##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-20 04:04:31 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS21499
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-08-18 21:02:06","https://totalpropertycare.ae/wp-content/plugins/wp-machinery-skeletale/index.php?r=bD1odHRwczovL2RxcmRidi5jb20v","offline","malware_download","Latrodectus","totalpropertycare.ae","160.153.133.195","21499","US"
"2025-05-07 07:19:10","https://tvkladovo.com/wp-includes/ID3/lqbiah.js","offline","malware_download","MintStealer","tvkladovo.com","92.205.161.6","21499","FR"
"2025-03-19 13:29:11","https://www.masterplusservices.com/download_macos/TradingView.zip","offline","malware_download","pw-github|zip","www.masterplusservices.com","92.204.221.8","21499","FR"
"2025-01-28 15:33:30","https://241.129.205.92.host.secureserver.net/Instalador.msi","offline","malware_download","","241.129.205.92.host.secureserver.net","92.205.129.241","21499","FR"
"2025-01-21 16:20:14","https://www.atc-secure.com/Rspot","offline","malware_download","ascii|Formbook|PowerShell|ps1","www.atc-secure.com","92.205.22.61","21499","FR"
"2024-11-29 07:13:05","http://demdi.de/assets/images/Jvettklyxwe.mp3","offline","malware_download","","demdi.de","92.205.48.221","21499","FR"
"2024-11-29 07:13:05","http://demdi.de/assets/images/Phiqcs.vdf","offline","malware_download","","demdi.de","92.205.48.221","21499","FR"
"2024-10-29 12:11:12","https://www.campingplatz-goldbergersee.de/wp-content/themes/twentyseventeen/ewdsljJmLx76.bin","offline","malware_download","encrypted|GuLoader|RAT|RemcosRAT","www.campingplatz-goldbergersee.de","92.205.55.123","21499","FR"
"2024-02-08 17:47:17","https://ritafreshfood.com/0ufm/","offline","malware_download","Pikabot|TA577|TR","ritafreshfood.com","92.205.1.180","21499","FR"
"2024-01-25 16:17:08","https://www.duelmener-naturtrailpark.org/images/demo/JANUARY-25-2024-FWD526.url","offline","malware_download","DarkGate|geofenced|url|USA","www.duelmener-naturtrailpark.org","92.204.25.15","21499","GB"
"2023-12-22 12:02:14","https://ritafreshfood.com/nx1/","offline","malware_download","PDF|Pikabot|TA577|TR|zip","ritafreshfood.com","92.205.1.180","21499","FR"
"2023-12-22 12:01:28","https://1et.uk/ning/","offline","malware_download","PDF|Pikabot|TA577|TR|zip","1et.uk","160.153.247.102","21499","US"
"2023-12-13 15:40:13","https://expaceos.com/eag/","offline","malware_download","js|PDF|Pikabot|TA577|TR|zip","expaceos.com","160.153.128.26","21499","US"
"2023-12-13 15:39:08","https://elite-security.uk/ro/","offline","malware_download","js|PDF|Pikabot|TA577|TR|zip","elite-security.uk","160.153.131.187","21499","US"
"2023-12-13 07:07:40","https://santerra.com.co/ast/","offline","malware_download","js|PDF|Pikabot|TA577|TR|zip","santerra.com.co","92.205.2.7","21499","FR"
"2023-12-13 07:07:09","https://youthclimatecouncil.com/na/","offline","malware_download","js|PDF|Pikabot|TA577|TR|zip","youthclimatecouncil.com","92.204.221.10","21499","FR"
"2023-12-08 17:24:39","https://expaceos.com/qeeu/","offline","malware_download","Pikabot|TA577|TR","expaceos.com","160.153.128.26","21499","US"
"2023-12-08 17:24:36","https://medicalwellbeinggroup.com/qmno/","offline","malware_download","Pikabot|TA577|TR","medicalwellbeinggroup.com","92.205.15.171","21499","FR"
"2023-12-07 10:40:40","https://hideelectricsupply.com/teal/","offline","malware_download","msi|Pikabot|TA577|TR|zip","hideelectricsupply.com","92.205.14.15","21499","FR"
"2023-12-07 10:40:15","https://rohingyacare.com/nun/","offline","malware_download","msi|Pikabot|TA577|TR|zip","rohingyacare.com","92.205.4.95","21499","FR"
"2023-12-07 10:38:47","https://nestegglabs.com/teum/","offline","malware_download","msi|Pikabot|TA577|TR|zip","nestegglabs.com","92.205.1.120","21499","FR"
"2023-12-06 18:50:44","https://elite-security.uk/oa/","offline","malware_download","Pikabot|TR","elite-security.uk","160.153.131.187","21499","US"
"2023-11-28 15:07:03","https://medicalwellbeinggroup.com/leiu/","offline","malware_download","TR","medicalwellbeinggroup.com","92.205.15.171","21499","FR"
"2023-11-28 15:06:35","http://skaphe.com.co/ee/","offline","malware_download","TR","skaphe.com.co","92.205.3.203","21499","FR"
"2023-11-28 15:06:30","https://skaphe.com.co/ee/","offline","malware_download","TR","skaphe.com.co","92.205.3.203","21499","FR"
"2023-11-28 15:06:28","https://aih-group.com/aui/","offline","malware_download","TR","aih-group.com","92.205.13.202","21499","FR"
"2023-11-28 15:06:15","http://medicalwellbeinggroup.com/leiu/","offline","malware_download","TR","medicalwellbeinggroup.com","92.205.15.171","21499","FR"
"2023-11-28 15:06:06","http://expaceos.com/iqn/","offline","malware_download","TR","expaceos.com","160.153.128.26","21499","US"
"2023-11-27 16:40:09","http://baraemaljinan.com/llu/","offline","malware_download","IcedID|TR","baraemaljinan.com","92.204.220.72","21499","FR"
"2023-11-27 16:39:55","https://aih-group.com/oets/","offline","malware_download","IcedID|TR","aih-group.com","92.205.13.202","21499","FR"
"2023-11-27 16:39:39","https://expaceos.com/iqn/","offline","malware_download","IcedID|TR","expaceos.com","160.153.128.26","21499","US"
"2023-11-27 16:39:26","http://aih-group.com/oets/","offline","malware_download","IcedID|TR","aih-group.com","92.205.13.202","21499","FR"
"2023-11-27 16:39:11","https://baraemaljinan.com/llu/","offline","malware_download","TR","baraemaljinan.com","92.204.220.72","21499","FR"
"2023-11-17 19:16:29","https://expaceos.com/ae/","offline","malware_download","PikaBot|TR","expaceos.com","160.153.128.26","21499","US"
"2023-11-17 19:15:45","http://expaceos.com/ae/","offline","malware_download","PikaBot|TR","expaceos.com","160.153.128.26","21499","US"
"2023-11-17 19:15:44","https://skaphe.com.co/ln/","offline","malware_download","PikaBot|TR","skaphe.com.co","92.205.3.203","21499","FR"
"2023-11-17 19:15:25","https://aih-group.com/eioa/","offline","malware_download","PikaBot|TR","aih-group.com","92.205.13.202","21499","FR"
"2023-11-17 19:14:16","http://aih-group.com/eioa/","offline","malware_download","PikaBot|TR","aih-group.com","92.205.13.202","21499","FR"
"2023-11-15 13:47:41","https://nestegglabs.com/ubar/","offline","malware_download","Pikabot|TA577|TR|zip","nestegglabs.com","92.205.1.120","21499","FR"
"2023-11-15 09:27:00","https://medicalwellbeinggroup.com/io/","offline","malware_download","js|Pikabot|TR|zip","medicalwellbeinggroup.com","92.205.15.171","21499","FR"
"2023-11-15 09:26:18","https://triplepromise.org/iinl/","offline","malware_download","js|Pikabot|TR|zip","triplepromise.org","92.205.3.193","21499","FR"
"2023-11-09 14:49:03","https://mhusseinib.com/aacu/","offline","malware_download","js|Pikabot|pw-H17|TR|zip","mhusseinib.com","92.205.1.180","21499","FR"
"2023-11-08 12:25:13","https://inspiringwomen.co.za/et/","offline","malware_download","Pikabot|TA577|TR","inspiringwomen.co.za","92.204.215.85","21499","FR"
"2023-11-08 12:25:10","https://tebarose.com/ett/","offline","malware_download","Pikabot|TA577|TR","tebarose.com","160.153.131.155","21499","US"
"2023-11-06 14:56:27","https://nestegglabs.com/ns/","offline","malware_download","Pikabot|TA577|TR","nestegglabs.com","92.205.1.120","21499","FR"
"2023-11-03 15:56:36","https://aih-group.com/at/","offline","malware_download","Pikabot|pwP189|TA577|TR|zip","aih-group.com","92.205.13.202","21499","FR"
"2023-11-02 14:29:51","https://triplepromise.org/snvl/","offline","malware_download","Pikabot|TA577|TR|zip","triplepromise.org","92.205.3.193","21499","FR"
"2023-10-25 17:01:13","https://stonecut.co.uk/niu/","offline","malware_download","Pikabot|TA577|TR","stonecut.co.uk","160.153.131.155","21499","US"
"2023-10-25 16:02:20","https://yogayoga.ie/sga/","offline","malware_download","Pikabot|TA577|TR","yogayoga.ie","92.205.3.122","21499","FR"
"2023-10-25 15:52:08","http://yogayoga.ie/sga/","offline","malware_download","Pikabot|TA577|TR","yogayoga.ie","92.205.3.122","21499","FR"
"2023-10-25 15:52:08","https://inspiringwomen.co.za/st/","offline","malware_download","Pikabot|TA577|TR","inspiringwomen.co.za","92.204.215.85","21499","FR"
"2023-10-25 15:51:54","https://inspiringwomen.co.za/eri/","offline","malware_download","Pikabot|TA577|TR","inspiringwomen.co.za","92.204.215.85","21499","FR"
"2023-10-25 15:51:33","http://softwaresbuilders.com/ea/","offline","malware_download","Pikabot|TA577|TR","softwaresbuilders.com","92.204.222.171","21499","FR"
"2023-10-25 15:51:05","http://starnet.lk/atr/","offline","malware_download","Pikabot|TA577|TR","starnet.lk","92.205.17.236","21499","FR"
"2023-10-25 11:41:37","https://softwaresbuilders.com/ea/","offline","malware_download","Pikabot|TA577|TR|zip","softwaresbuilders.com","92.204.222.171","21499","FR"
"2023-10-25 11:41:32","https://starnet.lk/atr/","offline","malware_download","Pikabot|TA577|TR|zip","starnet.lk","92.205.17.236","21499","FR"
"2023-10-24 17:46:48","http://nicolewilliamsgossip.co.uk/nen/","offline","malware_download","Pikabot|TA577|TR","nicolewilliamsgossip.co.uk","92.204.68.48","21499","FR"
"2023-10-24 17:46:48","https://nicolewilliamsgossip.co.uk/nen/","offline","malware_download","Pikabot|TA577|TR","nicolewilliamsgossip.co.uk","92.204.68.48","21499","FR"
"2023-10-24 17:46:33","https://inspiringwomen.co.za/il/","offline","malware_download","Pikabot|TA577|TR","inspiringwomen.co.za","92.204.215.85","21499","FR"
"2023-10-24 17:46:30","https://flashnewsbensedira.com/deui/","offline","malware_download","Pikabot|TA577|TR","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-10-24 17:46:29","https://stonecut.co.uk/gaai/","offline","malware_download","Pikabot|TA577|TR","stonecut.co.uk","160.153.131.155","21499","US"
"2023-10-24 17:46:24","https://inspiringwomen.co.za/etn/","offline","malware_download","Pikabot|TA577|TR","inspiringwomen.co.za","92.204.215.85","21499","FR"
"2023-10-24 17:46:16","http://stonecut.co.uk/gaai/","offline","malware_download","Pikabot|TA577|TR","stonecut.co.uk","160.153.131.155","21499","US"
"2023-10-23 15:49:50","https://purepack-eg.com/te/","offline","malware_download","TA577|TR","purepack-eg.com","92.205.25.98","21499","FR"
"2023-10-23 15:48:51","https://stonecut.co.uk/tiae/","offline","malware_download","TA577|TR","stonecut.co.uk","160.153.131.155","21499","US"
"2023-10-23 15:47:59","https://flashnewsbensedira.com/ist/","offline","malware_download","TA577|TR","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-10-23 15:47:37","http://flashnewsbensedira.com/ist/","offline","malware_download","TA577|TR","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-10-23 15:47:36","http://sphynxbeds.co.uk/slse/","offline","malware_download","TA577|TR","sphynxbeds.co.uk","92.205.4.117","21499","FR"
"2023-10-23 15:47:18","https://sphynxbeds.co.uk/slse/","offline","malware_download","TA577|TR","sphynxbeds.co.uk","92.205.4.117","21499","FR"
"2023-10-23 15:47:15","http://nicolewilliamsgossip.co.uk/eir/","offline","malware_download","TA577|TR","nicolewilliamsgossip.co.uk","92.204.68.48","21499","FR"
"2023-10-23 15:46:34","http://rounited.co/eui/","offline","malware_download","TA577|TR","rounited.co","92.205.6.202","21499","FR"
"2023-10-23 15:46:07","http://purepack-eg.com/te/","offline","malware_download","TA577|TR","purepack-eg.com","92.205.25.98","21499","FR"
"2023-10-23 15:46:05","http://c2construct.co.uk/se/","offline","malware_download","TA577|TR","c2construct.co.uk","92.204.218.254","21499","FR"
"2023-10-23 15:45:29","https://c2construct.co.uk/se/","offline","malware_download","TA577|TR","c2construct.co.uk","92.204.218.254","21499","FR"
"2023-10-23 11:19:25","https://rounited.co/eui/","offline","malware_download","Pikabot|TA577|TR|zip","rounited.co","92.205.6.202","21499","FR"
"2023-10-23 11:19:23","https://nicolewilliamsgossip.co.uk/eir/","offline","malware_download","Pikabot|TA577|TR|zip","nicolewilliamsgossip.co.uk","92.204.68.48","21499","FR"
"2023-10-22 15:22:05","https://scheiff.eu/save.php","offline","malware_download","","scheiff.eu","92.205.13.44","21499","FR"
"2023-10-19 16:05:16","https://althoraya-egy.com/rc/","offline","malware_download","TA577|TR","althoraya-egy.com","92.205.25.98","21499","FR"
"2023-10-19 16:05:16","https://piyasanalizim.com/eo/","offline","malware_download","TA577|TR","piyasanalizim.com","92.205.6.55","21499","FR"
"2023-10-19 15:24:16","https://egyfarm.com/lo/","offline","malware_download","IcedID|PDF|TA577|TR","egyfarm.com","92.204.218.227","21499","FR"
"2023-10-19 15:23:07","https://alasrindustries.com/et/","offline","malware_download","IcedID|PDF|TA577|TR","alasrindustries.com","92.205.134.72","21499","FR"
"2023-10-18 06:43:06","https://inspiringwomen.co.za/ear/","offline","malware_download","Pikabot|TA577|TR","inspiringwomen.co.za","92.204.215.85","21499","FR"
"2023-10-16 16:22:23","https://egyfarm-eg.com/aq/","offline","malware_download","IcedID|TR","egyfarm-eg.com","92.204.218.227","21499","FR"
"2023-10-16 16:22:15","https://donadesi.co/squn/","offline","malware_download","IcedID|TR","donadesi.co","92.205.3.29","21499","FR"
"2023-10-16 16:19:12","http://donadesi.co/squn/","offline","malware_download","IcedID|TR","donadesi.co","92.205.3.29","21499","FR"
"2023-10-16 06:36:50","https://flashnewsbensedira.com/el/","offline","malware_download","DarkGate|TA577|TR","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-10-13 19:54:34","http://sempresophia.com/dme/","offline","malware_download","DarkGate|TA577|TR","sempresophia.com","160.153.129.23","21499","US"
"2023-10-13 19:53:39","http://flashnewsbensedira.com/el/","offline","malware_download","DarkGate|TA577|TR","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-10-13 19:53:17","http://nativesfilmworks.com/ni/","offline","malware_download","DarkGate|TA577|TR","nativesfilmworks.com","160.153.128.28","21499","US"
"2023-10-13 19:27:18","https://egyfarm-eg.com/dit/?e=3949240","offline","malware_download","DarkGate|TA577|TR","egyfarm-eg.com","92.204.218.227","21499","FR"
"2023-10-13 19:25:15","https://flashnewsbensedira.com/el/?87732131","offline","malware_download","DarkGate|TA577|TR","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-10-13 17:20:13","https://inspiringwomen.co.za/terd/?kg=9003597","offline","malware_download","DarkGate|TA577|TR","inspiringwomen.co.za","92.204.215.85","21499","FR"
"2023-10-13 17:03:05","https://nativesfilmworks.com/ni/?z1=7573978","offline","malware_download","DarkGate|TA577|TR","nativesfilmworks.com","160.153.128.28","21499","US"
"2023-10-13 16:09:04","https://sempresophia.com/dme/?o=8043301","offline","malware_download","DarkGate|TA577|TR","sempresophia.com","160.153.129.23","21499","US"
"2023-10-13 15:40:06","https://suppliededucation.co.uk/uoic//?redir=1696886507","offline","malware_download","DarkGate|TA577|TR","suppliededucation.co.uk","92.205.12.185","21499","FR"
"2023-10-10 12:05:10","https://suppliededucation.co.uk/gat/","offline","malware_download","DarkGate|PDF|TA577|TR","suppliededucation.co.uk","92.205.12.185","21499","FR"
"2023-10-10 08:56:14","https://softwaresbuilders.com/ltu/","offline","malware_download","DarkGate|TA577|tr","softwaresbuilders.com","92.204.222.171","21499","FR"
"2023-10-10 08:56:12","https://egyfarm-eg.com/ieeo/","offline","malware_download","DarkGate|TA577|tr","egyfarm-eg.com","92.204.218.227","21499","FR"
"2023-10-06 06:33:22","https://ongoing.website/stsa/","offline","malware_download","DarkGate|tr","ongoing.website","92.205.17.236","21499","FR"
"2023-10-06 06:32:23","https://bellepreviews.com/tute/","offline","malware_download","DarkGate|tr","bellepreviews.com","92.205.91.191","21499","FR"
"2023-10-05 14:22:56","https://matrix-egy.net/uior/?1","offline","malware_download","Darkgate|TR","matrix-egy.net","92.205.25.98","21499","FR"
"2023-10-05 14:22:17","https://levarrise.com/rl/?1","offline","malware_download","Darkgate|Pikabot|TR","levarrise.com","92.204.222.171","21499","FR"
"2023-10-05 14:21:44","https://bellepreviews.com/tute/?1","offline","malware_download","Darkgate|TR","bellepreviews.com","92.205.91.191","21499","FR"
"2023-10-05 14:20:34","https://ora-dental.com/eni/?1","offline","malware_download","Darkgate|TR","ora-dental.com","92.205.7.122","21499","FR"
"2023-10-05 13:23:27","https://miliaonline.com/uas/?1","offline","malware_download","Pikabot|TR","miliaonline.com","92.205.6.124","21499","FR"
"2023-10-01 20:30:10","https://maxguenter.de/comments.php","offline","malware_download","gating|gootloader","maxguenter.de","92.205.215.159","21499","FR"
"2023-09-24 14:34:06","https://heuberg-einrichtungen.de/blog.php","offline","malware_download","gating|gootloader","heuberg-einrichtungen.de","92.205.215.159","21499","FR"
"2023-09-24 14:34:06","https://hoco-moebel.de/blog.php","offline","malware_download","gating|gootloader","hoco-moebel.de","92.205.171.162","21499","DE"
"2023-08-25 18:22:41","https://adolphi-stiftung.de/download.php","offline","malware_download","gating|gootloader","adolphi-stiftung.de","92.205.212.121","21499","FR"
"2023-08-25 18:22:40","https://dwe.amaseon.com/download.php","offline","malware_download","gating|gootloader","dwe.amaseon.com","92.205.22.26","21499","FR"
"2023-08-25 18:22:39","https://alpharealestate.amaseon.com/download.php","offline","malware_download","gating|gootloader","alpharealestate.amaseon.com","92.205.22.26","21499","FR"
"2023-08-25 18:22:36","https://www.sicherheitsingenieure-huber.de/content.php","offline","malware_download","gating|gootloader","www.sicherheitsingenieure-huber.de","92.205.215.159","21499","FR"
"2023-08-25 18:21:35","https://alpha.amaseon.com/download.php","offline","malware_download","gating|gootloader","alpha.amaseon.com","92.205.22.26","21499","FR"
"2023-08-25 18:20:40","https://askyadoc.org/content.php","offline","malware_download","gating|gootloader","askyadoc.org","92.205.91.184","21499","FR"
"2023-06-22 06:47:31","https://toners.co.ke/smnt/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","toners.co.ke","160.153.131.149","21499","US"
"2023-06-22 06:32:17","https://karezma.co/ae/?8602162","offline","malware_download","BB33|geofenced|js|Qakbot|USA","karezma.co","92.205.1.180","21499","FR"
"2023-06-21 16:44:44","https://thewebcam.show/loit/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","thewebcam.show","92.205.7.200","21499","FR"
