##############################################################################
# URLhaus ASN CSV Feed                                                       #
# Generated on 2025-11-19 07:16:17 UTC                                       #
#                                                                            #
# For questions please refer to:                                             #
# https://urlhaus.abuse.ch/feeds/                                            #
##############################################################################
#
# Feed generated for AS51468
#
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,ASnumber,Country
"2025-11-16 15:12:08","https://harry-site.nl/uitvaart/tf.txt","online","malware_download","ascii|encoded|PureLogsStealer","harry-site.nl","46.30.215.110","51468","DK"
"2025-04-20 11:14:14","http://www.lpdata.dk/SecuritySuite/lpd_suite_01.exe","offline","malware_download","10pluspositivesinVT","www.lpdata.dk","46.30.215.104","51468","DK"
"2025-01-15 08:09:05","http://aminoroc.org/Invoice_receipt.html","offline","malware_download","multirat","aminoroc.org","77.111.241.77","51468","DK"
"2025-01-15 08:09:05","http://aminoroc.org/Payment.html","offline","malware_download","multirat","aminoroc.org","77.111.241.77","51468","DK"
"2024-09-21 15:11:04","https://brightorbitconsultancy.com/vfdshg16.exe","offline","malware_download","dropped-by-PrivateLoader|encrypted|Vidar","brightorbitconsultancy.com","46.30.215.188","51468","DK"
"2024-09-21 14:04:09","https://brightorbitconsultancy.com/sdgdfs.exe","offline","malware_download","dropped-by-PrivateLoader|Stealc","brightorbitconsultancy.com","46.30.215.188","51468","DK"
"2024-09-21 14:04:06","https://brightorbitconsultancy.com/vfdsgfd.exe","offline","malware_download","dropped-by-PrivateLoader|Vidar","brightorbitconsultancy.com","46.30.215.188","51468","DK"
"2024-07-03 17:37:08","https://videos.ergo-unterwegs.de/arm5","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:37:08","https://videos.ergo-unterwegs.de/idkwid.sh","offline","malware_download","opendir|sh","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:37:08","https://videos.ergo-unterwegs.de/spc","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:37:08","https://videos.ergo-unterwegs.de/x86_64","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:36:14","https://videos.ergo-unterwegs.de/arm","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:36:14","https://videos.ergo-unterwegs.de/arm6","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:36:14","https://videos.ergo-unterwegs.de/arm7","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:36:14","https://videos.ergo-unterwegs.de/mips","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:36:14","https://videos.ergo-unterwegs.de/ppc","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-07-03 17:36:12","https://videos.ergo-unterwegs.de/mpsl","offline","malware_download","elf|Mirai|opendir","videos.ergo-unterwegs.de","46.30.213.69","51468","DK"
"2024-01-30 11:01:17","https://kevius.se/o3.exe","offline","malware_download","dropped-by-smokeloader","kevius.se","46.30.215.89","51468","DK"
"2023-12-18 10:27:22","https://lestandardsarl.com/viewm/InstallerEngine.zip","offline","malware_download","fakechrome","lestandardsarl.com","46.30.213.31","51468","DK"
"2023-12-13 14:31:12","https://villadsen4x4.dk/blog.php","offline","malware_download","gating|gootloader","villadsen4x4.dk","46.30.213.131","51468","DK"
"2023-12-05 16:07:07","https://tintin.coffee/blog.php","offline","malware_download","","tintin.coffee","46.30.213.168","51468","DK"
"2023-12-05 16:03:11","https://stavangeradvokaten.no/blog.php","offline","malware_download","gating|gootloader","stavangeradvokaten.no","104.37.39.71","51468","NO"
"2023-10-22 15:23:06","https://salarquitectura.es/save.php","offline","malware_download","","salarquitectura.es","46.30.213.155","51468","DK"
"2023-10-22 15:22:09","https://salsadk.dk/save.php","offline","malware_download","","salsadk.dk","46.30.215.54","51468","DK"
"2023-10-03 17:30:12","https://kristiansandadvokatene.no/comments.php","offline","malware_download","","kristiansandadvokatene.no","104.37.39.71","51468","NO"
"2023-08-25 18:23:08","https://www.vojens-trailerudlejning.dk/faq.php","offline","malware_download","gating|gootloader","www.vojens-trailerudlejning.dk","77.111.241.72","51468","DK"
"2023-08-25 18:21:34","https://bergenadvokatene.no/news.php","offline","malware_download","gating|gootloader","bergenadvokatene.no","104.37.39.71","51468","NO"
"2023-08-25 18:21:31","https://fredrikstadadvokatene.no/go.php","offline","malware_download","gating|gootloader","fredrikstadadvokatene.no","104.37.39.71","51468","NO"
"2023-08-25 18:20:10","https://drammensadvokatene.no/download.php","offline","malware_download","gating|gootloader","drammensadvokatene.no","104.37.39.71","51468","NO"
"2023-03-15 15:49:09","https://zinkata.com/ie/ie.js","offline","malware_download","BB19|geofenced|js|Qakbot|Qbot|Quakbot|USA","zinkata.com","46.30.215.111","51468","DK"
"2023-03-14 19:03:35","https://solthor.dk/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","solthor.dk","46.30.213.32","51468","DK"
"2023-03-14 19:03:16","https://solthor.dk/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","solthor.dk","46.30.213.32","51468","DK"
"2023-03-14 19:02:02","https://nonsoloshopper.net/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","nonsoloshopper.net","46.30.215.22","51468","DK"
"2023-03-14 19:01:14","https://nonsoloshopper.net/connect/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","nonsoloshopper.net","46.30.215.22","51468","DK"
"2023-03-14 19:00:38","https://solthor.dk/agenzia/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","solthor.dk","46.30.213.32","51468","DK"
"2023-03-14 18:59:42","https://nonsoloshopper.net/scarica/","offline","malware_download","250255|7710|geofenced|Gozi|ISFB|ITA|redir-302|Ursnif","nonsoloshopper.net","46.30.215.22","51468","DK"
"2023-03-14 16:10:10","https://zinkata.com/teuq/teuq.js","offline","malware_download","BB19|geofenced|js|Qakbot|USA","zinkata.com","46.30.215.111","51468","DK"
"2022-12-22 17:36:28","http://safetyandsecurityacademy.com/blog/Attn_XXXXXX_12222022.zip","offline","malware_download","182057|geofenced|ISO|obama232|Qakbot|Qbot|Quakbot|USA|zip","safetyandsecurityacademy.com","46.30.215.139","51468","DK"
"2022-11-28 21:44:34","https://gabsoninspections.com/dre/index.php?qakbot.zip","offline","malware_download","BB08|iso|P32M|qakbot|qbot|quakbot|TR|zip","gabsoninspections.com","46.30.215.34","51468","DK"
"2022-11-23 07:26:10","http://rydbergaren.se/wp-content/uploads/2022/06/Attached_Amir_Levine_Epub_File.pdf","offline","malware_download","pdf|phishing","rydbergaren.se","46.30.215.98","51468","DK"
