##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-18 18:47:50 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS48707
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2022-01-14 00:10:05","http://ona.pradex.pl/2196/XaXYc_3/?i=1","offline","malware_download","doc|emotet|epoch5|Heodo","ona.pradex.pl","185.253.212.22","48707","PL"
"2022-01-14 00:06:10","http://ona.pradex.pl/2196/XaXYc_3/","offline","malware_download","emotet|epoch5|redir-doc|xls","ona.pradex.pl","185.253.212.22","48707","PL"
"2022-01-12 23:26:03","http://ona.pradex.pl/2196/oks28920875/","offline","malware_download","emotet|epoch5|redir-doc|xls","ona.pradex.pl","185.253.212.22","48707","PL"
"2022-01-12 23:26:03","http://ona.pradex.pl/2196/oks28920875/?i=1","offline","malware_download","doc|emotet|epoch5|Heodo","ona.pradex.pl","185.253.212.22","48707","PL"
"2022-01-11 12:03:03","http://ona.pradex.pl/2196/GKM7P8p5fx/?i=1","offline","malware_download","emotet|epoch4|Heodo|SilentBuilder|xls","ona.pradex.pl","185.253.212.22","48707","PL"
"2022-01-11 11:47:05","http://ona.pradex.pl/2196/GKM7P8p5fx/","offline","malware_download","emotet|epoch4|redir-doc|xls","ona.pradex.pl","185.253.212.22","48707","PL"
"2021-02-03 21:48:06","https://dropclose.com/excel/shared.xls","offline","malware_download","excel|SilentBuilder","dropclose.com","185.253.212.22","48707","PL"
"2020-10-19 17:41:13","http://mail.oyj.pl/INC/","offline","malware_download","doc|emotet|epoch2|Heodo","mail.oyj.pl","185.253.212.22","48707","PL"
"2020-10-17 05:42:03","http://pieszczek-racing.pl/bus-travel.pl/swift/vj32ndvreux0zy9g9116zywloo/","offline","malware_download","doc|emotet|epoch2|Heodo","pieszczek-racing.pl","185.253.212.22","48707","PL"
"2020-08-27 20:03:05","http://wyklej.pl/sklep/Overview/3udq7h46246535261934zv2y8i2vnwl36n2p8/","offline","malware_download","doc|emotet|epoch2|Heodo","wyklej.pl","185.253.212.22","48707","PL"
"2020-08-13 22:26:03","https://fixlab.pl/serwis/multifunctional-disk/verified-space/1ncq07-x856x3w679/","offline","malware_download","doc|emotet|epoch1|heodo","fixlab.pl","185.253.212.22","48707","PL"
"2020-08-11 23:37:14","https://fixlab.pl/serwis/3pciv-c41-2365/","offline","malware_download","doc|emotet|epoch3|Heodo","fixlab.pl","185.253.212.22","48707","PL"
"2020-07-27 12:29:34","https://fixlab.pl/rehab/abierto/kyBdjye-e2gZp9OF-zona/sL7YGX-HbWlKG5byYt/","offline","malware_download","doc|emotet|epoch1|heodo","fixlab.pl","185.253.212.22","48707","PL"
"2020-06-15 16:07:07","http://www.drzwiskladane.pl/tuyybqg/7p/mP/dxGQJzyV.zip","offline","malware_download","Qakbot|Quakbot|zip","www.drzwiskladane.pl","185.253.212.22","48707","PL"
"2020-06-15 15:55:01","http://www.drzwiskladane.pl/kqedou/e/HPhJSN4rg.zip","offline","malware_download","Qakbot|Quakbot|zip","www.drzwiskladane.pl","185.253.212.22","48707","PL"
"2020-06-15 15:12:29","http://www.drzwiskladane.pl/tuyybqg/8O/f6/IwXrAtP4.zip","offline","malware_download","Qakbot|Quakbot|zip","www.drzwiskladane.pl","185.253.212.22","48707","PL"
"2020-06-15 14:39:19","http://www.drzwiskladane.pl/tuyybqg/Xz2ChQmAUz.zip","offline","malware_download","Qakbot|Quakbot|zip","www.drzwiskladane.pl","185.253.212.22","48707","PL"
"2020-06-15 13:37:39","http://www.drzwiskladane.pl/kqedou/v592PcMrb2.zip","offline","malware_download","Qakbot|Quakbot|zip","www.drzwiskladane.pl","185.253.212.22","48707","PL"
"2019-12-20 11:53:03","http://kocurro.pl/wp-includes/68x/","offline","malware_download","doc|emotet|epoch3|Heodo","kocurro.pl","185.253.212.22","48707","PL"
"2019-12-17 00:17:05","https://farasi.pl/wp-content/QHFata/","offline","malware_download","doc|emotet|epoch3|heodo","farasi.pl","185.253.212.22","48707","PL"
"2019-12-16 06:37:02","http://apolina.pl/engl/1tuh6ul-gakf89-994/","offline","malware_download","emotet|epoch3|exe|Heodo","apolina.pl","185.253.212.22","48707","PL"