"2023-06-20 12:02:01","https://ritafreshfood.com/eu/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","ritafreshfood.com","92.205.1.180","21499","FR"
"2023-06-20 11:49:05","https://estheticareclinic.com.pk/mi/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","estheticareclinic.com.pk","92.204.209.59","21499","FR"
"2023-06-20 11:48:53","https://thewebcam.show/td/?1","offline","malware_download","BB33|geofenced|js|Qakbot|USA","thewebcam.show","92.205.7.200","21499","FR"
"2023-06-16 15:28:04","https://unitedmakgroup.com/tsi/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","unitedmakgroup.com","160.153.131.220","21499","US"
"2023-06-16 15:27:29","https://mlauzilegal.com/st/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","mlauzilegal.com","92.205.15.224","21499","FR"
"2023-06-16 15:27:24","https://toners.co.ke/rtiu/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","toners.co.ke","160.153.131.149","21499","US"
"2023-06-16 15:24:32","https://katharosengineering.com/ins/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","katharosengineering.com","160.153.128.46","21499","US"
"2023-06-15 16:15:42","https://thewebcam.show/natt/?1","offline","malware_download","BB32|geofenced|js|Qakbot|USA","thewebcam.show","92.205.7.200","21499","FR"
"2023-06-15 11:05:20","https://thewebcam.show/natt/?","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","thewebcam.show","92.205.7.200","21499","FR"
"2023-06-14 16:56:39","https://toners.co.ke/sqr/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","toners.co.ke","160.153.131.149","21499","US"
"2023-06-14 16:56:34","https://karezma.co/rm/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","karezma.co","92.205.1.180","21499","FR"
"2023-06-14 12:34:13","https://thewebcam.show/rens/?1","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA|zip","thewebcam.show","92.205.7.200","21499","FR"
"2023-06-14 09:02:21","https://thewebcam.show/el/","offline","malware_download","BB32|geofenced|js|Qakbot|Quakbot|USA","thewebcam.show","92.205.7.200","21499","FR"
"2023-06-02 17:33:14","https://expaceos.com/teet/","offline","malware_download","BB30|geofenced|js|Qakbot|TR|USA|zip","expaceos.com","160.153.128.26","21499","US"
"2023-06-02 15:37:20","https://lenanka.com/eo/","offline","malware_download","BB30|geofenced|js|Qakbot|TR|USA|zip","lenanka.com","92.205.9.87","21499","FR"
"2023-06-02 11:43:30","https://megacert.net/qel/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|TR|USA|zip","megacert.net","160.153.128.26","21499","US"
"2023-06-01 11:49:15","https://expaceos.com/uao/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","expaceos.com","160.153.128.26","21499","US"
"2023-05-31 21:05:24","https://bahrainplumbing.com/ia/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","bahrainplumbing.com","92.205.14.159","21499","FR"
"2023-05-31 21:05:24","https://ecuadorstereo.com/qo/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","ecuadorstereo.com","92.204.220.246","21499","FR"
"2023-05-31 21:05:23","https://madacarpets.com/inct/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","madacarpets.com","92.204.221.13","21499","FR"
"2023-05-31 13:31:25","https://madacarpets.com/aa/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","madacarpets.com","92.204.221.13","21499","FR"
"2023-05-31 13:31:13","https://fmalegal.com/qe/","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","fmalegal.com","92.205.10.132","21499","FR"
"2023-05-30 16:50:42","https://bahrainplumbing.com/ltu/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","bahrainplumbing.com","92.205.14.159","21499","FR"
"2023-05-30 16:50:27","https://ecuadorstereo.com/itlo/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","ecuadorstereo.com","92.204.220.246","21499","FR"
"2023-05-30 16:50:27","https://florockindia.com/ies/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","florockindia.com","92.205.173.141","21499","DE"
"2023-05-30 14:05:07","https://florockindia.com/ies/?7384731","offline","malware_download","QBot","florockindia.com","92.205.173.141","21499","DE"
"2023-05-30 12:09:30","https://expaceos.com/ad/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","expaceos.com","160.153.128.26","21499","US"
"2023-05-30 12:09:12","https://madacarpets.com/ie/?1","offline","malware_download","BB30|geofenced|js|Qakbot|Quakbot|USA|zip","madacarpets.com","92.204.221.13","21499","FR"
"2023-05-23 14:35:12","https://tajvand.com/dgwMbIMr64.bin","offline","malware_download","AgentTesla|encrypted|GuLoader","tajvand.com","92.205.15.247","21499","FR"
"2023-05-23 13:07:12","https://ecuadorstereo.com/euto/?1","offline","malware_download","geofenced|js|Pikabot|Qakbot|Quakbot|USA","ecuadorstereo.com","92.204.220.246","21499","FR"
"2023-05-23 11:39:10","https://tajvand.com/Dequeen.qxd","offline","malware_download","AgentTesla|ascii","tajvand.com","92.205.15.247","21499","FR"
"2023-05-22 19:54:17","https://bahrainplumbing.com/iudq/?1","offline","malware_download","geofenced|js|Pikabot|Qakbot|Quakbot|USA","bahrainplumbing.com","92.205.14.159","21499","FR"
"2023-05-22 14:54:05","https://agagulf.com/usi/?1","offline","malware_download","geofenced|js|Pikabot|Qakbot|Quakbot|USA","agagulf.com","92.205.14.159","21499","FR"
"2023-05-17 14:04:08","https://er-estate.com/ilue/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","er-estate.com","92.205.3.107","21499","FR"
"2023-05-17 13:33:08","https://fmalegal.com/iat/?165252","offline","malware_download","qbot|Quakbot","fmalegal.com","92.205.10.132","21499","FR"
"2023-05-17 13:06:38","https://vialogicsolutions.com/tout/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","vialogicsolutions.com","160.153.131.151","21499","US"
"2023-05-17 13:06:13","https://fmalegal.com/iat/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","fmalegal.com","92.205.10.132","21499","FR"
"2023-05-17 13:06:13","https://rowlandsreupholstery.co.uk/td/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","rowlandsreupholstery.co.uk","92.204.223.91","21499","FR"
"2023-05-17 13:06:13","https://spartanpapers.co.uk/atf/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","spartanpapers.co.uk","160.153.133.143","21499","US"
"2023-05-16 22:00:13","https://spartanpapers.co.uk/ctas/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Qbot|Quakbot|USA","spartanpapers.co.uk","160.153.133.143","21499","US"
"2023-05-16 21:59:13","https://rowlandsreupholstery.co.uk/xcar/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Qbot|Quakbot|USA","rowlandsreupholstery.co.uk","92.204.223.91","21499","FR"
"2023-05-16 21:54:19","https://er-estate.com/en/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Qbot|Quakbot|USA","er-estate.com","92.205.3.107","21499","FR"
"2023-05-16 19:11:11","https://jeetomoney247.com/el/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Qbot|Quakbot|USA","jeetomoney247.com","92.205.7.232","21499","FR"
"2023-05-16 13:42:28","https://spartanpapers.co.uk/ma/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","spartanpapers.co.uk","160.153.133.143","21499","US"
"2023-05-15 15:15:08","https://synapptecglobal.co.uk/svte/?1","offline","malware_download","BB28|geofenced|js|Qakbot|Quakbot|USA","synapptecglobal.co.uk","92.205.134.72","21499","FR"
"2023-05-12 02:29:17","https://jeetomoney247.com/el/","offline","malware_download"," Qbot|BB27|geofenced|js|Qakbot|Quakbot|USA","jeetomoney247.com","92.205.7.232","21499","FR"
"2023-05-10 17:14:15","https://logic.com.eg/ev/","offline","malware_download","BB27|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA","logic.com.eg","92.204.223.147","21499","FR"
"2023-05-10 15:08:23","https://mutualitemalienne.org/te/","offline","malware_download","BB27|geofenced|js|Qakbot|Quakbot|USA","mutualitemalienne.org","92.204.218.98","21499","FR"
"2023-05-05 14:13:35","https://sugarbabes-sweets.co.uk/tra/","offline","malware_download","BB26|geofenced|js|Qakbot|Quakbot|USA|zip","sugarbabes-sweets.co.uk","92.204.218.157","21499","FR"
"2023-05-05 14:13:17","https://rccglbhope.org/tv/","offline","malware_download","BB26|geofenced|js|Qakbot|Quakbot|USA|zip","rccglbhope.org","92.205.171.169","21499","DE"
"2023-05-04 20:40:30","https://esperanzamoda.com/tsov/","offline","malware_download","BB26|geofenced|js|Qakbot|qbot|Quakbot|tr|USA|zip","esperanzamoda.com","92.205.9.87","21499","FR"
"2023-05-04 20:40:25","https://sugarbabes-sweets.co.uk/mrqi/","offline","malware_download","BB26|geofenced|js|Qakbot|qbot|Quakbot|tr|USA|zip","sugarbabes-sweets.co.uk","92.204.218.157","21499","FR"
"2023-05-04 10:57:17","https://stmaryelgolf.com/eaii/","offline","malware_download","BB26|js|Qakbot|Quakbot|USA|zip","stmaryelgolf.com","92.205.10.134","21499","FR"
"2023-05-04 10:55:17","https://tarotdesamanda.com/teer/","offline","malware_download","BB26|js|Qakbot|Quakbot|USA|wsf|zip","tarotdesamanda.com","92.204.220.246","21499","FR"
"2023-05-03 19:39:15","https://wearegloballeaders.org/brc/sedtemporibus.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","wearegloballeaders.org","92.205.7.186","21499","FR"
"2023-05-03 17:44:11","https://weforu.co.uk/od/optiomollitia.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","weforu.co.uk","92.205.15.171","21499","FR"
"2023-05-03 17:13:42","https://lola.com.co/al/necessitatibusmagni.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","lola.com.co","92.205.13.44","21499","FR"
"2023-05-03 16:28:41","https://zamzam45.com/enia/voluptatumaspernatur.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","zamzam45.com","92.205.13.68","21499","FR"
"2023-05-03 16:28:29","https://talkomkompresor.com/ucr/doloremvoluptas.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","talkomkompresor.com","92.205.12.157","21499","FR"
"2023-05-03 16:27:27","https://madacarpets.com/iust/nemoiusto.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","madacarpets.com","92.204.221.13","21499","FR"
"2023-05-03 16:27:13","https://northstarbazaar.co.uk/ium/itaquevoluptatum.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","northstarbazaar.co.uk","92.204.218.157","21499","FR"
"2023-05-03 16:26:35","https://fragtree.com/ous/quisquampariatur.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","fragtree.com","92.205.4.19","21499","FR"
"2023-05-03 16:26:30","https://chroniquespostales.com/udq/eaest.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","chroniquespostales.com","92.204.220.51","21499","FR"
"2023-05-03 16:26:25","https://exchangemagix.com/un/architectoconsectetur.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","exchangemagix.com","92.205.161.156","21499","FR"
"2023-05-03 16:26:20","https://autosizquierdo.com/sini/teneturrepellat.php","offline","malware_download","BB26|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|zip","autosizquierdo.com","92.205.2.58","21499","FR"
"2023-05-02 18:00:24","https://baytotyfood.com/aat/quout.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","baytotyfood.com","92.205.11.152","21499","FR"
"2023-05-02 16:59:21","https://ttechcode.com/et/adipisciet.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","ttechcode.com","92.205.9.241","21499","FR"
"2023-05-02 16:59:21","https://workshopsmanual.com/endu/reprehenderitvelit.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","workshopsmanual.com","92.204.220.71","21499","FR"
"2023-05-02 16:59:19","https://sa-ltd.co.uk/im/repellendusquidem.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","sa-ltd.co.uk","92.205.0.132","21499","FR"
"2023-05-02 16:59:17","https://thesweetfactoryshop.co.uk/usi/estlaboriosam.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","thesweetfactoryshop.co.uk","92.204.218.157","21499","FR"
"2023-05-02 16:58:18","https://mayfairtesting.co.uk/aatv/vitaesed.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","mayfairtesting.co.uk","92.204.211.245","21499","FR"
"2023-05-02 16:58:12","https://mominsolutions.co.uk/oa/quiaut.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","mominsolutions.co.uk","160.153.129.25","21499","US"
"2023-05-02 16:57:18","https://hnbuildingplansdesign.com/mm/eumunde.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","hnbuildingplansdesign.com","92.205.5.249","21499","FR"
"2023-05-02 16:57:13","https://dewarshighballer.com/diis/etaut.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","dewarshighballer.com","160.153.131.218","21499","US"
"2023-05-02 16:57:07","https://cesenanico.com/cdsl/voluptatemnisi.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","cesenanico.com","92.205.6.22","21499","FR"
"2023-05-02 16:56:19","https://6mmuhendislik.com/tm/facereut.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","6mmuhendislik.com","92.205.5.117","21499","FR"
"2023-05-02 16:56:13","https://bio-aseo.com/ea/molestiaequod.php","offline","malware_download","BB26|geofenced|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","bio-aseo.com","160.153.129.230","21499","US"
"2023-04-24 23:10:47","https://etorkizunaikastola.org/tauq/molestiaedolorem.php","offline","malware_download","BB25|geofenced|MSI|ONE|Qakbot|Qbot|Quakbot|tr|USA","etorkizunaikastola.org","92.205.57.229","21499","FR"
"2023-04-24 13:11:18","https://hyundai.iq/pEp/per.zip","offline","malware_download","geofenced|obama255|Qakbot|Qbot|Quakbot|USA|wsf|zip","hyundai.iq","92.205.149.125","21499","FR"
"2023-04-12 20:23:17","http://noor-relaxation.com/blo/me.zip","offline","malware_download","geofenced|obama251|Qakbot|Qbot|Quakbot|USA|wsf|zip","noor-relaxation.com","92.205.163.208","21499","FR"
"2023-04-12 12:54:19","https://www.tajvand.com/cKJCFIhuAJfPNUWismGeQqo109.bin","offline","malware_download","","www.tajvand.com","92.205.15.247","21499","FR"
"2023-04-05 15:52:11","https://grassrootssportsstarcic.org/tlv/tlv.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","grassrootssportsstarcic.org","92.204.220.71","21499","FR"
"2023-04-05 15:40:19","https://inplainsight.uk/ide/ide.php","offline","malware_download","755|BB22|geofenced|js|Qakbot|Qbot|Quakbot|tr|USA|wsf|zip","inplainsight.uk","92.204.221.11","21499","FR"
"2023-04-04 16:10:32","http://exaltech.net/mg/mg.php","offline","malware_download","BB22|geofenced|js|Qakbot|qbot|Quakbot|TR|USA","exaltech.net","92.204.221.11","21499","FR"
"2023-04-04 16:10:12","http://webaraza.com/uea/uea.php","offline","malware_download","BB22|geofenced|js|Qakbot|qbot|Quakbot|TR|USA","webaraza.com","92.204.221.11","21499","FR"
"2023-03-30 18:48:16","http://wordsonafrica.com/uiet/uiet.php","offline","malware_download","BB21|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","wordsonafrica.com","92.204.221.11","21499","FR"
"2023-03-30 18:47:51","http://jennyluesby.com/rti/rti.php","offline","malware_download","BB21|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","jennyluesby.com","92.204.221.11","21499","FR"
"2023-03-30 18:47:16","http://jennyluesby.com/tanu/tanu.php","offline","malware_download","BB21|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","jennyluesby.com","92.204.221.11","21499","FR"
"2023-03-24 04:03:45","https://centralcorp-investments.com/oei/oei.php","offline","malware_download","BB20|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","centralcorp-investments.com","92.205.23.181","21499","FR"
"2023-03-24 03:59:16","http://lonenation.com/ri/ri.php","offline","malware_download","BB20|geofenced|js|Qakbot|Qbot|Quakbot|TR|USA","lonenation.com","92.204.221.11","21499","FR"
"2023-03-14 19:03:35","https://almahasouq.com/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","almahasouq.com","92.205.6.6","21499","FR"
"2023-03-14 19:03:08","https://timediazm.com/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","timediazm.com","92.205.15.23","21499","FR"
"2023-03-14 19:02:52","https://6196109405896.hostingkunde.de/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","6196109405896.hostingkunde.de","92.205.49.164","21499","FR"
"2023-03-14 19:01:54","https://almahasouq.com/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","almahasouq.com","92.205.6.6","21499","FR"
"2023-03-14 19:00:37","https://6196109405896.hostingkunde.de/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","6196109405896.hostingkunde.de","92.205.49.164","21499","FR"
"2023-03-14 19:00:07","https://6196109405896.hostingkunde.de/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","6196109405896.hostingkunde.de","92.205.49.164","21499","FR"
"2023-03-14 18:59:46","https://timediazm.com/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","timediazm.com","92.205.15.23","21499","FR"
"2023-03-14 18:59:38","https://almahasouq.com/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","almahasouq.com","92.205.6.6","21499","FR"
"2023-03-14 18:59:32","https://timediazm.com/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","timediazm.com","92.205.15.23","21499","FR"
"2023-02-27 23:11:14","https://mitsly.com/MT.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","mitsly.com","92.205.4.117","21499","FR"
"2023-02-27 20:12:16","https://webanddrivers.com/UONU.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","webanddrivers.com","160.153.129.230","21499","US"
"2023-02-27 20:10:36","https://on-cleaning.com/OMVM.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","on-cleaning.com","92.204.218.48","21499","FR"
"2023-02-27 20:09:40","https://kmkaccounting.com/TPLE.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","kmkaccounting.com","92.205.7.54","21499","FR"
"2023-02-27 20:09:34","https://katharosengineering.com/PRA.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","katharosengineering.com","160.153.128.46","21499","US"
"2023-02-27 20:07:24","https://guallaesthetics.com/OSE.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","guallaesthetics.com","92.205.11.100","21499","FR"
"2023-02-27 20:05:36","https://discovery-bureau.com/QEAM.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","discovery-bureau.com","92.205.2.188","21499","FR"
"2023-02-27 19:44:59","https://yama-es.com/NUC.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","yama-es.com","160.153.129.28","21499","US"
"2023-02-27 19:44:59","https://zanziflowerstours.com/RO.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","zanziflowerstours.com","92.205.178.162","21499","FR"