"2022-10-26 20:24:35","https://trichter.nl/rlml/qakbot.zip","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","trichter.nl","46.30.213.63","51468","DK"
"2022-10-26 18:07:24","https://trichter.nl/rlml/qbot.zip","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","trichter.nl","46.30.213.63","51468","DK"
"2022-10-24 22:19:11","https://trichter.nl/rlml/contractGadi","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","trichter.nl","46.30.213.63","51468","DK"
"2022-10-24 19:08:11","https://trichter.nl/rlml/contractJonathan","offline","malware_download","BB04|iso|PG1|qakbot|qbot|quakbot|TR|zip","trichter.nl","46.30.213.63","51468","DK"
"2022-10-10 13:59:04","http://capensis.online/i.exe","offline","malware_download","exe","capensis.online","46.30.211.38","51468","DK"
"2022-10-10 09:37:05","http://capensis.online/install.exe","offline","malware_download","dropby|PrivateLoader|RecordBreaker","capensis.online","46.30.211.38","51468","DK"
"2022-06-15 15:42:05","http://cerdi.com/_derived/J4Fu7VmGZQ7rGA/","offline","malware_download","dll|emotet|epoch4|heodo","cerdi.com","46.30.215.127","51468","DK"
"2022-05-20 13:11:04","http://huureenlief.be/wp-admin/upq06_q39cxj-2/","offline","malware_download","emotet","huureenlief.be","46.30.213.49","51468","DK"
"2022-05-16 17:06:06","http://icefront.dk/js/dYMuSoUsdwKsXZFFyf/","offline","malware_download","emotet|epoch5|exe|heodo","icefront.dk","46.30.211.38","51468","DK"
"2022-05-05 14:34:12","https://iqtraders.co.uk/iu/rmnunaeo","offline","malware_download","","iqtraders.co.uk","46.30.213.170","51468","DK"
"2022-05-03 07:48:07","https://gabsoninspections.com/ta/estaliquam","offline","malware_download","Qakbot|qbot|quakbot","gabsoninspections.com","46.30.215.34","51468","DK"
"2022-04-26 12:12:54","https://gabsoninspections.com/ta/molestiaeeum","offline","malware_download","qakbot|qbot|Quakbot|tr","gabsoninspections.com","46.30.215.34","51468","DK"
"2022-04-26 12:11:35","https://gabsoninspections.com/ta/errorvoluptatem","offline","malware_download","qakbot|qbot|Quakbot|tr","gabsoninspections.com","46.30.215.34","51468","DK"
"2022-04-26 12:11:18","https://gabsoninspections.com/ta/corporisconsequatur","offline","malware_download","qakbot|qbot|Quakbot|tr","gabsoninspections.com","46.30.215.34","51468","DK"
"2022-03-07 08:21:07","http://janshabd.com/E33ZFv/","offline","malware_download","dll|emotet|epoch5|Heodo","janshabd.com","46.30.211.38","51468","DK"
"2022-03-03 07:14:28","http://janshabd.com/Zgye2/","offline","malware_download","dll|emotet|epoch4|Heodo","janshabd.com","46.30.211.38","51468","DK"
"2022-01-21 14:56:10","https://shop2get.nl/wp-content/Yay/","offline","malware_download","emotet|exe|Heodo","shop2get.nl","91.184.0.200","51468","DK"
"2022-01-19 21:41:05","http://garageheining.nl/wp-content/plugins/wp-roilbask/includes","offline","malware_download","IcedID","garageheining.nl","46.30.215.35","51468","DK"
"2022-01-19 15:33:08","http://garageheining.nl/wp-content/plugins/wp-roilbask/","offline","malware_download","bazaloader|icedid|wp-roilbask","garageheining.nl","46.30.215.35","51468","DK"
"2022-01-18 23:11:07","http://garageheining.nl/wp-content/plugins/wp-roilbask/includes/","offline","malware_download","BazaLoader|bazarloader|IcedID|xll","garageheining.nl","46.30.215.35","51468","DK"
"2021-12-17 08:01:04","https://yacane.nl/tanktop.php","offline","malware_download","doc|hancitor|html","yacane.nl","77.111.243.6","51468","DK"
"2021-12-17 08:01:03","https://yacane.nl/sunbeam.php","offline","malware_download","doc|hancitor|html","yacane.nl","77.111.243.6","51468","DK"
"2021-12-16 17:42:06","https://yacane.nl/overextended.php","offline","malware_download","doc|hancitor|html","yacane.nl","77.111.243.6","51468","DK"
"2021-12-16 17:42:06","https://yacane.nl/underestimation.php","offline","malware_download","doc|hancitor|html","yacane.nl","77.111.243.6","51468","DK"
"2021-12-16 17:42:06","https://yacane.nl/wp-content/plugins/wpforms-lite/libs/sodium_compat/perigee.php","offline","malware_download","doc|hancitor|html","yacane.nl","77.111.243.6","51468","DK"
"2021-12-16 17:42:05","https://yacane.nl/inadvertence.php","offline","malware_download","doc|hancitor|html","yacane.nl","77.111.243.6","51468","DK"
"2021-12-07 13:51:10","http://bepermanentlybeautiful.co.uk/wp-content/X/","offline","malware_download","emotet|epoch4|redir-appinstaller","bepermanentlybeautiful.co.uk","46.30.215.185","51468","DK"
"2021-11-05 08:38:08","https://leaksworld.com/goal/goal.exe","offline","malware_download","32|exe","leaksworld.com","46.30.213.9","51468","DK"
"2021-10-27 04:53:09","https://valbylyntryk.dk/images/goal.exe","offline","malware_download","32|exe","valbylyntryk.dk","46.30.213.102","51468","DK"
"2021-06-18 12:44:04","https://biopaten.no/xeBP8Oj5/gg.html","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR","biopaten.no","5.249.227.109","51468","NO"
"2021-06-17 15:04:18","https://biopaten.no/miss-flavie-hilpert-iv/LiamWilliams-44.zip","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR|zip","biopaten.no","5.249.227.109","51468","NO"
"2021-06-17 14:40:11","https://biopaten.no/miss-flavie-hilpert-iv/NoahSmith-2.zip","offline","malware_download","html|Qakbot|Qbot|SilentBuilder|TR|zip","biopaten.no","5.249.227.109","51468","NO"
"2021-06-08 14:06:08","https://tech-complex.fr/wp-content/plugins/wp-remote-users-sync/inc/api/O57kcJHUb.php","offline","malware_download","Dridex","tech-complex.fr","46.30.211.38","51468","DK"
"2021-06-08 14:06:05","https://wordpress.greekstrading.com/wp-content/plugins/megamenu/integration/twentyseventeen/bfCZUizZWh9sEim.php","offline","malware_download","Dridex","wordpress.greekstrading.com","46.30.215.183","51468","DK"
"2021-05-26 19:36:38","https://rebuildaid.dk/wp-includes/js/tinymce/plugins/charmap/uj3KjSfgk7YL4NB.php","offline","malware_download","Dridex","rebuildaid.dk","46.30.213.148","51468","DK"
"2021-03-25 15:01:09","http://www.harrisauto.no/d1jhvzlfx.tar","offline","malware_download","dll|Dridex","www.harrisauto.no","77.111.241.121","51468","DK"
"2021-03-25 07:36:10","https://www.harrisauto.no/d1jhvzlfx.tar","offline","malware_download","Dll|Dridex","www.harrisauto.no","77.111.241.121","51468","DK"
"2021-03-08 13:02:11","https://workatone.com/fedex/","offline","malware_download","edex","workatone.com","77.111.240.216","51468","DK"
"2021-02-03 00:38:05","http://remacon.net/ds/3101.gif","offline","malware_download","SilentBuilder|tr02","remacon.net","46.30.213.106","51468","DK"
"2021-01-23 20:06:04","https://originalfoodconcepts.com/dm9r1w21i.exe","offline","malware_download","Dridex","originalfoodconcepts.com","91.184.0.200","51468","DK"
