tmb/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105961/"
-"105960","2019-01-19 17:39:07","http://startupinternetmarketing.com/free/cash.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105960/"
+"105960","2019-01-19 17:39:07","http://startupinternetmarketing.com/free/cash.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105960/"
 "105959","2019-01-19 17:33:06","https://almasoodgroup.com/js2/cwq1","online","malware_download","None","https://urlhaus.abuse.ch/url/105959/"
 "105958","2019-01-19 17:33:03","https://almasoodgroup.com/js2/cwq","online","malware_download","None","https://urlhaus.abuse.ch/url/105958/"
 "105957","2019-01-19 17:30:04","http://integramultimedia.com.mx/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105957/"
@@ -7643,7 +8050,7 @@
 "105932","2019-01-19 11:44:43","http://177.206.121.57:29355/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105932/"
 "105931","2019-01-19 11:44:10","http://1.34.159.106:39188/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105931/"
 "105930","2019-01-19 11:43:34","http://187.175.42.227:32025/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105930/"
-"105929","2019-01-19 11:42:07","http://84.214.54.35:62857/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105929/"
+"105929","2019-01-19 11:42:07","http://84.214.54.35:62857/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105929/"
 "105928","2019-01-19 11:41:35","http://103.51.249.64:33700/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105928/"
 "105927","2019-01-19 10:39:45","http://www.babyparrots.it/wp-content/themes/atahualpa353/functions/efax_1225500012.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/105927/"
 "105926","2019-01-19 10:39:10","http://solaryug.com/V51-43278303571T52461879095979372.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/105926/"
@@ -7694,7 +8101,6 @@
 "105880","2019-01-19 06:29:56","http://ahmic.pro/.well-known/pki-validation/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105880/"
 "105879","2019-01-19 06:07:35","http://download.instalki.org/programy/Windows/Dodatki/wtyczki_do_komunikatorow/StrongGG_www.INSTALKI.pl.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105879/"
 "105877","2019-01-19 06:02:13","http://web.pa-cirebon.go.id/KGLp-2zo0_Q-fRg/INVOICE/41749/OVERPAYMENT/US/Overdue-payment/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105877/"
-"105878","2019-01-19 06:02:13","https://linkprotect.cudasvc.com/url?a=http://ar.caginerhastanesi.com.tr/IdVEX-GT6_m-nF/COMET/SIGNS/PAYMENT/NOTIFICATION/01/18/2019/En_us/Document-needed&c=E1W7tozd_OVjcy60eqOCwpBXREeD-sIJhLr8ktLmG4l_tOuxdnEakc1GjGuta8oMa3d2uhrtbSUvDx22YxShersKBsbUQ4RDs1y1fHtLNgiLFi5yTc/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105878/"
 "105876","2019-01-19 06:02:12","http://translampung.com/ATEZSRMPER2853602/Rechnungs-Details/Hilfestellung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105876/"
 "105875","2019-01-19 06:02:10","http://toddlerpops.com/DE_de/NMEZPI6268550/Rechnungskorrektur/RECH/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105875/"
 "105874","2019-01-19 06:02:08","http://mother-earth.net/bn/wp-content/KwmW-WSOO_jYDW-B2t/PaymentStatus/EN_en/277-20-468894-239-277-20-468894-861/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105874/"
@@ -7708,14 +8114,10 @@
 "105866","2019-01-19 05:28:07","http://forma-31.ru/vTCv-VcT0_oU-zjp/803067/SurveyQuestionsUS/Companies-Invoice-09329127/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105866/"
 "105865","2019-01-19 05:28:05","http://mandezik.com/ERqy-96Sw_Wh-hEI/PaymentStatus/US_us/Invoices-attached/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105865/"
 "105864","2019-01-19 05:20:19","https://url.emailprotection.link/?aUBwMMpmLx1aCBzai5Pmpk0ANae_FL-JB5Hb5jRUPwJsVHOAz3bmVAuLRd2g6p3GXkrYYhk3Tmq0NRCKUa3DIyA~~/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105864/"
-"105863","2019-01-19 05:20:18","https://u2922402.ct.sendgrid.net/wf/click?upn=U5TE2xvQsUMQ5Y90MzYM5mxgHp-2FQzRuccBy6Ly5DmG396yzEV1N8LwoINp95Ul3KelAjoMb86HDotDzz6QiQQANDvitbHlgI5ouGu3KtBm8-3D_qt-2BjmiowRuPonHIzbfR9hDl7hx1YJv-2Be4M-2FXg7TuNN-2FRwHWqbSkqHklWbMmFUucAGrVB1Drl9RN4bCjmLGQQ1uRdER5wpEomv5DNo-2B/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105863/"
-"105861","2019-01-19 05:20:17","https://u2922402.ct.sendgrid.net/wf/click?upn=2xkp5mYBJviSycvurmixZVYwYm-2Be9oHWtcIQqGmiq6uk5-2Ft-2F0OFPa0y1-2FKOh-2BI7hxt-2Fjv6nvK4lR9Dok-2F3RYwQ-3D-3D_7XtDdMHRjqIUi4tzSjSp2gWvCS8-2Bh04cHP42t-2FIq6BWtD9-2FbS8vmNEcI2xbLUnS13UcKTwaRlpvvCHUjk17hR5x-2BOdIQBm8upTDrbB49am6ot6/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105861/"
-"105862","2019-01-19 05:20:17","https://u2922402.ct.sendgrid.net/wf/click?upn=BFMBSSkhnV7CpCSZgOiJyAdGHIM4UnhL-2F8DK6mctE2nAXuQsTAsfhrn3cLKGnsC0FzIWF5KtXJSby7DVUDakzg-3D-3D_-2F2kE4d6zW-2FK3bcRbEpDsznWSz5avyfOQjfgszYpdJCU3aNmg-2FSSRqPOjEb6umEl27QT6sN-2BfPfejhfNvi9Uqf3xov0scN0muGJvr1bd9dmhZi1nBxTZVZhliaj/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105862/"
 "105860","2019-01-19 05:20:16","https://register.srru.ac.th/Transaction_details/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105860/"
 "105859","2019-01-19 05:20:12","http://wholehealthcrew.com/Amazon/Documents/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105859/"
 "105858","2019-01-19 05:20:08","http://suahoradeaprender.com.br/Rechnungs/122018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105858/"
 "105856","2019-01-19 05:20:06","http://lignumpolska.com/Payment_details/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105856/"
-"105857","2019-01-19 05:20:06","http://sendgrid2.oicgulf.ae/wf/click?upn=lQdaUDK4fP2DCBVU1OraJGoDl7FwMQZe24j7Rp7v-2Fs1-2BfSVKXmzzyU4G15Cwu53zuym9XsMv4AXKFUT-2FRg6PFg-3D-3D_dZdmncppqS0rwqJ1XUc5dwxmQeLVM0VmvWfu5AIsREIMmCO4fj6uvIcRicvmEcXSQbP4-2B8ZulreV7HLgb5-2Fla1Egex0h885xWSVqA3t1DjXtfqRfeRSz-2B1zBVjhZh/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105857/"
 "105855","2019-01-19 05:20:05","http://jongewolf.nl/Transaktion/201812/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105855/"
 "105854","2019-01-19 05:20:04","http://irsoradio.nl/Amazon/En/Messages/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105854/"
 "105853","2019-01-19 05:20:03","http://idgnet.nl/Amazon/En/Transaction_details/012019/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105853/"
@@ -7760,7 +8162,6 @@
 "105814","2019-01-19 01:32:26","http://milimetrikistanbul.com/Payment_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105814/"
 "105813","2019-01-19 01:32:23","http://leviathan.rs/Details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105813/"
 "105812","2019-01-19 01:31:49","http://www.tag.ir/tag_old/wp-includes/js/Clients_information/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105812/"
-"105811","2019-01-19 01:31:46","https://u2922402.ct.sendgrid.net/wf/click?upn=BIpawjqs3H-2FqnXmRPrICZoOWeishlfk7sxzG5z2qe37dNibTla0JZSBug2XMVqD03ZBCz5gdKhJC1XooftyOAw-3D-3D_tWQMEJ3FeAVn74dcOznYLY3SPQsA8kjT1tRujF8v8ygoVjF2H0-2BSSVduiAK72lWi3yism5uLubrmrSdHIe-2F3L2xgI4GVNcFTtQ-2BDXtwcLRl4uBTEkfNeWaMIAabgwZ13lwcViVOF-2B7SxJX-2Fhpe2-2BgJDsfR7wlRpkoOoApSFTOashMXf-2BGp-2FyWezEEoxej-2Fc9eytgU5wQwLfDscW5bRq56Q-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105811/"
 "105810","2019-01-19 01:31:42","https://url.emailprotection.link/?aRrGLSsI454x_jEWfF6W4igTu6X_qbZcAfvVPL3tZBtZtnrrtr5ogrLnDXdLd4eI8jA2pNBd9p8Nut0p5CqIkOg~~/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105810/"
 "105809","2019-01-19 01:31:38","http://vacationletting.net/Payments/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105809/"
 "105808","2019-01-19 01:31:04","http://med.siam.edu/Clients_transactions/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105808/"
@@ -7782,8 +8183,6 @@
 "105791","2019-01-18 23:06:35","http://184.82.57.237:54245/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105791/"
 "105790","2019-01-18 23:04:03","http://apresearch.in/DLmp-xu_OLaIwMvn-LI/INVOICE/63494/OVERPAYMENT/US_us/Invoice-Corrections-for-22/75/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105790/"
 "105789","2019-01-18 22:55:37","https://www.gtp.usgtf.com/KgPmS-hyFZE_nfegQoji-wv/En/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105789/"
-"105786","2019-01-18 22:55:35","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.emmanuelboos.info%2fYqLad-p5ij_na-5eF%2fRef%2f9928911859EN_en%2fNew-order&c=E1el5WqYQWUOa9EXJJ-hSZfsAtKPvELrcZEcTMY3hcn-JgscDFOosmi9U1egPaFp9a1XiYpUraIQ3Nmt4emnDTKfdOj57jJ0UizGB5Y_9JAJU5DMmYZpA&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105786/"
-"105787","2019-01-18 22:55:35","https://linkprotect.cudasvc.com/url?a=http://ar.caginerhastanesi.com.tr/IdVEX-GT6_m-nF/COMET/SIGNS/PAYMENT/NOTIFICATION/01/18/2019/En_us/Document-needed&c=E1W7tozd_OVjcy60eqOCwpBXREeD-sIJhLr8ktLmG4l_tOuxdnEakc1GjGuta8oMa3d2uhrtbSUvDx22YxShersKBsbUQ4RDs1y1fHtLNgiLFi5yTcAg&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105787/"
 "105788","2019-01-18 22:55:35","https://souqaziz.com/nQXXR-yM0C_ehMzsVJUs-Nu/ACH/PaymentAdvice/EN_en/Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105788/"
 "105785","2019-01-18 22:55:34","http://tanineahlebeyt.com/qWxvb-KlE2_ieultlE-An/Invoice/56679571/US/Overdue-payment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105785/"
 "105784","2019-01-18 22:55:33","http://superpozyczki.pl/iaWo-dq_lAPT-9Nn/ACH/PaymentAdvice/EN_en/Important-Please-Read/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105784/"
@@ -7822,7 +8221,6 @@
 "105751","2019-01-18 21:28:33","http://westland-onderhoud.nl/LtLiq-dQQ_Up-Ejj/ACH/PaymentAdvice/US_us/Invoice-receipt/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105751/"
 "105750","2019-01-18 21:20:12","http://xn--pekys-iya.lt/wp-admin/Information/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105750/"
 "105749","2019-01-18 21:20:10","http://www.xn----8sbef8axpew9i.xn--p1ai/Rechnungen/201812/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105749/"
-"105748","2019-01-18 21:20:09","http://sendgrid2.oicgulf.ae/wf/click?upn=lQdaUDK4fP2DCBVU1OraJGoDl7FwMQZe24j7Rp7v-2Fs1-2BfSVKXmzzyU4G15Cwu53zuym9XsMv4AXKFUT-2FRg6PFg-3D-3D_dZdmncppqS0rwqJ1XUc5dwxmQeLVM0VmvWfu5AIsREIMmCO4fj6uvIcRicvmEcXSQbP4-2B8ZulreV7HLgb5-2Fla1Egex0h885xWSVqA3t1DjXtfqRfeRSz-2B1zBVjhZhW7DqZOIail-2BwHBaD70nYpPjczHLGYDPFl27mSjJz-2Bw8fGMi0YJc9xyXTNjwaAp3ItEl96E-2BeogdAniy68RIEprPjSERpoW-2BVUwFAYibSn8-2F8iM-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105748/"
 "105747","2019-01-18 21:20:08","http://sedhu.uy/Clients_Messages/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105747/"
 "105746","2019-01-18 21:19:35","http://cbsr.com.pk/Clients/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105746/"
 "105745","2019-01-18 21:19:34","http://borsh.site/Messages/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105745/"
@@ -7833,7 +8231,6 @@
 "105740","2019-01-18 21:02:04","https://url.emailprotection.link/?a6VDSPTGs_vNRYygmJ_By6Bs0LtJpQSKtoPuniiFFxnN9_C6z29MhPxuyuonGhfW7HDPbxyx5QVymuEWH5mWbkg~~/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105740/"
 "105739","2019-01-18 21:02:03","https://poly.rise-up.nsk.ru/Details/01_19/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105739/"
 "105738","2019-01-18 21:02:02","http://kantova.com/Information/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105738/"
-"105737","2019-01-18 21:00:03","https://linkprotect.cudasvc.com/url?a=http://etsj.futminna.edu.ng/Details/01_19&c=E10eZrhjvRJhfkoepMMDuW-W7mH2QBPWTP9otWHXxN4k3OUsjBdNaJoyMEJvGFFOHXeYjOOy3r82NIBjNWODZV0lJWqSGx97SARK6V5OrmWjGRQ-UFfpqPC_Xh&typo=1/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105737/"
 "105736","2019-01-18 20:59:47","http://prakritikkrishi.org/rGQkmu8i/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/105736/"
 "105735","2019-01-18 20:59:46","http://www.kheiriehsalehin.com/wp-includes/ZBYLzi6s/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/105735/"
 "105734","2019-01-18 20:59:14","http://www.bh-mehregan.org/pHdS2az/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/105734/"
@@ -7863,12 +8260,9 @@
 "105710","2019-01-18 20:24:38","http://www.sobrancelhascassiana.com.br/Payment_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105710/"
 "105709","2019-01-18 20:24:04","http://wall309.com/Transactions/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105709/"
 "105708","2019-01-18 20:23:32","http://oculista.com.br/Payments/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105708/"
-"105707","2019-01-18 20:23:30","https://linkprotect.cudasvc.com/url?a=http://etsj.futminna.edu.ng/Details/01_19&c=E,1,0eZrhjvRJhfkoepMMDuW-W7mH2QBPWTP9otWHXxN4k3OUsjBdNaJoyMEJvGFFOHXeYjOOy3r82NIBjNWODZV0lJWqSGx97SARK6V5OrmWjGRQ-UFfpqPC_Xh&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105707/"
 "105706","2019-01-18 20:23:28","http://lmrcaorgukdy.cf/wp-admin/Clients_transactions/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105706/"
 "105704","2019-01-18 20:23:21","http://rapport-de-stage-tevai-sallaberry.fr/Attachments/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105704/"
-"105705","2019-01-18 20:23:21","https://u2922402.ct.sendgrid.net/wf/click?upn=U5TE2xvQsUMQ5Y90MzYM5mxgHp-2FQzRuccBy6Ly5DmG396yzEV1N8LwoINp95Ul3KelAjoMb86HDotDzz6QiQQANDvitbHlgI5ouGu3KtBm8-3D_qt-2BjmiowRuPonHIzbfR9hDl7hx1YJv-2Be4M-2FXg7TuNN-2FRwHWqbSkqHklWbMmFUucAGrVB1Drl9RN4bCjmLGQQ1uRdER5wpEomv5DNo-2BSz-2BOuVTxDiidS22EyWdRTB52i1-2BHPmz3q37u27s-2FyqaZzpVTXz6T0ULHff-2FLisDq5PvGR7jmztPB20jwTAQOSDfU5AKIk86I3fL-2BmUGNEyqrg45XtXlrTXbD3fDthwOYE7VM4-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105705/"
 "105703","2019-01-18 20:23:20","http://fornalhadoabencoado.com.br/Messages/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105703/"
-"105702","2019-01-18 20:22:48","https://u2922402.ct.sendgrid.net/wf/click?upn=BFMBSSkhnV7CpCSZgOiJyAdGHIM4UnhL-2F8DK6mctE2nAXuQsTAsfhrn3cLKGnsC0FzIWF5KtXJSby7DVUDakzg-3D-3D_-2F2kE4d6zW-2FK3bcRbEpDsznWSz5avyfOQjfgszYpdJCU3aNmg-2FSSRqPOjEb6umEl27QT6sN-2BfPfejhfNvi9Uqf3xov0scN0muGJvr1bd9dmhZi1nBxTZVZhliajYmotx3cemKWPlbsFx3-2FhRb9lU6zTGjXBwzv4-2FG0VDQRf1jKM2Q2wrscOKTU6IThzcysLxUbS2w2OXx2NRPGQh3bqOgXqAbuFwOcW30yT1Fla-2FFZ0M-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105702/"
 "105701","2019-01-18 20:22:47","http://register.srru.ac.th/Transaction_details/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105701/"
 "105700","2019-01-18 20:22:44","http://themanorcentralparknguyenxien.net/Documents/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105700/"
 "105699","2019-01-18 20:22:42","http://kamlab.fr/Documents/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105699/"
@@ -7890,7 +8284,6 @@
 "105683","2019-01-18 20:06:13","http://salah.mobiilat.com/e24sv6_38Ihrh_nVYqny/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/105683/"
 "105682","2019-01-18 20:06:10","http://193.151.91.163/1.exe","offline","malware_download","ServHelper,Task,AZORult","https://urlhaus.abuse.ch/url/105682/"
 "105681","2019-01-18 20:05:17","http://106.105.197.111:20794/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105681/"
-"105680","2019-01-18 20:04:44","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.emmanuelboos.info%2fYqLad-p5ij_na-5eF%2fRef%2f9928911859EN_en%2fNew-order&c=E,1,el5WqYQWUOa9EXJJ-hSZfsAtKPvELrcZEcTMY3hcn-JgscDFOosmi9U1egPaFp9a1XiYpUraIQ3Nmt4emnDTKfdOj57jJ0UizGB5Y_9JAJU5DMmYZpA,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/105680/"
 "105679","2019-01-18 20:04:43","http://www.windailygh.com/cBeX-jJ_YnmrS-xFi/Invoice/910581862/En_us/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105679/"
 "105678","2019-01-18 20:04:42","http://www.southafricanvenousforum.co.za/CPzf-Pg7F_xiOGP-l3n/COMET/SIGNS/PAYMENT/NOTIFICATION/01/18/2019/US_us/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105678/"
 "105677","2019-01-18 20:04:07","http://www.skyrim-gow.fr/MIuE-U3YoH_wTpD-G3/204943/SurveyQuestionsEN_en/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105677/"
@@ -7971,7 +8364,6 @@
 "105602","2019-01-18 17:49:05","http://www.vendermicasaenbarcelona.com/0y8o_v1p0lAS/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/105602/"
 "105601","2019-01-18 17:49:04","http://horoscoposbrasil.com/rZH5U_FTnlcm_rEje59/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/105601/"
 "105600","2019-01-18 17:37:57","http://aconiaformation.fr/MnBNF-gV_MeI-l6/InvoiceCodeChanges/US/Open-Past-Due-Orders/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105600/"
-"105599","2019-01-18 17:37:56","https://linkprotect.cudasvc.com/url?a=http://ar.caginerhastanesi.com.tr/IdVEX-GT6_m-nF/COMET/SIGNS/PAYMENT/NOTIFICATION/01/18/2019/En_us/Document-needed&c=E,1,W7tozd_OVjcy60eqOCwpBXREeD-sIJhLr8ktLmG4l_tOuxdnEakc1GjGuta8oMa3d2uhrtbSUvDx22YxShersKBsbUQ4RDs1y1fHtLNgiLFi5yTcAg,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/105599/"
 "105598","2019-01-18 17:37:55","https://xn--j1aclp1d.in.ua/LcIZ-cDaa_NTYKMl-u6/ACH/PaymentInfo/En/Companies-Invoice-22804841/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105598/"
 "105597","2019-01-18 17:37:54","http://www.nancycheng.nl/ibEhu-5NL_KP-qHJ/ACH/PaymentInfo/US/Sales-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105597/"
 "105596","2019-01-18 17:37:53","http://directsnel.nl/ldCPo-zOSG_U-Pon/ACH/PaymentInfo/En/823-33-487455-436-823-33-487455-583/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105596/"
@@ -8007,8 +8399,8 @@
 "105565","2019-01-18 17:24:00","http://www.wholehealthcrew.com/Transactions/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105565/"
 "105564","2019-01-18 17:23:56","http://viralvidespro.xyz/Details/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105564/"
 "105563","2019-01-18 17:23:55","http://universobolao.com.br/Details/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105563/"
-"105562","2019-01-18 17:23:44","http://njeas.futminna.edu.ng/Clients_transactions/01_19/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105562/"
-"105561","2019-01-18 17:23:42","http://nigeriafasbmbcongress.futminna.edu.ng/Clients_Messages/012019/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105561/"
+"105562","2019-01-18 17:23:44","http://njeas.futminna.edu.ng/Clients_transactions/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105562/"
+"105561","2019-01-18 17:23:42","http://nigeriafasbmbcongress.futminna.edu.ng/Clients_Messages/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105561/"
 "105560","2019-01-18 17:23:40","http://etsj.futminna.edu.ng/Details/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105560/"
 "105559","2019-01-18 17:23:07","http://laflamme-heli.com/.well-known/acme-challenge/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/105559/"
 "105558","2019-01-18 17:23:06","http://bundle.kpzip.com/n/tui/ciqinmishi/6/cqms.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105558/"
@@ -8021,7 +8413,7 @@
 "105551","2019-01-18 17:20:59","http://lstasshdy.cf/wp-admin/waYqM-ZlD_fxwSJkAU-o7H/INV/47127FORPO/44322944468/US/280-30-169584-494-280-30-169584-161/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105551/"
 "105550","2019-01-18 17:20:50","http://linkingphase.com/bNWtV-qgbS_P-hH/INVOICE/US/Inv-981974-PO-2L436830/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105550/"
 "105549","2019-01-18 17:20:48","http://fira.org.za/Bkzx-MCwZ_QbR-MR/invoices/53832/6396/US/Invoice-Number-53760/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105549/"
-"105548","2019-01-18 17:20:18","http://erolatak.com/gBpq-VQ9Q_nRIU-ab/Invoice/2786267/En_us/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105548/"
+"105548","2019-01-18 17:20:18","http://erolatak.com/gBpq-VQ9Q_nRIU-ab/Invoice/2786267/En_us/Paid-Invoice-Credit-Card-Receipt/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105548/"
 "105547","2019-01-18 17:20:13","http://cbrrbdy.gq/LjquP-adxy_uMHckUtc-Pbm/Invoice/175472286/US/Inv-85999-PO-9D432791/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105547/"
 "105546","2019-01-18 17:20:07","http://authenticrooftiles.com/PPLp-iNl_HBHWHvI-eD/COMET/SIGNS/PAYMENT/NOTIFICATION/01/18/2019/En/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105546/"
 "105545","2019-01-18 17:20:06","http://atashneda.com/cqnc-rfli_zDFNCUjoO-cr/PaymentStatus/EN_en/Overdue-payment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105545/"
@@ -8038,7 +8430,7 @@
 "105534","2019-01-18 16:26:32","http://ycykudy.cf/AaZd-zYaEm_kQTf-3c/PaymentStatus/US/Invoices-attached/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105534/"
 "105533","2019-01-18 16:26:17","http://yaheedudy.cf/IGPtT-Vms4_cygsPeZm-Dco/invoices/17130/8920/En_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105533/"
 "105532","2019-01-18 16:26:03","http://xn--k1afw.net/IpiUS-0O_rq-vgp/ACH/PaymentAdvice/En_us/Invoice-Corrections-for-81/84/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105532/"
-"105531","2019-01-18 16:26:01","http://www.wins-power.com/iixF-OV_kqV-NK/INV/00968FORPO/134610688014/En_us/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105531/"
+"105531","2019-01-18 16:26:01","http://www.wins-power.com/iixF-OV_kqV-NK/INV/00968FORPO/134610688014/En_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105531/"
 "105530","2019-01-18 16:26:00","http://www.agentfox.io/ZAqo-QB5_tJXk-pL/H96/invoicing/EN_en/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105530/"
 "105529","2019-01-18 16:25:57","http://waggrouponline.org/NTYgH-3u_n-wh/Ref/302484694US_us/Important-Please-Read/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105529/"
 "105528","2019-01-18 16:25:53","http://sos-debouchage-dumeny.com/yPeg-tmw7X_JZWVIOxrF-gb1/En_us/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105528/"
@@ -8048,7 +8440,7 @@
 "105524","2019-01-18 16:25:44","http://hopeswithin.org/nKSOT-QWrY_ZRO-wft/Invoice/01535830/En_us/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105524/"
 "105523","2019-01-18 16:25:43","http://drapart.org/Qxafy-OR_pzW-lT/INVOICE/10270/OVERPAYMENT/US_us/Document-needed/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105523/"
 "105522","2019-01-18 16:25:42","http://demo.gtcticket.com/fGSG-cIx8_TE-iq/INVOICE/EN_en/Important-Please-Read/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105522/"
-"105521","2019-01-18 16:25:39","http://constructiis3.ro/wp-content/vfdTD-Kw_E-bX/Invoice/584235869/US/Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105521/"
+"105521","2019-01-18 16:25:39","http://constructiis3.ro/wp-content/vfdTD-Kw_E-bX/Invoice/584235869/US/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105521/"
 "105520","2019-01-18 16:25:07","http://chzhfdy.gq/eAwG-Lm_ewDvQz-Jy/Invoice/983945882/En_us/Invoice-Corrections-for-66/89/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105520/"
 "105519","2019-01-18 16:24:21","http://tritonwoodworkers.org.au/Attachments/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105519/"
 "105518","2019-01-18 16:24:19","http://talktowendyssurvey.us/wp-admin/Attachments/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105518/"
@@ -8112,7 +8504,7 @@
 "105460","2019-01-18 14:18:34","http://80.211.35.63/x86_32","offline","malware_download","elf","https://urlhaus.abuse.ch/url/105460/"
 "105458","2019-01-18 14:18:33","http://80.211.35.63/arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/105458/"
 "105457","2019-01-18 14:18:33","http://80.211.35.63/mipsel","online","malware_download","elf","https://urlhaus.abuse.ch/url/105457/"
-"105456","2019-01-18 14:18:32","http://80.211.35.63/mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/105456/"
+"105456","2019-01-18 14:18:32","http://80.211.35.63/mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/105456/"
 "105455","2019-01-18 14:11:05","http://ip.skyzone.mn/ipp/gen/gen/gen/phone.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105455/"
 "105454","2019-01-18 14:11:03","http://ip.skyzone.mn/ipp/gen/gen/gen/gen/gen/phone.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105454/"
 "105453","2019-01-18 13:34:47","http://wawan.klikini.xyz/tEgqI-3tid_OPmEGT-fH/InvoiceCodeChanges/US/Invoice-receipt/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105453/"
@@ -8132,7 +8524,7 @@
 "105439","2019-01-18 13:34:19","http://hjsanders.nl/Rechnungs/122018/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105439/"
 "105438","2019-01-18 13:34:19","http://hostelegant.com/Transaktion/2018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105438/"
 "105437","2019-01-18 13:34:15","http://lagbag.it/Transaktion/DEZ2018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105437/"
-"105436","2019-01-18 13:34:14","http://mayphatrasua.com/Rechnungs/DEZ2018/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105436/"
+"105436","2019-01-18 13:34:14","http://mayphatrasua.com/Rechnungs/DEZ2018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105436/"
 "105435","2019-01-18 13:34:10","http://mywebnerd.com/Rechnungen/2018/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105435/"
 "105434","2019-01-18 13:34:08","http://newcanadianmedia.ca/templates/beez_20/Transaktion/201812/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105434/"
 "105433","2019-01-18 13:34:06","http://thomasmoreguildedmonton.ca/Rechnung/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105433/"
@@ -8194,7 +8586,7 @@
 "105376","2019-01-18 09:34:10","http://shlifovka.by/Rechnungs/2018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105376/"
 "105375","2019-01-18 09:34:09","http://therxreview.com/Rechnungs/2018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105375/"
 "105374","2019-01-18 09:34:07","http://jongerenpit.nl/Rechnungs/2018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105374/"
-"105373","2019-01-18 09:34:04","http://otohondavungtau.com/Transaktion/2018/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105373/"
+"105373","2019-01-18 09:34:04","http://otohondavungtau.com/Transaktion/2018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105373/"
 "105372","2019-01-18 09:27:06","https://ganapatihelp.com/teo.jpg","online","malware_download","exe,Troldesh,Ransomware,RUS","https://urlhaus.abuse.ch/url/105372/"
 "105371","2019-01-18 09:24:03","https://www.jamdanicollection.com/doc732.zip","offline","malware_download","zipped-JS,Troldesh,Ransomware,RUS","https://urlhaus.abuse.ch/url/105371/"
 "105370","2019-01-18 09:22:04","http://73.159.230.89:22034/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105370/"
@@ -8268,8 +8660,6 @@
 "105301","2019-01-18 05:10:09","http://goodtogreat.co.th/De_de/BDPSQMPPH8176923/Bestellungen/DETAILS/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105301/"
 "105300","2019-01-18 05:10:03","http://drolhovaya.at/TojU-AX_pOoA-PKz/INVOICE/02033/OVERPAYMENT/En_us/Need-to-send-the-attachment/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105300/"
 "105299","2019-01-18 04:41:03","http://46.17.46.22/yeansn","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/105299/"
-"105298","2019-01-18 03:53:10","https://linkprotect.cudasvc.com/url?a=http://stats.emalaya.org/KDPfP-vYc_VbAktoyl-2e/476308/SurveyQuestionsUS_us/Open-invoices&c=E15f_ccC6R4GYydM7atvZQhTEB_u9BQDG6RSGa_MctMLzok8EyTd21ZwbL2SPUFv67vcvGC_1pTihZlY0N4t9v9j8IfxDYhTZg6F6A7Fv-i4e7QYi7FGI&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105298/"
-"105297","2019-01-18 03:53:07","https://linkprotect.cudasvc.com/url?a=http://institutodrucker.edu.mx/hOWj-jG55_Uc-aQ/4072397/SurveyQuestionsEN_en/Paid-Invoices&c=E1kfTQ-JL8WK9k5PpVmOxAmpug0SkXjr8EJumZWPe6SL_NiGDzymeh5iP1ZUZ-6RyurtWb9ye9Eqcnj3fUC0mH-AaJmmmy7nFPq5FqW57Y_VcVHda_ymANJ3-p&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/105297/"
 "105296","2019-01-18 03:53:04","http://www.sp11dzm.ru/PveH-QdVr_GMdW-G8/Southwire/GSO70016397/US/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105296/"
 "105295","2019-01-18 03:52:53","http://www.lexfort.ru/TXWGZ-RUqsg_oqLiGlZFj-ky/COMET/SIGNS/PAYMENT/NOTIFICATION/01/16/2019/US/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105295/"
 "105294","2019-01-18 03:52:50","http://weresolve.ca/EUmkd-4tom_tGUu-r0q/invoices/9777/44617/EN_en/Document-needed/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105294/"
@@ -8287,12 +8677,9 @@
 "105282","2019-01-18 03:52:07","http://clubdirectors.tv/De_de/IPRXQNXPPM4929999/DE/DOC/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105282/"
 "105281","2019-01-18 03:39:08","https://url.emailprotection.link/?abXcC0b1oLP-BXgTX0Qjajw42MURvcZK6HFKmlInhI7ZHVx_FYv0hOfNNuM9994JKrN-74FpQ3hIg5Qlr0-8p-A~~/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105281/"
 "105280","2019-01-18 03:39:07","https://pojbez31.ru/Amazon/EN/Messages/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105280/"
-"105279","2019-01-18 03:39:06","https://linkprotect.cudasvc.com/url?a=http://hjsanders.nl/Transactions/2019-01&c=E1CZs0n8uqwSo1BXDYoKRF7k5Q-WOqtsqDfJlPRjzy40PT4lZOf-Xiwr-yG7fNvPk315kNYXZrw_h1U5018BjWwwyKC_Pqc73rBDpB25IB&typo=1/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105279/"
 "105278","2019-01-18 03:39:05","http://www.shot-life.ru/Rechnungs/2018/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105278/"
 "105276","2019-01-18 03:39:04","http://ikinit.com/Amazon/En/Transactions/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105276/"
-"105277","2019-01-18 03:39:04","http://sendgrid2.oicgulf.ae/wf/click?upn=Ifs9ztBGmqH-2BjxL9ptnymJmW8tL5NaFhL4oylTdCBkrZxmtMSxR4cI1qzVVTMZw-2Fw7XCRWdTfyUmDfR1VL6isD6keQVWBlDWjTmFbphfCK0-3D_SGa7yjXcUN1UnrlYO8hIBvhGEtlOwmyZnvZEN8hX1KuK3U9ODFc4cildM8S7N6Nn6f7uE-2FKYZi8s0OQDH-2F-2FHzOBcoFE2v-2BnZY2M61W3dt4TmQQF81dqQlXjyWVGCoGapAiHQx5NOeQa5AqxcruCu-2FPd1Ktmf19-2F-2FLhK-2Buv2dU9sCZRgRgG9n-2By64io-2B-2BwmEYfV2ST-2BBkrEdza-2BMFEO7YIPAFSAcqjfd1YxAPV-2Bk4cMM-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105277/"
 "105275","2019-01-18 03:24:05","http://ayokerja.org/AMAZON/Clients/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105275/"
-"105274","2019-01-18 03:16:17","https://u6547982.ct.sendgrid.net/wf/click?upn=bu-2FKl8jwfHHl7vzGLYn8cGnlQRqBBIQjlVLdTGMPwP-2FgXjEiyLDwNc-2BYJI8ITnIb2epwvY3aJRBWhy0Xzc9PVw-3D-3D_T2OQnmBgkig8in2Rk28k1skDgT18t3Wt4cOZymvHqoMkt5RdSECrbVaG0bDn-2FzKGpXzjYHJ3WJDX-2Fb6CEeXByelUm4rGzFUsxpUDAhBIPUNluj0OVqw1MHtZ8hBI5XsX4N8YagvO1NAjEFPoc6-2Fy9k0mr-2BDoiyyB7idlKfh8gUK63Ul0-2BDZRioXM-2FKBAoOnLjeYs8vzCPSFsSCHnV9mLfX7USZFMXVH0rRS9-2FqCWI3w-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/105274/"
 "105273","2019-01-18 03:16:16","http://nongnghiepgiaphat.com/dreyym/Transaktion/DEZ2018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105273/"
 "105272","2019-01-18 03:16:12","http://niteshagrico.com/Amazon/En/Clients_information/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105272/"
 "105271","2019-01-18 03:16:10","http://marshalstar.com.ng/Amazon/En/Clients/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105271/"
@@ -8315,7 +8702,6 @@
 "105254","2019-01-18 02:23:02","http://185.244.25.168/xd.arm7","online","malware_download","elf","https://urlhaus.abuse.ch/url/105254/"
 "105253","2019-01-18 01:44:02","https://ucb3ae1e320c02003c2f7d87f839.dl.dropboxusercontent.com/cd/0/get/AZlBlEsnrqottn0Z18t-7D8e0eZttHjxlWdJrl6TY3H6UwhBwcx7zDGs-p4UZrpWil84bLVuKSDXKbQWO7My0Bux3bxMD_kr1LGAjo9LV9lMhgo0FaY1cQiZwmkwst8SRt3iv9YsbPs4KZW5LsbaLYDntf1m7EpJWbJkAkqJBdkqhY02TZ-foYCRYfwEZzaJqMY/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/105253/"
 "105252","2019-01-18 01:34:49","http://ipbempreende.com.br/d2gp7Tj_xfPR2/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105252/"
-"105251","2019-01-18 01:34:48","https://u7188081.ct.sendgrid.net/wf/click?upn=qndQ4JJTiH8bHf5Kr8XpQ4QQA6qFw81WTPThe-2By2Dz5IXZ3mQ3Q-2B-2FNjy1xe2zfkTxMTTjZgMk5idhNx-2F9pzkEQ-3D-3D_4KEdUF-2FjGpR9pwSuVDOUnEcSXKDOcV9PRdMDD13WTECkwzhAplBqWjm1ueP-2BCJdIFzRQ-2BQtUC3kUu6-2Bftxf-2Bp2e0SeHb0OvzvW7GvyrvsEUPJmuD6hIkmGjN2PHzApu2dWTcEVa4H6hVBcbjp05fq7lZNfTJEBUnZHquRVf9hZEvWtMy96vF1wfRlmVGBxJE6iE-2BARYdm1J41gddRvuNeA-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105251/"
 "105250","2019-01-18 01:34:46","http://estab.org.tr/U3L2aMZnmE/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105250/"
 "105249","2019-01-18 01:34:35","http://antique-carpets.com/PIpK4IlRd/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105249/"
 "105248","2019-01-18 01:34:08","http://divametalart.com/BcabYiW/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105248/"
@@ -8361,13 +8747,11 @@
 "105208","2019-01-17 21:34:40","http://replorient.fr/Amazon/Transaction_details/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105208/"
 "105206","2019-01-17 21:34:38","http://indumentariastore.com.br/Amazon/EN/Information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105206/"
 "105205","2019-01-17 21:34:36","http://web63.s150.goserver.host/Amazon/EN/Attachments/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105205/"
-"105204","2019-01-17 21:34:35","https://u7648241.ct.sendgrid.net/wf/click?upn=fx-2FIlfZR6CACYC-2FEzUu5goBFSgo-2FOrRzDmkybKg1z9uwiut4wbIhZi2DMOHWGLaCPgIT4yAKn0TPDAgdLkAgig-3D-3D_sAp2mMIMgdWludllEZL9PBvrjxZIksULq0cN0suEYiBM7CpYcV-2FMils5XnJXGsN6pr1aXJj4GwuCM3b-2FhOTBS04bJul8eNndgh24VtTJAaJ3Diy32Eiy-2B5tonbW9yNiTFoMqVTDCe-2B49uxP8-2Bb5sA88-2BpJbDx-2BeEEKWK4wwOyDi86NrF08EljmWyQSNCrUhwh1k-2B6U-2BOAo58XqZ3x3DtcQ-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105204/"
 "105203","2019-01-17 21:34:34","http://ubocapacitacion.cl/Amazon/Documents/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105203/"
 "105202","2019-01-17 21:34:31","http://www.thequoruminitiative.com/Amazon/Payments_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105202/"
 "105201","2019-01-17 21:34:29","http://forexpedia.tradewithrobbie.com/Amazon/Transactions/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105201/"
 "105200","2019-01-17 21:34:26","http://kientrucdep.club/Amazon/En/Clients_information/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105200/"
 "105199","2019-01-17 21:34:23","http://tesla-power.pl/Amazon/EN/Documents/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105199/"
-"105198","2019-01-17 21:34:22","https://u7648241.ct.sendgrid.net/wf/click?upn=fx-2FIlfZR6CACYC-2FEzUu5goBFSgo-2FOrRzDmkybKg1z9uwiut4wbIhZi2DMOHWGLaCPgIT4yAKn0TPDAgdLkAgig-3D-3D_sAp2mMIMgdWludllEZL9PBvrjxZIksULq0cN0suEYiBM7CpYcV-2FMils5XnJXGsN6oiBmRpEscnWAJiBgYhvZYu8LjRz8gTfenmMA1s4nB8ovbmKiTxPuRlsZcgGrsZGuibb5yidRVAYyVQ-2BZLOQymb1CW0N84nrwmO9J56MRGf-2BZp8qHwgbJl0PeSzMefko4anVKUqFur0m-2FREvhOJYbPw-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105198/"
 "105197","2019-01-17 21:34:21","http://mandselectricalcontractors.co.za/Amazon/Documents/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105197/"
 "105196","2019-01-17 21:34:18","http://dmoving.co.il/Amazon/Transactions-details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105196/"
 "105195","2019-01-17 21:34:17","http://2nell.com/Amazon/En/Clients_information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105195/"
@@ -8378,7 +8762,6 @@
 "105190","2019-01-17 21:34:08","http://lombardz.org/wp-snapshots/Amazon/Clients/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105190/"
 "105189","2019-01-17 21:34:07","https://activartcompany.it/Amazon/EN/Information/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105189/"
 "105188","2019-01-17 21:34:06","http://uat.convencionmoctezuma.com.mx/Amazon/Documents/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105188/"
-"105187","2019-01-17 21:34:02","http://sendgrid2.oicgulf.ae/wf/click?upn=2UXNtEH7zdqmHUvJApE-2B0XcC7dAdTT-2BTOGmnQuwwkazH6dcL36Ly4IPwcXdoQgLpw6VAnSm2fnMh8gZcgZl2zA-3D-3D_5Z3XbQWSN2-2FVMFeM7B17h4FmPP2yaf02NKm49DxQbtSFsrxF75ZYKMIh-2B7rqceyA88LuZvDdnFKedHBFJ4FxXVi6kaPcJ-2B6SIC-2FJs342EK4est3mTeJikt-2Ba2uaHxhqEERhPv84T9tMCY7nk6siNk8wr3IffKtxUHrhnOM9dvOIpQwLiukY9YqbBXgEZyC6ZonkuauRCc26caR6Q6e-2Bs4xyB-2FxlqvGupDRN-2BHOQ-2BPgM-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105187/"
 "105186","2019-01-17 20:36:03","http://www.fribola.com/st/smk1101.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105186/"
 "105185","2019-01-17 20:24:03","http://www.fribola.com/leggmzt771/jsmk15011.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/105185/"
 "105184","2019-01-17 20:17:36","http://www.smsfgoldbullion.com.au/AMAZON/Transactions/2019-01/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/105184/"
@@ -8463,7 +8846,7 @@
 "105105","2019-01-17 18:04:16","http://logopediaromaeur.it/WgCbZ-0OYKr_TAt-aI/InvoiceCodeChanges/US/Service-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105105/"
 "105104","2019-01-17 18:04:15","http://kadinveyasam.org/LaZEz-l0Qd_ZCglb-YG/Inv/7406599000/US_us/Outstanding-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105104/"
 "105103","2019-01-17 18:04:14","http://institutodrucker.edu.mx/hOWj-jG55_Uc-aQ/4072397/SurveyQuestionsEN_en/Paid-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105103/"
-"105102","2019-01-17 18:04:12","http://hungryman.vi-bus.com/SASb-6B0_ExpniY-CI/Invoice/888600786/En/0-Past-Due-Invoices/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105102/"
+"105102","2019-01-17 18:04:12","http://hungryman.vi-bus.com/SASb-6B0_ExpniY-CI/Invoice/888600786/En/0-Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105102/"
 "105101","2019-01-17 18:04:10","http://daddyospizzasubs.com/wp-admin/UNTT-Ha_YfHUOyuFH-3lS/ACH/PaymentInfo/US_us/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105101/"
 "105100","2019-01-17 18:04:07","http://condosbysmdc.ph/jiXi-U77g_YZFWm-jdw/ACH/PaymentAdvice/US_us/2-Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105100/"
 "105099","2019-01-17 18:04:05","http://cheapavia.ga/cJOJM-3jl19_woVwcuso-HG/invoices/51963/4349/En_us/Paid-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/105099/"
@@ -8484,8 +8867,6 @@
 "105084","2019-01-17 17:42:07","http://diota-ar.com/wp-content/elementor/assets/css/templates/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/105084/"
 "105083","2019-01-17 17:42:05","http://rogamaquinaria.com/zpoo/vva.exe","offline","malware_download","HawkEye,keylogger,exe","https://urlhaus.abuse.ch/url/105083/"
 "105082","2019-01-17 17:34:20","http://rnexpress.ir/Amazon/EN/Clients_Messages/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105082/"
-"105081","2019-01-17 17:34:18","https://linkprotect.cudasvc.com/url?a=http://stats.emalaya.org/KDPfP-vYc_VbAktoyl-2e/476308/SurveyQuestionsUS_us/Open-invoices&c=E,1,5f_ccC6R4GYydM7atvZQhTEB_u9BQDG6RSGa_MctMLzok8EyTd21ZwbL2SPUFv67vcvGC_1pTihZlY0N4t9v9j8IfxDYhTZg6F6A7Fv-i4e7QYi7FGI,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/105081/"
-"105080","2019-01-17 17:34:17","https://linkprotect.cudasvc.com/url?a=http://institutodrucker.edu.mx/hOWj-jG55_Uc-aQ/4072397/SurveyQuestionsEN_en/Paid-Invoices&c=E,1,kfTQ-JL8WK9k5PpVmOxAmpug0SkXjr8EJumZWPe6SL_NiGDzymeh5iP1ZUZ-6RyurtWb9ye9Eqcnj3fUC0mH-AaJmmmy7nFPq5FqW57Y_VcVHda_ymANJ3-p&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/105080/"
 "105079","2019-01-17 17:34:15","http://cindycastellanos.com/rqES-L1_NiptrHy-Zk/INVOICE/US_us/Question/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105079/"
 "105078","2019-01-17 17:34:13","http://dirc-madagascar.ru/MqvEc-D8trE_R-9RK/Inv/76965924789/En/Inv-277031-PO-5X526676/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105078/"
 "105077","2019-01-17 17:34:12","http://histolabdiagnostico.com.br/ImnU-5p_mGmpFEWr-kq/INVOICE/9046/OVERPAYMENT/EN_en/Scan/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105077/"
@@ -8509,8 +8890,6 @@
 "105059","2019-01-17 17:28:27","http://mmms.at/Amazon/En/Details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105059/"
 "105058","2019-01-17 17:28:25","http://roytransfer.com/Amazon/Clients_information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105058/"
 "105057","2019-01-17 17:28:24","http://squawkcoffeehouse.com/Amazon/EN/Clients_Messages/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105057/"
-"105056","2019-01-17 17:28:23","https://u5184431.ct.sendgrid.net/wf/click?upn=ozDR6TI7-2FayTtoOzFXIArK2Xm4-2BFamuvp6owQoUMF4I051DejfoIySD0gnGysyDC7OqF-2B6-2BFXvVImKTe-2FHBq5w-3D-3D_rMjxGqkxyK3CmSCHs2ssFiFPpDO7XF8ec30mLrVM9BzxEavYRbUxbIFT-2FmW8bcCazPclk-2FNpMTdx4-2BO0VClgVxTHshtgpYc7EaOoqV9S-2B2gyB6c8N7vKFndfC1fPgEDd1RWrpXB5Ob-2Fl3XZEMVFM4SuU5MpBjARiJ-2FmOmC-2FG3xQC2BRHZCkAAikZLqvuIK-2FwZ74-2FNARUNjga0Xtxn12rng-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105056/"
-"105055","2019-01-17 17:28:22","https://u5184431.ct.sendgrid.net/wf/click?upn=50wzScr979SIyNFTtUR00wJO-2BNHhKeuXdHtYw0edYt4CdqgunuZn0EgxHSdHHpoIxFaEDPtI8jSztS4GYKso5qBK8GjdUbBb2X8d006r2fk-3D_1dGNceYTHC-2BspxQLwOMt9tYDce94VLY6oFybl9hokDSSy0nPa87wY6I6ZeUObeTpCByM9NcQisb2YvWsh35ciwwWZuOlmsfbxO7Nz6Z-2FPjuR0tP3Hfv7-2Bq44nTqneRBY-2Bf3233jIyotz9N5b7p9Il9ht0F7tBjsxt2D6tJUavIDQ1VYQY9mbWx3h5UzbwswXb-2BvGpB-2FfosPpV9uXnKYrTEpZZxtJoZSMHKcdWJ-2B7PcY-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/105055/"
 "105054","2019-01-17 17:28:21","http://womanhealer.co.za/Amazon/En/Clients_information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105054/"
 "105053","2019-01-17 17:28:18","http://ssmthethwa.co.za/Amazon/Clients_information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105053/"
 "105052","2019-01-17 17:28:16","http://web113.s152.goserver.host/Amazon/En/Orders_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105052/"
@@ -8590,7 +8969,6 @@
 "104977","2019-01-17 15:21:01","http://ccoweetf.org/Amazon/Payments_details/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104977/"
 "104976","2019-01-17 15:20:59","http://kuvo.cl/Amazon/Clients_information/2019-01/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104976/"
 "104975","2019-01-17 15:20:57","http://lms-charity.co.uk/Amazon/En/Orders_details/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104975/"
-"104974","2019-01-17 15:20:56","https://u7648241.ct.sendgrid.net/wf/click?upn=fx-2FIlfZR6CACYC-2FEzUu5gmVa5pPda6-2F4ypbdkg9Keqxq2fY0WAMpQ5dgITbVop3AFLDGljvc2Q2Y5QAaKfzyaA-2FLh3M-2BsAA1SX5TVC-2Bgeuk=_X6nVGqSMdJTrz-2FI1LxXG5hBUoznKoVUwMysCvJAk64HpEurAqxv67U7VOS-2BeLG3Q-2Fe2xH3xrqwxeEmcsRgmXcsyIJW45vBSezk0og9zDgxqQ1opg32DncTBXbVotGH1d4mCxbzs4eyy0N0LE2xihTUYYFtCWvi8FBoQEmyWeYzUzBoMhVVEssXj8Sbgj4uS5CQ3hjbmQI199b4X8yc4iq89fZtH2c2M5rPBZAIaEEqA=/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104974/"
 "104973","2019-01-17 15:20:55","https://asmm.ro/Amazon/EN/Orders_details/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104973/"
 "104972","2019-01-17 15:20:53","http://houara.com/Amazon/Transactions/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104972/"
 "104971","2019-01-17 15:20:52","http://pouya-sazane-parseh.com/AMAZON/Payments/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104971/"
@@ -8600,7 +8978,6 @@
 "104967","2019-01-17 15:20:15","http://www.prolevel.at/Amazon/Transactions/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104967/"
 "104966","2019-01-17 15:20:14","http://raliiletradings.co.za/Amazon/Orders_details/2019-01/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104966/"
 "104965","2019-01-17 15:20:11","http://aquasalar.com/Rechnung/122018/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104965/"
-"104964","2019-01-17 15:20:07","https://linkprotect.cudasvc.com/url?a=http://hjsanders.nl/Transactions/2019-01&c=E,1,CZs0n8uqwSo1BXDYoKRF7k5Q-WOqtsqDfJlPRjzy40PT4lZOf-Xiwr-yG7fNvPk315kNYXZrw_h1U5018BjWwwyKC_Pqc73rBDpB25IB&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104964/"
 "104963","2019-01-17 15:20:05","http://bluewindservice.com/Amazon/En/Clients_Messages/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104963/"
 "104962","2019-01-17 15:20:03","http://tbssmartcenter.tn/Amazon/EN/Clients/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104962/"
 "104961","2019-01-17 14:57:04","http://swanpark.dothidongsaigon.com/kJcGo-4x_YOOprAfa-Oo/Iqgz-39o_sx-Wr8/INVOICE/06460/OVERPAYMENT/En/Invoice-for-a/b-01/17/2019/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/104961/"
@@ -8631,7 +9008,7 @@
 "104936","2019-01-17 14:13:17","http://www.pivmag02.ru/De_de/YWJLCUYZJ9767423/gescanntes-Dokument/Hilfestellung/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104936/"
 "104935","2019-01-17 14:13:15","http://www.hopeintlschool.org/Januar2019/NHNZYRYQAN0737838/gescanntes-Dokument/DETAILS/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104935/"
 "104934","2019-01-17 14:13:11","http://whitekhamovniki.ru/De/CQCUFKTZJ0270182/Rechnung/Zahlung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104934/"
-"104933","2019-01-17 14:13:09","http://kosarhaber.xyz/De_de/SRRPFEYN0329359/de/Rechnungsanschrift/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104933/"
+"104933","2019-01-17 14:13:09","http://kosarhaber.xyz/De_de/SRRPFEYN0329359/de/Rechnungsanschrift/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104933/"
 "104932","2019-01-17 14:13:07","http://ibk.co.il/De_de/KGHNNUREN6892404/Scan/DOC/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104932/"
 "104931","2019-01-17 14:13:06","http://brahmakumaris.lt/Januar2019/UHUWLLX5420831/Scan/Hilfestellung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104931/"
 "104930","2019-01-17 14:13:05","http://bloggers.swarajyaawards.com/wp-content/DE_de/FBSHMTMM4901809/Rechnungs-Details/RECHNUNG/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104930/"
@@ -8901,7 +9278,7 @@
 "104644","2019-01-17 06:50:06","http://baskanligagidenyol.com/1iSd7Z8y_h1Ocq_hmfW4vH7L/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/104644/"
 "104643","2019-01-17 06:50:04","http://highclass-store.co/NzDOK_DeMJ9_tU/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/104643/"
 "104642","2019-01-17 06:45:17","http://healthtech.tn/DE_de/FWWBXSDY5884914/de/DETAILS/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104642/"
-"104641","2019-01-17 06:45:12","http://pnneuroeducacao.pt/Januar2019/QTUBNJMA0319791/Rechnungs-Details/RECHNUNG/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104641/"
+"104641","2019-01-17 06:45:12","http://pnneuroeducacao.pt/Januar2019/QTUBNJMA0319791/Rechnungs-Details/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104641/"
 "104640","2019-01-17 06:45:07","http://www.akblog.ru/ePug-k85sR_YytAfLR-wB1/EXT/PaymentStatus/EN_en/Sales-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104640/"
 "104639","2019-01-17 06:44:26","http://tral24.su/YW50qrlHa/","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/104639/"
 "104638","2019-01-17 06:44:24","http://xyzfilamenten.nl/v4h00iq9W/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/104638/"
@@ -8940,7 +9317,6 @@
 "104605","2019-01-17 05:24:09","http://download.pdf00.cn/kszip/mini/v1.0.1.11/mini_01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/104605/"
 "104604","2019-01-17 05:24:01","http://185.244.25.221/bins/Y.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/104604/"