"2019-12-13 10:09:04","https://farasi.pl/wp-content/public/","offline","malware_download","doc|emotet|epoch2|heodo","farasi.pl","185.253.212.22","48707","PL"
"2019-12-06 18:21:02","http://dubit.pl/site2/pxre-ns-297/","offline","malware_download","doc|emotet|epoch3|Heodo","dubit.pl","185.253.212.22","48707","PL"
"2019-09-23 11:22:04","http://reha-active.pl/wp-admin/Scan/LUUUiRTcQkumgefqXXqasngth/","offline","malware_download","doc|emotet|epoch2|Heodo","reha-active.pl","185.253.212.22","48707","PL"
"2019-09-20 12:48:24","http://mastersmeble.pl/wp-content/uploads/2019/09/pdf_113821.zip","offline","malware_download","BGR|Dreambot|js|zip","mastersmeble.pl","185.253.212.22","48707","PL"
"2019-09-17 21:52:09","http://parisel.pl/wp/2r8y6ecjs_ac7vkdd-3199965000142/","offline","malware_download","doc|emotet|epoch2","parisel.pl","185.253.212.22","48707","PL"
"2019-07-23 14:15:36","http://coffeebean.pl/images/about.pdf","offline","malware_download","exe|trickbot","coffeebean.pl","185.253.212.22","48707","PL"
"2019-05-28 21:02:02","http://parisel.pl/temp/Document/DCjmvktlcqOywWgvSk/","offline","malware_download","doc|emotet|epoch2|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2019-04-25 13:27:10","http://aloes.wys.pl/wp-admin/FILE/2Z0M6bVZgi9/","offline","malware_download","","aloes.wys.pl","185.253.212.22","48707","PL"
"2019-04-25 10:55:03","http://artpizza.pl/wp-content/plugins/beaver-builder-lite-version/modules/idx_config/DOC/jVubEZUDCiR/","offline","malware_download","Emotet|Heodo","artpizza.pl","185.253.212.22","48707","PL"
"2019-03-28 20:53:04","http://parisel.pl/temp/FrwT-cqMb_IaVufwrfi-yd/","offline","malware_download","Emotet|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2019-03-27 05:59:02","http://parisel.pl/temp/77108967/DHFs-p3YZx_crKPQfnf-gKC/","offline","malware_download","Emotet|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2019-03-25 11:13:07","http://pierwszajazda.com.pl/modules/UtwG-NasN_E-AOv/","offline","malware_download","doc|emotet|epoch2|Heodo","pierwszajazda.com.pl","185.253.212.22","48707","PL"
"2019-03-21 16:01:02","http://pierwszajazda.com.pl/modules/dq50-61o2yp-cwil/","offline","malware_download","Emotet|Heodo","pierwszajazda.com.pl","185.253.212.22","48707","PL"
"2019-03-19 15:38:08","http://pierwszajazda.com.pl/modules/gvtva-ia6zi-vuikuve/","offline","malware_download","doc|emotet|epoch2|Heodo","pierwszajazda.com.pl","185.253.212.22","48707","PL"
"2019-02-27 13:34:17","http://majewscyfoto.pl/java/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","majewscyfoto.pl","185.253.212.22","48707","PL"
"2019-02-27 10:29:43","http://www.lili-plaf.pl/FB-landingpage/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","www.lili-plaf.pl","185.253.212.22","48707","PL"
"2019-02-27 10:25:50","http://lili-plaf.pl/FB-landingpage/pikz.zip","offline","malware_download","js|RUS|Troldesh|zip","lili-plaf.pl","185.253.212.22","48707","PL"
"2019-02-26 16:08:19","http://lili-plaf.pl/FB-landingpage/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","lili-plaf.pl","185.253.212.22","48707","PL"
"2019-02-26 09:28:26","http://lili-plaf.pl/FB-landingpage/pik.zip","offline","malware_download","RUS|Troldesh|zipped-JS","lili-plaf.pl","185.253.212.22","48707","PL"
"2019-02-19 21:42:04","http://tapicer-raciborz.pl/wp-content/uploads/En/document/Invoice_Notice/DnoPC-DF94_CaIzeqWr-Up0/","offline","malware_download","Emotet|Heodo","tapicer-raciborz.pl","185.253.212.22","48707","PL"
"2019-02-13 00:34:53","http://test.sala-avangarda.pl/verif.accs.docs.com/","offline","malware_download","doc|emotet|epoch1|Heodo","test.sala-avangarda.pl","185.253.212.22","48707","PL"
