##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-20 04:22:57 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS45012
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2024-12-07 14:38:21","https://www.reifenquick.de/Scripts/statement/ul397wfyb/","online","malware_download","Emotet|Heodo","www.reifenquick.de","185.137.168.76","45012","DE"
"2024-12-07 14:38:15","https://reifenquick.de/Scripts/hl8-8w4cs-6325/","online","malware_download","Emotet|Heodo","reifenquick.de","185.137.168.76","45012","DE"
"2024-12-07 14:36:20","https://www.reifenquick.de/Scripts/closed_957176_mxqSdoJ6a4IZ/close_warehouse/ql55hnq09iyn6lm_334stxvw03wyv/","online","malware_download","Emotet|Heodo","www.reifenquick.de","185.137.168.76","45012","DE"
"2023-08-20 07:18:04","https://montec-shop.de/images/headers/enlc-stb(download(upd))ef.url","offline","malware_download","NetSupport|RAT|url","montec-shop.de","81.88.36.57","45012","DE"
"2023-08-20 07:17:08","https://montec-shop.de/images/extensiontemper.zip","offline","malware_download","NetSupport|RAT|zip","montec-shop.de","81.88.36.57","45012","DE"
"2023-08-20 07:17:06","https://montec-shop.de/images/client32.exe","offline","malware_download","exe|NetSupport|RAT","montec-shop.de","81.88.36.57","45012","DE"
"2023-01-18 08:51:34","http://vitems.de/agenzia/","offline","malware_download","geo|Gozi|ISFB|ITA|redir-onedrive|Ursnif","vitems.de","109.237.138.8","45012","DE"
"2023-01-18 08:51:09","http://vitems.de/agenzia/cd4a/48UsOE.php","offline","malware_download","geo|Gozi|ISFB|ITA|redir-onedrive|Ursnif","vitems.de","109.237.138.8","45012","DE"
"2022-12-19 16:41:12","https://turbine-falkensee.de/otp/index.php","offline","malware_download","BB11|IMG|ISO|Qakbot|Qbot|Quakbot|TR|TR23|zip","turbine-falkensee.de","178.20.102.78","45012","DE"
"2022-01-26 14:39:05","http://oyerhof.de/wp-admin/acxxrv5aMZSdf/","offline","malware_download","dll|emotet|epoch4|heodo","oyerhof.de","109.237.134.38","45012","DE"
"2022-01-11 21:51:05","https://herzensmenschen.com/3dgc/08141-8367578/","offline","malware_download","emotet|epoch5|redir-doc","herzensmenschen.com","91.203.110.213","45012","DE"
"2022-01-11 21:51:05","https://herzensmenschen.com/3dgc/08141-8367578/?i=1","offline","malware_download","doc|emotet|epoch5|Heodo","herzensmenschen.com","91.203.110.213","45012","DE"
"2021-03-25 15:01:07","http://sports-net.de/sx7wph0.tar","offline","malware_download","dll|Dridex","sports-net.de","5.44.101.47","45012","DE"
"2021-03-25 07:36:07","https://sports-net.de/sx7wph0.tar","offline","malware_download","Dll|Dridex","sports-net.de","5.44.101.47","45012","DE"
"2021-01-20 19:37:05","https://dev1.tritschler-wunschliste.com/vendor/incenteev/composer-parameter-handler/Tests/fixtures/Z8w6OKdbYK.php","offline","malware_download","Dridex","dev1.tritschler-wunschliste.com","77.75.250.249","45012","DE"
"2021-01-14 04:41:03","https://hellas-darmstadt.de/cgi-bin/ZSoo/","offline","malware_download","emotet|epoch2|exe|Heodo","hellas-darmstadt.de","5.44.101.72","45012","DE"
"2021-01-12 18:18:05","http://hellas-darmstadt.de/cgi-bin/ZSoo/","offline","malware_download","emotet|epoch2|exe|heodo","hellas-darmstadt.de","5.44.101.72","45012","DE"