 "104602","2019-01-17 05:04:12","http://vansutrading.co.za/De/HJOYPWCG0150375/Rechnung/DETAILS/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104602/"
-"104603","2019-01-17 05:04:12","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fsahlkaran.com%2fJztlU-mv_PNWYyahoK-Mk%2fInvoiceCodeChanges%2fEn_us%2fPaid-Invoice&c=E15BuRuU0mTeP5YfrkEsnAhzwa54ZP1ZYbQUAt8w7IrO4Fheu7D8bRrd8I_8Lqvtc7EmuC6uihZWN_WVN5AqQ4CGuNG46Y1lr15eTBmcMFll25&typo=0/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/104603/"
 "104601","2019-01-17 05:04:10","http://torfsgebroeders.eu/jxvcW-5j7_FfHbDoyE-Zb/INVOICE/En/Document-needed/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/104601/"
 "104599","2019-01-17 05:04:09","http://pojbez31.ru/De_de/HLZWYP1604214/de/RECHNUNG/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/104599/"
 "104600","2019-01-17 05:04:09","http://realistickeportrety.sk/de_DE/HRJFTKZNHQ4922711/gescanntes-Dokument/Zahlung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/104600/"
@@ -8956,7 +9332,6 @@
 "104589","2019-01-17 04:19:06","http://bietthunghiduong24h.info/mGKr-ZRnV_Dg-OG/COMET/SIGNS/PAYMENT/NOTIFICATION/01/17/2019/En/Overdue-payment/","online","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/104589/"
 "104588","2019-01-17 04:11:02","https://ketout.com/Attachments/01_19/","online","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/104588/"
 "104587","2019-01-17 04:10:07","http://www.aramanfood.com/Rechnungen/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/104587/"
-"104586","2019-01-17 04:10:05","http://sendgrid2.oicgulf.ae/wf/click?upn=FBXErEQYiWolIv6Nv7udtEz5PdgmXAcVPIrDGpW0OdqAm5B2IXlCoG8BbVldeyc0vgj5Pg09e0rPu3JmQXnpYw-3D-3D_l6HG3FW8n50aQtA4oQ21QaL5Fq-2BZzmKMGTJdvztZDph23Ya5auoshdORU1dhC702A5NcVPgL9ZNydHDAKMoGX6CB-2B1dD6VobR1LyUe81IQz2tTIHDXsecLWtCY1YWx75T4fyzd3S2qgLoo5lfOEfWAWrcJLFBegEnWDqWzZ8SFkVauRuz81YMtYnMdt6OcGD-2Bgc20TxYe3gcu19w5yb3jdSCawIRAWBeIeAAdYb-2Fcs0-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/104586/"
 "104585","2019-01-17 04:10:04","http://etihadkit.com/Rechnungs/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/104585/"
 "104584","2019-01-17 04:10:03","http://ema2-medea.com/Documents/01_19/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/104584/"
 "104583","2019-01-17 04:08:17","https://ipkill.org/1uFew?Product=Adobe_Flash_Player&SessionID=0ahUKEwjwktCmpYzfAh0rDAM4PBDy0wMInAE&biw0rDAM4PBDy0wMInAE&biw","offline","malware_download","exe","https://urlhaus.abuse.ch/url/104583/"
@@ -9017,7 +9392,7 @@
 "104528","2019-01-16 23:20:45","http://www.tbssmartcenter.tn/Amazon/EN/Clients/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104528/"
 "104527","2019-01-16 23:20:44","http://isofip.com/Amazon/EN/Transactions/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104527/"
 "104526","2019-01-16 23:20:43","http://auto-buro.com/Amazon/Orders_details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104526/"
-"104525","2019-01-16 23:20:42","http://lanhodiepuytin.com/Amazon/En/Information/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104525/"
+"104525","2019-01-16 23:20:42","http://lanhodiepuytin.com/Amazon/En/Information/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104525/"
 "104524","2019-01-16 23:20:39","http://clindorbh.com.br/Amazon/Clients/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104524/"
 "104523","2019-01-16 23:20:37","http://asgardiastore.space/Amazon/EN/Transactions-details/2019-01/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104523/"
 "104522","2019-01-16 23:20:36","http://temptest123.reveance.nl/Amazon/Clients_Messages/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104522/"
@@ -9077,7 +9452,6 @@
 "104468","2019-01-16 23:06:14","http://mail.mtcc858.ca/AUPdJ-2Ed_zvCHEsG-tU7/INV/95995FORPO/81050853735/En_us/Sales-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104468/"
 "104467","2019-01-16 23:06:11","http://oculista.com.br/XTrf-wwKF_YilnCf-ZO2/US/Overdue-payment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104467/"
 "104466","2019-01-16 23:06:09","http://www.pugliachebonta.it/DfXp-XIlA_vLnRIp-Y3/En/Service-Report-41623/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104466/"
-"104465","2019-01-16 23:06:08","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fsahlkaran.com%2fJztlU-mv_PNWYyahoK-Mk%2fInvoiceCodeChanges%2fEn_us%2fPaid-Invoice&c=E,1,5BuRuU0mTeP5YfrkEsnAhzwa54ZP1ZYbQUAt8w7IrO4Fheu7D8bRrd8I_8Lqvtc7EmuC6uihZWN_WVN5AqQ4CGuNG46Y1lr15eTBmcMFll25&typo=0/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/104465/"
 "104464","2019-01-16 23:06:07","http://www.makemoneyonline0.com/DE_de/ZQUBDQBRF4046755/de/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104464/"
 "104463","2019-01-16 23:06:04","http://www.yourroofer.co.uk/lhqBW-xBf_rjfKGVK-7d/Ref/40745794US/Overdue-payment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104463/"
 "104462","2019-01-16 23:06:02","http://etihadinnovationkit.com/Januar2019/ZSCZJSMFJR0996491/Rechnung/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104462/"
@@ -9094,8 +9468,7 @@
 "104451","2019-01-16 21:38:59","http://www.idgnet.nl/Amazon/En/Transaction_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104451/"
 "104450","2019-01-16 21:38:58","http://www.motoruitjes.nl/Amazon/EN/Transactions-details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104450/"
 "104449","2019-01-16 21:38:57","http://ero4790k.com/ftwiofrm_ero4460/Amazon/Details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104449/"
-"104448","2019-01-16 21:38:55","https://u4124863.ct.sendgrid.net/wf/click?upn=eh9ClvIm7G7bZ30e4T0-2BXeBGvHmXfvV3h8tQ2zucmrIpE3T4dDxLPjk06TIvrVm4yS46xr0nhv-2BRjNcAij90tA-3D-3D_xctnYg84w5dxAEIqlKwfAPMaFcwX-2BvqrbGPc2AtERUBWzHqvIT6k-2Br-2F-2BrTFXH30SNualkInsFl4kpjXolz1pDKeYin09j-2FEubfJTzFhwOMu5oue5PkZ1ZFmH7rUIdUkez3mTRhDSR7LSdjzJe7kX1K2CA4LRWk-2FqB27r26sqioe3dlQep0gTtoPFvd9UDN-2FKyX1wGC8e76w2wvEwgP76sLkPurQN5-2BQFzDYYjtmDPZw-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104448/"
-"104447","2019-01-16 21:38:54","http://cbsr.com.pk/wordpress/Amazon/En/Orders-details/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104447/"
+"104447","2019-01-16 21:38:54","http://cbsr.com.pk/wordpress/Amazon/En/Orders-details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104447/"
 "104446","2019-01-16 21:38:52","http://pugliachebonta.it/Amazon/EN/Orders_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104446/"
 "104445","2019-01-16 21:38:51","http://batdongsanbamien24h.com/AMAZON/Attachments/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104445/"
 "104444","2019-01-16 21:38:48","http://gmelfit.com/Amazon/Payments_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104444/"
@@ -9146,7 +9519,6 @@
 "104399","2019-01-16 19:08:14","http://www.ayokerja.org/AMAZON/Clients/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104399/"
 "104398","2019-01-16 19:08:11","http://waliwalo.com/Y6o7VhuKPU/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104398/"
 "104396","2019-01-16 19:08:09","http://wellnessworkshop.ie/Amazon/EN/Clients_transactions/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104396/"
-"104397","2019-01-16 19:08:09","https://u5184431.ct.sendgrid.net/wf/click?upn=WPE4Fdem1KeYGRlXyJBsyJCessoFpRKsFM2NK6cmH1rEKxk5JgbBTBg7j0WDEQgBPixS5vaIaTpWWl9dIfz1DC8uX1S-2FXre9kQql4lAiBCU-3D_X0evSHGxGTwNysm1g6J8lT06e-2BoXkO14az5skvD7zf-2BZJtBghRAwT9gcHhZEdupg0pILOkyaNck2093dw43Tk-2FEBJgVnBEJzmLzWFFtaxgLU6ClVTuF0bl80zJpg1z6FgynXwBkq7DtgkJdt8HTmAJ7TnQ30MT0cqQGEfibrjcEcgfwZAIWjOS3NGzs2G5SNDaExwulxRO1icOeFU6cxYg-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104397/"
 "104395","2019-01-16 19:08:08","http://themanorcentralparknguyenxien.net/Amazon/Orders_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104395/"
 "104394","2019-01-16 19:08:06","http://old.polskamasens.pl/Amazon/Transactions/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104394/"
 "104393","2019-01-16 19:08:05","http://rampp.ir/wp-content/Amazon/Information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104393/"
@@ -9241,13 +9613,9 @@
 "104304","2019-01-16 16:53:12","http://breakthebubble.nl/Amazon/Attachments/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104304/"
 "104303","2019-01-16 16:53:11","http://alfa-des.pro/Amazon/EN/Information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104303/"
 "104302","2019-01-16 16:53:10","http://expoluxo.com/Amazon/En/Clients_information/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104302/"
-"104301","2019-01-16 16:53:08","http://sendgrid2.oicgulf.ae/wf/click?upn=VD95ITBgtKnZfMM-2Fzam2bBIASOPkYOMkETTDO9FXgJmmaFY7OZGAgcjchmyHE8YoloQEvmIDk3SgStgVHg94Fw-3D-3D_3u4p1Y-2B0wGhyOmLEmyjqlwR22D5iE9w0sMYOxHBqCDtXmMz9AoEgWJ89g6awstcXGjyleOuS0vtYn6O7Jl4qRiyGnJT60Y6ViBzJn-2F4cnu78gHQxpyoVVTXIVadHeHyrIfbjSF2j2DmwJ1x2XS4UE5VErRGQra30P6sFgm-2FThNmx-2Fj05jhWZGN9v4PofHUlw-2F5Ewx5XMaTJutCoyydbQr66hLio3ZZbo3fmdVzfcBvU-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104301/"
 "104300","2019-01-16 16:53:08","http://tubiepornhub.com/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104300/"
 "104299","2019-01-16 16:53:06","http://kisfino.com/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104299/"
 "104298","2019-01-16 16:53:05","http://locksmithhollywoodweb.com/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104298/"
-"104297","2019-01-16 16:53:03","http://sendgrid2.oicgulf.ae/wf/click?upn=GsSHusSf8SqmnjcxeBn6onr5c8CRbJgUhL3LQUsMhlNkowcKB1cL2TtcHWLkjyKR-2FWSSZ7Qlz-2BeVP-2FG5-2FH4FrQ-3D-3D_Felol2aPnvw-2F26iod3oKCkXHDEFKVyhP2SQyv-2FhWIYGeEwd-2FBjnZjexWfiM9NVCl9Hcb36AK68eUZBoNYfR0U2I4FdZUJh-2Fxa-2FE3CAyxSOjRSi9XCuxHFpJ0vRB2gpJxcwbmc4YFBhKnfmYJwZvi9bffKhMC-2FmwXrUJXcy29Of72xJ4HrVKXjHmBdsq8GYQNQqpjZG8Kr3Vj9XoON0BuvPXyQvyU8Rrb3Vh2SmzaMFQ-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104297/"
-"104296","2019-01-16 16:53:03","http://sendgrid2.oicgulf.ae/wf/click?upn=Ifs9ztBGmqH-2BjxL9ptnymNQrGddYBeMhSML9ly5ERr-2BT9Pg090dvQNl5b-2BecOZ-2FiG16nxHqz12C5QGNMArM0nA-3D-3D_i2GSObdlJnVAAu3Jd8D4HBX3iMWWoLo9thjz1Uoz-2B-2FhvbMqvBSp5Qcjk4u-2B54ZEnZQ1jLCjaOwYwCX4condfTq-2FO3GK5ixJfdl08KOejwVmN-2BYTdDYaXX-2Bi2UZG7jS2wFyi9pftYHTJYUfkYB3D41LF3gRuZ9HQmFB75tlzJGHb3-2F0s6jLPabZnzbCDF15g49JB-2FSiBXeRsET44n7R31UR7CEdslQfY6vjo7mDJqI-2Fc-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104296/"
-"104295","2019-01-16 16:53:02","http://sendgrid2.oicgulf.ae/wf/click?upn=Ifs9ztBGmqH-2BjxL9ptnymNQrGddYBeMhSML9ly5ERr-2BT9Pg090dvQNl5b-2BecOZ-2FiG16nxHqz12C5QGNMArM0nA-3D-3D_o5AVXp8blFgDP4X4xNGd2KYYzHSF-2F7HKlROIRMeSW-2Bh9Et29-2FpTwhIioTkpq-2FROgRE03rhRAL-2F-2BPJg7LYfdTKBTADRtz0qR1HPUm3aZX03bYsHwxra3U4O9jyG50A5DCom7DRM64bD7w1Ai0LMMwrbIQFxfIWAxYxdT6KflSDl0fqi1NCFMr4HJBzsXE-2BTlXWskBhBn68gArZgKHtHKc-2BggGhlP0bevdyIqX4RlTm7U-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104295/"
 "104294","2019-01-16 16:49:03","http://healthsbouquet.com/Amazon/En/Transaction_details/012019","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/104294/"
 "104293","2019-01-16 16:47:08","http://kantova.com/xRVVM3r_gsFZOEnE/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/104293/"
 "104292","2019-01-16 16:47:05","http://www.motoruitjes.nl/BrG_4Tb3uEk0N/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/104292/"
@@ -9258,7 +9626,7 @@
 "104287","2019-01-16 16:46:17","http://modern-autoparts.com/mfn6gSx_fcDqwb8/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104287/"
 "104286","2019-01-16 16:46:13","http://ar.caginerhastanesi.com.tr/qYrM-Ld6_bZVB-u8Z/Inv/897231384/En/7-Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104286/"
 "104285","2019-01-16 16:46:11","http://rastkultur.de/PxHnN-t0yC_fTwGCXIrk-v5/COMET/SIGNS/PAYMENT/NOTIFICATION/01/16/2019/En_us/3-Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104285/"
-"104284","2019-01-16 16:46:08","http://www.wins-power.com/xwMxP-QIdi_svovMFFa-n8/EN_en/Invoice-Number-293599/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104284/"
+"104284","2019-01-16 16:46:08","http://www.wins-power.com/xwMxP-QIdi_svovMFFa-n8/EN_en/Invoice-Number-293599/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104284/"
 "104283","2019-01-16 16:46:06","http://www.islandeccsites.com/iFPUj-M9_fmmiR-mTb/EXT/PaymentStatus/EN_en/Invoices-Overdue/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104283/"
 "104282","2019-01-16 16:44:04","http://amritmachinerycorpn.com/AMAZON/Clients_information/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/104282/"
 "104281","2019-01-16 16:37:05","http://www.comparto.com.br/Amazon/Clients/01_19/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/104281/"
@@ -9334,7 +9702,7 @@
 "104210","2019-01-16 15:12:05","http://irsoradio.nl/Amazon/En/Clients_transactions/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/104210/"
 "104209","2019-01-16 15:12:03","http://old.copyrightessentials.com/Amazon/Information/2019-01/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/104209/"
 "104208","2019-01-16 15:09:11","http://83.40.11.203:15616/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104208/"
-"104207","2019-01-16 15:09:08","http://62.83.253.78:4547/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104207/"
+"104207","2019-01-16 15:09:08","http://62.83.253.78:4547/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104207/"
 "104206","2019-01-16 15:09:04","http://189.69.124.217:7181/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104206/"
 "104205","2019-01-16 15:00:03","http://vektorex.com/cgii/620315789.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/104205/"
 "104204","2019-01-16 14:56:04","http://vektorex.com/cgii/65098771.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/104204/"
@@ -9381,7 +9749,6 @@
 "104157","2019-01-16 13:00:16","http://ghayati.com/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104157/"
 "104156","2019-01-16 13:00:14","http://cnywebservice.com/Amazon/Messages/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104156/"
 "104155","2019-01-16 13:00:11","http://broadnepalnews.com/Rechnungen/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104155/"
-"104154","2019-01-16 13:00:09","http://sendgrid2.oicgulf.ae/wf/click?upn=otiUwT24tWIVg7t4iJgYRrTynFGYKd-2Ff6IRPJG6zO-2FseMflUieiTZDPtuRRjhGh-2FgMqbI4llFhTwzc4tGl2eiw-3D-3D_noZZaTL5GjYhLgHXX205epVe5QyNYnpLwJEDAfiZLsUsSk1Rw1ymLChA1ljGdKUtegFToB-2FeRk-2FhEX0yaWMXST398tIkYf6KhG5-2BmxQnH2b4F2YOCyxaU6-2BhvFZP3M9sGqD-2ByL3bBhgcVnkdi38TOfKjbzLBSsOulebi3h-2F1D3iP8RJBPLXC0CcE7gRgHXXgnAtr-2BtMgdEIMfrq8dB1IEE-2BCz9cs-2BaioDAbUmlOt73U-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104154/"
 "104153","2019-01-16 13:00:08","http://katyremodelingpros.com/Rechnung/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104153/"
 "104152","2019-01-16 13:00:07","http://amerigau.com/wp-content/uploads/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104152/"
 "104151","2019-01-16 13:00:04","http://test2.flyingsteel.com/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104151/"
@@ -9427,7 +9794,7 @@
 "104111","2019-01-16 12:14:04","http://185.189.149.137/client64.bin","online","malware_download","Gozi,Task,Encoded","https://urlhaus.abuse.ch/url/104111/"
 "104110","2019-01-16 12:14:03","http://185.189.149.137/client32.bin","online","malware_download","Gozi,Task,Encoded","https://urlhaus.abuse.ch/url/104110/"
 "104109","2019-01-16 12:14:02","http://185.189.149.137/az.rar","offline","malware_download","Gozi,Task,Encoded","https://urlhaus.abuse.ch/url/104109/"
-"104108","2019-01-16 12:04:03","http://help.postsupport.net/mkcdniehfurg.png?bg=it01","online","malware_download","ITA,Gozi,geofenced,min-headers,headersfenced","https://urlhaus.abuse.ch/url/104108/"
+"104108","2019-01-16 12:04:03","http://help.postsupport.net/mkcdniehfurg.png?bg=it01","offline","malware_download","ITA,Gozi,geofenced,min-headers,headersfenced","https://urlhaus.abuse.ch/url/104108/"
 "104107","2019-01-16 11:57:03","http://vacacionespuntacana.com/wp-content/themes/vacaciones/content/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/104107/"
 "104106","2019-01-16 11:53:13","http://hotrosieunhanh.com/wp-content/themes/twentyseventeen/inc/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/104106/"
 "104105","2019-01-16 11:51:05","http://kids-education-support.com/XzlOlfNSSF/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/104105/"
@@ -9482,7 +9849,6 @@
 "104055","2019-01-16 09:01:42","http://hidrofire.greenstudio.co/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104055/"
 "104054","2019-01-16 09:01:37","http://www.xn--d1albnc.xn--p1ai/Rechnung/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104054/"
 "104053","2019-01-16 09:01:33","http://novo.cotia.sp.gov.br/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104053/"
-"104052","2019-01-16 09:01:29","http://sendgrid2.oicgulf.ae/wf/click?upn=AMiKyXv2mtzIwFVrksErJZCerHghnhK0s0EymPuEHUt-2FWMSFCsopdgHSY9Fdl6-2BvSJ8deEFwcvGlqbVVSs05MVdl3zK4-2FJzq-2BorjXuCKZDQ-3D_OFleGUAja-2BCLQfdPhYxNPP81vIpfqp882xgI-2FmcKpe1fQ-2BU2nG9v-2BclGZKa-2FiQ1GeJG8MXbtq1iJfKkEe-2BmB3-2BpKoZPYDoUa0kssnInt-2BNRE8xxvkauygwavSUVzAyOddb7lMonUAXgiPmXaqcHvedUEqoAGSpK8yN6wbKgOaXGXocZ1-2Fv7mlJDJYnQmv04JMzj0KzFLKxa4WpTxq4G5C8FoLDB9IaAeZwVPuDN5Qx0-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104052/"
 "104051","2019-01-16 09:01:27","http://tunerg.com/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104051/"
 "104050","2019-01-16 09:01:23","http://regenerationcongo.com/Transaktion/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104050/"
 "104049","2019-01-16 09:01:21","http://zentera93.de/Transaktion/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104049/"
@@ -9492,7 +9858,6 @@
 "104045","2019-01-16 09:00:42","http://www.rossiodontologia.com.br/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104045/"
 "104044","2019-01-16 09:00:21","http://mywebnerd.com/Rechnungen/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104044/"
 "104043","2019-01-16 09:00:17","http://www.reparaties-ipad.nl/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104043/"
-"104042","2019-01-16 09:00:15","https://linkprotect.cudasvc.com/url?a=http://www.lagis.com.tw/ktPF-Fc8Pm_heXXiUK-HWE/Clients_Messages/012019&c=E1i65uF2KqLJNDm8HAElIklq0Ipvats29X7_ZplT3FTcWT7nmPwLNMyLWknhRH6r2cdw92sRjLZxpygJt37nor2tLVqPfRHWfnnl4fqGtE4RM&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104042/"
 "104041","2019-01-16 09:00:13","http://zeelearn.co/Transaktion/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/104041/"
 "104040","2019-01-16 09:00:10","http://allinautomatic.allinautomatic.nl/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/104040/"
 "104039","2019-01-16 08:53:27","http://www.michiganmastereltiempo.com/wp-content/themes/bizworx/images/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/104039/"
@@ -9535,7 +9900,7 @@
 "104002","2019-01-16 07:05:19","http://www.sp11dzm.ru/XhDjpb_0sihee1v_uALFk2/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/104002/"
 "104001","2019-01-16 07:05:15","http://igloo-formation.fr/tSlCBpPP_ywVhz7_wqMR/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/104001/"
 "104000","2019-01-16 07:05:13","http://aramanfood.com/wnfYAsyS_Mslz/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/104000/"
-"103999","2019-01-16 07:05:09","http://otohondavungtau.com/vzZMi_cPjZ/","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/103999/"
+"103999","2019-01-16 07:05:09","http://otohondavungtau.com/vzZMi_cPjZ/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/103999/"
 "103998","2019-01-16 07:05:04","http://qwatmos.com/2Bc_1AhP6FKBd/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/103998/"
 "103997","2019-01-16 06:51:19","http://kamdhenu.technoexam.com/VAjLO-ptA9c_OBHskw-Wz/INV/0546376FORPO/0793060258/EN_en/Sales-Invoice/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/103997/"
 "103996","2019-01-16 06:51:14","http://en.dejpodsanatsazeh.co.ir/NfpF-1WT_UeyoEN-pS/EXT/PaymentStatus/EN_en/Invoices-Overdue/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/103996/"
@@ -9583,7 +9948,7 @@
 "103952","2019-01-16 05:15:21","http://www.taizer.ru/mVfO-vOZQ_xWzJEbZ-rr/ACH/PaymentAdvice/US/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103952/"
 "103951","2019-01-16 05:15:20","http://www.somerset.com.ar/wp-content/uploads/rwfHa-qjoL_jiYLYXfo-Pv/INV/3765841FORPO/8505566790/EN_en/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103951/"
 "103950","2019-01-16 05:15:17","http://www.solusiobatherbal.com/De/LTCYKBNJE5969176/Rechnungs-Details/Rechnungsanschrift/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103950/"
-"103949","2019-01-16 05:15:15","http://www.soloftp.com/HDIFV-71Q_qV-YR/I352/invoicing/US_us/Service-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103949/"
+"103949","2019-01-16 05:15:15","http://www.soloftp.com/HDIFV-71Q_qV-YR/I352/invoicing/US_us/Service-Invoice/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103949/"
 "103948","2019-01-16 05:15:14","http://www.seslibiri.com/ujTD-spb15_yKXq-tc/INVOICE/6943/OVERPAYMENT/En/Invoice-79269863-January/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103948/"
 "103947","2019-01-16 05:15:06","http://www.mother-earth.net/SlHp-fmGN_mRr-xC/INV/084073FORPO/57754571425/US/Document-needed/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103947/"
 "103946","2019-01-16 05:15:03","http://www.ip-tes.com/Dmyh-mMBJE_NVtzfbHtL-7N/455929/SurveyQuestionsUS/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103946/"
@@ -9613,7 +9978,7 @@
 "103922","2019-01-16 05:13:38","http://privatetoursriodejaneiro.com/rIZMn-hhvu_x-z7/PaymentStatus/US_us/Open-invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103922/"
 "103921","2019-01-16 05:13:36","http://phelieuasia.com/iUWD-AY_EIfZ-afg/Inv/35896259620/US_us/Invoice-Number-448033/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103921/"
 "103920","2019-01-16 05:13:33","http://pcengine.ru/zVpXy-rxw_TcJA-1F/Z913/invoicing/US/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103920/"
-"103919","2019-01-16 05:13:32","http://ontamada.ru/Januar2019/KGFJIA2987254/Dokumente/Rechnungsanschrift/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103919/"
+"103919","2019-01-16 05:13:32","http://ontamada.ru/Januar2019/KGFJIA2987254/Dokumente/Rechnungsanschrift/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103919/"
 "103918","2019-01-16 05:13:31","http://ng-tech.ru/xVhG-gt7a_LB-E8/Invoice/619377086/US/Question/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103918/"
 "103917","2019-01-16 05:13:30","http://mydrive.theartwall.co.uk/njpNI-tbpFx_yzeHiewbh-3Yf/INVOICE/48481/OVERPAYMENT/EN_en/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/103917/"
 "103916","2019-01-16 05:13:28","http://monrottweiler.fr/hcMwq-8qZzz_MItp-YG/Southwire/UTD940213930/US_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103916/"
@@ -9736,7 +10101,6 @@
 "103799","2019-01-15 22:06:33","http://francoisebon.fr/Clients_information/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103799/"
 "103798","2019-01-15 22:06:32","http://rokiatraore.net/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103798/"
 "103797","2019-01-15 22:06:31","http://infocentertour.ru/Attachments/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103797/"
-"103796","2019-01-15 22:06:29","http://sendgrid2.oicgulf.ae/wf/click?upn=AMiKyXv2mtzIwFVrksErJZApnkk6vlvRRpOQI1c51nlrrlY6WJSZS60cFgkcQw6fMr68kZNTD9HiezykenFkJA-3D-3D_nUnntfLuT5qGdCtkT8bDGMjiFtvrH5Kc2vFiJApR5BDi-2Bd4QeTnwJ2JYPTxhq-2BZuGNtYMut-2FQWB8JZuE-2F6jwKZve4HnV6ZKPDcbTkGymR2L5DJb1946NNEAURjwNPmdM1MOehQi5gGyaewIkLHubydrR8nk71gTdMinmrTRKbmErhv2UGbXkG0Hkl-2FSdHL6-2FWk-2FlllXew6ZQWtWWtvmFBQ-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/103796/"
 "103795","2019-01-15 22:06:28","http://shopping24horas.com.br/Information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103795/"
 "103794","2019-01-15 22:06:26","http://sitesbrgiga.com.br/Attachments/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103794/"
 "103793","2019-01-15 22:06:23","http://pharmaesourcing.technoexam.com/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103793/"
@@ -9760,7 +10124,7 @@
 "103775","2019-01-15 21:01:13","http://www.lifestyleassociates.com/De/QCIDKGTTWS3129914/Scan/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103775/"
 "103774","2019-01-15 21:01:10","http://www.zigoro.ru/OMJGVMBP9253958/Scan/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103774/"
 "103773","2019-01-15 21:01:06","http://www.rosimpex.net/OQURYVU5178922/Rechnungs/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103773/"
-"103772","2019-01-15 21:01:04","http://soloftp.com/HDIFV-71Q_qV-YR/I352/invoicing/US_us/Service-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103772/"
+"103772","2019-01-15 21:01:04","http://soloftp.com/HDIFV-71Q_qV-YR/I352/invoicing/US_us/Service-Invoice/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103772/"
 "103771","2019-01-15 21:01:01","http://stacknheap.com/De/ARBAMVDKL5913152/Rechnung/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103771/"
 "103770","2019-01-15 21:00:58","http://inomoto.vn/PPisD-F3MN_I-8KT/Southwire/QSX6674068692/US_us/Document-needed/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103770/"
 "103769","2019-01-15 21:00:53","http://www.1348photo.com/LERESUZ7074814/Dokumente/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103769/"
@@ -9790,7 +10154,6 @@
 "103745","2019-01-15 20:48:55","http://veenhuis.ru/X4h2lgtb6t/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103745/"
 "103744","2019-01-15 20:48:53","http://www.ermaproduction.com/wp-content/Clients/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103744/"
 "103742","2019-01-15 20:48:51","http://mataukitaip.ekovalstybe.lt/Documents/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103742/"
-"103743","2019-01-15 20:48:51","http://sendgrid2.oicgulf.ae/wf/click?upn=cd32EPmub8FCGafASmf8Ow1hh1evEaG7UjZ7LfmTySN-2By8MVpoO30locFFTIHFzQ91ztVFP5l5SFYR-2B9yw9b5w-3D-3D_Gj-2Bg1rSC8OckvxTuaO5liXQzc1tFWkKwXtsOcXY3ViKprGPEiZV8C1wrX3bCjePcZCONOge5-2BCj4IZalIkBlajD-2FaTlj5Tu3MktFg6QzqezGuP1HnP-2F2hPqAaOnedxN4o59WdI2yvaSu4jHueEBwg-2BdWPKQqegZUb3eOfNxFvn4cpVrXCU1XQuipYw68v5SPe832cgzzGJZj-2BQCKY0EGxmXtNSxwcBtUp2KTI3jfjZk-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/103743/"
 "103741","2019-01-15 20:48:49","http://vakilehamrah.ir/Information/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/103741/"
 "103740","2019-01-15 20:48:23","http://donidonggiay.net/Transaction_details/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103740/"
 "103739","2019-01-15 20:48:21","http://scullytrucking.digitalmindtec.com/Attachments/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103739/"
@@ -9798,9 +10161,7 @@
 "103737","2019-01-15 20:48:14","http://valleyciaabogados.cl/Transactions/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103737/"
 "103736","2019-01-15 20:48:10","http://ciblage-spain.es/Transactions/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103736/"
 "103734","2019-01-15 20:48:08","http://guiavestindoabeca.com.br/Documents/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103734/"
-"103735","2019-01-15 20:48:08","http://sendgrid2.oicgulf.ae/wf/click?upn=gbMZY9-2FyUeLO8sbLnThslnXASA3TjEnejnTcT09Z-2B7o05NTEPJoV9NtTHDFGftmLd-2BAauBmfOOR3xzp1QZhCMg-3D-3D_cnBBvye119SQwWyIMEaVVGKjg0JEyqe3O-2Bnt2mI6C2JDoPs1D6jU9jt9p1JlNGEcPxt-2FXcc1H-2BWjC9Sc7qkfurPZaap1HLyNrU4lurmy32TQDCWp1DMKfaV-2FuqDbes05phINZ2U00HVMPyf3H2EaGkoFHzQB-2BGreNmTq6pR0zNXJnlqDMO5AkPKC8OJRaXlpLjYaGyOu41m-2FOCvHiSYMBA-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/103735/"
 "103733","2019-01-15 20:48:04","http://helkar.pl/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103733/"
-"103732","2019-01-15 20:48:02","http://sendgrid2.oicgulf.ae/wf/click?upn=PQyP-2FMOSEXgJjvtLHzN126gdRmbeISsKuuD2uuGHnHzV-2FP7w2-2BxNWeL18DgaZVMw9qn9j6rKd-2BbgDLE0Mw-2BiSA-3D-3D_hUdPjQ3E6K6n2DfbXbqz3zFAJxhh-2ForUlIoE1aK6syMEqsuPtlN-2FDsY8fFkp-2FOVtY3Jmdud8nTzyalBT0VyQoGl3tz5yfhJWhGznZw7oUsh-2FmiFpLCtPF7njIXKt-2B1CvqUEojXoWoOpZBZHq4kyMBJp8xTJJ5Ajde37VLpwebYZ9hop9ej6DYKFVFPFOJgFyktGJkwrANkzOux0KjH-2BfRwEY1d4XrKkeWdo4UlOfvu0-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/103732/"
 "103731","2019-01-15 20:30:03","http://timestampaholic.iniqua.com/KNoV-6T6Pf_OUJ-Ov/150506/SurveyQuestionsEn_us/Paid-Invoice-Credit-Card-Receipt/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/103731/"
 "103730","2019-01-15 20:20:07","http://aseman-co.com/4imBAvzS","offline","malware_download","None","https://urlhaus.abuse.ch/url/103730/"
 "103729","2019-01-15 20:20:06","http://veenhuis.ru/X4h2lgtb6t","offline","malware_download","None","https://urlhaus.abuse.ch/url/103729/"
@@ -9845,7 +10206,6 @@
 "103685","2019-01-15 17:35:03","http://www.al-bay.com/JbDEG76/","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/103685/"
 "103684","2019-01-15 17:30:56","http://azfilmizle1.azermedia.az/Payment_details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103684/"
 "103683","2019-01-15 17:30:53","http://business-blueprint.top-startups.com/Information/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103683/"
-"103682","2019-01-15 17:30:51","http://sendgrid2.oicgulf.ae/wf/click?upn=VD95ITBgtKnZfMM-2Fzam2bPMP07SpnY-2BCraSx-2Fxsr1uQ8PGWLXxGuyEdk-2FvkeFuGlABvOgLxZpAokfK5-2BwvZSMw-3D-3D_cb3VcAQIyaDU7MBbUgnDp5P-2BfOxQ5q5-2BLi-2BOfkrik5YFwm37YIp6KDwDCikIrdccArWSP8FYr8SwfFxqD4XMJBytwswNfLmwDzLFm7OBwX0r3QlX4SrL9PLyFJ0Jb0QMrUaYpTBIBv3DFHW8MnnoMG-2BM89boSio2w1UniHmhEH-2F3m1XbfJZ-2Fu917bLkaQKoE-2FzWDO4orMaFLB7kWTHaFdxobFhIXtvovw79JrHX8QvA-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/103682/"
 "103681","2019-01-15 17:30:50","http://sophrologie-untempspourmoi.fr/Payment_details/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103681/"
 "103680","2019-01-15 17:30:48","http://predator-security.ro/Clients_transactions/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103680/"
 "103679","2019-01-15 17:30:47","http://mr-digitalmarketing.com/Transactions/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103679/"
@@ -9860,7 +10220,6 @@
 "103670","2019-01-15 17:30:14","http://wp.corelooknung.com/Documents/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103670/"
 "103669","2019-01-15 17:30:12","http://www.rokiatraore.net/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103669/"
 "103668","2019-01-15 17:30:11","http://mingroups.vn/Transactions/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103668/"
-"103667","2019-01-15 17:30:05","https://linkprotect.cudasvc.com/url?a=http://www.lagis.com.tw/ktPF-Fc8Pm_heXXiUK-HWE/Clients_Messages/012019&c=E,1,i65uF2KqLJNDm8HAElIklq0Ipvats29X7_ZplT3FTcWT7nmPwLNMyLWknhRH6r2cdw92sRjLZxpygJt37nor2tLVqPfRHWfnnl4fqGtE4RM,&typo=1/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/103667/"
 "103666","2019-01-15 17:30:04","http://seitenstreifen.ch/Attachments/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103666/"
 "103665","2019-01-15 17:30:03","http://dirc-madagascar.ru/Transaction_details/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103665/"
 "103664","2019-01-15 17:10:05","http://107.173.104.150/dumper.ata","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/103664/"
@@ -9916,7 +10275,7 @@
 "103614","2019-01-15 14:51:11","http://15ih.com/Payment_details/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103614/"
 "103613","2019-01-15 14:45:04","http://mrtechpr.com/wp-includes/4.exe","offline","malware_download","exe,Pony,fareit","https://urlhaus.abuse.ch/url/103613/"
 "103612","2019-01-15 14:44:03","http://le-sancerrois.com/wp-content/languages/plugins/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/103612/"
-"103611","2019-01-15 14:43:10","http://sudaninsured.com/exses.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/103611/"
+"103611","2019-01-15 14:43:10","http://sudaninsured.com/exses.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103611/"
 "103610","2019-01-15 14:35:04","http://www.hopeintlschool.org/ebIV1do","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/103610/"
 "103609","2019-01-15 14:34:05","http://www.tenmiengiarenhat.com/bIfcRi8Kc","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/103609/"
 "103608","2019-01-15 14:34:02","http://www.niteshagrico.com/z7ISltpB","offline","malware_download","emotet, exe, epoch1","https://urlhaus.abuse.ch/url/103608/"
@@ -10007,7 +10366,7 @@
 "103523","2019-01-15 12:37:31","http://www.crossboexim.com/DE_de/WTVYIL4033832/GER/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103523/"
 "103522","2019-01-15 12:37:26","http://www.productvideohut.com/Januar2019/GJEGGQZ5087232/de/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103522/"
 "103521","2019-01-15 12:37:22","http://www.chervinsky.ru/WSIBMHJNF2141241/Scan/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103521/"
-"103520","2019-01-15 12:37:19","http://www.ontamada.ru/Januar2019/KGFJIA2987254/Dokumente/Rechnungsanschrift/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103520/"
+"103520","2019-01-15 12:37:19","http://www.ontamada.ru/Januar2019/KGFJIA2987254/Dokumente/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103520/"
 "103519","2019-01-15 12:37:17","http://resbrokers.com/DE/CTHAAUHNH6233541/Rechnungs/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103519/"
 "103518","2019-01-15 12:37:15","http://www.picfactory.ro/Januar2019/QOEGQOUT6449129/Rech/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103518/"
 "103517","2019-01-15 12:37:13","http://www.zasadulin.ru/De_de/LLUYMBGNKZ2723237/de/Rechnungszahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103517/"
@@ -10279,7 +10638,7 @@
 "103251","2019-01-14 22:53:07","http://wangzhankong.com/Transactions/012019","offline","malware_download","doc","https://urlhaus.abuse.ch/url/103251/"
 "103250","2019-01-14 22:53:05","http://www.es.lv/Documents/012019","offline","malware_download","doc","https://urlhaus.abuse.ch/url/103250/"
 "103249","2019-01-14 22:28:09","http://dianaverbeek.com/Details/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103249/"
-"103248","2019-01-14 22:28:08","http://lanhodiepuytin.com/Information/2019-01/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103248/"
+"103248","2019-01-14 22:28:08","http://lanhodiepuytin.com/Information/2019-01/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103248/"
 "103247","2019-01-14 22:28:05","http://wangzhankong.com/Transactions/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103247/"
 "103246","2019-01-14 22:28:02","http://www.master-01.ru/Transaction_details/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103246/"
 "103245","2019-01-14 21:28:02","http://imunnologiya.ru/Clients_information/012019/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/103245/"
@@ -10743,9 +11102,9 @@
 "102778","2019-01-13 20:09:05","http://christolandcompany.com/nil/simple.exe","offline","malware_download","remcos","https://urlhaus.abuse.ch/url/102778/"
 "102777","2019-01-13 16:01:03","https://pasteboard.co/images/HWfviIm.jpg/download","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102777/"
 "102776","2019-01-13 10:02:12","https://cdn-09.anonfile.com/tcKan5q1b0/b40e7a47-1547373788/MSProcess.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102776/"
-"102775","2019-01-13 09:59:02","http://151.80.8.17/test.exe","online","malware_download","exe,QuasarRAT","https://urlhaus.abuse.ch/url/102775/"
-"102774","2019-01-13 09:27:03","http://151.80.8.17/vb.exe","online","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/102774/"
-"102773","2019-01-13 09:26:05","http://151.80.8.17/vbc.exe","online","malware_download","LimeRAT,rat,exe,HawkEye,RemcosRAT","https://urlhaus.abuse.ch/url/102773/"
+"102775","2019-01-13 09:59:02","http://151.80.8.17/test.exe","offline","malware_download","exe,QuasarRAT","https://urlhaus.abuse.ch/url/102775/"
+"102774","2019-01-13 09:27:03","http://151.80.8.17/vb.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/102774/"
+"102773","2019-01-13 09:26:05","http://151.80.8.17/vbc.exe","offline","malware_download","LimeRAT,rat,exe,HawkEye,RemcosRAT","https://urlhaus.abuse.ch/url/102773/"
 "102772","2019-01-13 09:12:02","http://163.172.151.205/shark.exe","online","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/102772/"
 "102771","2019-01-13 08:43:29","http://companyincv.ntdll.top/orderlist.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/102771/"
 "102770","2019-01-13 08:43:09","http://webserv-redir.net/includes/b7199e61/-1/5272/fdbfcfc1/final","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102770/"
@@ -10952,12 +11311,12 @@
 "102568","2019-01-11 21:13:03","http://oebuplo.000webhostapp.com/uploads/logger123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102568/"
 "102566","2019-01-11 21:11:02","http://oebuplo.000webhostapp.com/uploads/file1z.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/102566/"
 "102565","2019-01-11 21:10:06","http://oebuplo.000webhostapp.com/uploads/btcone.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102565/"
-"102564","2019-01-11 20:26:07","http://down.soft.6789.net/packet/Kankan_Latest.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102564/"
-"102563","2019-01-11 20:24:17","https://down.soft.6789.net/channel/Zip/6789Zip_121.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102563/"
-"102562","2019-01-11 20:24:10","http://down.soft.6789.net/channel/Zip/6789Zip_125.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102562/"
-"102561","2019-01-11 20:21:09","https://down.soft.6789.net/channel/Zip/6789Zip_126.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102561/"
+"102564","2019-01-11 20:26:07","http://down.soft.6789.net/packet/Kankan_Latest.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102564/"
+"102563","2019-01-11 20:24:17","https://down.soft.6789.net/channel/Zip/6789Zip_121.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102563/"
+"102562","2019-01-11 20:24:10","http://down.soft.6789.net/channel/Zip/6789Zip_125.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102562/"
+"102561","2019-01-11 20:21:09","https://down.soft.6789.net/channel/Zip/6789Zip_126.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102561/"
 "102560","2019-01-11 20:19:24","http://puffsncakes.com/wp-content/themes/pridmag/Application_cancellation_request_form.doc","offline","malware_download","doc,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/102560/"
-"102559","2019-01-11 20:19:23","http://down.soft.6789.net/channel/News/6789News_49.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102559/"
+"102559","2019-01-11 20:19:23","http://down.soft.6789.net/channel/News/6789News_49.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102559/"
 "102558","2019-01-11 20:12:08","http://img.martatovaglieri.com/index?10956","online","malware_download","exe,gootkit,Ransomware.GandCrab,andromeda","https://urlhaus.abuse.ch/url/102558/"
 "102557","2019-01-11 20:12:07","http://morgem.ru/xxx/39.exe","offline","malware_download","exe,rat","https://urlhaus.abuse.ch/url/102557/"
 "102555","2019-01-11 20:12:04","http://morgem.ru/xxx/2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102555/"
@@ -10971,7 +11330,7 @@
 "102548","2019-01-11 19:24:10","http://download.doumaibiji.cn/doumai/tips/v1.0.1.11/tips_01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102548/"
 "102547","2019-01-11 19:09:12","http://cuptiserse.com/tq.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102547/"
 "102546","2019-01-11 19:09:11","http://e-transferonline.com/dir/doc-copy.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/102546/"
-"102545","2019-01-11 19:09:09","http://download.doumaibiji.cn/doumai/fmt/v1.0.1.11/fmt_01.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102545/"
+"102545","2019-01-11 19:09:09","http://download.doumaibiji.cn/doumai/fmt/v1.0.1.11/fmt_01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102545/"
 "102544","2019-01-11 17:05:06","http://198.12.71.3/largo.vin","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/102544/"
 "102543","2019-01-11 17:05:04","http://107.172.129.213/largo.vin","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/102543/"
 "102542","2019-01-11 17:04:07","http://198.12.71.3/knot2.php","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102542/"
@@ -11373,7 +11732,7 @@
 "102146","2019-01-09 15:27:46","http://airsnd.xyz/zeya.exe","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/102146/"
 "102145","2019-01-09 15:23:11","http://jpatela.pt/TurkishAirline.exe","offline","malware_download","exe,HawkEye,keylogger","https://urlhaus.abuse.ch/url/102145/"
 "102144","2019-01-09 15:23:07","http://slpsrgpsrhojifdij.ru/krablin.exe?SZLIp","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/102144/"
-"102143","2019-01-09 15:23:05","http://usmantea.com/html/images/jsjd.jpg","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/102143/"
+"102143","2019-01-09 15:23:05","http://usmantea.com/html/images/jsjd.jpg","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/102143/"
 "102142","2019-01-09 15:23:04","http://gulfexpresshome.co/admin/petit111.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/102142/"
 "102141","2019-01-09 15:16:11","http://gulfexpresshome.co/css/ablegod111.exe","offline","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/102141/"
 "102140","2019-01-09 15:16:04","http://auto-klad.ru/wp-includes/Requests/css/heny.msi","offline","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/102140/"
@@ -11388,12 +11747,12 @@
 "102131","2019-01-09 14:20:06","http://teensexmovies43.tk/file.exe","offline","malware_download","Smokebot","https://urlhaus.abuse.ch/url/102131/"
 "102130","2019-01-09 14:10:03","http://pdf-archive.press/f.exe","offline","malware_download","DanaBot","https://urlhaus.abuse.ch/url/102130/"
 "102129","2019-01-09 12:55:03","https://uc195648194d423fda67cecf90ea.dl.dropboxusercontent.com/cd/0/get/AZEhSq3G7inI7i4UJjaFw8lGo7SXI-qFEbyOuEAPqNq1jibLwiYFIYNCppTihOLkktjtzEDwdXHN9TE4axLT9zp-Oyj5GmrBYKgn4jFKzpx-gyA80toVnTPBzDkfM-WGWc9AVpRcH3SFsTf3yI0DR1qK35RQIB1yhBIxB2FveB74PIDxnrL5eGtplYW12rdY8K4/file?dl=1","offline","malware_download","zip,Fuerboos","https://urlhaus.abuse.ch/url/102129/"
-"102128","2019-01-09 12:42:03","http://oganiru.in/taken2.exe","online","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/102128/"
-"102127","2019-01-09 12:38:02","http://oganiru.in/taken1.exe","online","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/102127/"
+"102128","2019-01-09 12:42:03","http://oganiru.in/taken2.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/102128/"
+"102127","2019-01-09 12:38:02","http://oganiru.in/taken1.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/102127/"
 "102126","2019-01-09 11:59:04","https://djleoms.com/jenqtgIyHB_newaso.vbs","offline","malware_download","vbs,Valyria","https://urlhaus.abuse.ch/url/102126/"
 "102125","2019-01-09 11:56:06","https://doc-0k-8s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/tul6513uljpb1egihks8o88iua9rjtv4/1547028000000/07335649321361492730/*/130kjGeomMe5vhaHfbrXyFb0g9mV5vExN?e=download","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102125/"
 "102124","2019-01-09 11:56:03","http://suporteatendimentorh.com/IMG","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102124/"
-"102123","2019-01-09 11:56:02","http://oganiru.in/taken3.exe","online","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/102123/"
+"102123","2019-01-09 11:56:02","http://oganiru.in/taken3.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/102123/"
 "102122","2019-01-09 11:44:07","https://aspireautosales.com/messages/paterson.eml","offline","malware_download","Gozi,AUS,exe","https://urlhaus.abuse.ch/url/102122/"
 "102121","2019-01-09 11:44:06","https://smarteraccounts365-my.sharepoint.com/:u:/g/personal/silja_smarteraccounts_com_au/EV0wUJ1gyqJNlzgL8MD-8BIBlxXPPQVYHVcGjzbIwG80cg?e=DZfbef&download=1","online","malware_download","zipped-VBS,Gozi,AUS","https://urlhaus.abuse.ch/url/102121/"
 "102120","2019-01-09 11:23:05","http://victimservicesquinte.com/2000.exe","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/102120/"
@@ -11447,7 +11806,7 @@
 "102072","2019-01-08 22:37:04","https://doc-0o-8s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/srihiu23tf7072quthb60pqvar7ig1mm/1546984800000/07335649321361492730/*/1RuqxRG33ctyYvknAmkQZNNNTu05l-5ha?e=download","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102072/"
 "102071","2019-01-08 21:03:07","http://173.27.128.198:20278/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/102071/"
 "102070","2019-01-08 20:19:06","https://top5roachkillers.com/Alg.jpg","online","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/102070/"
-"102069","2019-01-08 20:19:03","https://top5roachkillers.com/svchost.jpg","online","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/102069/"
+"102069","2019-01-08 20:19:03","https://top5roachkillers.com/svchost.jpg","offline","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/102069/"
 "102068","2019-01-08 20:11:05","https://doc-0o-8s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/av6796esbdujr5hsbb807bl9f33fisvr/1546970400000/07335649321361492730/*/1RuqxRG33ctyYvknAmkQZNNNTu05l-5ha?e=download","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102068/"
 "102067","2019-01-08 19:42:04","https://top5roachkillers.com/svchosts.jpg","online","malware_download","exe,rat,NetWire","https://urlhaus.abuse.ch/url/102067/"
 "102066","2019-01-08 19:38:02","http://207.180.228.197/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102066/"
@@ -11478,7 +11837,7 @@
 "102041","2019-01-08 16:18:04","http://80.184.103.175:49302/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/102041/"
 "102040","2019-01-08 15:53:11","http://d1exe.com/F5JQkjiRp1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102040/"
 "102039","2019-01-08 15:53:10","http://d1exe.com/rMAB4t9sgo.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/102039/"
-"102038","2019-01-08 14:43:07","http://49.159.8.123:7166/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/102038/"
+"102038","2019-01-08 14:43:07","http://49.159.8.123:7166/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/102038/"
 "102037","2019-01-08 13:17:09","http://newoffices.xyz/revisedInvoice.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/102037/"
 "102036","2019-01-08 12:25:05","https://www.dropbox.com/s/ytpxmdp3xz5vc8l/ORDER.zip?dl=1","offline","malware_download","zipped-JS,NanoCore,rat","https://urlhaus.abuse.ch/url/102036/"
 "102035","2019-01-08 12:24:05","http://delitrad.tk/a/SPC-ORDER.zip","offline","malware_download","Ave Maria,rat,zipped-exe","https://urlhaus.abuse.ch/url/102035/"
@@ -11557,18 +11916,18 @@
 "101962","2019-01-07 20:09:03","http://loveisyou.sytes.net/uploads/modules/rofl.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101962/"