"2019-01-30 14:44:40","http://nunez.pl/wp-content/themes/imprint/assets/admin/css/fonts/massg.jpg","offline","malware_download","ransomware|shade|troldesh","nunez.pl","185.253.212.22","48707","PL"
"2019-01-21 20:15:04","http://www.halerubo.pl/_scripts/kcfinder/upload/images/darboven/ups.png","offline","malware_download","exe","www.halerubo.pl","185.253.212.22","48707","PL"
"2019-01-18 22:55:33","http://superpozyczki.pl/iaWo-dq_lAPT-9Nn/ACH/PaymentAdvice/EN_en/Important-Please-Read/","offline","malware_download","doc|emotet|epoch2|Heodo","superpozyczki.pl","185.253.212.22","48707","PL"
"2018-12-20 15:46:27","http://zurawiewynajem.pl/De_de/YDFVQONZFX3297478/Rechnung/Fakturierung/","offline","malware_download","emotet|epoch2|Heodo","zurawiewynajem.pl","185.253.212.22","48707","PL"
"2018-12-10 23:51:17","http://parisel.pl/Corporation/En/Need-to-send-the-attachment/","offline","malware_download","doc|emotet|epoch2","parisel.pl","185.253.212.22","48707","PL"
"2018-12-10 15:06:10","http://parisel.pl/Corporation/En/Need-to-send-the-attachment","offline","malware_download","emotet","parisel.pl","185.253.212.22","48707","PL"
"2018-12-08 00:42:45","http://parisel.pl/En_us/Details/12_18/","offline","malware_download","doc|emotet|epoch1|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-12-06 15:44:25","http://parisel.pl/En_us/Details/12_18","offline","malware_download","emotet|epoch1|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-11-16 02:07:18","http://flyshow.pl/553905KNGEW/BIZ/US/","offline","malware_download","doc|emotet|epoch2|Heodo","flyshow.pl","185.253.212.22","48707","PL"
"2018-11-15 17:32:16","http://flyshow.pl/553905KNGEW/BIZ/US","offline","malware_download","doc|emotet|heodo","flyshow.pl","185.253.212.22","48707","PL"
"2018-09-27 21:33:08","http://www.dobre-instalacje.pl/logs/recu.exe","offline","malware_download","exe|njrat","www.dobre-instalacje.pl","185.253.212.22","48707","PL"
"2018-09-27 21:22:04","http://www.dobre-instalacje.pl/language/overrides/xe.exe","offline","malware_download","exe","www.dobre-instalacje.pl","185.253.212.22","48707","PL"
"2018-09-27 21:21:06","http://www.dobre-instalacje.pl/serbox/byt/x.exe","offline","malware_download","exe","www.dobre-instalacje.pl","185.253.212.22","48707","PL"
"2018-09-27 21:20:09","http://www.dobre-instalacje.pl/libraries/f0f/query/e.exe","offline","malware_download","exe","www.dobre-instalacje.pl","185.253.212.22","48707","PL"
"2018-09-27 21:20:07","http://www.dobre-instalacje.pl/wds/sec/twain65.exe","offline","malware_download","exe","www.dobre-instalacje.pl","185.253.212.22","48707","PL"
"2018-09-26 16:45:10","http://www.dobre-instalacje.pl/seg/klo23/srvost32.exe","offline","malware_download","js|Nemucod","www.dobre-instalacje.pl","185.253.212.22","48707","PL"
"2018-08-10 04:24:19","http://www.ogrodu.pl/Aug2018/En/ACCOUNT/Invoice-82424281-080918/","offline","malware_download","doc|emotet|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-08-09 17:26:30","http://www.ogrodu.pl/Aug2018/En/ACCOUNT/Invoice-82424281-080918","offline","malware_download","doc|emotet|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-08-07 05:57:02","http://www.ogrodu.pl/Aug2018/US_us/Latest-invoice-with-a-new-address-to-update","offline","malware_download","doc|emotet|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-08-07 00:59:00","http://www.ogrodu.pl/ACH/PH0442507QOK/Aug-07-2018-90146810085/LYIW-IMS-Aug-07-2018/","offline","malware_download","doc|emotet|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-08-06 22:59:13","http://www.ogrodu.pl/ACH/PH0442507QOK/Aug-07-2018-90146810085/LYIW-IMS-Aug-07-2018","offline","malware_download","doc|emotet|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-08-02 10:26:05","http://parisel.pl/JoOxUSZz/","offline","malware_download","doc|emotet|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-08-02 09:26:04","http://parisel.pl/JoOxUSZz","offline","malware_download","Emotet|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-07-31 22:27:12","http://db7studio.pl/pdf/EN_en/Open-invoices/Past-Due-invoice","offline","malware_download","doc|emotet|heodo","db7studio.pl","185.253.212.22","48707","PL"