"2023-02-27 19:43:29","https://metuli.com/MOPT.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","metuli.com","92.205.8.185","21499","FR"
"2023-02-27 19:43:27","https://portofaliaga.com/SUU.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","portofaliaga.com","92.205.3.134","21499","FR"
"2023-02-27 19:43:21","https://redcapinforma.com/ACT.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","redcapinforma.com","160.153.129.38","21499","US"
"2023-02-27 19:43:15","https://sawa-dt.com/SEA.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","sawa-dt.com","92.205.9.241","21499","FR"
"2023-02-27 19:42:30","https://medicalwellbeinggroup.com/RRT.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","medicalwellbeinggroup.com","92.205.15.171","21499","FR"
"2023-02-27 19:39:41","https://gannahhospital.com/TIP.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","gannahhospital.com","92.205.14.232","21499","FR"
"2023-02-27 19:39:40","https://flashnewsbensedira.com/NRED.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-02-27 19:38:42","https://chenandches.com/TAMN.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","chenandches.com","92.205.11.130","21499","FR"
"2023-02-27 19:38:37","https://ccwalkergroup.com/NRS.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","ccwalkergroup.com","92.205.4.117","21499","FR"
"2023-02-27 19:37:36","https://alnimaa-sdb.com/NS.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","alnimaa-sdb.com","92.204.222.68","21499","FR"
"2023-02-27 19:37:34","https://atyurs.com/LMEI.php","offline","malware_download","BB17|img|pw764|Qakbot|Qbot|Quakbot|tr|zip","atyurs.com","92.205.4.117","21499","FR"
"2023-02-27 18:45:53","http://azuatravel.com/images/info2.txt","offline","malware_download","","azuatravel.com","92.205.11.150","21499","FR"
"2023-02-03 17:39:06","https://fudgeys.co.uk/SR.php?","offline","malware_download","ONE|QakBot|QBot|TR|zip","fudgeys.co.uk","92.204.218.157","21499","FR"
"2023-02-03 10:37:21","https://infrastructure.co.ug/ELL.php?","offline","malware_download","ONE|QakBot|QBot|TR|zip","infrastructure.co.ug","160.153.129.209","21499","US"
"2023-02-02 23:17:53","https://thesocialnexus.net/TOLA.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","thesocialnexus.net","92.205.15.165","21499","FR"
"2023-02-02 23:17:46","https://safeco-group.com/NIL.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","safeco-group.com","160.153.129.210","21499","US"
"2023-02-02 23:17:44","https://testzentrum-buer.de/IEC.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","testzentrum-buer.de","92.205.10.70","21499","FR"
"2023-02-02 23:17:28","https://yama-es.com/CTUC.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","yama-es.com","160.153.129.28","21499","US"
"2023-02-02 23:16:36","https://starglobalcapital.com/LUN.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","starglobalcapital.com","92.205.9.191","21499","FR"
"2023-02-02 23:16:36","https://tinynewbig.com/ERU.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","tinynewbig.com","160.153.128.13","21499","US"
"2023-02-02 23:16:28","https://testzentrum.re/CAP.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","testzentrum.re","92.205.10.70","21499","FR"
"2023-02-02 23:15:34","https://ritafreshfood.com/IUM.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","ritafreshfood.com","92.205.1.180","21499","FR"
"2023-02-02 23:15:30","https://pensburylaw.com/AO.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","pensburylaw.com","92.205.7.186","21499","FR"
"2023-02-02 23:14:39","https://pedagogy.live/ERC.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","pedagogy.live","92.205.7.173","21499","FR"
"2023-02-02 23:14:33","https://mamlakach.sa/ATI.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","mamlakach.sa","92.205.11.231","21499","FR"
"2023-02-02 23:14:20","https://progres.dev/ESE.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","progres.dev","92.204.208.135","21499","FR"
"2023-02-02 23:13:35","https://herainspection.com/UO.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","herainspection.com","92.205.3.134","21499","FR"
"2023-02-02 23:13:30","https://fixerassist.co.za/RMUR.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","fixerassist.co.za","92.204.222.76","21499","FR"
"2023-02-02 23:13:29","https://fenixempre.com/EIQ.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","fenixempre.com","160.153.129.230","21499","US"
"2023-02-02 23:13:25","https://dcapglobal.org/RTLA.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","dcapglobal.org","92.205.7.186","21499","FR"
"2023-02-02 23:13:25","https://goadventure.travel/OPEX.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","goadventure.travel","160.153.133.210","21499","US"
"2023-02-02 23:12:58","https://elitehairextensionsalons.com.au/EIP.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","elitehairextensionsalons.com.au","92.205.12.78","21499","FR"
"2023-02-02 23:12:49","https://impactcove.org/MTL.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","impactcove.org","92.205.7.186","21499","FR"
"2023-02-02 23:12:25","https://edgeconsulting.fr/SAV.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","edgeconsulting.fr","92.204.220.57","21499","FR"
"2023-02-02 23:10:56","https://baltan.com.tr/EL.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","baltan.com.tr","92.205.2.188","21499","FR"
"2023-02-02 23:10:53","https://caleda.org/TEET.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","caleda.org","92.205.7.186","21499","FR"
"2023-02-02 23:10:35","https://bithea2.com/UE.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","bithea2.com","92.204.219.243","21499","FR"
"2023-02-02 23:10:24","https://area-20.com/UQNR.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","area-20.com","160.153.129.230","21499","US"
"2023-02-02 23:10:16","https://citizencommons.org/LU.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","citizencommons.org","92.205.7.186","21499","FR"
"2023-02-02 23:09:30","https://3a-realestate-eg.com/VO.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","3a-realestate-eg.com","92.205.8.194","21499","FR"
"2023-02-02 23:09:18","http://bluechro.me/TET.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","bluechro.me","92.205.7.186","21499","FR"
"2023-02-02 05:10:15","https://wesportadvice.com/IITE.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","wesportadvice.com","92.205.14.159","21499","FR"
"2023-02-02 05:09:11","https://knightsimportsandexports.co.uk/UMID.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","knightsimportsandexports.co.uk","92.205.0.58","21499","FR"
"2023-02-02 05:07:23","http://bamboocleaning.co.uk/NA.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","bamboocleaning.co.uk","92.205.104.136","21499","FR"
"2023-02-02 05:07:21","https://bamboocleaning.co.uk/RET.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","bamboocleaning.co.uk","92.205.104.136","21499","FR"
"2023-02-02 05:07:16","http://zanziflowerstours.com/NOIU.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","zanziflowerstours.com","92.205.178.162","21499","FR"
"2023-02-02 05:07:15","http://mrandmrsakinyinka.com/UIIO.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","mrandmrsakinyinka.com","92.204.220.74","21499","FR"
"2023-02-02 05:07:09","http://halilumutyalcin.com/MOS.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","halilumutyalcin.com","92.204.219.117","21499","FR"
"2023-02-01 23:00:40","https://wesportadvice.com/AMUD.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","wesportadvice.com","92.205.14.159","21499","FR"
"2023-02-01 23:00:36","https://verdantherbal.com/AOBN.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","verdantherbal.com","92.204.210.41","21499","FR"
"2023-02-01 23:00:26","https://guallaesthetics.com/NI.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","guallaesthetics.com","92.205.11.100","21499","FR"
"2023-02-01 23:00:26","https://walkershospitality.com/NRE.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","walkershospitality.com","92.205.4.117","21499","FR"
"2023-02-01 22:59:52","https://europecarbon.com/RI.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","europecarbon.com","160.153.128.26","21499","US"
"2023-02-01 22:59:51","https://redcapinforma.com/UNE.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","redcapinforma.com","160.153.129.38","21499","US"
"2023-02-01 22:59:37","https://shoumanlawyer.com/FA.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","shoumanlawyer.com","92.205.12.5","21499","FR"
"2023-02-01 22:59:33","https://mrandmrsakinyinka.com/UIIO.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","mrandmrsakinyinka.com","92.204.220.74","21499","FR"
"2023-02-01 22:59:25","https://kmkaccounting.com/NDI.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","kmkaccounting.com","92.205.7.54","21499","FR"
"2023-02-01 22:59:15","https://halilumutyalcin.com/MOS.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","halilumutyalcin.com","92.204.219.117","21499","FR"
"2023-02-01 22:59:01","https://quantumwaste.com/AOL.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","quantumwaste.com","160.153.133.209","21499","US"
"2023-02-01 22:59:00","https://joinsentinels.com/RDTT.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","joinsentinels.com","92.205.5.183","21499","FR"
"2023-02-01 22:58:59","https://metuli.com/LVN.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","metuli.com","92.205.8.185","21499","FR"
"2023-02-01 22:58:27","https://rkbintl.com/MIST.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","rkbintl.com","160.153.131.155","21499","US"
"2023-02-01 22:56:20","https://androidtvbuddy.com/NI.php","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","androidtvbuddy.com","92.204.215.24","21499","FR"
"2023-02-01 18:25:05","https://kmkaccounting.com/NDI.php?NIMSO=8","offline","malware_download","BB12|Qakbot|qbot|TR","kmkaccounting.com","92.205.7.54","21499","FR"
"2023-02-01 18:24:48","https://cellnetmw.com/UUU.php?EOXPCLIAB=5","offline","malware_download","BB12|Qakbot|qbot|TR","cellnetmw.com","92.205.7.58","21499","FR"
"2023-02-01 18:24:29","https://bombastyc.com/TST.php?EUDN=1","offline","malware_download","BB12|Qakbot|qbot|TR","bombastyc.com","92.205.4.117","21499","FR"
"2023-02-01 18:24:22","https://kmkaccounting.com/NDI.php?TE=2","offline","malware_download","BB12|Qakbot|qbot|TR","kmkaccounting.com","92.205.7.54","21499","FR"
"2023-02-01 18:24:21","https://webtrek.co.uk/CETU.php?LIEOAEMTS=1","offline","malware_download","BB12|Qakbot|qbot|TR","webtrek.co.uk","92.204.218.157","21499","FR"
"2023-02-01 11:07:09","https://zanziflowerstours.com/NOIU.php?ODROL=7","offline","malware_download","QakBot|QuakBot","zanziflowerstours.com","92.205.178.162","21499","FR"
"2023-02-01 04:45:22","http://flashnewsbensedira.com/DLOO.php?","offline","malware_download","BB12|ONE|Qakbot|Qbot|Quakbot|TR|zip","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-01-31 16:20:51","https://inegypt.app/IISU.php?","offline","malware_download","BB12|Qakbot|qbot|TR","inegypt.app","92.205.5.130","21499","FR"
"2023-01-31 16:20:25","https://flashnewsbensedira.com/DLOO.php?","offline","malware_download","BB12|Qakbot|qbot|TR","flashnewsbensedira.com","92.204.208.251","21499","FR"
"2023-01-31 16:20:25","https://zanziflowerstours.com/NOIU.php?","offline","malware_download","BB12|Qakbot|qbot|TR","zanziflowerstours.com","92.205.178.162","21499","FR"
"2023-01-31 16:20:23","https://sacredly.io/CECI.php?","offline","malware_download","BB12|Qakbot|qbot|TR","sacredly.io","92.205.4.171","21499","FR"
"2023-01-23 15:51:06","https://www.manchesterot.co.uk/about-us/BfumrDFaSvt/","offline","malware_download","dll|emotet|epoch5|Heodo","www.manchesterot.co.uk","92.205.239.100","21499","DE"
"2023-01-23 15:51:06","https://www.manchesterot.co.uk/about-us/GNN9Fh9PyTtem3QjNJ/","offline","malware_download","dll|emotet|epoch5|Heodo","www.manchesterot.co.uk","92.205.239.100","21499","DE"
"2023-01-18 00:29:09","https://www.manchesterot.co.uk/about-us/dKRRwATC1r1pz/","offline","malware_download","dll|emotet|epoch4","www.manchesterot.co.uk","92.205.239.100","21499","DE"
"2022-12-22 20:04:07","https://slnetworks.com/UQ.php","offline","malware_download","B1|BB11|ISO|Qakbot|Qbot|Quakbot|TR|U22|zip","slnetworks.com","92.205.0.95","21499","FR"
"2022-12-20 17:24:12","https://slnetworks.com/blro/index.php","offline","malware_download","BB11|IMG|Qakbot|Qbot|Quakbot|RR17|TR|VHD|zip","slnetworks.com","92.205.0.95","21499","FR"
"2022-12-19 16:39:51","https://slnetworks.com/il/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","slnetworks.com","92.205.0.95","21499","FR"
"2022-12-15 17:32:43","https://slnetworks.com/avo/index.php","offline","malware_download","50000|E17|gozi|ISFB|ISO|PM11|TR|zip","slnetworks.com","92.205.0.95","21499","FR"
"2022-12-14 16:13:22","https://slnetworks.com/ccmo/index.php","offline","malware_download","BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","slnetworks.com","92.205.0.95","21499","FR"
"2022-12-13 21:49:16","https://slnetworks.com/emnq/index.php?qbot.zip","offline","malware_download","675|BB10|ISO|nt005|qakbot|qbot|quakbot|TR|zip","slnetworks.com","92.205.0.95","21499","FR"
"2022-11-17 16:19:14","https://spiderstartup.com/cs/index.php?qbot.zip","offline","malware_download","BB06|iso|qakbot|qbot|quakbot|SK16|TR|zip","spiderstartup.com","151.106.42.71","21499","FR"
"2022-11-11 07:36:11","https://www.manchesterot.co.uk/about-us/kka/","offline","malware_download","emotet|exe|heodo","www.manchesterot.co.uk","92.205.239.100","21499","DE"
"2022-11-07 21:41:12","https://www.manchesterot.co.uk/about-us/KEfGo/","offline","malware_download","emotet|epoch5|exe|heodo","www.manchesterot.co.uk","92.205.239.100","21499","DE"
"2022-10-26 20:22:32","https://evdetv.com/rmsn/qakbot.zip","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","evdetv.com","92.205.3.103","21499","FR"
"2022-10-26 18:02:32","https://evdetv.com/rmsn/qbot.zip","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","evdetv.com","92.205.3.103","21499","FR"
"2022-10-25 22:59:28","https://evdetv.com/rmsn/apenitseaeeps","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","evdetv.com","92.205.3.103","21499","FR"
"2022-10-11 00:55:13","https://proquimed.com.mx/aeol/iauequqsmts","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-10-11 00:32:27","http://proquimed.com.mx/aeol/serscaoneanmdiu","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-10-10 17:34:36","https://proquimed.com.mx/aeol/edvipeeurltthtmreerpona","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-10-10 17:34:14","https://proquimed.com.mx/aeol/stmpeoaoroelri","offline","malware_download","BB|iso|qakbot|qbot|quakbot|TR|X353|X873|zip","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-09-30 22:11:46","https://techysheky.com/racu/ornoenv","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:11:42","https://techysheky.com/racu/nrtaevmitsupuupltomea","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:11:41","https://techysheky.com/racu/ntliihu","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:11:40","https://techysheky.com/racu/tdveiloit","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:11:31","https://techysheky.com/racu/quaultnortceeivs","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:11:24","https://techysheky.com/racu/odtmrousnelsor","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:11:17","https://techysheky.com/racu/rsieudqoolisemli","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:11:17","https://techysheky.com/racu/tslifmieeotagu","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:11:14","https://techysheky.com/racu/reesotrr","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:45","https://techysheky.com/racu/mrurdei","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:42","https://techysheky.com/racu/artmeeu","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:38","https://techysheky.com/racu/meorouslspaivat","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:35","https://techysheky.com/racu/iuiern","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:35","https://techysheky.com/racu/lmaptuuotsiuvpm","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:26","https://techysheky.com/racu/irsitserepaso","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:16","https://techysheky.com/racu/elbeutrtoenar","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:15","https://techysheky.com/racu/atpecselat","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:15","https://techysheky.com/racu/euammqntu","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:14","https://techysheky.com/racu/feauttuenitgr","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:14","https://techysheky.com/racu/iasqpuumm","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-30 22:10:14","https://techysheky.com/racu/neieeeapcsrdfrref","offline","malware_download","BB|qakbot|qbot|quakbot|TR|U492|zip","techysheky.com","92.205.99.161","21499","FR"
"2022-09-28 18:09:38","https://proquimed.com.mx/teu/fcealpvseoaurt","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-09-28 17:37:17","http://poiesisproject.com/oo/atuuta","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","poiesisproject.com","92.205.14.36","21499","FR"
"2022-09-28 17:37:12","http://poiesisproject.com/oo/eusenssmi","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","poiesisproject.com","92.205.14.36","21499","FR"
"2022-09-28 17:37:12","http://poiesisproject.com/oo/tcbeptuioaseaccmior","offline","malware_download","BB|H322|H436|qakbot|qbot|quakbot|TR|U425|zip","poiesisproject.com","92.205.14.36","21499","FR"