"2020-12-30 07:27:04","http://www.caroline-kaspar.de/v/0OIWBQpCEclc2HJ2v2zL75VvUb9Une0WU29J4ZBg6bbAbrTrTB4YtUvc4LzP3jY/","offline","malware_download","doc|emotet|epoch2|Heodo","www.caroline-kaspar.de","109.237.138.24","45012","DE"
"2020-12-29 17:55:07","https://juju.jebcom.de/errordocs/I0K/","offline","malware_download","emotet|epoch2|exe|heodo","juju.jebcom.de","31.47.255.55","45012","DE"
"2020-11-23 21:01:04","http://evahollmann.de.phees.de/test/content/40.Galerien/05.im-reich-des-fauns/LvQH4dpq1.php","offline","malware_download","exe","evahollmann.de.phees.de","31.47.255.54","45012","DE"
"2020-08-24 02:12:20","http://reifenquick.de/Scripts/statement/ul397wfyb/","online","malware_download","doc|emotet|epoch2|Heodo","reifenquick.de","185.137.168.76","45012","DE"
"2020-08-21 21:18:03","http://www.reifenquick.de/Scripts/FILE/21mnqlvi/oz88535657v7rbazasyth9x8i/","online","malware_download","doc|emotet|epoch2|heodo","www.reifenquick.de","185.137.168.76","45012","DE"
"2020-08-19 17:16:10","http://www.reifenquick.de/Scripts/statement/ul397wfyb/","online","malware_download","doc|emotet|epoch2|heodo","www.reifenquick.de","185.137.168.76","45012","DE"
"2020-08-18 13:04:19","http://hegelito.de/8li_r1h1_wkyso4uzll/paclm/sfvr254/j6404395523820q0qhuiut3em8dguy2/","offline","malware_download","doc|emotet|epoch2|Heodo","hegelito.de","31.47.255.46","45012","DE"
"2020-08-17 12:33:13","http://www.reifenquick.de/Scripts/closed_957176_mxqSdoJ6a4IZ/close_warehouse/ql55hnq09iyn6lm_334stxvw03wyv/","online","malware_download","doc|emotet|epoch1|heodo","www.reifenquick.de","185.137.168.76","45012","DE"
"2020-08-17 01:27:14","http://reifenquick.de/Scripts/hl8-8w4cs-6325/","online","malware_download","doc|emotet|epoch3|Heodo","reifenquick.de","185.137.168.76","45012","DE"
"2020-08-14 23:39:34","http://ferienwohnung-malcesine.de/html/multifunctional-k6v3n8v15eu-ju624wnn/external-forum/KrpTb-srvzcdIppyi/","offline","malware_download","doc|emotet|epoch1|heodo","ferienwohnung-malcesine.de","185.137.168.72","45012","DE"
"2020-08-13 16:36:10","http://www.reifenquick.de/Scripts/hl8-8w4cs-6325/","online","malware_download","doc|emotet|epoch3|Heodo","www.reifenquick.de","185.137.168.76","45012","DE"
"2020-08-12 11:23:04","http://ferienwohnung-malcesine.de/html/DOC/prdshq6uc/7zhny6t4727844666794hq9n9o5fma474xyu/","offline","malware_download","doc|emotet|epoch2|heodo","ferienwohnung-malcesine.de","185.137.168.72","45012","DE"
"2020-08-12 03:42:02","http://lindnerelektroanlagen.de/pages/esp/x6q21ny9s/","offline","malware_download","doc|emotet|epoch2|heodo","lindnerelektroanlagen.de","185.137.168.76","45012","DE"
"2020-08-07 14:46:03","http://ferienwohnung-malcesine.de/html/OYkCNrxpL/","offline","malware_download","doc|emotet|epoch3|Heodo|QuakBot","ferienwohnung-malcesine.de","185.137.168.72","45012","DE"
"2020-08-07 06:36:05","http://lindnerelektroanlagen.de/pages/closed_array/corporate_Qvt1WRAIL_wizVz4iwC2/Mb2cyxZUJuX_et9L1IppzGs5/","offline","malware_download","doc|emotet|epoch1|heodo|QuakBot","lindnerelektroanlagen.de","185.137.168.76","45012","DE"