 "101961","2019-01-07 20:05:02","http://167.99.224.50/bins/kalon.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/101961/"
 "101960","2019-01-07 19:45:05","http://78.142.29.110/b.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/101960/"
-"101959","2019-01-07 19:07:03","http://185.244.25.174/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101959/"
+"101959","2019-01-07 19:07:03","http://185.244.25.174/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101959/"
 "101958","2019-01-07 19:05:04","http://18.236.135.84/u.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101958/"
 "101957","2019-01-07 19:05:02","http://78.142.29.110/u.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/101957/"
-"101955","2019-01-07 18:59:03","http://185.244.25.174/bins/hoho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101955/"
-"101956","2019-01-07 18:59:03","http://185.244.25.174/bins/hoho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101956/"
-"101954","2019-01-07 18:59:02","http://185.244.25.174/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101954/"
-"101953","2019-01-07 18:58:04","http://185.244.25.174/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101953/"
-"101952","2019-01-07 18:58:03","http://185.244.25.174/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101952/"
-"101950","2019-01-07 18:58:02","http://185.244.25.174/bins/hoho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101950/"
-"101951","2019-01-07 18:58:02","http://185.244.25.174/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101951/"
-"101948","2019-01-07 18:57:02","http://185.244.25.174/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101948/"
-"101949","2019-01-07 18:57:02","http://185.244.25.174/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101949/"
+"101955","2019-01-07 18:59:03","http://185.244.25.174/bins/hoho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101955/"
+"101956","2019-01-07 18:59:03","http://185.244.25.174/bins/hoho.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101956/"
+"101954","2019-01-07 18:59:02","http://185.244.25.174/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101954/"
+"101953","2019-01-07 18:58:04","http://185.244.25.174/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101953/"
+"101952","2019-01-07 18:58:03","http://185.244.25.174/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101952/"
+"101950","2019-01-07 18:58:02","http://185.244.25.174/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101950/"
+"101951","2019-01-07 18:58:02","http://185.244.25.174/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101951/"
+"101948","2019-01-07 18:57:02","http://185.244.25.174/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101948/"
+"101949","2019-01-07 18:57:02","http://185.244.25.174/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101949/"
 "101947","2019-01-07 18:11:03","http://mcjm.me/endy/endy.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/101947/"
 "101946","2019-01-07 18:06:12","http://docsharefile.com/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101946/"
 "101945","2019-01-07 18:06:03","http://docsharefile.com/mshta.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101945/"
@@ -11831,13 +12190,13 @@
 "101687","2019-01-06 01:42:03","http://185.244.25.174/bunny.x86","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/101687/"
 "101686","2019-01-06 01:42:02","http://185.244.25.174/bunny.m68k","offline","malware_download","elf,gafgyt,bashlite","https://urlhaus.abuse.ch/url/101686/"
 "101685","2019-01-06 00:55:23","http://updater.inomiu.com/ttghanbot/zlib.dll","online","malware_download","exe","https://urlhaus.abuse.ch/url/101685/"
-"101684","2019-01-05 21:05:02","http://d.top4top.net/p_400rnftr1.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/101684/"
-"101683","2019-01-05 21:02:02","http://d.top4top.net/p_688pugcd1.jpg","online","malware_download","exe,Xtrat","https://urlhaus.abuse.ch/url/101683/"
-"101682","2019-01-05 21:00:06","http://d.top4top.net/p_984d34xx1.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/101682/"
-"101681","2019-01-05 21:00:04","http://d.top4top.net/p_1034b2rqm1.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/101681/"
-"101680","2019-01-05 21:00:03","http://d.top4top.net/p_406nxh4v1.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/101680/"
-"101679","2019-01-05 20:55:02","https://d.top4top.net/p_109287k4u1.jpg","online","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/101679/"
-"101678","2019-01-05 20:19:03","https://d.top4top.net/p_8992kts01.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/101678/"
+"101684","2019-01-05 21:05:02","http://d.top4top.net/p_400rnftr1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101684/"
+"101683","2019-01-05 21:02:02","http://d.top4top.net/p_688pugcd1.jpg","offline","malware_download","exe,Xtrat","https://urlhaus.abuse.ch/url/101683/"
+"101682","2019-01-05 21:00:06","http://d.top4top.net/p_984d34xx1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101682/"
+"101681","2019-01-05 21:00:04","http://d.top4top.net/p_1034b2rqm1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101681/"
+"101680","2019-01-05 21:00:03","http://d.top4top.net/p_406nxh4v1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101680/"
+"101679","2019-01-05 20:55:02","https://d.top4top.net/p_109287k4u1.jpg","offline","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/101679/"
+"101678","2019-01-05 20:19:03","https://d.top4top.net/p_8992kts01.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101678/"
 "101677","2019-01-05 17:05:07","http://46.101.60.55/bins/301.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101677/"
 "101676","2019-01-05 17:05:06","http://46.101.60.55/bins/301.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101676/"
 "101675","2019-01-05 17:05:04","http://46.101.60.55/bins/301.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101675/"
@@ -12005,19 +12364,19 @@
 "101511","2019-01-04 14:21:07","https://bitbucket.org/friend1010/friend/downloads/bin.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/101511/"
 "101510","2019-01-04 14:21:05","https://bitbucket.org/friend1010/friend/downloads/phemida_bin.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/101510/"
 "101509","2019-01-04 14:00:11","https://cdn.discordapp.com/attachments/529465302472458253/530493472072007691/not_a_rat.exe","online","malware_download","exe,rat,njRAT","https://urlhaus.abuse.ch/url/101509/"
-"101508","2019-01-04 14:00:10","http://stomnsco.com/cgi/s/olhxts.msi","offline","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101508/"
-"101507","2019-01-04 14:00:08","http://stomnsco.com/cgi/s/updating.doc","offline","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101507/"
-"101506","2019-01-04 14:00:07","http://stomnsco.com/cgi/l/updating.doc","offline","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101506/"
-"101505","2019-01-04 14:00:04","http://stomnsco.com/cgi/l/avrvmp.msi","offline","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101505/"
-"101504","2019-01-04 13:50:12","http://stomnsco.com/cgi/updating.doc","offline","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101504/"
-"101503","2019-01-04 13:50:10","http://stomnsco.com/cgi/update.doc","offline","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101503/"
-"101502","2019-01-04 13:50:09","http://stomnsco.com/cgi/ufclxu.msi","offline","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101502/"
-"101501","2019-01-04 13:50:06","http://stomnsco.com/cgi/tesver.msi","offline","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101501/"
+"101508","2019-01-04 14:00:10","http://stomnsco.com/cgi/s/olhxts.msi","online","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101508/"
+"101507","2019-01-04 14:00:08","http://stomnsco.com/cgi/s/updating.doc","online","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101507/"
+"101506","2019-01-04 14:00:07","http://stomnsco.com/cgi/l/updating.doc","online","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101506/"
+"101505","2019-01-04 14:00:04","http://stomnsco.com/cgi/l/avrvmp.msi","online","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101505/"
+"101504","2019-01-04 13:50:12","http://stomnsco.com/cgi/updating.doc","online","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101504/"
+"101503","2019-01-04 13:50:10","http://stomnsco.com/cgi/update.doc","online","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101503/"
+"101502","2019-01-04 13:50:09","http://stomnsco.com/cgi/ufclxu.msi","online","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101502/"
+"101501","2019-01-04 13:50:06","http://stomnsco.com/cgi/tesver.msi","online","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101501/"
 "101500","2019-01-04 13:50:05","https://cdn.discordapp.com/attachments/529465302472458253/530623531244060672/not_a_rat.exe","online","malware_download","exe,rat,njRAT","https://urlhaus.abuse.ch/url/101500/"
-"101499","2019-01-04 13:50:04","http://stomnsco.com/cgi/surb.msi","offline","malware_download","exe-to-msi,Formbook","https://urlhaus.abuse.ch/url/101499/"
-"101498","2019-01-04 13:47:10","http://stomnsco.com/cgi/surb.doc","offline","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101498/"
-"101497","2019-01-04 13:47:08","http://stomnsco.com/cgi/deja.doc","offline","malware_download","doc,Loader,Formbook","https://urlhaus.abuse.ch/url/101497/"
-"101496","2019-01-04 13:47:07","http://stomnsco.com/cgi/deja.msi","offline","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101496/"
+"101499","2019-01-04 13:50:04","http://stomnsco.com/cgi/surb.msi","online","malware_download","exe-to-msi,Formbook","https://urlhaus.abuse.ch/url/101499/"
+"101498","2019-01-04 13:47:10","http://stomnsco.com/cgi/surb.doc","online","malware_download","doc,Loader","https://urlhaus.abuse.ch/url/101498/"
+"101497","2019-01-04 13:47:08","http://stomnsco.com/cgi/deja.doc","online","malware_download","doc,Loader,Formbook","https://urlhaus.abuse.ch/url/101497/"
+"101496","2019-01-04 13:47:07","http://stomnsco.com/cgi/deja.msi","online","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/101496/"
 "101495","2019-01-04 13:31:08","http://googletime.ac.ug/3/_output7A67C50ar.exe","offline","malware_download","GandCrab,Ransomware,AZORult","https://urlhaus.abuse.ch/url/101495/"
 "101494","2019-01-04 13:24:02","http://update.drp.su/nps/online/bin/tools/run.hta","online","malware_download","None","https://urlhaus.abuse.ch/url/101494/"
 "101493","2019-01-04 13:18:19","http://inctelanganatelugu.in/wp-includes/_output6BF6FA0.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/101493/"
@@ -12579,7 +12938,7 @@
 "100934","2019-01-01 17:07:04","http://owwwc.com/mm/cpu64.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100934/"
 "100933","2019-01-01 17:06:15","http://p.owwwa.com/SQLAGENTSVW.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100933/"
 "100932","2019-01-01 17:06:11","http://p.owwwa.com/SQLAGENTSVM.exe","online","malware_download","exe,CoinMiner","https://urlhaus.abuse.ch/url/100932/"
-"100931","2019-01-01 17:06:07","http://p.owwwa.com/SQLAGENTSIW.exe","offline","malware_download","exe,CoinMiner","https://urlhaus.abuse.ch/url/100931/"
+"100931","2019-01-01 17:06:07","http://p.owwwa.com/SQLAGENTSIW.exe","online","malware_download","exe,CoinMiner","https://urlhaus.abuse.ch/url/100931/"
 "100930","2019-01-01 17:01:06","http://tantarantantan23.ru/31/_output14B2C50r.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/100930/"
 "100929","2019-01-01 17:01:05","http://tantarantantan23.ru/31/r2_Protected.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/100929/"
 "100928","2019-01-01 17:01:03","http://tantarantantan23.ru/31/bb_Protected.exe","offline","malware_download","exe,Neurevt","https://urlhaus.abuse.ch/url/100928/"
@@ -13151,7 +13510,7 @@
 "100361","2018-12-29 11:16:30","http://swifck.xmr.ac/wss.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100361/"
 "100360","2018-12-29 11:08:02","http://ransomwardian.com/downloads/cdrw3327dtf_RansomWardianSetup32b_W-XP_7-8-10_30122015.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100360/"
 "100359","2018-12-29 11:08:01","http://www.ransomwardian.com/downloads/cdrw3327dtf_RansomWardianSetup32b_W-XP_7-8-10_30122015.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100359/"
-"100358","2018-12-29 11:07:03","http://172.85.185.216:64289/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100358/"
+"100358","2018-12-29 11:07:03","http://172.85.185.216:64289/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/100358/"
 "100357","2018-12-29 10:58:02","http://www.ransomwardian.com/downloads/Txirrindulari_RansomWardianSetup32b_W-XP_7-8-10_30122015.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100357/"
 "100356","2018-12-29 10:56:02","http://www.ransomwardian.com/downloads/cdrw6497dtf_RansomWardianSetup32b_W-XP_7-8-10_30122015.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100356/"
 "100355","2018-12-29 10:43:02","http://ransomwardian.com/downloads/cdrw6497dtf_RansomWardianSetup64b_W-XP_7-8-10_30122015.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100355/"
@@ -13573,16 +13932,16 @@
 "99939","2018-12-26 19:32:02","https://mydocuments.cc/user/1d91926cf055e7ea832a686cfefd8862","offline","malware_download","Dridex,USA,geofenced,exe","https://urlhaus.abuse.ch/url/99939/"
 "99938","2018-12-26 19:30:02","http://192.227.204.214/hole1.php","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99938/"
 "99937","2018-12-26 19:20:07","https://flowmusicent.com/AS.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99937/"
-"99936","2018-12-26 18:44:30","http://88b.me/dlk/upg/bf.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/99936/"
-"99935","2018-12-26 18:44:10","http://88b.me/R/SURIA.arm5","online","malware_download","elf","https://urlhaus.abuse.ch/url/99935/"
-"99934","2018-12-26 18:44:08","http://88b.me/R/SURIA.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/99934/"
-"99933","2018-12-26 18:44:05","http://88b.me/R/SURIA.arm","online","malware_download","elf","https://urlhaus.abuse.ch/url/99933/"
+"99936","2018-12-26 18:44:30","http://88b.me/dlk/upg/bf.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99936/"
+"99935","2018-12-26 18:44:10","http://88b.me/R/SURIA.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99935/"
+"99934","2018-12-26 18:44:08","http://88b.me/R/SURIA.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99934/"
+"99933","2018-12-26 18:44:05","http://88b.me/R/SURIA.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99933/"
 "99932","2018-12-26 18:02:04","http://happy-new-year-messages.com/9752947574834977680","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99932/"
 "99931","2018-12-26 17:58:08","http://45.61.136.193/mi3307","online","malware_download","elf","https://urlhaus.abuse.ch/url/99931/"
 "99930","2018-12-26 17:46:26","http://jaxx.im/Jaxx.Liberty-setup-2.1.1.exe","offline","malware_download","exe,predator,predatorthethief,ptt,stealer","https://urlhaus.abuse.ch/url/99930/"
-"99929","2018-12-26 17:46:24","http://88b.me/nbt/bf.arm","online","malware_download","elf","https://urlhaus.abuse.ch/url/99929/"
-"99928","2018-12-26 17:46:20","http://88b.me/nbt/bf.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/99928/"
-"99927","2018-12-26 17:46:13","http://88b.me/nbt/bf.mipsel","online","malware_download","elf","https://urlhaus.abuse.ch/url/99927/"
+"99929","2018-12-26 17:46:24","http://88b.me/nbt/bf.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99929/"
+"99928","2018-12-26 17:46:20","http://88b.me/nbt/bf.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99928/"
+"99927","2018-12-26 17:46:13","http://88b.me/nbt/bf.mipsel","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99927/"
 "99926","2018-12-26 16:24:28","https://dl.dropboxusercontent.com/s/yoy0ort37uzmpm5/flashplayer_42.34_plugin.js?dl=1","offline","malware_download","js,SocGholish,js-GhoLoader","https://urlhaus.abuse.ch/url/99926/"
 "99925","2018-12-26 16:24:27","https://dl.dropboxusercontent.com/s/b71ah1vxabbjb02/flashplayer_42.44_plugin.js?dl=1","offline","malware_download","js,SocGholish,js-GhoLoader","https://urlhaus.abuse.ch/url/99925/"
 "99924","2018-12-26 16:24:26","https://dl.dropboxusercontent.com/s/wx1yxigil7vjh1w/flashplayer_42.4_plugin.js?dl=1","offline","malware_download","js,SocGholish,js-GhoLoader","https://urlhaus.abuse.ch/url/99924/"
@@ -13635,7 +13994,7 @@
 "99876","2018-12-26 11:48:59","http://dx111.downyouxi.com/qunxiongshishibandichongtu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99876/"
 "99875","2018-12-26 11:48:15","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/Nuclear%20RAT%20Trojan/client.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99875/"
 "99874","2018-12-26 11:48:13","http://dx111.downyouxi.com/sanguozhanjizhengzong2009huiyipian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99874/"
-"99873","2018-12-26 11:46:23","http://www.softhy.net/softhy.net_down/cs93softhy.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99873/"
+"99873","2018-12-26 11:46:23","http://www.softhy.net/softhy.net_down/cs93softhy.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99873/"
 "99872","2018-12-26 11:45:04","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2005%20Scanning/Lite-SOCKS/Generator.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99872/"
 "99871","2018-12-26 11:42:02","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2005%20Scanning/Lite-SOCKS/Packer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99871/"
 "99870","2018-12-26 11:40:06","http://alfarius.ru/sites/img.jpg","offline","malware_download","exe,RUS,Troldesh,Ransomware","https://urlhaus.abuse.ch/url/99870/"
@@ -13645,7 +14004,7 @@
 "99866","2018-12-26 11:29:27","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/Trojan-Dropper.Win32.ZomJoiner.25.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99866/"
 "99865","2018-12-26 11:29:26","http://dx111.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99865/"
 "99864","2018-12-26 11:29:02","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2016%20Hacking%20Webservers/webdav-gui/webdav-gui.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99864/"
-"99863","2018-12-26 11:27:07","http://www.softhy.net/softhy.net_down/cs4softhy.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99863/"
+"99863","2018-12-26 11:27:07","http://www.softhy.net/softhy.net_down/cs4softhy.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99863/"
 "99861","2018-12-26 11:26:29","http://dx111.downyouxi.com/ailisizhisi3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99861/"
 "99862","2018-12-26 11:26:29","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2005%20Scanning/Tiny%20TCP%20Firewall/afxfw.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99862/"
 "99860","2018-12-26 11:25:33","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/netbus17/NetBus.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99860/"
@@ -13662,7 +14021,7 @@
 "99849","2018-12-26 10:41:33","http://dx111.downyouxi.com/mingxingzhajinhuazhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99849/"
 "99848","2018-12-26 10:20:31","http://www.softhy.net/softhy.net_down/cs6softhy.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/99848/"
 "99847","2018-12-26 10:20:20","http://tantarantantan23.ru/24/a_Protected.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/99847/"
-"99846","2018-12-26 10:18:29","http://www.softhy.net/softhy.net_down/dedesupertabs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99846/"
+"99846","2018-12-26 10:18:29","http://www.softhy.net/softhy.net_down/dedesupertabs.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99846/"
 "99845","2018-12-26 10:09:15","http://www.softhy.net/softhy.net_down/5qq0free.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99845/"
 "99844","2018-12-26 10:07:00","http://tantarantantan23.ru/24/_output55A1800ars.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/99844/"
 "99843","2018-12-26 10:06:30","http://tantarantantan23.ru/24/ajhvguygjhl_signed.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99843/"
@@ -13734,19 +14093,19 @@
 "99777","2018-12-26 05:25:03","http://178.128.35.181/hakai.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99777/"
 "99776","2018-12-26 04:51:15","http://phattrienviet.com.vn/setupsapa.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99776/"
 "99775","2018-12-26 04:32:03","http://winbetter.info/1xWins_eu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99775/"
-"99774","2018-12-26 03:07:02","http://host.gomencom.website/Downloads/svihost.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99774/"
+"99774","2018-12-26 03:07:02","http://host.gomencom.website/Downloads/svihost.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99774/"
 "99773","2018-12-26 03:06:03","http://host.gomencom.website/Downloads/Modul/load1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99773/"
-"99772","2018-12-26 02:53:02","http://host.gomencom.website/Downloads/installers.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99772/"
-"99771","2018-12-26 02:50:13","http://host.gomencom.website/Downloads/Modul/load.msi","offline","malware_download","msi","https://urlhaus.abuse.ch/url/99771/"
-"99770","2018-12-26 02:50:08","http://host.gomencom.website/downloads/instller.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99770/"
-"99769","2018-12-26 02:48:08","http://host.gomencom.website/Downloads/Servise/jusched_srv13.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99769/"
-"99768","2018-12-26 02:48:04","http://host.gomencom.website/Downloads/mdsm.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99768/"
-"99767","2018-12-26 02:40:03","http://host.gomencom.website/Downloads/Servise/jusched_srv14.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99767/"
-"99766","2018-12-26 02:39:03","http://host.gomencom.website/Downloads/lsass/updater.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99766/"
-"99765","2018-12-26 02:39:02","http://host.gomencom.website/Downloads/Servise/Updater1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99765/"
-"99764","2018-12-26 02:38:02","http://host.gomencom.website/Downloads/Servise/Updater.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99764/"
+"99772","2018-12-26 02:53:02","http://host.gomencom.website/Downloads/installers.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99772/"
+"99771","2018-12-26 02:50:13","http://host.gomencom.website/Downloads/Modul/load.msi","online","malware_download","msi","https://urlhaus.abuse.ch/url/99771/"
+"99770","2018-12-26 02:50:08","http://host.gomencom.website/downloads/instller.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99770/"
+"99769","2018-12-26 02:48:08","http://host.gomencom.website/Downloads/Servise/jusched_srv13.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99769/"
+"99768","2018-12-26 02:48:04","http://host.gomencom.website/Downloads/mdsm.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99768/"
+"99767","2018-12-26 02:40:03","http://host.gomencom.website/Downloads/Servise/jusched_srv14.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99767/"
+"99766","2018-12-26 02:39:03","http://host.gomencom.website/Downloads/lsass/updater.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99766/"
+"99765","2018-12-26 02:39:02","http://host.gomencom.website/Downloads/Servise/Updater1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99765/"
+"99764","2018-12-26 02:38:02","http://host.gomencom.website/Downloads/Servise/Updater.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99764/"
 "99763","2018-12-26 02:37:16","https://hbr0.icu/fd87GdjhWWW.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99763/"
-"99762","2018-12-26 02:27:07","http://host.gomencom.website/Downloads/rdpclip.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99762/"
+"99762","2018-12-26 02:27:07","http://host.gomencom.website/Downloads/rdpclip.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99762/"
 "99761","2018-12-26 02:08:09","http://host.gomencom.website/Downloads/Modul/load_old.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99761/"
 "99760","2018-12-26 01:48:02","http://185.101.105.129/bins/kalon.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99760/"
 "99759","2018-12-26 01:47:02","http://185.101.105.129/bins/kalon.arm7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99759/"
@@ -14591,14 +14950,14 @@
 "98907","2018-12-21 19:45:09","https://uc0345930e4753c66fb4311de6e2.dl.dropboxusercontent.com/cd/0/get/AX7Ju47fNMElBkXjaWpfl2WoRpvjphrT4Js8QH9lrIb3hhrmwkc_PTjO2g6o7r3Tj8wDGgEnJbSY9n5oY3658r_GD2i3ppabDH6BTAVI_JEdQqo-M6s2Sgx9DexK34CiT16Cxk5i2Ic6OQ6Hkf1uD7Q2yyQaLRaDqOGozvxozSJrwXKVb9po_Aaq7UX2TwMvlTE/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98907/"
 "98906","2018-12-21 19:44:10","http://suporteatendimentorh.com/web?NBOXamp;xc75362dad4a9da06941b7dc3d6915ac64selectedfolderINBOX","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98906/"
 "98905","2018-12-21 19:44:04","http://patch3.51mag.com/newpatch25/prototype_soundfix2.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98905/"
-"98904","2018-12-21 19:42:57","http://patch3.51mag.com/2013/ALI213-PLANTS.VS.ZOMBIES.V1.2.0.1073.PLUS11TRN.DENKA003.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98904/"
-"98903","2018-12-21 19:42:51","http://patch3.51mag.com/newpatch14/sango9tcup_date.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98903/"
+"98904","2018-12-21 19:42:57","http://patch3.51mag.com/2013/ALI213-PLANTS.VS.ZOMBIES.V1.2.0.1073.PLUS11TRN.DENKA003.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98904/"
+"98903","2018-12-21 19:42:51","http://patch3.51mag.com/newpatch14/sango9tcup_date.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98903/"
 "98902","2018-12-21 19:42:29","http://wt120.downyouxi.com/22loujialidibeiju.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98902/"
 "98901","2018-12-21 19:41:24","http://patch3.51mag.com/2013/ali213-alienscolonialmarine.8_aobeta_fixed.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98901/"
-"98900","2018-12-21 19:41:15","http://wt120.downyouxi.com/tankedajuezhan.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98900/"
-"98899","2018-12-21 19:36:51","http://patch3.51mag.com/2013/ali213-mp3+11tr-lng_v1.0.0.114.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98899/"
+"98900","2018-12-21 19:41:15","http://wt120.downyouxi.com/tankedajuezhan.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98900/"
+"98899","2018-12-21 19:36:51","http://patch3.51mag.com/2013/ali213-mp3+11tr-lng_v1.0.0.114.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98899/"
 "98898","2018-12-21 19:36:29","http://patch3.51mag.com/2012/cry2me+7tr-lng.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98898/"
-"98897","2018-12-21 19:35:23","http://wt120.downyouxi.com/gumuliying2huangjinbanhuangjinmianju.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98897/"
+"98897","2018-12-21 19:35:23","http://wt120.downyouxi.com/gumuliying2huangjinbanhuangjinmianju.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98897/"
 "98896","2018-12-21 19:10:04","http://ajaygoyal.in/doc/aby/bouyt.exe","offline","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/98896/"
 "98895","2018-12-21 19:09:15","http://www.tdi.com.mx/DyDEV-Rb3_eB-PT/PaymentStatus/EN_en/Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/98895/"
 "98894","2018-12-21 19:09:12","http://www.hlxmzsyzx.com/xzPEz-Y9mt_XBmWpkXR-jgx/invoices/00738/98639/US_us/Service-Invoice/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/98894/"
@@ -15100,7 +15459,7 @@
 "98387","2018-12-20 17:25:06","http://gundemhaber.org/KOAykan5_344RelSR/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/98387/"
 "98386","2018-12-20 17:25:04","http://www.capbangkok.com/6wr5_JD4CS/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/98386/"
 "98385","2018-12-20 17:24:10","http://web.pa-cirebon.go.id/gBLA-YDq_Kx-1Pz/ACH/PaymentAdvice/US_us/Invoice-1142986/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98385/"
-"98384","2018-12-20 17:24:05","http://lancang.desa.id/xnnDh-YR_uPOKMgjfP-s7F/Inv/58505440713/En/Outstanding-Invoices/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98384/"
+"98384","2018-12-20 17:24:05","http://lancang.desa.id/xnnDh-YR_uPOKMgjfP-s7F/Inv/58505440713/En/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98384/"
 "98383","2018-12-20 16:49:05","http://79.186.62.16:54223/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/98383/"
 "98382","2018-12-20 16:49:02","http://yumuto.discusengineeredproducts.com/jonko/sopu.ps1","offline","malware_download","powershell,Gozi,USA,BITS","https://urlhaus.abuse.ch/url/98382/"
 "98381","2018-12-20 16:48:10","http://yumuto.discusengineeredproducts.com/jonko/gyrt.txt","offline","malware_download","Gozi,USA,certutil","https://urlhaus.abuse.ch/url/98381/"
@@ -15463,7 +15822,6 @@
 "98021","2018-12-19 23:28:33","http://www.naposnapok.hu/bR6_aYPbHPl_B6z8E4AFz/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/98021/"
 "98020","2018-12-19 23:28:31","http://azimed.nl/shYAb-hoi_kKPhU-XX/ACH/PaymentInfo/US/Inv-362867-PO-0V796120/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98020/"
 "98019","2018-12-19 23:28:29","http://nexpltd.com/bungw-rl_yFqm-4O/En/2-Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98019/"
-"98018","2018-12-19 23:28:26","https://linkprotect.cudasvc.com/url?a=http://srle.net/lfID-UXb0IH1KP_Hh-ymh/ACH/PaymentAdvice/doc/US/Paid-Invoice-Credit-Card-Receipt&c=E/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/98018/"
 "98017","2018-12-19 23:28:25","http://net96.it/ismmE-gYm_PVM-d3/Ref/45234762US_us/Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98017/"
 "98016","2018-12-19 23:28:24","http://greenplastic.com/DE/GXEUWQQXB8180141/Rechnungs-docs/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98016/"
 "98015","2018-12-19 23:28:23","http://leesonphoto.com/AT_T/UPoww2_Tx3pYDBjm_QVzUi/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98015/"
@@ -15512,7 +15870,6 @@
 "97972","2018-12-19 20:13:15","http://preambula.hr/dBE2_EZA3F_5/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/97972/"
 "97971","2018-12-19 20:13:13","http://smartlync.pk/r1EvnEw_1Xd9wnxJ_vMp/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/97971/"
 "97970","2018-12-19 20:13:11","http://www.evanshomeimprovement.com/WVz_RbN7PQa/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/97970/"
-"97969","2018-12-19 20:13:09","https://linkprotect.cudasvc.com/url?a=http://srle.net/lfID-UXb0IH1KP_Hh-ymh/ACH/PaymentAdvice/doc/US/Paid-Invoice-Credit-Card-Receipt&c=E,1,gVxRT1EFHRJe0p2ID8Q9XmTjXb3ZZhdK0jA_GXO4livZ6XCV2J5b4LXGasPFhSee00rEEFeSHzJqeU-OexAKsEqN3hOKSjzkz6jFFNmqdA,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/97969/"
 "97968","2018-12-19 20:13:08","http://www.gozdekins.com/xxJEt-Klt_LBDOl-wG/En/Invoice-9602047-December/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/97968/"
 "97967","2018-12-19 20:13:07","http://www.azimed.nl/shYAb-hoi_kKPhU-XX/ACH/PaymentInfo/US/Inv-362867-PO-0V796120/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/97967/"
 "97966","2018-12-19 20:13:06","http://www.mercedes-club-bg.com/wzpLJ-Yj1_VjCVxlBhd-xxJ/EXT/PaymentStatus/US/Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/97966/"
@@ -15894,9 +16251,7 @@
 "97585","2018-12-19 03:58:30","http://tantarantantan23.ru/17b/_outputF7E9E6Fazor1sl.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/97585/"
 "97584","2018-12-19 03:48:34","http://uolli.it/HSTOj-5YUtMd8A_ZsCPaa-ALk/Inv/151264875/files/EN_en/Overdue-payment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/97584/"
 "97583","2018-12-19 03:48:03","http://www.kingcotec.com/EOVpj-7wGzuXQrJ_WO-WwN/B532/invoicing/DOC/US_us/Service-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/97583/"
-"97582","2018-12-19 03:47:32","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2ftasha9503.com%2fATTBusiness%2fECshzhHcu_1gYr0Gob_GWx2YqFHkY&c=E/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/97582/"
 "97581","2018-12-19 03:46:32","https://mandrillapp.com/track/click/30069226/mywebnerd.com?p=eyJzIjoiTjRBdVZQdEdIVXJPWWJ4b2ZXVDVobjdmaVJJIiwidiI6MSwicCI6IntcInVcIjozMDA2OTIyNixcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvbXl3ZWJuZXJkLmNvbVxcXC9CSFV3ci11NWhQVjl0MUZYTnY3T19Wa2J2TWZUeWgtYlo2XCIsXCJpZFwiOlwiYWRhYmFjZDNiOTY0NDM0ZWIwMzY5ZjllNWQ0YzFjMWRcIixcInVybF9pZHNcIjpbXCI2Y2QwN2NmNDliYjdhY2M0NTRkZWJjMDFjYzFhMTQyZTdiYjYwN2JkXCJdfSJ9/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/97581/"
-"97580","2018-12-19 03:46:01","https://u6570127.ct.sendgrid.net/wf/click?upn=GYr15rV-2FDDkj70q5dMgtnUC1gdkVrtV5gxfz7eoyz3hBQRtRydD4ArxcLvocHK9zqh2wl3adgm7jFemgAxL9Ig-3D-3D_EOpstEwxYPZNS7zFupvnSPyMXgKJ9jMu3mqoZiJD-2BZ6v-2FH0kEnkQ68NH3jZeHkQ-2B2qsTJMKLvZE7Wt68es0ULhmNkZKkgw0gHCPNMb2yVbQhVpA7fZc57GipEiMblzEt3ysTmv-2Bi0SyHP2p14f65txDVyBnYG9RbajbrAZyNYi2XmuFEyq2Z6M2KcXiyxf5PGuMO-2FCRcGK5lwWMdDG08Hg-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/97580/"
 "97579","2018-12-19 03:45:31","https://mandrillapp.com/track/click/30069226/thisismycat.com?p=eyJzIjoiOERGcUw4cWpZaWFVbjNmVlBZaFlBUGNEcl8wIiwidiI6MSwicCI6IntcInVcIjozMDA2OTIyNixcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvdGhpc2lzbXljYXQuY29tXFxcL01YREwtbTNjb2Q4aktpYUpVWUFfd0tNRmNuTG8tVUVuXCIsXCJpZFwiOlwiNmQxYzFiNmYzNjUwNDg5MTkyYTBjZDkzN2JhZmRmZGVcIixcInVybF9pZHNcIjpbXCI4YWJlZTc0NmM3YjNmYTMwZDkxODNmNmViZGNmODA5MzNiZTJhYjMxXCJdfSJ9/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/97579/"
 "97578","2018-12-19 03:16:32","http://thepropertystore.co.nz/XNdQ-scSxqR0ep_hgTQU-3Oy/0411997/SurveyQuestionssites/EN_en/Open-Past-Due-Orders/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/97578/"
 "97577","2018-12-19 02:33:42","http://yourcreative.co.uk/Gvpu-hNlof0ex_gGOSqSQ-aY/Invoice/97534888/sites/US_us/Open-Past-Due-Orders/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/97577/"
@@ -16321,7 +16676,7 @@
 "97157","2018-12-18 13:51:37","http://www.busferie.pl/pFEf-dZIOwMwAfDyK8l3_yXuvheJlH-g8q/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/97157/"
 "97156","2018-12-18 13:51:36","http://tvinnet.ru/ATTBusiness/Gkag14zzNBn_hsjepZP_dGgp13xTGc/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/97156/"
 "97155","2018-12-18 13:51:35","http://msexata.com.br/AT_T/R5zCvZvINEN_7xelzVU_QjyGWxuIw4/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/97155/"
-"97154","2018-12-18 13:51:33","http://lancang.desa.id/aACzS-SiJWodCeFf7UWOe_GweDpwAb-sCr/Ref/170522652INFO/En/Scan/","online","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/97154/"
+"97154","2018-12-18 13:51:33","http://lancang.desa.id/aACzS-SiJWodCeFf7UWOe_GweDpwAb-sCr/Ref/170522652INFO/En/Scan/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/97154/"
 "97153","2018-12-18 13:51:29","http://www.wlodek.net.pl/Amazon/EN_US/Clients/2018-12/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/97153/"
 "97152","2018-12-18 13:51:28","http://www.tvkarpaty.sk/lCtuR-niUBIZWXP0nfqvJ_NCVbOojU-rMp/xerox/US/Invoice/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/97152/"
 "97151","2018-12-18 13:51:27","http://www.salvatorevicario.com/ItDm-rbZ548HQNGhfKM_YNZdHeHHb-wsS/4645674/SurveyQuestionsxerox/En_us/Paid-Invoice/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/97151/"
@@ -16630,7 +16985,6 @@
 "96839","2018-12-18 05:20:05","http://pashkinbar.ru/Amazon/En_us/Payments_details/2018-12/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/96839/"
 "96838","2018-12-18 05:20:04","http://construcaoclinicas.pt/AMAZON/Orders-details/2018-12/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/96838/"
 "96837","2018-12-18 05:20:03","http://allabouthealth.co.za/Amazon/EN_US/Clients/2018-12/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/96837/"
-"96836","2018-12-18 04:58:23","https://linkprotect.cudasvc.com/url?a=http%3a%2f%2ftasha9503.com%2fATTBusiness%2fECshzhHcu_1gYr0Gob_GWx2YqFHkY&c=E,1,T2DtY1IPW-PD7vZCz5KsCAcGpoQfxSNKD43ncgyPWw62zHo-JgOEa-AHfrdMg2aMSe1Xiq5rJciH8Lt3kshDTyK1KkqWuCi1YZ-Q_djgFo0K7qff&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/96836/"
 "96835","2018-12-18 04:58:22","http://nouvelles-images.com/klw/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96835/"
 "96834","2018-12-18 04:58:20","http://provalia-capital.com/g/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96834/"
 "96833","2018-12-18 04:58:19","http://designinnovationforhealthcare.org/di/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96833/"
@@ -16960,7 +17314,6 @@
 "96507","2018-12-17 18:54:16","http://cisteni-studni.com/myATT/A8477Nu_3PS7MdGHH_I7nWGv/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96507/"
 "96506","2018-12-17 18:54:15","http://evihdaf.com/AT_T_Account/upkC1Xpt69_ri2A3P_Jt8fn/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96506/"
 "96505","2018-12-17 18:54:11","http://viaex.com.br/PagOo-0kV5En6qTpdO9Vw_dQVOeHLCD-Vz/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96505/"
-"96504","2018-12-17 18:54:07","https://u7188081.ct.sendgrid.net/wf/click?upn=da49dPi25G9RkThIR2yu6V2-2B0UrHKy3sejIc1BpWz6-2FLgi6ZiHojJvEkZREPVe-2FY2DGNdeAfsRcO-2BRDFUbPjp27R5GxFIYO9lU5OTFNPq1M-3D_oEUkigULEm9qDXZ6e-2FeLN48tNnAG-2FFGxEd6P5PSlSW5Wlgcz00Ux71G9J5qQKl-2Bl26cllPJwhtru0X-2FKUPGzU9c-2BZMI46I6tZIaROLEvMHgzQtz-2B16ZTwGuyAcs4NCVylkewi4cER40BJmXapmjUazQ8-2FFG6-2BhbAlbXPttWv7tuQLVUCl-2BotIj6-2Be4r0lGt7ho-2FndRz3NN07CNiQt6xGuNDBabwHoSdBAuHvVbLZAdc-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/96504/"
 "96503","2018-12-17 18:54:06","http://feaservice.com/ATTBusiness/hM117e_0PdocYSvY_Qr6v9P/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96503/"
 "96502","2018-12-17 18:54:04","http://turkexportline.com/ATT/RJoZT_Jf6b8DCJ_ludqf/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96502/"
 "96501","2018-12-17 18:54:02","http://hockeystickz.com/SAIPo-tEMOwWRhSoh22T7_ziGVsheFy-zKC/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/96501/"
@@ -17450,7 +17803,7 @@
 "95985","2018-12-16 19:24:04","http://xeggufhxmczp.tw/ifiwis/79669_03845.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/95985/"
 "95984","2018-12-16 19:09:05","http://178.128.196.88/ankit/jno.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95984/"
 "95983","2018-12-16 19:09:03","http://178.128.196.88/ankit/jno.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95983/"
-"95982","2018-12-16 18:56:05","http://mxd-1253507133.file.myqcloud.com/exe/2.6.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95982/"
+"95982","2018-12-16 18:56:05","http://mxd-1253507133.file.myqcloud.com/exe/2.6.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95982/"
 "95981","2018-12-16 18:15:06","http://151.50.135.79:44225/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95981/"
 "95980","2018-12-16 17:36:04","http://xixwdnuawkdi.tw/mndbjn/06705_1868335.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/95980/"
 "95979","2018-12-16 17:24:02","http://80.211.66.236/bins/sora.arm7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95979/"
@@ -17624,7 +17977,7 @@
 "95806","2018-12-16 00:35:11","http://142.93.249.16/x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95806/"
 "95805","2018-12-16 00:35:09","http://142.93.249.16/i586","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95805/"
 "95804","2018-12-16 00:35:06","http://142.93.249.16/armv4l","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95804/"
-"95803","2018-12-16 00:34:46","http://cgameres.game.yy.com/cgame/lobby4366/4366Game_wkzggw.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95803/"
+"95803","2018-12-16 00:34:46","http://cgameres.game.yy.com/cgame/lobby4366/4366Game_wkzggw.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95803/"
 "95802","2018-12-16 00:33:06","http://ads.hanggiadinh.com/Webservices/RedirectV2/RedirectService.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95802/"
 "95801","2018-12-16 00:11:17","http://tapnprint.co.uk/IKCustomise/_DCMInstaller/ServicePackDCM11-1/ServicePackDCM11-1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95801/"
 "95800","2018-12-16 00:11:05","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_091.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95800/"
@@ -17640,7 +17993,7 @@
 "95790","2018-12-16 00:05:03","https://wonderful-davinci-e6a9e8.netlify.com/FLASHUPDATE_016.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/95790/"
 "95789","2018-12-16 00:04:02","https://wonderful-davinci-e6a9e8.netlify.com/FLASHUPDATE_068.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/95789/"
 "95788","2018-12-16 00:03:07","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_044.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95788/"
-"95787","2018-12-16 00:03:04","http://download.ware.ru/win/14779_SETUP_opl.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95787/"
+"95787","2018-12-16 00:03:04","http://download.ware.ru/win/14779_SETUP_opl.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95787/"
 "95786","2018-12-16 00:02:08","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_022.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95786/"
 "95785","2018-12-16 00:02:03","http://wonderful-davinci-e6a9e8.netlify.com/flashupdate_051.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95785/"
 "95784","2018-12-16 00:01:04","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_073.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95784/"
@@ -17924,7 +18277,6 @@
 "95504","2018-12-15 00:53:03","http://138.197.5.39/apache2","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95504/"
 "95503","2018-12-15 00:52:04","http://138.197.5.39/ntpd","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95503/"
 "95502","2018-12-15 00:52:03","http://138.197.5.39/ftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95502/"
-"95501","2018-12-15 00:34:30","https://u9036497.ct.sendgrid.net/wf/click?upn=vM9v-2BhGVJJ-2BEF9KrwxfxXGftCnr20TjHo1dqljGq5KW1Y5Sm8fD7iGbIBU1WGlh9vPdIGsl6p7r3UBGTIN7rIGrMG7g4pIxFoHb7OfyYpYE-3D_YQCVZZpiAmrJQ2VSLoqtVHDWagJLbSBz2J1tvEjnASqfH4CHHzlOEdwaR4hA3ioP6HfLXMreULMgZlH4zy9a6Q-2F732HJRyI3bAOq-2BoHwd0lT-2Fa0Q2BB7Y2VCEMRMcP-2Br1jyRgDLbYOi-2Bynwq3abbZLkSVS0UbF4lphHrdejx00R3SSBUzRa7OPP8kxbs4WtPFwms5a8Dl4xYIMUiqAhIT5t110T0vd0L27SATU6gM4b9CJQ9VHrkCYoDIGQEiX2I/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/95501/"
 "95499","2018-12-15 00:34:29","http://thelastgate.com/Nhirv-q14mmye0yPb8qnp_GZNMrAKSA-MU7/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/95499/"
 "95500","2018-12-15 00:34:29","https://download.ipro.de/iban.doc/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/95500/"
 "95498","2018-12-15 00:34:27","http://johnsonlam.com/En_us/Details/122018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/95498/"
@@ -17939,11 +18291,9 @@
 "95489","2018-12-15 00:25:16","http://khdmatqatar.com/ehGl-ELri3ecZVnxp4av_tiPzKHfks-BG/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95489/"
 "95488","2018-12-15 00:25:14","http://zemlerobstvo.kiev.ua/uvya-O5fvdRBVylUbZXo_fYccaVJE-zML/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95488/"
 "95487","2018-12-15 00:25:12","http://www.ki-drill.com/gupHL-TrmKURLYPPwe1zm_ZxLdJkKfk-Y6/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95487/"
-"95486","2018-12-15 00:24:52","https://u9036497.ct.sendgrid.net/wf/click?upn=izgNGbOM2l4OQUJjkNEO5CttR3Byp-2F0nyr4H8fsebroSIwxZeu3WEwtCvOq9qP0HVun1qmj6wPktAAZc7Vg1RSB4mIridl92oGc-2F4V3lwOw-3D_cNIScrEZi9yFTB6vNi-2FntTOaW3Y8Qvgdgeffuamkvsz6wh1SaVTos3XBiCC-2B5W9x7ceNEIlg-2FC0hxQYogkTT3fv4T-2FOv0YRVBaodpwWPzI26cGQgGtZLDSF-2FwMR7jeh2kefjO5SS5nI0HUBSAO5sI5r-2BQCudACPLHDoYgYbeHvvl54GVWd7kNHo7-2BndP-2BEg6-2BI-2BHBEky8J5qNboaBBHOoQ-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/95486/"
 "95485","2018-12-15 00:24:51","http://www.habhunt.com/mFZd-KnsJn7V3Toi9Pl_VZTYSBocd-Jd/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95485/"
 "95484","2018-12-15 00:24:48","http://www.estab.org.tr/HPPX-heZy9ExKCuJ417_AvoNJeqoe-MA/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95484/"
 "95483","2018-12-15 00:24:47","http://www.fyrishbikes.com/PpmK-S9B4p4nQLYBIxV_IWnbSWtx-rj/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95483/"
-"95482","2018-12-15 00:24:43","https://u9036497.ct.sendgrid.net/wf/click?upn=2l6-2Fvs2RAffpoGYgNTsFlkmhekuUT8V3oW8lKXGplEMFp9zu1jJoPGe-2B6qBWZppO_kKLYQ91ZFOe6ryzRU3CXyoEVdnI3-2Bv2dFdQCJMgqGCdF3DYZtvAFwrzUvHqhhG0-2FM64ueDidTxrZHIOLQDA-2BVoh4eOV-2FkiZZQe8BKB48HmVaxFJ4VvwOh03-2FEstf5g5g5z2LWK-2Buf1DAse5SII-2FYTjnorEPrhm0TG-2FGh77Gf-2FzVPBkayck13CNC9uQV1s26xevYiecNRKMEQlhaHJHReYQCSBrYnUI7OcmjjgpZrORA-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/95482/"
 "95481","2018-12-15 00:24:41","http://www.vidrioyaluminiosayj.com/LOojS-DZJSiNN58uqIBZf_hpRpkLoN-K6p/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95481/"
 "95480","2018-12-15 00:24:39","http://en.worthfind.com/rMmf-k2whfGSKiAfCje_ItuhENMDF-uIi/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95480/"
 "95479","2018-12-15 00:24:35","http://www.sunjsc.vn/LTmgM-aUzzJadtHREpNY_QUHIKCFcj-5n/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95479/"
@@ -17955,7 +18305,6 @@
 "95473","2018-12-15 00:24:18","http://utorrentpro.com/noAlt-y50uI1iINQFzAc_BiLGLoEy-BwG/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95473/"
 "95472","2018-12-15 00:24:15","http://162.243.7.179/wp-content/themes/alveophase3/msf-files/VQma-IKShnUmUompQd9_OZuwJFmu-MX/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95472/"
 "95471","2018-12-15 00:24:13","http://buzznino.com/wp-content/Dxnj-fbu01e9R6pPCCD_GZYSAiEpm-M4/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95471/"
-"95470","2018-12-15 00:24:10","https://u9036497.ct.sendgrid.net/wf/click?upn=ypLo5JAcHWIunawgkKPjbzShEPZiAV7BH7SJL8gX5DPR-2FDnlGd7fIkEAZZ-2FjIrC3D05bBokWMbttI57orBhE-2BKH13GVpF1C9BK0LMuHYH7U-3D_Dg81ABInDQL2l3NvEQmCJfZ5-2FEYgFawyqFt-2F7ISCl66rZUqN-2BhHg61s6GIiuUzPZYKI2n47nxjL4-2FRw3CW60-2FPi-2Buvm63-2F0qRtyI1UmbS8m-2BlPEB2IvpD2ZXqlgCI6ZgtBGOk57rNPYZfj9TqR-2B4-2BM4LAJUYAeiDn5hnXBvlzzhmP9vYVGguOf1U9hbR63vcOBS6feaqPITEjg2fuKHdb52Ahh-2FTFC8RMvOR-2FeILx1A-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/95470/"
 "95469","2018-12-15 00:24:07","http://soyinterieur.com/En_us/Attachments/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95469/"
 "95468","2018-12-15 00:24:02","http://topjewelrymart.com/jRFE-FCUkvUKQBUcFdeY_aIaCXolmO-Pr/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95468/"
 "95467","2018-12-15 00:24:00","http://www.sial-healthcare.co.uk/GxZp-oczyr74mcUTZg4_KMcFfxVb-sOu/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95467/"