"2018-07-31 19:15:10","http://db7studio.pl/doc/En/Open-invoices/Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","db7studio.pl","185.253.212.22","48707","PL"
"2018-07-31 05:29:10","http://parisel.pl/sites/US/INVOICE-STATUS/ACCOUNT1794436","offline","malware_download","doc|emotet|heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-07-30 19:13:00","http://parisel.pl/sites/US/INVOICE-STATUS/ACCOUNT1794436/","offline","malware_download","doc|emotet|epoch2|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-07-27 04:07:55","http://parisel.pl/Tracking/En_us/","offline","malware_download","doc|emotet|epoch2|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-07-26 03:58:15","http://www.ogrodu.pl/Jul2018/En/Statement/Invoice-49991/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-26 03:55:26","http://markfilm.pl/DHL/En_us/","offline","malware_download","doc|emotet|epoch2|Heodo","markfilm.pl","185.253.212.22","48707","PL"
"2018-07-25 04:31:15","http://cocarda.pl/core/files/US_us/Invoice-for-sent/50397/","offline","malware_download","doc|emotet|heodo","cocarda.pl","185.253.212.22","48707","PL"
"2018-07-24 05:36:30","http://www.ogrodu.pl/newsletter/En/Client/ACCOUNT13114001/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-23 19:14:24","http://www.ogrodu.pl/newsletter/En/Client/ACCOUNT13114001","offline","malware_download","doc|emotet|heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-21 08:18:41","http://markfilm.pl/tbsMZRq","offline","malware_download","emotet|exe|heodo","markfilm.pl","185.253.212.22","48707","PL"
"2018-07-19 14:11:13","http://ogrodu.pl/doc/US/FILE/Invoice-683109/","offline","malware_download","Heodo","ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-18 23:48:52","http://www.ogrodu.pl/doc/US/FILE/Invoice-683109/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-17 23:08:42","http://www.ogrodu.pl/pdf/En_us/New-Order-Upcoming/Direct-Deposit-Notice/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-17 17:46:22","http://ogrodu.pl/pdf/En_us/New-Order-Upcoming/Direct-Deposit-Notice","offline","malware_download","Emotet|Heodo","ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-17 14:39:10","http://ogrodu.pl/pdf/En_us/New-Order-Upcoming/Direct-Deposit-Notice/","offline","malware_download","Emotet|Heodo","ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-17 11:52:54","http://www.ogrodu.pl/pdf/En_us/New-Order-Upcoming/Direct-Deposit-Notice","offline","malware_download","doc|emotet|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-16 16:06:26","http://bagiennanarew.pl/libraries/UFZYuWwNM/","offline","malware_download","Heodo","bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-16 10:20:15","http://www.bagiennanarew.pl/libraries/UFZYuWwNM/","offline","malware_download","emotet|exe|heodo","www.bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-13 10:21:06","http://ogrodu.pl/doc/En_us/ACCOUNT/Past-Due-invoice/","offline","malware_download","Heodo","ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-13 10:02:21","http://www.ogrodu.pl/doc/En_us/ACCOUNT/Past-Due-invoice/","offline","malware_download","doc|emotet|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-12 05:50:30","http://www.bagiennanarew.pl/plugins/Zahlungsschreiben/","offline","malware_download","doc|emotet|heodo","www.bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-11 19:55:09","http://bagiennanarew.pl/plugins/Zahlungsschreiben/","offline","malware_download","doc|emotet|epoch1|Heodo","bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-11 15:37:51","http://www.ogrodu.pl/default/En/Jul2018/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc|emotet|heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-11 04:15:21","http://www.ogrodu.pl/sites/US/INVOICE-STATUS/Invoices/","offline","malware_download","doc|emotet|epoch2|Heodo","www.ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-11 04:13:19","http://www.dotlenieni.pl/default/EN_en/STATUS/Order-68535514485/","offline","malware_download","doc|emotet|epoch2|Heodo","www.dotlenieni.pl","185.253.212.22","48707","PL"
"2018-07-09 20:58:57","http://ogrodu.pl/sites/US/INVOICE-STATUS/Invoices/","offline","malware_download","Heodo","ogrodu.pl","185.253.212.22","48707","PL"
"2018-07-07 04:54:17","http://bagiennanarew.pl/modules/mC613HtOWI/","offline","malware_download","Heodo","bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-05 23:43:04","http://www.bagiennanarew.pl/modules/mC613HtOWI/","offline","malware_download","emotet|epoch1|Heodo|payload","www.bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-05 07:09:56","http://www.dotlenieni.pl/The-FOURTH-of-July/","offline","malware_download","doc|emotet|heodo","www.dotlenieni.pl","185.253.212.22","48707","PL"
"2018-07-04 05:04:25","http://www.bagiennanarew.pl/plugins/EN_en/INVOICE-STATUS/Order-70847963546/","offline","malware_download","doc|emotet|epoch2|Heodo","www.bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-04 05:04:23","http://bagiennanarew.pl/plugins/EN_en/INVOICE-STATUS/Order-70847963546/","offline","malware_download","doc|emotet|epoch2|Heodo","bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-02 16:26:56","http://parisel.pl/ACCOUNT/factura-recibo/","offline","malware_download","doc|emotet|heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-07-02 16:12:57","http://www.schody.szczecin.pl/Empresas-Facturas/","offline","malware_download","doc|emotet|epoch1|Heodo","www.schody.szczecin.pl","185.253.212.22","48707","PL"
"2018-07-02 15:56:10","http://www.dotlenieni.pl/Fk5j/","offline","malware_download","emotet|exe|Heodo","www.dotlenieni.pl","185.253.212.22","48707","PL"
"2018-07-01 06:43:22","http://dotlenieni.pl/New-Order-Upcoming/Account-79422/","offline","malware_download","Heodo","dotlenieni.pl","185.253.212.22","48707","PL"
"2018-07-01 06:43:21","http://dotlenieni.pl/GrkOLR/","offline","malware_download","Heodo","dotlenieni.pl","185.253.212.22","48707","PL"
"2018-07-01 06:07:04","http://bagiennanarew.pl/media/lRmhD1/","offline","malware_download","Heodo","bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-07-01 06:07:03","http://bagiennanarew.pl/cli/Abierto-Pasado-Vencimiento-Pedidos/","offline","malware_download","Emotet|Heodo","bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-06-30 06:24:37","http://www.przedszkole166.pl/Statement/Customer-Invoice-HN-78905036","offline","malware_download","emotet|heodo","www.przedszkole166.pl","185.253.212.22","48707","PL"
"2018-06-30 06:19:57","http://www.dotlenieni.pl/Client/INV153088091775668874","offline","malware_download","emotet|heodo","www.dotlenieni.pl","185.253.212.22","48707","PL"
"2018-06-30 06:11:54","http://schody.szczecin.pl/DOC/invoice","offline","malware_download","emotet|heodo","schody.szczecin.pl","185.253.212.22","48707","PL"
"2018-06-30 06:10:05","http://przedszkole166.pl/Statement/Customer-Invoice-HN-78905036","offline","malware_download","emotet|heodo","przedszkole166.pl","185.253.212.22","48707","PL"
"2018-06-30 06:09:42","http://parisel.pl/factura-recibo","offline","malware_download","emotet|heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-06-30 06:04:56","http://dotlenieni.pl/Client/INV153088091775668874","offline","malware_download","emotet|heodo","dotlenieni.pl","185.253.212.22","48707","PL"