"2021-01-12 14:24:03","https://www.poolola.se/utensils.php","offline","malware_download","","www.poolola.se","77.111.240.138","51468","DK"
"2020-12-09 12:34:11","https://www.eldrehjelpen.no/qsekuulm.rar","offline","malware_download","dll|Dridex","www.eldrehjelpen.no","46.30.213.5","51468","DK"
"2020-12-08 17:57:36","https://termijninschrijven.nlmath.nl/screechingly.php","offline","malware_download","dll|dridex","termijninschrijven.nlmath.nl","91.184.0.200","51468","DK"
"2020-12-08 17:57:35","https://termijninschrijven.nlmath.nl/geology.php","offline","malware_download","dll|dridex","termijninschrijven.nlmath.nl","91.184.0.200","51468","DK"
"2020-12-08 17:57:31","https://termijninschrijven.nlmath.nl/stud.php","offline","malware_download","dll|dridex","termijninschrijven.nlmath.nl","91.184.0.200","51468","DK"
"2020-12-08 15:10:04","https://termijninschrijven.nlmath.nl/screechinglyphp","offline","malware_download","Dridex","termijninschrijven.nlmath.nl","91.184.0.200","51468","DK"
"2020-12-03 01:48:04","https://fonixpizza.no/c6tl0pgv2.rar","offline","malware_download","dll|dridex","fonixpizza.no","46.30.213.144","51468","DK"
"2020-12-02 21:24:04","https://www.fonixpizza.no/c6tl0pgv2.rar/","offline","malware_download","dll|dridex","www.fonixpizza.no","46.30.213.144","51468","DK"
"2020-12-02 14:02:10","https://www.fonixpizza.no/c6tl0pgv2.rar","offline","malware_download","Dridex","www.fonixpizza.no","46.30.213.144","51468","DK"
"2020-10-28 12:00:22","https://bohnke.nl/kh9vsgk.txt","offline","malware_download","Dridex","bohnke.nl","46.30.213.178","51468","DK"
"2020-10-27 12:48:03","https://bantam.no/discuss.php","offline","malware_download","","bantam.no","46.30.213.148","51468","DK"
"2020-10-23 00:11:04","http://transportmanager.at/wp-admin/esp/zlxw0q/","offline","malware_download","doc|emotet|epoch2|Heodo","transportmanager.at","46.30.213.174","51468","DK"
"2020-10-22 15:48:04","http://www.transportmanager.at/wp-admin/esp/zlxw0q/","offline","malware_download","doc|emotet|epoch2|Heodo","www.transportmanager.at","46.30.213.174","51468","DK"
"2020-10-20 21:56:04","https://www.villanytt.no/wp-includes/Reporting/jorc6rg294iljf/","offline","malware_download","doc|emotet|epoch2|Heodo","www.villanytt.no","77.111.240.48","51468","DK"
"2020-10-15 20:45:05","https://caucasusmountaintours.com/wp-content/OCT/sh4yjba/abwa7l/","offline","malware_download","doc|Emotet|epoch2|Heodo","caucasusmountaintours.com","77.111.243.19","51468","DK"
"2020-10-02 04:05:04","http://lundcheer.se/mistake.php","offline","malware_download","dridex","lundcheer.se","77.111.240.153","51468","DK"
"2020-09-22 07:46:04","https://go4it24.be/administrator/pTd8qj1Dw3ylqZmpF/","offline","malware_download","doc|emotet|epoch1|Heodo","go4it24.be","46.30.215.42","51468","DK"
"2020-09-17 13:15:34","https://go4it24.be/administrator/DOC/K81Jzm6zZqZ2u37mz/","offline","malware_download","doc|emotet|epoch1|Heodo","go4it24.be","46.30.215.42","51468","DK"
"2020-09-17 06:29:05","http://go4it24.be/administrator/DOC/K81Jzm6zZqZ2u37mz/","offline","malware_download","doc|emotet|epoch1|Heodo","go4it24.be","46.30.215.42","51468","DK"
"2020-09-15 05:48:08","http://go4it24.be/administrator/Q1r3/","offline","malware_download","emotet|epoch2|exe|Heodo","go4it24.be","46.30.215.42","51468","DK"
"2020-09-03 18:17:03","http://go4it24.be/administrator/http:/sites/N8hpwG0hXWjixHh/","offline","malware_download","doc|emotet|epoch1|Heodo","go4it24.be","46.30.215.42","51468","DK"
"2020-09-03 12:19:33","http://go4it24.be/administrator/http://sites/N8hpwG0hXWjixHh/","offline","malware_download","doc|emotet|epoch1|Heodo","go4it24.be","46.30.215.42","51468","DK"
"2020-08-27 17:49:03","http://ugptogo.org/1Site/OCT/","offline","malware_download","doc|Emotet|epoch2|Heodo","ugptogo.org","46.30.215.145","51468","DK"
"2020-08-26 00:08:27","http://rentaflight.be/PEAR2_maybe_not_used/H9l5C9Q/","offline","malware_download","emotet|epoch2|exe|Heodo","rentaflight.be","46.30.215.171","51468","DK"
"2020-08-25 13:25:34","http://ugptogo.org/1Site/eTrac/qoz7ngy4/","offline","malware_download","doc|emotet|epoch2|heodo","ugptogo.org","46.30.215.145","51468","DK"
"2020-07-27 21:01:39","http://wormann.dk/wp-admin/public/tfhorxpn4/","offline","malware_download","doc|emotet|epoch2|Heodo","wormann.dk","46.30.213.115","51468","DK"
"2020-06-10 12:02:50","http://denlokale.nu/pkldlhcp/F/wjwjSZ0WW.zip","offline","malware_download","Qakbot|Quakbot|zip","denlokale.nu","77.111.240.136","51468","DK"
"2020-05-06 20:34:35","http://himmelsbygardshotell.se/xgzajbeanow/EmploymentVerification_46405582_05052020.zip","offline","malware_download","Qakbot|qbot|spx114|zip","himmelsbygardshotell.se","46.30.213.63","51468","DK"
"2020-05-06 20:34:33","http://himmelsbygardshotell.se/xgzajbeanow/EmploymentVerification_13576_05052020.zip","offline","malware_download","Qakbot|qbot|spx114|zip","himmelsbygardshotell.se","46.30.213.63","51468","DK"
"2020-04-30 15:22:56","http://herrfischer.me/phsse/8888.png","offline","malware_download","exe|Qakbot|Quakbot|spx109","herrfischer.me","46.30.211.38","51468","DK"
"2020-04-21 13:51:04","http://nederlandslinguistischinstituut.nl/termijninschrijven/PHPMailer/defense.php","offline","malware_download","","nederlandslinguistischinstituut.nl","91.184.0.106","51468","DK"
"2020-04-14 20:23:38","http://melias.se/string/64928487.zip","offline","malware_download","Qakbot|qbot|spx96|zip","melias.se","77.111.240.175","51468","DK"
"2020-02-20 05:47:14","http://aufsperrmax.at/safety/04630/04630.zip","offline","malware_download","zip","aufsperrmax.at","46.30.213.191","51468","DK"
"2020-02-04 16:29:06","http://cphannut.be/wp-admin/invoice/afp9cic3/1tcahrg91296473917984lv7golw7jug2fooyi/","offline","malware_download","doc|emotet|epoch2|Heodo","cphannut.be","46.30.213.76","51468","DK"
"2020-01-29 16:12:11","http://bjerkeng.net/Upload_Pictures/sites/hym16gfbo/xye6790-99539814-tbodwwwuxmh/","offline","malware_download","doc|emotet|epoch2|Heodo","bjerkeng.net","46.30.213.70","51468","DK"
"2020-01-23 18:42:18","https://rikkebergsten.dk/app.php","offline","malware_download","CHE|Dridex|exe|geofenced|USA|vbs|zip","rikkebergsten.dk","46.30.213.45","51468","DK"
"2020-01-22 07:54:04","http://www.west5.nl/www.west5ommen.nl/dsbic-hgijy-641/","offline","malware_download","doc|emotet|epoch3","www.west5.nl","91.184.0.112","51468","DK"
"2020-01-16 23:31:06","http://lulamedia.dk/wp-admin/open-833588-BU55SjBp9W/vRntyB-sP5rFenWkvia0-warehouse/39731718372-5LkqIZdwf/","offline","malware_download","doc|emotet|epoch1|Heodo","lulamedia.dk","46.30.215.163","51468","DK"
"2020-01-16 09:23:08","http://emto.eu/wp-admin/PrhsP/","offline","malware_download","doc|emotet|epoch3|heodo","emto.eu","46.30.215.107","51468","DK"