"2020-08-06 16:04:05","http://www.reifenquick.de/Scripts/open-0627720493640-azQ24PfFjRm/guarded-space/gxkx9t42ra6yf-6x7uyx330389w/","online","malware_download","doc|emotet|epoch1|heodo|QuakBot","www.reifenquick.de","185.137.168.76","45012","DE"
"2020-08-03 23:38:35","http://gartengestaltung-hoellerer.de/fnfttgll/GRAKA0qxNw.zip","offline","malware_download","Qakbot|Qbot|spx147|vbs|zip","gartengestaltung-hoellerer.de","109.237.136.6","45012","DE"
"2020-07-30 23:33:33","http://lindnerelektroanlagen.de/INVOICE/AOG-3515110/","online","malware_download","doc|Emotet|Heodo","lindnerelektroanlagen.de","185.137.168.76","45012","DE"
"2020-07-30 21:14:03","http://ferienwohnung-malcesine.de/html/open-resource/individual-warehouse/tigcc-u7w0wy5s16tt/","offline","malware_download","doc|emotet|epoch1|Heodo","ferienwohnung-malcesine.de","185.137.168.72","45012","DE"
"2020-07-30 13:32:34","http://lindnerelektroanlagen.de/pages/Overview/teei81i/","offline","malware_download","doc|emotet|epoch2|Heodo","lindnerelektroanlagen.de","185.137.168.76","45012","DE"
"2020-07-29 13:26:07","http://hegelito.de/wp-admin/3iz1jbwj-jnpw-844/","offline","malware_download","doc|emotet|epoch3|Heodo","hegelito.de","31.47.255.46","45012","DE"
"2020-07-28 20:34:34","http://ferienwohnung-malcesine.de/html/OCT/","offline","malware_download","doc|emotet|epoch2|Heodo","ferienwohnung-malcesine.de","185.137.168.72","45012","DE"
"2020-07-02 06:28:04","http://herrdangwerder.de/wp-content/plugins/invoice.doc","offline","malware_download","rtf","herrdangwerder.de","109.237.134.54","45012","DE"
"2020-06-12 18:04:56","http://kindertagespflege-arcoiris.de/dsgceblpxpg/T/HIIYFCVXq.zip","offline","malware_download","Qakbot|Quakbot|zip","kindertagespflege-arcoiris.de","109.237.134.48","45012","DE"
"2020-06-12 18:00:17","http://kindertagespflege-arcoiris.de/hbqqpi/ovS144o0n2.zip","offline","malware_download","Qakbot|Quakbot|zip","kindertagespflege-arcoiris.de","109.237.134.48","45012","DE"
"2020-06-12 17:07:59","http://kindertagespflege-arcoiris.de/hbqqpi/XyQ1z8IetP.zip","offline","malware_download","Qakbot|Quakbot|zip","kindertagespflege-arcoiris.de","109.237.134.48","45012","DE"
"2020-06-12 17:05:57","http://garkueche-allerley.de/pfyfpzoccrs/TCJMaH2TaU.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 17:05:36","http://garkueche-allerley.de/pfyfpzoccrs/MQkHITh9Vs.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 17:03:42","http://www.schwaebischefranken.de/vpotwli/aD/dU/EDUCQT1E.zip","offline","malware_download","Qakbot|Quakbot|zip","www.schwaebischefranken.de","109.237.132.32","45012","DE"
"2020-06-12 17:03:20","http://garkueche-allerley.de/pfyfpzoccrs/szKd4Xhdhh.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 16:47:03","http://garkueche-allerley.de/puqrtihaj/cC/1B/mowKNJtH.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 16:17:19","http://www.schwaebischefranken.de/vpotwli/1Hu41sQKXW.zip","offline","malware_download","Qakbot|Quakbot|zip","www.schwaebischefranken.de","109.237.132.32","45012","DE"
"2020-06-12 16:13:49","http://kindertagespflege-arcoiris.de/hbqqpi/Nd/bl/QQ5SsLru.zip","offline","malware_download","Qakbot|Quakbot|zip","kindertagespflege-arcoiris.de","109.237.134.48","45012","DE"