"2018-06-29 23:57:34","http://www.bagiennanarew.pl/cli/Abierto-Pasado-Vencimiento-Pedidos/","offline","malware_download","doc|emotet|epoch1|Heodo","www.bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-06-29 21:11:11","http://eko-meritum.pl/Facturas-vencidas/","offline","malware_download","doc|emotet|epoch1|Heodo","eko-meritum.pl","185.253.212.22","48707","PL"
"2018-06-29 04:44:34","http://www.bagiennanarew.pl/media/lRmhD1/","offline","malware_download","emotet|heodo","www.bagiennanarew.pl","185.253.212.22","48707","PL"
"2018-06-28 22:13:06","http://www.dotlenieni.pl/GrkOLR/","offline","malware_download","emotet|epoch2|Heodo|payload","www.dotlenieni.pl","185.253.212.22","48707","PL"
"2018-06-28 20:56:27","http://parisel.pl/factura-recibo/","offline","malware_download","doc|emotet|epoch1|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-06-28 19:04:26","http://przedszkole166.pl/Statement/Customer-Invoice-HN-78905036/","offline","malware_download","Heodo","przedszkole166.pl","185.253.212.22","48707","PL"
"2018-06-28 04:19:08","http://schody.szczecin.pl/DOC/invoice/","offline","malware_download","doc|emotet|epoch2|Heodo","schody.szczecin.pl","185.253.212.22","48707","PL"
"2018-06-28 03:06:22","http://www.przedszkole166.pl/Statement/Customer-Invoice-HN-78905036/","offline","malware_download","doc|emotet|epoch2|Heodo","www.przedszkole166.pl","185.253.212.22","48707","PL"
"2018-06-27 07:18:02","http://www.dotlenieni.pl/Client/INV153088091775668874/","offline","malware_download","doc|emotet|heodo","www.dotlenieni.pl","185.253.212.22","48707","PL"
"2018-06-26 21:28:04","http://www.cosmo-medica.pl/Statement/Invoice-766799","offline","malware_download","doc|emotet|epoch2|Heodo","www.cosmo-medica.pl","185.253.212.22","48707","PL"
"2018-06-26 20:51:17","http://dotlenieni.pl/Client/INV153088091775668874/","offline","malware_download","doc |emotet|epoch2|Heodo","dotlenieni.pl","185.253.212.22","48707","PL"
"2018-06-25 17:05:22","http://parisel.pl/mDXuj4ves/","offline","malware_download","emotet|epoch1|Heodo|Loki|payload","parisel.pl","185.253.212.22","48707","PL"
"2018-06-23 06:10:19","http://parisel.pl/Jun2018/Invoice-807629/","offline","malware_download","emotet|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-06-22 13:02:58","http://parisel.pl/Zahlungserinnerung/Rech-Nr00732","offline","malware_download","emotet|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-06-20 01:27:52","http://www.dotlenieni.pl/New-Order-Upcoming/Account-79422/","offline","malware_download","AgentTesla|doc|emotet|epoch2|Heodo","www.dotlenieni.pl","185.253.212.22","48707","PL"
"2018-06-18 13:56:04","http://parisel.pl/UPS-Service-Invoices-01T/0/","offline","malware_download","doc|emotet|heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-06-13 16:21:02","http://parisel.pl/ACCOUNT/Past-Due-invoice/","offline","malware_download","doc|emotet|epoch1|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-06-07 16:55:06","http://parisel.pl/ACCOUNT/Invoice-16229538-Invoice-date-060718-Order-no-1184763202/","offline","malware_download","doc|emotet|epoch1|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-06-05 15:59:02","http://parisel.pl/RECHNUNG/Hilfestellung-zu-Ihrer-Rechnung-Nr082642/","offline","malware_download","doc|emotet|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-05-29 19:40:49","http://parisel.pl/Factures/","offline","malware_download","doc|emotet|Heodo","parisel.pl","185.253.212.22","48707","PL"
"2018-05-10 16:46:08","http://carola.pl/BfA9oGqBEQUtp/","offline","malware_download","doc|emotet|Heodo","carola.pl","185.253.212.22","48707","PL"
"2018-03-24 16:04:25","http://perlybaltyku.pl/Rechnung-Nr-17367/","offline","malware_download","doc|emotet|heodo","perlybaltyku.pl","185.253.212.22","48707","PL"
# of entries: 132