@@ -18063,7 +18412,6 @@
 "95365","2018-12-14 20:46:12","http://satelier.com.br/download/_ogif.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95365/"
 "95364","2018-12-14 20:45:09","http://autorunorg.site/css/az.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95364/"
 "95363","2018-12-14 20:45:04","http://ussrback.com/win/windosprs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95363/"
-"95362","2018-12-14 20:40:11","https://u9036497.ct.sendgrid.net/wf/click?upn=-2BWcwJ-2BFRS1mIfKaydjpalsCE0N77DNrfweUkfWs45CNJvCvPHsYNEVbC1SQ-2FuhOsKVA1frYzF8QlBer0Ugs5Qg-3D-3D_re3f-2Fy4mtwTilZecV7uN0-2FS4A03Sm-2FnJqxIV-2FaTECq97NmVbBW2cZrjaomZw-2BqXGTWgOLv953LLk8oGeD5E0wlrAWTc3wwkPAU2Fs9XkWit8oQzekgf0Qwuk9jPTIMHuSzH9y7MoAmhH5C-2FehYZ692L0e6MltXbQRlx8oy9n2xBVymhr-2FiQeWuTq5yeZssLjSYWlXh9w8cK2ScVjg9lqw-2F6aB9joyRfZw3hVLzfT4tc-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/95362/"
 "95361","2018-12-14 20:40:09","http://www.nosy-bleu-peche.com/quuA-seHEGSoUG0cnu2_tzKwUVykM-kVO/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95361/"
 "95360","2018-12-14 20:40:04","http://www.mingoy.com/GOlow-oNMQ3JQHVfNcg1P_AluCfGJjf-GF/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95360/"
 "95359","2018-12-14 20:28:09","http://www.serefozata.com/axf/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/95359/"
@@ -18226,7 +18574,6 @@
 "95201","2018-12-14 16:23:47","http://www.tdi.com.mx/aVmyl-j2PvdURfk3C9DU_FOyDcthx-PD/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95201/"
 "95199","2018-12-14 16:23:45","http://dasjoe.de/INVOICE/scan/US/Service-Report-0730/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95199/"
 "95200","2018-12-14 16:23:45","http://nierada.net/qZaD-JXl3uSaZOlw3ll_HEzbYOMQ-lk/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95200/"
-"95198","2018-12-14 16:23:44","https://linkprotect.cudasvc.com/url?a=http://steveleverson.com/Dzre-ziim4C25INDL2Y_JqqCxPUDZ-lu&c=E,1,JRbdZkzq3B-n2nERnFPmRCLQVCDD1X51d47UaE2yFLkZldz8_mj06fbYdG5tdvJ08nHoVwsKLC0Yslf7allXGc12ZVRpkIzQXRhNfBLo4c4QTS7RYqHTcw,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/95198/"
 "95197","2018-12-14 16:23:43","http://www.ecvp2009.org/xerox/En_us/Invoices-attached/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95197/"
 "95196","2018-12-14 16:23:41","http://saxy.com.au/JotMX-6fe7yYmJQZlr0E_CfDVbuoGJ-TM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95196/"
 "95195","2018-12-14 16:23:39","http://thestylistonline.com/BmlB-wM6QMa78Onh6475_iGfnVukhH-y0/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95195/"
@@ -18435,7 +18782,7 @@
 "94992","2018-12-14 10:41:05","http://nismotek.com/SharatSinha/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/94992/"
 "94991","2018-12-14 10:41:02","http://newreport.info/wp-content/themes/twentyseventeen/assets/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/94991/"
 "94990","2018-12-14 10:31:07","http://ajosdiegopozo.com/OJhNz-1KuIKUyPnJNp7n_NGyDRsGQM-8d/BIZ/Commercial/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94990/"
-"94989","2018-12-14 10:25:05","http://a.xiazai163.com/DOWN/RUOKUAIDAMA_ITMOP.COM.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/94989/"
+"94989","2018-12-14 10:25:05","http://a.xiazai163.com/DOWN/RUOKUAIDAMA_ITMOP.COM.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94989/"
 "94987","2018-12-14 10:24:07","http://2.187.39.208:40551/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/94987/"
 "94988","2018-12-14 10:24:07","http://51.254.84.55/updater.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/94988/"
 "94986","2018-12-14 10:24:03","http://93.41.182.249:12228/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/94986/"
@@ -18973,7 +19320,6 @@
 "94381","2018-12-13 16:24:10","https://cssoft.jp/Inv/86387882401466734026/DOC/En/Invoices-Overdue/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94381/"
 "94380","2018-12-13 16:24:07","http://alanhkatz.on-rev.com/Invoice/03422356092392892749/LLC/En/400-28-786677-333-400-28-786677-257/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94380/"
 "94379","2018-12-13 16:24:03","http://deliciosapasion.com/InvoiceCodeChanges/Corporation/EN_en/Open-invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94379/"
-"94378","2018-12-13 16:23:59","https://u8225288.ct.sendgrid.net/wf/click?upn=umN9mMspXzjEfB7VXXNq9B-2FzZrXFlkmn0GZx43iOIcm4pGy-2BuMPJ83jY7yGAoJ8YJhbNt7KoZtznlyF-2FNGcP9Q-3D-3D_lMNERjmtflUziQ1SZtxyYm0JqO7xNbc9As9GKBzqRm5OH4ac-2FRLL0jVaqiF9lYFSL0kvTpgka05ooloPQH3tPt0I1ALU32TYKpHxRhLhjK3mVGUtcqO0fXMVbfPUdratThYOH0ETl1tFWpMtb4rR-2FDh3yOCmOjQUhUlbeT2qUZDJ1v1C37pKm7J-2FhtVlXfm7xaZ-2FihftsJNYiO1lsjrPCKpF4ou0YCY1dMBUhvYZpA0-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/94378/"
 "94377","2018-12-13 16:23:58","http://aycrevista.com.ar/INVOICE/667355206898358/OVERPAYMENT/doc/EN_en/Invoice-for-a/v-12/13/2018/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94377/"
 "94376","2018-12-13 16:23:54","http://centralparkconveniencia.com.br/COMET/SIGNS/PAYMENT/NOTIFICATION/12/13/2018/default/US_us/Open-Past-Due-Orders/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94376/"
 "94375","2018-12-13 16:23:51","http://raiodesolhotel.com.br/ACH/PaymentInfo/INFO/US/Invoice-66828072/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94375/"
@@ -18982,7 +19328,6 @@
 "94372","2018-12-13 16:23:43","http://meunasahgantung.id/xerox/US_us/Invoice-for-you/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94372/"
 "94371","2018-12-13 16:23:39","http://avrasyalazer.com.tr/ACH/PaymentInfo/doc/En/Invoice-for-you/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94371/"
 "94370","2018-12-13 16:23:36","http://prosaudefarroupilha.org.br/PaymentStatus/LLC/En_us/Overdue-payment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94370/"
-"94369","2018-12-13 16:23:33","http://mailrelay.diyarqataria.com/wf/click?upn=XOy2yKRmkrd9skQWjUPMkDo5ifJ2-2BsNPM5-2Bjf6tKVhI9Hby21xIzJZAgrz-2BUBA7-2FGIxa7YsQ8B2f4WnaAGgqkM95wbGeJnt-2B64JcTrf8BnU-3D_cthq0z3adJO3eRdfaqambtXS9Gp6gTt8E148oDqMWADY1Ts18pErDQAcnJ1I7B5AF5DFEIAPDsYpZjrINzdRhaP8viCfiP4twUibRXB7Y5kVcdoWI-2BNT4NX9BwkUkUIgdx8zXiYzF8z9KbdC5VnimCBgrUw6UndZl7LM4SrzpjQJz5CX9wn-2Bc3k4uXfdItPZPrzwEO2EtwbBORp3dyfRw-2BpKJXVI3RPbNb26d1ePc3s-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/94369/"
 "94368","2018-12-13 16:23:31","http://nuancecrusaders.com/LLC/En/Overdue-payment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94368/"
 "94367","2018-12-13 16:23:28","http://utorrentpro.com/Dec2018/EN_en/Overdue-payment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94367/"
 "94366","2018-12-13 16:23:26","http://kremlin-school.info/CUGUNUVG4826454/Rechnungs-docs/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94366/"
@@ -19007,7 +19352,6 @@
 "94347","2018-12-13 16:02:37","http://inpakpapier.nl/US/Details/12_18/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94347/"
 "94346","2018-12-13 16:02:36","http://atostrategies.com/US/Transactions/12_18/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94346/"
 "94345","2018-12-13 16:02:33","http://maartech.pl/US/Clients_information/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94345/"
-"94344","2018-12-13 16:02:32","https://u8349684.ct.sendgrid.net/wf/click?upn=FJP88OcRxurphbe9BS1tP-2BT7NcWJjwvbS1tKeWgJ-2Bn7BlZmfxVGiGR6yXrzc1iezxFnc2d-2BHoHxrQ1GBJg7zpA-3D-3D_mPf2pBmswZ06cqxDcv-2FeBeTiPtsnADuKHp4vg7IHhk9ijeJZC2eBCY3sYNty4dbtwVBSUodAgD5pnzKvAVIDUcQTvpQvwi6tm-2F7jgi3gRRYLq0ooX4BT981kK-2BhOuvZkmKTnohBA565b9-2F39w1j8R2QNYuGiAsnONjLm2W92TwruEfYnP6sAgVR1uaRXjaRMW1S3FTY6PzmoZNMXzqEIBw-3D-3D/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/94344/"
 "94343","2018-12-13 16:02:31","http://theshowzone.com/US/Transactions/2018-12/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94343/"
 "94342","2018-12-13 16:02:29","http://agroconsultancy.ge/US/Clients_transactions/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94342/"
 "94341","2018-12-13 16:02:27","http://www.thenff.com/En_us/Clients/12_18/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/94341/"
@@ -19244,7 +19588,6 @@
 "94109","2018-12-13 05:09:06","http://etherealms.com/ACH/PaymentInfo/DOC/EN_en/New-order/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/94109/"
 "94108","2018-12-13 05:09:04","http://builtbyk2.com/Invoice/836618423631369/xerox/US_us/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/94108/"
 "94106","2018-12-13 05:02:01","http://www2.gamingsupport.com/90988189803400/invoicing/INFO/US/Invoice-for-you/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/94106/"
-"94107","2018-12-13 05:02:01","https://linkprotect.cudasvc.com/url?a=http://dparmm1.wci.com.ph/INVOICE/4139/OVERPAYMENT/sites/En/Invoice-Number-088395&c=E1MI9iEg57yNOvw4XUn6BxMmSkdGor-U5yuDfksO9xIf-tfLV_7lp43jkuFWcZRw5kTwaSQHh6mOiNjxWX96u2YA5lD0mw-ZgCWpRJ_hHfY6EGLe1o_A&typo=1/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/94107/"
 "94105","2018-12-13 05:01:59","http://www.wikiservas.net/EM09iy4Pq/de_DE/Service-Center/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/94105/"
 "94104","2018-12-13 05:01:58","http://www.trakyatarhana.com.tr/PaymentStatus/default/US/Need-to-send-the-attachment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/94104/"
 "94103","2018-12-13 05:01:57","http://www.surmise.cz/X6EMAQleTeJ5e/SEP/IhreSparkasse/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/94103/"
@@ -19343,7 +19686,6 @@
 "94010","2018-12-13 00:23:09","http://58hukou.com/IRS.GOV/Internal-Revenue-Service-Online-Center/Verification-of-Non-filing-Letter/December-10-2018/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94010/"
 "94009","2018-12-13 00:23:06","http://seraqueetea.org/Ref/246252169837980273default/En_us/Past-Due-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94009/"
 "94008","2018-12-13 00:23:04","http://lutgerink.com/INFO/En_us/Question/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94008/"
-"94007","2018-12-13 00:23:04","https://u8225288.ct.sendgrid.net/wf/click?upn=umN9mMspXzjEfB7VXXNq9FX6nLwma1zrIPODGLhVAknlgnUFO2e6TO5iFIHA9htEzXgsdJ-2BWEfjOw9WWFT-2FirYx2QAFbOQOeJ772e8U-2BLTE-3D_5ZVnRR-2Fbx-2BRDJG1hw-2BgdRmoqHKGfHafTU3FcOKHSw-2F2wB-2FqsUnkr7Sirut5HHkJ2R6AsG3BLjA8Jt2IIvdj5cbtx2jzyNkJ3IjJ759959QnMfA-2FH257pl6e-2BoEkmaIr8t1Oa-2B7WkXZak4nlyQbkX2tsn12EYN9P2kGXXADwlF-2FH-2F20euB41f1ORaNeCUt5RxNkUxeQXj1BtG-2FrkNzQ-2B050eDHo3IZzSAAjVVZcyfCcE-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/94007/"
 "94006","2018-12-13 00:23:03","http://techniartist.com/Inv/2900076884964/doc/En_us/Overdue-payment/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94006/"
 "94005","2018-12-13 00:23:02","http://alexzstroy.ru/Southwire/344357641628742/default/EN_en/Summit-Companies-Invoice-5015713/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94005/"
 "94004","2018-12-12 23:55:03","http://www.standart-uk.ru/InvoiceCodeChanges/Corporation/US_us/Outstanding-Invoices","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94004/"
@@ -19475,7 +19817,6 @@
 "93873","2018-12-12 20:22:17","http://smamulankuh.sch.id/Invoice/57850203248/Document/EN_en/529-04-055357-215-529-04-055357-132/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93873/"
 "93871","2018-12-12 20:22:12","http://sosseguranca.com.br/8599192/invoicing/LLC/US_us/Document-needed/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93871/"
 "93872","2018-12-12 20:22:12","http://teambored.co.uk/PaymentStatus/Document/EN_en/204-49-829399-151-204-49-829399-650/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93872/"
-"93870","2018-12-12 20:22:09","https://u8225288.ct.sendgrid.net/wf/click?upn=cvC9APA0UfGqgQtSCemxGZrgtNIstzFsCOJDEdhuqA4krg09d1KzUGzvOJbjsZLYZklVymswfkGgFsAYJXUQe0hdEjQgjA7hP5wFsZFLqg4-3D_zYX5K-2FRSWOsE-2F22hLVbnggsI7vetUbSk7J-2BeAT6LAD6JLCMCg0Htm4nZmQzQK0EIhGwGQZJXm8xa92oG11Rv84NPRtTzNzOu6LM8X6gHBoJUZnJHFQEqAmwIo1JExpquIff-2FE06ZTxFt-2BmPNeAwS9ma3LeCGvxkSrnH0El5-2Fmsdke9lNhpEEvydamjDke-2F4yxUYH4nBRpCxW8UItXehfPaH0Je3NnCBTwQveqqTEi4I-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93870/"
 "93869","2018-12-12 20:22:08","http://31.207.35.116/wordpress/invoices/364752419/DOC/US_us/Past-Due-Invoices/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93869/"
 "93868","2018-12-12 20:22:07","http://zoox.com.br/INVOICE/xerox/En/Invoices-attached/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93868/"
 "93867","2018-12-12 20:22:06","http://35.227.184.106/Invoice/32130886/Download/US_us/Paid-Invoice-Credit-Card-Receipt/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93867/"
@@ -19549,7 +19890,6 @@
 "93799","2018-12-12 19:15:20","https://fredrikhoyer.no/invoices/22714/5927/FILE/US/Paid-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93799/"
 "93798","2018-12-12 19:15:18","http://ngayhoivieclam.uet.vnu.edu.vn/wp-content/Southwire/378845439/Corporation/US_us/Document-needed/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93798/"
 "93797","2018-12-12 19:15:16","http://uplanding.seo38.com/PaymentStatus/newsletter/En_us/Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93797/"
-"93796","2018-12-12 19:15:15","https://u8225288.ct.sendgrid.net/wf/click?upn=umN9mMspXzjEfB7VXXNq9LQOgY8o6n3S0O0KWEbk-2BrE7YjPcW2BO21dOC-2F-2FwiUmJeEdjMs3GITDc1TXXepUtqEiBCnFG-2Bi3Xol0185MsX9U-3D_oENBfPuvDjklLTtRqM-2FmoB-2Fl9dk6iQlJzV2LMhdTPCy7-2B6R6Cz7BE5EJEn4m-2F18PaEDZQWdkfP-2Fop9fGrpx7wCFXwfODMbYy-2FqhPwQU9O2QffePEs5AJ-2BhlKuPOrlbTcBXxbuBixU8-2FTMUDQoTs2TYh7y30N0BbhhjPIzM5xrV0etf2ESJGNGm0i16sZDWELKUXXpm-2BnbWfFS1QuWsrBIeyBPhHtcVoaxid6DdsSS4Y-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93796/"
 "93795","2018-12-12 19:15:13","https://protect-us.mimecast.com/s/RrHoCADo77Hr846u8K_2K?domain=pro-prokat.ru/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93795/"
 "93794","2018-12-12 19:15:12","http://pro-prokat.ru/InvoiceCodeChanges/newsletter/En/Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93794/"
 "93793","2018-12-12 19:15:10","http://tresguerras.alumnostrazos.com/EXT/PaymentStatus/Corporation/US_us/Important-Please-Read/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93793/"
@@ -19593,7 +19933,6 @@
 "93755","2018-12-12 16:43:15","http://skylightacademy.co.in/Ref/0863595229941720xerox/En_us/Question/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93755/"
 "93754","2018-12-12 16:43:13","http://weresolve.ca/ACH/PaymentAdvice/files/En/Scan/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93754/"
 "93753","2018-12-12 16:43:12","http://streamfy.net/INV/819706940272FORPO/442952883919/sites/US/Inv-41677-PO-6L807517/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93753/"
-"93752","2018-12-12 16:43:08","https://linkprotect.cudasvc.com/url?a=http://dparmm1.wci.com.ph/INVOICE/4139/OVERPAYMENT/sites/En/Invoice-Number-088395&c=E,1,MI9iEg57yNOvw4XUn6BxMmSkdGor-U5yuDfksO9xIf-tfLV_7lp43jkuFWcZRw5kTwaSQHh6mOiNjxWX96u2YA5lD0mw-ZgCWpRJ_hHfY6EGLe1o_A,,&typo=1/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93752/"
 "93751","2018-12-12 16:43:07","http://kc.vedigitize.com/INV/009335419300FORPO/770551624968/Download/En_us/Invoice-5648859-December/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93751/"
 "93750","2018-12-12 16:39:32","http://badaprutus.pw/frupsi.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/93750/"
 "93749","2018-12-12 16:38:40","https://femmesdecaledonie.com/.anagrafica/informazioni-finanziarie-ZZ1221-KA","offline","malware_download","zipped-lnk,ITA,geofenced,sLoad","https://urlhaus.abuse.ch/url/93749/"
@@ -19934,7 +20273,7 @@
 "93388","2018-12-12 06:02:34","http://chubanomania.icu/prima/spi.exe?rCuz","offline","malware_download","smokeloader","https://urlhaus.abuse.ch/url/93388/"
 "93387","2018-12-12 06:02:03","http://pdf-archive.store/f.exe","offline","malware_download","DanaBot","https://urlhaus.abuse.ch/url/93387/"
 "93386","2018-12-12 05:54:36","https://jifendownload.2345.cn/jifen_2345/2345pic_k15907897527.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/93386/"
-"93385","2018-12-12 05:41:06","http://mmqremoto3.mastermaq.com.br/ng/versoes/arquivosng/zip/ngonesuporte.exe.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/93385/"
+"93385","2018-12-12 05:41:06","http://mmqremoto3.mastermaq.com.br/ng/versoes/arquivosng/zip/ngonesuporte.exe.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/93385/"
 "93384","2018-12-12 05:41:05","http://mmqremoto3.mastermaq.com.br/downloads/mfiscal_3.21.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/93384/"
 "93383","2018-12-12 05:17:03","https://goenvirogreen.net/","offline","malware_download","None","https://urlhaus.abuse.ch/url/93383/"
 "93382","2018-12-12 05:11:23","http://jifendownload.2345.cn/jifen_2345/2345pic_k52796966.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/93382/"
@@ -19983,7 +20322,6 @@
 "93339","2018-12-12 03:12:06","http://www.localfuneraldirectors.co.uk/EN_US/Clients/2018-12/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/93339/"
 "93338","2018-12-12 03:12:05","http://www.gandomdasht.com/EN_US/Details/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/93338/"
 "93336","2018-12-12 03:12:02","http://travelandsmile.it/En_us/Clients_transactions/122018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/93336/"
-"93337","2018-12-12 03:12:02","http://u6195215.ct.sendgrid.net/wf/click?upn=gDVu0bOg93Kr1-2FiiEIyB-2BVrm3A4bp1FMtw5OSIJtPZTDAg0tjoW27KYSKEHxU76fqTvgaiS8E0CNULMjnxRAAw-3D-3D_qe80j3tbggoe73ttjudT-2FFaDm-2B9fdVHh-2BBhauNll6IjSJvHWSyZB9hc65z-2B9qrOI1WZKR4XQKLmci47cXfZlHOx49XtCwclJRMmlUTx-2F3tapbuXJuvpa7syZW963BFGczt16bX9v9PcJrutJl4yKuth6G-2Fr5GFbDtgExgXq15zoTLirkelqWCBKUMGcZI1FI5b4K5ZSYR0HYKgcGZIZRwy09FEoHGR5j8DIUTSMfdEo-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/93337/"
 "93335","2018-12-12 03:12:00","http://standart-uk.ru/En_us/Attachments/122018/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/93335/"
 "93334","2018-12-12 03:11:59","http://proxectomascaras.com/Telekom/Transaktion/112018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/93334/"
 "93333","2018-12-12 03:11:58","http://mofables.com/Telekom/Transaktion/112018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/93333/"
@@ -20080,7 +20418,7 @@
 "93242","2018-12-11 18:34:29","http://meunasahkrueng.id/invoices/7879/3634/default/EN_en/Invoice-Number-88876/","offline","malware_download","emotet,doc","https://urlhaus.abuse.ch/url/93242/"
 "93241","2018-12-11 18:34:15","http://meunasahgantung.id/IRS.GOV/IRS/Wage-and-Income-Transcript/","offline","malware_download","emotet,doc","https://urlhaus.abuse.ch/url/93241/"
 "93240","2018-12-11 18:34:03","http://jiedianvip.com/FC966/invoicing/FILE/EN_en/Invoice-Corrections-for-17/76/","offline","malware_download","emotet,doc","https://urlhaus.abuse.ch/url/93240/"
-"93239","2018-12-11 18:31:35","http://a.xiazai163.com/down/jushengwangguan_pj_itmop.com.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/93239/"
+"93239","2018-12-11 18:31:35","http://a.xiazai163.com/down/jushengwangguan_pj_itmop.com.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/93239/"
 "93238","2018-12-11 18:25:48","http://soloprime.com/US/Clients_Messages/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/93238/"
 "93237","2018-12-11 18:25:47","http://shreesaasthatextiles.com/US/Details/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/93237/"
 "93236","2018-12-11 18:25:46","http://support.redbook.aero/wp-includes/US/Details/122018/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/93236/"
@@ -20102,7 +20440,6 @@
 "93220","2018-12-11 18:25:03","http://bike-nomad.com/9CL7x/","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/93220/"
 "93219","2018-12-11 18:20:02","http://lrservice.com.ua/wp-includes/Southwire/KCY5735683679/Corporation/En/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93219/"
 "93218","2018-12-11 18:19:59","http://liliandiniz.com.br/IRS/Internal-Revenue-Service/Tax-Account-Transcript/12112018/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93218/"
-"93217","2018-12-11 18:19:56","http://mailrelay.comofms.com/wf/click?upn=hn5mCe45Rv6iN-2FoZbeB61HqKBxHg5rOBH2hrn5FRYRwIn86UkewxaITLykm8-2FKHeafAiO5uilVJIYrKIV5MIPR8gUrCHzeGcfhL-2FC-2F8-2FsyA-3D_QbSvzgKd8E0jzmNa-2FbNPjV3fPw-2FKZ2cb54eqnPFBKJ1p8Dl8qe3FKKlETTwsHrJsIn2onSiLlIlrKkdNB9C6dpwOP5bTyG95k-2BMdnsSCnpOZpLnFZGWEyt8yiMM5VNVZSeQtYUfp-2FZcy4XPMZbkpi8IG4NMCjxvQZUg9nSTCbDwlwtDtRQTOIuilBPcmZzA7z58G-2B1BK-2BygKeakC9FSXCCWGPOaDiudmrUBS0pSKHMo-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93217/"
 "93216","2018-12-11 18:19:55","http://arina.jsin.ru/ACH/PaymentAdvice/doc/En_us/Scan/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93216/"
 "93215","2018-12-11 18:19:53","http://gazeta-lady.uz/EP880/invoicing/FILE/En/Summit-Companies-Invoice-0834917/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93215/"
 "93214","2018-12-11 18:19:51","http://bingge168.com/InvoiceCodeChanges/DOC/US/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93214/"
@@ -20114,7 +20451,6 @@
 "93208","2018-12-11 18:19:26","http://alstar.shariainstitute.co.id/IRS-Online-Center/Tax-Account-Transcript/12112018/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93208/"
 "93207","2018-12-11 18:19:23","http://13noj.org/INVOICE/2249/OVERPAYMENT/INFO/US_us/Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93207/"
 "93206","2018-12-11 18:19:10","http://utorrentpro.com/IRS/IRS.gov/Verification-of-Non-filing-Letter/December-10-2018/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93206/"
-"93205","2018-12-11 18:19:07","https://u7188081.ct.sendgrid.net/wf/click?upn=UYokheBJ8a7GqU-2FRkuYTlrz-2FZEIqvfmPCUKr-2F1hypJK-2B8eaXa9G1syv38-2BbJEwO930gKQQQlyi9igPXLDQieStp-2BPzLkh8GoSYzrcQ1WexeP1DD5ddyErA2BO0nSKVzx_pNJ-2FomNXNRtxCB5EKYR41BcRb3Ow4ydgbPUhQNLt0jUR7FkF9t-2Bm6ioQB1TkckqhlENmKrns-2FJSIkk15IqDBJaRKH4-2BHSaHx1ypZWSQyOoS38ljpPyiR6gL-2BAexQiVTfu4XR7yv7QhY9VlsMpdDl38auvLF2NySY4Vq43a1BybKgySpL4UZqQR1oYDE17iLMNMm30M213OqFc19vY8Ti7YxMAwBYo-2B-2BlS4DfvNhkBCI-3D/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93205/"
 "93204","2018-12-11 18:19:04","http://1miras.ru/IRS.GOV/IRS-Online-Center/Tax-Return-Transcript/December-11-2018/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93204/"
 "93203","2018-12-11 18:13:04","http://vw-stickerspro.fr/wp-content/languages/plugins/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/93203/"
 "93202","2018-12-11 18:10:06","http://trickcity.site/wp-content/themes/tipsjanbd/img/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/93202/"
@@ -20224,7 +20560,6 @@
 "93096","2018-12-11 14:26:13","http://adarma.xyz/IRS.GOV/IRS-Press-treasury-gov/Record-of-Account-Transcript/12112018","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93096/"
 "93095","2018-12-11 14:26:09","http://1miras.ru/IRS.GOV/IRS-Online-Center/Tax-Return-Transcript/December-11-2018","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93095/"
 "93094","2018-12-11 14:26:08","http://meunasahteungeh.id/PaymentStatus/sites/En/Paid-Invoice","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93094/"
-"93093","2018-12-11 14:26:06","https://u7188081.ct.sendgrid.net/wf/click?upn=UYokheBJ8a7GqU-2FRkuYTlrz-2FZEIqvfmPCUKr-2F1hypJK-2B8eaXa9G1syv38-2BbJEwO930gKQQQlyi9igPXLDQieStp-2BPzLkh8GoSYzrcQ1WexeP1DD5ddyErA2BO0nSKVzx_pNJ-2FomNXNRtxCB5EKYR41BcRb3Ow4ydgbPUhQNLt0jUR7FkF9t-2Bm6ioQB1TkckqhlENmKrns-2FJSIkk15IqDBJaRKH4-2BHSaHx1ypZWSQyOoS38ljpPyiR6gL-2BAexQiVTfu4XR7yv7QhY9VlsMpdDl38auvLF2NySY4Vq43a1BybKgySpL4UZqQR1oYDE17iLMNMm30M213OqFc19vY8Ti7YxMAwBYo-2B-2BlS4DfvNhkBCI-3D","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93093/"
 "93092","2018-12-11 14:26:05","http://saudigeriatrics.org/Invoice/141251800/xerox/US_us/ACH-form","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93092/"
 "93091","2018-12-11 14:26:05","http://tantarantantan23.ru/7/azonetttt.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/93091/"
 "93090","2018-12-11 14:26:03","http://23.249.161.100/extrum/ap.exe","offline","malware_download","exe,NanoCore,AZORult","https://urlhaus.abuse.ch/url/93090/"
@@ -20277,7 +20612,6 @@
 "93043","2018-12-11 13:27:07","http://sharianewsinstitute.co.id/RMGgaZj","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/93043/"
 "93042","2018-12-11 13:27:02","http://filmenew.com/8JguPaaj","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/93042/"
 "93041","2018-12-11 13:27:01","http://turkandtaylor.com/ijqIEeI","offline","malware_download","emotet,exe,epoch1","https://urlhaus.abuse.ch/url/93041/"
-"93040","2018-12-11 13:21:03","http://u6195215.ct.sendgrid.net/wf/click?upn=gDVu0bOg93Kr1-2FiiEIyB-2BVrm3A4bp1FMtw5OSIJtPZTDAg0tjoW27KYSKEHxU76fqTvgaiS8E0CNULMjnxRAAw-3D-3D_qe80j3tbggoe73ttjudT-2FFaDm-2B9fdVHh-2BBhauNll6IjSJvHWSyZB9hc65z-2B9qrOI1WZKR4XQKLmci47cXfZlHOx49XtCwclJRMmlUTx-2F3tapbuXJuvpa7syZW963BFGczt16bX9v9PcJrutJl4yKuth6G-2Fr5GFbDtgExgXq15zoTLirkelqWCBKUMGcZI1FI5b4K5ZSYR0HYKgcGZIZRwy09FEoHGR5j8DIUTSMfdEo-3D","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/93040/"
 "93039","2018-12-11 13:21:02","http://sublimemediaworks.com/EN_US/Transaction_details/2018-12","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/93039/"
 "93038","2018-12-11 13:19:10","http://23.249.161.100/extrum/io.exe","offline","malware_download","exe,NanoCore,AZORult","https://urlhaus.abuse.ch/url/93038/"
 "93037","2018-12-11 13:19:04","http://83.57.160.255:6759/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/93037/"
@@ -20494,14 +20828,12 @@
 "92822","2018-12-11 04:01:07","http://tracychilders.com/Telekom/Transaktion/112018","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92822/"
 "92823","2018-12-11 04:01:07","http://triton.fi/Telekom/RechnungOnline/112018","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92823/"
 "92820","2018-12-11 04:01:06","http://madisonmichaels.com/Telekom/RechnungOnline/11_18","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92820/"
-"92819","2018-12-11 04:01:06","https://u6195215.ct.sendgrid.net/wf/click?upn=gDVu0bOg93Kr1-2FiiEIyB-2BVrm3A4bp1FMtw5OSIJtPZTDAg0tjoW27KYSKEHxU76fqTvgaiS8E0CNULMjnxRAAw-3D-3D_qe80j3tbggoe73ttjudT-2FFaDm-2B9fdVHh-2BBhauNll6IjSJvHWSyZB9hc65z-2B9qrOI1WZKR4XQKLmci47cXfZlHOx49XtCwclJRMmlUTx-2F3tapbuXJuvpa7syZW963BFGczt16bX9v9PcJrutJl4yKuth6G-2Fr5GFbDtgExgXq15zoTLirkelqWCBKUMGcZI1FI5b4K5ZSYR0HYKgcGZIZRwy09FEoHGR5j8DIUTSMfdEo-3D","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92819/"
 "92818","2018-12-11 04:01:05","http://anigamiparc.cat/US/ACH/2018-12","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92818/"
 "92817","2018-12-11 04:01:04","http://www.freestatecoaches.co.za/En_us/Clients/12_18","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92817/"
 "92815","2018-12-11 04:01:03","http://consultor100.es/6MWJV8Rk","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92815/"
 "92816","2018-12-11 04:01:03","http://robwalls.com/6cS4MK9Vz","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92816/"
 "92814","2018-12-11 04:01:02","http://96.ip-51-255-193.eu/wordpress/US/Transactions/122018","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/92814/"
 "92813","2018-12-11 03:28:16","https://zone3.de/EN_US/Transactions-details/2018-12/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/92813/"
-"92812","2018-12-11 03:28:15","https://u6195215.ct.sendgrid.net/wf/click?upn=gDVu0bOg93Kr1-2FiiEIyB-2BVrm3A4bp1FMtw5OSIJtPZTDAg0tjoW27KYSKEHxU76fqTvgaiS8E0CNULMjnxRAAw-3D-3D_qe80j3tbggoe73ttjudT-2FFaDm-2B9fdVHh-2BBhauNll6IjSJvHWSyZB9hc65z-2B9qrOI1WZKR4XQKLmci47cXfZlHOx49XtCwclJRMmlUTx-2F3tapbuXJuvpa7syZW963BFGczt16bX9v9PcJrutJl4yKuth6G-2Fr5GFbDtgExgXq15zoTLirkelqWCBKUMGcZI1FI5b4K5ZSYR0HYKgcGZIZRwy09FEoHGR5j8DIUTSMfdEo-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/92812/"
 "92811","2018-12-11 03:28:14","http://www.zengqs.com/En_us/Messages/2018-12/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/92811/"
 "92809","2018-12-11 03:28:11","http://www.katajambul.com/Telekom/Rechnungen/112018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/92809/"
 "92810","2018-12-11 03:28:11","http://www.khantil.com/US/Payments/122018/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/92810/"
@@ -20641,8 +20973,6 @@
 "92675","2018-12-11 02:56:06","http://polkolonieb4k.pl/wp-includes/IRS.GOV/Internal-Revenue-Service-Online-Center/Tax-Account-Transcript/December-10-2018/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/92675/"
 "92674","2018-12-11 02:56:05","http://pimms.de/44535/SurveyQuestionsDownload/US/Overdue-payment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/92674/"
 "92673","2018-12-11 02:56:03","http://ngayhoivieclam.uet.vnu.edu.vn/wp-content/ACH/PaymentAdvice/scan/En_us/Scan/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/92673/"
-"92672","2018-12-11 02:55:59","http://mailrelay.comofms.com/wf/click?upn=vjDVQG87cuR81zOVLPmxSp-2FIVnlVQuF1xphExDcYC-2Bwl8XdEZAYOwgTZ5uEBnhSN_6HkQRrOI8aa3th4SgBOH-2BZGsSKjh2CJN3pR4oc-2FcOuaHvwa5FTNwFV6DyCMdl131Bm-2F7XJfupY72FSL376JugwpH8a-2BCmB5Nx314c3rntRA3crh9Hs3NGD3vvDMnSA5-2BhpdZuJWBV-2Blg3W2WIPJKv9aMcIAlgf2rmqk4PKrhwhvAOymu62dOoKmqmQGYk8fkpZprDiJjxZhF25wSOzuSqA-3D-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/92672/"
-"92671","2018-12-11 02:55:57","http://mailrelay.comofms.com/wf/click?upn=020OhaSCvLJwXru8Pqq0VYYUFBLhDlxbRKaK7SU6yqDVVBrhpPBdibMCaKuTyVCBwryziHDLppv077UaQ4JfLnjQjGtQl0UCk2DTO8rDbHg-3D_rIw2P-2BT42gKMRuUz-2FkXSFtol5eTzea1yUWsGIT4nOuGBkfdhqTUDyvCjU2HhTo1-2Fxv86zLaNK9UV6B-2FJzSQHApCpauKd-2FouGD6ej9tMzYeLodHppzHjCubf1Z-2BhdBSTcuPiUNKgcidkyGtfdg9hznjFzlgACrmEE3CzkaWenduSwlSk7E7x6NbdnzuCqazrqN0NyU7B-2FdTvqwxg0U3JgaczKrXRqXukJTss-2BO32PEn0-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/92671/"
 "92670","2018-12-11 02:55:54","http://lucdc.be/FILE/US/Summit-Companies-Invoice-8233310/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/92670/"
 "92669","2018-12-11 02:55:48","http://lifeinsurancenew.com/IRS-Transcript-treasury-gov/Record-of-Account-Transcript/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/92669/"
 "92668","2018-12-11 02:55:45","http://kc.vedigitize.com/ACH/PaymentAdvice/newsletter/En_us/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/92668/"
@@ -20770,7 +21100,6 @@
 "92532","2018-12-10 21:16:07","http://13.232.88.81/456573/SurveyQuestionsDec2018/En/Past-Due-Invoice","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92532/"
 "92531","2018-12-10 21:16:07","http://mymachinery.ca/IRS/Internal-Revenue-Service/Record-of-Account-Transcript/12102018","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92531/"
 "92530","2018-12-10 21:16:06","http://jeffandpaula.com/InvoiceCodeChanges/Dec2018/US_us/Inv-963637-PO-0G609389","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92530/"
-"92529","2018-12-10 21:16:06","http://mailrelay.comofms.com/wf/click?upn=vjDVQG87cuR81zOVLPmxSp-2FIVnlVQuF1xphExDcYC-2Bwl8XdEZAYOwgTZ5uEBnhSN_6HkQRrOI8aa3th4SgBOH-2BZGsSKjh2CJN3pR4oc-2FcOuaHvwa5FTNwFV6DyCMdl131Bm-2F7XJfupY72FSL376JugwpH8a-2BCmB5Nx314c3rntRA3crh9Hs3NGD3vvDMnSA5-2BhpdZuJWBV-2Blg3W2WIPJKv9aMcIAlgf2rmqk4PKrhwhvAOymu62dOoKmqmQGYk8fkpZprDiJjxZhF25wSOzuSqA-3D-3D","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92529/"
 "92528","2018-12-10 21:16:05","http://2.moulding.z8.ru/Ref/17183085Dec2018/US/Invoice-for-z/w-12/10/2018","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92528/"
 "92527","2018-12-10 21:16:04","http://zoox.com.br/Ref/43687246DOC/En_us/Invoice","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92527/"
 "92526","2018-12-10 21:16:03","http://thecreativeshop.com.au/Invoice/237010511/sites/US_us/Invoice-3117736","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92526/"
@@ -20863,7 +21192,6 @@
 "92438","2018-12-10 17:34:53","http://etkinbilgi.com/Southwire/DIQ204616619/INFO/En_us/Invoice-for-u/r-12/10/2018","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92438/"
 "92439","2018-12-10 17:34:53","http://publica.cz/FILE/EN_en/Invoice","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92439/"
 "92437","2018-12-10 17:34:52","http://pos.rumen8.com/wp-content/cache/Invoice/9116455/default/EN_en/New-order","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92437/"
-"92436","2018-12-10 17:34:50","http://mailrelay.comofms.com/wf/click?upn=020OhaSCvLJwXru8Pqq0VYYUFBLhDlxbRKaK7SU6yqDVVBrhpPBdibMCaKuTyVCBwryziHDLppv077UaQ4JfLnjQjGtQl0UCk2DTO8rDbHg-3D_rIw2P-2BT42gKMRuUz-2FkXSFtol5eTzea1yUWsGIT4nOuGBkfdhqTUDyvCjU2HhTo1-2Fxv86zLaNK9UV6B-2FJzSQHApCpauKd-2FouGD6ej9tMzYeLodHppzHjCubf1Z-2BhdBSTcuPiUNKgcidkyGtfdg9hznjFzlgACrmEE3CzkaWenduSwlSk7E7x6NbdnzuCqazrqN0NyU7B-2FdTvqwxg0U3JgaczKrXRqXukJTss-2BO32PEn0-3D","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92436/"
 "92435","2018-12-10 17:34:49","http://surmise.cz/invoices/7482/8632/files/US_us/Outstanding-Invoices","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92435/"
 "92434","2018-12-10 17:34:48","http://beldverkom.ru/IN98/invoicing/Dec2018/EN_en/Invoice-for-k/r-12/10/2018","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92434/"
 "92433","2018-12-10 17:34:47","http://wp2.shopcoach.net/Southwire/DWT59606095/Document/US/Need-to-send-the-attachment","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/92433/"
@@ -21044,7 +21372,7 @@
 "92257","2018-12-10 10:48:29","http://tokotikotoko.pw/jauz.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/92257/"
 "92256","2018-12-10 10:38:07","http://wallistreet.com/bss2101xee","offline","malware_download","exe,remcos","https://urlhaus.abuse.ch/url/92256/"
 "92254","2018-12-10 10:24:03","https://f.coka.la/Z3iDss.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/92254/"
-"92253","2018-12-10 10:15:15","http://bangplaschool.com/img/yb.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/92253/"
+"92253","2018-12-10 10:15:15","http://bangplaschool.com/img/yb.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/92253/"
 "92252","2018-12-10 09:19:04","http://leveleservizimmobiliari.it/ali.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/92252/"
 "92251","2018-12-10 09:19:03","http://www.leveleservizimmobiliari.it/ali.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/92251/"
 "92250","2018-12-10 09:09:04","https://protection1llc-my.sharepoint.com/:b:/g/personal/b_williamson_protection1llc-ems_com/EbaW-Nev-LZJvLopWl1AjxgBCgIWDprTLj_PrKFWYIoH6Q?e=E6KObm","offline","malware_download","None","https://urlhaus.abuse.ch/url/92250/"
@@ -21393,7 +21721,7 @@
 "91887","2018-12-08 20:15:06","http://anthrohub.org/wp/realme.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/91887/"
 "91886","2018-12-08 20:14:07","http://anthrohub.org/.well-known/dickhead.exe","offline","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/91886/"
 "91885","2018-12-08 17:57:32","http://figen.com/school/gra2329/merrill_lynch.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/91885/"
-"91884","2018-12-08 17:57:29","http://xiazai.vosonic.com.cn/xz/f600%B2%FA%C6%B7%C9%FD%BC%B6%CB%B5%C3%F7.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/91884/"
+"91884","2018-12-08 17:57:29","http://xiazai.vosonic.com.cn/xz/f600%B2%FA%C6%B7%C9%FD%BC%B6%CB%B5%C3%F7.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/91884/"
 "91883","2018-12-08 17:56:09","http://qinner.luxeone.cn/Document/US/Invoice-for-you","offline","malware_download","doc","https://urlhaus.abuse.ch/url/91883/"
 "91882","2018-12-08 17:56:05","http://189.135.96.232:60688/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/91882/"
 "91881","2018-12-08 17:55:10","http://p6.zbjimg.com/task/2011-10/22/1164339/4ea2a4c43df54.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/91881/"
@@ -21440,7 +21768,7 @@
 "91840","2018-12-08 10:32:06","http://208.97.140.137/bins/ultronfinal.armv6l","offline","malware_download","elf","https://urlhaus.abuse.ch/url/91840/"
 "91839","2018-12-08 10:32:04","http://208.97.140.137/bins/ultronfinal.i586","offline","malware_download","elf","https://urlhaus.abuse.ch/url/91839/"
 "91838","2018-12-08 10:32:03","http://208.97.140.137/bins/ultronfinal.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/91838/"
-"91837","2018-12-08 09:40:14","http://xiazai.vosonic.com.cn/xz/f600%E4%BA%A7%E5%93%81%E5%8D%87%E7%BA%A7%E8%AF%B4%E6%98%8E.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/91837/"
+"91837","2018-12-08 09:40:14","http://xiazai.vosonic.com.cn/xz/f600%E4%BA%A7%E5%93%81%E5%8D%87%E7%BA%A7%E8%AF%B4%E6%98%8E.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/91837/"
 "91836","2018-12-08 09:40:03","http://ih1300437.myihor.ru/pLoader.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/91836/"
 "91835","2018-12-08 09:33:03","http://fortalecergroup.com.br/bals/index.php?o=YmFsczE=","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/91835/"
 "91834","2018-12-08 09:19:06","http://johnscevolaseo.com/IRS/IRS.gov/Record-of-Account-Transcript/December-07-2018","offline","malware_download","doc","https://urlhaus.abuse.ch/url/91834/"
@@ -21555,8 +21883,6 @@
 "91725","2018-12-08 01:06:02","http://miroride.com/Download/En_us/Document-needed","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/91725/"
 "91724","2018-12-08 01:05:02","http://www.lescarresbiodegarance.com/US/Clients_Messages/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/91724/"
 "91723","2018-12-08 01:04:03","http://thestylistonline.com/US/Documents/122018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/91723/"
-"91722","2018-12-08 00:44:34","https://u5643427.ct.sendgrid.net/wf/click?upn=ofG8fjABpT5O9BeqCoTpBcjbIvwHztH3g7g8zlVkWVF-2BWazmJBpqiH8momva6dEPKPnylf1wGrRGNw95mOcisw-3D-3D_YNTjSBqLpRObkqRBT1TEMEoRikXDbhx5lh54TM1JrA1UhQYrQH-2B78A0A9kTYRd9WFSwLEN3Z2vGZWtrJLA7msTMs2x7b4T7sVxHtmYI6Z2-2BWR5nltv0PBqEYyHVTu5q6643MIIOvXsoi4OgOD4biizn5RlKkJQ7-2FSIyNDTExPzlPo0eLRTx1tkDHRTprqE1fP8fZBVSdmOTQFrWce6zBFw-3D-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/91722/"
-"91721","2018-12-08 00:44:33","https://u1905740.ct.sendgrid.net/wf/click?upn=6Jfdfc6RjwBnPyLcAR5tvEcTewtz7ximU72D19qXqx6e-2F-2FlghBKQNb4bac97ur7-2Fmc9QCFns1DmeP9OhEhWpNw-3D-3D_q5JlrnBjgBO6eiy2tMQcO-2FnXB8uuTd5mKR11CC5KKbCotqkoHeNA9u-2FCjnOsS5md56lPCRJDaSg8Trpj8vZ61gtNEuKA82IuP0iQnKKA-2FWQf8VGtbqtMDbD3janjsTgpl4WrgzUU4KP2eB0NCSxWC4ig5S-2BwwroJhsWiKUCfAUNcsBIK1B4roAs7aFuZzdFx0J1IQfHa1IEYisNk3Y3malWfvSxhPP0CzMpKmXaufuI-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/91721/"
 "91720","2018-12-08 00:44:32","http://zh-meding.com/US/Messages/122018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/91720/"
 "91719","2018-12-08 00:44:31","http://www.webmauri.com/En_us/Clients_information/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/91719/"
 "91718","2018-12-08 00:44:29","http://www.vataksi.al/En_us/Transaction_details/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/91718/"
@@ -21758,7 +22084,6 @@
 "91522","2018-12-07 23:12:01","http://rohani7.com/file/622328BIX/PAYROLL/Smallbusiness","offline","malware_download","doc","https://urlhaus.abuse.ch/url/91522/"
 "91521","2018-12-07 23:11:30","http://37.130.81.162:7765/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/91521/"
 "91520","2018-12-07 23:11:23","http://webmauri.com/En_us/Clients_information/12_18/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/91520/"
-"91518","2018-12-07 23:11:21","https://u6547982.ct.sendgrid.net/wf/click?upn=3qQhehvGbPaz-2BrVi29cgkUlb3SpCOOgDLHMZDMh08fc61b5QRGVDdKCA6bX34XvWuovoFfBLVjdc3N9jPw9OhQ-3D-3D_vH590Zs0DyyrJp73od2bQCKh9Cn0AuG1FBHYGxdnw0RpLCz36QbSt-2Fdhx1rphVtHEcJm4C1R3SEQyLEiJ2tlw82K6tRqZQuNnVAhrR36yBUV6NTruDemFwKw-2B-2FtMAs8-2Fte4c0DdaZulZZjwUu4tfiYOVbNjWLMkwZUtpZ9RcHz1rjTWQgMCn0z07y5gpMW2MFhMQ9Hbv-2BIHUkNqH9H389tJUV7hIfhWba6UXB-2BYw-2FWc-3D","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/91518/"
 "91519","2018-12-07 23:11:21","https://zone3.de/sites/US/Sales-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/91519/"
 "91517","2018-12-07 23:11:20","https://mandrillapp.com/track/click/30505209/pnnpartner.com?p=eyJzIjoidFJIYW8tNnVEV084bVFCcVVSNVVUb09wNTVBIiwidiI6MSwicCI6IntcInVcIjozMDUwNTIwOSxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvcG5ucGFydG5lci5jb21cXFwvZGVmYXVsdFxcXC9FTl9lblxcXC83LVBhc3QtRHVlLUludm9pY2VzXCIsXCJpZFwiOlwiNTYyNDFjMThkZjUyNDdmZDk2MDk3MTBjNTQ3N2MyZDhcIixcInVybF9pZHNcIjpbXCI0MzYxZWNhNzI5OWZmZTRhZWY3NWViNWE5MGIyZDhkOWViZTNlODRjXCJdfSJ9/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/91517/"
 "91516","2018-12-07 23:11:19","http://www.vipkartela.com/IRS/Tax-Account-Transcript/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/91516/"
@@ -22314,7 +22639,7 @@
 "90966","2018-12-07 04:36:04","http://46.29.167.53/kiwqah","online","malware_download","elf","https://urlhaus.abuse.ch/url/90966/"
 "90965","2018-12-07 04:36:03","http://46.29.167.53/hlfxgr","online","malware_download","elf","https://urlhaus.abuse.ch/url/90965/"
 "90964","2018-12-07 04:36:03","http://46.29.167.53/LOVE.x86","online","malware_download","elf","https://urlhaus.abuse.ch/url/90964/"
-"90963","2018-12-07 04:35:04","http://46.29.167.53/LOVE.mipsel","online","malware_download","elf","https://urlhaus.abuse.ch/url/90963/"
+"90963","2018-12-07 04:35:04","http://46.29.167.53/LOVE.mipsel","offline","malware_download","elf","https://urlhaus.abuse.ch/url/90963/"
 "90962","2018-12-07 04:35:03","http://46.29.167.53/neqwim","online","malware_download","elf","https://urlhaus.abuse.ch/url/90962/"
 "90960","2018-12-07 04:17:03","http://46.29.167.53/LOVE.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/90960/"
 "90961","2018-12-07 04:17:03","http://46.29.167.53/nedxim","online","malware_download","elf","https://urlhaus.abuse.ch/url/90961/"
@@ -22482,7 +22807,6 @@
 "90799","2018-12-07 01:14:02","http://165.227.161.153/i586","offline","malware_download","elf","https://urlhaus.abuse.ch/url/90799/"
 "90797","2018-12-07 01:13:02","http://165.227.161.153/armv6l","offline","malware_download","elf","https://urlhaus.abuse.ch/url/90797/"
 "90795","2018-12-07 01:00:54","http://www.pentaworkspace.com/FILE/En_us/Question/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90795/"
-"90796","2018-12-07 01:00:54","https://linkprotect.cudasvc.com/url?a=http://oolag.com/Dec2018/EN_en/Sales-Invoice&c=E1EXvBAyDhP9CxnqIg3IhOnbrC5_1HdvEbEFvwOCsg9aX0_SIobL6lPTUbuLg-k8vBI6neH9YSrZXsr-AllE9ObYsK-3o5fG5-ElufEqAFnIlPEy9stfM3IbnF&typo=1","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/90796/"
 "90793","2018-12-07 01:00:52","http://www.atyarisix.com/FILE/En/Invoice-Number-02547","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/90793/"
 "90794","2018-12-07 01:00:52","http://www.mtcinteriordesign.co.uk/1lBoD4RlSseFZZWK7cpp/de/Privatkunden/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90794/"
 "90792","2018-12-07 01:00:43","http://vidaaderiva.com/doc/EN_en/686-47-584363-558-686-47-584363-250","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90792/"
@@ -22528,7 +22852,6 @@
 "90752","2018-12-07 00:58:09","http://article.suipianny.com/aNHjoLVmmlL/SEPA/Firmenkunden/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90752/"
 "90751","2018-12-07 00:58:07","http://adap.davaocity.gov.ph/wp-content/Document/En_us/Invoice-for-p/k-12/05/2018/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90751/"
 "90750","2018-12-07 00:58:04","http://2feet4paws.ae/files/En_us/Invoice-for-y/x-12/05/2018/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90750/"
-"90749","2018-12-07 00:53:53","https://u2434969.ct.sendgrid.net/wf/click?upn=bQBUTNrQctknz8Qc17J1vKTRQzIApUU-2FmmaO3x7-2F2HpBIyoS4PQoYmHqPhMJ7GUzTjMWtfmbKk0IpF-2FqCd6zXicTWqRfKAZouTntjNrzVc-2BAwAlJk4PQDKl1KhAVtgJF_XWrA4W-2FcfjIvfrKT48znHYZqmNIfT6vDMczmtSp637fP2vKr27ffScoJ9cBmnBHaF-2FbTL2HJayQgHOX6jCwJMy-2BX7QjI2IXRSze3NFG0hpyeJxTqTehbmMfnl71LB-2FCGowNDrlMyGPwFhGJ0PJ9leLXZKfRqZjJYJ7ZPV7TCAHJoC11auZ6VDjmAEX24xUX4DL0ncYZdd4ob8edWhRO8TD-2F99l4eAttnySwMY78-2FNYc-3D","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90749/"
 "90748","2018-12-07 00:53:51","http://zoracle.com/Download/EN_en/4-Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90748/"
 "90747","2018-12-07 00:53:50","http://zoox.com.br/default/En_us/Invoice-4021236-December","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90747/"
 "90746","2018-12-07 00:53:48","http://yhcts.com/Internal-Revenue-Service-Online/Tax-Account-Transcript/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/90746/"
@@ -22766,7 +23089,6 @@
 "90514","2018-12-06 21:40:19","http://simplesites.ws/IRS/Internal-Revenue-Service-Online-Center/Wage-and-Income-Transcript/12062018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90514/"
 "90513","2018-12-06 21:40:17","http://ieema.com.br/xerox/US/Need-to-send-the-attachment","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90513/"
 "90512","2018-12-06 21:40:16","http://labersa.com/IRS.GOV/IRS.gov/Record-of-Account-Transcript/12062018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90512/"
-"90511","2018-12-06 21:40:11","https://linkprotect.cudasvc.com/url?a=http://oolag.com/Dec2018/EN_en/Sales-Invoice&c=E,1,EXvBAyDhP9CxnqIg3IhOnbrC5_1HdvEbEFvwOCsg9aX0_SIobL6lPTUbuLg-k8vBI6neH9YSrZXsr-AllE9ObYsK-3o5fG5-ElufEqAFnIlPEy9stfM3IbnF&typo=1","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90511/"
 "90510","2018-12-06 21:40:09","http://colpomed.com/LLC/US/Past-Due-Invoice","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90510/"
 "90509","2018-12-06 21:40:07","http://namapak.com/Document/EN_en/Important-Please-Read","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90509/"
 "90508","2018-12-06 21:40:05","http://ptgut.co.id/doc/En/Scan","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90508/"
@@ -22978,7 +23300,6 @@
 "90301","2018-12-06 16:14:28","http://swonger.com/Dec2018/US_us/Invoice-for-x/j-12/06/2018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90301/"
 "90300","2018-12-06 16:14:26","http://smashboxband.co.nz/IRS.GOV/IRS-Transcript-treasury-gov/Record-of-Account-Transcript/12062018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90300/"
 "90299","2018-12-06 16:14:21","http://slittlefield.com/LLC/US_us/Need-to-send-the-attachment","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90299/"
-"90298","2018-12-06 16:14:18","https://u5204810.ct.sendgrid.net/wf/click?upn=ltHXhBM9kB2XhALAc9j-2F3quQAzJoT-2FQxy7TVWvQtPwbLfUS-2FJV4jKePABDyiTjRP6zyHTsnhkGKqNuzAlcefvJPfvd7yZpPkunvMVRqXMhI-3D_hmIxNMeUeKq1PNSKRTOoakSchDfSP9L23oImV9X3oPN3NIRxpqbtgknpHsJ1FZblpv74IsXROXy9kdspvflujP5gyGW5oXO-2BeygSYXu54eX5F8AhhWnNMFntHbkimeoz5D8XS0c5-2FO7qRl2ECjnO-2BX7BCnqTznODMoUSmCj6BL1gUHz3ebeQhBw2xlB28FFaxFDr3bkmJTqGhjyNWCXS-2BqLBvltSl8ebOd-2F-2FO2axyUE-3D","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90298/"
 "90297","2018-12-06 16:14:16","http://spazioyoga.it/scan/En_us/Invoice-Corrections-for-37/56","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90297/"
 "90296","2018-12-06 16:14:15","http://real-websolutions.nl/scan/En/Outstanding-Invoices","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90296/"