"2020-06-12 16:05:47","http://www.schwaebischefranken.de/vpotwli/jq/97/8jKSlh4T.zip","offline","malware_download","Qakbot|Quakbot|zip","www.schwaebischefranken.de","109.237.132.32","45012","DE"
"2020-06-12 16:05:13","http://kindertagespflege-arcoiris.de/hbqqpi/8/VL3tADPwj.zip","offline","malware_download","Qakbot|Quakbot|zip","kindertagespflege-arcoiris.de","109.237.134.48","45012","DE"
"2020-06-12 16:04:35","http://garkueche-allerley.de/pfyfpzoccrs/sS/F8/ZLlgGRJj.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 16:00:44","http://garkueche-allerley.de/pfyfpzoccrs/Yj/Z6/txfq40Yk.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 15:32:07","http://garkueche-allerley.de/pfyfpzoccrs/2/4wULItkBZ.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 15:27:07","http://garkueche-allerley.de/pfyfpzoccrs/HIUO7gtyrP.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 15:09:16","http://kindertagespflege-arcoiris.de/hbqqpi/H/QVWHfEGjk.zip","offline","malware_download","Qakbot|Quakbot|zip","kindertagespflege-arcoiris.de","109.237.134.48","45012","DE"
"2020-06-12 15:02:52","http://kindertagespflege-arcoiris.de/hbqqpi/Kb/5X/nYQsnGFh.zip","offline","malware_download","Qakbot|Quakbot|zip","kindertagespflege-arcoiris.de","109.237.134.48","45012","DE"
"2020-06-12 14:51:33","http://garkueche-allerley.de/pfyfpzoccrs/T/3w64MnIPt.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 14:43:09","http://garkueche-allerley.de/puqrtihaj/y/h7VZ9lo4i.zip","offline","malware_download","Qakbot|Quakbot|zip","garkueche-allerley.de","109.237.138.44","45012","DE"
"2020-06-12 14:36:53","http://www.schwaebischefranken.de/vpotwli/g/CfbDGqZfi.zip","offline","malware_download","Qakbot|Quakbot|zip","www.schwaebischefranken.de","109.237.132.32","45012","DE"
"2020-06-11 22:58:49","http://amc-sonthofen.de/ufisrgehame/g1BFgFIkLB.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 22:56:06","http://amc-sonthofen.de/ufisrgehame/hpJj77mE7l.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 22:53:31","http://amc-sonthofen.de/ufisrgehame/Mbl1MawepU.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 22:32:41","http://amc-sonthofen.de/ufisrgehame/6c/dy/m8oQfy2s.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 22:21:18","http://pohlibri.de/qemfnmj/I1/Zi/xwAtCAgE.zip","offline","malware_download","Qakbot|Quakbot|zip","pohlibri.de","109.237.140.46","45012","DE"
"2020-06-11 21:28:18","http://amc-sonthofen.de/ufisrgehame/G/rDcwGJRZw.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 21:25:29","http://pohlibri.de/qemfnmj/R/4J6y2vjAe.zip","offline","malware_download","Qakbot|Quakbot|zip","pohlibri.de","109.237.140.46","45012","DE"
"2020-06-11 21:03:05","http://amc-sonthofen.de/ufisrgehame/3V/Ig/FaOGVqiG.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 21:01:29","http://pohlibri.de/qemfnmj/rT/gR/trfn0c0n.zip","offline","malware_download","Qakbot|Quakbot|zip","pohlibri.de","109.237.140.46","45012","DE"