"2019-12-26 23:40:18","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3LnpvZXlkZXV0Y2h3ZWIuY29tL1NjYW42ODE5MzMuZG9j","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:16","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3LnZhc29jY2VybmV3cy5jb20vU2NhbjUzNzI2My5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:15","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3LnVyZ2VudG1lc3NhZ2Uub3JnL1NjYW42MTgzNTguZG9j","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:14","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3LmxpbmNvbG5hd2FyZC5vcmcvU2NhbjM0NDE5OC5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:12","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3LmxpbmNvbG5hd2FyZC5vcmcvU2NhbjM0MzkyNy5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:11","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3LmhhdGNpdHlibHVlcy5jb20vU2NhbjMwNDE1NC5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:10","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3Lmh5dmF0LW9sdXRyYXZpbnRvbGF0LmZpL1NjYW4yNDM4NTcuZG9j","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:08","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3LmNmdGFtaWFtaS5jb20vU2Nhbjg2MDY2Mi5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:07","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3Lm1vanN0dWRlbnQubmV0L1NjYW40MzY5NTEuZG9j","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:05","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd3d3Lm15eXR0aWx1a3VrYW5zYXN0YS5maS9TY2FuNTMxMDgxLmRvYw==","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:04","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd2Fzc29ubGluZS5jb20vU2NhbjYzMzk4Mi5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:03","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vd2Fzc29ubGluZS5jb20vU2NhbjYyNDQwNy5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:01","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vc29mbG9jb29sZXJzLmNvbS9TY2FuODM0NzQxLmRvYw==","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:40:00","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vbXlob29kLmNsL1NjYW40OTUwODIuZG9j","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:39:58","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vbG9ic3Rlcm1lbnRvdXJzLmNvbS9TY2FuMzc3MTIuZG9j","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:39:57","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vaGVsdGVyc2tlbHRlcmJvb2tzLmNvbS9TY2FuMTY2ODg5LmRvYw==","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:39:55","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vaGVsdGVyc2tlbHRlcmJvb2tzLmNvbS9TY2FuMTY2NTM4LmRvYw==","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:39:54","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vZXZhaGVyMjcuZnJlZWhvc3RpYS5jb20vd29yZHByZXNzL1NjYW44OTkzMS5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:39:53","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vZXZhaGVyMjcuZnJlZWhvc3RpYS5jb20vd29yZHByZXNzL1NjYW44OTA5NzEuZG9j","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-26 23:39:51","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/qqpj43.php?r=bD1odHRwOi8vZ3JhdWdlYm9yZW4ubmV0L1NjYW4xNTA1My5kb2M=","offline","malware_download","doc|PredatorStealer|redirect","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-19 03:36:03","http://fredejuelsvej.dk/uxxwpdabo/paclm/hzoe738ohpw6/","offline","malware_download","doc|emotet|epoch2|heodo","fredejuelsvej.dk","46.30.213.115","51468","DK"
"2019-12-16 14:39:02","http://pennasilicocarservice.com/wp-admin/gl5766/","offline","malware_download","emotet|epoch1|exe|Heodo","pennasilicocarservice.com","46.30.215.9","51468","DK"
"2019-12-13 18:32:05","http://rgs-automation.com/onewebstatic/DOC/","offline","malware_download","doc|emotet|epoch2|heodo","rgs-automation.com","46.30.215.156","51468","DK"
"2019-12-12 21:02:03","http://lulamedia.dk/wp-admin/public/kqxw2pjx/","offline","malware_download","doc|emotet|epoch2|heodo","lulamedia.dk","46.30.215.163","51468","DK"
"2019-12-12 10:04:05","http://wearenuts.se/Gammal/open-section/test-area/219703059-k4oqmH2q/","offline","malware_download","doc|emotet|epoch1|Heodo","wearenuts.se","46.30.213.95","51468","DK"
"2019-12-10 18:50:19","http://sensemassageteam.com/wp-admin/LLC/nlr9u18sdzq5/ni5b-46858-09689-zeibqdbcj0-8yt7/","offline","malware_download","doc|emotet|epoch2|Heodo","sensemassageteam.com","77.111.240.214","51468","DK"
"2019-12-09 07:22:23","https://spire.nu/wp-admin/personale-sezione/verificabile-zona/vzpv2lw27gtdijeb-9z9w05w885z/","offline","malware_download","doc|emotet|epoch1|heodo","spire.nu","77.111.243.41","51468","DK"
"2019-12-06 11:41:20","http://www.wunderbarfoundation.org.uk/wp-content/themes/Divi/truh53.php?r=bD1odHRwczovL2Rhd3NvbnNob25leXN1Y2tsZWZhcm0uY29tL0RlbGl2ZXJ5X0luZm9ybWF0aW9uXzExMTEuZG9j","offline","malware_download","doc|ostap|redirect|trickbot","www.wunderbarfoundation.org.uk","77.111.240.147","51468","DK"
"2019-12-06 11:40:38","http://wunderbar.org.uk/staging/wp-content/themes/scroller-child/zzni15.php?r=bD1odHRwOi8vd3d3Lm15d2Fybi5jb20vRGVsaXZlcnlfSW5mb3JtYXRpb25fMTAzNDAuZG9j","offline","malware_download","doc|ostap|redirect|trickbot","wunderbar.org.uk","77.111.240.142","51468","DK"
"2019-11-09 01:08:48","http://www.snaroyagymogturn.no/wp-content/uploads/xao/","offline","malware_download","emotet|epoch2|exe|Heodo","www.snaroyagymogturn.no","77.111.240.177","51468","DK"
"2019-11-01 07:15:53","http://lydiantemps.co.uk/wp-admin/xz5RqUC/","offline","malware_download","emotet|epoch2|exe|Heodo","lydiantemps.co.uk","46.30.213.36","51468","DK"
"2019-09-27 15:50:04","http://mvdgeest.nl/wp-content/themes/mvdg/.sass-cache/08edf4594933d0d57a4b1a233c68a07d32103413/1c.jpg","offline","malware_download","exe","mvdgeest.nl","46.30.215.10","51468","DK"
"2019-07-11 13:40:09","http://pippel.nl/templates/protostar/js/1c.jpg","offline","malware_download","exe","pippel.nl","91.184.0.110","51468","DK"
"2019-07-01 17:24:04","http://www.robvanderwoude.com/updates/caldemo.txt","offline","malware_download","exe","www.robvanderwoude.com","46.30.215.124","51468","DK"
"2019-05-28 12:40:05","http://rudybouchebel.com/rudybouchebel.com/Scan/KnschlDbPCnUxmnYxfyZCjuhYcpjbR/","offline","malware_download","doc|emotet|epoch2|Heodo","rudybouchebel.com","46.30.213.184","51468","DK"
"2019-05-22 19:53:02","http://facilitatorab.se/wp-admin/parts_service/2sph9zeseuj_64tfhx-477071956224/","offline","malware_download","doc|Emotet|epoch2|Heodo","facilitatorab.se","46.30.215.65","51468","DK"
"2019-05-20 16:47:03","http://bonizz.com/DMC/parts_service/5eh2hsadldjems1kq3wlh403v_e39t3mz1ud-335687791589/","offline","malware_download","doc|emotet|epoch2|Heodo","bonizz.com","46.30.213.94","51468","DK"
