diff --git a/clusters/exploit-kit.json b/clusters/exploit-kit.json
index f7beeab2..006b21d3 100755
--- a/clusters/exploit-kit.json
+++ b/clusters/exploit-kit.json
@@ -10,7 +10,7 @@
        "synonyms": [
           "Stegano EK"
         ],
-		"status": "Active"
+		"status": "Unknown - Last Seen 2016-12-07"
        }
     }
 ,
@@ -52,7 +52,7 @@
           "RIG-E"
         ]
 	   ,
-		"status": "Active"
+		"status": "Unknown - Last seen: 2016-12-29"
        }
     }
 ,
@@ -121,7 +121,7 @@
        "synonyms": [
           "Job314",
           "Neutrino Rebooted",
-		  "Neutrino-v"
+          "Neutrino-v"
         ]		
 		,
 		"status": "Active"
@@ -140,7 +140,8 @@
        "synonyms": [
           "RIG 3",
 		  "RIG-v",
-		  "RIG 4"
+		  "RIG 4",
+		  "Meadgive"
         ],
 		"status": "Active"
        }
@@ -194,7 +195,7 @@
        "synonyms": [
           "Beps",
           "Xer",
-		  "Beta"
+          "Beta"
         ],
 		"status": "Active",
 		"colour": "#C03701"
@@ -211,7 +212,8 @@
         ],
        "synonyms": [
           "XXX",
-          "AEK"
+          "AEK",
+          "Axpergle"
         ],
 		"status": "Retired - Last seen: 2016-06-07"
        }
@@ -281,7 +283,8 @@
           "http://www.kahusecurity.com/2011/neosploit-is-back/"
         ],
        "synonyms": [
-          "NeoSploit"
+          "NeoSploit",
+          "Fiexp"
         ]
 		,
 		"status": "Retired - Last Seen: beginning of 2015-07"
@@ -409,7 +412,8 @@
        "synonyms": [
           "NEK",
           "Nuclear Pack",
-		  "Spartan"
+		  "Spartan",
+		  "Neclu"
         ]		,
 		"status": "Retired - Last seen: 2015-04-30"
        }
@@ -449,7 +453,7 @@
         "refs": [
           "https://www.trustwave.com/Resources/SpiderLabs-Blog/A-Wild-Exploit-Kit-Appears----Meet-RedKit/",
           "http://malware.dontneedcoffee.com/2012/05/inside-redkit.html",
-		  "https://nakedsecurity.sophos.com/2013/05/09/redkit-exploit-kit-part-2/"
+          "https://nakedsecurity.sophos.com/2013/05/09/redkit-exploit-kit-part-2/"
         ],
 		"status": "Retired"
        }
@@ -472,7 +476,8 @@
           "http://malware.dontneedcoffee.com/2012/12/juice-sweet-orange-2012-12.html"
         ],
        "synonyms": [
-          "SWO"
+          "SWO",
+          "Anogre"
         ],
 		"status": "Retired - Last seen: 2015-04-05"
        }
@@ -483,7 +488,7 @@
       "meta": {
         "refs": [
           "http://malware.dontneedcoffee.com/2012/12/crossing-styx-styx-sploit-pack-20-cve.html",
-		  "https://krebsonsecurity.com/2013/07/styx-exploit-pack-domo-arigato-pc-roboto/",
+          "https://krebsonsecurity.com/2013/07/styx-exploit-pack-domo-arigato-pc-roboto/",
           "http://malware.dontneedcoffee.com/2013/05/inside-styx-2013-05.html"
         ],
 		"status":"Retired - Last seen: 2014-06"
@@ -495,13 +500,13 @@
       "meta": {
         "refs": [
           "https://twitter.com/kafeine",
-		  "https://twitter.com/node5",
+          "https://twitter.com/node5",
           "https://twitter.com/kahusecurity"
         ]
        }
     }
 ],
-  "version": 2,
+  "version": 3,
   "uuid": "454f4e78-bd7c-11e6-a4a6-cec0c932ce01",
   "description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
   "authors": [