"2020-06-11 20:57:10","http://amc-sonthofen.de/ufisrgehame/2/031QXG5nl.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 20:28:50","http://amc-sonthofen.de/ufisrgehame/BcFL75di9n.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 20:25:35","http://amc-sonthofen.de/ufisrgehame/AH/OM/p1QaONJi.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 19:38:04","http://amc-sonthofen.de/ufisrgehame/JVm66ObywF.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 18:24:03","http://amc-sonthofen.de/ufisrgehame/6/C0neXlbML.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 18:23:20","http://amc-sonthofen.de/ufisrgehame/xpTMFDn91T.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 18:13:29","http://pohlibri.de/oozbbvnusq/P4UGbbE8QM.zip","offline","malware_download","Qakbot|Quakbot|zip","pohlibri.de","109.237.140.46","45012","DE"
"2020-06-11 18:09:18","http://amc-sonthofen.de/amgzefdmdnh/K/Osaz4GzyI.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 17:32:16","http://amc-sonthofen.de/ufisrgehame/0weW9fem9e.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 16:49:41","http://pohlibri.de/oozbbvnusq/fj1FC2y0qJ.zip","offline","malware_download","Qakbot|Quakbot|zip","pohlibri.de","109.237.140.46","45012","DE"
"2020-06-11 16:38:18","http://amc-sonthofen.de/ufisrgehame/K/jrFJzjM0a.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 15:35:52","http://amc-sonthofen.de/ufisrgehame/1uVNO8SeuZ.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 15:32:46","http://amc-sonthofen.de/ufisrgehame/gsORmW70at.zip","offline","malware_download","Qakbot|Quakbot|zip","amc-sonthofen.de","109.237.132.6","45012","DE"
"2020-06-11 15:07:04","http://pohlibri.de/oozbbvnusq/Ks/yj/uawOfUVI.zip","offline","malware_download","Qakbot|Quakbot|zip","pohlibri.de","109.237.140.46","45012","DE"
"2020-06-11 14:52:14","http://pohlibri.de/oozbbvnusq/Fn/U3/lKh1n1iB.zip","offline","malware_download","Qakbot|Quakbot|zip","pohlibri.de","109.237.140.46","45012","DE"
"2020-04-29 14:45:07","http://daricci.de/wp-content/uploads/2020/04/owkf/22222.png","offline","malware_download","exe|Qakbot|spx108","daricci.de","109.237.138.22","45012","DE"
"2019-12-19 20:21:04","http://holzspeise.at/statistik/esp/bp-7885-08769844-5h8q1pqy6-g3y5elxi5a9/","offline","malware_download","doc|emotet|epoch2|heodo","holzspeise.at","85.158.181.31","45012","DE"
"2019-12-17 18:59:02","http://holzspeise.at/statistik/personal_box/verifiable_warehouse/3a8iq6uk1vf5n0_3830w39w8yz/","offline","malware_download","doc|emotet|epoch1|Heodo","holzspeise.at","85.158.181.31","45012","DE"
"2019-12-10 19:08:12","http://www.elektro-urban.de/wp-admin/Documentation/","offline","malware_download","doc|Emotet|epoch2|Heodo","www.elektro-urban.de","5.44.101.194","45012","DE"
"2019-12-10 00:15:11","http://hegelito.de/Service/Scan/k5mp1r6wf-0801503-518473571-r65q-2uye6s/","offline","malware_download","doc|emotet|epoch2|Heodo","hegelito.de","31.47.255.46","45012","DE"
"2019-09-20 12:17:06","http://michaelkensy.de/wp-content/themes/twentyseventeen/template-parts/footer/2c.jpg","offline","malware_download","ransomware|shade|Troldesh","michaelkensy.de","185.137.168.77","45012","DE"
"2019-08-28 06:24:04","https://www.gmann.photos/classes/1c.jpg","offline","malware_download","exe|Troldesh","www.gmann.photos","5.44.105.11","45012","DE"
"2019-08-28 06:14:06","http://gmann.info/css/1c.jpg","offline","malware_download","exe","gmann.info","5.44.105.11","45012","DE"