 "90295","2018-12-06 16:14:14","http://craftww.pl/I1Db12jC","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90295/"
@@ -23288,11 +23609,6 @@
 "89989","2018-12-06 03:13:09","http://nexigar.com/wp-includes/En_us/Documents/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/89989/"
 "89988","2018-12-06 03:13:04","http://johnscevolaseo.com/US/Details/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/89988/"
 "89987","2018-12-06 02:53:04","https://doc-04-68-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/3vrf93rn5ju0qphbeeur86lu8bnb6u0d/1544054400000/05984462313861663074/*/1hjwBp373fLBahNbV7-Zx0S9ZnHRLrtEl","offline","malware_download","exe","https://urlhaus.abuse.ch/url/89987/"
-"89986","2018-12-06 01:36:02","https://u6570127.ct.sendgrid.net/wf/click?upn=ZxL4V5EXfnzfjD0hkwJ62DYNaSxfadBWgJ26xF2ckXqfNM81EwLhS643Mbe5k5paS-2Ba-2FE-2BkYcVPGEeYCruh-2B8Q-3D-3D_qa2Cw-2FbVqT6m9sYtApm9lH6FkgB1zq0vbp2hBFNDNzjjja6DNBey4djmLopkGjebyWX-2FCls2DxFY6AfEaLMFD9tF3Cpdp3eZeAh1Bi8mn-2B-2F3jTxWS-2BMZbKn3i81dTj1tkNIDXVqwGvsm-2BjQ8Kfb4OZKZYgQEI-2FNSERmJftAcwb24Vt0U4tgQ2ACxun1YsLYZrWmG2LNkHaPZqV8ZbZzbMhpql7Pk4HBPPgxS0ce4J7s-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/89986/"
-"89985","2018-12-06 01:36:01","https://u6570127.ct.sendgrid.net/wf/click?upn=ZxL4V5EXfnzfjD0hkwJ62DYNaSxfadBWgJ26xF2ckXqfNM81EwLhS643Mbe5k5paS-2Ba-2FE-2BkYcVPGEeYCruh-2B8Q-3D-3D_qa2Cw-2FbVqT6m9sYtApm9lH6FkgB1zq0vbp2hBFNDNzjjja6DNBey4djmLopkGjebAbPSGiDsyFuAtoRMVlZdLhBCITBydE11C0IprVdQsmQpkT6PA50kEOcRVXQ-2BCXk-2F8tN9gy3PfwJMHjOieWCHVVNgY8uU7Wz3vqm83VcaIPjt26bkynWBaAa2qKsZF7Cuy6apQv-2BNJPEztnuY16tO3GPLFOHvsQWdA52VaxW-2FMRo-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/89985/"
-"89984","2018-12-06 01:36:00","https://u6570127.ct.sendgrid.net/wf/click?upn=ZxL4V5EXfnzfjD0hkwJ62DYNaSxfadBWgJ26xF2ckXqfNM81EwLhS643Mbe5k5paS-2Ba-2FE-2BkYcVPGEeYCruh-2B8Q-3D-3D_qa2Cw-2FbVqT6m9sYtApm9lH6FkgB1zq0vbp2hBFNDNzjjja6DNBey4djmLopkGjeb5Hi-2BpGYZIAmKZ7Vu-2BxUU7-2BVBfcrMxy07qOopNzmpH1dB6bsYQZoVv55KG2Kmz4lrbdt-2BlZ8-2Fgg5wSGV5gT38IHcTJpdhi8jqWNhrwTCTgv8H-2BYU9-2Bf9VC1EiWarStDfmPJxlZ5SYarW08cAH65RfuLJnzrHJBnPPM5pUiNYH7w8-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/89984/"
-"89983","2018-12-06 01:35:58","https://u5643427.ct.sendgrid.net/wf/click?upn=HKyuAfMJyU2AQqvvV9ELYj2nC1XVAJznAW9e8N0B5b-2BeTRQsW1n-2BiH2R1aUruIA8mK9ZR6ur4Uxi13jmo4JDJA-3D-3D_1bTqve52XLz7DbbOhDPOC43qH7o4-2BkwiRPLisczbot2crKLJGW8p3-2Binll88FM2nZh3eMvTwXkpbaAc1kcz-2FNozi0RNlSOvRL4HygYO9Ak4-2BFMu0l5eTC0dkjahons3K-2FY2ijf9GiJDBljyk0WyF99kUPEN2l0TAUbmp2W9yjor0S8z1oZ7-2BBkFweKHx1pw9jMmYR-2B12KQz4YKYY-2FxqyENiV6S70Z4uJ3PR4CPdk9HI-3D","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/89983/"
-"89982","2018-12-06 01:35:57","https://u3968303.ct.sendgrid.net/wf/click?upn=kxZFy3Wah1cf0dL-2BqCCdri3KurgkHGFriikkWuDMsoLbs9NR0hOo4qeN7RK-2Bv9nXjURb5r3cBeorkvXPcSzQKA-3D-3D_fgdfEHDCI143B5MiSZvxuzAHzzsOxYtsHF-2F27Z-2FtTNLacsjrTGIkzJNf6FlYc5Vzv6m8jm6a9-2F8c7x6XiyjEFRUDFmxh4xKuF8sifr6fm89oKZe4hm9y6cjdlMKRLXy76fwDIIwQxt8unkhgt6yKOe2y7r9rvZjNWrSaSaeAug3iXC0PcNDHSvfTeJY-2Fggqaqtj4nh9nCxsJXpSmh7eaqh51Hi6-2FOUQnaH2EZzNrUWg-3D","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/89982/"
 "89981","2018-12-06 01:35:55","http://thestylistonline.com/En_us/Information/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/89981/"
 "89980","2018-12-06 01:35:54","http://thedars.co.uk/US/Transactions-details/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/89980/"
 "89979","2018-12-06 01:35:53","http://symbisystems.com/En_us/Transactions/12_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/89979/"
@@ -23506,7 +23822,6 @@
 "89771","2018-12-05 23:43:27","http://rossadamsshop.com/EN_US/Documents/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89771/"
 "89770","2018-12-05 23:43:25","http://cherdavis.com/En_us/Transactions/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89770/"
 "89769","2018-12-05 23:43:23","http://realtimetelecoms.co.uk/En_us/Transaction_details/122018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89769/"
-"89768","2018-12-05 23:43:22","https://u3968303.ct.sendgrid.net/wf/click?upn=iPVWLeorhrQoj5Uano1QnRkihjb0-2Fxw-2FkNDgcW04qfiye10XJCzt-2BmKJC0B-2FIk4NbE11fLPRI9cXnPdT-2FIXS9Q-3D-3D_DU3xTw-2BiQKPsWzxsjpWGeBif2IVL78t8CJqVf7M1D4GQzYkL5ui9Bo4Dmn-2Bjyqa4Z6uIpYUxn7GZpFdxfwDF-2BVo7fxGuALpXnfv0VJ388FIx0hcWhCW52uyJ1QyqxZzGxa3chtt-2B8xazkYPPGN5MRRn598CGilQ78Cxy870J-2B-2BP4vXomz8TFyVU7PKgVEtRpiSW-2BZ9Aw9J6FE3Hfi9LVX4-2F4KZ3eCc-2FnjhXhikAi8gY-3D","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89768/"
 "89767","2018-12-05 23:43:20","http://micromidi.net/En_us/Payments/122018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89767/"
 "89766","2018-12-05 23:43:19","http://thedars.co.uk/US/Transactions-details/12_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89766/"
 "89765","2018-12-05 23:43:17","https://url.emailprotection.link/?a_T4vl4N_PkTfC_HaiVltqsYxCQSE4d98MWYMs1dJHLT4JxwAokMWwXGU9GBTGuKk81fmlPT4rI7S0g07L5_nyCHIo68xfubqhhL-zNMYzakCdud2pPXN_H21n7qT6I4L","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89765/"
@@ -23584,8 +23899,6 @@
 "89693","2018-12-05 20:48:25","http://sobontoro.magetan.go.id/EN_US/Clients_Messages/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89693/"
 "89692","2018-12-05 20:48:08","http://casadeigarei.com/US/Transactions-details/12_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89692/"
 "89691","2018-12-05 20:48:07","http://35.227.184.106/EN_US/Messages/122018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89691/"
-"89690","2018-12-05 20:48:05","https://u5643427.ct.sendgrid.net/wf/click?upn=UUgzBDiqmdg1g-2BDsvpyOMsVjXqnqQH2jk65bUXowZ-2FsNWElKSlq0XiAJHWSr0Kyp4KVRGajAJMEgkZAAOB-2BGjA-3D-3D_Hq3ZQy3sk-2B-2BpmgtfQFcV7CO8vPtwwT-2FCKUBFftRCqVEv05feC8gxgp9XO7E3eOoMzne4fM2hQ0EmvrFTzcW5kE4PA60l6gU26ko86-2BIEguciGTV930qlRRl-2B8iMio-2BK00gpJy7pO1u0cLkA7a1t7UBNnfwTkw1Z9EClNZEW2evStshqk37QC21ldJbEIC5miEFU381r7HjCvmxC75Vi-2BNnpto2JbpFXrPvB5XnAqGSU-3D","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89690/"
-"89689","2018-12-05 20:48:02","https://u6570127.ct.sendgrid.net/wf/click?upn=ksl7cE-2F3BHHMoiIxNGFJWT-2B6t4PfV7XduNjNZ-2BDDFUHqo-2BysmQ-2FCiUogbW-2BSyitQNCkJirICsc5u-2FpgdgO35Sw-3D-3D_GNnPkJalgkEpe7D7Qaq3CjbJEZ6wqHKqBi8LcwQvwl7N7BwuZ-2FYgWsyYXBS0ytO7L1PNohsDAZidGDUxX3VYg0ZSt9g3-2BzbmKG63HFyiJrI4jUQ-2Bfgm1GEDv2OhPu3S5hwQvitbzgyDNtHwjT4X0jFuJfawUgJQ0TCnd-2FPWa9A0gGlmJzgJz1CeeHzal6T-2BEVXjfuO69AF6PPX485vqTGgZA2RqhizRzp9b3KbxNh2YiyV-2BiuFReGC691seh9se3","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89689/"
 "89688","2018-12-05 20:45:12","http://ngayhoivieclam.uet.vnu.edu.vn/wp-content/sites/EN_en/Paid-Invoices/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/89688/"
 "89687","2018-12-05 20:45:09","http://mandrillapp.com/track/click/30505209/acoola.band?p=eyJzIjoiblpLV1MzZk5YX2hTalJzdWRqbExHSWM1eUQ0IiwidiI6MSwicCI6IntcInVcIjozMDUwNTIwOSxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvYWNvb2xhLmJhbmRcXFwvRGVjMjAxOFxcXC9Fbl91c1xcXC9TZXJ2aWNlLUludm9pY2VcIixcImlkXCI6XCIzY2EwYzEzN2QwODY0NjhlOTRlYTQ1NWFhMmY0ZTFmZlwiLFwidXJsX2lkc1wiOltcImQ2NjcwZWEzOTFlZTU4YjdhZDExY2RjMjQxNmJkMzE4ODViYjExZWVcIl19In0","offline","malware_download","doc","https://urlhaus.abuse.ch/url/89687/"
 "89686","2018-12-05 20:45:06","http://namminhmedia.vn/Download/EN_en/Invoice-for-q/w-12/05/2018","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/89686/"
@@ -23624,25 +23937,19 @@
 "89653","2018-12-05 19:44:17","http://46.101.141.155/bins/thefedsarechumps.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/89653/"
 "89652","2018-12-05 19:44:17","http://46.101.141.155/bins/thefedsarechumps.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/89652/"
 "89651","2018-12-05 19:44:16","http://enfermerialearning.com/EN_US/Clients_transactions/122018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89651/"
-"89650","2018-12-05 19:44:15","https://u6570127.ct.sendgrid.net/wf/click?upn=cBNEPLL-2BxVnTqpFCXNxeWMHUvfHA1frkMOS3c5iO4BuarnHjj6pdGEpU08KoQ2H3ZkScWHl6UWxYQOVPsqFQpgLR9L3QqbqCmiZC-2F8X9Cww-3D_MgO0wggyPA2OLUwN0dEvFTjgYpnlwF-2BhSLA105qdKu5iaJF-2BI4zB25-2BUy8IlTKyxvYGj6cmhgVx9UJHya5d7TexDCa3sNc7Xd1jGhUDbaEsZU2ug1AQlHrq0-2FA50TonmalwYPb1u2-2BTFw1KMUPhj7nCsIKMaeXLu3Zr-2Bi-2BK70XKn420fOkphRDiATU6Y3TfZ0Kku5KCgeqATi8vTNtG9fnBqfW-2BFh2kXwxWxAmHImIwgtZEk0Dn2vTJcSITJaf6Z","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89650/"
 "89649","2018-12-05 19:44:13","http://mygreenconsult.co.ke/EN_US/Documents/12_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89649/"
 "89648","2018-12-05 19:44:11","http://firstclassflooring.ca/EN_US/Clients_transactions/122018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89648/"
 "89647","2018-12-05 19:44:10","http://khdmatk.com/En_us/Messages/12_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89647/"
-"89646","2018-12-05 19:44:09","https://u6570127.ct.sendgrid.net/wf/click?upn=ZxL4V5EXfnzfjD0hkwJ62HSNVh2wzy1co5qiqmdJ02psR4PuRfBz6OVDOuKHFeSxOKFc8NdFrLOum-2FTnaCl7j7Hye-2BW2PXW-2FvSlffTlyg68-3D_W77bTy6YRdHySgTK0Dy8RcbehGL3S7cYycA5LjVvj3Crpy-2FPCQFrwb2UETZ95T0Pxsn76VRiSuVKzUSrkdLVPV3WRjyPnJUYm8Wjr4kI2VNMKH5JdYQOmB2eeyx6TyaEljkl11SY0KoNVNs3MvSDyarOAnoUAV-2Bs-2Bx9liKLXA46sjKuB41eAOp1euRGwfXFSMcOIhJYNLXJX2odZcVfti8QwH11DnwJiHGtih8eZyFI-3D","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89646/"
 "89645","2018-12-05 19:44:07","http://catairdrones.com/EN_US/Messages/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89645/"
-"89644","2018-12-05 19:44:05","https://u6570127.ct.sendgrid.net/wf/click?upn=D5s5Uh9mgN6Obx3OYZYlIwxys-2BL5b2Vh6R791wDGg34isN8f3PKOFnsjFwqas-2BpgxJsXU0AOLzojGgH2cnAMDRK8ln4te-2FgK3n9Nhyn-2FaMs-3D_RcgrBcNUEZNWnGUB3K7kFCqoeD8sJ9LPgMGJco3oXypHIc5fesrXluHzqXOAevb2E1-2BlvbmyF-2F-2F6bldNVT2AfQEC-2FPrSG7T1Qh0IqRM4BIdVEe7LBVrctrHhqk2zgQ0sQX-2FlA220QtPUHckPc7fEEYIO5FEiQaMf0BMW8Bz8TN-2BdAJ-2BYTC3rHNW0VlMBuuK6tuV795Dq-2F6fjfn7Dv-2B75OfOC9GwroN75okZCAdYnEGo-3D","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89644/"
 "89643","2018-12-05 19:44:04","http://qd1.com.br/US/Documents/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89643/"
 "89642","2018-12-05 19:43:33","http://wp.xn--3bs198fche.com/US/Transactions/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89642/"
 "89641","2018-12-05 19:43:31","http://casadegracia.com/US/Details/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89641/"
 "89640","2018-12-05 19:43:28","http://lacteosarlanzon.com/EN_US/Documents/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89640/"
 "89639","2018-12-05 19:43:28","http://nejc.sors.si/En_us/Documents/12_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89639/"
-"89638","2018-12-05 19:43:26","https://u6570127.ct.sendgrid.net/wf/click?upn=D5s5Uh9mgN6Obx3OYZYlIwxys-2BL5b2Vh6R791wDGg34isN8f3PKOFnsjFwqas-2BpgxJsXU0AOLzojGgH2cnAMDRK8ln4te-2FgK3n9Nhyn-2FaMs-3D_RcgrBcNUEZNWnGUB3K7kFCqoeD8sJ9LPgMGJco3oXypHIc5fesrXluHzqXOAevb2E1-2BlvbmyF-2F-2F6bldNVT2Afa2ynX2hLV-2BoY7JQSNsg7GOVqqLHxCr2KCdHP8-2Fh4SzR-2BuvwPaGG06g1YjJ7TUsXIrMNPcR3O59zqmKmPCxfnJaeZ95eJFu-2Bh3BBkirGW8TJ-2Fz6jA5nsi7RBMmzF9kdufIpZ9e2NXGXjjXwDNHAZWSA-3D","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89638/"
 "89637","2018-12-05 19:43:24","http://dbwsweb.com/launchers/US/ACH/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89637/"
-"89636","2018-12-05 19:43:20","https://u3968303.ct.sendgrid.net/wf/click?upn=o274mEktKBE9ilPdbQuF2cQM9s9RbydIoVqIsd3qzeggEwE-2FP676C4HE9t6kW8dARdFEZCsTmGit1PXE7c5OIg-3D-3D_96S3w2pviBg7DWVUwo6uyg3-2FadO6tlvEJt4b1gsXsDEGuhFOkGrC9-2FYt5q54MPNhCW8M6cQDD7jmM-2Bp-2B0roHJZ-2FYuc4vRVTGK-2BWtSWgWy7mK3doXuJfS9-2FScXVYKh-2BwiOrU-2FIGBNQR29AO1kgwgGYWQnp2dN7NSkI24JLgUM25sS9KlyLsEOIg9G0B-2Fgqg0Vlm4r6C5trygBJBXuWPkf9SYhELC8xd2mkcTbLcHWHAZFwX3qBBuuHOtRkwZ5-2FPKX","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89636/"
 "89635","2018-12-05 19:43:18","http://haufo.org.vn/EN_US/Clients/2018-12","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/89635/"
 "89634","2018-12-05 19:43:15","http://newwrap.kompass.co.kr/US/Clients_transactions/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89634/"
 "89633","2018-12-05 19:43:09","http://gymfa.ir/wp-includes/EN_US/Clients_transactions/12_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89633/"
-"89632","2018-12-05 19:43:08","https://u6570127.ct.sendgrid.net/wf/click?upn=bMRtqVB0unw8hX-2BcuvF93yZYNukbpdPW91OA6Mb-2B9xPELlhqP4sErNhBcz8l2NrgBWEfjEVJEgafd8fe-2BJm6Sg-3D-3D_jsUCg7S0pnhfjDN1ZyIwvi-2FTGyvCZSXy-2F8gGXtj2y24hBY-2BvnU2QtXQ-2FjmRcYJLal779wpJS2elBaP3ALcnvDBhprSjQkMHZjfMWnHRCmjEWIoFhFhZPvrlrHlwCaOwal8i5pEeCiGOKrNdV8Ct2cckBjqGj2-2FhW0cnW9CQhZnBTddHb2oVpYqNKON10f4bE33meC1AnyoZQ1uXPLJvaSssNjDjtAonQ7NNfdMsGZCY-3D","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89632/"
 "89631","2018-12-05 19:43:06","http://mythpolitics.com/US/Clients_information/2018-12","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89631/"
 "89630","2018-12-05 19:43:05","http://mynewwebsite.ml/EN_US/Clients/12_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89630/"
 "89629","2018-12-05 19:43:03","http://natalyasanarova.ru/En_us/Documents/12_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89629/"
@@ -23825,7 +24132,7 @@
 "89452","2018-12-05 15:17:07","http://bestbnbnepal.com/En_us/Documents/122018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/89452/"
 "89451","2018-12-05 15:17:05","http://bqre.xyz/EN_US/Attachments/122018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/89451/"
 "89450","2018-12-05 15:17:02","http://bwconsultants.co.uk/US/Transactions-details/12_18","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/89450/"
-"89449","2018-12-05 14:50:04","http://14.39.241.60:31957/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/89449/"
+"89449","2018-12-05 14:50:04","http://14.39.241.60:31957/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/89449/"
 "89448","2018-12-05 14:49:06","http://tornelements.com/En_us/Documents/12_18/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/89448/"
 "89447","2018-12-05 14:49:03","http://gonorthhalifax.com/En_us/Payments/2018-12/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/89447/"
 "89446","2018-12-05 14:45:07","http://ericleventhal.com/vOu","online","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/89446/"
@@ -24086,8 +24393,6 @@
 "89191","2018-12-05 06:40:04","http://icaninfotech.com/vyMc0pgx/","offline","malware_download","heodo,emotet,exe","https://urlhaus.abuse.ch/url/89191/"
 "89190","2018-12-05 06:40:03","http://enginesofmischief.com/s9F9LmE7J/","offline","malware_download","heodo,emotet,exe","https://urlhaus.abuse.ch/url/89190/"
 "89189","2018-12-05 06:31:17","https://www.vdvlugt.org/UJXLQT2997047/Rechnungs-docs/FORM/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/89189/"
-"89188","2018-12-05 06:31:15","https://u6324807.ct.sendgrid.net/wf/click?upn=ly7UXgXaeimPbZsgG0IGfA4Gp-2F0y2BjEz71uop0ADWm4sJj9VLAfeMZqrCigJ9zhACm8gfoEwj7H9C1fHOnN1gahdVghjKXeSnhL0U07q7m7TUiPv-2F99LLgd7S97lZRP_AO5cZBV72ZdqzJJf8-2F84EljVPBh6lSVyw5gtTUjsuV3fr2rbxgW69kp3KVS2vQoWtrHEi7oMxrzOdFESfRJ6dI1U7Cq7150wR7vovormd3jxjHb1WzL7IBccXFT4Agi3xQp-2BMoa3l9S2teVA5Qr0b4Pm8U5z-2B2t9Y16k1glzbn8EXavh-2FCpknlYMRYyU-2FG4ouSLnHHY1sbBleX65jKydaiJW-2FAgdtSQrUpJiOS3VPBA-3","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/89188/"
-"89187","2018-12-05 06:31:14","https://linkprotect.cudasvc.com/url?a=http://jjtphoto.com/scan/En/Paid-Invoice-Credit-Card-Receipt&c=E1kdscu_HtZUKrwdqG6JtlMHpCotINShSNi9rsD0PAS48TwGCMDvBq_Rt4pnC7A7Flr2w8Gd5oaYq6uppJ4cAo4itbtg08zCkapgjMpgnKTYBUeJk2k_VqSA&typo=1","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/89187/"
 "89186","2018-12-05 06:31:12","https://customedia.es/MefIQTWSID/DE/Service-Center/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/89186/"
 "89185","2018-12-05 06:31:11","http://zoox.com.br/scan/En/Sales-Invoice","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/89185/"
 "89184","2018-12-05 06:31:07","http://ziplabs.com.au/scan/En_us/Past-Due-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/89184/"
@@ -24252,9 +24557,8 @@
 "89025","2018-12-04 22:45:09","http://artst12345.nichost.ru/scan/US_us/ACH-form","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/89025/"
 "89024","2018-12-04 22:45:08","http://ptgut.co.id/Corporation/EN_en/999-88-805311-816-999-88-805311-384","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/89024/"
 "89023","2018-12-04 22:45:06","http://bratech.co.jp/lpo/m/mfp/tmp/doc/En_us/Invoice-for-you","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/89023/"
-"89022","2018-12-04 22:45:03","https://linkprotect.cudasvc.com/url?a=http://jjtphoto.com/scan/En/Paid-Invoice-Credit-Card-Receipt&c=E","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/89022/"
 "89021","2018-12-04 22:36:05","http://ars-internationals.com/INFO/EN_en/Invoice-7592660","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/89021/"
-"89020","2018-12-04 22:20:18","http://a.xiazai163.com/down/cyspysrj_itmop.com.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/89020/"
+"89020","2018-12-04 22:20:18","http://a.xiazai163.com/down/cyspysrj_itmop.com.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/89020/"
 "89019","2018-12-04 22:20:07","http://jaylonimpex.com/LAYEDED/hush/ASKJHGFGHJ.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/89019/"
 "89018","2018-12-04 22:20:04","http://franceslin.com/xerox/En_us/Past-Due-Invoices/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/89018/"
 "89017","2018-12-04 22:05:26","http://jaylonimpex.com/LAYEDED/hush/KKKAMM.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/89017/"
@@ -24297,7 +24601,6 @@
 "88980","2018-12-04 19:56:10","http://momentsindigital.com/Dec2018/En_us/Overdue-payment","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/88980/"
 "88979","2018-12-04 19:56:08","http://johnnycrap.com/doc/En_us/Paid-Invoices","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88979/"
 "88978","2018-12-04 19:56:05","http://jjtphoto.com/scan/En/Paid-Invoice-Credit-Card-Receipt","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88978/"
-"88977","2018-12-04 19:56:04","https://linkprotect.cudasvc.com/url?a=http://jjtphoto.com/scan/En/Paid-Invoice-Credit-Card-Receipt&c=E,1,kdscu_HtZUKrwdqG6JtlMHpCotINShSNi9rsD0PAS48TwGCMDvBq_Rt4pnC7A7Flr2w8Gd5oaYq6uppJ4cAo4itbtg08zCkapgjMpgnKTYBUeJk2k_VqSA,,&typo=1","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88977/"
 "88976","2018-12-04 19:26:03","http://opfers.com/tskmgr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88976/"
 "88975","2018-12-04 19:26:02","http://www.vanmook.net/Download/US/Outstanding-Invoices/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88975/"
 "88974","2018-12-04 19:25:07","http://opfers.com/svchost.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88974/"
@@ -24329,26 +24632,25 @@
 "88948","2018-12-04 16:21:25","http://rosegreenstein.com/wp-includes/customize/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/88948/"
 "88947","2018-12-04 16:21:24","http://heargear.net/templates/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/88947/"
 "88946","2018-12-04 16:21:22","http://adm-architecture.com/adm/wp-includes/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/88946/"
-"88945","2018-12-04 16:21:20","http://todoemergencias.cl/wp-includes/3","online","malware_download","None","https://urlhaus.abuse.ch/url/88945/"
+"88945","2018-12-04 16:21:20","http://todoemergencias.cl/wp-includes/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/88945/"
 "88944","2018-12-04 16:21:18","http://accidentalpodcast.com/wp-content/plugins/site-is-offline-plugin/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/88944/"
 "88943","2018-12-04 16:21:17","http://rosegreenstein.com/wp-includes/customize/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/88943/"
 "88942","2018-12-04 16:21:16","http://heargear.net/templates/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/88942/"
 "88941","2018-12-04 16:21:14","http://adm-architecture.com/adm/wp-includes/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/88941/"
-"88940","2018-12-04 16:21:13","http://todoemergencias.cl/wp-includes/2","online","malware_download","None","https://urlhaus.abuse.ch/url/88940/"
+"88940","2018-12-04 16:21:13","http://todoemergencias.cl/wp-includes/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/88940/"
 "88939","2018-12-04 16:21:11","http://accidentalpodcast.com/wp-content/plugins/site-is-offline-plugin/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/88939/"
 "88938","2018-12-04 16:21:09","http://rosegreenstein.com/wp-includes/customize/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/88938/"
 "88937","2018-12-04 16:21:07","http://heargear.net/templates/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/88937/"
 "88936","2018-12-04 16:21:06","http://adm-architecture.com/adm/wp-includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/88936/"
-"88935","2018-12-04 16:21:04","http://todoemergencias.cl/wp-includes/1","online","malware_download","None","https://urlhaus.abuse.ch/url/88935/"
+"88935","2018-12-04 16:21:04","http://todoemergencias.cl/wp-includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/88935/"
 "88934","2018-12-04 16:18:04","https://uc044f089fca30a4500f010fe9f7.dl.dropboxusercontent.com/cd/0/get/AW0QUx-Y0RlokougRr7na_ot8_QawODfHRUJdllLj_GxT97BiF-YP_OH4Ei1pZdo3LlUM-hyzbwCbgUaU8jNJ6nmAx3lFu56aLkqmXBwsC0unUrPoEF5IaeIIxzocS4b3MzyQqSHQbHUywt25PHDo6uI5_q5VnZ-Ja2D71_G2aTp8KEHnwOFLjd946npY3O0Wts/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88934/"
 "88933","2018-12-04 16:17:03","https://doc-14-68-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7lp6slpi70vcbanuoecgaii2jppa9e16/1543932000000/05984462313861663074/*/1D2FshgkX_LYk4sZOfY_tnKfG3aPSBxk2","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88933/"
 "88932","2018-12-04 16:17:02","https://doc-0g-68-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p6lhm45caimjiqmre29grmvnegamdsj3/1543932000000/05984462313861663074/*/131ljYAzj77SJQi8K_Stvz-951tHDmnH9","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88932/"
 "88931","2018-12-04 16:12:06","http://denisewyatt.com/CXSDSXV2476722/DE_de/Zahlungserinnerung","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88931/"
-"88930","2018-12-04 16:12:04","https://u6324807.ct.sendgrid.net/wf/click?upn=ly7UXgXaeimPbZsgG0IGfA4Gp-2F0y2BjEz71uop0ADWm4sJj9VLAfeMZqrCigJ9zhACm8gfoEwj7H9C1fHOnN1gahdVghjKXeSnhL0U07q7m7TUiPv-2F99LLgd7S97lZRP_AO5cZBV72ZdqzJJf8-2F84EljVPBh6lSVyw5gtTUjsuV3fr2rbxgW69kp3KVS2vQoWtrHEi7oMxrzOdFESfRJ6dI1U7Cq7150wR7vovormd3jxjHb1WzL7IBccXFT4Agi3xQp-2BMoa3l9S2teVA5Qr0b4Pm8U5z-2B2t9Y16k1glzbn8EXavh-2FCpknlYMRYyU-2FG4ouSLnHHY1sbBleX65jKydaiJW-2FAgdtSQrUpJiOS3VPBA-3D","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88930/"
 "88929","2018-12-04 16:11:04","http://vcube-vvp.com/0Tfl6UZQ","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/88929/"
 "88928","2018-12-04 16:00:03","http://tom-steed.com/3708605SRQOW/PAY/Smallbusiness","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88928/"
 "88927","2018-12-04 15:59:11","https://f.coka.la/GXEACu.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88927/"
-"88926","2018-12-04 15:59:10","http://a.xiazai163.com/down/ghojingxianganzhuangqiwin10_itmop.com.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/88926/"
+"88926","2018-12-04 15:59:10","http://a.xiazai163.com/down/ghojingxianganzhuangqiwin10_itmop.com.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88926/"
 "88925","2018-12-04 15:59:02","https://f.coka.la/3vnnZy.jpg","offline","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/88925/"
 "88924","2018-12-04 15:45:40","https://ruforum.uonbi.ac.ke/wp-content/uploads/8A/PAY/Commercial/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88924/"
 "88923","2018-12-04 15:45:38","http://bemsar.tevci.org/files/Scan/DETAILS/Rech-IES-22-82270/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88923/"
@@ -24962,7 +25264,6 @@
 "88312","2018-12-03 15:15:28","http://ghoulash.com/RWNTFUJNZ4562177/gescanntes-Dokument/RECHNUNG","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88312/"
 "88311","2018-12-03 15:15:26","http://weresolve.ca/xerox/En/Open-invoices","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88311/"
 "88310","2018-12-03 15:15:24","http://turulawfirm.com/INFO/US_us/471-83-650909-830-471-83-650909-334/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88310/"
-"88309","2018-12-03 15:15:23","https://linkprotect.cudasvc.com/url?a=http://laparomag.ru/LLC/EN_en/Need-to-send-the-attachment&c=E,1,mhgfP1jwg2D8Qf8B-olxwiHgYvFukgtmofwE6E8xIbXONHrdcYlaBaOwXwBugdt_6MX_lffEo24fvRnkbuvBdT6spuGzlEnHK40fSoXUZpSPx2qYFG8,&typo=1","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/88309/"
 "88308","2018-12-03 15:15:22","http://cosmoservicios.cl/FILE/En_us/Invoice-for-f/b-12/01/2018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88308/"
 "88307","2018-12-03 15:15:19","http://starstonesoftware.com/LLC/US_us/Scan","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88307/"
 "88306","2018-12-03 15:15:16","http://barbararinella.com/RwbrDmKbSE/de/IhreSparkasse","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88306/"
@@ -25015,7 +25316,7 @@
 "88259","2018-12-03 14:13:04","http://niteccorp.com/z0wtfl4V","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/88259/"
 "88258","2018-12-03 14:13:03","http://omegagoodwin.com/Dj","offline","malware_download","emotet,exe,epoch2,heodo","https://urlhaus.abuse.ch/url/88258/"
 "88257","2018-12-03 14:10:02","http://715715.ru/sites/Bestellungen/DOC-Dokument/Rechnung-MN-64-04853/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88257/"
-"88256","2018-12-03 14:01:04","http://201.21.249.54:30464/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/88256/"
+"88256","2018-12-03 14:01:04","http://201.21.249.54:30464/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88256/"
 "88254","2018-12-03 13:50:09","http://2feet4paws.ae/zlDRRqIln/","offline","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/88254/"
 "88255","2018-12-03 13:50:09","http://carpinventosa.pt/Anv6ZJ3O/","offline","malware_download","exe,emotet,epoch1","https://urlhaus.abuse.ch/url/88255/"
 "88253","2018-12-03 13:50:07","http://www.kosses.nl/s7U7gvF/","offline","malware_download","exe,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/88253/"
@@ -25178,7 +25479,7 @@
 "88080","2018-12-03 01:44:04","http://cataract.ru/b/wiremoney.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88080/"
 "88079","2018-12-03 01:36:03","http://blog.gothicangelclothing.co.uk/89.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88079/"
 "88078","2018-12-03 01:08:09","http://198.44.250.45:8888/qqz","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88078/"
-"88077","2018-12-03 01:07:08","http://a.xiazai163.com/down/chuangyiQQliaotianjiluchakanqi_itmop.com.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/88077/"
+"88077","2018-12-03 01:07:08","http://a.xiazai163.com/down/chuangyiQQliaotianjiluchakanqi_itmop.com.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88077/"
 "88076","2018-12-03 01:06:05","http://snoopy64.000webhostapp.com/bypass.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88076/"
 "88075","2018-12-03 01:06:03","http://snoopy64.000webhostapp.com/update.zip","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/88075/"
 "88074","2018-12-03 00:56:05","http://188.166.59.85/bins/sora.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88074/"
@@ -25593,8 +25894,8 @@
 "87663","2018-11-30 21:17:10","https://www.fishingbigstore.com/addons/EN/CyberMonday2018/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/87663/"
 "87662","2018-11-30 21:17:07","http://www.progettopersianas.com.br/525WBOY/ACH/US","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/87662/"
 "87661","2018-11-30 21:00:03","http://bpaceramiche.it/log/nnkqtfycy.msi","offline","malware_download","msi","https://urlhaus.abuse.ch/url/87661/"
-"87660","2018-11-30 20:59:03","https://c.top4top.net/p_1055q1ssb1.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/87660/"
-"87659","2018-11-30 20:59:02","https://c.top4top.net/p_897ao4tp1.jpg","online","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/87659/"
+"87660","2018-11-30 20:59:03","https://c.top4top.net/p_1055q1ssb1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/87660/"
+"87659","2018-11-30 20:59:02","https://c.top4top.net/p_897ao4tp1.jpg","offline","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/87659/"
 "87658","2018-11-30 20:58:07","http://yourfunapps.ga/images/appimages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/87658/"
 "87657","2018-11-30 20:58:04","http://radugaru.com/templates/protostar/html/com_content/category/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/87657/"
 "87656","2018-11-30 20:36:21","http://casadeigarei.com/wwYoQ1isV","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/87656/"
@@ -26058,7 +26359,6 @@
 "87197","2018-11-30 03:49:46","http://sitemap.skybox1.com/xerox/En/Scan","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/87197/"
 "87196","2018-11-30 03:49:44","http://maipiu.com.ar/INFO/EN_en/Past-Due-Invoices","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/87196/"
 "87195","2018-11-30 03:49:41","http://miracle-house.ru/xerox/EN_en/Summit-Companies-Invoice-50143566","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/87195/"
-"87194","2018-11-30 03:49:40","https://u6324807.ct.sendgrid.net/wf/click?upn=c-2BRB98m73FhIst4xX6N7HyOIzKNDcGzyZwWv8B8us-2Bp4-2BVfGSlWtgBfSdBm-2FI1hSVjPcFlG6IiToO6W-2BsmYklA-3D-3D_mPjhUx-2BYnzRIHErlPE819USCyZx5ZNNkibyFZyqzBNDBT3cyS0ag5RTgnjkF57JNrgz-2FeTwMC9UO-2BEN6CMGEcAnP-2Fp-2Bix-2BiUhYjCzRlGo-2FjKcj4RbPwL-2BduN7qaD49dsaXozLlzWmpKUbRMfuyxhfLSNxkfJG6QRVlFZ2S0MlRK3Qpt57QjH-2F9e4k7-2Ft-2FTRzWCnOldOgBZUma5oF41ZHZB8UJjMFmukGdM-2BUBUn3rPA-3D","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/87194/"
 "87193","2018-11-30 03:49:37","http://divelop.nl/p1tugEEgLDCMrEE6/SEPA/Privatkunden>","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/87193/"
 "87192","2018-11-30 03:49:35","http://wessexproductions.co.uk/FILE/EN_en/Question","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/87192/"
 "87191","2018-11-30 03:49:33","http://telovox.com/En/Clients_CM_Coupons/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/87191/"
@@ -26673,7 +26973,6 @@
 "86577","2018-11-28 18:38:11","http://arhomus.com/En/Clients_CyberMonday_Coupons","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86577/"
 "86576","2018-11-28 18:38:10","http://link2u.nl/En/Clients_CyberMonday_Coupons","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86576/"
 "86575","2018-11-28 18:38:09","http://prakritibandhu.org/832911NIWNHOK/EN/CyberMonday","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86575/"
-"86574","2018-11-28 18:38:06","https://u6737826.ct.sendgrid.net/wf/click?upn=lhdnqZsHExoH9VBLA7u7dTBNY37cqjG3jGEtNz3Z8-2FuB7-2Bd-2BXT0gEzD7ltO1OiZpAyXcrgZvgtEXhu9UboszdA-3D-3D_qMw-2B4ZhWc4XC9c1IfAT1X9O0wPIIjhpNYomRpNLX304uWOMrGk6jxVsBxlzfWPkXzeEngez-2FsjJxuxmnHopnsrw-2F2-2Fg0x0yCZIuA8395Ym407-2FJgH4Ok7sYIPCWdKeBV-2FxsCfHgj7YE3-2BS42xCSjkMIlZH-2BwyRS2Y0zzZpYp-2FrDfMiDWEZ0Na-2FyhUxb5v1g6i8RK5bBiI7q2m70Kr93RMfVG2It4bLIR-2BawqtZ-2B-2F7VM-3D","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/86574/"
 "86573","2018-11-28 18:38:04","http://en.worthfind.com/En/Clients_Coupons","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86573/"
 "86571","2018-11-28 18:30:03","https://lithi.io/file/7200.doc","offline","malware_download","doc,RTF,exe,darkcomet","https://urlhaus.abuse.ch/url/86571/"
 "86570","2018-11-28 18:19:03","https://documents.name/usercontent/f2e0c95dcc98b5d4.png","offline","malware_download","exe,Dridex","https://urlhaus.abuse.ch/url/86570/"
@@ -26893,7 +27192,7 @@
 "86356","2018-11-28 15:49:18","http://shells.fashionshells.net/files/Rechnungs/Rechnungszahlung/Bezahlen-Sie-die-Rechnung-FC-63-03655/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/86356/"
 "86355","2018-11-28 15:49:15","http://patandsca.exsite.info/En/CyberMonday2018/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/86355/"
 "86354","2018-11-28 15:49:13","http://iantdbrasil.com.br/En/Clients_Coupons/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/86354/"
-"86353","2018-11-28 15:49:12","http://en.worthfind.com/En/Clients_Coupons/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/86353/"
+"86353","2018-11-28 15:49:12","http://en.worthfind.com/En/Clients_Coupons/","online","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/86353/"
 "86352","2018-11-28 15:49:09","http://christmasatredeemer.org/En/Coupons/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/86352/"
 "86350","2018-11-28 15:49:07","http://bisgrafic.com/EN/Clients_CyberMonday_Coupons/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/86350/"
 "86351","2018-11-28 15:49:07","http://bool.com.tr/o38SNdPiD9NY19e6K/SWIFT/Firmenkunden/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/86351/"
@@ -27277,7 +27576,7 @@
 "85971","2018-11-28 01:06:03","http://haganelectronics.rubickdesigns.com/8200179JLDT/WIRE/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85971/"
 "85970","2018-11-28 01:02:03","http://raquelariana.com/wp-content/0971548684.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/85970/"
 "85969","2018-11-28 00:59:02","http://leonart.lviv.ua/9UWSHN/WIRE/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85969/"
-"85968","2018-11-28 00:56:04","http://en.worthfind.com/En/CyberMonday2018/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85968/"
+"85968","2018-11-28 00:56:04","http://en.worthfind.com/En/CyberMonday2018/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85968/"
 "85967","2018-11-28 00:54:06","http://p3.zbjimg.com/task/2009-06/29/106045/rc1veeex.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/85967/"
 "85966","2018-11-28 00:52:03","http://ts-prod-assets.tripleseat.com.s3.amazonaws.com/assets/009/074/172/Untitled-112718-980459.doc?1543298055","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85966/"
 "85965","2018-11-28 00:51:01","http://185.22.174.139/ftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/85965/"
@@ -27418,7 +27717,6 @@
 "85830","2018-11-27 21:26:09","http://aldia.com.uy/541Ft1KEi","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/85830/"
 "85829","2018-11-27 21:26:06","http://chakreerkhobor.com/zk82JspRS","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/85829/"
 "85828","2018-11-27 21:26:03","http://akleigh.com/LmHBvqEv","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/85828/"
-"85827","2018-11-27 21:21:45","https://u8363957.ct.sendgrid.net/wf/click?upn=dWZA44YigbY9-2F5JRbOFgkbjF7uDcUsR1ZIpOM1YeigalRTP-2F641AYSobVNRE-2FdvK_jnM7mWtP1mibjtTBvWAY6hi5ckdavKwIFAutFeZX4X6o4XM5xKsaTE60pR9Iay-2FNqvBgp4FKA0Gljv-2F2vry0Hd5qHW7iyC05yCHraUvo-2BKC8f-2BG1rtXjTqv7KGKF5Pc0ekHBlEhssIl6AsH-2FSV3fE3-2BEgQQF1H7Z-2F9fRfSuTJ-2FrS3yMDRZUa33z1TOigmOxSitVFCMTCM5fUhZdm-2F3TEEyFHMpJ-2BABykzNJgbEn6R7wkZcxyLoHUfwpq9lAetb4R","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/85827/"
 "85826","2018-11-27 21:21:42","http://maipiu.com.ar/EN/Coupons","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/85826/"
 "85825","2018-11-27 21:21:41","http://click.expertsmeetings.org/ylcfea/YzONI8cS","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/85825/"
 "85824","2018-11-27 21:21:38","http://gameclub.ut.ac.ir/En/CM2018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/85824/"
@@ -27741,7 +28039,6 @@
 "85489","2018-11-27 00:30:04","http://miamijouvert.com/En/CyberMonday2018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/85489/"
 "85488","2018-11-27 00:30:03","http://miamijouvert.com/En/CyberMonday2018","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/85488/"
 "85487","2018-11-27 00:26:02","http://209.141.61.249/521.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/85487/"
-"85485","2018-11-27 00:08:16","https://u8137488.ct.sendgrid.net/wf/click?upn=DL2ALwobpQrCp8O0h3WWqmZWEpst4OtSUFe5hYw2PfqZ8tmvNqxaFxzX0DGVkaerHxS8Im4tNK0pbehdorOpkQ-3D-3D_HvOKSqJFA55zs9Q8-2B7p4-2FI66OmnFjbC5IEHQ-2FvdMzDuXuJsLeXXHl-2B12PSg-2BGyJbBQEa-2F0mIr401FxkLcw26V-2BxiFdcqpIXIrKNnWWNf5JFW0YLol8RCTTX1ZLS-2FaXOhsjaAaB3TMlYr1bE20bZgbgw4zUWFQQ5s2wmpCaeWrysOOQaalf93aNi186J9K2oWiYERB2xFNd5wg7YqTUkevdJZYXWk0n7SI2jLjr5UYko-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/85485/"
 "85486","2018-11-27 00:08:16","https://xa.yimg.com/kq/groups/8138622/1792571317/name/INVOICE_O6631_FILE.doc","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/85486/"
 "85484","2018-11-27 00:08:13","http://villacitronella.com/En/CyberMonday/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/85484/"
 "85483","2018-11-27 00:08:12","http://support.jbrueggemann.com/En/Clients_CM_Coupons/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/85483/"
@@ -27981,7 +28278,6 @@
 "85247","2018-11-26 16:36:06","http://qualigifts.com/mLoLVcw","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/85247/"
 "85246","2018-11-26 16:36:04","http://gosonoma.org/fK6ez6uhzH","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/85246/"
 "85245","2018-11-26 16:31:12","http://congtyherbalife.com/wp-admin/images/EN/CyberMonday","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/85245/"
-"85244","2018-11-26 16:31:09","https://u3207922.ct.sendgrid.net/wf/click?upn=7F2O8EhI2KwMMt2zJbzNV9vzkD31wiHQ7kqGtPvaikXASpu-2Bff8kQkcaVq30Xw3U_gCMsIDrvjWsDS-2F3B2uM9V3bvXuLefebzPtms2Su6J-2FVY-2B2Ga-2FpH5vlc8ogzVn7AaDqY85k1zvw363mZ-2FWxpyrPOYYkK-2BpSDDyVGxi8-2F7dLrr0-2BWdAqgAXF9nOHiiYE9Qm-2FGYIs-2FR0SgNiupGrlelsPcX5FuFheVAn-2Fdgo8EU-2FS-2B-2FL7FAkimWDqkNpb4EHF14uam0qhTtpxkVRDeMcFSaFy0Jd-2BOH3IhjsKHkCg6hFyI-3D","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/85244/"
 "85243","2018-11-26 16:31:07","http://www.xn----8sbabrd9ajz.xn--p1ai/En/CyberMonday2018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/85243/"
 "85241","2018-11-26 16:31:03","http://radio312.com/En/CyberMonday","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/85241/"
 "85240","2018-11-26 16:22:09","http://parallel.university/wp-includes/En/Clients_CM_Coupons","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/85240/"
@@ -28754,7 +29050,6 @@
 "84473","2018-11-23 21:35:12","http://jaylonimpex.com/images/clients/lkjhgfdfghjkjhgfghjkl.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/84473/"
 "84472","2018-11-23 21:35:09","http://jaylonimpex.com/images/clients/uyuyrweretrytuyiulklkjhgfty.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/84472/"
 "84471","2018-11-23 21:35:04","http://23.249.161.100/frankm/danlon.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/84471/"
-"84470","2018-11-23 21:20:02","http://url2731.lailahotels.com/wf/click?upn=3DJGjSgA7ZmZO8YWujv1=Dphknda-2B3qDqzWhgG-2FRHrbUVukOtM-2BU8-2BiB74zbutkRFQX6cao5fFSdnJFOCWmqDSB9=g-3D-3D_UjuPhYoOZwrf-2FCVjdKJulwFO6AdqKTE9Si2HdnHBYZHhFLjbF4d5OL7rUINqLBJJY=6-2FlCwHyJXN9t0Grz2CYv946vTsuQZkUGgU899x395Hp7soWpokmlZG8o5cGWVbKPWoy1lpXhe=Ng4N-2FmwanmGOah-2Fev-2BEK5oyEMQhJDMqrK59RVpVXYLWjDUt1KZ3Epz9IKLw9oFSIIHglp=crH1y6dCeaP4sQCGpRU2BMiRNooA-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/84470/"
 "84468","2018-11-23 21:17:19","http://www.santikastore.com/EN_US/BF2018","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/84468/"
 "84469","2018-11-23 21:17:19","http://www.santikastore.com/EN_US/BF2018/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/84469/"
 "84466","2018-11-23 21:17:16","http://trazo24.com/EN_US/Clients_BlackFriday2018_Coupons/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/84466/"
@@ -29496,7 +29791,7 @@
 "83715","2018-11-22 07:05:04","http://81.4.106.148/yakuza.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83715/"
 "83714","2018-11-22 07:05:03","http://206.189.120.242/qvmxvl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83714/"
 "83713","2018-11-22 07:05:02","http://206.189.120.242/cemtop","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83713/"
-"83712","2018-11-22 06:27:04","http://103.109.57.221:34448/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83712/"
+"83712","2018-11-22 06:27:04","http://103.109.57.221:34448/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/83712/"
 "83711","2018-11-22 06:24:23","http://www.mandala.mn/update/qua.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/83711/"
 "83710","2018-11-22 06:24:17","http://www.mandala.mn/update/ebu.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/83710/"
 "83709","2018-11-22 06:24:13","http://www.mandala.mn/update/barr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/83709/"
@@ -30491,7 +30786,7 @@
 "82710","2018-11-19 19:56:02","http://perkasa.undiksha.ac.id/wp-content/uploads/doc/US/7-Past-Due-Invoices/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82710/"
 "82709","2018-11-19 19:56:01","http://perkasa.undiksha.ac.id/wp-content/uploads/Corporation/EN_en/Invoices-attached/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82709/"
 "82708","2018-11-19 19:55:58","http://perfilpesquisas.com.br/DOC/En/Invoice-0086009/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82708/"
-"82707","2018-11-19 19:55:52","http://pcsoft.down.123ch.cn/download/%E8%A3%85%E7%AE%B1%E5%A4%A7%E5%B8%88_70@2121332.exe","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82707/"
+"82707","2018-11-19 19:55:52","http://pcsoft.down.123ch.cn/download/%E8%A3%85%E7%AE%B1%E5%A4%A7%E5%B8%88_70@2121332.exe","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82707/"
 "82705","2018-11-19 19:55:47","http://pc6.down.123ch.cn/download/%E5%A4%9A%E7%AA%97%E5%8F%A3%E6%96%87%E4%BB%B6%E6%95%B4%E7%90%86%E5%B7%A5%E5%85%B7_30@17954.exe","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82705/"
 "82706","2018-11-19 19:55:47","http://pcservice.slask.pl/sites/US_us/Payment-enclosed/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82706/"
 "82704","2018-11-19 19:55:43","http://patimpatam.net/newsletter/EN_en/Aug2018/Invoice/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82704/"
@@ -30612,7 +30907,7 @@
 "82589","2018-11-19 19:52:22","http://kinapsis.cl/wp-content/uploads/0JDFWGPWS/ACH/Personal/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82589/"
 "82587","2018-11-19 19:51:51","http://kft.sk/007MNXV/identity/US/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82587/"
 "82588","2018-11-19 19:51:51","http://khmedia.org/Corporation/XNF8531688JM/3400155/QQ-AZLZ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82588/"
-"82586","2018-11-19 19:51:50","http://kdjf.guzaosf.com/xyxd/NBA&%E4%B9%90%E6%B8%B8%E7%9B%92%E5%AD%90_12@128595.exe","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82586/"
+"82586","2018-11-19 19:51:50","http://kdjf.guzaosf.com/xyxd/NBA&%E4%B9%90%E6%B8%B8%E7%9B%92%E5%AD%90_12@128595.exe","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82586/"
 "82585","2018-11-19 19:51:33","http://kaz.shariki1.kz/Corporation/US/Overdue-payment/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82585/"
 "82584","2018-11-19 19:51:32","http://katy.voyagemg.net/Document/En/Paid-Invoices/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82584/"
 "82583","2018-11-19 19:51:26","http://kathamangal.com/1U/BIZ/Business/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/82583/"
@@ -31477,7 +31772,6 @@
 "81696","2018-11-16 18:02:05","http://hobokendoulas.com/lmTIr/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/81696/"
 "81695","2018-11-16 18:02:03","http://translampung.com/xkIJX5Lp/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/81695/"
 "81694","2018-11-16 17:49:05","http://201.67.79.124:1910/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/81694/"
-"81693","2018-11-16 17:18:04","https://u6737826.ct.sendgrid.net/wf/click?upn=oLhrFbX8Xk2mNAhWz055fSSC4PUkq-2F264MX25iNC472h4QKP3MwIw6yFxtRaXQbzfs-2FFVBh-2BPySq1ckUP6MEbg-3D-3D_KRPuvzqjLT6qGCo4MQVqXBMAy78vTPcEMQjr74liq6vNX5PK7pQ7kzT0iA-2BRCp6-2B6T0iA0kJ3ucrvTP6SXm5mysYVlzDdqJYcRBSsBvIoUtgoDVwf5o7XL7WKtEc-2Fcw7-2B52fltWHxwNWnREQxHsk8cqcADZaQPui7Y7VWknyypcoejbf-2BU82b7gaHHTo0BwKlliW4aSaWEpp7HoGmbw-2BXVC1WP6of7qsyseJ3imhkU8-3D","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/81693/"
 "81692","2018-11-16 17:05:07","http://candrac-von-hainrich.de/0Sk7c2za","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/81692/"
 "81691","2018-11-16 17:05:06","http://mausha.ru/4ncahc","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/81691/"
 "81690","2018-11-16 17:05:05","http://clinicanatur.com.br/rM","offline","malware_download","emotet,exe,epoch1,heodo","https://urlhaus.abuse.ch/url/81690/"
@@ -31651,7 +31945,6 @@
 "81509","2018-11-16 05:39:09","http://trainchange.com/wp-content/uploads/2018/05/US/Details/11_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/81509/"
 "81508","2018-11-16 05:39:07","http://maxairhvacs.com/EN_US/Clients_transactions/2018-11","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/81508/"
 "81507","2018-11-16 05:39:05","http://peconashville.com/US/Documents/112018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/81507/"
-"81506","2018-11-16 05:39:04","https://u6737826.ct.sendgrid.net/wf/click?upn=H1Xa28swUaaGX9BoBDACI97paSJ5dkYQkb3jsn9q8-2Ft2gpfURkptrqi4Eefw-2BqDkQkD5sCSc98XxawsXEHdOVLlHUpEcMdTNKdXfSpC1Xac-3D_Qhlm6hnITaFiQZ9pXsnyXOCjej8n5RRBHNyV7ZkxzMmzFaf5TlbdlMTS3i-2B3j-2BnsFLfI86ylfW5jm-2BWoT5bFpQ4f00Ye3XiAM7dhpUPJ2IChfubCttHD-2B1bV0u5vPzbupqkzTcRCZheljSSZLOG6-2BbwYngtdk9GeIAGWLprBi15cLHRqfDmyNScyG5ImWPsJvoADBALgaWOiyX3fqFzYoz5gzqIKjKNpjuJ3AiizhtQ-3D","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/81506/"
 "81505","2018-11-16 04:55:04","http://211.48.208.144:56550/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/81505/"
 "81504","2018-11-16 04:51:02","http://simplemakemoneyonline.com/Document/En/Document-needed","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/81504/"
 "81503","2018-11-16 04:44:06","http://xianjiaopi.com/733683H/BIZ/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81503/"
@@ -31922,7 +32215,6 @@
 "81238","2018-11-16 00:30:10","http://cameracity.vn/wp-includes/US/Attachments/11_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/81238/"
 "81237","2018-11-16 00:30:09","http://cameracity.vn/wp-includes/US/Attachments/11_18","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/81237/"
 "81236","2018-11-16 00:30:04","http://303esplanade.oceaniadigital.com.au/En_us/Transactions/2018-11/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/81236/"
-"81235","2018-11-16 00:17:10","https://u2285184.ct.sendgrid.net/wf/click?upn=dHdwvn9fFbixMNGSgJCWb6uN7t8BUMCZiJ9gFhZBF3xTW3ItKaLilcH6hSR5EKXz7gh6oGV-2FxVxF-2BNgr-2FAyc6g-3D-3D_HDu-2BON2WuckNVJ2U1s3AlHXBiauXJHjDMFt3skTlj4V5e5D6jVDqyofTeYExzuH3pcZM3TWsSTsw-2FFrm5pPFKh8y4wjIOUHMny9ve-2B-2FyYhIJ0BudPwx0whmxR38qAtxe7NACKgPDHDKqrkoHB5eX9xIi2vwfZly59w4GkJUgV7208AF9CTsXqyBh-2Bh7GtZkJo6LsEEi8kYl-2FjxgnBUwO6whtTYzAtvqQfYlTBONUKyQ-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/81235/"