"2019-05-20 10:47:14","http://ovakast.com/wp-admin/zbb9q-if7z3-xncfy/","offline","malware_download","doc|emotet|epoch2|Heodo","ovakast.com","46.30.213.140","51468","DK"
"2019-05-17 17:55:08","http://dev-visionsharp.co.uk/vendor/Pages/DJEMrSUpZmzimHRPvtsUrIld/","offline","malware_download","doc|emotet|epoch2|Heodo","dev-visionsharp.co.uk","46.30.215.188","51468","DK"
"2019-05-14 10:24:04","http://lindborgsbildemontering.se/swift_caixabank_empresas_factura.jar","offline","malware_download","","lindborgsbildemontering.se","46.30.215.97","51468","DK"
"2019-05-10 15:54:33","http://jasminenova.com/wp-admin/EN_US/Information/05_19/","offline","malware_download","emotet|epoch1","jasminenova.com","46.30.211.38","51468","DK"
"2019-05-10 04:54:19","http://x-mastournament.be/wp-admin/Document/x2ufn7lgi7jmlu36wdwsiee2b_horhwmvnn-13060748934/","offline","malware_download","emotet|epoch2","x-mastournament.be","46.30.213.112","51468","DK"
"2019-05-09 10:33:02","http://trueterroir.co.uk/wp-admin/t0e3-twtlqdk-suyusdl/","offline","malware_download","epoch2","trueterroir.co.uk","46.30.213.50","51468","DK"
"2019-05-09 07:38:08","http://benz.no/Resources/y5na-tspema-toft/","offline","malware_download","epoch2","benz.no","104.37.38.80","51468","NO"
"2019-05-06 21:35:03","http://hagebakken.no/loggers/open.ENG.anyone.office.net/","offline","malware_download","Emotet|epoch1|Heodo","hagebakken.no","104.37.38.81","51468","NO"
"2019-05-04 06:34:02","http://sweaty.dk/NetworkBrowser.exe","offline","malware_download","exe","sweaty.dk","46.30.215.64","51468","DK"
"2019-05-03 18:50:05","http://brinks.store/spxc/sites/FlksjMMlSiJkhDTynW/","offline","malware_download","Emotet|Heodo","brinks.store","77.111.240.183","51468","DK"
"2019-05-03 14:50:32","http://postcraft.nl/wp-includes/DOC/9ucn9lbk0evvl3w_y5xxqjs-51364579987/","offline","malware_download","Emotet|Heodo","postcraft.nl","46.30.213.143","51468","DK"
"2019-05-01 13:40:04","http://pys.nl/euaj/LLC/zBa0gwgoWa/","offline","malware_download","doc|emotet|epoch2","pys.nl","77.111.243.69","51468","DK"
"2019-04-30 00:05:05","http://janetjuullarsen.dk/ydcb7-9ftb6-beob/LLC/WK0K8eFbt7/","offline","malware_download","doc|emotet|epoch2|Heodo","janetjuullarsen.dk","77.111.240.188","51468","DK"
"2019-04-25 19:02:07","http://jurafonden.dk/wp-admin/FILE/xycmtjtrif/","offline","malware_download","Emotet|Heodo","jurafonden.dk","77.111.241.81","51468","DK"
"2019-04-25 15:22:08","http://atervaxt.org/nordicdreamers/dXgL-uuJENNWDWjxVs33_mseVZYayO-ZF/","offline","malware_download","doc|emotet|epoch1","atervaxt.org","46.30.211.38","51468","DK"
"2019-04-24 14:44:04","http://kokenmetfilip.be/kok/Document/r9s1S6ItDe/","offline","malware_download","doc|emotet|epoch2","kokenmetfilip.be","46.30.215.94","51468","DK"
"2019-04-24 06:32:03","http://janetjuullarsen.dk/ydcb7-9ftb6-beob/xgxq4s-kxsfq9h-mybfwns/","offline","malware_download","doc|emotet|epoch2","janetjuullarsen.dk","77.111.240.188","51468","DK"
"2019-04-22 19:28:09","http://www.ahosep.com/wp-admin/Cu4oJ/","offline","malware_download","emotet|epoch1|exe|Heodo","www.ahosep.com","46.30.213.134","51468","DK"
"2019-04-22 13:34:03","http://kokenmetfilip.be/kok/NANjV-fNpbYX4xHnspQhC_saJHTtSm-XAq/","offline","malware_download","doc|emotet|epoch1|Heodo","kokenmetfilip.be","46.30.215.94","51468","DK"
"2019-04-18 21:31:21","http://janetjuullarsen.dk/ydcb7-9ftb6-beob/ofkto-UHKdrWRCdXVrTB_yxXiJkAAt-bl/","offline","malware_download","doc|emotet|epoch1","janetjuullarsen.dk","77.111.240.188","51468","DK"
"2019-04-18 17:01:23","http://bauchfaktur.de/wp-admin/Document/mKSbAbmV/","offline","malware_download","","bauchfaktur.de","46.30.213.189","51468","DK"
"2019-04-17 21:09:11","http://oz7p.dk/wp-content/LLC/ncbJQA7S/","offline","malware_download","","oz7p.dk","46.30.213.53","51468","DK"
"2019-04-17 19:06:20","http://rudyv.be/Aquarium/RVRT/Package/RVRTupgrade.exe","offline","malware_download","exe","rudyv.be","46.30.215.59","51468","DK"
"2019-04-17 18:45:04","http://www.rudyv.be/Aquarium/RVRT/Package/RVRTupgrade.exe","offline","malware_download","exe","www.rudyv.be","46.30.215.59","51468","DK"
"2019-04-17 18:41:04","http://danieljohannesmayr.de/wp-admin/INC/TolW8zAiI/","offline","malware_download","","danieljohannesmayr.de","46.30.213.148","51468","DK"
"2019-04-17 12:54:07","http://www.ahosep.com/wp-admin/bnhF/","offline","malware_download","emotet|epoch1|exe|Heodo","www.ahosep.com","46.30.213.134","51468","DK"
"2019-04-16 23:59:04","http://hagebakken.no/loggers/gRJJ-xg1iWjHRI8N2XBC_zXLCbfDL-zC/","offline","malware_download","doc|emotet|epoch1|Heodo","hagebakken.no","104.37.38.81","51468","NO"
"2019-04-16 11:46:03","http://janetjuullarsen.dk/ydcb7-9ftb6-beob/service/Nachprufung/042019/","offline","malware_download","doc|emotet|epoch1|Heodo","janetjuullarsen.dk","77.111.240.188","51468","DK"
"2019-04-11 17:24:10","http://sarayaha.com/ad/hf_0/","offline","malware_download","emotet|epoch2|exe|Heodo","sarayaha.com","46.30.215.98","51468","DK"
"2019-04-11 12:54:03","http://noordzeekranen.be/video/jtcp-hdhq4vf-cspuptx/","offline","malware_download","Emotet|Heodo","noordzeekranen.be","77.111.240.163","51468","DK"
"2019-04-10 16:36:39","http://hagebakken.no/loggers/z94f1x0-2669du4-cyxvi/","offline","malware_download","Emotet|Heodo","hagebakken.no","104.37.38.81","51468","NO"
"2019-04-10 04:43:08","http://janetjuullarsen.dk/ydcb7-9ftb6-beob/pifwzzn-gw88wv-quun/","offline","malware_download","Emotet|Heodo","janetjuullarsen.dk","77.111.240.188","51468","DK"
"2019-04-08 17:34:03","http://engcph2.1prod.one/blog/CPVRm-aH8FaDcQ1sdCSI_SydXwkFyz-jo/","offline","malware_download","Emotet|Heodo","engcph2.1prod.one","46.30.215.58","51468","DK"
"2019-03-30 00:49:03","http://bmservice.dk/www/check2.exe","offline","malware_download","exe","bmservice.dk","46.30.211.38","51468","DK"
"2019-03-29 21:28:02","http://bmservice.dk/www/wmt.exe","offline","malware_download","exe","bmservice.dk","46.30.211.38","51468","DK"
"2019-03-29 21:03:03","http://bmservice.dk/www/check1.exe","offline","malware_download","exe","bmservice.dk","46.30.211.38","51468","DK"
"2019-03-29 16:15:02","http://vikentours.no/wp-admin/9141415/dxlx-Ucu3m_xam-iG/","offline","malware_download","Emotet|Heodo","vikentours.no","46.30.215.61","51468","DK"
"2019-03-28 20:57:32","http://tatamontasje.no/wp-admin/QFiYG-wozm_bxOKkfGbI-Eo/","offline","malware_download","doc|emotet|epoch2|Heodo","tatamontasje.no","46.30.213.20","51468","DK"
"2019-03-27 16:44:17","http://hagebakken.no/loggers/sec.myacc.resourses.com/","offline","malware_download","#emotet|Emotet|Heodo","hagebakken.no","104.37.38.81","51468","NO"
"2019-03-20 10:17:05","http://ammitz.dk/includes/vx9m-4jmne-ancrptbp/","offline","malware_download","Emotet|Heodo","ammitz.dk","46.30.213.169","51468","DK"