"2022-09-28 10:28:31","https://proquimed.com.mx/teu/eaemmspsxerroiai","offline","malware_download","bb|qbot","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-09-28 10:28:26","https://proquimed.com.mx/teu/iodnnsbite","offline","malware_download","bb|qbot","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-09-28 10:28:18","https://proquimed.com.mx/teu/lvuutspatoa","offline","malware_download","bb|qbot","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-09-28 10:28:17","https://proquimed.com.mx/teu/ddgnaeaeruneeiclsi","offline","malware_download","bb|qbot","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-09-28 10:28:15","https://proquimed.com.mx/teu/fmraaeosiug","offline","malware_download","bb|qbot","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-09-28 10:28:13","https://proquimed.com.mx/teu/utripmaarna","offline","malware_download","bb|qbot","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-09-28 10:28:07","https://proquimed.com.mx/teu/qesidtubmau","offline","malware_download","bb|qbot","proquimed.com.mx","92.205.61.220","21499","FR"
"2022-08-31 07:40:06","https://smartectechnologies.com/12/TrdngAnlzr10422.exe","offline","malware_download","32|ColibriLoader|exe|RedLineStealer","smartectechnologies.com","92.205.10.215","21499","FR"
"2022-08-31 07:40:05","https://smartectechnologies.com/12/TrdngAnlzr9949.exe","offline","malware_download","32|ColibriLoader|exe","smartectechnologies.com","92.205.10.215","21499","FR"
"2022-08-31 05:39:10","https://smartectechnologies.com/12/TrdngAnr6339.exe","offline","malware_download","ColibriLoader|dropby|PrivateLoader|RedLineStealer","smartectechnologies.com","92.205.10.215","21499","FR"
"2022-06-30 07:12:06","https://hepsisifa.com/wp-content/T0kkNeOlvF/","offline","malware_download","dll|emotet|epoch5|heodo","hepsisifa.com","92.205.30.57","21499","FR"
"2022-06-14 19:02:06","https://manchesterslt.co.uk/a-to-z-of-slt/xOgw/","offline","malware_download","dll|emotet|epoch4|Heodo","manchesterslt.co.uk","92.205.239.100","21499","DE"
"2022-05-27 14:50:28","https://invie.in/pun/TZz/9W2/gUa/unOr0oa.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|Quakbot|zip","invie.in","160.153.133.77","21499","US"
"2022-05-27 14:50:21","https://invie.in/pun/MW/6y/4CdLArLX.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|Quakbot|zip","invie.in","160.153.133.77","21499","US"
"2022-05-26 21:46:09","http://ymtdental.org/pun/fgPXzxQsUG.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|Quakbot|zip","ymtdental.org","92.204.70.4","21499","FR"
"2022-05-26 18:33:26","https://ymtdental.org/pun/y/NapJRQtcu.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|Quakbot|zip","ymtdental.org","92.204.70.4","21499","FR"
"2022-05-26 18:33:14","https://ymtdental.org/pun/60/cX/kBKn2R5f.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|Quakbot|zip","ymtdental.org","92.204.70.4","21499","FR"
"2022-05-26 14:50:27","https://ymtdental.org/pun/fgPXzxQsUG.zip","offline","malware_download","b-TDS|obama185|Qakbot|qbot|Quakbot|zip","ymtdental.org","92.204.70.4","21499","FR"
"2022-05-23 13:52:06","https://airliftlimo.com/wp-admin/wzZ3RIsItxZsu77MFxs/","offline","malware_download","dll|emotet|epoch5|heodo","airliftlimo.com","92.205.1.135","21499","FR"
"2022-05-23 12:16:14","https://vendasbestchoice.com/iaq/paoieorrcs","offline","malware_download","Quakbot|TR","vendasbestchoice.com","92.205.2.117","21499","FR"
"2022-05-23 11:40:31","https://smileway.pt/quau/hetlnisi","offline","malware_download","Quakbot|TR","smileway.pt","92.205.2.117","21499","FR"
"2022-05-23 11:40:11","https://ameea.org/uuto/pututsemeialvoq","offline","malware_download","Quakbot|TR","ameea.org","92.205.2.117","21499","FR"
"2022-05-20 15:56:05","https://airliftlimo.com/wp-admin/iMc/","offline","malware_download","dll|emotet|epoch4|heodo","airliftlimo.com","92.205.1.135","21499","FR"
"2022-05-18 14:04:07","https://airliftlimo.com/wp-admin/12DtB7kP6Ur8X77/","offline","malware_download","dll|emotet|epoch4|heodo","airliftlimo.com","92.205.1.135","21499","FR"
"2022-05-12 14:16:34","http://dentaldiary.com/icxa/adnon9699730","offline","malware_download","qakbot|qbot|tr","dentaldiary.com","160.153.128.40","21499","US"
"2022-05-12 14:16:34","http://highclassescortsservice.com/ei/sitet19849822","offline","malware_download","qakbot|qbot|Quakbot|SilentBuilder|tr","highclassescortsservice.com","160.153.129.40","21499","US"
"2022-05-03 10:34:20","http://dentaldiary.com/icxa/rerumcum15272466","offline","malware_download","aa|qakbot|qbot|Quakbot|tr","dentaldiary.com","160.153.128.40","21499","US"
"2022-05-03 10:34:11","http://plasttreid.com/lr/esesrotdlo","offline","malware_download","aa|qakbot|qbot|Quakbot|tr","plasttreid.com","160.153.129.216","21499","US"
"2022-05-02 13:41:05","http://timijay.com/mn/icidioasitdp","offline","malware_download","Quakbot|TR","timijay.com","160.153.133.214","21499","US"
"2022-04-29 10:42:05","https://hepsisifa.com/wp-admin/k/","offline","malware_download","dll|emotet|epoch4|heodo","hepsisifa.com","92.205.30.57","21499","FR"
"2022-04-28 13:40:04","http://itsector.me/rdo/exercitationemrerum10711971","offline","malware_download","qakbot|Quakbot|TR","itsector.me","160.153.133.157","21499","US"
"2022-04-28 11:03:38","http://myclubapp.me/eos/atodit2413987","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:03:38","http://senior-consultingco.com/otdt/voluptatumnumquam5562953","offline","malware_download","qakbot|qbot|Quakbot|tr","senior-consultingco.com","160.153.131.219","21499","US"
"2022-04-28 11:03:37","http://myclubapp.me/eos/quisaliquid6785663","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:03:29","https://english-indoors.com/us/voluptatemcorporis526550","offline","malware_download","qakbot|qbot|Quakbot|tr","english-indoors.com","160.153.128.26","21499","US"
"2022-04-28 11:03:25","http://innovationstudioeg.com/inn/ullamdelectus11870873","offline","malware_download","qakbot|qbot|Quakbot|tr","innovationstudioeg.com","160.153.129.26","21499","US"
"2022-04-28 11:02:20","http://myclubapp.me/eos/aliquidrerum10148753","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:02:19","http://myclubapp.me/eos/aperiamrem1961857","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:02:12","http://myclubapp.me/eos/remqui4395547","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:02:03","http://myclubapp.me/eos/quodamet2243625","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:01:54","http://itsector.me/rdo/istefuga11892767","offline","malware_download","qakbot|qbot|Quakbot|tr","itsector.me","160.153.133.157","21499","US"
"2022-04-28 11:01:48","http://senior-consultingco.com/otdt/debitisvoluptatem13871455","offline","malware_download","qakbot|qbot|Quakbot|tr","senior-consultingco.com","160.153.131.219","21499","US"
"2022-04-28 11:01:45","http://myclubapp.me/eos/estharum2357412","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:01:35","http://myclubapp.me/eos/consecteturpossimus1859560","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:01:33","http://itsector.me/rdo/cumtenetur8335510","offline","malware_download","qakbot|qbot|Quakbot|tr","itsector.me","160.153.133.157","21499","US"
"2022-04-28 11:01:21","http://senior-consultingco.com/otdt/totamfugiat5403714","offline","malware_download","qakbot|qbot|Quakbot|tr","senior-consultingco.com","160.153.131.219","21499","US"
"2022-04-28 11:01:11","http://senior-consultingco.com/otdt/doloreet15056690","offline","malware_download","qakbot|qbot|Quakbot|tr","senior-consultingco.com","160.153.131.219","21499","US"
"2022-04-28 11:01:08","http://myclubapp.me/eos/eiusnesciunt7841165","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-28 11:01:08","http://myclubapp.me/eos/natusporro8181224","offline","malware_download","qakbot|qbot|Quakbot|tr","myclubapp.me","160.153.133.157","21499","US"
"2022-04-23 04:45:21","https://emka.app/atm/RR/DO/VhYfkMBA.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-23 04:45:18","https://emka.app/atm/BsBQUFfbgr.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-23 04:45:17","https://emka.app/atm/L9I/qT3/XDW/cQLx2Tj.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-23 04:44:14","http://emka.app/atm/r/0g7xxbtao.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-23 04:44:13","http://emka.app/atm/i/amv8tpiuq.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-23 04:44:12","http://emka.app/atm/ery/ayr/8ve/kknl7go.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-23 04:44:10","http://emka.app/atm/q/btssntmqd.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-22 15:40:05","https://www.manchesterslt.co.uk/a-to-z-of-slt/Ntrci3Ry/","offline","malware_download","dll|emotet|epoch5|heodo","www.manchesterslt.co.uk","92.205.239.100","21499","DE"
"2022-04-22 03:25:06","https://emka.app/atm/I/amv8tPIUQ.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-22 03:25:03","https://emka.app/atm/tA7GMKTHXb.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-22 03:24:55","https://emka.app/atm/q/bTSSNTMQD.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-22 03:24:42","https://emka.app/atm/ery/ayR/8vE/kKNl7Go.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-22 03:24:24","https://emka.app/atm/UVjgBedgJi.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-22 03:24:22","https://emka.app/atm/r/0G7XxBtAO.zip","offline","malware_download","b-TDS|obama179|Qakbot|qbot|Quakbot|zip","emka.app","92.205.7.112","21499","FR"
"2022-04-19 12:32:20","http://herontraiding.com/iusq/eusisaeq","offline","malware_download","geofenced|Qakbot|qbot|Quakbot|TR","herontraiding.com","160.153.131.153","21499","US"
"2022-04-19 12:32:09","http://bemoreflamingo.com/ti/nmemina","offline","malware_download","geofenced|Qakbot|qbot|Quakbot|TR","bemoreflamingo.com","160.153.128.36","21499","US"
"2022-04-14 13:46:31","https://ecafescuela.com/onen/puasisumq","offline","malware_download","Qakbot|Qbot|Quakbot|TR|xlsb","ecafescuela.com","160.153.129.224","21499","US"
"2022-04-14 10:32:08","http://ekaremimarlik.com/in/umussaeccquacmu","offline","malware_download","Qakbot|qbot|Quakbot|TR","ekaremimarlik.com","160.153.129.216","21499","US"
"2022-03-31 19:04:03","http://ecesaray.com.tr/marina2013/EkOM4/","offline","malware_download","c8fc17ff030feb3383d8889f69abbb|emotet|epoch4|Heodo|xls","ecesaray.com.tr","92.205.173.164","21499","DE"
"2022-03-31 17:58:09","https://eephysiotherapy.co.uk/blog/aJCp/","offline","malware_download","c8fc17ff030feb3383d8889f69abbb|emotet|epoch4|Heodo|xls","eephysiotherapy.co.uk","92.205.239.100","21499","DE"
"2022-03-29 18:36:05","http://ecesaray.com.tr/marina2013/XNY/","offline","malware_download","emotet|epoch4|Heodo|redir-doc|xls","ecesaray.com.tr","92.205.173.164","21499","DE"
"2022-03-29 18:36:05","http://ecesaray.com.tr/marina2013/XNY/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","ecesaray.com.tr","92.205.173.164","21499","DE"
"2022-03-29 15:50:06","http://esser-promotion.de/kuenstler/9JzQquBzAa2erx204JB5aPXVpa0qO/?i=1","offline","malware_download","doc|emotet|epoch4|Heodo|SilentBuilder","esser-promotion.de","92.205.226.33","21499","DE"
"2022-03-29 15:50:05","http://esser-promotion.de/kuenstler/9JzQquBzAa2erx204JB5aPXVpa0qO/","offline","malware_download","emotet|epoch4|Heodo|redir-doc|SilentBuilder|xls","esser-promotion.de","92.205.226.33","21499","DE"
"2022-03-24 08:51:04","http://websitedesignoxfordshire.co.uk/mew3.exe","offline","malware_download","exe|Formbook","websitedesignoxfordshire.co.uk","92.205.12.101","21499","FR"
"2022-03-23 19:41:04","http://websitedesignoxfordshire.co.uk/pizt.exe","offline","malware_download","exe|Formbook","websitedesignoxfordshire.co.uk","92.205.12.101","21499","FR"
"2022-03-23 19:41:04","https://websitedesignoxfordshire.co.uk/Cypi0.exe","offline","malware_download","exe|Formbook","websitedesignoxfordshire.co.uk","92.205.12.101","21499","FR"
"2022-03-18 23:31:05","https://franciscosobrado.com/wp-content/xp/","offline","malware_download","emotet|epoch4|exe|heodo","franciscosobrado.com","160.153.128.36","21499","US"
"2022-03-17 22:46:08","https://eephysiotherapy.co.uk/blog/mn1d1JScv1CIg4aTy/","offline","malware_download","dll|emotet|epoch5|Heodo","eephysiotherapy.co.uk","92.205.239.100","21499","DE"
"2022-03-17 22:46:06","https://www.manchesterslt.co.uk/a-to-z-of-slt/9wq2ESVcG/","offline","malware_download","dll|emotet|epoch5|Heodo","www.manchesterslt.co.uk","92.205.239.100","21499","DE"
"2022-03-17 21:34:07","http://www.bridgeaustria.at/archive/V27DbIDKqIWeaAPMD/","offline","malware_download","dll|emotet|epoch5|Heodo","www.bridgeaustria.at","92.205.48.90","21499","FR"
"2022-03-17 16:39:05","https://www.manchesterot.co.uk/about-us/LFXAJJIa/","offline","malware_download","dll|emotet|epoch5|heodo","www.manchesterot.co.uk","92.205.239.100","21499","DE"
"2022-03-17 14:17:05","http://www.bridgewien.at/admin/9Osvbo9caA4QYishnWka/","offline","malware_download","dll|emotet|epoch4|Heodo","www.bridgewien.at","92.205.48.90","21499","FR"
"2022-03-16 18:12:06","https://westthamesphysio.com/blog/3tsZIz09Sox1Z/","offline","malware_download","dll|emotet|epoch4|Heodo","westthamesphysio.com","92.205.239.100","21499","DE"
"2022-03-16 18:12:05","https://physioacademy.co.uk/conditions/8I3WSx5t2k/","offline","malware_download","dll|emotet|epoch4|Heodo","physioacademy.co.uk","92.205.239.100","21499","DE"
"2022-03-15 08:49:15","https://www.manchesterot.co.uk/about-us/fxVCCMDni/","offline","malware_download","dll|emotet|epoch4|Heodo","www.manchesterot.co.uk","92.205.239.100","21499","DE"
"2022-03-14 23:21:11","https://www.manchesterslt.co.uk/a-to-z-of-slt/rNrJKOM2h/","offline","malware_download","dll|emotet|epoch4|heodo","www.manchesterslt.co.uk","92.205.239.100","21499","DE"
"2022-03-14 21:05:15","https://fitfabtherapy.com/Untitled-1/AdRf0JsnyI/","offline","malware_download","dll|emotet|epoch5|heodo","fitfabtherapy.com","92.205.239.100","21499","DE"
"2022-03-14 19:23:06","http://software-house.co.uk/apm/scX/qsq/6Uh/n6mqfFZ.zip","offline","malware_download","FRA|geofenced|Qakbot|qbot|Quakbot|TR","software-house.co.uk","92.204.218.254","21499","FR"
"2022-03-14 18:20:11","https://physioacademy.co.uk/blog/Qs8QZTp0Z6nKf9YjVBMS/","offline","malware_download","dll|emotet|epoch4|heodo","physioacademy.co.uk","92.205.239.100","21499","DE"
"2022-03-14 10:23:07","http://jockeyplaste.com/span/U/4jYbRx8V6.zip","offline","malware_download","Quakbot","jockeyplaste.com","92.205.150.140","21499","FR"
"2022-03-14 08:57:08","https://westthamesphysio.com/blog/D8AAkEyZ7u/","offline","malware_download","dll|emotet|epoch4|Heodo","westthamesphysio.com","92.205.239.100","21499","DE"
"2022-03-02 07:53:04","http://epicclothing.ca/cdrom/E/o3heEEqda.zip","offline","malware_download","FRA|geofenced|Qakbot|qbot|Quakbot|TR","epicclothing.ca","92.204.221.9","21499","FR"
"2022-02-22 16:44:12","https://raind.solutions/VVUPcspJTmU/FHN.png","offline","malware_download","dll|Qakbot|qbot|Quakbot|tr","raind.solutions","92.205.28.26","21499","FR"
"2022-02-19 03:31:10","https://ilrt-gmbh.com/wp-admin/j_O3/","offline","malware_download","emotet","ilrt-gmbh.com","92.205.175.254","21499","DE"
"2022-02-17 19:07:12","http://stationcarslangley.co.uk/crio/oqdiu","offline","malware_download","qbot|Quakbot|tr","stationcarslangley.co.uk","92.205.7.92","21499","FR"
"2022-02-10 10:47:04","http://kizitox.cf/brownzx.exe","offline","malware_download","AgentTesla|exe","kizitox.cf","92.205.15.154","21499","FR"
"2022-02-09 15:18:04","http://kizitox.cf/kendrickzx.exe","offline","malware_download","AZORult|exe","kizitox.cf","92.205.15.154","21499","FR"
"2022-02-04 05:36:05","https://businessinterruption-claims.org/ieauusiq/tuqtev-cmnruum-ianasmauisoat","offline","malware_download","Bokbot|IcedID|TR|zip","businessinterruption-claims.org","92.204.221.44","21499","FR"
"2022-02-02 09:17:04","http://kizitox.cf/darlinthonzx.exe","offline","malware_download","exe|Formbook","kizitox.cf","92.205.15.154","21499","FR"
"2022-02-02 07:15:10","https://goldeneggtrainingschool.co.uk/tete/cpinstuss-q-eueuimabsneuaiusmio","offline","malware_download","Bokbot|IcedID|Quakbot|TR|zip","goldeneggtrainingschool.co.uk","92.204.221.44","21499","FR"
"2022-02-01 19:24:06","https://mail.themintlist.com/wp-includes/S5xbjWOoM75ysw9xaM/","offline","malware_download","dll|emotet|epoch5|heodo","mail.themintlist.com","92.205.93.197","21499","FR"
"2022-02-01 18:36:05","http://kizitox.cf/arinzezx.exe","offline","malware_download","32|AgentTesla|exe","kizitox.cf","92.205.15.154","21499","FR"
"2022-02-01 18:35:05","http://kizitox.cf/giftzx.exe","offline","malware_download","32|AgentTesla|exe","kizitox.cf","92.205.15.154","21499","FR"
"2022-02-01 17:02:05","http://kizitox.cf/stonezx.exe","offline","malware_download","AgentTesla|exe","kizitox.cf","92.205.15.154","21499","FR"
"2022-01-25 14:44:20","http://orientbuffet.eu/administrator/9WZ/","offline","malware_download","dll|emotet|epoch5|Heodo","orientbuffet.eu","92.205.170.93","21499","DE"
"2022-01-25 09:27:04","http://kizitox.cf/prosperzx.exe","offline","malware_download","AgentTesla|exe","kizitox.cf","92.205.15.154","21499","FR"
"2022-01-19 16:06:05","http://kizitox.cf/bryantzx.exe","offline","malware_download","exe|Loki","kizitox.cf","92.205.15.154","21499","FR"
"2022-01-12 09:06:04","https://www.121-sex-lines.co.uk/wp-includes/605221_2344/","offline","malware_download","emotet|epoch5|redir-doc|xls","www.121-sex-lines.co.uk","92.205.230.118","21499","DE"
"2022-01-12 05:24:33","https://www.adult-chat-xxx.co.uk/ydfegkz/841415_460227/","offline","malware_download","emotet|epoch5|redir-doc|xls","www.adult-chat-xxx.co.uk","92.205.163.132","21499","FR"
"2022-01-12 05:24:08","https://www.adult-chat-xxx.co.uk/ydfegkz/841415_460227/?i=1","offline","malware_download","doc|emotet|epoch5|Heodo","www.adult-chat-xxx.co.uk","92.205.163.132","21499","FR"
"2022-01-07 08:04:04","http://kizitox.cf/macdonzx.exe","offline","malware_download","AgentTesla|exe|Formbook","kizitox.cf","92.205.15.154","21499","FR"
"2022-01-04 16:35:10","http://kizitox.cf/mollyzx.exe","offline","malware_download","AgentTesla|AveMariaRAT|exe","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-23 23:37:09","https://www.121-sex-lines.co.uk/wp-includes/daOoGO/","offline","malware_download","emotet|epoch4|redir-doc|xls","www.121-sex-lines.co.uk","92.205.230.118","21499","DE"
"2021-12-23 23:28:09","https://www.adult-chat-xxx.co.uk/ydfegkz/fj3ar980NWw/","offline","malware_download","emotet|epoch4|redir-doc|xls","www.adult-chat-xxx.co.uk","92.205.163.132","21499","FR"