 "81234","2018-11-16 00:17:09","https://tidevalet.com/En_us/ACH/11_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/81234/"
 "81233","2018-11-16 00:17:08","http://www.teamincubation.org/En_us/Attachments/11_18/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/81233/"
 "81232","2018-11-16 00:17:06","http://www.drmugisha.com/wp-includes/EN_US/Attachments/112018/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/81232/"
@@ -35294,8 +35586,8 @@
 "77736","2018-11-09 08:02:06","http://80.211.165.178/AB4g5/Josho.m68k","offline","malware_download","elf","https://urlhaus.abuse.ch/url/77736/"
 "77735","2018-11-09 08:02:05","http://43.224.29.64/ntpd","offline","malware_download","elf","https://urlhaus.abuse.ch/url/77735/"
 "77734","2018-11-09 07:08:03","http://ezpullonline.com/26E/WIRE/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/77734/"
-"77733","2018-11-09 07:07:03","http://c.top4top.net/p_6534e8r81.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/77733/"
-"77732","2018-11-09 07:07:02","http://c.top4top.net/p_897ao4tp1.jpg","online","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/77732/"
+"77733","2018-11-09 07:07:03","http://c.top4top.net/p_6534e8r81.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/77733/"
+"77732","2018-11-09 07:07:02","http://c.top4top.net/p_897ao4tp1.jpg","offline","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/77732/"
 "77731","2018-11-09 06:40:05","http://greencolb.com/DOC/wizzboy.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/77731/"
 "77730","2018-11-09 06:39:10","http://greencolb.com/DOC/trsust.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/77730/"
 "77729","2018-11-09 06:39:08","http://greencolb.com/DOC/dec%20bro.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/77729/"
@@ -35783,7 +36075,7 @@
 "77234","2018-11-08 20:28:31","https://crm.soppnox.com/PO009.ace","offline","malware_download","exe,rat,NanoCore","https://urlhaus.abuse.ch/url/77234/"
 "77233","2018-11-08 20:28:29","http://wiki.campusvirtualelmayor.edu.co/sites/default/files/core/wsc.dl","offline","malware_download","None","https://urlhaus.abuse.ch/url/77233/"
 "77232","2018-11-08 20:28:28","http://wiki.campusvirtualelmayor.edu.co/sites/default/files/radxl.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/77232/"
-"77231","2018-11-08 20:28:25","https://c.top4top.net/p_1042v9c0c1.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/77231/"
+"77231","2018-11-08 20:28:25","https://c.top4top.net/p_1042v9c0c1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/77231/"
 "77230","2018-11-08 20:28:24","http://officesupportbox.com/WMIsvc","offline","malware_download","exe,rat,rms,rmsrat","https://urlhaus.abuse.ch/url/77230/"
 "77229","2018-11-08 20:28:16","https://e.coka.la/oSjsmX.png","offline","malware_download","exe,HawkEye,keylogger,rat","https://urlhaus.abuse.ch/url/77229/"
 "77228","2018-11-08 20:28:15","https://e.coka.la/Ugwi5z.jpg","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/77228/"
@@ -39028,7 +39320,7 @@
 "73946","2018-11-03 09:02:03","http://arkei.foxovsky.ru/CSWOPAWOZRMCOVEY.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/73946/"
 "73945","2018-11-03 09:01:04","http://dealertrafficgenerator.com/Mazi/SOA.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/73945/"
 "73944","2018-11-03 09:00:14","http://213.7.246.198:6152/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73944/"
-"73943","2018-11-03 09:00:12","http://78.38.31.88:44108/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73943/"
+"73943","2018-11-03 09:00:12","http://78.38.31.88:44108/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/73943/"
 "73942","2018-11-03 09:00:09","http://hammer-protection.com/wp-content/themes/twentysixteen/Shipping%20documents.rar","offline","malware_download","zip","https://urlhaus.abuse.ch/url/73942/"
 "73941","2018-11-03 09:00:05","http://ehsancreative.com/jf.php","offline","malware_download","zip","https://urlhaus.abuse.ch/url/73941/"
 "73940","2018-11-03 08:29:04","http://cb61775.tmweb.ru/faq.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/73940/"
@@ -40926,7 +41218,7 @@
 "72037","2018-10-29 19:17:02","http://104.168.66.165/appo.exe","offline","malware_download","exe,LimeRAT","https://urlhaus.abuse.ch/url/72037/"
 "72036","2018-10-29 19:16:05","http://104.168.66.165/zeyxx3o2.exe","offline","malware_download","exe,CoinMiner","https://urlhaus.abuse.ch/url/72036/"
 "72035","2018-10-29 19:16:03","http://speedandmusic.com/app/mrt.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/72035/"
-"72034","2018-10-29 19:14:11","http://177.189.220.179:10965/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/72034/"
+"72034","2018-10-29 19:14:11","http://177.189.220.179:10965/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/72034/"
 "72033","2018-10-29 19:14:08","http://187.235.218.147:60379/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/72033/"
 "72031","2018-10-29 19:14:03","http://104.248.124.180/Binarys/Owari.arm7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/72031/"
 "72032","2018-10-29 19:14:03","http://104.248.124.180/Binarys/Owari.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/72032/"
@@ -41352,7 +41644,7 @@
 "71610","2018-10-27 23:55:03","http://138.197.99.186/Demon.i686","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71610/"
 "71609","2018-10-27 23:55:02","http://138.197.99.186/Demon.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71609/"
 "71608","2018-10-27 22:40:04","http://site.2zzz.ru/stat/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71608/"
-"71607","2018-10-27 22:28:21","http://xzc.197746.com/superdebug.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/71607/"
+"71607","2018-10-27 22:28:21","http://xzc.197746.com/superdebug.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/71607/"
 "71606","2018-10-27 22:21:02","http://site.2zzz.ru/stat/2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71606/"
 "71605","2018-10-27 22:08:32","http://hnphqvlmtdcihkk.usa.cc/YrVpRnnsqwq8oEt.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/71605/"
 "71604","2018-10-27 20:57:06","http://balwelstores.com/templates/enmasse_18/html/com_users/login/chrome.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71604/"
@@ -41371,7 +41663,7 @@
 "71591","2018-10-27 12:59:02","http://80.211.117.113/qtx.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71591/"
 "71590","2018-10-27 12:51:21","http://unboundaccess.com/uploads/7/8/8/3/78834666/ice_ix_v15.2.9.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71590/"
 "71589","2018-10-27 12:51:11","http://unboundaccess.com/uploads/7/8/8/3/78834666/microsoft_xbl_code_keygen_v15.8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71589/"
-"71588","2018-10-27 12:50:07","http://122.160.196.105:23897/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/71588/"
+"71588","2018-10-27 12:50:07","http://122.160.196.105:23897/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71588/"
 "71587","2018-10-27 12:06:03","http://87.121.98.42/bins/hoho.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71587/"
 "71586","2018-10-27 12:06:02","http://80.178.214.184:9476/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/71586/"
 "71585","2018-10-27 12:05:03","http://87.121.98.42/bins/hoho.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71585/"
@@ -45381,7 +45673,7 @@
 "67529","2018-10-13 05:02:07","http://www.aractidf.org/misc/rl8109.jpg","offline","malware_download","exxe","https://urlhaus.abuse.ch/url/67529/"
 "67528","2018-10-13 05:02:06","http://www.aractidf.org/misc/pw8109.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67528/"
 "67527","2018-10-13 05:02:02","http://www.aractidf.org/misc/dr8109.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67527/"
-"67526","2018-10-13 04:13:41","http://ftpcnc-p2sp.pconline.com.cn/pub/download/200509/CH-Nebula_225_PConline.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/67526/"
+"67526","2018-10-13 04:13:41","http://ftpcnc-p2sp.pconline.com.cn/pub/download/200509/CH-Nebula_225_PConline.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67526/"
 "67525","2018-10-13 03:28:41","http://ftpcnc-p2sp.pconline.com.cn/pub/download/200408/001TV.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67525/"
 "67524","2018-10-13 03:14:05","http://www.msmapparelsourcing.com/wp-admin/users/newnaocor.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67524/"
 "67523","2018-10-13 02:30:18","http://smplmods-ru.1gb.ru/ptss_crypted.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/67523/"
@@ -46045,7 +46337,7 @@
 "66864","2018-10-12 01:58:04","http://46.29.166.34/cc9mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66864/"
 "66863","2018-10-12 01:58:03","http://46.29.166.34/cc9x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66863/"
 "66862","2018-10-12 01:58:02","http://46.29.166.34/cc9ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66862/"
-"66861","2018-10-12 01:52:11","http://soft.114lk.com/wdxtbh.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/66861/"
+"66861","2018-10-12 01:52:11","http://soft.114lk.com/wdxtbh.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/66861/"
 "66860","2018-10-12 00:37:02","http://pleasureingold.de/union.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66860/"
 "66858","2018-10-12 00:27:02","http://pleasureingold.de/documento.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66858/"
 "66859","2018-10-12 00:27:02","http://pleasureingold.de/img00806.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66859/"
@@ -46133,7 +46425,7 @@
 "66776","2018-10-11 11:22:03","https://d.coka.la/mD8KuC.jpg","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/66776/"
 "66775","2018-10-11 11:01:03","http://akznqw.com/classa.doc","offline","malware_download","RTF,Formbook","https://urlhaus.abuse.ch/url/66775/"
 "66774","2018-10-11 11:01:02","http://akznqw.com/marlboro.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/66774/"
-"66773","2018-10-11 10:54:24","http://dxdown.2cto.com/ware/201306/0607QQgzzBsq.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/66773/"
+"66773","2018-10-11 10:54:24","http://dxdown.2cto.com/ware/201306/0607QQgzzBsq.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66773/"
 "66772","2018-10-11 10:54:10","http://www.bygoldi.com/wp-content/themes/wipi/includes/chrome.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/66772/"
 "66771","2018-10-11 10:54:05","http://ashifrifat.com/wp-content/themes/agama/includes/chrome.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/66771/"
 "66770","2018-10-11 10:52:02","http://104.244.76.210/bins/dark.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66770/"
@@ -46733,7 +47025,7 @@
 "66165","2018-10-09 06:00:00","http://bora.8dragonphoenixastoria.com/pagjfut54.php","offline","malware_download","ursnif,ITA,geofenced","https://urlhaus.abuse.ch/url/66165/"
 "66164","2018-10-09 05:59:03","http://users.atw.hu/fvlmodell/letoltes/files/scalecalc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/66164/"
 "66163","2018-10-09 04:43:36","http://185.17.123.2/worming.png","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/66163/"
-"66162","2018-10-09 04:43:05","http://93.174.93.149/antspywares.exe","online","malware_download","exe,miner,CoinMiner,AgentTesla","https://urlhaus.abuse.ch/url/66162/"
+"66162","2018-10-09 04:43:05","http://93.174.93.149/antspywares.exe","offline","malware_download","exe,miner,CoinMiner,AgentTesla","https://urlhaus.abuse.ch/url/66162/"
 "66161","2018-10-09 04:43:04","http://159.65.155.17/default.exe","offline","malware_download","exe,GandCrab,Ransomware,gandcrabv5","https://urlhaus.abuse.ch/url/66161/"
 "66160","2018-10-09 04:43:02","http://marcwood.pl/Screenshot_2018-10-5.jar","offline","malware_download","jar,jacksbot","https://urlhaus.abuse.ch/url/66160/"
 "66159","2018-10-09 04:42:13","http://kadosch.xyz/30092018/xmrig_x64.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/66159/"
@@ -47489,7 +47781,7 @@
 "65404","2018-10-06 07:26:07","http://15666.online/666/Apollo_x64.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65404/"
 "65403","2018-10-06 07:26:07","http://15666.online/666/xmrig_x32.exe","online","malware_download","exe,miner,xmrig","https://urlhaus.abuse.ch/url/65403/"
 "65402","2018-10-06 07:26:05","http://15666.online/666/v2.1-WindowsC++.exe","online","malware_download","exe,Loader","https://urlhaus.abuse.ch/url/65402/"
-"65401","2018-10-06 07:09:04","http://37.34.247.30:22848/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/65401/"
+"65401","2018-10-06 07:09:04","http://37.34.247.30:22848/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/65401/"
 "65400","2018-10-06 07:02:02","https://www.seafoundation.tg/wp-content/US/Attachments/102018/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/65400/"
 "65399","2018-10-06 07:01:02","http://premiumos.icu/agents/1/80.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65399/"
 "65398","2018-10-06 06:20:03","http://chedea.eu/Corporation/US/9-Past-Due-Invoices","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/65398/"
@@ -47550,7 +47842,7 @@
 "65343","2018-10-05 20:43:03","https://uc3ccbb7150c8ac9a08590ee3574.dl.dropboxusercontent.com/cd/0/get/ASQG2Nsir7sEMQCB9gjVXJ7-qGO06yT3hWFLnyhBUZgt1kuu_mugQKzYzGZJIMTrWH3jqwopxlYGbFxofrzoErurtTmnFoLtx5DmGWv8wXp_dCRPQH3KYzRI4y0PcnQ4ihhDOwV-2UCjjOmdYIBnkpN4s77goCk1fi1fyT43iXbge799EjEpP5TJCYAvWRY_v2w/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/65343/"
 "65342","2018-10-05 19:53:03","http://vvzfcqiwzuswzbg.nut.cc/c/c11.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/65342/"
 "65341","2018-10-05 19:29:03","http://136.49.14.123:34324/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/65341/"
-"65340","2018-10-05 17:43:40","http://underluckystar.ru/num9_setup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/65340/"
+"65340","2018-10-05 17:43:40","http://underluckystar.ru/num9_setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65340/"
 "65339","2018-10-05 16:53:05","http://217.218.219.146:33127/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/65339/"
 "65338","2018-10-05 16:37:05","http://upload.ynpxrz.com/upload/201312/16/0130436560.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/65338/"
 "65337","2018-10-05 16:05:06","http://www.101sonic.com/U72fy490X/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/65337/"
@@ -47583,11 +47875,11 @@
 "65302","2018-10-05 12:35:04","http://lealcontabil.com?Anexo/ProtocoloCadastroTEDterceiros/formulario.html&data=02|01||d025e233d14d4836ef6408d6291ea302|1a407a2d76754d178692b3ac285306e4|0|0|636741608880460400&sdata=C6LjPEA1QEfr0U8aKqrPQWUkiN75AUA3d2T96ibLmVE=&reserved=0","offline","malware_download","zip","https://urlhaus.abuse.ch/url/65302/"
 "65301","2018-10-05 12:20:09","http://201.42.21.87:18726/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/65301/"
 "65300","2018-10-05 12:13:02","http://185.244.25.134/Josho.arm7","online","malware_download","elf","https://urlhaus.abuse.ch/url/65300/"
-"65299","2018-10-05 12:12:14","http://underluckystar.ru/addnum.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/65299/"
-"65298","2018-10-05 12:12:08","http://underluckystar.ru/arcanum3_update.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/65298/"
+"65299","2018-10-05 12:12:14","http://underluckystar.ru/addnum.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65299/"
+"65298","2018-10-05 12:12:08","http://underluckystar.ru/arcanum3_update.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65298/"
 "65297","2018-10-05 12:05:03","http://www.jeffchays.com/9531668PBUJW/identity/Smallbusiness","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/65297/"
-"65296","2018-10-05 12:04:39","http://underluckystar.ru/num8_setup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/65296/"
-"65295","2018-10-05 12:04:03","http://underluckystar.ru/pluton6_update.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/65295/"
+"65296","2018-10-05 12:04:39","http://underluckystar.ru/num8_setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65296/"
+"65295","2018-10-05 12:04:03","http://underluckystar.ru/pluton6_update.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65295/"
 "65294","2018-10-05 11:55:22","http://www.fesya2020.com/wp-content/4470043YU/PAYMENT/US","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/65294/"
 "65293","2018-10-05 11:55:14","http://www.gtwmarine.pl/6576I/SEP/US","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/65293/"
 "65292","2018-10-05 11:55:06","http://illdy.azteam.vn/FILE/En_us/Invoice","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/65292/"
@@ -47625,7 +47917,7 @@
 "65260","2018-10-05 09:19:02","http://51.38.115.54/bins/0wnz.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/65260/"
 "65259","2018-10-05 09:18:07","http://51.38.115.54/bins/0wnz.m68k","offline","malware_download","elf","https://urlhaus.abuse.ch/url/65259/"
 "65258","2018-10-05 09:18:07","http://medpharm-consulting.de/uploads/tf/1.php","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65258/"
-"65257","2018-10-05 09:18:04","http://underluckystar.ru/arcanum_update.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/65257/"
+"65257","2018-10-05 09:18:04","http://underluckystar.ru/arcanum_update.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/65257/"
 "65255","2018-10-05 09:15:02","http://188.138.100.8/bins.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/65255/"
 "65254","2018-10-05 09:12:02","http://toplatestmedicalnews.icu/new/update_v255.exe","offline","malware_download","exe,AZORult","https://urlhaus.abuse.ch/url/65254/"
 "65253","2018-10-05 09:11:04","http://toplatestmedicalnews.icu/new/AU3_EXE.exe","offline","malware_download","exe,tinynuke","https://urlhaus.abuse.ch/url/65253/"
@@ -51245,14 +51537,14 @@
 "61580","2018-09-27 22:45:14","http://pixelcrush.net/En_us/Documents/092018/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61580/"
 "61579","2018-09-27 22:35:07","http://palfx.info/Document/En/Invoices-attached","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61579/"
 "61578","2018-09-27 22:25:05","http://177.132.77.115:17590/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/61578/"
-"61577","2018-09-27 22:14:06","http://uxz.didiwl.com/PC/NMCQBTFZ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61577/"
-"61576","2018-09-27 22:13:11","http://uxz.didiwl.com/pc/dsgjrja.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61576/"
+"61577","2018-09-27 22:14:06","http://uxz.didiwl.com/PC/NMCQBTFZ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61577/"
+"61576","2018-09-27 22:13:11","http://uxz.didiwl.com/pc/dsgjrja.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/61576/"
 "61575","2018-09-27 22:13:06","http://baatzconsulting.com/487390VLLB/BIZ/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61575/"
-"61574","2018-09-27 22:04:21","http://uxz.didiwl.com/PC/YSDXYQNFZ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61574/"
-"61573","2018-09-27 22:03:08","http://uxz.didiwl.com/PC/KEKOUKYKCJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61573/"
+"61574","2018-09-27 22:04:21","http://uxz.didiwl.com/PC/YSDXYQNFZ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61574/"
+"61573","2018-09-27 22:03:08","http://uxz.didiwl.com/PC/KEKOUKYKCJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61573/"
 "61572","2018-09-27 22:03:04","http://ruforum.uonbi.ac.ke/wp-content/uploads/En_us/Payments/092018","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61572/"
 "61571","2018-09-27 22:02:05","http://kantauri.com/Document/En/Past-Due-Invoices","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61571/"
-"61570","2018-09-27 22:01:06","http://uxz.didiwl.com/PC/LNBCZCJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61570/"
+"61570","2018-09-27 22:01:06","http://uxz.didiwl.com/PC/LNBCZCJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61570/"
 "61569","2018-09-27 21:42:45","http://egomall.net/US/Payments/092018","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61569/"
 "61568","2018-09-27 21:33:08","http://www.dobre-instalacje.pl/logs/recu.exe","offline","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/61568/"
 "61567","2018-09-27 21:33:07","http://49.71.118.101:62734/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/61567/"
@@ -52765,7 +53057,7 @@
 "60038","2018-09-24 23:09:58","http://sweatshop.org/3WDQQK/SEP/Business","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/60038/"
 "60037","2018-09-24 23:09:57","http://jedecouvrelemaroc.com/92892URVHHDNS/WIRE/Business","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/60037/"
 "60036","2018-09-24 23:09:53","http://buckeyeoptical.com/2880390OD/WIRE/Business","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/60036/"
-"60035","2018-09-24 23:09:51","http://johnscevolaseo.com/393SG/ACH/Business","online","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/60035/"
+"60035","2018-09-24 23:09:51","http://johnscevolaseo.com/393SG/ACH/Business","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/60035/"
 "60034","2018-09-24 23:09:49","http://afan.xin/2610121O/554999SW/identity/Smallbusiness","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/60034/"
 "60033","2018-09-24 23:09:46","http://roingenieria.cl/LLC/En_us/Service-Report-3528","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/60033/"
 "60032","2018-09-24 23:09:43","http://mobileappo.com/DOC/En/Invoice-78944009","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/60032/"
@@ -53608,7 +53900,7 @@
 "59190","2018-09-23 13:05:06","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/ygx.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59190/"
 "59189","2018-09-23 11:39:03","http://bastom58.ru/urldefense_proofpoint/billpay_bankofamerica_com/PaymentCenter_Index/09_18","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59189/"
 "59188","2018-09-23 11:38:03","http://mail.wasafi.tv/scan/EN_en/Invoice","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59188/"
-"59187","2018-09-23 11:37:11","http://config.cqhbkjzx.com/bug/skoffice/thinkerup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59187/"
+"59187","2018-09-23 11:37:11","http://config.cqhbkjzx.com/bug/skoffice/thinkerup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59187/"
 "59186","2018-09-23 11:35:08","http://blog.51cto.com/attachment/201206/4594712_1339214458.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59186/"
 "59185","2018-09-23 11:23:05","http://vnt.website/nomoes/ban.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59185/"
 "59184","2018-09-23 11:22:08","http://skynetexpress.ml/akss/bbnn.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59184/"
@@ -53786,13 +54078,13 @@
 "59011","2018-09-22 08:36:07","http://instalacaoarcondicionadosplit.com/z/me.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59011/"
 "59010","2018-09-22 08:24:03","http://patentvalidationturkey.com/wp-content/uploads/rar7.exe","offline","malware_download","exe,CoinMiner","https://urlhaus.abuse.ch/url/59010/"
 "59009","2018-09-22 08:22:02","http://beautifulbritain.co.uk/archived_jigsaws/month8/surprise1m8_117.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59009/"
-"59008","2018-09-22 08:21:03","http://dw.58wangdun.com/sf5/sf.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/59008/"
+"59008","2018-09-22 08:21:03","http://dw.58wangdun.com/sf5/sf.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59008/"
 "59007","2018-09-22 08:18:09","http://www.ultigamer.com/wp-admin/includes/doc/En_us/OVERDUE-ACCOUNT/Customer-Invoice-SA-43907422","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59007/"
-"59006","2018-09-22 08:12:07","http://dw.58wangdun.com/sf5/sf9.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/59006/"
-"59005","2018-09-22 08:11:32","http://dw.58wangdun.com/sf5/rgcom.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/59005/"
-"59004","2018-09-22 08:10:43","http://dw.58wangdun.com/sf5/testsf6.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/59004/"
+"59006","2018-09-22 08:12:07","http://dw.58wangdun.com/sf5/sf9.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59006/"
+"59005","2018-09-22 08:11:32","http://dw.58wangdun.com/sf5/rgcom.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59005/"
+"59004","2018-09-22 08:10:43","http://dw.58wangdun.com/sf5/testsf6.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59004/"
 "59003","2018-09-22 08:10:25","http://www.ultigamer.com/wp-admin/includes/default/En/Aug2018/Payment/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59003/"
-"59002","2018-09-22 08:10:20","http://dw.58wangdun.com/sf5/testsf8.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/59002/"
+"59002","2018-09-22 08:10:20","http://dw.58wangdun.com/sf5/testsf8.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59002/"
 "59001","2018-09-22 08:08:09","https://gitlab.com/finndev/EloBuddy.Dependencies/raw/master/Setup/EloBuddy-Setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59001/"
 "59000","2018-09-22 08:06:08","http://focuscapitalcorp.com/2082567.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/59000/"
 "58999","2018-09-22 07:55:07","https://gitlab.com/Hazk9382777/natureresourses/raw/master/eric1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/58999/"
@@ -55563,7 +55855,7 @@
 "57201","2018-09-17 18:35:27","http://birmetalciningezinotlari.com/8NE/PAYROLL/Cpf2tl","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57201/"
 "57200","2018-09-17 18:35:17","http://betwext.com/PTa1a1aF","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57200/"
 "57199","2018-09-17 18:35:08","http://brkini.net/Rfb","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57199/"
-"57198","2018-09-17 18:32:03","http://van-wonders.co.uk/wwvvv/862RNNE/73846WN/com/US/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/57198/"
+"57198","2018-09-17 18:32:03","http://van-wonders.co.uk/wwvvv/862RNNE/73846WN/com/US/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/57198/"
 "57197","2018-09-17 18:31:18","http://www.ultigamer.com/wp-admin/includes/216ZVOKXLK/PAY/Business","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/57197/"
 "57196","2018-09-17 18:31:12","http://www.thefxgroup.co.za/Document/EN_en/Paid-Invoice-Credit-Card-Receipt","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/57196/"
 "57195","2018-09-17 18:31:09","http://roingenieria.cl/files/US/Invoice-for-you","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/57195/"
@@ -57305,8 +57597,6 @@
 "55420","2018-09-12 02:13:54","https://vpnetcanada.com/INFO/US_us/Past-Due-Invoice","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55420/"
 "55419","2018-09-12 02:13:51","https://vpnet2000.com/60241NOIXWRO/com/US/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55419/"
 "55418","2018-09-12 02:13:49","https://vpnet2000.com/60241NOIXWRO/com/US","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55418/"
-"55417","2018-09-12 02:13:47","https://u3880122.ct.sendgrid.net/wf/click?upn=UUvbqDkb-2BxGvsqStDpEIiWD6DlPIjKfak9fiLoZSOm2-2F0vryfPyImO3c3No6xZgrzUyJlBG22haOi63-2F8NRJKw-3D-3D_cscc8gjZNE-2BBH15bOAIdXvPLYMzm0jU8WBm9o7hphQtKquhfyYVizrukdZzFDo6XRiVsypFSnyyj3Ag26IDKJMniix3a5mmALDgIgQk1TbtisFgO7h0Asqu6ihKAvmw8qbrX1CNRJMBb8jOjaEthRcehjjcFxykC38iNTSj-2Fa768P0Jqlb7M-2FR7ik0hFEoOgHC5jAszdJUHA8nQDgwDEbYEDKfV1slf-2B-2FzTsCisjWW8-3D","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/55417/"
-"55416","2018-09-12 02:13:46","https://u3880122.ct.sendgrid.net/wf/click?upn=EqEoi1mf3yOPvVtFWUbpBzKQnS0DRhHBe0lNIbgPsqH1AgVfcfVECCs8ngIy-2BSNsJ9OUanZM7D4TLNSDAInIHA-3D-3D_ZzIj2VfQ0UBo6n2xHZLf7FEDeIcFJOeSa0o-2FGqF-2BJ5-2F66awvZEvaHNroNa-2BuuWYQjtswSLiHXazAnL354qrC8EBaI5nSaKvn6kOMeBdyRN4i6lk4HkQshhAvDHtr74vVMOoplw7TwNUfsMH94YmpoYhaJcw17aTPT9moPP8YYI6e6-2BhUa34S5Cjdf28XUIAM0SNe-2FUoD6n6U10rnSXp1gw-3D-3D","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/55416/"
 "55415","2018-09-12 02:13:43","http://zombiehead.studio/newsletter/US_us/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55415/"
 "55414","2018-09-12 02:13:41","http://www.risehe.com/WrHXrtrbxy6/de_DE/Firmenkunden/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55414/"
 "55413","2018-09-12 02:13:39","http://www.retro-jordans-for-sale.com/338AOLOWXRD/PAYMENT/US/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55413/"
@@ -57504,7 +57794,6 @@
 "55217","2018-09-11 23:46:06","http://zdatasolutions.com.au/css/css.exe","offline","malware_download","AZORult,rat","https://urlhaus.abuse.ch/url/55217/"
 "55216","2018-09-11 23:32:04","http://v454vd9o8wzuwz.com/RTT/opanskot.php?l=targa4.tkn","offline","malware_download","ursnif,Gozi","https://urlhaus.abuse.ch/url/55216/"
 "55215","2018-09-11 23:27:04","http://q0fpkblizxfe1l.com/RTT/opanskot.php?l=targa4.tkn","offline","malware_download","ursnif,Gozi","https://urlhaus.abuse.ch/url/55215/"
-"55212","2018-09-11 23:07:36","https://u3880122.ct.sendgrid.net/wf/click?upn=ASD-2FfQBZp3mA71OywDSIOYQBnGBqR2GFdTyWJiZR8bYs94MbYiI3VjqK2ishmIl-2BzGdVz96D3ymfSuNruCi2s-2BKkmth8-2BLgNbuYPSy35HG7IYAko4qXJ6NVepzYDZu3g_hID5ICDvmrA-2BU2SGjdkWFkJ5RdzMzKAEQ5LPnmcH3Mbla55gVdVOfcdiLvs6wrjKtNGPOZurHB0NToXXrxB6dCqzRef8biyRL1n1Zq9ksbt54jTJebQxtL2TzYlExjAfJy9O1GjoGX7OkKJcuUtV1hACPSJXCLuv8Pe6H5vbzuUqNI9kcbgkrMvfwkNuJp55ef2LvPDZ5yhX6Lp8lizFrXsbLpruPiobEVhW4SYi60g-3D","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/55212/"
 "55211","2018-09-11 23:07:34","http://xuatbangiadinh.vn/etaRJzP/biz/Service-Center/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55211/"
 "55210","2018-09-11 23:07:32","http://xn--forevertrkiye-3ob.com/newsletter/EN_en/Outstanding-Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55210/"
 "55209","2018-09-11 23:07:30","http://xbitestudio.com/31XQCQSXH/identity/Smallbusiness","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/55209/"
@@ -58025,7 +58314,6 @@
 "54682","2018-09-11 05:21:08","http://knaufdanoline.cf/urchq.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/54682/"
 "54681","2018-09-11 05:21:06","http://knaufdanoline.cf/david.jpg","offline","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/54681/"
 "54680","2018-09-11 05:21:04","http://knaufdanoline.cf/putty.jpg","online","malware_download","rtfkit,exe,RemcosRAT","https://urlhaus.abuse.ch/url/54680/"
-"54679","2018-09-11 05:21:00","https://u3880122.ct.sendgrid.net/wf/click?upn=i5rOHG1cUf8I-2BnpCziXEZHAd3UrYt40yUMYJr6oTDOltqW9GS3HYJrVqZz-2BjLDh6zC1Wc29qGkhWynd272mBeA-3D-3D_13fNF-2FhA459eCCiHyZ-2F5PmUxbJTYmOl10ud8598tNCaJvqRm1DDU7msHZFfkE-2B1rim2-2B3DiFfFHPX3M-2BUWRUIj-2Bq2ZQo2idzKjyl-2BFYGyfEzYCwSlur7tUFyRT3WLfcvWD9a-2FBtR-2F3OP7mJSk4cbB-2FBghOXYbDgS3XJH461VQcVZebsOE421NkYugkZEHjgx8rqoXCCRTfmtzbdGojJl8c2V6wFxhgi2scygKVIdIu0-3D","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/54679/"
 "54678","2018-09-11 05:20:57","https://smakthomasaquinotangeb.com/62791S/PAYROLL/Smallbusiness/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/54678/"
 "54677","2018-09-11 05:20:53","https://artzvuk.by/FILE/EN_en/929-87-604178-724-929-87-604178-658/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/54677/"
 "54676","2018-09-11 05:20:51","https://artzvuk.by/4TO/PAYROLL/Commercial/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/54676/"
@@ -62170,7 +62458,7 @@
 "50477","2018-09-01 05:29:12","http://jppygfot.sha58.me/d239ec5a21e71059cb8106851869b7a6/LkV8/9NAbz/eitczeqhbw10054.apk","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50477/"
 "50476","2018-09-01 05:29:10","http://umzdjymq.sha58.me/3cbbc9e91d9d5571823ef933a357f371/SVb3/h953p/catsannubl10080.apk","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50476/"
 "50475","2018-09-01 05:29:06","http://caferaa.com/CcCaDi.html","offline","malware_download","None","https://urlhaus.abuse.ch/url/50475/"
-"50474","2018-09-01 05:29:01","http://down10b.zol.com.cn/zoldownload/rdvideo8.2at81_327255.exe","offline","malware_download","exe,Fuery","https://urlhaus.abuse.ch/url/50474/"
+"50474","2018-09-01 05:29:01","http://down10b.zol.com.cn/zoldownload/rdvideo8.2at81_327255.exe","online","malware_download","exe,Fuery","https://urlhaus.abuse.ch/url/50474/"
 "50473","2018-09-01 05:28:51","http://180.153.105.169/dlied6.qq.com/invc/conn_android/drivers/PhoneDockInstaller_5.8.0.6.exe?mkey=5b70c60f0219b226&f=a122&c=0&p=.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/50473/"
 "50472","2018-09-01 05:28:36","http://6ip.us/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50472/"
 "50471","2018-09-01 05:28:29","http://down.wlds.net/mtv_setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/50471/"
@@ -62183,9 +62471,9 @@
 "50463","2018-09-01 05:27:04","http://tnjlgs.loan/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50463/"
 "50462","2018-09-01 05:27:02","http://robotop.cn/v3G158/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/50462/"
 "50461","2018-09-01 05:26:58","http://uebhyhxw.afgktv.cn/1/44278-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50461/"
-"50460","2018-09-01 05:26:50","http://iuwrwcvz.applekid.cn/1/44217-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50460/"
+"50460","2018-09-01 05:26:50","http://iuwrwcvz.applekid.cn/1/44217-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50460/"
 "50459","2018-09-01 05:26:44","http://aimmvqsf.ahhxdl.cn/1/42062-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50459/"
-"50458","2018-09-01 05:26:37","http://xblbnlws.appdoit.cn/1/42046-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50458/"
+"50458","2018-09-01 05:26:37","http://xblbnlws.appdoit.cn/1/42046-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50458/"
 "50457","2018-09-01 05:26:23","http://aygwzxqa.applekid.cn/1/42046-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50457/"
 "50456","2018-09-01 05:26:10","http://tpjsgq.loan/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50456/"
 "50455","2018-09-01 05:26:06","http://one.wing138.info/glib","offline","malware_download","None","https://urlhaus.abuse.ch/url/50455/"
@@ -69534,7 +69822,6 @@
 "43054","2018-08-15 04:23:06","http://airporttaxigdansk.pl/default/EN_en/INVOICE-STATUS/Invoice-747208810-081418","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/43054/"
 "43053","2018-08-15 04:23:05","http://aditya-dev.com/newsletter/EN_en/Invoice-for-sent/Order-9907593237","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/43053/"
 "43052","2018-08-15 04:23:03","http://accordcom.ru/Wellsfargo/Commercial/Aug-13-2018/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/43052/"
-"43051","2018-08-15 02:37:26","https://u8028218.ct.sendgrid.net/wf/click?upn=-2BQ64D8BSpzL-2FEb3JqiSUHmOUwa6Xna5BvCKTX8CBuY-2Fsfq98e3Pa2vlbJPtNGBU6D-2Bc2kTi69Fg0zmsQzTOKX9ebhZOvk0AzeGEVfu0kkktmnVn4K5xZ7s0-2FqkyK9m8v_CKdWP800aAHXKtIj5Bs7DQmPkSiSaCjA-2BD6uul-2FptYByersCMni5WDuB60ALcohOc1yqzdfy0kIHDf8IpNGmnpMww9PfhSQ2AmFRArHDT1nYpeoQHHioWExiBrTRuHPdIhcr1XrohvqnKEOZHEbWmJxHHtUhngldHecVUrsutOE6AhmbHt59X2Ql5-2FoUOqc4hJIZslg7sJ-2F-2FW7FCyniPzA-3D-3D","offline","malware_download","emotet,doc","https://urlhaus.abuse.ch/url/43051/"
 "43050","2018-08-15 02:37:23","http://zo-radomysl.pl/Aug2018/En_us/STATUS/Invoice/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/43050/"
 "43049","2018-08-15 02:37:21","http://zonadeseguridad.net/newsletter/US_us/Open-invoices/ACCOUNT89451562","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/43049/"
 "43048","2018-08-15 02:37:15","http://yingale.co.il/joGnrjMl/","offline","malware_download","emotet,doc","https://urlhaus.abuse.ch/url/43048/"
@@ -75075,7 +75362,6 @@
 "37451","2018-07-31 22:27:04","http://gtm-au.com/DHL-number/US/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/37451/"
 "37450","2018-07-31 21:26:05","http://crses.info/wip/tal.msi","offline","malware_download","None","https://urlhaus.abuse.ch/url/37450/"
 "37449","2018-07-31 21:26:04","http://crses.info/wip/sli.msi","offline","malware_download","None","https://urlhaus.abuse.ch/url/37449/"
-"37448","2018-07-31 20:43:52","https://u5204810.ct.sendgrid.net/wf/click?upn=KNqpJylyRB8XPqk-2FIzpcqyzcKRJkL2gdt-2FMnTAOvyZGMvw-2FhqRw-2FcDc0840ZRUJxsxigheTZ0WZnm-2BiF0ONXnflMw50rZmcIY53ztKZ9jAtsSG2VPjkLEGkmXBby1uNR_OTGd1RHFMeOvE-2FKipUr7tiG1nG-2FhxW1SIyRfUoez7luR5n9YBCQPp-2BR8VWcjMXSjqOvFchjXwY-2F8O7PnpT2ZzM-2BpKyA43o8IRQoLCmxVooczpDVF0z7pcrTtC8bM7Z1uzTcHT31Fa1gdv-2Botph1KsLET2lGrd1Kzy2xWi9grs-2BvjtVh75zgmZeKVQLr3vpzXDoX4juRo2O6KiddRGE6rIGB11SNWf-2FMMZLb63ZtLylc-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/37448/"
 "37447","2018-07-31 20:43:50","http://www.vcorset.com/wp-content/uploads/doc/EN_en/Money-transfer-details/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/37447/"
 "37446","2018-07-31 20:43:48","http://www.urbannet.co.kr/wp-content/uploads/Jul2018/US/Address-Changed/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/37446/"
 "37445","2018-07-31 20:43:44","http://www.iqmauinsa.com/wp-admin/DHL-Tracking/En_us/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/37445/"
@@ -75101,8 +75387,6 @@
 "37425","2018-07-31 20:42:06","http://allseasons-investments.com/wp-content/sites/US/Address-Changed/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/37425/"
 "37424","2018-07-31 20:42:04","http://agenza10.ayz.pl/newsletter/EN_en/Change-of-Address/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/37424/"
 "37423","2018-07-31 20:42:03","http://3sgroup.sg/default/En_us/Recent-money-transfer-details/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/37423/"
-"37422","2018-07-31 19:20:34","https://u5204810.ct.sendgrid.net/wf/click?upn=mn1AEkvh2in0o8JLTC-2Fq38Sdx6V3K9Q8UzTb-2FZRnGVr4uoMWZFCb-2BBVnwDBBzMzw-2Fi-2FtGUFqpU4O7wlf2ePxaw-3D-3D_CLuxgrN7GyZqjUceQTZPCzIH0bjkMZyhIp-2F8MkPfuiX2X8YOB9qC6uKdIObNPwCnL1CVV7yPqk2a2-2BJ4soT0PWavoCE1M6PlfyaBgFg1Z2YczM1ZsmTT6TvvBueEh5N0YncsEQNG3o2Rnr8aRZlVXIPIABpUv-2F5QMqN3K9Ynz1ersBGd-2FsbQk9wG0YakRFzJNDab-2Fir55OeRuYoiig82jFS8SlWmdL1JU-2FN-2BvGHhvYQ-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/37422/"
-"37421","2018-07-31 19:20:32","https://u5204810.ct.sendgrid.net/wf/click?upn=7m4cCTx541tRI-2FxGNgNi7cVY9ocFVyEamYNEG5POpQ94Ko-2FGwOsxPyFddtgiNOL-2BSlBgyr-2FL3YPm1T3XLczCYVYPZSaIUQ8n-2Fkd2Y3Amxf0-3D_GzedeRhFj8ks3BMciZUAgEJkH2bEVAT9RoySN0cwCVailu6pgC7iXV8Hxb3t5V-2FuWZG0PaUi9H4ix2My7ayplmlMc2zKbBediYe9rLrXsfOW-2BosES96R3v8wS13Xiag5XCW-2FZ4hStQsQ07Xrg4yFWENqoRdC-2FDlH6Be7cZZ15XME81B-2F5Kv2kl5sLEpIiuE1jmpH8nptXvmTnV5L-2F3kWyq6TIeQ8OGrycygPoH2yFjE-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/37421/"
 "37420","2018-07-31 19:20:30","https://mandrillapp.com/track/click/30684943/www.essexmarinallc.com?p=eyJzIjoiNzdvbWdudlZURm5tNjIxWGpLeWVtT3JIb3JrIiwidiI6MSwicCI6IntcInVcIjozMDY4NDk0MyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvd3d3LmVzc2V4bWFyaW5hbGxjLmNvbVxcXC9UcmFja2luZ1xcXC9FTl9lblxcXC9cIixcImlkXCI6XCIyMDdmMTVlODdlMDg0NWU4YTA0YjRlMTk1YTdhZGY4MlwiLFwidXJsX2lkc1wiOltcImUwMjBlMzYxZWM1NDMyNTFjZmQ1NzIwM2E2NmE1YjZjZWUyY2ExNTZcIl19In0/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/37420/"
 "37419","2018-07-31 19:20:29","https://mandrillapp.com/track/click/30684943/www.coolgizmo.ca?p=eyJzIjoieHdrUDB2MERPTmlpVlNGSVlEVGgzYWpmWjJFIiwidiI6MSwicCI6IntcInVcIjozMDY4NDk0MyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvd3d3LmNvb2xnaXptby5jYVxcXC9ESEwtVHJhY2tpbmdcXFwvRU5fZW5cXFwvXCIsXCJpZFwiOlwiZjhkYjgyOTI4YzMyNGY4YWI0ODVlN2NjMGRkY2MwNmZcIixcInVybF9pZHNcIjpbXCIxZDViZTMxODQ3NTk1NWMyYjQ4MmJlZmE1MjA1YzBhYWMyYjU1NDM0XCJdfSJ9/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/37419/"
 "37418","2018-07-31 19:20:25","https://mandrillapp.com/track/click/30684943/sael.kz?p=eyJzIjoiZDh6UjhlVlc1TFFVcDhDV1FjUE1wSHFxN2FNIiwidiI6MSwicCI6IntcInVcIjozMDY4NDk0MyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvc2FlbC5relxcXC9VMEpKSnV1amRYZDc1XCIsXCJpZFwiOlwiY2E4NWNhNjk4MDZmNGZhYzg5MGE1YmVlNzM5NzFjMzRcIixcInVybF9pZHNcIjpbXCI1N2QyYTQ3YmVlYmUzZmQ2ZWUyNjMzNWU1YmRjMjQwNjNiMGVlYzU3XCJdfSJ9/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/37418/"
@@ -75740,7 +76024,6 @@
 "36777","2018-07-30 14:01:03","https://db.icmeet.com/.safe/9L7235-Receipt","offline","malware_download","sLoad,zip,lnk","https://urlhaus.abuse.ch/url/36777/"
 "36776","2018-07-30 14:01:02","https://luchtefeld.com/.safe/CE-737941-Receipt","offline","malware_download","sLoad,zip,lnk","https://urlhaus.abuse.ch/url/36776/"
 "36775","2018-07-30 13:42:03","http://uploadtops.is/3/T/3vuvOR0","offline","malware_download","NetWire,rat,exe","https://urlhaus.abuse.ch/url/36775/"
-"36774","2018-07-30 13:39:26","https://u6600235.ct.sendgrid.net/wf/click?upn=7omcNEqBJNq3HnBwkwwdBCXX6c8oZdzSTByAlQZY1-2BynJKDOK898CswzjYjjRPoG_YcmN9tk6h8QTM4bZ92YnNn28sI1EjbmikP5de2HsLC0CGFOq-2BhZS2RXbPWo5tSWDNsoIFNIsh6w0Z4XR4RGWSUDaGfawNHXHbfbo9LyNDD45-2BAOWWadEHFDqF0ajhQ9EHC-2BsEguud4CvHmZHKYJpVCH28y33C8E3CcDyIhAYSoarbHa6ilQZixoEeFGyfQP4PO4sayrXBNNpzySIBC0j8Z9Ri36KLm8OKaiGkGFqV-2F0-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/36774/"
 "36773","2018-07-30 13:39:24","http://www.staples55.com/files/EN_en/INVOICES/Invoice-66692734-072918/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36773/"
 "36772","2018-07-30 13:39:22","http://wspt.net/files/En/Jul2018/Payment/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36772/"
 "36771","2018-07-30 13:39:20","http://web-noki.com/DHL-number/DHL-number/En_us/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36771/"
@@ -76139,14 +76422,12 @@
 "36372","2018-07-27 04:45:11","http://shlpthompson-tw.com/js/SWIFT_U0992009902999309008-PDF.scr","offline","malware_download","Pony,exe","https://urlhaus.abuse.ch/url/36372/"
 "36371","2018-07-27 04:45:08","http://www.mcvillars.com/app/kkk.exe","offline","malware_download","Pony,exe,Loki","https://urlhaus.abuse.ch/url/36371/"
 "36370","2018-07-27 04:45:05","http://dandoesinternet.com/css/fall.exe","offline","malware_download","Pony,exe,Formbook","https://urlhaus.abuse.ch/url/36370/"
-"36369","2018-07-27 04:08:43","https://u6819516.ct.sendgrid.net/wf/click?upn=w-2FH7zDgVry7T-2Bxl-2BOVilNbfCrFVYVto9YP9x8GxZneKUR31Kxk2vO5Fswe4CH1Q7wlf4-2FIEDbfFCwtgur5mwQw-3D-3D_UZ-2Fw3Bg8EOda-2F-2BSazO07kY7CmpsyEiuPAPsJKpkojIxmrZMsRFxR15yET4rRaVlJoeBqEKUPNe3W0VhporhAebOjvJ7u1AYJ-2BHcaJmInqKmwjDBw99CtZXXn-2BkAbGT9B3v3T-2B1ItDkDDXzaqSPsI0Lc-2FHJLy96lophOdXSDOwLji0oKQ2ynOy7-2B2DEgV5-2BxzZKo-2B36EEAOIa5cCxNG-2B7LyDI-2FFsxZx9AQJ12iQNK1oc-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/36369/"
 "36368","2018-07-27 04:08:40","http://zonacomforta.com/DHL-number/EN_en/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36368/"
 "36367","2018-07-27 04:08:38","http://xyntegra.com/files/En/Invoice/Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36367/"
 "36366","2018-07-27 04:08:36","http://www.mijorusimex.com/pdf/US/Invoice-for-sent/248560/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36366/"
 "36365","2018-07-27 04:08:34","http://www.granitulitkino.ru/files/EN_en/OVERDUE-ACCOUNT/New-Invoice-NQ1108-QV-4455/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36365/"
 "36364","2018-07-27 04:08:33","http://www.fanet.de/newfolde_r/sites/US/Jul2018/New-Invoice-GX1784-YR-1341/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36364/"
 "36363","2018-07-27 04:08:32","http://website.vtoc.vn/demo/hailoc/wp-snapshots/pdf/US/Past-Due-Invoices/88352/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36363/"
-"36362","2018-07-27 04:08:20","http://u6819516.ct.sendgrid.net/wf/click?upn=w-2FH7zDgVry7T-2Bxl-2BOVilNbfCrFVYVto9YP9x8GxZneKUR31Kxk2vO5Fswe4CH1Q7wlf4-2FIEDbfFCwtgur5mwQw-3D-3D_UZ-2Fw3Bg8EOda-2F-2BSazO07kY7CmpsyEiuPAPsJKpkojIxmrZMsRFxR15yET4rRaVlJoeBqEKUPNe3W0VhporhAebOjvJ7u1AYJ-2BHcaJmInqKmwjDBw99CtZXXn-2BkAbGT9B3v3T-2B1ItDkDDXzaqSPsI0Lc-2FHJLy96lophOdXSDOwLji0oKQ2ynOy7-2B2DEgV5-2BxzZKo-2B36EEAOIa5cCxNG-2B7LyDI-2FFsxZx9AQJ12iQNK1oc-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/36362/"
 "36361","2018-07-27 04:08:18","http://thedesigners.co.nz/pdf/En/Invoice/Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36361/"
 "36360","2018-07-27 04:08:14","http://sobrasa.com.br/DHL-Express/US_us/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36360/"
 "36359","2018-07-27 04:08:13","http://sharjahas.com/Jul2018/EN_en/Open-invoices/Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/36359/"
@@ -77725,9 +78006,6 @@
 "34768","2018-07-20 04:45:12","http://makeyourinvitepartners.ml/cgu/free.exe","offline","malware_download","Pony,exe,HawkEye","https://urlhaus.abuse.ch/url/34768/"
 "34767","2018-07-20 04:45:09","http://eepaulgroupt.club/be/h.exe","offline","malware_download","Pony,exe","https://urlhaus.abuse.ch/url/34767/"
 "34766","2018-07-20 03:46:13","https://urldefense.proofpoint.com/v2/url?u=http-3A__borinfor.com_newfolde-5Fr_doc_En-5Fus_OVERDUE-2DACCOUNT_Invoice-2D07-2D19-2D18&d=DwIFaQ&c=VQ9hgUuwpNx5qjiyTmR6qQ&r=VWCMrOAZ42xEY7aBeHkCfVC7-GccDQiNerNlJRH5muI&m=JavSUg0f9C2qoCCa7AWt8RM7BRNk5mP_S7hBxPVa8ZU&s=XFGDpuuNz7L0uj6b4PoAfz3lck7VPATlniNQMVv_P6w&e/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/34766/"
-"34765","2018-07-20 03:46:11","https://u6819516.ct.sendgrid.net/wf/click?upn=PjkWtlalLbBQJ88ZHI8QHqrD5-2BtoekEWydpo4s9ya3bG5kpYHFq0OSSgsubdqe5x-2FPC1LcWW9KXH1qChdVZMaA-3D-3D_ZO8PSds91UkMrfoE-2B2qd-2Fy1zyRD6IVgpW0SYkaNe00r2KfhWSsk0268x9oZXCS1805kN-2FxNmJVdXhdsXOvVDCNks9fBG-2FSN5NaVXaXIqGWorUwEGIdVIRgj471DEpFosdbeBdT5XDLWaUo011cPbQeO-2BRw2PCYgD6bYdyEQQjZa5id-2F1pnBA9tMhEj5pyA3SCdYTVHmmEklGzcKzMNNmNnVGKTXTLmUV-2FFRnQD-2FHuAs-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/34765/"
-"34764","2018-07-20 03:46:04","https://u6819516.ct.sendgrid.net/wf/click?upn=PjkWtlalLbBQJ88ZHI8QHqrD5-2BtoekEWydpo4s9ya3bG5kpYHFq0OSSgsubdqe5x-2FPC1LcWW9KXH1qChdVZMaA-3D-3D_NMKnNixPz8vQ7wUi0b7Y1tYOrAjuiE46EVehpvfvESEzk7BAfV8XV9vB16sgJVuCqgbgvjEjsCpk3WBQcZONqklbqTAXxoZOiu2lZqAR1z0spw1-2FhWKAAhW8D90043KrmmvD8oUqMLFSpXWnNu-2FSlVUqOvcs4rlXdCoxnaxJElcKoa-2B7-2BMhXssXVRvoFATlZtHIz-2F-2FY6B2toeAbM92z8g87mlQd7-2FpZ9mNUuCdrQfHU-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/34764/"
-"34763","2018-07-20 03:45:59","https://u6324807.ct.sendgrid.net/wf/click?upn=nvq2EOntrcnOdfMqd2eBOZ95rsEFEZoGpDRXhsnMpeJKHJm5LFw5xnHmXpiKlw7uAX0cmoWr383XUMU-2BlrVm-2Fg-3D-3D_UZ-2Fw3Bg8EOda-2F-2BSazO07kWhFqDKY6RAfOmBB47BrGviVekhy48X0TSm8wlo1aJimASUcWA3U926cVyzExaiBvZGvlstH13OMiEsWChShYHfJgrYEKng6Ukm3pULfaoa3wY8Mh9A5w5Iephfe3Na01bTYtmDLeX8TleI8iFwEcIecfDGAmqPkiWP78oJbt0U6-2FG6A4cV0m-2FKbNsrd7ElMu4HQsYa2wQ-2F26zWKMMDEOB8-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/34763/"
 "34762","2018-07-20 03:45:56","http://www.valentinesday.bid/files/US_us/Client/Account-97799/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/34762/"