"2019-08-28 06:01:02","http://gmann.photos/classes/2c.jpg","offline","malware_download","exe","gmann.photos","5.44.105.11","45012","DE"
"2019-08-28 06:01:02","http://www.gmann.photos/classes/2c.jpg","offline","malware_download","exe","www.gmann.photos","5.44.105.11","45012","DE"
"2019-08-27 21:29:05","https://www.gmann.photos/classes/2c.jpg","offline","malware_download","exe|ransomware|shade|troldesh","www.gmann.photos","5.44.105.11","45012","DE"
"2019-08-27 21:29:03","https://www.gmann.info/css/1c.jpg","offline","malware_download","exe|ransomware|shade|troldesh","www.gmann.info","5.44.105.11","45012","DE"
"2019-08-27 20:19:04","http://gmann.info/css/2c.jpg","offline","malware_download","exe","gmann.info","5.44.105.11","45012","DE"
"2019-08-27 20:19:02","http://gmann.photos/classes/1c.jpg","offline","malware_download","exe","gmann.photos","5.44.105.11","45012","DE"
"2019-08-27 19:54:04","http://www.gmann.info/css/2c.jpg","offline","malware_download","exe","www.gmann.info","5.44.105.11","45012","DE"
"2019-08-27 11:24:06","https://www.gmann.info/css/2c.jpg","offline","malware_download","Troldesh","www.gmann.info","5.44.105.11","45012","DE"
"2019-05-29 13:32:05","http://bramastudio.com/wp-includes/mvBAPWMFc/","offline","malware_download","emotet|epoch2|exe|Heodo","bramastudio.com","91.203.110.218","45012","DE"
"2019-05-16 23:43:03","http://hegelito.de/Service/sites/olwt0ulb_e9xabjilc0-8978386499534/","offline","malware_download","doc|Emotet|epoch2|Heodo","hegelito.de","31.47.255.46","45012","DE"
"2019-04-20 04:54:19","http://canyoning-austria.at/dashost","offline","malware_download","ServHelper","canyoning-austria.at","85.158.181.20","45012","DE"
"2019-02-26 13:18:52","http://kanther.net/templates/seriousblue/images/pikz.zip","offline","malware_download","RUS|Troldesh|zipped-JS","kanther.net","185.137.168.137","45012","DE"
"2019-02-23 10:48:06","http://projekt-bulli.de/wp-content/themes/aries/js/pik.zip","offline","malware_download","exe|payload|ransomware|shade|stage2|TrolDesh","projekt-bulli.de","185.137.168.176","45012","DE"
"2019-02-23 10:48:05","http://projekt-bulli.de/wp-content/themes/aries/js/msg.jpg","offline","malware_download","exe|payload|ransomware|shade|stage2|TrolDesh","projekt-bulli.de","185.137.168.176","45012","DE"
"2019-02-23 10:48:05","http://projekt-bulli.de/wp-content/themes/aries/js/pic.zip","offline","malware_download","exe|payload|ransomware|shade|stage2|TrolDesh","projekt-bulli.de","185.137.168.176","45012","DE"
"2019-02-06 17:01:20","http://dappen-online.de/doc/Invoice/XKEeG-uk_MkNM-SeF/","offline","malware_download","Emotet|Heodo","dappen-online.de","31.47.253.150","45012","DE"
"2019-02-01 21:36:44","http://dappen-online.de/lILrM_LQWUA-pPQDp/LXu/Information/022019/","offline","malware_download","doc|emotet|epoch1|Heodo","dappen-online.de","31.47.253.150","45012","DE"
"2018-12-15 21:54:19","http://furstyle-jl.de/templates/offf/css/sserv.jpg","offline","malware_download","exe|Ransomware.Troldesh|shade|Troldesh","furstyle-jl.de","91.203.110.211","45012","DE"
"2018-11-15 18:55:02","http://ralfschumann.com/files/EN_en/Outstanding-Invoices/","offline","malware_download","doc|Heodo","ralfschumann.com","31.47.253.150","45012","DE"