"2021-12-22 16:52:09","http://kizitox.cf/jayzx.exe","offline","malware_download","exe|Loki","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-20 12:28:07","http://kizitox.cf/aguerozx.exe","offline","malware_download","exe|Formbook","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-20 09:18:09","http://kizitox.cf/kdotzx.exe","offline","malware_download","AgentTesla|exe","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-15 11:30:11","http://kizitox.cf/ugopoundzx.exe","offline","malware_download","exe|SnakeKeylogger","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-14 17:00:10","http://kizitox.cf/bestzx.exe","offline","malware_download","AgentTesla|exe|Loki","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-14 12:19:10","http://kizitox.cf/bobbyfilezx.exe","offline","malware_download","AgentTesla|exe|Formbook","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-13 21:49:09","http://kizitox.cf/mpomzx.exe","offline","malware_download","32|exe|Formbook","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-13 19:11:10","http://kizitox.cf/plugmanzx.exe","offline","malware_download","exe|Formbook|NanoCore|RAT|RemcosRAT","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-13 10:41:10","http://kizitox.cf/bobbyzx.exe","offline","malware_download","AgentTesla|exe|Formbook|OskiStealer","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-10 10:53:09","http://kizitox.cf/bluezx.exe","offline","malware_download","32|exe|Formbook","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-10 08:42:09","http://kizitox.cf/kellyzx.exe","offline","malware_download","exe|Formbook","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-07 21:31:10","http://kizitox.cf/hussanzx.exe","offline","malware_download","32|AgentTesla|exe|SnakeKeylogger","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-07 17:57:09","http://kizitox.cf/dozzyzx.exe","offline","malware_download","32|AgentTesla|exe|Formbook","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-07 12:22:15","http://kizitox.cf/mazx.exe","offline","malware_download","exe|Formbook|OskiStealer","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-07 12:22:10","http://kizitox.cf/lewizx.exe","offline","malware_download","AgentTesla|exe","kizitox.cf","92.205.15.154","21499","FR"
"2021-12-03 12:19:11","http://fruityx.tk/obizx.exe","offline","malware_download","32|exe|SnakeKeylogger","fruityx.tk","92.205.15.154","21499","FR"
"2021-12-03 10:27:06","http://fruityx.tk/hussanzx.exe","offline","malware_download","AgentTesla|exe|Loki","fruityx.tk","92.205.15.154","21499","FR"
"2021-12-01 16:30:05","http://fruityx.tk/bestzx.exe","offline","malware_download","32|exe|Formbook","fruityx.tk","92.205.15.154","21499","FR"
"2021-12-01 12:26:13","http://manage.chelseaautos.es/quododio/accusantiumqui-7654930","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:26:12","http://manage.chelseaautos.es/quododio/etaut-7727700","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:26:12","http://manage.chelseaautos.es/quododio/nihilmodi-7698071","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:26:11","http://manage.chelseaautos.es/quododio/ipsaveritatis-7683005","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:17","http://manage.chelseaautos.es/quododio/veroipsam-7674287","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:16","http://manage.chelseaautos.es/quododio/etet-7693567","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:12","http://manage.chelseaautos.es/quododio/iureaut-7767032","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:11","http://manage.chelseaautos.es/quododio/adsaepe-7752641","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:11","http://manage.chelseaautos.es/quododio/autab-7769023","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:11","http://manage.chelseaautos.es/quododio/molestiasut-7702239","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:09","http://manage.chelseaautos.es/quododio/quiut-7155877","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:09","http://manage.chelseaautos.es/quododio/solutafugit-7697548","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:08","http://manage.chelseaautos.es/quododio/optiosit-7658996","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:25:07","http://manage.chelseaautos.es/quododio/repellateius-7731802","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:20:22","http://elevatedfashion.co.uk/doloresratione/quout-8145295","offline","malware_download","qbot|Quakbot|tr","elevatedfashion.co.uk","92.204.217.7","21499","FR"
"2021-12-01 12:20:21","http://elevatedfashion.co.uk/doloresratione/delenitiaccusantium-7968635","offline","malware_download","qbot|Quakbot|tr","elevatedfashion.co.uk","92.204.217.7","21499","FR"
"2021-12-01 12:20:18","http://elevatedfashion.co.uk/doloresratione/voluptatemtempora-7899194","offline","malware_download","qbot|Quakbot|tr","elevatedfashion.co.uk","92.204.217.7","21499","FR"
"2021-12-01 12:20:18","http://manage.chelseaautos.es/quododio/doloressunt-7647473","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 12:20:16","http://elevatedfashion.co.uk/doloresratione/utvelit-7844901","offline","malware_download","qbot|Quakbot|tr","elevatedfashion.co.uk","92.204.217.7","21499","FR"
"2021-12-01 12:20:12","http://elevatedfashion.co.uk/doloresratione/autquo-7945737","offline","malware_download","qbot|Quakbot|tr","elevatedfashion.co.uk","92.204.217.7","21499","FR"
"2021-12-01 12:20:12","http://elevatedfashion.co.uk/doloresratione/distinctioincidunt-7881495","offline","malware_download","qbot|Quakbot|tr","elevatedfashion.co.uk","92.204.217.7","21499","FR"
"2021-12-01 12:18:15","http://manage.chelseaautos.es/quododio/totamex-7754267","offline","malware_download","qbot|Quakbot|tr","manage.chelseaautos.es","92.204.217.7","21499","FR"
"2021-12-01 09:18:09","http://fruityx.tk/xzx.exe","offline","malware_download","32|exe|Formbook","fruityx.tk","92.205.15.154","21499","FR"
"2021-12-01 05:13:04","http://fruityx.tk/aguerozx.exe","offline","malware_download","32|exe|Formbook","fruityx.tk","92.205.15.154","21499","FR"
"2021-11-30 18:59:10","http://fruityx.tk/templezx.exe","offline","malware_download","exe|SnakeKeylogger","fruityx.tk","92.205.15.154","21499","FR"
"2021-11-30 06:07:06","http://fruityx.tk/ogezx.exe","offline","malware_download","32|exe|Loki","fruityx.tk","92.205.15.154","21499","FR"
"2021-11-30 04:51:23","http://lagosdigitalsummit.com/cumvitae/quodveritatis-7396476","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:19","http://lagosdigitalsummit.com/cumvitae/minuset-3779048","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:19","http://lagosdigitalsummit.com/cumvitae/quisunt-7431969","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:18","http://lagosdigitalsummit.com/cumvitae/sintaliquam-7121968","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:15","http://lagosdigitalsummit.com/cumvitae/esseet-7214767","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:15","http://lagosdigitalsummit.com/cumvitae/quasblanditiis-7229661","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:14","http://lagosdigitalsummit.com/cumvitae/corruptised-7394866","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:14","http://lagosdigitalsummit.com/cumvitae/solutaipsam-7422064","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:13","http://lagosdigitalsummit.com/cumvitae/etperferendis-7407569","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:12","http://lagosdigitalsummit.com/cumvitae/consequaturut-7230329","offline","malware_download","chaserldr|Dridex|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:11","http://lagosdigitalsummit.com/cumvitae/voluptatemad-5010759","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:10","http://lagosdigitalsummit.com/cumvitae/quilaborum-7400304","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:10","http://lagosdigitalsummit.com/cumvitae/repellatquae-7400182","offline","malware_download","chaserldr|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-30 04:51:08","http://lagosdigitalsummit.com/cumvitae/atempore-7202318","offline","malware_download","chaserldr|Dridex|Qakbot|Quakbot|SilentBuilder|TR|zip","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-29 10:47:15","http://lagosdigitalsummit.com/cumvitae/utet-7341519","offline","malware_download","qbot|Quakbot|SilentBuilder|tr","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-29 10:47:11","http://lagosdigitalsummit.com/cumvitae/utet-7133989","offline","malware_download","qbot|Quakbot|SilentBuilder|tr","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-29 10:47:08","http://lagosdigitalsummit.com/cumvitae/eaquidem-7320666","offline","malware_download","qbot|Quakbot|SilentBuilder|tr","lagosdigitalsummit.com","92.205.0.161","21499","FR"
"2021-11-24 12:57:04","https://barnetcut.co.uk/SfCQDfYjWj/y.html","offline","malware_download","contemporary|dll|TR","barnetcut.co.uk","92.205.23.123","21499","FR"
"2021-10-27 17:57:11","https://development.ifal-app.com/sapientesint/siverantsolutioribus-874605","offline","malware_download","Quakbot|TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-27 17:40:16","https://development.ifal-app.com/sapientesint/ploraturamligone-959786","offline","malware_download","Quakbot|TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-27 17:18:08","https://development.ifal-app.com/sapientesint/ocomponamini-912312","offline","malware_download","Quakbot|TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-27 17:07:14","https://development.ifal-app.com/sapientesint/agitavissemplumbago-282758","offline","malware_download","Quakbot|TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-27 17:02:09","https://hewadexchange.com/temerarious.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 16:06:09","http://hewadexchange.com/forenoon.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 16:06:06","http://hewadexchange.com/multilingual.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 16:06:06","http://hewadexchange.com/onslaught.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 16:06:05","http://hewadexchange.com/penalty.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 16:06:05","http://hewadexchange.com/receivership.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 16:06:04","http://hewadexchange.com/unsold.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 16:06:03","http://hewadexchange.com/temerarious.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 16:06:03","http://hewadexchange.com/walking.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-27 14:32:13","https://development.ifal-app.com/sapientesint/necatisparatio-744168","offline","malware_download","Quakbot|TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-27 13:49:07","https://development.ifal-app.com/sapientesint/curariludentur-496460","offline","malware_download","Quakbot|TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-27 13:32:13","https://development.ifal-app.com/sapientesint/disturbantesionas-428651","offline","malware_download","TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-27 13:17:10","https://development.ifal-app.com/sapientesint/direptionisgestum-619666","offline","malware_download","Quakbot|TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-27 12:57:14","https://development.ifal-app.com/sapientesint/praedicatasadmonetis-385120","offline","malware_download","TR|zip","development.ifal-app.com","92.205.1.150","21499","FR"
"2021-10-20 06:14:37","http://hewadexchange.com/transequatorial.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-20 06:14:21","http://hewadexchange.com/decamp.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-20 06:14:15","http://hewadexchange.com/korean.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-20 06:14:15","http://hewadexchange.com/shootout.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-20 06:14:09","http://hewadexchange.com/trapezius.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-20 06:14:09","http://hewadexchange.com/wadded.php","offline","malware_download","doc|hancitor|html","hewadexchange.com","92.205.1.58","21499","FR"
"2021-10-08 04:13:10","http://www.garibaldidal1970.com/farrow.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-08 04:13:08","http://www.garibaldidal1970.com/marxist.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-08 04:13:08","http://www.garibaldidal1970.com/pard.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-08 04:13:08","http://www.garibaldidal1970.com/prepayment.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-08 04:13:07","http://www.garibaldidal1970.com/expunge.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-08 04:13:03","http://www.garibaldidal1970.com/crawler.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-08 03:58:07","http://www.garibaldidal1970.com/repacking.php","offline","malware_download","Chanitor|doc|DocuSign|Hancitor","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-07 04:54:03","http://www.garibaldidal1970.com/banking.php?","offline","malware_download","Chanitor|doc|DocuSign|Hancitor","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-06 21:17:06","https://fortunepropertyturkey.com/aliquam-eum/documents.zip","offline","malware_download","SilentBuilder|TR|zip","fortunepropertyturkey.com","92.204.221.10","21499","FR"
"2021-10-06 20:58:11","https://fortunelawturkey.com/itaque-sed/documents.zip","offline","malware_download","SilentBuilder|TR|zip","fortunelawturkey.com","92.204.221.10","21499","FR"
"2021-10-06 16:28:15","http://www.garibaldidal1970.com/ichthyology.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-06 16:28:08","http://www.garibaldidal1970.com/banking.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-10-06 16:28:06","http://www.garibaldidal1970.com/desertion.php","offline","malware_download","doc|hancitor|html","www.garibaldidal1970.com","160.153.129.19","21499","US"
"2021-09-23 17:14:05","http://biozed.me/quisquam-vel/documents.zip","offline","malware_download","TR|zip","biozed.me","160.153.131.187","21499","US"
"2021-09-23 08:12:06","https://agelso.com/et-non/documents.zip","offline","malware_download","TR|zip","agelso.com","160.153.131.195","21499","US"
"2021-08-18 18:33:12","http://stertower.yubetech.com/architrave.php","offline","malware_download","doc|hancitor|html","stertower.yubetech.com","160.153.133.151","21499","US"
"2021-08-18 17:16:22","http://stertower.yubetech.com/don.php","offline","malware_download","doc|hancitor|html","stertower.yubetech.com","160.153.133.151","21499","US"
"2021-08-18 17:16:18","http://stertower.yubetech.com/decibel.php","offline","malware_download","doc|hancitor|html","stertower.yubetech.com","160.153.133.151","21499","US"
"2021-08-18 17:16:15","http://stertower.yubetech.com/ufo.php","offline","malware_download","doc|hancitor|html","stertower.yubetech.com","160.153.133.151","21499","US"
"2021-08-18 17:16:10","http://stertower.yubetech.com/antihistaminic.php","offline","malware_download","doc|hancitor|html","stertower.yubetech.com","160.153.133.151","21499","US"
"2021-08-07 14:05:06","https://athletesusa.co.uk/wp-content/plugins/wordfence/images/icons/B1tLAqOFWL0XN0.php","offline","malware_download","","athletesusa.co.uk","92.205.9.57","21499","FR"
"2021-08-04 07:37:04","http://inter-trading-service.com/Di4/New_0228_02101111.exe","offline","malware_download","32|a310Logger|exe","inter-trading-service.com","160.153.129.234","21499","US"
"2021-08-03 20:27:06","http://inter-trading-service.com/Di4/New_002728770031.exe","offline","malware_download","32|exe|SnakeKeylogger","inter-trading-service.com","160.153.129.234","21499","US"
"2021-08-03 20:27:06","http://inter-trading-service.com/id3T/ConsoleApp14.exe","offline","malware_download","32|exe","inter-trading-service.com","160.153.129.234","21499","US"
"2021-08-03 20:23:03","http://inter-trading-service.com/id3T/New_0027200031.exe","offline","malware_download","32|exe|RedLineStealer","inter-trading-service.com","160.153.129.234","21499","US"
"2021-08-03 20:17:09","http://inter-trading-service.com/id3T/Excel_71_804_23122.exe","offline","malware_download","32|exe|RedLineStealer","inter-trading-service.com","160.153.129.234","21499","US"
"2021-08-03 20:17:05","http://inter-trading-service.com/id3T/bincrypted.exe","offline","malware_download","32|exe|Formbook","inter-trading-service.com","160.153.129.234","21499","US"
"2021-08-03 18:25:04","http://inter-trading-service.com/Di4/New_1007572_021.exe","offline","malware_download","Formbook","inter-trading-service.com","160.153.129.234","21499","US"
"2021-07-14 00:55:04","https://www.enorichie.net/sites/aa.exe","offline","malware_download","32|AgentTesla|exe","www.enorichie.net","160.153.133.157","21499","US"
"2021-07-13 23:16:04","https://www.enorichie.net/z/new.exe","offline","malware_download","32|exe|Formbook","www.enorichie.net","160.153.133.157","21499","US"
"2021-07-13 19:14:04","http://enorichie.net/z/new.exe","offline","malware_download","32|exe|Formbook","enorichie.net","160.153.133.157","21499","US"
"2021-07-13 17:18:04","http://enorichie.net/sites/aa.exe","offline","malware_download","AgentTesla|exe","enorichie.net","160.153.133.157","21499","US"
"2021-06-24 18:55:09","https://www.spin-team.co.rs/wp-content/plugins/advanced-custom-fields/js/input/ql0aQTZfD0fQ.php","offline","malware_download","Dridex","www.spin-team.co.rs","92.205.184.25","21499","FR"
"2021-06-22 15:37:05","https://spin-team.co.rs/wp-content/plugins/advanced-custom-fields/js/input/ql0aQTZfD0fQ.php","offline","malware_download","Dridex","spin-team.co.rs","92.205.184.25","21499","FR"
"2021-06-16 12:17:04","https://w-gypsum.net/hadley-nikolaus/LiamWilliams-35.zip","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR|zip","w-gypsum.net","92.205.0.58","21499","FR"
"2021-06-16 12:00:09","https://w-gypsum.net/hadley-nikolaus/OliverSmith-71.zip","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR|zip","w-gypsum.net","92.205.0.58","21499","FR"
"2021-05-26 15:00:05","https://corporategraphicsmw.com/dr--ned-kemmer-md/Ava.Brown-69.zip","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR|zip","corporategraphicsmw.com","160.153.251.94","21499","US"
"2021-05-25 13:12:05","https://leonandsigourney.com/phoebe-wisozk/Olivia.Brown-96.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","leonandsigourney.com","160.153.131.195","21499","US"