 "34761","2018-07-20 03:45:55","http://www.sundayplanning.com/08/sites/En_us/DOC/Invoice-9883371/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/34761/"
 "34760","2018-07-20 03:45:51","http://www.sepelco.com/wp-includes/newsletter/US/Client/Invoice-2021484/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/34760/"
@@ -78579,8 +78857,6 @@
 "33907","2018-07-18 04:19:03","http://smartestworld.us/din/grace.exe","offline","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/33907/"
 "33906","2018-07-18 04:16:03","http://185.62.190.119/aspx/description.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/33906/"
 "33905","2018-07-18 04:16:02","http://185.62.190.119/aspx/Details.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/33905/"
-"33904","2018-07-17 23:15:06","https://u2493681.ct.sendgrid.net/wf/click?upn=VdK6g6PJcf5tKoBheG4v-2BrTQ9XQ8CCuMQ40-2BWZ-2FffvVhknle1G3j4J-2Bjq4Fe-2FrLu_oyJuypH0LRp8Ky9yBJ1Ug4e-2FVhLPHL2PNoXHU2eOl3QNktKQbjYLQdVDT2ZkpGDQJH24VuKXkITevPxQGhxP1cumHGlireEYrKwNRNtsljMZNg9houxPKpXz5lkdZP8tXZyQK2jHOegmg1yWhq2t7DRYy7WXMLbAftpwYPwlT2J4l0ITuL3xa-2BN2XPmf34AZuDVTdNNmAygLjdtO9t1uYokUqg8Pu5PiQOVX0PVyzoE01ae-2BW3f4JKwrLTi93C09/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/33904/"
-"33903","2018-07-17 23:15:03","https://u2493681.ct.sendgrid.net/wf/click?upn=sHQUgz-2Fqec9Dg0vSK1O4XPCYdFy0MpXtV55r43w2dreirvAwP1bpfM9R0-2FL3kzGK_9RmJ2hJd76Zn-2FGKDVdjAhNf6F-2BPzjjxjRFCjo6lRcwXufA7fC3AHSeJX9OeWe1LXxqNPjeY8KOBDGkN1ozv-2FI4uW5HGrZivM5QuaVeEIVAowgWRtS7NkGIjFea2mq3qaEGR8-2FfrOImWiV5EHwameUtu32XXYRarvfwRISHc0W5bdUHFDK-2FXz-2Fwj0ANQOv1sPnccvh0TX4gdzpcqVSn4wXvxar0CGWQBmAwGoj4v1D04-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/33903/"
 "33902","2018-07-17 23:15:01","http://www.shoremena.com/Facture-impayee-17-07/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/33902/"
 "33901","2018-07-17 23:14:59","http://www.setticonference.it/wp-content/ewww/Acuerdos/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/33901/"
 "33900","2018-07-17 23:14:58","http://www.drevostyle.com.ua/Facture-17/07/2018/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/33900/"
@@ -79539,7 +79815,6 @@
 "32889","2018-07-16 17:00:07","http://www.ravenswave.com/wp-content/uploads/RaO7vU","offline","malware_download","emotet,payload,epoch2,heodo","https://urlhaus.abuse.ch/url/32889/"
 "32888","2018-07-16 17:00:05","http://www.fusionspirits.com/7mc33tD","offline","malware_download","emotet,payload,epoch2,heodo","https://urlhaus.abuse.ch/url/32888/"
 "32887","2018-07-16 16:51:36","http://beiladesign.com/wp-content/default/En/Jul2018/29267/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32887/"
-"32886","2018-07-16 16:51:29","https://u2376049.ct.sendgrid.net/wf/click?upn=DxPoeouEmac1zAqKIvZALiNbYtgmKgPOxVVg-2Foj3Mze9X4krsNhKiQl5GR0MiCWc_KmSPrFeuk1UCYPBaMIK-2BS-2BsGnrKLg448ph8vD8hGYxVgm0XPnKUrAU31bh8NpbzOj168B7rTYzCxGgsI54P1cdg7S2A-2BNUWO7EPwqoSq9bO-2FW7ajBtmfW0um1Msn2e-2BFUUBWUjP2-2FqljxVAkyCP2x2e0jLDxaTULs4uLKYqmeHADLhByS8M4S3H809ENASmdTLWNT-2BULSfXZ-2Fp7mBKN-2BmQ-3D-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/32886/"
 "32885","2018-07-16 16:51:28","http://zlc-aa.org/Rechnungs-docs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/32885/"
 "32884","2018-07-16 16:51:26","http://www.shibuiclo.com/Rechnungs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/32884/"
 "32882","2018-07-16 16:51:25","http://www.pirkimubirza.lt/Rechnungs-docs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/32882/"
@@ -79635,7 +79910,6 @@
 "32793","2018-07-16 16:13:30","http://aubanel.net/pdf/US_us/Client/Services-07-16-18-New-Customer-KS/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/32793/"
 "32792","2018-07-16 16:13:29","http://aisecaustralia.com.au/sites/En_us/Client/tracking-number-and-invoice-of-your-order/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/32792/"
 "32791","2018-07-16 16:13:25","http://198.61.187.137/project/doc/En_us/Statement/Direct-Deposit-Notice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/32791/"
-"32790","2018-07-16 16:13:23","https://u7143178.ct.sendgrid.net/wf/click?upn=R8bBIWb2Y7wHZndjWO8hlouBfoBmm-2F0D6zOUk7sIGZUJ-2BJMTP0Sxk3AbK1-2FNKuhu9TfqSdlTBFFCBtIJSURmnQ-3D-3D_ifbYjCUaScvbe8qFo0m7R-2FGxxTMVhfi4hsf-2Fv6Ci8lsMBEuDtDSo1mW4sq08sDEU4xF3WaIzSLWLJSOuB-2FuginUmIsEKv3l-2FEeFwcRhsMXBkWmxMx3bUH3GQgc6sNN87DkczN7O5L9Udv2C0imFndBP9-2BWp-2FDG6m91U9YlqGfHQ0uORLT0vKTVqswwkK9nnZSgSbBwSlYn1CJgLV966Ljm6vxJceFhVrdzI8H8gS97Q-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/32790/"
 "32789","2018-07-16 16:13:19","http://www.setticonference.it/wp-content/ewww/Documentos/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/32789/"
 "32788","2018-07-16 16:13:17","http://www.mybodytec.com/Rechnungs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/32788/"
 "32787","2018-07-16 16:13:16","http://www.digital7.com/storeimages/manufacturers/EL-RECH/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/32787/"
@@ -80057,7 +80331,7 @@
 "32370","2018-07-13 19:29:16","http://www.royphotographyke.com/newsletter/US_us/Client/Payment/","offline","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/32370/"
 "32369","2018-07-13 19:29:13","http://www.shrimahaveerinfrastate.in/Rechnungs-docs/","offline","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/32369/"
 "32368","2018-07-13 19:29:12","http://www.pabx-uae.com/sites/En/OVERDUE-ACCOUNT/Invoice-07-12-18","offline","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/32368/"
-"32367","2018-07-13 19:29:10","http://www.ivsnet.org/Rechnungs/","online","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/32367/"
+"32367","2018-07-13 19:29:10","http://www.ivsnet.org/Rechnungs/","offline","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/32367/"
 "32366","2018-07-13 19:29:08","http://www.howardbragman.com/default/En/FILE/Order-89879383249","offline","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/32366/"
 "32365","2018-07-13 19:29:06","http://www.goprohero.com.br/Rechnungskorrektur","offline","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/32365/"
 "32363","2018-07-13 19:29:04","http://198.199.66.46/AB4g5/Josho.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/32363/"
@@ -80253,7 +80527,7 @@
 "32171","2018-07-13 12:09:53","http://howardbragman.com/default/En/FILE/Order-89879383249","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32171/"
 "32170","2018-07-13 12:09:50","http://lutz-nachhilfe.de/doc/En_us/Order/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32170/"
 "32169","2018-07-13 12:09:48","http://stagwoodburners.co.uk/Jul2018/US_us/ACCOUNT/tracking-number-and-invoice-of-your-order/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32169/"
-"32168","2018-07-13 12:09:45","http://ivsnet.org/Rechnungs/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/32168/"
+"32168","2018-07-13 12:09:45","http://ivsnet.org/Rechnungs/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32168/"
 "32167","2018-07-13 12:09:42","http://mongduongtpc.vn/DOCUMENTOS/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32167/"
 "32166","2018-07-13 12:09:34","http://shetakari.in/default/EN_en/Payment-and-address/invoice/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32166/"
 "32165","2018-07-13 12:09:33","http://goldenuv.com/wp-content/plugins/woocommerce/dummy-data/Overdue-payment/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32165/"
@@ -80521,7 +80795,6 @@
 "31893","2018-07-13 04:42:50","http://94.177.214.233/bins/sora.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/31893/"
 "31892","2018-07-13 04:42:49","http://206.189.73.170/bins/sora.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/31892/"
 "31889","2018-07-13 04:42:17","http://proyectocithara.org/Borradores-documentos-07/","offline","malware_download","emotet,heodo,doc","https://urlhaus.abuse.ch/url/31889/"
-"31888","2018-07-13 02:59:23","https://u6653447.ct.sendgrid.net/wf/click?upn=sw-2BaW-2F7vuLJGiz9fR90Zj4H82ZSd4xGrZVmSc1Ye9PLxNYqY4-2BE8pUUwLbnILqmKKu79G5IuhXCcARhrEH0n8g-3D-3D_r3XecG9Oeir8G6iSrKDq5NGy65M6fDOLiemAoK9wEcDBHeZCroLuMNS64-2BMAXf6CvUEXK5N09wMUnB4me1eakuIssUOKrBCCe00NGZGU2wvQWw-2B-2FalWf76IFzuC5wMFDmMJgf6EciyRj7nbt0FWAnpSmOqSxDGuYMueWqqNU-2FGeW3BXOKUXyOGmQ-2FSAo6QzYGMGbsBR29DBnCWVgdfL-2FgB4Bg-2BhizW2j3-2BAsyq-2BqpSA-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/31888/"
 "31887","2018-07-13 02:59:21","http://www.vaytiennhanh.us/default/EN_en/Statement/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31887/"
 "31886","2018-07-13 02:59:19","http://www.stgroups.co/default/US_us/DOC/Invoice-1604641/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31886/"
 "31885","2018-07-13 02:59:16","http://www.soussol.media/doc/EN_en/STATUS/Direct-Deposit-Notice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31885/"
@@ -80554,8 +80827,6 @@
 "31858","2018-07-13 02:58:10","http://algaealliance.com/default/US_us/Client/Invoice-419143/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/31858/"
 "31857","2018-07-13 02:58:09","http://alfa-galaxy.ru/files/EN_en/ACCOUNT/invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31857/"
 "31856","2018-07-13 02:58:07","http://103.254.113.170/files/US/Jul2018/Invoices/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31856/"
-"31855","2018-07-13 02:51:27","https://u7143178.ct.sendgrid.net/wf/click?upn=sONU-2BbNQUvNrOHQFplFi2NObSCSJjJz46GKwe4Vh9QUdlX9F22Qs51Zl3oTbC-2F9D_kaBCsixH-2FAUdWyPYPe07gdz8vK9FAjps05zfHtb-2BTt90KOaH7sJUbxV1jn6NiG4dAnrB5IoAMMp-2BvrCqWfCPJJcEKnbOpr-2Bf6Jhe0PNThE2h-2B2zLt4Z9BsHgvs8XtskWzqYpVBpsOC2CFym9oNMTy-2Fpoie6ygQgETDoX70D04KT-2FnMHWQz6Bag-2Fwgt74vAiFyqRGMlNRBv28XpxY2HKMyLyZomNEU-2FidPC7RiiLUZFk-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31855/"
-"31854","2018-07-13 02:51:24","https://u7143178.ct.sendgrid.net/wf/click?upn=sONU-2BbNQUvNrOHQFplFi2EeCx1SFYHayFVI1hc10cDdFdgJc7ReLqJz8xSwhev58Uxda2A-2F9RRPFpgxNUhhb5A-3D-3D_7cvr6fW4yikTAchRrQR80mKBO-2FdHliXLCp6pjLCQyy3cVocnsk3K97ff2UuIBvTpd62ak6RRr9swVMKdOwetwnB4mDuIKnDT-2B0tEl-2FlX-2Bkqa1E7Uf5tKO476SiT0q0HNSeeocP2-2BIf794m-2By4d25top1NMOJaFTlhX1xfI71vsXQ4YMkRwCtO-2BnOFCqLbRd8Oox4rlMemRwCOIu5SGq45y9AOZOq23s8uM7xpZWiSQ8-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31854/"
 "31853","2018-07-13 02:51:22","http://www.zephyrusofsantafe.com/Nuevos-contratos/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/31853/"
 "31852","2018-07-13 02:51:20","http://www.wilket.ru/Documentos-07/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/31852/"
 "31851","2018-07-13 02:51:19","http://www.studycirclekathua.com/Borradores-contratos/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/31851/"
@@ -81303,7 +81574,7 @@
 "31106","2018-07-12 02:35:38","http://innadesign.pl/sites/US/ACCOUNT/022125/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31106/"
 "31104","2018-07-12 02:35:36","http://hanzadetekstil.com/sites/US/Statement/Invoice-1698882/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31104/"
 "31105","2018-07-12 02:35:36","http://ilsaspreiter.com/newsletter/En/OVERDUE-ACCOUNT/641708/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/31105/"
-"31103","2018-07-12 02:35:34","http://gubremontpc.ru/doc/Rechnungs-Details/Rechnungsanschrift/Fakturierung-TY-97-53438/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31103/"
+"31103","2018-07-12 02:35:34","http://gubremontpc.ru/doc/Rechnungs-Details/Rechnungsanschrift/Fakturierung-TY-97-53438/","online","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31103/"
 "31102","2018-07-12 02:35:33","http://flcquynhon.net/files/En_us/Order/ACCOUNT83766794/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31102/"
 "31101","2018-07-12 02:35:29","http://e-xposure.com/newsletter/US_us/Payment-and-address/Customer-Invoice-IM-72456115/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31101/"
 "31100","2018-07-12 02:35:27","http://event-flower.ru/default/US_us/Statement/49211/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31100/"
@@ -81322,23 +81593,6 @@
 "31087","2018-07-12 02:35:05","http://2.globalengine.ru/files/Rechnungs-Details/Zahlungserinnerung/Rechnungskorrektur-GFJ-68-57331/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31087/"
 "31086","2018-07-12 02:35:03","http://122.155.197.12/UPS-Open-invoices-01/files/En/INVOICE-STATUS/Pay-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/31086/"
 "31085","2018-07-12 01:30:12","https://universalgreentech.co.uk/Rechnungs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/31085/"
-"31084","2018-07-12 01:30:11","https://u6211609.ct.sendgrid.net/wf/click?upn=8Tx3EZ2zkeJ7Ev2t0L133ThDltBizi0mX3JjpqyGXWHgtOyhonKEsJ0Huabp9b-2B-2B_5yuTeEmu5vDwxTMxV7K7VhwNLLrK8ec4Lt9dk7ytnlyeoS6yRmOw-2BzKcRHhUZJkHzr6FTpxiVwuT23L2dxoFuaqOyOccrwqcVVqyJoZ7Uo-2BpsksfMvx9G31PhudxOeEEEugwVP2-2BGV6jnQDbGazVK2BFQWKEKy7bxQusFgOvZrsNIQGQQcKBzQ6iWiUEMMH7AJP7o0Nv8aMMrRFOYuIVAvolMVTaij-2BXTogaeW0kDY8-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31084/"
-"31083","2018-07-12 01:30:10","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwjzDs-2Fn8GVpIIOD6wrl8dN-2FIeptqW3Xxt0oqxnswvy2OAoKocy1-2FclU-2B-2B-2B3WiqSPyHg-3D-3D_lxAAm0ot53tg3k584FbKwg6cf7eOPeSXqMS8VzadmjYx4RiLNsBwi4unXbmGZKGkYiQEEYRCtTBek5EoBpkz8vROjMHD8qiaouy-2FT9mnrePKSJO-2BBWraBLltxlEqFmWcwyN8zcLU8-2BQl7EdtVcYXQiM2kSB6tIB20ozhKRJERw-2B3iJ7Pt8EpyTP5wDevYPYDOZcpqItcx7p7jRV147revVTGbiXv5pWolTkbeLpSxJw-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31083/"
-"31082","2018-07-12 01:30:08","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwjxU17JJIKPgVQg-2FTrhpQBWPpMced1aATheUAiArDoCYrclvAtdmWfnrVIimuqCbClw-3D-3D_H88EQzxhw0C1fN-2BVEPulIYOOxCXoFBlyZs22tEC7TrLMmdi1IJAddhqriA9TrCsysw4s6QIh0U0h1nyk-2Bm64P-2FJde7i55ZUBDvBAmiBq2jY5-2BdEuQjlE-2FJoZ2KUYeGL340WwmKAX95ADgZ-2F-2FFvHJY3crO276lr7gQ96gq7sz2orLXUk-2B4MSd736hsPgxJZ-2BZR2C0YHeYOfVeiq27qikHttP5jyBl47IqZNP87hxzGb-2Fcbr-2FSkSwknfUcVmZm5dSb/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31082/"
-"31081","2018-07-12 01:30:07","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwjxEExHkY3WOivLi6XLgnGc7sE0aTZHOuXVZooLa8JeveFUWIUr3o1pQux0wYBNPIwg-3D-3D_HDu-2BON2WuckNVJ2U1s3AlN7c-2FbCchcHEsy1JgEvCAqZR2WQAvTpi1Ps4GdJnavQtKYbAZNMWpvRmYwHPPMRnT5R8evi6z-2BKzEMcZsQl4OawOwl2PQdOMrx-2Fc-2BSDSjMJXNiZLBRXb3lMO22EoHwVD6n8-2FHRtgRbN5lQNEeiVlvemT6dz5-2Bz7hDivstDOHJL29fGoeLIAfn51M5iszplRvxooxD5Bq0HJOPR0rs1hr6-2Fc-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31081/"
-"31080","2018-07-12 01:30:05","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwjxEExHkY3WOivLi6XLgnGc7sE0aTZHOuXVZooLa8JeveFUWIUr3o1pQux0wYBNPIwg-3D-3D_GjRFCNGdMNqdt7rSVIqdH8X9nG-2FMq7R3YSblp6Cjk0G0JzjZ8TimAdOFPcwI24GosOjfO-2FnoBKA8DjGG2Nab1c1hcytU8CYEzXPqDC8hUSa2QwfnfuX6u7D-2F1tLlZA1PGuiSR5iTMq5-2FCVNsHLt4QpkjwsbyzTJmGa5PnSo8eU8WTLPAKrXx5-2FQ-2FTFYjze6xMiBEGT8XQ5FICoQ2MFDHwt0aDwEgQB5cw2bCAUwysTo-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31080/"
-"31079","2018-07-12 01:30:03","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj9cvSFXe9t4PmcH8zCDn0OuKv3SHiGF9L712XMisdbIl_w3VbhLvEfY6kxu-2FMuUVpoifLOlg83IzoHTE5cIoKR17jit4QCpQVObGeMILSl4e69kFbthJ8VWCHeGROgk0lWJ0Zfd-2FogLfrA-2BWIk51qUMPkzEeRK4E0qBhlALbqjQMVXX9dJqE3uiodz10jKqbbu6MfDvC6Q3kBaf0PcZaLJF9-2BcRo626WVPYas-2FjU-2FHWAwYisWXIQIvEDNY-2BZKtm0odX7Sp0iUBsAglZ1hZm3ed6w-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31079/"
-"31078","2018-07-12 01:30:00","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj9cvSFXe9t4PmcH8zCDn0OuKv3SHiGF9L712XMisdbIl_euxIEVhqXrrApaDHt2dWNUQNUFXS5MfpcVs2vK-2F86zh4-2BSDos7CzkM7IzYx33deoDRDCHS2VdwWn3MwR21-2Fx4BhxGP2-2FnAkWxUSAWqxaruPfshWLprBX57VpDH7Onzftf2AGEVntODCzuKTpLTDYebwmka3w3GEZ7xEa58ymGho-2FtgdA9wjuB4iMrcrtsOIjop0R3mHVMsku5lcA5TWkMaLee9fOFRs-2BZ3n-2BwLTEQ48-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31078/"
-"31077","2018-07-12 01:29:59","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj8-2BbvbJLVStN2NZOCSpsQTIrEQZSBdX-2FBlBLfTuLkEUvjPHz-2Bs9yaRi2hX0uuJwX5g-3D-3D_jrlNcBFvOVWOrwO1X78po0YOPYR-2BaMjZpCSF2S5vXd6K9R09j530fn1L4fSpLmm5-2BI-2B7x7yACZKwBZsUMmy41U0I5b1yksMnbrYBiHb-2F9Sap7jyPO9cpy7G88fhJHW9Z1i3KB-2F0dFvocJe-2BVfZuEf72JoQtg-2B3Jy-2B1noe5yCWah1zTFiVMhNd3zkj2qVSD3TSa7ZrZrW9X1dcaBJjlfuyNXZ-2Fq7P5-2F-2FQdb-2BCAaxPVSE-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31077/"
-"31076","2018-07-12 01:29:56","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj4U85f9CA4azQbpHJsERqnDZ3NJAuWsf7dccZiJReu0P_onXnJGlRddgwjq9DW5HkbdfH2i6mgLzxc0qDmMJJlQi1f5RpGGnFQjNWB8-2BkAziwyEK5zDjzUf4qTfZ29KsyUmr-2FmS0xSM2tbTw92bu9RQRSm9uFmO7CUrlyv43YtHC7DvYT9Pr7xqL-2FgDoFycgntbr2-2Flb-2B5uLoSWr2GNbKPaKKHTHR4Z4C2t0x3UEXT6xepXkRMdPP-2Bu0y6dFZUUhGgOL0HX5RllebPe0-2FCZY76xw-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31076/"
-"31075","2018-07-12 01:29:55","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj3yzDTeeb94yD0JUw4SkmgiCHj58aak7KiewBKOyr-2Fz-2FZjEWeYz2EhUorZEHGk9QZg-3D-3D_g-2FVCok72efhE2Y1RyguUm3JA05e8U9nEAyN9GNpVbLgl8zU11S7bBwTVXP7t1uxJJVaxQQhcAvs2KiEHwDK8-2BUrLwpNf7DfJ9XOtuKvaxN-2Fihn8IuPobsIAfyOSZ-2BxBtpFdbo0z8tkeW4H99NNwtyaVuX1Fzd14IZXO2v0pidGHyHpweiNo44obP9rdE550DRqI-2F74GkLBGgV9HjtFW6xMtzlKW2Z2P7LITnlzHe-2BrY-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31075/"
-"31074","2018-07-12 01:29:54","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj3yzDTeeb94yD0JUw4SkmgiCHj58aak7KiewBKOyr-2Fz-2FZjEWeYz2EhUorZEHGk9QZg-3D-3D_DcfGyyffjrNCIfXtuQXr7hZ0jegMeP-2BIWgsaud5OPZ-2FKXY6HbwA29sz-2FwkcXOf9JhFL1q5g63ZaHP-2BAB0N7bQwnLJCHDLtMEenQ8qOxLQTB1S8cMxvYqFs0eZtnGb8brFo64D-2B9EHk97XBcWB9CLNDcuLU-2FBqT5zbKYVpWZhi1j75DP8b7Nu-2Fz89HUwpTuKtLDT9jbBhS-2BmwupIMLu4690c-2F2XxpCHYKUrVs-2Fd7CkOw-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31074/"
-"31073","2018-07-12 01:29:52","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj30On7AYT7zUF78Yy1UaTDzLD6zb50eSP4oeu94f4wUaBX6FDvli65dldS4F1USC1A-3D-3D_ZEz4qHYnXhPr3bBPu-2FxP4vKyzLD2RvW0lXxfYVTrzx2QQ2ng3c6y0kSb3BY4rszG-2Bu5gMbhkKJY5FNgLpytdA4cUpWdHyfuXY47vIHyE5MAq9BJ54q3-2B4UjWVvVreHT59wluczBF6AFnIZh-2BwwNc93R6FTGS-2Fby36I82SgeRzlAacWheVY3dZIUEFHt-2BQn4i8obepnPN5RD41LsGyKCs75IMD-2Bribl684jeBi-2BC8l8M-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31073/"
-"31072","2018-07-12 01:29:51","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj30On7AYT7zUF78Yy1UaTDzLD6zb50eSP4oeu94f4wUaBX6FDvli65dldS4F1USC1A-3D-3D_AqUpETyh0rnZ1QBgEYYiig-2B0sUfOcbzgkfi35vHdykIHyih8qibRfSRfUOVGHvP-2BGOX5Xx8uX4L9u9fdgr6hABtMC4t87oIv-2BVNHqgCWxJfdDZIfLitvXBJqcVq7d6-2BTKKInI46CJDk1gfPh4QKY0KDDiGQ-2BZn6eJmNV2Q4IR7Ii5vASvvXjb6m92tag9-2B4LNfclN6iPxJrQRpFCkVH2aQjc5EYvD5XVEKuiifa5LWo-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31072/"
-"31071","2018-07-12 01:29:50","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj-2FtdAeF8peDD-2FrARhqlkPGOq96VAMYSeIEMzvSL73bxRG-2Bya65CDHjX1RyRIxBOysA-3D-3D_N-2BG2iUR3vKUM0G4TwL-2BwngVA9zkHL6sxFVM3BSmgVZ7YWA5nTSleyUEXLUqW-2BpXLb0Xxvg9kCk4yT3I-2BaRpCXlHTeX-2BeQ-2FR9CL-2F2qG-2B-2BlIHwKuzSI1h9WXw1894L5moBozqcHK3QUnLIG0xOeTtJa2epFM4vNgb8i3p64PAseoq6LdFPQLiq3W-2F6nr0RQnx9PsmhiBuSM-2BFj1iVVbwk77g-3D-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31071/"
-"31069","2018-07-12 01:29:48","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj-2BiAyIiDV3hUWFyWHU8QtDnDvkhSWN-2B8eASQOl68muSg_Uo4sY2CriJRw0stFKYm0Qd8PpSrP7o6PfZOuLyn70lhYASfTEl6D5PhPH0TJqki5LKjM-2FwB3zlGjXhI-2F3udkK-2B7oOQVCapvZkPszikngJfG6U72k4-2FgwEQvQq-2BqrJFoavHVcKGGmcjVuHFe-2BZpm9WPEpY6c-2BTC6xliCNvc6hZ1qPbkukYp-2FaN-2FDa-2Fpl-2BDgEq1c5K-2BufHoopB9rOP6s29gADVE1f5fjVPYuVr1qXuOI0-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31069/"
-"31070","2018-07-12 01:29:48","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj-2FaAw6gaItV6Yaua6O89Kapx5NqVgY9esPn-2B2FSoWE0PxpKqu6ER7fzIdIKXLRIqz-2FkIPAvA2Cbagwu-2F2mJ60cs-3D_-2FmMd5KLcJYyyIX-2FuE5a4RoCW8isO5TEJuRIijFwlgJU66lBsebvfDfVdKZJGDh5P5dYZBcFNiyDGj3aueNr1vx7wHfwBRDkYQNmYaWvEKa17Lg7WCantVMJvt5TFOxAMwOgkhF0C0ZOjwDzrhywZWcVg-2BN1yxLeJnsbpPZuAfvF9p6WVEKrjohzV2f7yMW1PkYqTmWFU-2F2gFNzQCGuYOBCcvosPqb-2BQzMmTM2AuAbkhtDxloUaqVr8rHlc74cpVf/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31070/"
-"31068","2018-07-12 01:29:46","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj0j1-2Fk112bv3owDr7HcEyFuPQhtJfASUgHFQEwB-2FVAR8HR26q0UpPhbpBaegr3fDqw-3D-3D_Y4nHAJNn0cI2BBeVkueLCMPa2VxGBeBHdRRWTMSKHicjxuMjv9r-2B4VhYNW6vl7e8mjv14SAiv26aRWNf1tpovBF1msRYb1c4d4Po3kWmVuR2ewN6Tb3ERKX23jN0mz1a67Q2oIOtH1Kl9QVm29MeoPAA3Tv2M2sLI2u6aNYcwNr0zpFYBalUfeDcOz-2BlxnCh9law8TxPxx6Y2TWVa9DkR-2B92izZZMwlvR3MOKk6alNI-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/31068/"
 "31067","2018-07-12 01:29:44","http://www.studycanvas.in/Rechnungs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/31067/"
 "31065","2018-07-12 01:29:43","http://www.startupwish.com/Auftragsbestatigung/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/31065/"
 "31066","2018-07-12 01:29:43","http://www.startupwish.com/Bestellungen/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/31066/"
@@ -81437,7 +81691,6 @@
 "30967","2018-07-11 20:44:05","http://kozagayrimenkul.com.tr/aVskYMCs/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/30967/"
 "30966","2018-07-11 20:44:04","http://scholanova.edu.pk/SZCFnVX/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/30966/"
 "30965","2018-07-11 20:08:03","http://alpha-blog.ru/files/EN_en/ACCOUNT/Invoice-21491/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/30965/"
-"30964","2018-07-11 19:56:12","https://u6211609.ct.sendgrid.net/wf/click?upn=8Tx3EZ2zkeJ7Ev2t0L133YeUK5RO5Bz76VtXuiEZBnpfrKz1hSgX-2BeHVto-2B2gLQ4_JMrsO-2FsOOhLng1ojwzgnXAZfra8cHRydbU4zvbqo0LFeVy4mkOTrlIEVKWja8wh-2FaaJ8lP5lAjcmMetBO-2BLyXIt1ZwjFIUyj-2F9s2P05q-2F9RQ0oaNhl5hbY0btxjaQLyXIJ5vKMtGgwKB7NZ3M3BvWe7ZJYp6dTLkU3cLbMRNfEPP-2F3os2w-2FSPi-2F8vgIik6iskFsbwjG0NCcPZraOnE7-2BYA-3D-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/30964/"
 "30963","2018-07-11 19:56:08","http://www.mrmsolucoes.com.br/Bestellungen/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30963/"
 "30962","2018-07-11 19:56:03","http://www.jcorrearealtor.com/New-Invoices/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30962/"
 "30961","2018-07-11 19:55:30","http://www.dvinyaninov.ru/RECHs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30961/"
@@ -81489,8 +81742,6 @@
 "30914","2018-07-11 16:39:24","http://www.stenburyfederation.co.uk/sites/US/STATUS/Invoice-6374443/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/30914/"
 "30913","2018-07-11 16:39:23","http://www.epicmusicla.com/sites/En/INVOICE-STATUS/Invoice-57048/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/30913/"
 "30912","2018-07-11 16:39:21","http://dagprodukt05.ru/files/US_us/FILE/Invoice-433175/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/30912/"
-"30911","2018-07-11 16:39:20","https://u6211609.ct.sendgrid.net/wf/click?upn=F2KFG5hiw4jHGOn-2FPoN5-2FmGI80Sptm1U07yIaF7ZQSl85939QRkDYdzn2cwQfeMrUfCFc1kSweZOghhHJuFmHg-3D-3D_-2FiAhKLhaCeBRMfT2oFcqSB3Is2G6bWxdAMJh-2BuBXsem4hv-2BwZQo-2FvJAPRzTxDJFVl1zctxSxYfnCR5mj8arws-2BZF-2BELmc3cdQw9kYeu4ZfSS2qZ8jY8pbyOJKSpCeHuMTOCTGKRkct0qWUeWAXaQDSdogaE6zakB1nN5dKN-2BBMFwgfhD0SpwRZOv1sdCJ70ToUgFD-2FKY-2FjlCMripmi1cjkUfeyEWLfeeTptLpO9AAek-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/30911/"
-"30910","2018-07-11 16:39:17","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj6bfvWRcHzS-2F1HeIbwv-2Fq4OBxQ388DOxlYN8PBp-2FEdd2y9tr-2BQCfECdYUv34Qxxf9g-3D-3D_kKLYQ91ZFOe6ryzRU3CXyl9rmMGMzHWj897Ty-2BF6i7BdsAV9aCSVqLMI4PLzF5xNhG5Iz-2BgD7XUd-2BmDWFs-2F8QmEnRqIrKHZV6lJZoo9Gs5zvRjoTHLf-2FwRj1zfhWo4RevjoHsMcDFpko-2FIUVlsRGlMgW7qX796FcfnLE5sSnH7FugOWUMAZFKCCz-2B-2B3xNJr2IJNMcJuCs9xoAOHZpXO3e0YW0axNgKz0LyqJPeKYwBA-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/30910/"
 "30909","2018-07-11 16:39:10","http://www.escolademocrata.com.br/wp-content/Rechnung/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30909/"
 "30908","2018-07-11 16:39:09","http://maisbrasilphoto.com.br/Pasado-Due-Facturas/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30908/"
 "30907","2018-07-11 16:39:07","http://iniweb.vn/demo/wp-content/Invoice/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30907/"
@@ -81775,16 +82026,6 @@
 "30626","2018-07-11 04:18:15","https://www.igm.or.kr/wp-content/Rech/FORM/Fakturierung-096337/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/30626/"
 "30625","2018-07-11 04:18:09","https://urldefense.proofpoint.com/v2/url?u=http-3A__www.laboria.de_default_US-5Fus_New-2DOrder-2DUpcoming_Order-2D1002867446_&d=DwMFaQ&c=uF_G1Qy7msJk9m9zAPLw5gDRFBGe0ICqSJTLKE9FBRw&r=fczH0fosXD7UgE5747uTIvrkNxfHnmT4AfiG3zZYHAY&m=4yzt7Dk5eY2RBoe5-1jXNizmnheDXjJTVJheb9CPtJU&s=4PA_7uP6hVsL5IeZkifaEA0vv1tAKLlgaZXXQXfDDwQ&e=/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30625/"
 "30624","2018-07-11 04:18:07","https://universalgreentech.co.uk/pdf/Scan/Rechnungsanschrift/Bezahlen-Sie-die-Rechnung/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/30624/"
-"30623","2018-07-11 04:18:03","https://u7138940.ct.sendgrid.net/wf/click?upn=lfVscoPwWWjx-2Bz7ynKTO9RFB3FPkw9j3KwANMponCUbrAgwr-2FynXa1XVw5v1mg5pJ1gKpWsAwKL0xhB51uaPVVs5XEEAgVlYZ4GfE-2FkdtgI-3D_cVKaTxmk62gSi-2BEXLzRdkNA-2BVZFH40YVcvlPIG1TKhR2fCN4tVqCWKTgvnuntZhDVuA5rbxpYfiw3-2BwKeBab7SSw-2Bum2wMHdvLB3yAowWQ4ndVGL7wM7KOF1FZze0dgoDGxlfsjSmdAwtOkkXcflYYp3LpAwIyJeKQXTdMdmIzTGdl4tN3Y1Y4YtS6WbWiogjEU9YCa3O3JlvdvCwIsvukNqXivtreuLV-2BZK3j-2BRMJw-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30623/"
-"30622","2018-07-11 04:18:01","https://u7138940.ct.sendgrid.net/wf/click?upn=lfVscoPwWWjx-2Bz7ynKTO9QmMTvVriWbdq9SyUFfYVADWXrEsUWk0aszDdegWz7iVr4KmnifQJ3LX28LTwasQUQv9XKH9df9hRoUKrZpGWTA-3D_VHYAQuv4sACuRSxEwO55tlx8kk1ohqFFFA-2Bx5OtQPYxqAKTnBvv1xzQb2745-2Fouf9RTceW7LHRMb6J5vJmKZq4YkXsEKn3zOzvwQ47IRyZGHDglGbcMwnbGJebeX189M1U8x83qoKCZgW4pTTvJ9ydZ3mSz1xZ1LKfvz4h1PfZaXMQWE9n9aVlP2FTlrhUj4d1ISoGdBziH2LMf8xnGGSQ-3D-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30622/"
-"30621","2018-07-11 04:18:00","https://u7138940.ct.sendgrid.net/wf/click?upn=lfVscoPwWWjx-2Bz7ynKTO9af40N1fpslwHZeylAFK1KkPEv13ILrKMAK9osDr7J0Ommh4U7j91kSQkBg13MWFx18GaZAkKb-2BPg7MRogtJhyU-3D_KLEco4UJ7K-2FrMjNr5nxgjS4HdpzP4m9su7R6JInWNrzpr1U98THWEGMLdmcDodhrONZG-2FNyIAXJiMx2F1XpmCjYzdhxlaBKta3Dq1nU0GRcOPOKKZc8em5pgi3vKELpU60dgAXp28PCk3s1fMV0p9goBVLaN0OMHCC69wJ-2FvdQChG-2FaZCJjQNmICNkjOW-2BQ54KEQsQb3hi6aj07g5jiNXE-2BmHoUCC6dTIhbSzIPfIzo-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30621/"
-"30620","2018-07-11 04:17:58","https://u7138940.ct.sendgrid.net/wf/click?upn=FZjGBOd0O3mpxrzFMTjquWyRTHHoDmQDvl38BNH27L4KSA0Cq9q3kAFpKqYUfSHF2rRYbp0wSiJtbCCxSWWgnQ-3D-3D_JJD79RIfRh6mf5rXsSn6VMXmosTsazhjKBy30BUnWlBREAAPpVZN3PBy-2FKQSQH8Eu3naj5-2FHbJtReE1z6jTbG-2BZ6q4kOWbh6HVyn7Tf0QAaU3leNK-2BsFjFQRfIJIPVKUNFbaT15fkevIoQRbBgBjvklcjuH8BpFo2kl9l1T6en0a1-2BbfA1YVWx35d0s8yC0MTroOnwHk9l0cn6mc9ejW5ougfqeAXI-2Fq5h2ebu6-2B-2B9E-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30620/"
-"30619","2018-07-11 04:17:56","https://u7138940.ct.sendgrid.net/wf/click?upn=FZjGBOd0O3mpxrzFMTjquWyRTHHoDmQDvl38BNH27L4KSA0Cq9q3kAFpKqYUfSHF2rRYbp0wSiJtbCCxSWWgnQ-3D-3D_0Zh9xusywn2WZOnaEBPZJoBzhrS2YBYRTdZZ6zEeymOsVql3Y56sqD-2FCxk90jS7qfExNeVg-2FUkwFxZTHa17iWxPa3-2Biv56PUomWeKPOO-2Fo-2Fd7D19fAA67B3sv5Dh0yZqBiDY2p5IGUKQI76Jnq69QN-2BGIFGdkCkXAig0s7aXmXagweIBAH8kFscuTkjRbZ2gDpeuGaUCiPcdnnVJafj-2F64mbmxziyBWDRF4CzfqinvM-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30619/"
-"30618","2018-07-11 04:17:55","https://u2325990.ct.sendgrid.net/wf/click?upn=IayzWqEj2-2BZGa89lk0NpYRoLqmRtI3mJrVe-2FEziqrvy2Vt7-2BsOoA3ulSqS25uBdA6mCLjAs3rmMwoKx0RhG7mw-3D-3D_vlI7oTOyRlF9A48s8Txs8YuW7dBeaW3sx2p7Fstxmo0tKehhdKkeKjEVCho3-2FZKpq-2Fo7x5M-2FVhpAwZlhpU4OIFgq-2FEoY1AujLKhtsxdm4C8wCfyT5SNN6yzKMAzipbaFnRyZWYAN8xrOlpEj3tZu-2FTIEbLCQEyK7hc4OKj3EfPfwVZluPfozqzoNI6dOnjlVx3R5WeQZrubJisSZxjAvHQ-3D-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30618/"
-"30617","2018-07-11 04:17:52","https://u2325990.ct.sendgrid.net/wf/click?upn=dbaIHUby-2BZa9yd8lQ0GSKd8bdiKVz9XJuUTkB9QNrrAwFmGtrmsoBYlxol6rEvfchwESLYYJVXZT6Qc0ThkLrU5IFnjYazabUWnPmaCUDaE-3D_ibkLjhpQwtb3x8mUeomSyhvCevS8L2ET-2BvexkArhhanTSv-2BSw6I69U4Yx-2FHVte36BqFQvK20lGQr2vKyhOdle-2BkQyy7WG-2FEthOile-2FGdsiWso-2BarS5D8NcsOgLbx5gWi6Cc1g2M-2B5iv-2Fl23ou8AwJuxsh3rvfKzSrwE7AlwJpmvjnFavE2hgPByVRdVRipPmQJJCJUCFjjEXmVoLA5QKX4rEEhgjgn71MXwjpIg1UjU-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30617/"
-"30616","2018-07-11 04:17:50","https://u2325990.ct.sendgrid.net/wf/click?upn=3NgRntaVPLveGnm0Ws5D7UyNR8mlElzhHEN-2By4SUKql4IX2wrXAjUfyC7i1YCZBv3QT2iG5S9mpY7mEz5zQv2ikf7xZ7tszFi-2F5Jypyf0Xq32iW1HaUTD5KOVh16-2FjFTa62W-2Bk-2FTBLX717MgUQVNFQ-3D-3D_S6aQ135BGJn-2BtdkoYRorrfjKZBJMVLBBiY4keumxp1z76RJXeeYDJ1i-2FFC61HY56UNYwJGj4PAP-2FIhwq-2FBfXjSeOg-2FKFmXxQRu1NjP1iGq7bL297v0IvAUxbg-2BxSm6nq6ROmubFrVi-2FqDAYJcrpa-2BxQmmoaa35o7SSlHHNjfR7evEeYbM8nF3GJeKS02KUlWh9jA9N9YKhMVLYX5IpOS-2FrVQDRzkadPfM1-2BUUg281IY-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30616/"
-"30615","2018-07-11 04:17:46","https://u2325990.ct.sendgrid.net/wf/click?upn=3NgRntaVPLveGnm0Ws5D7T1qF8vor3H1ax8v35c-2B40dzsl9nVrwGTf7czw-2BFpqQe4AdqHB4EgHkSc3oBJVEujA-3D-3D_eTTQR4O6TMHrzh4OmzbBIPoOlaefzNBt2owQf-2BZn4UdLBQxEinBqFi3Y-2Fd0256K2kARm6FbMNDEnTGiU7NONiJhqOM4s1kMaVEYPuH40LXfxJUViG6-2B09lxs-2FR48r1YsSMHWNAIFpZYDaGTHgGD8oOaNibnySXw36dqwCfLy2Rqgi6xEKz1avjjpwkBbbHbmaxSvtfTkXBbjWt7jH3GwLO4YBFp2W9zrw5UqUQFmu-2Fs-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30615/"
-"30614","2018-07-11 04:17:44","https://u2325990.ct.sendgrid.net/wf/click?upn=3NgRntaVPLveGnm0Ws5D7QagnjAYOo2Ww-2FRHRYJXlYCRt6p8OtvSBjJpDi7ze5TZilAo4OwKMp9MYlgm-2ByMt-2B3hgDQOj4J01ZxJTiZbTPHcDu7-2FEXDHKLhjLQarO4DYgw34t6E4mL-2B8gU1A-2BburvuQ-3D-3D_EewvicOlyuKQdTY-2FN1EhW1sMrcwBdu5-2FmXoffqiB3hU-2FYIRa7f-2B32drpqoMEZ0q6hNdCeCwgFh-2FFW0oszsa8NZDIdyeU3f0Bg0Y3FH03OVkJRq6Bge54zh-2BOSlw8aNUto8-2FYasapm4pdMbU2qiTfgDPMFG6PaCmNuCyZU2mrBLaT8wVqNW6SIRp1QSZ2-2BmMLx1bJ036ne-2BPcc3GG4x-2Flo8S8CWwrvaYZ5JpnbQ1K8G0-3D/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30614/"
 "30613","2018-07-11 04:17:42","https://stufffordoctors.com/Jul2018/US/ACCOUNT/Invoice-737620/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/30613/"
 "30612","2018-07-11 04:17:41","https://downloads.intercomcdn.com/i/o/67089177/f3b57a1b092e9f1b173a2bee/INV-526968.doc/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/30612/"
 "30611","2018-07-11 04:17:39","http://zarema-kosmetolog.ru/newsletter/EN_en/Payment-and-address/HRI-Monthly-Invoice/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/30611/"
@@ -82194,7 +82435,6 @@
 "30207","2018-07-11 04:04:21","http://3.spacepel.com/files/de/DOC/Fakturierung-033568/","offline","malware_download","emotet,doc,epoch2","https://urlhaus.abuse.ch/url/30207/"
 "30206","2018-07-11 04:04:15","https://www.printontyme.co.uk/Fact-K375/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30206/"
 "30205","2018-07-11 04:04:12","https://www.irena.spacepel.com/RECHs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30205/"
-"30204","2018-07-11 04:04:11","https://u6211609.ct.sendgrid.net/wf/click?upn=-2FLK4fH5RhbXc7KGomgTwj2P6ddxqMB0jnq1kpReSfR-2F4KumTOpQyQVTE0fRBzuT1_MfwO8YXbDBxrxSXUbW6j2-2FljGkunhH4O-2BnQHtVV23Z4-2F-2Bw6zd1yx0brcHND7iS9bAgE8DCxmMSLiaiyyRxHoQJxNArVOM4V0cd86DALKyBNzLZUa67s3Y2iWc30pHFvjEbETkXMr-2Fs5uz6W7HxZjUISLuLcRwwhywhQIBDgTQYVsC8nU2bZDTs80OtXBIsqWWBR5JLBkmoPdfdPxn29VpL13-2FssQgtBYtYHYkPfxkbM-3D/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/30204/"
 "30202","2018-07-11 04:04:07","http://xn--pc-og4aubf7cxd9k4eoc.jp/Rechnungs-docs/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30202/"
 "30201","2018-07-11 04:04:04","http://www.ydhlube.com/Factura-21/97/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30201/"
 "30200","2018-07-11 04:04:01","http://www.wiki-med.ru/Overdue-payment/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/30200/"
@@ -84786,7 +85026,7 @@
 "27570","2018-07-03 21:11:08","http://www.efmj-eg.org/CdwOm/","offline","malware_download","emotet,payload,epoch2,Formbook","https://urlhaus.abuse.ch/url/27570/"
 "27569","2018-07-03 21:11:06","http://www.abilitymep.ae/mXss/","offline","malware_download","emotet,payload,epoch2","https://urlhaus.abuse.ch/url/27569/"
 "27568","2018-07-03 21:11:05","http://www.electrocad.in/4qTumjs/","offline","malware_download","emotet,payload,epoch2,heodo,Formbook","https://urlhaus.abuse.ch/url/27568/"
-"27567","2018-07-03 21:11:03","http://www.isaac.samjoemmy.com/H9TF8/","offline","malware_download","emotet,payload,epoch2,heodo,Formbook","https://urlhaus.abuse.ch/url/27567/"
+"27567","2018-07-03 21:11:03","http://www.isaac.samjoemmy.com/H9TF8/","online","malware_download","emotet,payload,epoch2,heodo,Formbook","https://urlhaus.abuse.ch/url/27567/"
 "27566","2018-07-03 21:11:02","http://www.lbbsport.pl/Izmqs/","offline","malware_download","emotet,payload,epoch2,heodo,Formbook","https://urlhaus.abuse.ch/url/27566/"
 "27565","2018-07-03 20:19:32","http://www.albinaa-med.com/GREETING-ECARDS/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/27565/"
 "27564","2018-07-03 20:19:29","http://www.marioallwyn.info/Greeting-ECard-2018/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/27564/"
@@ -84839,7 +85079,7 @@
 "27517","2018-07-03 17:10:38","http://www.aaaca.co/Zahlungserinnerung/Rechnung-Nr052228/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/27517/"
 "27516","2018-07-03 17:10:03","http://donclarkphotography.com/dev/UPS-Quantum-View/11-Nov-17-12-20-59/","offline","malware_download","heodo,emotet,doc","https://urlhaus.abuse.ch/url/27516/"
 "27515","2018-07-03 16:57:11","http://lbbsport.pl/Izmqs/","offline","malware_download","heodo,Formbook","https://urlhaus.abuse.ch/url/27515/"
-"27514","2018-07-03 16:57:10","http://isaac.samjoemmy.com/H9TF8/","online","malware_download","heodo,Formbook","https://urlhaus.abuse.ch/url/27514/"
+"27514","2018-07-03 16:57:10","http://isaac.samjoemmy.com/H9TF8/","offline","malware_download","heodo,Formbook","https://urlhaus.abuse.ch/url/27514/"
 "27513","2018-07-03 16:57:08","http://electrocad.in/4qTumjs/","offline","malware_download","heodo,Formbook","https://urlhaus.abuse.ch/url/27513/"
 "27512","2018-07-03 16:57:06","http://efmj-eg.org/CdwOm/","offline","malware_download","heodo,Formbook","https://urlhaus.abuse.ch/url/27512/"
 "27511","2018-07-03 16:57:04","http://abilitymep.ae/mXss/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/27511/"
@@ -87527,7 +87767,7 @@
 "24790","2018-06-28 08:11:03","http://jessicalinden.net/wp-ftp/hg.exe","online","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/24790/"
 "24789","2018-06-28 08:11:02","http://jessicalinden.net/wp-ftp/ghh.exe","online","malware_download","exe,lokibot,Loki","https://urlhaus.abuse.ch/url/24789/"
 "24784","2018-06-28 08:06:04","http://mail.transmisiones.pe/contactlist/likethat.exe","offline","malware_download","exe,AgentTesla","https://urlhaus.abuse.ch/url/24784/"
-"24783","2018-06-28 08:02:02","http://ngyusa.com/systems/htanelson.hta","online","malware_download","hta","https://urlhaus.abuse.ch/url/24783/"
+"24783","2018-06-28 08:02:02","http://ngyusa.com/systems/htanelson.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/24783/"
 "24782","2018-06-28 07:52:10","http://busanopen.org/Club/FOUR.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/24782/"
 "24781","2018-06-28 07:49:03","http://131.153.38.125/pacbell.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/24781/"
 "24780","2018-06-28 07:48:03","http://www.fpmtutomobili.com/infos.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/24780/"
@@ -92430,7 +92670,7 @@
 "19767","2018-06-15 15:40:18","http://ranokel.de/QYIL088549/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19767/"
 "19766","2018-06-15 15:40:15","http://ramerman.nl/o/HZLQN39/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19766/"
 "19765","2018-06-15 15:40:14","http://ptmskonuco.me.gob.ve/wp-content/INV/AG-39561134196/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19765/"
-"19764","2018-06-15 15:40:10","http://pracowniaroznosci.pl/LLC/JOO91036945211AE/Feb-28-2018-223147224/EFXA-EZAG-Feb-28-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19764/"
+"19764","2018-06-15 15:40:10","http://pracowniaroznosci.pl/LLC/JOO91036945211AE/Feb-28-2018-223147224/EFXA-EZAG-Feb-28-2018/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/19764/"
 "19763","2018-06-15 15:40:09","http://phunutoiyeu.com/C6V3PNRD43UOWBFC/Corporation/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19763/"
 "19761","2018-06-15 15:32:07","http://onebrickmusic.com/XbPnH/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19761/"
 "19762","2018-06-15 15:32:07","http://pekny.eu/AGD-1959810481/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19762/"
@@ -93564,7 +93804,6 @@
 "18615","2018-06-13 16:10:13","http://www.morningico.com/Invoices-for-US-055/1/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/18615/"
 "18614","2018-06-13 16:10:04","http://www.learn.efesmoldova.md/Commercial-Invoices-06132018-070N/5/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/18614/"
 "18613","2018-06-13 16:09:06","http://www.vitanta.md/UPS-DSI-INV-627/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/18613/"
-"18612","2018-06-13 16:06:34","https://u7027497.ct.sendgrid.net/wf/click?upn=FgXMNlCf-2FuDpddghUTTHG7vmAw9q5kuL1FHAMC2etEqTpI0BEPk3PmQWB0K6yiv-2BSUGeaKWw-2FBMRAVY6Lgk8HQ-3D-3D_j69TppKtoheIiuvXUUvh3BcjuMrzjCs2KwbhqVkKp8wZGpX-2FNJOni-2FieFDuJoIHiGmnjJCCYRgsFjgyc-2BzJUFOUWbYXNBzAky-2BZRYI78Ky2B-2FAeuOdJEkKA8EZpEo9ofhSdcv0q9ncA-2FXaxQ6pb2GCQiN8qu57n95AglRtBfrd60pGskYkkXHtsmSInzNn2iyGQq75-2Fh9Z5hOrrMt9YoHRWCMsA-2FTaKPk2jVnyeh9kM98RFpmxoTvUSGhi-2FJrVzr","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/18612/"
 "18611","2018-06-13 16:06:31","http://www.moneybuy428.ru/ACCOUNT/Invoice/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18611/"
 "18610","2018-06-13 16:06:30","http://www.kobimseo.net/IRS-Accounts-Transcipts-055R/0/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18610/"
 "18609","2018-06-13 16:06:29","http://datos.com.tw/image/album/normal/STATUS/Invoice-50398960-Invoice-date-061118-Order-no-6094361725/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18609/"
@@ -93572,9 +93811,7 @@
 "18607","2018-06-13 16:06:25","http://www.web1.molweb.ru/IRS-Letters-June-2018-569/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18607/"
 "18606","2018-06-13 16:06:24","http://suidi.com/IRS-Tax-Transcipts-June-2018-058/95/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18606/"
 "18605","2018-06-13 16:06:22","http://0532dna.com/FILE/Services-06-13-18-New-Customer-UW/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18605/"
-"18604","2018-06-13 16:06:14","https://u6653447.ct.sendgrid.net/wf/click?upn=RyLUdRnjc9im-2FXbrDTe3hMhNTPdrmW5GBcTa5EcnDsgalzli4tre8vSSeD1f8-2BOcG3VRP-2FRoMnmup2ZmkwIefw-3D-3D_AFD9Bhu7HeZDXurwmlXk8JXnVQr7X9TDO1W3PCEDnS36qCPw3kUhTcsgkIZp1SCi8afyeSBtS6D0WHJGbUIIu5o4h1e50jCmKqbe0S8phcaU-2B-2FatkNZJIptt88ZARkIaiv1U7ZULq-2BNp4skcdAAC2t-2Bkp2miq2i9AwfjKTvVxKzlms-2B2XXw8r2Q81482evEUO75szvcubNaY-2Bk7e9Kb6E-2F099tzVrvmZtQXHfkI7JCo-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/18604/"
 "18603","2018-06-13 16:06:10","http://93.51.132.124/IRS-TRANSCRIPTS-028/74/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18603/"
-"18602","2018-06-13 16:06:09","https://u7027497.ct.sendgrid.net/wf/click?upn=2QxRd2BXeJL3cqYyVOOlSoUW-2F9n3MWf5AKuCZhWnxx0c6vWB6jLead-2FohDyJdTZGBwP5qMf4-2BClSrSprq-2FC0wntZwenLkCE34swyPuUqpqw-3D_oApxaxUYt1d93P3P0uM2h8N28Muwxu6FwsNLriUiiifs0qdNpZkiukMAT90l0BpulHDc6B67yG7HgkpEMTCYn-2FcoK78h5jYxyq9IAHIHWt6S0VXzCq-2B9orabYj8zezn2QAaFj71Po89MEET5ycyp0DZOxyZAPqpENgIoNP0nApk8hptfd0DLswVOgw98ndTVgO3znN2kMpq3Gax578KF-2BuREsy0I5OC-2FnuUdOekhlFo-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/18602/"
 "18601","2018-06-13 16:06:05","http://projectonebuilding.com.au/Client/Invoice-25154324009-06-13-2018/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18601/"
 "18600","2018-06-13 16:06:03","http://www.teczowa-przygoda.pl/IRS-Tax-Transcipts-661/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18600/"
 "18599","2018-06-13 16:00:18","http://www.kokkeakademiet.dk/DOC/Services-06-13-18-New-Customer-XE/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18599/"
@@ -93584,8 +93821,6 @@
 "18595","2018-06-13 16:00:09","http://homedeco.com.ua/IRS-TRANSCRIPTS-June-2018-061S/63/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18595/"
 "18594","2018-06-13 16:00:08","http://www.theinfo-page.com/IRS-TRANSCRIPTS-6752/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18594/"
 "18593","2018-06-13 16:00:07","http://www.moneybuy423.ru/ACCOUNT/tracking-number-and-invoice-of-your-order/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18593/"
-"18592","2018-06-13 16:00:06","https://u6653447.ct.sendgrid.net/wf/click?upn=l9G8nRIFV0bEzkxG8EwQaRCS-2FCS4wJWta80uPF7L5ZH9IE-2FViLrCfSiZtIpPFT1Le8FrJUv2goVEdTEArpiuhw-3D-3D_ifbYjCUaScvbe8qFo0m7Rz2tumlxyf-2FQCJvV1Lb-2BOTWs-2FER3QhRHlci1TrqM5VvDxVCD1QsEaUI-2FV6ogrr3r4xEjklIEWP267m6M8AU60sphCYCoyGOBHGYXjsimWI2O258a-2FPCYPBV2JnmJKLj2hMVMaGXGdMztFJoUs-2Fc14LKYQrzhlDv4y0qkbhTYFT9hxUELfu39o1dMI1UlwFe5pQ-3D-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/18592/"
-"18590","2018-06-13 16:00:04","http://u6653447.ct.sendgrid.net/wf/click?upn=iddSGmDd7dHiDhmsNIJQDzNH9T62ZxwM-2BuGodIjYRfZTW4TRjod1fIyLtnO-2BVPDGH0OE5JizGb5w3lfwCFCwWg-3D-3D_GzedeRhFj8ks3BMciZUAgLXRtgrJID2g8-2Bijy4qRz-2B-2FDssoKMCD8-2BCka9DFyD-2F-2BkBJoUXfI8fuzFLUH16TquD5GLYEuoooSvjRyiUkxWgUbkKhbvWL-2BBNHOcTG52P76rU6ptpGPKT-2FV1YezAiOqKbG7uumbzXZqleUWp9ixLBHbv4CvQgovGzMp7ai6N5RCwHUJFx6e-2Fj6F1JVPjpuBjk9KoWT2XT0363okq0a75-2BL8-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/18590/"
 "18591","2018-06-13 16:00:04","http://www.oz-tekpersonelkiyafetleri.com/DOC/ACCOUNT18128095/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18591/"
 "18589","2018-06-13 15:09:24","http://www.saigar.com/TNFaux/","offline","malware_download","emotet,payload,epoch1,heodo","https://urlhaus.abuse.ch/url/18589/"
 "18588","2018-06-13 15:09:22","http://www.gplawyers.eu/Qfi2DG/","offline","malware_download","emotet,payload,epoch1,heodo","https://urlhaus.abuse.ch/url/18588/"
@@ -93600,16 +93835,13 @@
 "18579","2018-06-13 14:59:14","http://www.loveid.gr/photos/portfolio/IRS-Accounts-Transcipts-062018-00X/3/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18579/"
 "18578","2018-06-13 14:59:12","http://www.beyhannakliyat.com/FILE/invoice/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18578/"
 "18577","2018-06-13 14:59:09","http://www.xn--80aalmei2ak.xn--p1ai/IRS-TRANSCRIPTS-066O/7/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18577/"
-"18576","2018-06-13 14:59:08","https://u6653447.ct.sendgrid.net/wf/click?upn=WtH5lqlvtU2K64FhcNVEMyoa3vm7mt-2Bur58RuEQVqgq5ckY5AM-2F2QJ9-2FOduhX7QrF3SjAHguEDR4A4yR1qH3GA-3D-3D_dZdmncppqS0rwqJ1XUc5d0sqgBB-2BYSLbXp3agiMSJR82i-2FicJQQ1j5zn7q-2BA0OPD-2BYU6mnbWax0lsBJObE8g-2FZkyD-2F3G5QyaeuS1wyoytYcUomO5foxQM8dwsk-2BVSQVSVD1C27m-2FHlEp1v7vAArLKycgNS-2Bns7ydIoe8DZpUC-2BQysriHdziTvjK26PUAfJ9Y0o-2BLokbCuujRImAji1igIPXSO-2BRusqNzkPjZwBdaaWw-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/18576/"
 "18575","2018-06-13 14:59:05","http://www.cecconi.com.br/DOC/Invoice-602577/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18575/"
 "18574","2018-06-13 14:55:05","http://amid090.s3.amazonaws.com/reg.exe","offline","malware_download","fareit","https://urlhaus.abuse.ch/url/18574/"
 "18573","2018-06-13 14:54:02","http://80.211.189.104/bins.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/18573/"
 "18572","2018-06-13 14:49:15","http://www.beta.salon.mn/Client/Invoice-981475/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18572/"
-"18571","2018-06-13 14:49:10","https://u7027497.ct.sendgrid.net/wf/click?upn=9V3-2FABjDNP8qNsAEslh4xtxPL2MIoaxoqaZv3lQHwzg-2FQqerVPp6-2BskFEF-2FLqdNHHzQ3BCe09DsYp0A48D-2BT-2FQ-3D-3D_W77bTy6YRdHySgTK0Dy8RRArCJtQjksvKZawhpHaHmTB3rYASw799NrKz-2Fy9mAe4pywMLRVlJZ9tp1Wd7idOky43cbtRkiCz3b9wKNhHgH4gnnNqBnb8YKzZfLAEL8o6-2B-2B6kb2ehtg5-2FT1PdAZjDQv2uNDMbkHMU9t1hl9lxLm-2BSHWU62OqnUUXdBoS0TWFC3bhsh4AYMvcZkg9SgvedKKy3pwG3It-2FZ5eHB6CaiUKNsiJIcI2mMp-2BpivW5eQ73B","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/18571/"
 "18570","2018-06-13 14:49:08","http://gudovich.ru/Client/Payment/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18570/"
 "18569","2018-06-13 14:49:07","http://www.triboteen.com.br/IRS-Tax-Transcipts-June-2018-8815/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18569/"
 "18568","2018-06-13 14:49:04","http://122.155.197.12/www/IRS-Transcripts-043B/30/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18568/"
-"18567","2018-06-13 14:49:02","https://u7027497.ct.sendgrid.net/wf/click?upn=OPmInPFBvveNunjNCu6N-2FTR3gmXwojoLnls4Gub0ZHV8JkJvfG4nG8-2BGtB1ScDej_JpHmTIXx1UCCsOIUL9WFn6Z1Ajk-2Bw-2FWbVGBB-2FgKigzYYm6zuOoJnyoq7omCQUmq-2Ff4-2B1u-2BYdYUuD8RO3DuuJun-2By5CEy-2FHoKoPKiEaM0wEvDIzC5CKKyyY2PMGszNpEAJMen2ZgDMuzhqEDM7x3euimwLizZ5j5y7Z0PFzVfz-2FcDfvZly5VKe0Brg4BlIaz1vLITYDX1VTepLDlr0HiS5Q-3D-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/18567/"
 "18565","2018-06-13 14:46:53","http://henby.com.br/IRS-Letters-062018-01S/93/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18565/"
 "18566","2018-06-13 14:46:53","http://www.vedischeweg.ch/IRS-Transcripts-June-2018-7408/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18566/"
 "18564","2018-06-13 14:46:49","http://www.sadeqncp.mobileaps.in/IRS-Tax-Transcipts-2124/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/18564/"
@@ -94707,7 +94939,6 @@
 "17436","2018-06-11 20:23:05","http://raffaelli.com.br/IRS-Tax-Transcipts-9475/","offline","malware_download","emotet,doc,epoch1,heodo,Formbook","https://urlhaus.abuse.ch/url/17436/"
 "17435","2018-06-11 20:23:04","http://autoteile-cologne.de/IRS-Letters-June-2018-902/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/17435/"
 "17434","2018-06-11 20:23:03","http://llupa.com/IRS-Transcripts-01D/79/","offline","malware_download","emotet,doc,epoch1,heodo,Formbook","https://urlhaus.abuse.ch/url/17434/"
-"17433","2018-06-11 20:16:03","https://u6653447.ct.sendgrid.net/wf/click?upn=W49dBqbzDZltku8NI1LIYkLKB9dxSOYcpwVoYMXDYP8MN2fqLqOolsS3-2FkpSsJCszRf-2BkSB-2BBoi5MjhNPpi0h-2BCG9DzJHtewk08h-2BZfT3OM-3D_13fNF-2FhA459eCCiHyZ-2F5Plb1Nd7jFB9y522rGL-2B9m0cY63ezFnZu-2BGmrsHWF3yEKQ1QYb36bxZMV8qVw3IuaaIEp2d7hzo4AV-2FDyHxD3YkPITs8FIj2pB0EYnO9nCP9rElfFJXekO0s5or2HWQY4-2BocMtsDVv5h34Ba-2Fhy4MqzBhVnFX8N-2B2UcAmy9P7tw6bAGF6Ifhs-2FWEdRxfh894v4UZMDUS-2B8lAPlGKsSCghZeU-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/17433/"
 "17432","2018-06-11 19:56:03","http://giophoto.com/IRS-Accounts-Transcipts-05/3/","offline","malware_download","emotet,doc,epoch1,heodo,Formbook","https://urlhaus.abuse.ch/url/17432/"