"2019-03-20 09:34:11","http://baunbjerg.eu/sendincsecure/legal/ios/EN/201903/","offline","malware_download","doc|emotet|heodo","baunbjerg.eu","46.30.211.38","51468","DK"
"2019-03-18 19:09:05","http://bhrserviceaps.dk/78237_8219_9.php","offline","malware_download","exe|Trickbot","bhrserviceaps.dk","77.111.240.226","51468","DK"
"2019-03-13 06:59:43","http://janetjuullarsen.dk/ydcb7-9ftb6-beob/","offline","malware_download","Emotet|Heodo","janetjuullarsen.dk","77.111.240.188","51468","DK"
"2019-03-13 04:27:21","http://pippel.nl/templates/pg16/css/msg.jpg","offline","malware_download","exe|Troldesh","pippel.nl","91.184.0.110","51468","DK"
"2019-03-12 17:21:01","http://retorisktale.dk/wp-content/themes/Chameleon/images/documento.exe","offline","malware_download","exe","retorisktale.dk","77.111.240.191","51468","DK"
"2019-03-12 11:23:15","http://eventys.nl/templates/2018eventystemplateversion1/data/images/reso.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","eventys.nl","46.30.213.90","51468","DK"
"2019-03-12 11:20:58","http://krabben.no/templates/beez3/css/reso.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","krabben.no","46.30.211.38","51468","DK"
"2019-03-12 11:20:05","http://pippel.nl/templates/pg16/css/reso.zip","offline","malware_download","js|Ransomware|RUS|Troldesh|zip","pippel.nl","91.184.0.110","51468","DK"
"2019-03-11 17:59:19","http://bertiaafjes.nl/media/volobj.exe","offline","malware_download","exe","bertiaafjes.nl","46.30.213.74","51468","DK"
"2019-03-11 17:54:11","http://bertiaafjes.nl/media/tsef.exe","offline","malware_download","Cutwail|exe","bertiaafjes.nl","46.30.213.74","51468","DK"
"2019-03-11 17:25:03","http://durhamcityrunfestival.com/wp-admin/gv9f1-gsql25-esmrza/","offline","malware_download","Emotet|Heodo","durhamcityrunfestival.com","46.30.215.72","51468","DK"
"2019-03-11 16:00:03","http://www.ipeprivate.be/talmasse/0mjj-wrxa3-ulssg.view/","offline","malware_download","Emotet|Heodo","www.ipeprivate.be","77.111.240.144","51468","DK"
"2019-03-11 15:44:06","http://urbanelektro.no/wp-admin/llpb-c51b3-bvckp.view/","offline","malware_download","Emotet|Heodo","urbanelektro.no","104.37.38.120","51468","NO"
"2019-03-08 17:55:04","http://designvaerk.dk/dv2/xbrcb-mcnkze-goubv.view/","offline","malware_download","Emotet|Heodo","designvaerk.dk","46.30.213.119","51468","DK"
"2019-03-07 16:50:03","http://roijer.se/article/sendincsec/messages/sec/EN_en/03-2019/","offline","malware_download","doc|emotet|epoch1|Heodo","roijer.se","46.30.213.96","51468","DK"
"2019-03-05 17:40:09","http://smaknord.no/wp-content/820n-5th5ic-sfnua.view/","offline","malware_download","doc|emotet|epoch2|Heodo","smaknord.no","104.37.38.107","51468","NO"
"2019-03-01 12:53:48","http://avanser.nl/wp-content/themes/makisig/js/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","avanser.nl","77.111.243.43","51468","DK"
"2019-02-27 04:51:10","http://totaalafbouw.info/wp-content/themes/noteblog/js/msg.jpg","offline","malware_download","exe|Troldesh","totaalafbouw.info","77.111.243.22","51468","DK"
"2019-02-26 22:47:15","http://midtjyskbogfoering.dk/sendincsec/support/trust/En_en/02-2019/","offline","malware_download","doc|emotet|epoch1|Heodo","midtjyskbogfoering.dk","46.30.211.38","51468","DK"
"2019-02-26 21:04:51","http://avanser.nl/wp-content/themes/makisig/images/banner/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","avanser.nl","77.111.243.43","51468","DK"
"2019-02-26 21:01:03","http://totaalafbouw.info/wp-content/themes/noteblog/css/msg.jpg","offline","malware_download","exe|Ransomware|Troldesh","totaalafbouw.info","77.111.243.22","51468","DK"
"2019-02-24 02:18:06","http://stevemc.co.uk/Webtest/includes/q.exe","offline","malware_download","exe|QuasarRAT","stevemc.co.uk","46.30.215.172","51468","DK"
"2019-02-24 02:02:03","http://stevemc.co.uk/Webtest/includes/index.exe","offline","malware_download","exe|NanoCore","stevemc.co.uk","46.30.215.172","51468","DK"
"2019-02-24 02:02:02","http://stevemc.co.uk/Webtest/includes/n.exe","offline","malware_download","exe|NetWire","stevemc.co.uk","46.30.215.172","51468","DK"
"2019-02-24 02:00:04","http://stevemc.co.uk/Webtest/includes/q4.exe","offline","malware_download","exe|QuasarRAT","stevemc.co.uk","46.30.215.172","51468","DK"
"2019-02-24 00:17:04","http://stevemc.co.uk/Webtest/includes/r.exe","offline","malware_download","exe","stevemc.co.uk","46.30.215.172","51468","DK"
"2019-02-22 10:11:02","http://link-4.eu/De/WSQGHEQEDC1613631/","offline","malware_download","Emotet|Heodo","link-4.eu","46.30.213.84","51468","DK"
"2019-02-22 09:09:04","http://midtjyskbogfoering.dk/Februar2019/IFBFOI8956896/","offline","malware_download","Emotet|Heodo","midtjyskbogfoering.dk","46.30.211.38","51468","DK"
"2019-02-21 00:24:09","http://link-4.eu/secure/business/secur/file/DV7iwHgXFA8i6dsYQKDLZ/","offline","malware_download","doc|emotet|epoch1|Heodo","link-4.eu","46.30.213.84","51468","DK"
"2019-02-07 23:54:26","http://laprima.se/llc/Invoice_number/vvYUI-R9z_JZAnRfofa-TsR/","offline","malware_download","doc|emotet|epoch2|Heodo","laprima.se","77.111.240.175","51468","DK"
"2019-02-05 15:49:44","http://laprima.se/wp-includes/RRaDs_RXqr-CkKM/55/Details/02_19/","offline","malware_download","doc|emotet|epoch1|Heodo|Nabucur","laprima.se","77.111.240.175","51468","DK"
"2019-02-02 04:37:06","http://auto-service.pro/download/Invoice/205175006981/TVcB-PmwJm_PCzbGmyds-eS/","offline","malware_download","emotet|epoch2|Heodo","auto-service.pro","46.30.211.38","51468","DK"
"2019-01-31 17:36:09","http://www.snickarsnack.se/wp-content/uploads/En/joYB-fy_jnW-GVp/","offline","malware_download","doc|emotet|epoch2|Heodo","www.snickarsnack.se","46.30.211.38","51468","DK"
"2019-01-31 15:28:04","http://debestesneakerdeals.nl/rfpcbEHsL/","offline","malware_download","emotet|epoch1|exe|Heodo","debestesneakerdeals.nl","91.184.0.200","51468","DK"
"2019-01-31 12:56:18","http://nienkevanhijum.nl/wp-content/themes/elastico/includes/postformats/single/messg.jpg","offline","malware_download","exe|Troldesh","nienkevanhijum.nl","77.111.243.19","51468","DK"
"2019-01-31 06:17:53","http://nienkevanhijum.nl/wp-content/themes/elastico/js/messg.jpg","offline","malware_download","exe|Ransomware.Troldesh|Troldesh","nienkevanhijum.nl","77.111.243.19","51468","DK"
"2019-01-28 02:41:09","http://printparadijsevers.nl/includes/functions/extra_functions/stub.exe","offline","malware_download","exe","printparadijsevers.nl","46.30.213.81","51468","DK"
"2019-01-25 06:13:04","http://tolanimusic.com/FgGLYFx2fxkRLqu_ns1avpR1Z/","offline","malware_download","doc|Emotet|Heodo","tolanimusic.com","46.30.213.126","51468","DK"
"2019-01-17 05:04:10","http://torfsgebroeders.eu/jxvcW-5j7_FfHbDoyE-Zb/INVOICE/En/Document-needed/","offline","malware_download","doc|emotet|epoch2","torfsgebroeders.eu","46.30.215.172","51468","DK"