"2021-05-24 21:41:06","https://ja-bots.com/oleta-jacobson/EmmaWilliams-49.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","ja-bots.com","92.205.0.115","21499","FR"
"2021-05-24 20:16:05","http://vonandion.com/kenna-rolfson/SophiaBrown-46.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","vonandion.com","160.153.129.33","21499","US"
"2021-05-24 14:44:10","https://systemx2.co.uk/haylee-hauck/EmmaWilliams-0.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","systemx2.co.uk","92.205.13.202","21499","FR"
"2021-05-24 14:08:25","https://systemx2.co.uk/haylee-hauck/Oliver.Brown-21.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","systemx2.co.uk","92.205.13.202","21499","FR"
"2021-05-21 17:51:05","https://demo.totalfitlifestyle.com/malvina-feil/Olivia.Johnson-72.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","demo.totalfitlifestyle.com","160.153.131.151","21499","US"
"2021-05-21 13:50:06","https://dnjinvestmentltd.com/miss-sandra-halvorson/NoahWilliams-66.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","dnjinvestmentltd.com","160.153.128.36","21499","US"
"2021-05-19 16:08:16","https://7pluscreditrepair.com/FpK/Noah.Garcia-13.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","7pluscreditrepair.com","160.153.131.151","21499","US"
"2021-05-19 09:57:19","https://chomoka.com/WxUa/OliviaSmith-81.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","chomoka.com","92.205.11.150","21499","FR"
"2021-05-19 09:57:10","https://benrikai.com/oq1/OliverJones-43.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","benrikai.com","92.205.8.81","21499","FR"
"2021-05-19 09:57:10","https://leonandsigourney.com/fLQA/Noah.Jones-87.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","leonandsigourney.com","160.153.131.195","21499","US"
"2021-05-19 09:56:09","https://williamclaxton.com/aHCb/NoahGarcia-4.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","williamclaxton.com","92.205.8.81","21499","FR"
"2021-05-19 09:56:05","https://storyopolis.com/JBx/OliviaBrown-92.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","storyopolis.com","92.205.8.81","21499","FR"
"2021-05-18 14:56:26","https://nomemory.org/FHcWAx/Emma.Garcia-88.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","nomemory.org","92.205.8.81","21499","FR"
"2021-05-18 14:56:15","https://greyfeathertoys.com/1L2L0i/Oliver.Garcia-62.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","greyfeathertoys.com","92.205.8.81","21499","FR"
"2021-05-18 13:27:39","https://nomemory.org/FHcWAx/LiamSmith-4.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","nomemory.org","92.205.8.81","21499","FR"
"2021-05-18 13:27:30","https://greyfeathertoys.com/1L2L0i/Oliver.Williams-69.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","greyfeathertoys.com","92.205.8.81","21499","FR"
"2021-05-17 23:51:21","https://nomemory.org/FHcWAx/Ava.Jones-66.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","nomemory.org","92.205.8.81","21499","FR"
"2021-05-17 23:50:27","https://greyfeathertoys.com/1L2L0i/WilliamSmith-43.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","greyfeathertoys.com","92.205.8.81","21499","FR"
"2021-05-17 17:24:34","https://nomemory.org/FHcWAx/OliviaBrown-59.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","nomemory.org","92.205.8.81","21499","FR"
"2021-05-17 17:24:18","https://greyfeathertoys.com/1L2L0i/Oliver.Brown-78.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","greyfeathertoys.com","92.205.8.81","21499","FR"
"2021-05-17 15:58:46","https://ja-bots.com/mKEn/William.Brown-18.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","ja-bots.com","92.205.0.115","21499","FR"
"2021-05-17 15:58:35","https://ambarcetaceos.com/GWriI/AvaGarcia-91.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","ambarcetaceos.com","92.205.8.81","21499","FR"
"2021-05-17 15:58:17","https://multi-anzeiger.com/NzPzUw/LiamJohnson-79.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","multi-anzeiger.com","92.205.8.81","21499","FR"
"2021-05-11 13:48:16","https://novochem.net/LUFJGc/OliverSmith-65.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","novochem.net","92.205.9.238","21499","FR"
"2021-05-11 13:47:05","https://novochem.net/LUFJGc/OliverWilliams-69.zip","offline","malware_download","b-TDS|html|Qakbot|Qbot|SilentBuilder|TR|zip","novochem.net","92.205.9.238","21499","FR"
"2021-04-22 18:40:10","https://bcmart.com.ng/IVHEYj/catalogue-37.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","bcmart.com.ng","92.205.27.171","21499","FR"
"2021-04-22 14:41:20","https://bcmart.com.ng/IVHEYj/catalogue-13.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","bcmart.com.ng","92.205.27.171","21499","FR"
"2021-04-21 19:41:10","http://sipologistsocial.com/Ln8Dt/catalogue-95.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","sipologistsocial.com","92.204.218.192","21499","FR"
"2021-04-21 18:36:09","http://sipologistsocial.com/Ln8Dt/catalogue-64.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","sipologistsocial.com","92.204.218.192","21499","FR"
"2021-04-16 16:51:04","https://alareno.com/BcVcZ/catalogue-59.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","alareno.com","92.205.27.171","21499","FR"
"2021-04-16 14:31:05","https://alareno.com/BcVcZ/catalogue-89.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","alareno.com","92.205.27.171","21499","FR"
"2021-04-16 13:21:05","https://alareno.com/BcVcZ/catalogue-45.zip","offline","malware_download","b-TDS|Qakbot|Qbot|SilentBuilder|TR|zip","alareno.com","92.205.27.171","21499","FR"
"2021-04-07 19:40:04","https://bigup.marketing/wp-content/plugins/seo_index/hlOym4kNdcI.php","offline","malware_download","Dridex","bigup.marketing","92.205.15.94","21499","FR"
"2021-04-05 18:25:04","https://bigup.marketing/wp-content/plugins/seo_index/W5VmpfS30zSf2r.php","offline","malware_download","40112|dll|dridex","bigup.marketing","92.205.15.94","21499","FR"
"2021-03-31 12:38:15","https://dsdisplay.co.uk/b9jn0pfg.tar","offline","malware_download","Dridex","dsdisplay.co.uk","92.204.211.200","21499","FR"
"2021-03-16 10:28:33","http://mamax.tk/directory/majicmanx.exe","offline","malware_download","","mamax.tk","92.205.15.154","21499","FR"
"2021-03-16 06:31:03","http://mamax.tk/directory/dutchx.exe","offline","malware_download","AgentTesla|exe","mamax.tk","92.205.15.154","21499","FR"
"2021-03-15 20:03:03","http://mamax.tk/directory/urchx.exe","offline","malware_download","AgentTesla|exe","mamax.tk","92.205.15.154","21499","FR"
"2021-03-15 20:02:04","http://mamax.tk/directory/xman.exe","offline","malware_download","AgentTesla|exe","mamax.tk","92.205.15.154","21499","FR"
"2021-03-15 17:26:04","http://mamax.tk/directory/tinox.exe","offline","malware_download","exe|Loki","mamax.tk","92.205.15.154","21499","FR"
"2021-03-15 17:25:04","http://mamax.tk/directory/prosperx.exe","offline","malware_download","exe|Formbook","mamax.tk","92.205.15.154","21499","FR"
"2021-03-12 12:41:04","http://mamax.tk/directory/governorx.exe","offline","malware_download","AveMariaRAT|warzonerat","mamax.tk","92.205.15.154","21499","FR"
"2021-03-11 09:42:04","http://mamax.tk/directory/lurdx.exe","offline","malware_download","AgentTesla|exe","mamax.tk","92.205.15.154","21499","FR"
"2021-03-11 09:37:04","http://mamax.tk/directory/dxmanx.exe","offline","malware_download","AgentTesla|exe","mamax.tk","92.205.15.154","21499","FR"
"2021-03-11 07:45:09","http://mamax.tk/directory/ricardox.exe","offline","malware_download","exe|Formbook","mamax.tk","92.205.15.154","21499","FR"
"2021-03-08 13:03:12","https://twospoonsfleet.co.uk/p/","offline","malware_download","fedex","twospoonsfleet.co.uk","92.205.11.52","21499","FR"
"2021-02-25 09:26:05","http://dnvillas.com/ncmlzqphuqma/44252389051620400000.dat","offline","malware_download","Qakbot|Quakbot","dnvillas.com","92.204.218.252","21499","FR"
"2021-02-24 18:07:04","http://dnvillas.com/ncmlzqphuqma/44251751062615700000.dat","offline","malware_download","dll|obama06|qakbot|qbot|quakbot","dnvillas.com","92.204.218.252","21499","FR"
"2021-02-19 15:22:06","https://www.enorichie.net/site/ko.exe","offline","malware_download","exe|Formbook","www.enorichie.net","160.153.133.157","21499","US"
"2021-02-19 12:28:05","http://enorichie.net/site/ko.exe","offline","malware_download","exe|Formbook","enorichie.net","160.153.133.157","21499","US"
"2021-02-19 12:28:03","http://enorichie.net/zk/pop.exe","offline","malware_download","Formbook","enorichie.net","160.153.133.157","21499","US"
"2021-02-19 10:14:05","http://enorichie.net/wz/in.exe","offline","malware_download","exe|Formbook","enorichie.net","160.153.133.157","21499","US"
"2021-02-05 21:21:04","http://enorichie.net/new/o/items.exe","offline","malware_download","exe|formbook","enorichie.net","160.153.133.157","21499","US"
"2021-02-03 17:21:04","http://enorichie.net/wz/PO.exe","offline","malware_download","","enorichie.net","160.153.133.157","21499","US"
"2021-01-13 23:18:13","http://hedgelong.com/NJm75ajGNU.php","offline","malware_download","dll|dridex","hedgelong.com","160.153.133.160","21499","US"
"2021-01-06 03:53:04","http://alkhalilfoods.ae/wp-includes/I9Q88zTxKny6afPhEQQg383SiDnaXhLS5zriRv4vZ2fzAGshiU2Nv6WKhtZCFiFaW10jc/","offline","malware_download","doc|emotet|epoch2","alkhalilfoods.ae","92.205.11.80","21499","FR"
"2021-01-04 23:22:03","http://www.alkhalilfoods.ae/wp-includes/I9Q88zTxKny6afPhEQQg383SiDnaXhLS5zriRv4vZ2fzAGshiU2Nv6WKhtZCFiFaW10jc/","offline","malware_download","doc|emotet|epoch2|Heodo","www.alkhalilfoods.ae","92.205.11.80","21499","FR"
"2021-01-04 21:54:04","https://www.alkhalilfoods.ae/wp-includes/I9Q88zTxKny6afPhEQQg383SiDnaXhLS5zriRv4vZ2fzAGshiU2Nv6WKhtZCFiFaW10jc/","offline","malware_download","doc|emotet|epoch2|Heodo","www.alkhalilfoods.ae","92.205.11.80","21499","FR"
"2020-12-30 22:26:06","http://malerei-wiesner.de/wp-includes/2ww4/","offline","malware_download","emotet|epoch2|exe|heodo","malerei-wiesner.de","92.205.168.229","21499","DE"
"2020-12-30 16:28:04","https://charlesedwardltd.com/flipbook/OVXadXjGKQ9wXlYcpEp7G1HbnBTkseJh/","offline","malware_download","doc|emotet|epoch2|Heodo","charlesedwardltd.com","92.205.144.88","21499","FR"
"2020-12-30 07:27:04","http://mig-man.de/wp-content/3l3qFrCsJZgf4um/","offline","malware_download","doc|emotet|epoch2|Heodo","mig-man.de","92.205.49.216","21499","FR"
"2020-12-08 17:56:20","http://www.reutter-fliesen.de/duff.php","offline","malware_download","dll|dridex","www.reutter-fliesen.de","92.205.3.88","21499","FR"
"2020-12-08 17:56:07","http://www.reutter-fliesen.de/integument.php","offline","malware_download","dll|dridex","www.reutter-fliesen.de","92.205.3.88","21499","FR"
"2020-12-08 17:56:05","http://www.reutter-fliesen.de/wantonness.php","offline","malware_download","dll|dridex","www.reutter-fliesen.de","92.205.3.88","21499","FR"
"2020-12-07 14:54:04","http://www.enorichie.net/wz/ppp.jpg","offline","malware_download","AgentTesla","www.enorichie.net","160.153.133.157","21499","US"
"2020-11-23 13:28:36","https://cdprf.com/sroptun/PDRNDR75A13E289Q/en.gif","offline","malware_download","Italy|SLoad","cdprf.com","92.205.3.103","21499","FR"
"2020-11-23 13:28:35","https://cdprf.com/sroptun/TLNGCR66P09L175T/logo.jpg","offline","malware_download","Italy|SLoad","cdprf.com","92.205.3.103","21499","FR"
"2020-11-23 13:27:33","https://cdprf.com/sroptun/05725050487/maps.css","offline","malware_download","Italy|SLoad","cdprf.com","92.205.3.103","21499","FR"
"2020-11-23 13:27:33","https://cdprf.com/sroptun/DSRRFL66M10G942V/1x1.jpg","offline","malware_download","Italy|SLoad","cdprf.com","92.205.3.103","21499","FR"
"2020-11-23 13:27:05","https://cdprf.com/sroptun/02240450342/maps.jpg","offline","malware_download","Italy|SLoad","cdprf.com","92.205.3.103","21499","FR"
"2020-11-23 13:27:04","https://cdprf.com/sroptun/03983230404/en.jpg","offline","malware_download","Italy|SLoad","cdprf.com","92.205.3.103","21499","FR"
"2020-10-30 14:18:05","http://dotasarim.com/wp-admin/AYO/","offline","malware_download","emotet|epoch1|exe|Heodo","dotasarim.com","92.205.9.238","21499","FR"
"2020-10-28 06:37:04","http://dotasarim.com/wp-admin/Dyz/","offline","malware_download","emotet|epoch2|exe|Heodo","dotasarim.com","92.205.9.238","21499","FR"
"2020-10-27 22:28:06","http://brainsugar.co.zw/mas/R8fctTohpk9m4VNNdPthDW2GoQpfGHJePkD/","offline","malware_download","doc|emotet|epoch2|Heodo","brainsugar.co.zw","37.148.207.24","21499","NL"
"2020-10-27 22:28:06","http://brainsugar.co.zw/mas/R8fctTohpk9m4VNNdPthDW2GoQpfGHJePkD/","offline","malware_download","doc|emotet|epoch2|Heodo","brainsugar.co.zw","92.205.164.224","21499","FR"
"2020-10-22 10:32:14","http://mindgeniltd.co.uk/indexing/X5bSo/","offline","malware_download","emotet|epoch3|exe|Heodo","mindgeniltd.co.uk","92.204.70.38","21499","FR"
"2020-10-19 12:48:03","http://miroaccount11.tk/sugar/5Q2D7V/79300829094967797/h455uey683-077580/","offline","malware_download","doc|emotet|epoch3|Heodo","miroaccount11.tk","92.205.15.154","21499","FR"
"2020-09-28 05:52:04","https://schuelerrat.handrup.de/raw.exe","offline","malware_download","AgentTesla|exe","schuelerrat.handrup.de","92.205.20.14","21499","FR"
"2020-09-24 19:57:04","https://www.purpleline.co.uk/logs/swift/dki3v5gt3/","offline","malware_download","doc|emotet|epoch2|Heodo","www.purpleline.co.uk","92.205.28.212","21499","FR"
"2020-09-24 15:09:12","https://geotechnic.co.uk/test1/Documentation/794l7rhq/","offline","malware_download","doc|emotet|epoch2","geotechnic.co.uk","92.205.182.30","21499","FR"
"2020-09-23 19:12:42","http://teachgcc.com/cgi-bin/1s71azchsx6/wvy80906086676030ece9vdapws60s/","offline","malware_download","doc|emotet|epoch2|Heodo","teachgcc.com","92.204.214.60","21499","FR"
"2020-09-22 23:09:06","http://purpleline.co.uk/logs/paclm/k3prt6dbwd6d/","offline","malware_download","doc|emotet|epoch2","purpleline.co.uk","92.205.28.212","21499","FR"
"2020-09-22 18:21:09","https://www.geotechnic.co.uk/test1/Documentation/794l7rhq/","offline","malware_download","doc|emotet|epoch2|Heodo","www.geotechnic.co.uk","92.205.182.30","21499","FR"
"2020-09-22 17:32:33","https://www.purpleline.co.uk/logs/paclm/k3prt6dbwd6d/","offline","malware_download","doc|emotet|epoch2|Heodo","www.purpleline.co.uk","92.205.28.212","21499","FR"
"2020-09-21 01:50:03","https://geotechnic.co.uk/test1/paclm/5d28zUsFhVHcVq16QQiD/","offline","malware_download","doc|emotet|epoch1","geotechnic.co.uk","92.205.182.30","21499","FR"
"2020-09-18 09:38:01","https://www.geotechnic.co.uk/test1/paclm/5d28zUsFhVHcVq16QQiD/","offline","malware_download","doc|emotet|epoch1|Heodo","www.geotechnic.co.uk","92.205.182.30","21499","FR"
"2020-09-18 06:44:25","http://baran-business.de/wp-content/pMr/","offline","malware_download","emotet|exe|Heodo","baran-business.de","92.205.173.24","21499","DE"
"2020-09-14 13:36:13","https://inherent-solutions.net/wp-includes/sites/ni181433344168zs79rgdn4e4xc/","offline","malware_download","doc|emotet|epoch2|heodo","inherent-solutions.net","92.205.249.96","21499","DE"
"2020-08-25 23:38:34","https://www.purpleline.co.uk/logs/esp/7kkjua/uagfz1b868102090640sbmqhrfrt1as72/","offline","malware_download","doc|emotet|epoch2|Heodo","www.purpleline.co.uk","92.205.28.212","21499","FR"
"2020-08-14 06:05:58","http://purpleline.co.uk/logs/ovj9t312346run4lxvg1luky5l7g/","offline","malware_download","doc|emotet|epoch2","purpleline.co.uk","92.205.28.212","21499","FR"
"2020-08-13 22:45:09","https://www.purpleline.co.uk/logs/ovj9t312346run4lxvg1luky5l7g/","offline","malware_download","doc|emotet|epoch2|heodo","www.purpleline.co.uk","92.205.28.212","21499","FR"
"2020-08-11 12:30:04","https://www.purpleline.co.uk/logs/balance/qvst9izw/","offline","malware_download","doc|emotet|epoch2|heodo","www.purpleline.co.uk","92.205.28.212","21499","FR"
"2020-08-07 06:55:29","https://www.geotechnic.co.uk/test1/open_sector/OQBQafHi_DTHXwepePb5I_space/r1ntpkemu8ty5rcc_9s7143yw95w1uy/","offline","malware_download","doc|emotet|epoch1|heodo|QuakBot","www.geotechnic.co.uk","92.205.182.30","21499","FR"
"2020-08-06 19:34:23","http://driftaway-holidays.co.uk/wp-content/wf_gmc_c1tk6o1/","offline","malware_download","emotet|epoch2|exe|heodo","driftaway-holidays.co.uk","160.153.131.197","21499","US"
"2020-08-06 16:39:09","http://www.purpleline.co.uk/logs/DOC/w9rthezofkd/","offline","malware_download","doc|emotet|epoch2|heodo|QuakBot","www.purpleline.co.uk","92.205.28.212","21499","FR"
"2020-07-31 13:17:04","http://www.purpleline.co.uk/logs/470137372392388/ll5cxmt/gid884083030918ay8wzki9dccy73hruk/","offline","malware_download","doc|Emotet|epoch2|Heodo","www.purpleline.co.uk","92.205.28.212","21499","FR"
"2020-07-30 19:37:06","http://fenlabenergy.com/restore/LFwzpHi/","offline","malware_download","doc|emotet|epoch3|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2020-07-28 18:51:04","http://fenlabenergy.com/restore/open_section/security_area/oStllPbl_d2wbsumqJ10fo/","offline","malware_download","doc|emotet|epoch1|heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2020-07-28 16:52:04","https://www.geotechnic.co.uk/test1/report/h2bansn4s9yb/gi0359772511dkh0qt1sdbu8pp46yn/","offline","malware_download","doc|emotet|epoch2|Heodo","www.geotechnic.co.uk","92.205.182.30","21499","FR"
"2020-07-27 13:25:35","http://crazefm.com/ww12/balance/","offline","malware_download","doc|emotet|epoch2|heodo","crazefm.com","92.204.210.34","21499","FR"
"2020-06-10 20:03:21","http://www.victoriasdirtysecret.net/knoihesuw/j/fDmPKGQZu.zip","offline","malware_download","Qakbot|Quakbot|zip","www.victoriasdirtysecret.net","92.205.151.66","21499","FR"
"2020-06-10 20:00:05","http://www.victoriasdirtysecret.net/knoihesuw/OUjRjA6u7a.zip","offline","malware_download","Qakbot|Quakbot|zip","www.victoriasdirtysecret.net","92.205.151.66","21499","FR"
"2020-06-10 19:59:00","http://www.victoriasdirtysecret.net/knoihesuw/Ud/tU/I7sybOjA.zip","offline","malware_download","Qakbot|Quakbot|zip","www.victoriasdirtysecret.net","92.205.151.66","21499","FR"
"2020-06-10 19:53:19","http://schmelzleiter.de/zogedgkxs/dAijDEDs1Q.zip","offline","malware_download","Qakbot|Quakbot|zip","schmelzleiter.de","92.205.1.212","21499","FR"
"2020-06-10 19:52:37","http://www.victoriasdirtysecret.net/knoihesuw/W/3V3hGs3KF.zip","offline","malware_download","Qakbot|Quakbot|zip","www.victoriasdirtysecret.net","92.205.151.66","21499","FR"