 "17431","2018-06-11 19:55:04","http://jmamusical.jp/wordpress/wp-content/IRS-Transcripts-June-2018-702/","offline","malware_download","emotet,doc,epoch2,heodo","https://urlhaus.abuse.ch/url/17431/"
 "17430","2018-06-11 19:53:12","http://hygienic.co.th/components/com_photo/IRS-Tax-Transcipts-062018-06X/5/","online","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/17430/"
@@ -94833,7 +95064,6 @@
 "17310","2018-06-11 16:19:04","http://meta-designs.com/IRS-Tax-Transcipts-062018-088L/1","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/17310/"
 "17309","2018-06-11 16:19:03","http://ieletron.com/IRS-Accounts-Transcipts-June-2018-7144/","offline","malware_download","emotet,doc,epoch1,heodo,Formbook","https://urlhaus.abuse.ch/url/17309/"
 "17308","2018-06-11 16:14:02","http://67.205.155.185:80/AB4g5/Josho.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/17308/"
-"17307","2018-06-11 16:07:06","https://u7027497.ct.sendgrid.net/wf/click?upn=FgXMNlCf-2FuDpddghUTTHGxzfwqUun1noxclCsMcdqGPXkjxbCgRBEqbeZD5VeFczgzVkcbIED-2FJfajqSiCqvJTh-2BAIJMYsNuNFv-2BsauXUDk-3D_gk918d7yL4nPKcNQFnCvX-2FgbDKB2sTLD8FUQztEVpYUulpKiLP6AtMygfUcG2kr1CUBsTXw9QBJfNfp1AWTveXQ3z0u4QwKYqnzuNGWtkt-2BZlSJRcVjGxuWJPVvO9ALMqE5-2BByWEiBPdDLLsDW6WUNRlI-2FZAwQG0PbDAAmJKUl5h-2BgxLFW3YT6XIPzpFKMai-2FAStBagqXfS5noDYKNZ1qpdouPRNfpq54QXlhg-2Be6bI-3D","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/17307/"
 "17306","2018-06-11 16:07:05","http://trose.org/IRS-Tax-Transcipts-015/","offline","malware_download","emotet,doc,epoch1,heodo,Formbook","https://urlhaus.abuse.ch/url/17306/"
 "17305","2018-06-11 16:07:03","http://jhvankeulen.nl/IRS-Transcripts-June-2018-080/37/","offline","malware_download","emotet,doc,epoch1,heodo","https://urlhaus.abuse.ch/url/17305/"
 "17303","2018-06-11 16:07:02","http://mafiamike.com/IRS-Letters-June-2018-050/2/","offline","malware_download","emotet,doc,epoch1","https://urlhaus.abuse.ch/url/17303/"
@@ -100736,49 +100966,49 @@
 "11105","2018-05-18 12:17:25","http://www.vesinee.com/coli1.exe","offline","malware_download","Loki","https://urlhaus.abuse.ch/url/11105/"
 "11104","2018-05-18 12:17:13","http://www.vesinee.com/ben.exe","offline","malware_download","Loki","https://urlhaus.abuse.ch/url/11104/"
 "11103","2018-05-18 12:16:47","http://mine.zarabotaibitok.ru/download/autonomic/ServerHS.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11103/"
-"11102","2018-05-18 12:12:18","http://mine.zarabotaibitok.ru/Downloads/Servise/Instaler.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11102/"
-"11101","2018-05-18 12:11:53","http://mine.zarabotaibitok.ru/Downloads/Servise/System.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11101/"
-"11100","2018-05-18 12:11:13","http://mine.zarabotaibitok.ru/Downloads/Servise/Updater.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11100/"
-"11099","2018-05-18 12:10:29","http://mine.zarabotaibitok.ru/Downloads/Servise/Updater1.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11099/"
-"11098","2018-05-18 12:09:51","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11098/"
-"11097","2018-05-18 12:08:44","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv13.exe","offline","malware_download","Ransomware.GandCrab,AgentTesla","https://urlhaus.abuse.ch/url/11097/"
-"11096","2018-05-18 12:08:06","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv14.exe","offline","malware_download","njRAT,AgentTesla","https://urlhaus.abuse.ch/url/11096/"
-"11095","2018-05-18 12:07:17","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv16.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11095/"
+"11102","2018-05-18 12:12:18","http://mine.zarabotaibitok.ru/Downloads/Servise/Instaler.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11102/"
+"11101","2018-05-18 12:11:53","http://mine.zarabotaibitok.ru/Downloads/Servise/System.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11101/"
+"11100","2018-05-18 12:11:13","http://mine.zarabotaibitok.ru/Downloads/Servise/Updater.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11100/"
+"11099","2018-05-18 12:10:29","http://mine.zarabotaibitok.ru/Downloads/Servise/Updater1.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11099/"
+"11098","2018-05-18 12:09:51","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11098/"
+"11097","2018-05-18 12:08:44","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv13.exe","online","malware_download","Ransomware.GandCrab,AgentTesla","https://urlhaus.abuse.ch/url/11097/"
+"11096","2018-05-18 12:08:06","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv14.exe","online","malware_download","njRAT,AgentTesla","https://urlhaus.abuse.ch/url/11096/"
+"11095","2018-05-18 12:07:17","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv16.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11095/"
 "11094","2018-05-18 12:06:24","http://mine.zarabotaibitok.ru/Downloads/Servise/reneme_run.bat","offline","malware_download","None","https://urlhaus.abuse.ch/url/11094/"
-"11093","2018-05-18 12:06:22","http://mine.zarabotaibitok.ru/Downloads/Servise/Instaler.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11093/"
-"11092","2018-05-18 12:05:23","http://mine.zarabotaibitok.ru/Downloads/Rundll/instsrv.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11092/"
-"11091","2018-05-18 12:05:21","http://mine.zarabotaibitok.ru/Downloads/Rundll/new.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11091/"
-"11090","2018-05-18 12:04:30","http://mine.zarabotaibitok.ru/Downloads/Rundll/srvany.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11090/"
-"11089","2018-05-18 12:04:28","http://mine.zarabotaibitok.ru/Downloads/Modul/Clean.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11089/"
+"11093","2018-05-18 12:06:22","http://mine.zarabotaibitok.ru/Downloads/Servise/Instaler.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11093/"
+"11092","2018-05-18 12:05:23","http://mine.zarabotaibitok.ru/Downloads/Rundll/instsrv.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11092/"
+"11091","2018-05-18 12:05:21","http://mine.zarabotaibitok.ru/Downloads/Rundll/new.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11091/"
+"11090","2018-05-18 12:04:30","http://mine.zarabotaibitok.ru/Downloads/Rundll/srvany.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11090/"
+"11089","2018-05-18 12:04:28","http://mine.zarabotaibitok.ru/Downloads/Modul/Clean.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11089/"
 "11088","2018-05-18 12:04:20","http://mine.zarabotaibitok.ru/Downloads/Modul/Clean.vbs","offline","malware_download","None","https://urlhaus.abuse.ch/url/11088/"
 "11087","2018-05-18 12:04:13","http://mine.zarabotaibitok.ru/Downloads/Modul/SystemNT.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11087/"
 "11086","2018-05-18 12:03:20","http://mine.zarabotaibitok.ru/Downloads/Modul/SystemNT.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11086/"
-"11085","2018-05-18 12:02:26","http://mine.zarabotaibitok.ru/Downloads/Modul/load.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11085/"
+"11085","2018-05-18 12:02:26","http://mine.zarabotaibitok.ru/Downloads/Modul/load.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11085/"
 "11084","2018-05-18 12:01:53","http://mine.zarabotaibitok.ru/Downloads/Modul/load.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11084/"
 "11083","2018-05-18 12:01:40","http://mine.zarabotaibitok.ru/Downloads/Modul/load1.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11083/"
 "11082","2018-05-18 12:00:58","http://mine.zarabotaibitok.ru/Downloads/Modul/load_old.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11082/"
-"11081","2018-05-18 12:00:19","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X86/SystemNT.exe","offline","malware_download","Gozi,AgentTesla","https://urlhaus.abuse.ch/url/11081/"
-"11080","2018-05-18 11:59:14","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X86/SystemNT.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11080/"
-"11079","2018-05-18 11:58:47","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X64/SystemNT.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11079/"
-"11078","2018-05-18 11:58:32","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X64/SystemNT.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11078/"
-"11077","2018-05-18 11:57:49","http://mine.zarabotaibitok.ru/Downloads/KM_HS/hostdll.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11077/"
-"11076","2018-05-18 11:56:41","http://mine.zarabotaibitok.ru/Downloads/KM_GS/svhost.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11076/"
-"11075","2018-05-18 11:53:42","http://mine.zarabotaibitok.ru/Downloads/KM_GS/GS_Svc.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11075/"
-"11074","2018-05-18 11:51:12","http://mine.zarabotaibitok.ru/Downloads/worms/nc.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11074/"
+"11081","2018-05-18 12:00:19","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X86/SystemNT.exe","online","malware_download","Gozi,AgentTesla","https://urlhaus.abuse.ch/url/11081/"
+"11080","2018-05-18 11:59:14","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X86/SystemNT.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11080/"
+"11079","2018-05-18 11:58:47","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X64/SystemNT.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11079/"
+"11078","2018-05-18 11:58:32","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X64/SystemNT.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11078/"
+"11077","2018-05-18 11:57:49","http://mine.zarabotaibitok.ru/Downloads/KM_HS/hostdll.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11077/"
+"11076","2018-05-18 11:56:41","http://mine.zarabotaibitok.ru/Downloads/KM_GS/svhost.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11076/"
+"11075","2018-05-18 11:53:42","http://mine.zarabotaibitok.ru/Downloads/KM_GS/GS_Svc.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11075/"
+"11074","2018-05-18 11:51:12","http://mine.zarabotaibitok.ru/Downloads/worms/nc.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11074/"
 "11073","2018-05-18 11:51:07","http://mine.zarabotaibitok.ru/Downloads/XP/Secyrityi_IE.vbs","offline","malware_download","None","https://urlhaus.abuse.ch/url/11073/"
-"11072","2018-05-18 11:46:24","http://mine.zarabotaibitok.ru/Downloads/XP/Secyrityi_IE.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11072/"
+"11072","2018-05-18 11:46:24","http://mine.zarabotaibitok.ru/Downloads/XP/Secyrityi_IE.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11072/"
 "11071","2018-05-18 11:46:17","http://mine.zarabotaibitok.ru/Downloads/bat.bat","offline","malware_download","None","https://urlhaus.abuse.ch/url/11071/"
 "11070","2018-05-18 11:46:16","http://mine.zarabotaibitok.ru/Downloads/111.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11070/"
 "11067","2018-05-18 11:45:39","http://dhm-mhn.com/floyd/htadbabas2.hta","offline","malware_download","None","https://urlhaus.abuse.ch/url/11067/"
 "11068","2018-05-18 11:45:39","http://dhm-mhn.com/floyd/htanyinwa.hta","offline","malware_download","None","https://urlhaus.abuse.ch/url/11068/"
 "11066","2018-05-18 11:45:38","http://dhm-mhn.com/floyd/dbabs2.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11066/"
 "11065","2018-05-18 11:45:15","http://dhm-mhn.com/floyd/anyinwa.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11065/"
-"11064","2018-05-18 11:44:53","http://mine.zarabotaibitok.ru/Downloads/instller.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11064/"
+"11064","2018-05-18 11:44:53","http://mine.zarabotaibitok.ru/Downloads/instller.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11064/"
 "11063","2018-05-18 11:44:17","http://mine.zarabotaibitok.ru/Downloads/Commentary.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11063/"
-"11062","2018-05-18 11:43:39","http://mine.zarabotaibitok.ru/Downloads/Miner_zec/nheqminer.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11062/"
-"11061","2018-05-18 11:43:02","http://mine.zarabotaibitok.ru/Downloads/Miner_zec/cpu_tromp_SSE2.dll","offline","malware_download","None","https://urlhaus.abuse.ch/url/11061/"
-"11060","2018-05-18 11:42:59","http://mine.zarabotaibitok.ru/Downloads/Miner_zec/cpu_tromp_AVX.dll","offline","malware_download","None","https://urlhaus.abuse.ch/url/11060/"
-"11059","2018-05-18 11:42:55","http://mine.zarabotaibitok.ru/Downloads/Miner_zec/Miner_zec.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11059/"
+"11062","2018-05-18 11:43:39","http://mine.zarabotaibitok.ru/Downloads/Miner_zec/nheqminer.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11062/"
+"11061","2018-05-18 11:43:02","http://mine.zarabotaibitok.ru/Downloads/Miner_zec/cpu_tromp_SSE2.dll","online","malware_download","None","https://urlhaus.abuse.ch/url/11061/"
+"11060","2018-05-18 11:42:59","http://mine.zarabotaibitok.ru/Downloads/Miner_zec/cpu_tromp_AVX.dll","online","malware_download","None","https://urlhaus.abuse.ch/url/11060/"
+"11059","2018-05-18 11:42:55","http://mine.zarabotaibitok.ru/Downloads/Miner_zec/Miner_zec.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11059/"
 "11039","2018-05-18 11:14:14","http://p3m.polines.ac.id/sites/default/files/ac/ccu.exe","offline","malware_download","ImminentRAT,rat,exe","https://urlhaus.abuse.ch/url/11039/"
 "11038","2018-05-18 11:04:47","http://columbiainstitute.org/O/YBC4RQ/","offline","malware_download","heodo,emotet,ext","https://urlhaus.abuse.ch/url/11038/"
 "11037","2018-05-18 11:04:27","http://1sfdhlkl.tk/asdfdxcv.exe","offline","malware_download","Pony,exe","https://urlhaus.abuse.ch/url/11037/"
@@ -101854,7 +102084,7 @@
 "9955","2018-05-14 18:36:38","http://czeppel.de/0nazhAOqz16YlX/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/9955/"
 "9954","2018-05-14 18:36:26","http://topazdigitalmedia.com/BmMqJHqUmRWg/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/9954/"
 "9953","2018-05-14 18:36:14","http://arpacigroup.com/aAo6bfH6446/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/9953/"
-"9952","2018-05-14 18:36:04","http://divergentsight.net/vlOshurOl/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/9952/"
+"9952","2018-05-14 18:36:04","http://divergentsight.net/vlOshurOl/","online","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/9952/"
 "9951","2018-05-14 18:35:52","http://detss.com/j4PYEqU/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/9951/"
 "9950","2018-05-14 18:35:42","http://davidzink.com/wDV1rWDbF28/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/9950/"
 "9949","2018-05-14 18:35:35","http://axiscook.com/Re0hajZKHmu/","offline","malware_download","emotet,doc,heodo","https://urlhaus.abuse.ch/url/9949/"
diff --git a/urlhaus-filter.txt b/urlhaus-filter.txt
index f5919f7e..0a2377b0 100644
--- a/urlhaus-filter.txt
+++ b/urlhaus-filter.txt
@@ -1,5 +1,5 @@
 ! Title: abuse.ch URLhaus Malicious URL Blocklist
-! Updated: Wed, 30 Jan 2019 12:22:48 UTC
+! Updated: Thu, 31 Jan 2019 00:22:02 UTC
 ! Expires: 1 day (update frequency)
 ! Repo: https://gitlab.com/curben/urlhaus-filter
 ! License: https://creativecommons.org/publicdomain/zero/1.0/
@@ -16,6 +16,7 @@
 101.200.214.249
 101.96.10.47
 103.100.209.198
+103.109.57.221
 103.254.86.219
 103.51.249.64
 103.76.173.180
@@ -68,14 +69,15 @@
 118.99.239.217
 12.25.14.44
 120.52.51.13
+121.147.51.57
 121.149.49.178
 121.177.239.68
+121.208.17.77
 121.242.207.115
 121.41.0.159
 122.100.82.30
 122.114.246.145
 122.117.99.185
-122.160.196.105
 122.49.66.39
 123.194.235.37
 125.135.185.152
@@ -90,7 +92,6 @@
 139.199.131.146
 14.230.232.48
 14.39.104.93
-14.39.241.60
 14.43.233.212
 14.44.8.176
 14.46.104.156
@@ -104,24 +105,28 @@
 142.93.211.141
 150.co.il
 151.236.38.234
-151.80.8.17
 152.250.124.4
+154.85.35.82
 15666.online
 157.230.10.129
 157.230.164.74
 157.230.175.134
-157.230.209.246
 157.230.211.181
+157.230.214.229
+157.230.216.122
 157.230.62.208
 159.203.69.66
 159.65.155.170
 159.65.185.61
+159.89.235.73
+162.213.249.37
 162.222.188.61
-162.243.137.61
 163.172.151.205
 165.227.212.62
 166.70.72.209
+168.235.98.135
 171.97.62.107
+172.85.185.216
 173.167.154.35
 173.169.46.85
 173.216.255.71
@@ -133,8 +138,12 @@
 175.195.204.24
 175.206.44.197
 176.56.236.122
+176.97.211.183
+177.189.220.179
 177.222.163.32
 177.68.147.145
+177.96.98.104
+178.128.237.177
 178.173.147.1
 178.62.243.26
 179.220.125.55
@@ -152,7 +161,6 @@
 184.11.126.250
 184.18.169.61
 184.72.117.84
-185.101.105.173
 185.101.107.191
 185.11.146.84
 185.118.166.205
@@ -162,6 +170,7 @@
 185.195.236.165
 185.22.154.248
 185.234.217.21
+185.234.218.10
 185.244.25.109
 185.244.25.133
 185.244.25.134
@@ -169,7 +178,6 @@
 185.244.25.145
 185.244.25.148
 185.244.25.168
-185.244.25.174
 185.244.25.176
 185.244.25.177
 185.244.25.194
@@ -179,6 +187,7 @@
 185.244.25.234
 185.244.25.241
 185.244.25.98
+185.246.154.75
 185.26.31.94
 185.62.188.19
 185.94.33.22
@@ -232,7 +241,6 @@
 200.2.161.171
 200.63.45.101
 201.168.151.182
-201.21.249.54
 201.43.239.223
 202.55.178.35
 203.146.208.208
@@ -242,11 +250,9 @@
 205.185.119.253
 205.185.120.227
 206.189.112.94
-206.189.20.94
 206.189.68.184
 206.255.52.18
 208.51.63.150
-208.89.215.123
 209.141.33.126
 209.141.33.154
 209.141.38.89
@@ -263,6 +269,7 @@
 212.150.222.45
 212.36.31.215
 212.77.144.84
+213.57.13.135
 216.170.120.102
 217.139.86.228
 217.160.51.208
@@ -281,6 +288,7 @@
 220.71.181.42
 220.89.79.46
 221.121.41.139
+221.146.91.205
 221.159.211.136
 221.167.229.24
 221.226.86.151
@@ -318,7 +326,7 @@
 36.67.206.31
 37.130.81.162
 37.252.74.43
-37.34.244.167
+37.34.247.30
 37.44.212.223
 37.48.125.107
 3dcrystalart.com.ua
@@ -347,7 +355,9 @@
 46.97.76.190
 47.186.74.215
 49.159.104.121
+49.159.8.123
 49.255.48.5
+4kopmarathon.in
 4pointinspection.net
 5.101.181.67
 5.201.128.15
@@ -359,8 +369,8 @@
 50.240.88.162
 50.242.141.75
 50.250.107.139
+5072610.ru
 51.38.186.179
-51.75.91.6
 579custom.space
 58.230.89.42
 59.124.90.231
@@ -378,6 +388,7 @@
 62.162.127.182
 62.219.127.170
 62.219.131.205
+62.83.253.78
 63.245.122.93
 64.62.250.41
 64.69.83.43
@@ -398,9 +409,11 @@
 77.139.74.206
 77.79.190.82
 777ton.ru
+78.128.92.27
 78.142.29.110
 78.186.165.233
 78.187.81.161
+78.38.31.88
 78.39.232.91
 78.96.20.79
 78.96.28.99
@@ -408,13 +421,12 @@
 79.2.211.133
 7bwh.com
 80.11.38.244
-80.174.87.250
 80.178.214.184
 80.184.103.175
 80.211.113.14
 80.211.35.63
+80.211.4.5
 80.211.44.61
-80.211.89.26
 80.87.197.123
 81.133.236.83
 81.213.166.175
@@ -433,6 +445,8 @@
 83.57.161.162
 84.108.209.36
 84.183.153.108
+84.214.54.35
+84.38.133.155
 85.222.91.82
 85.250.36.135
 85.70.68.107
@@ -464,6 +478,7 @@
 92.63.197.153
 92.63.197.48
 92.63.197.60
+926cs.com
 93.174.93.149
 93.33.203.168
 93.41.182.249
@@ -484,7 +499,6 @@
 9youwang.com
 Heavensconcept.ng
 a-kiss.ru
-a.xiazai163.com
 a46.bulehero.in
 aa-publisher.com
 abbottech-my.sharepoint.com
@@ -506,12 +520,13 @@ adaptronic.ru
 adarma.xyz
 adcash.ga
 addkasbl.com
+admininfotech.in
 adornacream.com
 afimetal.es
 afpols-seminaires.fr
+africanstitch.co.za
 africanwriters.net
 africimmo.com
-afrika.by
 agkiyamedia.com
 agri2biz.com
 agulino.com
@@ -531,16 +546,14 @@ aksaraybelediyesi.tv
 aksaraycocukaktivitemerkezi.com
 akvarij.org
 al-wahd.com
-alaturkadoner.net
 alba1004.co.kr
 alexhhh.chat.ru
-alexpopow.com
 alexxrvra.com
 alexzstroy.ru
+alfemimoda.com
 alftechhub.com
 algoritm2.ru
 ali-apk.wdjcdn.com
-alicecaracciolo.it
 alkmaarculinairplaza.nl
 alkopivo.ru
 all4mums.ru
@@ -557,6 +570,7 @@ alpha.intouchreminder.com
 alsafeeradvt.com
 alsahagroup.com
 altuntuval.com
+alucorex.com
 aluigi.altervista.org
 am-tex.net
 amariaapartsminaclavero.000webhostapp.com
@@ -574,6 +588,7 @@ anhhunghaokiet.net
 anket.kalthefest.org
 ansabstud.com
 antigua.aguilarnoticias.com
+antonwilliams.co.za
 anvietpro.com
 anwalt-mediator.com
 aolpunjab.org
@@ -613,7 +628,9 @@ askhenry.co.uk
 asncustoms.ru
 asndjqwnewq.com
 astramedvil.ru
+astravernici.es
 atelier-serrurier.com
+atskiysatana.ga
 atskiysatana.gq
 attach.66rpg.com
 attaqwapreneur.com
@@ -624,7 +641,6 @@ aulist.com
 aussietruffles.com
 australiaadventures.com
 ausvest-my.sharepoint.com
-authenticity.id
 autosarir.ir
 ava-group.us
 avazturizm.com
@@ -643,13 +659,12 @@ aygwzxqa.applekid.cn
 aysemanay.com
 aztel.ca
 aztramadeconsulting.co.ke
+b2grow.com
 b7center.com
 babetrekkingtour.com
 babyparrots.it
 bachhoatrangia.com
-backpacker.view-indonesia.com
 backuptest.tomward.org.uk
-bag22.ru
 baixenoibai24h.com
 bakita.life
 balajisewasamiti.org
@@ -657,16 +672,16 @@ balkaniks.de
 balkanteam.ba
 bancakoi.net
 bangmang888.com
-bangplaschool.com
 banjojimonline.com
+bank911.ru
 baonghetinh.com
 bapo.granudan.cn
 barhat.info
-bastien27.net
 batallon.ru
 batdongsan3b.com
 batdongsanphonoi.vn
 baza-dekora.ru
+bbs.0210cc.com
 bbs.sundance.com.cn
 bbs.sunwy.org
 bbsfile.co188.com
@@ -688,17 +703,23 @@ behomespa.com
 beirdon.com
 bekamp3.com
 belyi.ug
+bengalbreeze.com
 benomconsult.com
+benstrange.co.uk
 bepcuicaitien.com
 bepgroup.com.hk
+berdikari.site
 bero.0ok.de
+berusaha.demiimpian.site
 besserblok-ufa.ru
 bestdeals-online.co.uk
 bestprogrammingbooks.com
 beta.adriatictours.com
 bethrow.co.uk
 beyondbathroomsandplumbing.co.uk
+bezoekbosnie.nl
 bhplazatravel.com
+bienhieutrongnha.com
 biennhoquan.com
 bietthunghiduong24h.info
 billfritzjr.com
@@ -722,6 +743,7 @@ bobors.se
 bonheur-salon.net
 bottraxanhtini.com
 bouresmau-gsf.com
+boxpik.com
 boylondon.jaanhsoft.kr
 bparj.xyz
 brainchildmultimediagroup.com
@@ -734,7 +756,8 @@ bucharest-independent-escort.com
 bundle.kpzip.com
 burasiaksaray.com
 bureauproximo.com.br
-bwspragueconsultingservices.com
+buycaliforniacannabis.com
+bxfwgc.com
 bylw.zknu.edu.cn
 bysourtoast.com
 c.pieshua.com
@@ -742,11 +765,8 @@ c2c.webprojemiz.com
 ca.fq520000.com
 ca.hashpost.org
 ca.monerov8.com
-ca.posthash.org
 cache.windowsdefenderhost.com
 cadencespa.net
-caffemichelangelo.com
-cam-tech.ir
 cambalacheando.com
 cameraista.com
 camerathongminh.com.vn
@@ -765,7 +785,6 @@ cash888.net
 cathome.org.tw
 cathwaylinksexpress.com
 catk.hbca.org.cn
-cbsr.com.pk
 cbup1.cache.wps.cn
 cc78.bg
 cccb-dz.org
@@ -777,11 +796,11 @@ cds.w2w3w6q4.hwcdn.net
 cedartreegroup.com
 celadoncity.sandiaocviet.com
 cellulosic.logicalatdemo.co.in
+centipedeusa.com
 ceo.org.my
 ceoseguros.com
 ceotweet.com
 cerebro-coaching.fr
-ceronamtinclube.icu
 cerotex.webprojemiz.com
 cesan-yuni.com
 ceu-hosting.upload.de
@@ -790,6 +809,7 @@ cfs11.planet.daum.net
 cfs4.tistory.com
 cfs8.tistory.com
 cfs9.tistory.com
+cgameres.game.yy.com
 ch.rmu.ac.th
 chalesmontanha.com
 changemindbusiness.com
@@ -803,17 +823,17 @@ cheats4gaming.com
 chefpromoter.com
 chepa.nl
 chilenoscroatas.cl
-chinesetimes.jp
 chippingscottage.customer.netspace.net.au
+chopoodlehanoi.com
 chotinh18.com
 chrstiansagainstpoverty-my.sharepoint.com
-chsud.futminna.edu.ng
 chungkhoannews.com
 churchinbirmingham.org.uk
 chuyensacdep.com
 cinarspa.com
 circumstanction.com
 citiad.ru
+citizensportinstitute.org
 cityexportcorp.com
 citylawab.com
 ckobcameroun.com
@@ -826,6 +846,7 @@ clinicacasuo.com.br
 clinicasense.com
 cliniqueelmenzah.com
 cloud.kryptonia.fr
+cloudme.com
 clubmestre.com
 cmnmember.coachmohdnoor.com
 cncoutfitting.com
@@ -834,6 +855,7 @@ cnzjmsa.gov.cn
 cognitiontraining.com
 coinspottechrem.ru
 collagehg.ie
+colmenacl.net
 coloradosyntheticlubricants.com
 colorise.in
 colorshotevents.com
@@ -846,17 +868,20 @@ computerwiz.cc
 comtechadsl.com
 conectacontualma.com
 coneymedia.com
+config.cqhbkjzx.com
+config.myjhxl.com
 config.wulishow.top
+config.wwmhdq.com
+config.younoteba.top
 conseil-btp.fr
-constructiis3.ro
 construction.nucleus.odns.fr
 consultingro.com
 contaresidencial.com
 copsnailsanddrinks.fr
-coralsupplies.com
 coronadodirectory.com
 corporaciondelsur.com.pe
 cortijodebornos.es
+cp.tayedi.com
 cqbooths.com
 craftmartonline.com
 craftyz.shop
@@ -875,7 +900,6 @@ curious-cities.com
 currencyavenue.com
 cvbintangjaya.com
 cvetisbazi.ru
-cwc.vi-bus.com
 czsl.91756.cn
 d1.gamersky.net
 d1.paopaoche.net
@@ -888,7 +912,10 @@ d9.99ddd.com
 da.alibuf.com
 dadieubavithuyphuong.vn
 dailylinhkien.com
+dailynewslog.com
 dailywaiz.com
+danataifco.ir
+dancesportcareers.com
 danisasellers.com
 dansavanh.in.th
 daocoxachilangnam.org.vn
@@ -908,20 +935,19 @@ dcfloraldecor.lt
 ddd2.pc6.com
 ddup.kaijiaweishi.com
 de-patouillet.com
-decobrevo.com
+de.thevoucherstop.com
 deeperwants.com
 deka-asiaresearch.com
-delili.net
 deltaviptemizlik.com
 demicolon.com
 demo.dsistemas.net
 demo.esoluz.com
+demo.minecraft.edu.vn
 denizyildizikresi.com
+dentalradiografias.com
 depraetere.net
-desatisfier.com
 descubrecartagena.com
 desensespa.com
-designbrochure.us
 detectin.com
 dev.europeanexperts.com
 dev.microcravate.com
@@ -956,6 +982,7 @@ dionis.club
 dirc-madagascar.ru
 distinctiveblog.ir
 ditec.com.my
+divergentsight.net
 dkck.com.tw
 dl.008.net
 dl.bypass.network
@@ -969,7 +996,7 @@ dns.fq520000.com
 docs.web-x.com.my
 dog.502ok.com
 dom-sochi.info
-domainflying.com
+dominstalacje.pl
 dominusrex.fr
 domproekt56.ru
 dongygiatruyentienhanh.net
@@ -980,13 +1007,15 @@ down.ancamera.co.kr
 down.cltz.cn
 down.ctosus.ru
 down.ecubefile.com
-down.eebbk.net
 down.haote.com
 down.kuwo.cn
+down.leyoucoc.cn
 down.pdf.cqmjkjzx.com
 down.pdflist.cqhbkjzx.com
 down.qm188.com
+down.soft.6789.net
 down.soft.hyzmbz.com
+down.soft.yypdf.cn
 down.softlist.hyzmbz.com
 down.startools.co.kr
 down.topsadon.com
@@ -997,6 +1026,7 @@ down.zynet.pw
 down1.arpun.com
 down1.greenxf.com
 down1.topsadon1.com
+down10b.zol.com.cn
 down11.downyouxi.com
 down5.mqego.com
 down7.downyouxi.com
@@ -1021,9 +1051,8 @@ dralpaslan.com
 drapart.org
 draqusor.hi2.ro
 draven.ru
+dreambigbuilder.com
 dreammaster-uae.com
-dreamzshop.xyz
-dreferparafusos.com.br
 drivingwitharrow.com
 drjoshihospital.com
 dronesremote.com
@@ -1056,18 +1085,14 @@ dx71.downyouxi.com
 dx73.downyouxi.com
 dx74.downyouxi.com
 dx93.downyouxi.com
-dxdown.2cto.com
-e-vel.by
 earnbdt.com
 easycargo.cf
 easydown.stnts.com
 easydown.workday360.cn
 eatyergreens.com
-ebabi.fun
 ec2-13-126-174-234.ap-south-1.compute.amazonaws.com
 ecchionline.com
 eclairesuits.com
-eclectiqueindustries.com
 efreedommaker.com
 eg-concept.com
 egitimambari.com
@@ -1106,9 +1131,9 @@ epsintel.com
 epta.co.id
 equilibriummedical.com.br
 eravon.co.in
+ereds6969.ru
 erestauranttrader.com
 ericleventhal.com
-ericotv.com
 erolatak.com
 eroscenter.co.il
 escorter.info
@@ -1151,18 +1176,20 @@ fd.uqidong.com
 fenlabenergy.com
 fergus.vn
 ferudunkarakas.com
-fg24.am
 fib.usu.ac.id
 fight2fit.in
 file.foxitreader.cn
 file.tancyo.blog.shinobi.jp
 filehhhost.ru
 filen3.utengine.co.kr
+files.fqapps.com
 files.hrloo.com
 files.zzattack.org
 files6.uludagbilisim.com
 finalblogger.com
+findascholarship.ga
 firephonesex.com
+firesafetytraining.in
 fitonutrient.com
 fixi.mobi
 fjorditservices.com
@@ -1179,6 +1206,7 @@ forodigitalpyme.es
 forum.webprojemiz.com
 foto-4k.org
 fpw.com.my
+fr.buzzimag.com
 francetvreplay.com
 francoisebon.fr
 franklincovey.co.ke
@@ -1187,13 +1215,10 @@ freelancecommunication.fr
 fribola.com
 frigotechniek.be
 frispa.usm.md
-fristpolychem.download
 froidfond-stejeannedarc.fr
-frostime.net
 fst.gov.pk
 fstd.com.tw
 ftp.doshome.com
-ftpcnc-p2sp.pconline.com.cn
 fujita.ac
 fullhead.co.jp
 fundacionmontehoreb.org.ve
@@ -1203,17 +1228,14 @@ furiousgold.com
 fusioncoin.site
 futurealind.com
 fxtraderlog.com
-fyo.com
 g34zxc4qwe.com
 gacdn.ru
-gallerygraphics.com
 gamblchange.club
 game.baihanxiao.com
 game111.52zsoft.com
-gamedoithe.net
 gamehack.chat.ru
-gameonlinedoithuong.com
 ganapatihelp.com
+garizzlas.top
 gather-cloud.s3.amazonaws.com
 gauff.co.ug
 gawefawef114.com
@@ -1223,12 +1245,16 @@ geckochairs.com
 gemriverside-datxanh.xyz
 general.it
 gerstenhaber.org
+geshtalt.mk
 getaddressclick.com
 getgeekgadgets.com
+gezondheidscentrumdemare.nl
 ghancommercialbank.com
 ghayoorabbasofficial.com
+ghazaldookht.ir
 ghislain.dartois.pagesperso-orange.fr
 giamcansieunhanh.com
+giancarloraso.com
 giardiniereluigi.it
 giay136.com
 gilhb.com
@@ -1256,6 +1282,7 @@ greenwhitegranit.com
 gritcoworks.com
 ground-africa.com
 grouper.ieee.org
+gubremontpc.ru
 gulzarhomestay.com
 h-bva.ru
 h-guan.com
@@ -1266,7 +1293,6 @@ hackdownload.free.fr
 haeum.nfile.net
 hairandshoes.com
 hairbyalexis.co.uk
-hairpd.com
 hairrecoverysolution.com
 hakim.ws
 hakronteknoloji.com
@@ -1274,7 +1300,6 @@ hamamelsalam.org
 hamanakoen.com
 hanaphoto.co.kr
 handinhand.com.au
-handle.com.tw
 hanuram.net
 haornews24.com
 happysunfellbach.com
@@ -1290,7 +1315,7 @@ heartburnsafe.com
 heartseasealpacas.com
 heartware.dk
 hebros.id
-help.postsupport.net
+heizungsnotdienst-sofort.de
 helpandinformation.uk
 hemiaitbd.com
 hexacam.com
@@ -1315,6 +1340,7 @@ hondaparadise.co.th
 hookerdeepseafishing.com
 hopeintlschool.org
 horizont.az
+host.gomencom.website
 host1727451.hostland.pro
 hosurbusiness.com
 hoteleseconomicosacapulco.com
@@ -1327,8 +1353,6 @@ hotshot.com.tr
 hourofcode.cn
 housesittingreference.com
 htxl.cn
-hungryman.vi-bus.com
-huurwoningdirect.nl
 hwasungchem.co.kr
 hyboriansolutions.net
 hydra100.staroundi.com
@@ -1342,26 +1366,22 @@ iapjalisco.org.mx
 iar.webprojemiz.com
 ibnkhaldun.edu.my
 icases.pro
-iccl.club
 icmcce.net
-icta.futminna.edu.ng
 idalabs.com
 idealse.com.br
-ielts-india.in
 ighighschool.edu.bd
 igra123.com
 igsm.co
-ijabr.futminna.edu.ng
 ikuhentai.net
 illdy.azteam.vn
 illmob.org
-illuminedroma.com
+imadsolutions.in
 images.tax861.gov.cn
 imf.ru
 img.martatovaglieri.com
 img19.vikecn.com
+img54.hbzhan.com
 imish.ru
-imo-xis.com
 inceptionradio.planetparanormal.com
 infolift.by
 ingomanulic.icu
@@ -1372,11 +1392,11 @@ ini.588b.com
 ini.58qz.com
 ini.egkj.com
 innoohvation.com
-installatiebedrijfroosendaal.nl
 instantcashflowtoday.com.ng
 int-tcc.com
 int2float.com
 integraga.com
+integratedhomesllc.com
 intelligintion.com
 interbizservices.eu
 intercity-tlt.ru
@@ -1404,13 +1424,12 @@ it-accent.ru
 itcomputernarsingdi.com
 itimius.com
 itray.co.kr
-its.futminna.edu.ng
 itskillconsulting.com
-iuwrwcvz.applekid.cn
-ivsnet.org
 ivydental.vn
 j610033.myjino.ru
+jackservice.com.pl
 jagadishchristian.com
+jaihanuman.us
 jambanswers.org
 jamieatkins.org
 jannah.web.id
@@ -1419,6 +1438,7 @@ jascopump.com
 jaspinformatica.com
 javatank.ru
 javcoservices.com
+jawfin.net
 jayc-productions.com
 jbcc.asia
 jbnortonandco.com
@@ -1441,13 +1461,12 @@ jobgreben5.store
 jobssa.org
 johkar.net
 johnnycrap.com
-johnscevolaseo.com
 johnsonearth.com
 jolange.com.au
+jonathandocksey.co.uk
 jordanembassy.org.au
 joseantony.info
 josephreynolds.net
-jostmed.futminna.edu.ng
 journeyoncall.com
 jovanaobradovic.com
 jswlkeji.com
@@ -1455,7 +1474,6 @@ jteng.cn.com
 juliannepowers.com
 juntoalbarrio.cl
 justbathrooms.net
-justfordemos.tk
 juupajoenmll.fi
 jzny.com.cn
 k-investigations.com
@@ -1472,12 +1490,10 @@ karavantekstil.com
 kardelenozelegitim.com
 kareebmart.com
 karnatakajudo.org
-kasutwakai.com
 katariahospital.com
 kbfqatar.org
 kblpartners.com
 kcstv.si
-kdjf.guzaosf.com
 kdoorviet.com
 kemmypham.com
 kennyandka.com
@@ -1492,12 +1508,10 @@ kientrucviet24h.com
 kienvangvungtau.com
 kimono-kor.com
 kimyen.net
-kinginfogamer.com
 kingpinmedia.co.uk
 kingshipbuilding.com
 kirtifoods.com
 kittipakdee.com
-kl82.belpravo.by
 knaufdanoline.cf
 kngcenter.com
 kniedzielska.pl
@@ -1513,13 +1527,14 @@ konjacteaturkiye.com
 koppemotta.com.br
 kormbat.com
 kortinakomarno.sk
-korvital.com
+kosarhaber.com
+kosarhaber.xyz
 koumbaservice.com
 kozaimarinsaat.com
 kr1s.ru
 krasnobrodsky.ru
 krazyfin.com
-kredyty-hipoteczne24.com.pl
+kreditorrf.ru
 kriso.ru
 ksumnole.org
 ksviet.com
@@ -1527,32 +1542,33 @@ kuaizip.com
 kudteplo.ru
 kuoying.net
 kurumsal.webprojemiz.com
+kurzal.ru
 kwalityzns.com
 kymviet.vn
-kyty810.com
 l4r.de
 labersa.com
 labphon15.labphon.org
+labtcompany.com
 laconcernedparents.com
 laflamme-heli.com
 lakshmicollege.org
 lalie-bioty.fr
 lameguard.ru
 lamesadelossenores.com
-lancang.desa.id
+lanco-flower.ir
 landes-hotes.com
 landglobaltrip.com
-landmarkbytherivers.com
 lanele.co.za
-lanhodiepuytin.com
 lanhoo.com
 lapiadinadellacioza.it
 lapontelloise.fr
+laquintablinds.net
 lartisto-cocina.com
 laurapetrioli.com
 lawindenver.com
 lawlabs.ru
 lbermudez.000webhostapp.com
+ld.mediaget.com
 le-castellino.fr
 le-sancerrois.com
 lead.bilisim2023.com
@@ -1565,6 +1581,7 @@ lelcrb.by
 lemonremodeling.com
 lemurapparel.cl
 lemycofreight.com
+lenvesti.ru
 leonardokubrick.com
 lespetitsloupsmaraichers.fr
 lesprivatzenith.com
@@ -1581,26 +1598,23 @@ limancnc.com
 lioiousdy.cf
 lists.ibiblio.org
 lists.reading.ac.uk
-littlemonkeysfunhouse.com
 littleumbrellas.net
-live.bhavishyagyan.com
 live.cricskill.com
 livechallenge.fr
 livemag.co.za
 livetrack.in
 llhd.jp
-locarx.dev4you.net
 log.yundabao.cn
 logopediaromaeur.it
 lokahifishing.com
 lonesomerobot.com
 looktravel.ge
+lostboysentertainment.com
 lostri-o.com
 louiskazan.com
 lovecookingshop.com
-lpru.antalogic.com
-lrprealestate.vi-bus.com
 luhguesthouse.co.za
+lukahoward.com
 lussos.com
 lusteri.com
 lutuyeindonesia.com
@@ -1608,6 +1622,7 @@ luyenthitoefl.net
 m-onefamily.com
 mackleyn.com
 macsoft.shop
+madrascrackers.com
 maf-orleans.fr
 magicienalacarte.com
 mahler.com.br
@@ -1639,6 +1654,7 @@ mathcontest.info
 max.bazovskiy.ru
 maximcom.in
 maxpower.group
+maxtraidingru.437.com1.ru
 mayfairissexy.com
 mayphatrasua.com
 mazegp.com
@@ -1651,6 +1667,8 @@ media.atwaar.com
 media0.webgarden.name
 mediaglobe.jp
 medicalfarmitalia.it
+medifastpeoriaaz.com
+meetbg.com
 meliscar.com
 melonacreations.co.za
 menderesbalabankirdugunsalonu.com
@@ -1669,9 +1687,10 @@ micronet-solutions.com
 micropcsystem.com
 migoascoran.com
 miketec.com.hk
+mikrotik.com.pe
 milagro.com.co
 milltechrecruitment.co.za
-mimiabner.com
+mine.zarabotaibitok.ru
 minerways.xyz
 mingroups.vn
 miniboone.com
@@ -1682,7 +1701,6 @@ mirocaffe.ro
 mirror.tallysolutions.com
 mirzalar.com.tr
 missionautosalesinc.com
-mississipi2011.com.br
 mistryhills.co.za
 mitsubishidn.com.vn
 mitsubishijogjaklaten.com
@@ -1691,11 +1709,9 @@ mjtodaydaily.com
 mkk09.kr
 mleatherbags.com
 mm2017mmm.com
-mmefoundation.org
 mmgsk.com
 mmmnasdjhqweqwe.com
 mmmooma.zz.am
-mmqremoto3.mastermaq.com.br
 mncprojects.com
 mobile.tourism.poltava.ua
 mobilhondakalbar.com
@@ -1710,6 +1726,7 @@ moradoor.com
 morganceken.se
 mostkuafor.com
 motelfortpierce.com
+motorent.mk
 mowbaza.chat.ru
 mozarthof.com
 mrhinkydink.com
@@ -1722,6 +1739,7 @@ mulkiyeisinsanlari.org
 mutevazisaheserler.com
 muzhskoedelo.by
 mv360.net
+mxd-1253507133.file.myqcloud.com
 my-health-guide.org
 myboysand.me
 myelectrive.com
@@ -1729,7 +1747,6 @@ mymachinery.ca
 mymercedesdirect.com
 myphamhanbok.com
 myphamnarguerite.vn
-myrltech.com
 mysbta.org
 mytrains.net
 myvcart.com
@@ -1757,19 +1774,16 @@ nevadacomputer.com
 newbiecontest.org
 newsnaija.ng
 newwater-my.sharepoint.com
-newxing.com
 next-vision.ro
 nextsearch.co.kr
 nexusdental.com.mx
 nexusonedegoogle.com
 ngkidshop.com
 ngmaservice.com
-ngoshakarpura.online
 ngtcclub.org
 nguyenthanhriori.com
 ngyusa.com
 niaa.org.au
-nigeriafasbmbcongress.futminna.edu.ng
 nightonline.ru
 nikolajwulff.dk
 nisanbilgisayar.net
@@ -1777,7 +1791,6 @@ nismotek.com
 nitadd.com
 nitsinternational.com
 nizhalgalsociety.com
-njeas.futminna.edu.ng
 nklj.com
 nobleartproject.pl
 noithatnghiakhiet.com
@@ -1789,10 +1802,10 @@ noscan.us
 notes.town.tillsonburg.on.ca
 novacasanova.band
 novichek-britam-v-anus.000webhostapp.com
+npbina.com
 nrnreklam.com
 ntcetc.cn
 ntdjj.cn
-nuevasoportunidades.net
 nuibunsonglong.com
 numb-inside.info
 nworldorg.com
@@ -1804,10 +1817,11 @@ o24o.ru
 oa.kingsbase.com
 obseques-conseils.com
 oceangate.parkhomes.vn
+oceanzacoustics.com
 ocmama.net
 ocmama.vn
 odesagroup.com
-oganiru.in
+ogilvy.africa
 oinfernosaoosoutros.net
 okhan.net
 okroi.net
@@ -1824,19 +1838,18 @@ ongac.org
 onggiodieuhoa.com
 onk-motocross.nl
 onlinedown.down.123ch.cn
-ontamada.ru
 opticalexpressbd.com
 optimasaludmental.com
+optspiner.ru
 orclei.com.br
 orderauto.es
 orishinecarwash.com
 osdsoft.com
+osezrayonner.ma
 ossi4.51cto.com
 ostappnp.myjino.ru
 osteklenie-balkonov.tomsk.ru
 ostyle-shop.net
-otohondavungtau.com
-overhax.org
 owczarnialefevre.com
 oxatools.de
 p.owwwa.com
@@ -1847,7 +1860,9 @@ p6.zbjimg.com
 pabloteixeira.com
 packshotclippingpath.com
 pagasahora.com
+palmspringsresorts.net
 panafspace.com
+parmanandcollege.in
 parsintelligent.com
 pasakoyluagirnakliyat.com
 pastelcolors.in
@@ -1860,12 +1875,14 @@ paul.falcogames.com
 paulownia-online.ro
 pay.aqiu6.com
 pay.hudavaqt.com
+pc.xzstatic.com
 pc6.down.123ch.cn
 pcgame.cdn0.hf-game.com
 pchubonline.com
 pcltechtest2.com
 pcr1.pc6.com
 pcrp-org.com
+pcsoft.down.123ch.cn
 pds36.cafe.daum.net
 penfocus.com
 perminas.com.ni
@@ -1875,19 +1892,18 @@ petparents.com.br
 peyzaj.site
 phatgiaovn.net
 phattrienviet.com.vn
-photomoura.ir
+pinarilata.com
 pink99.com
 pioneerfitting.com
 pioneerhometution.com
 pivmag02.ru
 pjbuys.co.za
-pjfittedkitchens.com
 placarepiatra.ro
+platinumalt.site
 playhard.ru
 pleasureingold.de
 plum.joburg
-pmpclasses.net
-pnneuroeducacao.pt
+pmb.unugiri.ac.id
 pocketmate.com
 podologoalicante.com.es
 podologotarragona.es
@@ -1896,10 +1912,11 @@ polytechunitedstates.com
 porn-games.tv
 pornbeam.com
 poroshenko-best.info
-pos.vi-bus.com
 posta.co.tz
 powerdrive-eng.com
 powerwield.com
+pozan.nl
+pracowniaroznosci.pl
 preladoprisa.com
 prenak.com
 prfancy-th.com
@@ -1909,19 +1926,19 @@ prithvigroup.net
 private.cgex.in
 prodogmagazine.com
 produccion.sanmartindelosandes.gov.ar
+profreestyle.nl
 proinstalco.ro
 projectonebuilding.com.au
 promoagency.sk
-promocja.iwnirz.pl
 propolisterbaik.com
 prosmotr-bot.eu
 prosoft-industry.eu
 prosolutionplusdiscount.com
-pruebas.zecaenergia.com
 psakpk.com
 psgkbv.org
 psychod.chat.ru
 pushkinplaza.by
+pusqik.iainbengkulu.ac.id
 pustakbistak.com
 pwp7.ir
 qobiljon.uz
@@ -1929,17 +1946,17 @@ qppl.angiang.gov.vn
 qsongchihotel.com
 quatanggiaminh.com
 quebrangulo.al.gov.br
-queekebook.com
 quintoesquerdo.net
 quynhtienbridal.com
 rabhomes.com
+radicocinas.com.mx
 radugaru.com
 ramenproducciones.com.ar
 rapidc.co.nz
 rapidsolut-my.sharepoint.com
 rarejewelry.net
 rashelslawdesk.com
-raspain.chat.ru
+rc.ixiaoyang.cn
 realdealhouse.eu
 realgen-marketing.nl
 realgen-webdesign.nl
@@ -1960,6 +1977,10 @@ restaurantelataperiadel10.com
 restlesz.su
 reviewzaap.azurewebsites.net
 riaztex.com
+rielt911.ru
+rightbrainleftbrain.win
+rijschool-marketing.nl
+ritimsports.com
 rkverify.securestudies.com
 rncnica.net
 rnosrati.com
@@ -1968,6 +1989,7 @@ robbedinbarcelona.com
 robertmcardle.com
 robhogg.com
 robjunior.com
+robotforex.youralgo.com
 rodaleitura.canoas.ifrs.edu.br
 roffers.com
 romanyaciftevatandaslik.com
@@ -1982,6 +2004,8 @@ rotor.olsztyn.pl
 rrbyupdata.renrenbuyu.com
 rrrradkqwdojnqwd.com
 rtcfruit.com
+rubisanmarino.org
+rucop.ru
 ruforum.uonbi.ac.ke
 rukiyekayabasi.com
 rulamart.com
@@ -2007,7 +2031,6 @@ saigonthinhvuong.net
 sainashabake.com
 saint-mike.com
 salon-semeynaya.ru
-salongolenarges.ir
 salonrocket.com
 samar.media
 samet-gunes.com
@@ -2020,7 +2043,6 @@ sanliurfakarsiyakataksi.com
 sareestore.vworks.in
 sartek.com.vn
 saspi.es
-sassearch.net
 satilik.webprojemiz.com
 satsantafe.com.ar
 savegglserps.com
@@ -2028,18 +2050,20 @@ saveserpnow.com
 saveserpresults.com
 sbe.sa
 scafandro.com.br
+scchurch.kr
+scholarshipfinder.ga
 schuurs.net
 scjelah.com
 scopice.com
 scouthibbs.com
 sczlsgs.com
+sdvg-impuls.ru
 seccomsolutions.com.au
 secumor.com
 sedotwcsejakarta.com
 seetec.com.br
 seftonplaycouncil.org.uk
 segmentsolutions.com
-segurivil.cl
 sekobec.com
 send.webprojemiz.com
 sentrypc.download
@@ -2055,6 +2079,7 @@ setembroamarelo.org.br
 setincon.com
 setticonference.it
 setupadsfile.yxdown.com
+seyh9.com
 sfpixs123.dothome.co.kr
 sg123.net
 sgm.pc6.com
@@ -2066,17 +2091,18 @@ shawnballantine.com
 shbaoju.com
 shellter-static.s3.amazonaws.com
 shengen.ru
+shimge.omk.dp.ua
 shirazmode.ir
 shlifovka.by
 shly.fsygroup.com
 shop.theirishlinenstore.com
 shopatease.bajwadairy.com
-shopfit.com.sg
 shopocmama.com
 shopseaman.com
 shrikailashlogicity.in
-sibtransauto-nsk.ru
+sibcat.info
 sight-admissions.com
+signcutpro.com
 significadoswords.com
 signsdesigns.com.au
 sim.stikesbanyuwangi.ac.id
@@ -2100,27 +2126,26 @@ skytechretail.co.uk
 slboutique.com.br
 slk.solarinstalacoes.eng.br
 slowianskawieza.pl
-sls-eg.com
 sm.fq520000.com
 sm.myapp.com
 small.962.net
 smartdogsshop.com
 smarteraccounts365-my.sharepoint.com
-smartsavunma.com.tr
 smemy.com
 smpadvance.com
 smplmods-ru.1gb.ru
 snappybooster.com
 soccer4peaceacademy.com
 socialbuzz.org.in
+socialinvestmentaustralia.com.au
 sofmak.com
 sofrehgard.com
+soft.114lk.com
 soft.duote.com.cn
 soft2.mgyun.com
 softhy.net
 software.rasekhoon.net
 sohointeriors.org
-soivip.net
 solarium.energy
 soloenganche.com
 soloftp.com
@@ -2129,38 +2154,43 @@ songspksongspk.top
 soo.sg
 sophiacollegemumbai.com
 sophrologie-untempspourmoi.fr
-sosacres.com
 sosh47.citycheb.ru
 soumaille.fr
 sousvidetogo.com
-sozdanie-sajtov.rise-up.nsk.ru
 sp11dzm.ru
 spamitback.com
 sparkuae.com
+spdemo.info
+spinnersar.ru
 spitlame.free.fr
 spotify.webprojemiz.com
 spth.virii.lu
 sputnikmailru.cdnmail.ru
 srikrungdd.com
+ssearthmovers.in
 ssgarments.pk
 ssmmbed.com
+ssofhoseuegsgrfnu.ru
 st-medical.pl
+stablinost.ug
+staging.tigertennisacademy.com
 standart-uk.ru
 staraba.com
+startupinternetmarketing.com
 static.3001.net
 static.error-soft.net
 static.ilclock.com
-stationhousepubandgrill.ca
 statsrichwork.com
+stomnsco.com
 stonerholidays.com
 storetoscore.com
 stoutarc.com
 stroim-dom45.ru
 stroppysheilas.com.au
 stroyexpertiza.org
+studentloans.credezen.com
 subramfamily.com
 successtitle.com
-sudaninsured.com
 sugarlandsfinestretrievers.com
 sumandev.com
 summertour.com.br
@@ -2174,7 +2204,9 @@ suzannababyshop.com
 sv.pvroe.com
 svadebka.by
 svn.cc.jyu.fi
+svyyoursoft.com
 swanescranes.com.au
+sxyige.com
 sylvaclouds.eu
 sylvanbrandt.com
 symbisystems.com
@@ -2187,8 +2219,9 @@ t8q79q8wdqw1d.com
 tabaslotbpress.com
 tahmincik.webprojemiz.com
 taichinhtrondoi.com
-takhnit.co.il
+talkstolearn.com
 tamagocin.com
+tapchisuckhoengaynay.com
 taplamnguoi.com
 tapnprint.co.uk
 taraward.com
@@ -2201,10 +2234,10 @@ tc-jaureguiberry.fr
 tck136.com
 tcy.198424.com
 td111.com
-teal.download.pdfforge.org
 teambored.co.uk
 teamfluegel.com
 techidra.com.br
+technorio.com.np
 tecnologiaz.com
 teensbar.com
 tehilacrew.com
@@ -2221,6 +2254,8 @@ teste111.hi2.ro
 tfile.7to.cn
 thaibbqculver.com
 thaidocdaitrang.com
+thaithiennam.vn
+thales-las.cfdt-fgmm.fr
 thanhlapdoanhnghiephnh.com
 thanhtungtanluoc.com
 thankyoucraig.com
@@ -2241,16 +2276,18 @@ thepresentationstage.com
 thepuffingtonhost.com
 thequeencooks.com
 theroarradio.com
-therxreview.com
 theshoremalacca.com
 theshowzone.com
 thesunavenuequan2.com
 thiensonha.com
+thietkewebwp.com
 thinhphatstore.com
 thnxsupp.eu
 thosewebbs.com
+thptngochoi.edu.vn
 thucphammena.com
 thuducland.net
+thuysinhlongthanh.com
 thuytienacademy.com
 tiaoma.org.cn
 tienlambds.com
@@ -2259,14 +2296,14 @@ tigress.de
 time.awebsiteonline.com
 timlinger.com
 tiras.org
-tirnotrade.com
 tisoft.vn
 titheringtons.com
+tkds.cl
 toddbransky.com
-todoemergencias.cl
 tokokusidrap.com
 tonghopgia.net
 tonsilstonessolution.com
+tontonfilms.com
 tonyleme.com.br
 top-flex.com
 top-persona.by
@@ -2276,15 +2313,15 @@ topstick.co.kr
 topwinnerglobal.com
 topwintips.com
 tours-fantastictravel.com
-tours.pt
-tovbekapisi.com
+tradingmatic.youralgo.com
+traffic.wilmingtonbigtalker.com
 trafficpullz.co.in
 traktorski-deli.si
 trakyapeyzajilaclama.com
 tramper.cn
 trangtraichimmau.com
-travourway.com
 trddi.com
+tree.sibcat.info
 treehugginpussy.de
 trehoadatoanthan.net
 trendonlineshop.xyz
@@ -2295,7 +2332,6 @@ truongdayhoclaixe.edu.vn
 tryonpres.org
 tsg339.com
 tsport88.com
-ttobus.com
 tuananhhotel.com
 tuandecal.net
 tubdispvitvitebsk.by
@@ -2319,11 +2355,9 @@ uflhome.com
 uk.thevoucherstop.com
 ulco.tv
 ultrasatshop.com
-underluckystar.ru
 uniformesjab.com
 universitytransplantcenter.com
 unixfit.moscow
-uogauoga.lt
 up.ksbao.com
 up.vltk1ctc.com
 up2m.politanisamarinda.ac.id
@@ -2338,12 +2372,14 @@ uplloadfile.ru
 upload.moe
 upload.ynpxrz.com
 url.246546.com
+urologyhifuusa.com
 us.cdn.persiangig.com
 usa-market.org
 usa1services.com
 usmantea.com
 ussrback.com
 uuuuu.com.tw
+uxz.didiwl.com
 uycqawua.applekid.cn
 uzri.net
 vaatzit.autoever.com
@@ -2351,28 +2387,28 @@ vadhuvarparichay.com
 vaeaincorp-my.sharepoint.com
 valencecontrols.com
 valkarm.ru
+van-wonders.co.uk
+vanana.co.kr
 vanphongtuyensinhanninhnhandan.info
 variantmag.com
+vario-reducer.com
 vaz-synths.com
 vektorex.com
 veryboys.com
 vetesnik.webpark.cz
 vetsaga.com
 victoryoutreachvallejo.com
-view-indonesia.com
+viettalent.edu.vn
 vigilar.com.br
 villakaffeebohne.com
 vincity-oceanpark-gialam.com
 vincopharmang.com
 vinhomeshalongxanh.xyz
 viswavsp.com
-vivaochoro.com.br
 viztarinfotech.com
 vodai.bid
 volammienphi.net
-vskaze.ru
 vw-stickerspro.fr
-wadspay.com
 wahathalwancontracting.com
 wakalad.com
 wanderers.com
@@ -2397,21 +2433,22 @@ weresolve.ca
 westland-onderhoud.nl
 wg233.11291.wang
 wg50.11721.wang
-widztech.com
 wiebe-sanitaer.de
 wieczniezywechoinki.pl
 wikimomi.com
 williamenterprisetrading.com
+win-speed.com
 winape.net
 winecorkartist.com
-wins-power.com
 wisdom-services.com
 wmd9e.a3i1vvv.feteboc.com
 wonderful-davinci-e6a9e8.netlify.com
 worldlinkaddress.com
 worshipped-washer.000webhostapp.com
 wowepic.net
+wp3.dosanite.com
 wsparcie-it.pro
+wstria.jp
 wt.mt30.com
 wt110.downyouxi.com
 wt111.downyouxi.com
@@ -2426,34 +2463,32 @@ wt92.downyouxi.com
 wtftube.bid
 www2.itcm.edu.mx
 wxbsc.hzgjp.com
-wyptk.com
 xaydungphuongdong.net
-xblbnlws.appdoit.cn
 xethugomrac.com.vn
 xiaou-game.xugameplay.com
+xiazai.vosonic.com.cn
 xiazai.xiazaiba.com
 xizanglvyou.org
 xmr-services.net
+xmrcgpu.com
 xn-----6kcabnyujk3amba3araccbdbrg.xn--p1ai
 xn-----6kcbb0ab7adihwc4ajhz5a4b9gta.xn--p1ai
 xn----8sbfbei3cieefbp6a.xn--p1ai
-xn----htbybfcxh3h.xn--p1ai
 xn--1-7sbc0bfr0ah0c.xn--p1ai
 xn--174-mdd9c4b.xn--p1ai
 xn--42c9ajcvlnf2e4cncez70aza.com
 xn--5dbalbrcab0al1jnj.co.il
 xn--80abhfbusccenm1pyb.xn--p1ai
-xn--80ajicwc0afqf.xn--p1ai
 xn--90aeb9ae9a.xn--p1ai
 xn--b1afnmjcis3f.xn--p1ai
 xn--h1agffkv.xn--p1ai
 xperttees.com
+xqu01.xyz
 xqu02.xyz
 xri4pork.s3.amazonaws.com
-xxxxlk.com
 xzb.198424.com
+xzc.197746.com
 xzc.198424.com
-xzd.197946.com
 y31uv4ra1.vo.llnwd.net
 yachtclubhotel.com.au
 yaokuaile.info
@@ -2475,7 +2510,9 @@ yulv.net
 yumuy.johet.bid
 yurayura.life
 yusaipek.dijitalmerdiven.com
+yusufsevim.com
 yuxue-1251598079.cossh.myqcloud.com
+yzbek.co.ug
 zbancuri.ro
 zdy.17110.com
 zh0379.com
@@ -2486,7 +2523,6 @@ zinrop.com
 zionsifac.com
 zj.9553.com
 zoolandia.boo.pl
-zoomevents.pl
 zs68.com
 zschmielnik.ostnet.pl
 zzajqwnewq.com