"2019-01-14 20:39:09","http://www.torfsgebroeders.eu/jxvcW-5j7_FfHbDoyE-Zb/INVOICE/En/Document-needed/","offline","malware_download","doc|emotet|heodo","www.torfsgebroeders.eu","46.30.215.172","51468","DK"
"2018-12-21 03:44:04","http://azimed.nl/BNGj-likKFCNbmgzcGd_XeKZxNTxx-Te/","offline","malware_download","doc|emotet|epoch2|Heodo","azimed.nl","46.30.213.58","51468","DK"
"2018-12-21 02:16:59","http://thisismycat.com/ujbnj-8mW_KcOA-u13/Southwire/YOY1544354941/US/Document-needed/","offline","malware_download","emotet|epoch2|Heodo","thisismycat.com","46.30.213.90","51468","DK"
"2018-12-19 23:28:31","http://azimed.nl/shYAb-hoi_kKPhU-XX/ACH/PaymentInfo/US/Inv-362867-PO-0V796120/","offline","malware_download","emotet|epoch2|Heodo","azimed.nl","46.30.213.58","51468","DK"
"2018-12-19 20:13:07","http://www.azimed.nl/shYAb-hoi_kKPhU-XX/ACH/PaymentInfo/US/Inv-362867-PO-0V796120/","offline","malware_download","emotet|epoch2|Heodo","www.azimed.nl","46.30.213.58","51468","DK"
"2018-12-19 14:55:03","http://thisismycat.com/MXDL-m3cod8jKiaJUYA_wKMFcnLo-UEn/","offline","malware_download","doc|Heodo","thisismycat.com","46.30.213.90","51468","DK"
"2018-12-17 21:36:06","http://www.azimed.nl/BNGj-likKFCNbmgzcGd_XeKZxNTxx-Te/","offline","malware_download","emotet|epoch2|Heodo","www.azimed.nl","46.30.213.58","51468","DK"
"2018-12-14 22:49:30","http://www.nextman.dk/Nmfj-EOjS6QLf9ErffGd_mbVwpWPLe-Khj/","offline","malware_download","doc|emotet|epoch2|Heodo","www.nextman.dk","46.30.213.5","51468","DK"
"2018-12-14 00:26:17","http://nextman.dk/EXT/PaymentStatus/default/En_us/Question/","offline","malware_download","emotet|epoch2|Heodo","nextman.dk","46.30.213.5","51468","DK"
"2018-12-12 22:26:15","http://www.nextman.dk/EXT/PaymentStatus/default/En_us/Question/","offline","malware_download","emotet|epoch2|Heodo","www.nextman.dk","46.30.213.5","51468","DK"
"2018-12-11 05:44:20","http://www.beautymaker.dk/Telekom/Rechnungen/112018/","offline","malware_download","doc|emotet|epoch1","www.beautymaker.dk","46.30.211.38","51468","DK"
"2018-12-01 01:29:32","http://www.wilsonservicesni.com/Nov2018/US/Service-Report-77668/","offline","malware_download","doc|emotet|epoch2|Heodo","www.wilsonservicesni.com","46.30.215.89","51468","DK"
"2018-11-30 18:49:19","http://www.wilsonservicesni.com/Nov2018/US/Service-Report-77668","offline","malware_download","emotet|epoch2|Heodo","www.wilsonservicesni.com","46.30.215.89","51468","DK"
"2018-11-30 15:29:01","http://www.tandenblekenhoofddorp.nl/files/EN_en/Sales-Invoice/","offline","malware_download","emotet|Heodo|Word doc","www.tandenblekenhoofddorp.nl","46.30.213.157","51468","DK"
"2018-11-27 05:53:04","http://dannypodeus.de/En/CM2018","offline","malware_download","doc|emotet|Heodo","dannypodeus.de","46.30.215.54","51468","DK"
"2018-11-26 22:19:03","http://dannypodeus.de/En/CM2018/","offline","malware_download","doc|emotet|epoch1|Heodo","dannypodeus.de","46.30.215.54","51468","DK"
"2018-11-19 20:05:08","http://www.villaviola.be/xerox/En_us/Invoices-attached/","offline","malware_download","emotet|heodo","www.villaviola.be","46.30.213.93","51468","DK"
"2018-11-15 17:35:34","http://erhvervsklubben-hvepsene.dk/En_us/Details/112018","offline","malware_download","doc|emotet","erhvervsklubben-hvepsene.dk","46.30.215.140","51468","DK"
"2018-11-14 01:33:04","http://eidekam.no/919120ILU/ACH/Commercial","offline","malware_download","doc|Heodo","eidekam.no","77.111.241.69","51468","DK"
"2018-11-13 16:56:28","http://aeletselschade.nl/EN_US/Transaction_details/2018-11","offline","malware_download","doc|emotet|epoch1|Heodo","aeletselschade.nl","46.30.215.63","51468","DK"
"2018-11-13 16:55:09","http://eidekam.no/xerox/US_us/Invoice-Corrections-for-46/49/","offline","malware_download","doc|emotet|epoch2|Heodo","eidekam.no","77.111.241.69","51468","DK"
"2018-11-13 16:41:03","http://aeletselschade.nl/EN_US/Transaction_details/2018-11/","offline","malware_download","doc|Heodo","aeletselschade.nl","46.30.215.63","51468","DK"
"2018-11-13 14:49:03","http://eidekam.no/xerox/US_us/Invoice-Corrections-for-46/49","offline","malware_download","doc|Heodo","eidekam.no","77.111.241.69","51468","DK"
"2018-11-09 03:05:03","http://muschelsaal-bielefeld.com/US/Transactions/2018-11/","offline","malware_download","doc|Heodo","muschelsaal-bielefeld.com","46.30.213.2","51468","DK"
"2018-11-09 02:29:08","http://muschelsaal-bielefeld.com/US/Transactions/2018-11","offline","malware_download","doc|emotet|heodo","muschelsaal-bielefeld.com","46.30.213.2","51468","DK"
"2018-11-06 17:57:26","http://villaviola.be/xerox/En_us/Invoices-attached/","offline","malware_download","","villaviola.be","46.30.213.93","51468","DK"
"2018-11-06 15:06:31","http://www.villaviola.be/xerox/En_us/Invoices-attached","offline","malware_download","doc|emotet|Heodo","www.villaviola.be","46.30.213.93","51468","DK"
"2018-11-06 10:24:10","http://hfeejendomme.dk/6199642FGCAQ/SEP/Business","offline","malware_download","doc|emotet","hfeejendomme.dk","46.30.215.126","51468","DK"
"2018-11-06 08:37:36","http://yogabarnet.dk/24128Q/oamo/Commercial","offline","malware_download","doc|emotet|heodo","yogabarnet.dk","46.30.215.13","51468","DK"
"2018-11-05 18:06:02","http://vanherreweghen.be/I/","offline","malware_download","exe|Heodo","vanherreweghen.be","46.30.215.168","51468","DK"
"2018-11-05 17:26:07","http://vanherreweghen.be/I","offline","malware_download","emotet|epoch2|exe|Heodo","vanherreweghen.be","46.30.215.168","51468","DK"
"2018-09-22 05:10:16","http://mandram.com/2MouUZ/","offline","malware_download","Emotet|exe|Heodo","mandram.com","46.30.213.78","51468","DK"
"2018-09-21 19:17:04","http://mandram.com/2MouUZ","offline","malware_download","emotet|exe|Heodo","mandram.com","46.30.213.78","51468","DK"
"2018-09-19 04:28:46","http://mixland.dk/LLC/En_us/Overdue-payment/","offline","malware_download","doc|emotet|epoch2","mixland.dk","46.30.215.66","51468","DK"
"2018-09-14 09:12:11","http://mixland.dk/LLC/En_us/Overdue-payment","offline","malware_download","doc|emotet|Heodo","mixland.dk","46.30.215.66","51468","DK"
"2018-08-22 14:58:08","http://onnomakor.com/wp-content/themes/twentyfourteen/inc/3","offline","malware_download","","onnomakor.com","91.184.0.106","51468","DK"
"2018-08-22 14:58:07","http://onnomakor.com/wp-content/themes/twentyfourteen/inc/2","offline","malware_download","","onnomakor.com","91.184.0.106","51468","DK"
"2018-08-22 14:58:05","http://onnomakor.com/wp-content/themes/twentyfourteen/inc/1","offline","malware_download","","onnomakor.com","91.184.0.106","51468","DK"
"2018-08-14 04:28:23","http://rinkebyfolketshus.se/28RBCARD/TVP898235FQ/Aug-10-2018-919908/EGRL-AHT/","offline","malware_download","doc|emotet|Heodo","rinkebyfolketshus.se","77.111.241.73","51468","DK"