"2020-06-10 19:47:14","http://www.victoriasdirtysecret.net/ebosleiug/3YyheSgxsZ.zip","offline","malware_download","Qakbot|Quakbot|zip","www.victoriasdirtysecret.net","92.205.151.66","21499","FR"
"2020-06-10 19:45:40","http://schmelzleiter.de/zogedgkxs/C/SxhgjIBvW.zip","offline","malware_download","Qakbot|Quakbot|zip","schmelzleiter.de","92.205.1.212","21499","FR"
"2020-06-10 19:44:41","http://www.victoriasdirtysecret.net/knoihesuw/Z/BPzc4zZWG.zip","offline","malware_download","Qakbot|Quakbot|zip","www.victoriasdirtysecret.net","92.205.151.66","21499","FR"
"2020-06-10 19:42:52","http://www.victoriasdirtysecret.net/ebosleiug/37OieGDa8B.zip","offline","malware_download","Qakbot|Quakbot|zip","www.victoriasdirtysecret.net","92.205.151.66","21499","FR"
"2020-06-10 19:42:15","http://www.victoriasdirtysecret.net/ebosleiug/z/davPpKY69.zip","offline","malware_download","Qakbot|Quakbot|zip","www.victoriasdirtysecret.net","92.205.151.66","21499","FR"
"2020-06-10 19:32:23","http://schmelzleiter.de/rpqxfjtcih/2/63VuMdMNo.zip","offline","malware_download","Qakbot|Quakbot|zip","schmelzleiter.de","92.205.1.212","21499","FR"
"2020-06-10 19:13:55","http://schmelzleiter.de/rpqxfjtcih/UlPKZrGuhh.zip","offline","malware_download","Qakbot|Quakbot|zip","schmelzleiter.de","92.205.1.212","21499","FR"
"2020-06-10 13:43:32","http://schmelzleiter.de/rpqxfjtcih/BezdPnA9UE.zip","offline","malware_download","Qakbot|Quakbot|zip","schmelzleiter.de","92.205.1.212","21499","FR"
"2020-06-10 12:20:26","http://schmelzleiter.de/rpqxfjtcih/X/pA6ENudhA.zip","offline","malware_download","Qakbot|Quakbot|zip","schmelzleiter.de","92.205.1.212","21499","FR"
"2020-06-10 12:02:46","http://schmelzleiter.de/rpqxfjtcih/0/0LSn29QrV.zip","offline","malware_download","Qakbot|Quakbot|zip","schmelzleiter.de","92.205.1.212","21499","FR"
"2020-04-29 09:03:13","https://nmal.info/ntsphsl/9082650/Buy-Sell_Agreement_9082650_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","nmal.info","92.205.4.105","21499","FR"
"2020-04-29 08:14:45","https://nmal.info/ntsphsl/42806083/Buy-Sell_Agreement_42806083_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","nmal.info","92.205.4.105","21499","FR"
"2020-04-29 07:22:33","https://nmal.info/ntsphsl/0952594/Buy-Sell_Agreement_0952594_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","nmal.info","92.205.4.105","21499","FR"
"2020-04-29 06:38:47","https://nmal.info/ntsphsl/1838107/Buy-Sell_Agreement_1838107_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","nmal.info","92.205.4.105","21499","FR"
"2020-04-29 06:37:21","https://nmal.info/ntsphsl/Buy-Sell_Agreement_0573515_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","nmal.info","92.205.4.105","21499","FR"
"2020-04-28 19:02:52","https://nmal.info/ntsphsl/84675/Buy-Sell_Agreement_84675_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","nmal.info","92.205.4.105","21499","FR"
"2020-04-28 19:00:38","https://nmal.info/ntsphsl/8805/Buy-Sell_Agreement_8805_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","nmal.info","92.205.4.105","21499","FR"
"2020-04-28 17:34:20","https://nmal.info/ntsphsl/Buy-Sell_Agreement_726528_04272020.zip","offline","malware_download","ESP|geofenced|Qakbot|QuakBot|zip","nmal.info","92.205.4.105","21499","FR"
"2020-04-21 13:52:03","http://taxifeusisberg.ch/wp-includes/ID3/class.api.php","offline","malware_download","","taxifeusisberg.ch","92.205.161.79","21499","FR"
"2020-03-14 23:02:02","http://160.153.249.174/kaguya","offline","malware_download","shellscript","160.153.249.174","160.153.249.174","21499","US"
"2020-03-14 23:01:08","http://160.153.249.174/bins/enigma.mpsl","offline","malware_download","elf|mirai","160.153.249.174","160.153.249.174","21499","US"
"2020-03-14 23:01:06","http://160.153.249.174/bins/enigma.sh4","offline","malware_download","elf|mirai","160.153.249.174","160.153.249.174","21499","US"
"2020-03-14 23:01:04","http://160.153.249.174/bins/enigma.spc","offline","malware_download","elf|mirai","160.153.249.174","160.153.249.174","21499","US"
"2020-03-14 23:01:02","http://160.153.249.174/bins/enigma.m68k","offline","malware_download","elf","160.153.249.174","160.153.249.174","21499","US"
"2020-02-04 00:43:03","http://az.chemprob.org/wp-content/parts_service/","offline","malware_download","doc|emotet|epoch2|heodo","az.chemprob.org","92.205.2.15","21499","FR"
"2020-01-30 18:29:05","http://az.chemprob.org/wp-content/7krutk-q6k-176727/","offline","malware_download","doc|emotet|epoch3|heodo","az.chemprob.org","92.205.2.15","21499","FR"
"2020-01-29 15:51:08","https://bugunistanbul.com/wp-admin/kk47102-74471-9wwjj0svi2sy1jog7/","offline","malware_download","doc|emotet|epoch2|heodo","bugunistanbul.com","92.205.150.118","21499","FR"
"2020-01-29 15:13:35","http://kyiv.samopomich.ua/sadovyi2019.win/closed-6475828971-BbsGod2/guarded-xttkg-7ci/096298-uCbu9si0BUdqnN/","offline","malware_download","doc|emotet|epoch1","kyiv.samopomich.ua","46.252.201.51","21499","NL"
"2020-01-22 22:02:16","http://az.chemprob.org/wp-content/report/0b0kauitc/vc-3542-24453-8qhlu-hfc7/","offline","malware_download","doc|emotet|epoch2|heodo","az.chemprob.org","92.205.2.15","21499","FR"
"2019-12-19 08:33:06","https://www.streicher-fahrradgarage.de/order_form_asset/browse/","offline","malware_download","doc|emotet|epoch2|heodo","www.streicher-fahrradgarage.de","92.205.48.173","21499","FR"
"2019-12-17 23:03:03","http://ehbeat.com/wp-content/docs/","offline","malware_download","doc|emotet|epoch2|heodo","ehbeat.com","92.205.146.249","21499","FR"
"2019-12-17 14:44:07","http://sherwoodparkhall.com/wp-includes/multifunctional-139215322-iHMp7MUHwPOE/open-space/078818934-SUTZNcBaAFk/","offline","malware_download","doc|emotet|epoch1|Heodo","sherwoodparkhall.com","92.205.92.60","21499","FR"
"2019-12-17 14:20:03","http://cherrett.net/wp-admin/yegf-932ic-954073/","offline","malware_download","doc|emotet|epoch3|heodo","cherrett.net","92.205.4.72","21499","FR"
"2019-12-13 01:49:03","http://ehbeat.com/wp-content/ine-bavcu4-5364/","offline","malware_download","doc|emotet|epoch3|heodo","ehbeat.com","92.205.146.249","21499","FR"
"2019-12-06 11:40:25","http://exxtrabrands.com/wp-content/themes/twentyfifteen/iio58.php?r=bD1odHRwOi8vc2hhbm5vbmJhbmtzLmNvbS9zaXRlL0RlbGl2ZXJ5X0luZm9ybWF0aW9uXzkzNDAuZG9j","offline","malware_download","doc|ostap|redirect|trickbot","exxtrabrands.com","92.205.171.155","21499","DE"
"2019-11-01 00:23:09","http://staging.securenetworks.pk/mn2shwl/UGw/","offline","malware_download","emotet|epoch2|exe|Heodo","staging.securenetworks.pk","92.205.251.106","21499","DE"
"2019-10-24 18:06:20","http://superzeug.com/wp-content/hd/","offline","malware_download","emotet|epoch2|exe|heodo","superzeug.com","92.205.9.206","21499","FR"
"2019-10-24 07:19:06","http://apartberlin.com/wp-snapshots/f77837/","offline","malware_download","emotet|epoch1|exe|Heodo","apartberlin.com","92.205.249.255","21499","DE"
"2019-10-24 04:34:17","https://apartberlin.com/wp-snapshots/f77837/","offline","malware_download","emotet|epoch1|exe|Heodo","apartberlin.com","92.205.249.255","21499","DE"
"2019-10-17 08:53:07","http://websuntangled.co.uk/wp-content/themes/twentyfifteen/js/2c.jpg","offline","malware_download","exe|GandCrab","websuntangled.co.uk","92.205.2.170","21499","FR"
"2019-10-17 05:06:34","http://websuntangled.co.uk/wp-content/themes/twentyfifteen/js/xl/","offline","malware_download","","websuntangled.co.uk","92.205.2.170","21499","FR"
"2019-10-15 04:56:17","http://greenseeblickhotel.com/wp-admin/ZuvFbm/","offline","malware_download","emotet|epoch3|exe|Heodo","greenseeblickhotel.com","92.204.222.108","21499","FR"
"2019-10-10 19:09:10","http://coscorubber.com/lzhfb/3lzijk275/","offline","malware_download","emotet|epoch1|exe|Heodo","coscorubber.com","92.205.98.20","21499","FR"
"2019-10-09 22:59:43","http://www.coscorubber.com/lzhfb/3lzijk275/","offline","malware_download","emotet|epoch1|exe|Heodo","www.coscorubber.com","92.205.98.20","21499","FR"
"2019-09-23 19:16:09","http://gracewellscare.co.uk/wp-content/PyBpOTsGt/","offline","malware_download","emotet|epoch2|exe|heodo","gracewellscare.co.uk","92.204.68.13","21499","FR"
"2019-09-20 12:52:43","https://uglamour.com/wp-content/uploads/2019/09/pdf_283105.zip","offline","malware_download","BGR|Dreambot|js|zip","uglamour.com","92.205.9.195","21499","FR"
"2019-09-20 12:15:53","http://odwebdesign.co.uk/wp-content/themes/Studeo/js/2c.jpg","offline","malware_download","ransomware|shade|Troldesh","odwebdesign.co.uk","92.205.9.251","21499","FR"
"2019-09-17 21:52:26","http://robertwatton.co.uk/wp-content/LLC/LIdkOlDRFsgnkiiLDfH/","offline","malware_download","doc|emotet|epoch2|Heodo","robertwatton.co.uk","92.204.219.2","21499","FR"
"2019-05-24 16:48:10","http://henrylandgrebe.com/wp-content/a953843/","offline","malware_download","emotet|epoch1","henrylandgrebe.com","92.205.94.213","21499","FR"
"2019-05-24 13:47:04","https://henrylandgrebe.com/wp-content/a953843/","offline","malware_download","emotet|epoch1|exe|Heodo","henrylandgrebe.com","92.205.94.213","21499","FR"
"2019-05-24 08:34:52","http://tool-shop-optic.de/templates/eximium/css_compiled/ural_zakaz.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","tool-shop-optic.de","92.205.171.75","21499","DE"
"2019-05-23 16:11:02","http://synergy.co.bw/backup/Document/YJDSluGYYcmMeTAbMvFzlDkfZq/","offline","malware_download","emotet|epoch2","synergy.co.bw","92.205.169.115","21499","DE"
"2019-05-23 15:31:03","https://synergy.co.bw/backup/Document/YJDSluGYYcmMeTAbMvFzlDkfZq/","offline","malware_download","doc|Emotet|epoch2|Heodo","synergy.co.bw","92.205.169.115","21499","DE"
"2019-05-21 21:14:13","https://midnighthare.co.uk/joomla/qCwEdMNIU/","offline","malware_download","emotet|epoch2|exe|Heodo","midnighthare.co.uk","92.205.110.237","21499","FR"
"2019-05-17 21:29:04","http://broadlawns.co.uk/wpThumbnails/lm/WHYzQPUZnZ/","offline","malware_download","doc|Emotet|epoch2|Heodo","broadlawns.co.uk","92.204.211.200","21499","FR"
"2019-05-08 23:36:02","http://fenlabenergy.com/restore/Scan/nbu941yjub40f40dazdrrrc2bg22x9_nr0u48ys-8334533438/","offline","malware_download","doc|emotet|epoch2","fenlabenergy.com","92.205.9.235","21499","FR"
"2019-04-29 18:29:03","http://robertwatton.co.uk/uo_LL/Document/kBXHhLVO6d/","offline","malware_download","doc|emotet|epoch2|Heodo","robertwatton.co.uk","92.204.219.2","21499","FR"
"2019-04-26 13:49:23","http://robertwatton.co.uk/uo_LL/FILE/ZL6bxPKt1pi/","offline","malware_download","Emotet|Heodo","robertwatton.co.uk","92.204.219.2","21499","FR"
"2019-04-23 20:58:13","http://robertwatton.co.uk/uo_LL/","offline","malware_download","emotet|epoch2|exe|Heodo","robertwatton.co.uk","92.204.219.2","21499","FR"
"2019-04-23 04:46:03","http://chouhan.net/FILE/Document/dXCCQfhbtCR/","offline","malware_download","Emotet|Heodo","chouhan.net","92.205.7.125","21499","FR"
"2019-04-17 22:28:03","http://chouhan.net/FILE/qQDA1DSH/","offline","malware_download","doc|emotet|epoch2","chouhan.net","92.205.7.125","21499","FR"
"2019-04-16 19:49:03","https://www.akotherm.de/hkxk/gNgQg-qYiDmfcklH66QL_ezLIHNLSr-W4/","offline","malware_download","Emotet|Heodo","www.akotherm.de","92.205.107.228","21499","FR"
"2019-04-16 13:08:11","https://profithack.com/wp-content/themes/sketch/SkhHEA/","offline","malware_download","emotet|epoch1|exe|Heodo","profithack.com","92.205.89.184","21499","FR"
"2019-04-12 23:50:04","https://profithack.com/wp-content/themes/sketch/eHIz-g9NqXS33UThWfo_PrSDMyQZs-E30/","offline","malware_download","doc|emotet|epoch1|Heodo","profithack.com","92.205.89.184","21499","FR"
"2019-04-12 00:38:03","http://sk-comtel.com/templates/theme261/css/msg.jpg","online","malware_download","exe|Troldesh","sk-comtel.com","92.205.51.218","21499","FR"
"2019-04-11 18:22:16","http://sk-comtel.com/templates/theme261/html/com_contact/category/hp.gf","online","malware_download","exe|ransomware|shade|troldesh","sk-comtel.com","92.205.51.218","21499","FR"
"2019-04-11 12:28:06","http://danielahantuchova.com/wp-admin/fz86w7o-j25amn-zcbsb/","offline","malware_download","Emotet|Heodo","danielahantuchova.com","92.205.55.212","21499","FR"
"2019-04-10 10:00:24","https://profithack.com/wp-content/service/Frage/De_de/042019/","offline","malware_download","Emotet|Heodo","profithack.com","92.205.89.184","21499","FR"
"2019-04-09 06:24:07","http://steenway.com/images/stnro-48wja47-kijghgb/","offline","malware_download","","steenway.com","92.205.9.206","21499","FR"
"2019-04-09 00:01:04","http://rtfcontracts.co.uk/nSLS-FyzPLVJNNcJl9fP_bqxGHarZM-aZS/xoYG-6BtpwattSv2o5V_ucADqFeN-Yug/","offline","malware_download","doc|emotet|epoch1|Heodo","rtfcontracts.co.uk","92.205.13.44","21499","FR"
"2019-04-08 18:05:42","http://ilrt-gmbh.com/wp-admin/EJJPa-MMAI2gEK9LboccG_pfCaeBRb-kT/","offline","malware_download","Emotet|Heodo","ilrt-gmbh.com","92.205.175.254","21499","DE"
"2019-04-05 20:09:43","http://rtfcontracts.co.uk/nSLS-FyzPLVJNNcJl9fP_bqxGHarZM-aZS/","offline","malware_download","emotet|epoch1|Heodo","rtfcontracts.co.uk","92.205.13.44","21499","FR"
"2019-04-05 18:07:03","http://steenway.com/images/QOUx-o95LmFpjpbo7GL_kOCmDLnh-iGM/","offline","malware_download","Emotet|Heodo","steenway.com","92.205.9.206","21499","FR"
"2019-04-03 08:10:06","http://goldshoreoutsourcing.com/zi1lwr3/verif.accs.send.com/","offline","malware_download","Emotet|Heodo","goldshoreoutsourcing.com","92.204.210.227","21499","FR"
"2019-04-01 20:58:17","http://blueberry.london/wp-includes/verif.accounts.docs.com/","offline","malware_download","emotet|epoch1|Heodo","blueberry.london","92.205.146.245","21499","FR"
"2019-03-28 05:34:00","http://robertwatton.co.uk/eEfvB-1efRT_I-fG/","offline","malware_download","Emotet|Heodo","robertwatton.co.uk","92.204.219.2","21499","FR"
"2019-03-26 14:23:07","http://sabinevogt.de/wp-content/themes/silvia/languages/hp.gf","offline","malware_download","exe|Troldesh","sabinevogt.de","92.205.145.179","21499","FR"
"2019-03-23 00:56:08","http://superkarting-uk.com/Pictures/trust.myacc.resourses.com/","offline","malware_download","doc|emotet|epoch1|Heodo","superkarting-uk.com","92.204.222.54","21499","FR"
"2019-03-20 09:34:01","http://benedictheal.com/sd2/sendincencrypt/legal/ios/En_en/032019/","offline","malware_download","doc|emotet|heodo","benedictheal.com","92.205.168.170","21499","DE"
"2019-03-18 23:09:05","http://superkarting-uk.com/Pictures/0p2xi-mwbcz-vvdckezk/","offline","malware_download","doc|emotet|epoch2","superkarting-uk.com","92.204.222.54","21499","FR"
"2019-03-15 22:59:07","http://quest42.com/pictures/u9yu-y1ypn-iagnfk/","offline","malware_download","Emotet|Heodo","quest42.com","92.204.222.109","21499","FR"
"2019-03-13 20:15:29","http://raeburnresidential.co.uk/cgi-bin/verif.accs.resourses.net/","offline","malware_download","emotet|epoch1|Heodo","raeburnresidential.co.uk","92.205.10.122","21499","FR"
"2019-03-13 13:51:16","http://trca.es/wp-content/themes/responsive/template-parts/tehnikol.zip","offline","malware_download","js|ransomware|RUS|Troldesh|zip","trca.es","160.153.129.33","21499","US"
"2019-03-13 13:51:15","http://trca.es/wp-content/themes/responsive/template-parts/stroi-industr.zip","offline","malware_download","js|ransomware|RUS|Troldesh|zip","trca.es","160.153.129.33","21499","US"
"2019-03-13 06:57:04","http://hostbox.ch/8hdu-cd7z4d-wwwh/","offline","malware_download","Emotet|Heodo","hostbox.ch","92.205.167.242","21499","FR"
"2019-03-12 19:39:23","http://grafit.co.rs/cgi-bin/2bshi-3eutih-rvwqf/","offline","malware_download","Emotet|Heodo","grafit.co.rs","92.205.108.122","21499","FR"
"2019-03-12 11:39:04","http://merrielion.co.uk/wp-content/themes/ML96/languages/AvtoProNissan.zip","offline","malware_download","zip","merrielion.co.uk","92.205.3.103","21499","FR"
"2019-03-12 11:26:16","http://merrielion.co.uk/wp-content/themes/ML96/languages/GPKpik-info.zip","offline","malware_download","zip","merrielion.co.uk","92.205.3.103","21499","FR"
"2019-03-12 10:56:20","http://merrielion.co.uk/wp-content/themes/ML96/languages/GKPIK.zip","offline","malware_download","zip","merrielion.co.uk","92.205.3.103","21499","FR"
"2019-03-12 01:35:57","http://merrielion.co.uk/wp-content/themes/ML96/languages/kia.zip","offline","malware_download","js|RUS|Troldesh|zip","merrielion.co.uk","92.205.3.103","21499","FR"
"2019-03-11 20:24:02","http://ckd.org.uk/board/pjuf8-xdj9n-mfik.view/","offline","malware_download","doc|emotet|epoch1|Heodo","ckd.org.uk","92.205.169.115","21499","DE"
"2019-03-07 17:50:15","http://superkarting-uk.com/Pictures/6uvr-i25a3-ucqh.view/","offline","malware_download","Emotet|Heodo","superkarting-uk.com","92.204.222.54","21499","FR"
"2019-03-05 15:34:02","http://martynchild.co.uk/wp/7x3s-riww0c-fjtn.view/","offline","malware_download","doc|emotet|epoch2|Heodo","martynchild.co.uk","92.205.175.247","21499","DE"
"2019-03-05 05:27:43","http://phormation.de/wp/lywt-45mjm-gqib.view/","offline","malware_download","Emotet|Heodo","phormation.de","92.205.171.97","21499","DE"
"2019-02-26 09:21:57","https://swanleybridgemarina.com/wp-content/themes/Avada/bbpress/pik.zip","offline","malware_download","RUS|Troldesh|zipped-JS","swanleybridgemarina.com","92.205.232.113","21499","DE"
"2019-02-26 08:02:08","http://hayattfs.com/wp-admin/css/w6vjRGuuGZW_XRXzogZ/","offline","malware_download","emotet|epoch2|exe|Heodo","hayattfs.com","92.205.185.116","21499","FR"
"2019-02-25 18:50:03","http://beratergruppe-nachfolge.de/US/Invoice/51931455/QKmim-Tdgd_rJ-Njy/","offline","malware_download","Heodo","beratergruppe-nachfolge.de","92.205.172.201","21499","DE"
"2019-02-18 09:40:06","http://napier.eu/De/WHRKVNO6175983/de/DETAILS/","offline","malware_download","Emotet|Heodo|Tinba","napier.eu","92.205.6.205","21499","FR"
"2019-02-15 10:40:03","http://napier.eu/de_DE/AUMYNHSSLP8162109/Dokumente/DOC/","offline","malware_download","Emotet|Heodo","napier.eu","92.205.6.205","21499","FR"
"2019-02-14 10:08:05","http://www.hospizkreis-senden.de/De/RWYRTY5984480/Rechnungs/DETAILS/","offline","malware_download","Emotet|Heodo","www.hospizkreis-senden.de","92.205.175.62","21499","DE"
"2019-02-13 10:19:02","http://napier.eu/corporation/Inv/toth-7zfm_JUUNfxq-5o3/","offline","malware_download","Emotet|Heodo","napier.eu","92.205.6.205","21499","FR"