"2018-11-15 17:35:21","http://ralfschumann.com/files/EN_en/Outstanding-Invoices","offline","malware_download","doc|emotet|heodo","ralfschumann.com","31.47.253.150","45012","DE"
"2018-11-14 06:07:21","http://ralfschumann.com/DOC/En/Invoice-for-t/o-11/13/2018/","offline","malware_download","doc|emotet|epoch2|Heodo","ralfschumann.com","31.47.253.150","45012","DE"
"2018-11-13 19:32:05","http://ralfschumann.com/DOC/En/Invoice-for-t/o-11/13/2018","offline","malware_download","emotet|Heodo","ralfschumann.com","31.47.253.150","45012","DE"
"2018-07-28 01:24:14","http://greenway-studio.de/DHL-number/EN_en/","offline","malware_download","doc|emotet|epoch2|Heodo","greenway-studio.de","185.137.168.179","45012","DE"
"2018-07-12 02:37:57","http://www.dorheimerhof.de/sites/En_us/STATUS/invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","www.dorheimerhof.de","109.237.138.13","45012","DE"
"2018-06-26 16:54:04","http://www.chalet12.de/Payment-and-address/Invoice-745407/","offline","malware_download","doc|emotet|heodo","www.chalet12.de","109.237.138.49","45012","DE"
"2018-06-18 21:43:09","http://www.stahlbau-hundeshagen.com/Rechnungs/","offline","malware_download","doc|emotet|epoch1|Heodo","www.stahlbau-hundeshagen.com","178.250.9.157","45012","DE"
"2018-06-12 17:36:05","https://theisel.de/IRS-Accounts-Transcipts-020M/4/","offline","malware_download","doc|emotet|epoch1|Heodo","theisel.de","109.237.140.13","45012","DE"
"2018-06-05 16:57:09","http://manuel-zeidler.eu/MODIF-FACTURE-04-juin","offline","malware_download","doc|emotet|Heodo","manuel-zeidler.eu","46.243.95.173","45012","DE"
"2018-06-05 16:19:09","https://theisel.de/ups.com/WebTracking/HDW-9694692/","offline","malware_download","doc|emotet|Heodo","theisel.de","109.237.140.13","45012","DE"
"2018-06-04 16:12:24","http://greenway-studio.de/ACCOUNT/Invoice-710057/","offline","malware_download","doc|emotet|Heodo","greenway-studio.de","185.137.168.179","45012","DE"
"2018-05-31 18:18:09","http://greenway-studio.de/DOC/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc|emotet|Heodo","greenway-studio.de","185.137.168.179","45012","DE"
"2018-05-30 18:54:07","http://manuel-zeidler.eu/Facture-30/05/2018/","offline","malware_download","doc|emotet|Heodo","manuel-zeidler.eu","46.243.95.173","45012","DE"
"2018-05-29 19:39:52","http://semperfi-fellnasen.de/FILE/ACCOUNT31064478/","offline","malware_download","doc|emotet|Heodo","semperfi-fellnasen.de","185.39.221.68","45012","DE"
"2018-05-29 07:07:16","http://manuel-zeidler.eu/Hilfestellung/Rechnung-fur-Zahlung-0207-153/","offline","malware_download","doc|emotet|Heodo","manuel-zeidler.eu","46.243.95.173","45012","DE"
"2018-05-19 06:07:32","http://greenway-studio.de/HwimW7b/","offline","malware_download","doc|emotet|Heodo","greenway-studio.de","185.137.168.179","45012","DE"
"2018-05-17 15:20:19","http://darsser-ort.de/Paid-Invoices/","offline","malware_download","emotet","darsser-ort.de","185.3.235.205","45012","DE"
"2018-05-09 15:04:19","http://darsser-ort.de/h2FfAeP0yDGQ/","offline","malware_download","doc|emotet|Heodo","darsser-ort.de","185.3.235.205","45012","DE"
# of entries: 130