"2018-08-13 12:47:40","http://rinkebyfolketshus.se/28RBCARD/TVP898235FQ/Aug-10-2018-919908/EGRL-AHT","offline","malware_download","doc|emotet|Heodo","rinkebyfolketshus.se","77.111.241.73","51468","DK"
"2018-08-10 04:46:03","http://rinkebyfolketshus.se/LLC/VNL381710UJE/325487209/SKO-YOZQI/","offline","malware_download","Heodo","rinkebyfolketshus.se","77.111.241.73","51468","DK"
"2018-08-09 05:52:59","http://rinkebyfolketshus.se/LLC/VNL381710UJE/325487209/SKO-YOZQI","offline","malware_download","doc|emotet|Heodo","rinkebyfolketshus.se","77.111.241.73","51468","DK"
"2018-08-06 16:27:30","http://rinkebyfolketshus.se/files/En/Address-Changed/","offline","malware_download","doc|emotet|Heodo","rinkebyfolketshus.se","77.111.241.73","51468","DK"
"2018-08-03 12:00:30","http://rinkebyfolketshus.se/files/En/Address-Changed","offline","malware_download","doc|emotet|Heodo","rinkebyfolketshus.se","77.111.241.73","51468","DK"
"2018-08-03 05:11:39","http://patricioungaro.be/sites/US_us/Latest-invoice-with-a-new-address-to-update","offline","malware_download","doc|emotet|Heodo","patricioungaro.be","46.30.215.152","51468","DK"
"2018-08-03 04:28:44","http://patricioungaro.be/sites/US_us/Latest-invoice-with-a-new-address-to-update/","offline","malware_download","doc|emotet|Heodo","patricioungaro.be","46.30.215.152","51468","DK"
"2018-07-25 03:56:11","http://alicemorey.com/pdf/En/Invoice/037390/","offline","malware_download","doc|emotet|epoch2|Heodo","alicemorey.com","46.30.213.116","51468","DK"
"2018-07-17 21:37:12","http://dauwmedia.nl/sites/US/Payment-and-address/Payment/","offline","malware_download","doc|emotet|heodo","dauwmedia.nl","77.111.243.64","51468","DK"
"2018-07-17 17:46:12","http://dauwmedia.nl/doc/En/INVOICE-STATUS/Invoice-015681/","offline","malware_download","Heodo","dauwmedia.nl","77.111.243.64","51468","DK"
"2018-07-17 00:29:04","http://www.dauwmedia.nl/doc/En/INVOICE-STATUS/Invoice-015681/","offline","malware_download","doc|emotet|epoch2|Heodo","www.dauwmedia.nl","77.111.243.64","51468","DK"
"2018-07-05 10:55:04","http://xmrminingpro.com/CRyPTO_BLOCKER.BAT","offline","malware_download","","xmrminingpro.com","46.30.211.38","51468","DK"
"2018-07-04 16:01:22","http://dragonhousesolihull.co.uk/GreetingCards2018/","offline","malware_download","emotet|heodo","dragonhousesolihull.co.uk","46.30.215.144","51468","DK"
"2018-07-04 08:09:20","http://www.dragonhousesolihull.co.uk/GreetingCards2018/","offline","malware_download","doc|emotet|epoch1|Heodo","www.dragonhousesolihull.co.uk","46.30.215.144","51468","DK"
"2018-07-03 11:21:18","http://terrapersonas.com/readme.php","offline","malware_download","gandcrab v4|ransomware","terrapersonas.com","46.30.211.38","51468","DK"
"2018-07-02 10:44:39","http://skjefstad.net/tracklist/tracking_number.pdf.exe","offline","malware_download","GandCrab|Ransomware.GandCrab","skjefstad.net","46.30.213.87","51468","DK"
"2018-06-25 20:24:05","http://conexa.no/Factura/","offline","malware_download","doc|emotet|heodo","conexa.no","104.37.39.71","51468","NO"
"2018-06-22 20:10:03","http://arrifa.com/Rechnungs-fur-Zahlung/","offline","malware_download","Heodo","arrifa.com","46.30.213.78","51468","DK"
"2018-06-22 15:59:04","http://conexa.no/FILE/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc|emotet|Heodo","conexa.no","104.37.39.71","51468","NO"
"2018-06-22 04:57:29","http://www.arrifa.com/Rechnungs-fur-Zahlung/","offline","malware_download","emotet|Heodo","www.arrifa.com","46.30.213.78","51468","DK"
"2018-06-15 17:22:04","http://arrifa.com/IRS-Tax-Transcipts-080/2/","offline","malware_download","Emotet|Heodo","arrifa.com","46.30.213.78","51468","DK"
"2018-06-14 16:45:04","http://www.arrifa.com/IRS-Tax-Transcipts-080/2/","offline","malware_download","doc|emotet|epoch1|Heodo","www.arrifa.com","46.30.213.78","51468","DK"
"2018-06-04 12:07:11","http://webdisplay.dk/ups.com/WebTracking/VPV-7014436651/","offline","malware_download","doc|emotet|Heodo","webdisplay.dk","46.30.213.160","51468","DK"
"2018-06-01 16:00:39","http://tempo-data.dk/ups.com/WebTracking/UIK-91195208/","offline","malware_download","doc|emotet|Heodo","tempo-data.dk","46.30.213.4","51468","DK"
"2018-06-01 15:14:11","http://webdisplay.dk/Client/Please-pull-invoice-842742/","offline","malware_download","doc|emotet|Heodo","webdisplay.dk","46.30.213.160","51468","DK"
"2018-05-30 16:09:10","http://webdisplay.dk/Facture-30/05/2018/","offline","malware_download","doc|emotet|Heodo","webdisplay.dk","46.30.213.160","51468","DK"
"2018-05-30 09:35:26","http://tempo-data.dk/STATUS/Customer-Invoice-JU-18931019/","offline","malware_download","doc|emotet|Heodo","tempo-data.dk","46.30.213.4","51468","DK"
"2018-05-29 16:54:11","http://dauwmedia.nl/Votre-facture/","offline","malware_download","doc|emotet|Heodo","dauwmedia.nl","77.111.243.64","51468","DK"
"2018-05-24 08:06:56","http://dauwmedia.nl/DOC/Invoice/","offline","malware_download","doc|emotet|heodo","dauwmedia.nl","77.111.243.64","51468","DK"
"2018-05-16 14:31:02","http://gunder.dk/qWVee2/","offline","malware_download","emotet|exe|Heodo","gunder.dk","77.111.240.187","51468","DK"
"2018-04-30 11:22:06","http://dauwmedia.nl/C6ebEENeV/","offline","malware_download","doc|emotet|Heodo","dauwmedia.nl","77.111.243.64","51468","DK"
"2018-04-13 05:09:45","http://prezzemolo.dk/Invoice/","offline","malware_download","doc|emotet|heodo","prezzemolo.dk","46.30.215.69","51468","DK"
"2018-04-11 19:53:07","http://gunder.dk/Invoice-Number-042470/","offline","malware_download","doc|emotet|heodo","gunder.dk","77.111.240.187","51468","DK"
"2018-04-05 05:05:24","http://woodworks.dk/INV/XQ-0142077958871/","offline","malware_download","doc|emotet|heodo","woodworks.dk","77.111.240.141","51468","DK"
"2018-04-05 05:04:53","http://engdahldata.dk/INV/AZ-70231801858/","offline","malware_download","doc|emotet|heodo","engdahldata.dk","77.111.240.161","51468","DK"
"2018-03-29 15:05:53","http://www.burgstenwestmolen.com/INV/NQ-51189340845626/","offline","malware_download","doc|emotet|heodo","www.burgstenwestmolen.com","91.184.0.200","51468","DK"
"2018-03-29 14:44:10","http://derfrisoerladen.com/Information/","offline","malware_download","doc|emotet|heodo","derfrisoerladen.com","46.30.213.140","51468","DK"
"2018-03-28 13:39:50","http://centrumullanger.se/Mar-21-11-56-38/US/","offline","malware_download","doc|emotet|heodo","centrumullanger.se","46.30.215.107","51468","DK"
"2018-03-27 10:32:11","http://tappteam.co.uk/T6knfs/","offline","malware_download","emotet|exe|heodo","tappteam.co.uk","46.30.215.155","51468","DK"
"2018-03-16 14:40:01","http://buskdamm.dk/pSf1P/","offline","malware_download","Emotet|exe|Heodo","buskdamm.dk","46.30.213.167","51468","DK"
# of entries: 314