"2019-02-11 12:51:45","http://napier.eu/UAMDDBYBAV4874596/Rechnung/RECHNUNG/","offline","malware_download","doc|emotet|epoch2|Heodo","napier.eu","92.205.6.205","21499","FR"
"2019-02-11 09:59:07","http://napier.eu/UAMDDBYBAV4874596/Rechnung/RECHNUNG//","offline","malware_download","Emotet|Heodo","napier.eu","92.205.6.205","21499","FR"
"2019-02-09 00:21:09","http://napier.eu/En/download/dGIje-ljoJR_hEZcwCXQ-h41/","offline","malware_download","emotet|epoch1|Heodo","napier.eu","92.205.6.205","21499","FR"
"2019-02-06 23:52:33","http://napier.eu/scan/Invoice_Notice/gnsiv-uyX_QsQ-Vq5/","offline","malware_download","doc|emotet|epoch2|Heodo","napier.eu","92.205.6.205","21499","FR"
"2019-02-06 22:39:04","http://hostbox.ch/AT_T_Online/sNnk2XX_fx8H9Jai7_yoDtHU/","offline","malware_download","doc|emotet|epoch1|Heodo","hostbox.ch","92.205.167.242","21499","FR"
"2019-02-02 00:38:13","http://edvberatungscholz.de/KnCH_LQXVh-eFysQI/tF/Payment_details/02_19/","offline","malware_download","emotet|epoch1|Heodo","edvberatungscholz.de","92.205.172.8","21499","DE"
"2019-01-29 19:00:28","http://prodogmagazine.com/pRQpP-F8_FbIdVEGx-Ls/invoices/06528/14384/En_us/9-Past-Due-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","prodogmagazine.com","92.205.93.159","21499","FR"
"2019-01-29 12:09:32","https://sportverein-kleinwalsertal.at/templates/shaper_helix3/css/presets/ssj.jpg","offline","malware_download","exe|Troldesh","sportverein-kleinwalsertal.at","92.205.210.142","21499","FR"
"2019-01-24 15:56:10","http://ghillsus.com/FXJp-EI_xht-xa/EXT/PaymentStatus/US_us/Paid-Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","ghillsus.com","92.204.70.21","21499","FR"
"2019-01-23 17:15:08","http://sportverein-kleinwalsertal.at/templates/shaper_helix3/fonts/ssj.jpg","offline","malware_download","exe|Ransomware.Shade|Ransomware.Troldesh|Troldesh","sportverein-kleinwalsertal.at","92.205.210.142","21499","FR"
"2018-12-30 16:00:03","http://headru.sh/see433.exe","offline","malware_download","exe|QuasarRAT","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:59:14","http://headru.sh/firee.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:59:07","http://headru.sh/crypted.exe","offline","malware_download","CoinMiner|exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:57:14","http://headru.sh/31.exe","offline","malware_download","exe|QuasarRAT","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:57:12","http://headru.sh/khalil.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:41:01","http://headru.sh/cv.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:40:02","http://headru.sh/22121.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:40:02","http://headru.sh/ja3.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:38:04","http://headru.sh/d2.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:38:03","http://headru.sh/see43.exe","offline","malware_download","exe|QuasarRAT","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:35:04","http://headru.sh/try.exe","offline","malware_download","exe|njrat","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:34:03","http://headru.sh/mi.exe","offline","malware_download","CoinMiner|exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:34:02","http://headru.sh/precog.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:25:03","http://headru.sh/soka.exe","offline","malware_download","exe|njrat","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:23:04","http://headru.sh/c441.exe","offline","malware_download","exe|ISRStealer","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:23:03","http://headru.sh/sa455.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-30 15:22:11","http://headru.sh/xx1.exe","offline","malware_download","exe","headru.sh","160.153.131.197","21499","US"
"2018-12-20 20:42:13","http://www.sv-bieberbach.de/files/ZePFY-Is6p_Hf-20/Ref/0816703485EN_en/Past-Due-Invoices/","offline","malware_download","doc|emotet|heodo","www.sv-bieberbach.de","92.205.174.125","21499","DE"
"2018-12-19 00:46:39","http://www.gemicioto.com/exhVR-wXK5dG3TJsWrKW_VsawSlyBo-pM/","offline","malware_download","doc|emotet|epoch2|Heodo","www.gemicioto.com","160.153.131.201","21499","US"
"2018-12-13 21:26:03","http://chelmet.com/XVIr-SuyQ9e2oVy6bSP_WdGXiOeKW-OCF/BIZ/Business/","offline","malware_download","doc|Heodo","chelmet.com","92.204.222.54","21499","FR"
"2018-12-13 20:24:45","http://ckd.org.uk/En_us/ACH/122018/","offline","malware_download","emotet|epoch1","ckd.org.uk","92.205.169.115","21499","DE"
"2018-12-13 15:11:32","http://daiichi.com.tr/Inv/500543152/Dec2018/US/Past-Due-Invoices/","offline","malware_download","emotet|Heodo","daiichi.com.tr","92.205.134.34","21499","FR"
"2018-12-03 08:06:02","http://fenlabenergy.com/mO/","offline","malware_download","exe|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-12-03 07:43:11","http://fenlabenergy.com/mO","offline","malware_download","exe|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-12-01 01:28:02","http://fenlabenergy.com/492182SA/FILE/US_us/Document-needed/","offline","malware_download","doc|emotet|epoch2|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-30 18:49:13","http://fenlabenergy.com/492182SA/FILE/US_us/Document-needed","offline","malware_download","emotet|epoch2|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-28 17:05:05","http://fenlabenergy.com/u","offline","malware_download","emotet|epoch2|exe|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-23 23:08:03","http://ministryoftransport.gov.gi/EN_US/BF_Coupons/","offline","malware_download","doc|emotet|epoch1|Heodo","ministryoftransport.gov.gi","92.205.186.27","21499","FR"
"2018-11-23 22:56:02","http://ministryoftransport.gov.gi/EN_US/BF_Coupons","offline","malware_download","doc|emotet|Heodo","ministryoftransport.gov.gi","92.205.186.27","21499","FR"
"2018-11-22 06:09:02","http://fenlabenergy.com/lEA2g/","offline","malware_download","Emotet|exe|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-21 20:42:06","http://ministryoftransport.gov.gi/EN_US/Documents/112018/","offline","malware_download","Heodo","ministryoftransport.gov.gi","92.205.186.27","21499","FR"
"2018-11-21 14:53:02","http://fenlabenergy.com/lEA2g","offline","malware_download","Emotet|exe|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-21 07:56:10","http://ministryoftransport.gov.gi/EN_US/Documents/112018","offline","malware_download","doc|emotet|heodo","ministryoftransport.gov.gi","92.205.186.27","21499","FR"
"2018-11-21 06:59:01","http://fenlabenergy.com/newsletter/US/Outstanding-Invoices/","offline","malware_download","doc|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-21 06:18:05","http://fenlabenergy.com/newsletter/US/Outstanding-Invoices","offline","malware_download","emotet|epoch2|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-19 19:59:10","http://technowood.co.ke/6Ge0AkJv1Q/","offline","malware_download","emotet|heodo","technowood.co.ke","92.205.1.58","21499","FR"
"2018-11-19 19:58:16","http://simonjessop.com/files/US_us/Invoice/","offline","malware_download","emotet|heodo","simonjessop.com","92.205.1.246","21499","FR"
"2018-11-19 19:47:48","http://fenlabenergy.com/907330VBNFATBH/oamo/Smallbusiness/","offline","malware_download","emotet|heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-19 19:47:48","http://fenlabenergy.com/FILE/En_us/Outstanding-Invoices/","offline","malware_download","emotet|heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-19 19:42:06","http://bsc.euc.ac.cy/INFO/QIY443491EE/Aug-06-2018-1519495/JVG-RJB-Aug-06-2018/","offline","malware_download","emotet|heodo","bsc.euc.ac.cy","160.153.251.217","21499","US"
"2018-11-14 18:25:25","http://fenlabenergy.com/cBhoO","offline","malware_download","doc|emotet|epoch2|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-14 18:25:25","http://fenlabenergy.com/cBhoO/","offline","malware_download","doc|emotet|epoch2|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-09 20:20:08","http://fenlabenergy.com/En_us/Transaction_details/112018/","offline","malware_download","doc|emotet|epoch1|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-09 20:20:07","http://fenlabenergy.com/En_us/Transaction_details/112018","offline","malware_download","doc|emotet|epoch1|Heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-11-07 11:52:09","http://technowood.co.ke/6Ge0AkJv1Q","offline","malware_download","emotet|exe|Heodo","technowood.co.ke","92.205.1.58","21499","FR"
"2018-11-05 19:37:10","http://fenlabenergy.com/FILE/En_us/Outstanding-Invoices","offline","malware_download","doc|emotet|heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-10-10 02:10:07","http://ecuadortrust.org.uk/images/two/was001.exe","offline","malware_download","exe|Formbook","ecuadortrust.org.uk","92.205.151.187","21499","FR"
"2018-10-10 02:10:06","http://ecuadortrust.org.uk/images/two/mafia001.exe","offline","malware_download","exe|Loki","ecuadortrust.org.uk","92.205.151.187","21499","FR"
"2018-10-10 02:10:05","http://ecuadortrust.org.uk/images/two/dor001.exe","offline","malware_download","exe|Loki","ecuadortrust.org.uk","92.205.151.187","21499","FR"
"2018-10-10 02:10:04","http://ecuadortrust.org.uk/images/two/mine001.exe","offline","malware_download","exe|Loki","ecuadortrust.org.uk","92.205.151.187","21499","FR"
"2018-10-10 01:39:03","http://ecuadortrust.org.uk/images/two/jon001.exe","offline","malware_download","exe|NetWire","ecuadortrust.org.uk","92.205.151.187","21499","FR"
"2018-10-10 01:38:03","http://ecuadortrust.org.uk/images/two/saguy.exe","offline","malware_download","exe","ecuadortrust.org.uk","92.205.151.187","21499","FR"
"2018-10-08 06:28:25","http://fenlabenergy.com/907330VBNFATBH/oamo/Smallbusiness","offline","malware_download","doc|emotet|heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-10-06 07:28:05","http://fenlabenergy.com/692FCPBLYO/oamo/Personal","offline","malware_download","doc|emotet|heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-10-01 12:54:45","http://fenlabenergy.com/EN_US/Transaction_details/10_18","offline","malware_download","doc|emotet|heodo","fenlabenergy.com","92.205.9.235","21499","FR"
"2018-09-25 05:03:12","http://hautarzt-pohl.de/81389X/com/Personal","offline","malware_download","doc|emotet|Heodo","hautarzt-pohl.de","92.205.174.46","21499","DE"
"2018-09-12 09:13:01","http://sagarpaints.com/AMtppDHuZ","offline","malware_download","emotet|exe|Heodo","sagarpaints.com","92.205.172.254","21499","DE"
"2018-09-07 02:53:13","http://adu.com.co/scan/US_us/Invoice-23778437-September/","offline","malware_download","doc|emotet|epoch2|Heodo","adu.com.co","92.204.221.9","21499","FR"
"2018-09-07 02:53:11","http://adu.com.co/scan/US_us/Invoice-23778437-September","offline","malware_download","doc|emotet|epoch2|Heodo","adu.com.co","92.204.221.9","21499","FR"
"2018-09-06 03:11:13","http://adu.com.co/xerox/US_us/Scan/","offline","malware_download","doc|emotet|epoch2|Heodo","adu.com.co","92.204.221.9","21499","FR"
"2018-09-05 11:00:33","http://adu.com.co/xerox/US_us/Scan","offline","malware_download","doc|emotet|Heodo","adu.com.co","92.204.221.9","21499","FR"
"2018-09-04 19:12:39","http://hometecuk.emirhasham.com/payment-09-2018","offline","malware_download","doc|emotet|Heodo","hometecuk.emirhasham.com","92.205.172.111","21499","DE"
"2018-09-01 12:04:29","http://www.samivalimited.com/wp-includes/86-344528-3996218196-Nr.zip","offline","malware_download","DEU|Nymaim","www.samivalimited.com","160.153.129.203","21499","US"
"2018-08-30 11:17:11","http://simonjessop.com/files/US_us/Invoice","offline","malware_download","doc|emotet|Heodo","simonjessop.com","92.205.1.246","21499","FR"
"2018-08-13 09:32:04","http://wevino.gq/tesla/server.exe","offline","malware_download","exe","wevino.gq","92.205.15.154","21499","FR"
"2018-08-07 06:06:13","http://bsc.euc.ac.cy/INFO/QIY443491EE/Aug-06-2018-1519495/JVG-RJB-Aug-06-2018","offline","malware_download","doc|emotet|Heodo","bsc.euc.ac.cy","160.153.251.217","21499","US"
"2018-08-03 05:13:28","http://bsc.euc.ac.cy/doc/EN_en/Latest-invoice-with-a-new-address-to-update","offline","malware_download","doc|emotet|Heodo","bsc.euc.ac.cy","160.153.251.217","21499","US"
"2018-08-03 04:29:10","http://radbert.de/sites/US/New-payment-details-and-address-update/","offline","malware_download","doc|emotet","radbert.de","92.205.11.29","21499","FR"
"2018-08-01 21:03:03","http://bsc.euc.ac.cy/doc/EN_en/Latest-invoice-with-a-new-address-to-update/","offline","malware_download","doc|emotet|epoch2|Heodo","bsc.euc.ac.cy","160.153.251.217","21499","US"
"2018-07-28 05:48:10","http://bsc.euc.ac.cy/pdf/En/Past-Due-Invoices/ACCOUNT490246/","offline","malware_download","doc|emotet|heodo","bsc.euc.ac.cy","160.153.251.217","21499","US"
"2018-07-27 16:31:05","http://bsc.euc.ac.cy/pdf/En/Past-Due-Invoices/ACCOUNT490246","offline","malware_download","doc|emotet|heodo","bsc.euc.ac.cy","160.153.251.217","21499","US"
"2018-07-26 03:51:03","http://aardvark-world.org.uk/DHL/US/","offline","malware_download","doc|emotet|epoch2|Heodo","aardvark-world.org.uk","92.205.161.208","21499","FR"
"2018-07-18 23:47:42","http://integrafika.co.uk/default/EN_en/Payment-and-address/199839/","offline","malware_download","doc|emotet|epoch2","integrafika.co.uk","92.205.0.16","21499","FR"
"2018-07-17 23:14:26","http://tolerant-technology.co.uk/Facture-17-07/","offline","malware_download","doc|emotet|epoch1|Heodo","tolerant-technology.co.uk","92.204.219.119","21499","FR"
"2018-07-12 09:04:00","http://www.strengthandvigour.com/default/En/Payment-and-address/Invoice-679673/","offline","malware_download","doc|emotet|heodo","www.strengthandvigour.com","92.205.11.200","21499","FR"
"2018-07-11 04:12:32","http://www.breathingtogether.co.uk/Jul2018/US/ACCOUNT/Account-56321/","offline","malware_download","doc|emotet|epoch2|Heodo","www.breathingtogether.co.uk","92.204.218.227","21499","FR"
"2018-07-11 04:05:49","http://breathingtogether.co.uk/Jul2018/US/ACCOUNT/Account-56321/","offline","malware_download","doc|emotet|epoch2|Heodo","breathingtogether.co.uk","92.204.218.227","21499","FR"
"2018-07-02 20:15:18","http://www.taksmith.co.uk/Factura-Venta/","offline","malware_download","doc|emotet|epoch1|Heodo","www.taksmith.co.uk","92.205.6.61","21499","FR"
"2018-06-30 06:12:40","http://templemooretrail.co.uk/Jun2018/Invoice","offline","malware_download","emotet|heodo","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-06-25 20:32:07","http://templemooretrail.co.uk/Jun2018/Invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-06-23 06:05:15","http://cocktailors.de/ACCOUNT/Services-06-22-18-New-Customer-KS","offline","malware_download","emotet","cocktailors.de","92.204.222.109","21499","FR"
"2018-06-22 16:57:06","http://cocktailors.de/account/services-06-22-18-new-customer-ks/","offline","malware_download","doc|emotet","cocktailors.de","92.204.222.109","21499","FR"
"2018-06-22 16:33:09","http://templemooretrail.co.uk/Purchase/INV57839269865088647/","offline","malware_download","doc|emotet|heodo","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-06-20 06:38:06","http://www.cocktailors.de/x0ZNnOCF/","offline","malware_download","Emotet|exe|Heodo","www.cocktailors.de","92.204.222.109","21499","FR"
"2018-06-19 22:43:04","http://www.cocktailors.de/x0ZNnOCF","offline","malware_download","emotet|epoch1|Heodo|payload","www.cocktailors.de","92.204.222.109","21499","FR"
"2018-06-18 23:18:03","http://templemooretrail.co.uk/RECH/Rechnung-Nr098770/","offline","malware_download","AgentTesla|doc|emotet|epoch2|Heodo","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-06-15 22:23:07","http://templemooretrail.co.uk/UPS-Past-Due-Invoices-06152018-6529/","offline","malware_download","doc|emotet|epoch2|Heodo","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-06-15 15:28:23","http://edwingarland.me.uk/156310/","offline","malware_download","Heodo","edwingarland.me.uk","92.205.173.85","21499","DE"
"2018-06-14 11:06:07","http://ecuadortrust.org.uk/images/two/dew008.exe","offline","malware_download","exe|Loki","ecuadortrust.org.uk","92.205.151.187","21499","FR"
"2018-06-13 19:05:09","http://templemooretrail.co.uk/IRS-Tax-Transcipts-053/12/","offline","malware_download","doc|emotet|epoch2|Heodo","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-06-05 17:05:02","http://templemooretrail.co.uk/ups.com/WebTracking/IR-7313729045394/","offline","malware_download","doc|emotet|Heodo","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-05-29 19:58:42","http://templemooretrail.co.uk/DOC/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc|emotet|Heodo","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-05-24 07:10:17","http://platinumfilms.co.uk/RECH/Rechnungsanschrift-korrigiert-0119219/","offline","malware_download","doc|Emotet|Heodo","platinumfilms.co.uk","92.204.223.206","21499","FR"
"2018-05-21 14:55:27","http://homexxl.de/images/supplier/ups.com/WebTracking/ZQW-768705390/","offline","malware_download","doc|emotet","homexxl.de","92.205.128.58","21499","FR"
"2018-05-18 09:57:37","http://geotechnic.co.uk/oBBHSKkk/","offline","malware_download","emotet|exe|Heodo","geotechnic.co.uk","92.205.182.30","21499","FR"
"2018-05-18 04:43:51","http://online234.com/hlr/loder.exe","offline","malware_download","ArkeiStealer","online234.com","92.205.50.158","21499","FR"
"2018-05-08 09:30:31","http://tolerant-technology.co.uk/BYvXGh/","offline","malware_download","Emotet|exe","tolerant-technology.co.uk","92.204.219.119","21499","FR"
"2018-04-27 20:30:10","http://aardvark-world.org.uk/ySkW/","offline","malware_download","emotet|payload","aardvark-world.org.uk","92.205.161.208","21499","FR"
"2018-04-26 18:43:08","http://tolerant-technology.co.uk/wWXVYir7/","offline","malware_download","doc|emotet|Heodo","tolerant-technology.co.uk","92.204.219.119","21499","FR"
"2018-04-24 20:07:03","http://templemooretrail.co.uk/addDbxWUKFp/","offline","malware_download","doc|emotet","templemooretrail.co.uk","92.204.218.254","21499","FR"
"2018-03-24 16:03:42","http://dachdeckermeister-kreuz.de/INVOICE/SY-6586544739/","offline","malware_download","doc|emotet|heodo","dachdeckermeister-kreuz.de","92.205.251.89","21499","DE"
# of entries: 898