ThreatFox IOC Database

You are browsing the Indicator Of Compromise (IOC) database of ThreatFox. If you would like to contribute IOCs to the corpuse, you can do so through either the web form or the API.

413

IOCs shared (past 24 hours)

ClearFake

Most seen malware family (past 24 hours)

1'690'698

IOCs in corpus

Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database

Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

ioc:ms-debug-services.com ( run)
malware:CobaltStrike ( run)
tag:TA505 ( run)
threat_type:cc_skimming ( run)
uuid:87f310f3-540b-11eb-922c-42010aa4000a ( run)

Date (UTC)	IOC	Malware	Tags	Reporter
2026-06-09 10:00	39.100.89.103:8085	VShell	Vshell	Anonymous
2026-06-09 10:00	154.88.96.50:8884	VShell	Vshell	Anonymous
2026-06-09 10:00	49.235.130.208:10002	VShell	Vshell	Anonymous
2026-06-09 10:00	8.145.44.217:8080	Cobalt Strike	CobaltStrike	Anonymous
2026-06-09 09:51	whyldsf.rc395.com	ClearFake	ClearFake	Anonymous
2026-06-09 09:51	rc395.com	ClearFake	ClearFake	threatcat_ch
2026-06-09 09:44	204.194.54.9:7707	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-06-09 09:44	204.194.54.9:8808	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-06-09 09:44	204.194.54.9:6606	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-06-09 09:44	2.26.75.248:2428	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-06-09 09:44	2.26.75.241:4509	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-06-09 09:43	194.11.246.191:4404	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-06-09 09:43	194.11.246.191:6606	AsyncRAT	asyncrat drb-ra RAT	abuse_ch
2026-06-09 09:43	182.23.2.163:10616	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-06-09 09:43	175.178.123.42:28443	Unknown malware	drb-ra Mythic	abuse_ch
2026-06-09 09:43	170.62.130.191:4321	AdaptixC2	AdaptixC2 drb-ra	abuse_ch
2026-06-09 09:37	fancystraits.info	Unknown malware		Anonymous
2026-06-09 09:27	e3giv37r.pokerpars.poker	ClearFake	ClearFake	Anonymous
2026-06-09 09:26	pokerpars.poker	ClearFake	9June2026 ClearFake Commandline macOS	Gi7w0rm
2026-06-09 09:15	https://championscollision1.com/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-06-09 09:14	xwwitjs.rayonbet.com	ClearFake	ClearFake	Anonymous
2026-06-09 09:12	rayonbet.com	ClearFake	ClearFake	threatcat_ch
2026-06-09 09:09	demfmb.restaurantguideaarhus.com	ClearFake	ClearFake	Anonymous
2026-06-09 09:00	https://nxx.glamisdunesrentals.com/	Vidar	Vidar	crep1x
2026-06-09 09:00	nxx.glamisdunesrentals.com	Vidar	Vidar	crep1x
2026-06-09 09:00	https://nxx.gagahsm188.top/	Vidar	Vidar	crep1x
2026-06-09 09:00	nxx.gagahsm188.top	Vidar	Vidar	crep1x
2026-06-09 09:00	8.145.44.217:443	Cobalt Strike	CobaltStrike	Anonymous
2026-06-09 09:00	101.200.234.195:80	Unknown malware	Viper	Anonymous
2026-06-09 09:00	101.200.234.195:8080	Unknown malware	Viper	Anonymous
2026-06-09 09:00	8.145.44.217:8081	Cobalt Strike	CobaltStrike	Anonymous
2026-06-09 09:00	101.200.234.195:443	Unknown malware	Viper	Anonymous
2026-06-09 08:54	gwjjko.onlineshart.com	ClearFake	ClearFake	Anonymous
2026-06-09 08:45	gyayod.pishbinisite.com	ClearFake	ClearFake	Anonymous
2026-06-09 08:38	gdenwcw.rabonaabet.com	ClearFake	ClearFake	Anonymous
2026-06-09 08:34	pishbinipartners.com	ClearFake	9June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-09 08:33	rabonaabet.com	ClearFake	ClearFake	threatcat_ch
2026-06-09 08:27	promo.tennis	ClearFake	9June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-09 08:24	cafdfe.pishbinihoshmand.com	ClearFake	ClearFake	Anonymous
2026-06-09 08:23	pishbinihoshmand.com	ClearFake	9June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-09 08:16	dgxbf5rv.onexfa.com	ClearFake	ClearFake	Anonymous
2026-06-09 08:14	lplhoo.pishbinigame.com	ClearFake	ClearFake	Anonymous
2026-06-09 08:13	pishbinigame.com	ClearFake	9June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-09 08:09	mbigpi.pishbinifoori.com	ClearFake	ClearFake	Anonymous
2026-06-09 08:04	pishbinifoori.com	ClearFake	9June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-09 08:00	202.73.4.137:443	Havoc	Havoc	Anonymous
2026-06-09 08:00	101.200.234.195:60000	Unknown malware	Viper	Anonymous
2026-06-09 08:00	107.182.130.52:8808	AsyncRAT	asyncrat	Anonymous
2026-06-09 08:00	140.82.0.91:8808	AsyncRAT	asyncrat	Anonymous
2026-06-09 07:55	jgjuwx.pishbiniclass.com	ClearFake	ClearFake	Anonymous
2026-06-09 07:55	pishbiniclass.com	ClearFake	9June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-09 07:50	rcyrnur.pokerprado.bet	ClearFake	ClearFake	Anonymous
2026-06-09 07:49	pokerprado.bet	ClearFake	9June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-09 07:26	r2qz0qa2.poker-online.bet	ClearFake	ClearFake	Anonymous
2026-06-09 07:25	9r6xw7w2.poker-online.bet	ClearFake	ClearFake	threatcat_ch
2026-06-09 07:15	https://chtreeandgardenservices.co.uk/	Vidar	ClickFix compromised etherhiding Polygon Vidar WordPress	Anonymous
2026-06-09 07:11	rmipclt.penality.bet	ClearFake	ClearFake	Anonymous
2026-06-09 07:07	85.121.4.107:8443	Cobalt Strike	CobaltStrike cs-watermark-6	abuse_ch
2026-06-09 07:00	107.175.149.62:9909	AsyncRAT	asyncrat	Anonymous
2026-06-09 07:00	110.42.219.9:443	Cobalt Strike	CobaltStrike	Anonymous
2026-06-09 07:00	110.42.219.9:80	Cobalt Strike	CobaltStrike	Anonymous
2026-06-09 07:00	110.42.219.9:8080	Cobalt Strike	CobaltStrike	Anonymous
2026-06-09 06:42	checkphoto-bookin.com	Unknown malware		Anonymous
2026-06-09 06:42	keysrace.info	Unknown malware		Anonymous
2026-06-09 06:37	emyynld.pasur21.com	ClearFake	ClearFake	Anonymous
2026-06-09 06:30	89.40.31.72:6000	XWorm	XWorm	abuse_ch
2026-06-09 06:30	breakthroughgee.ddns.net	Remcos	remcos	abuse_ch
2026-06-09 06:22	t0loka.live	Remcos	RAT RemcosRAT	abuse_ch
2026-06-09 06:21	51.195.111.212:416	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.14:416	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	51.195.111.212:418	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.39:427	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.14:425	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	51.195.111.212:425	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.14:418	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	51.195.111.212:428	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.14:428	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.17:424	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.39:428	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	51.195.111.212:430	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.39:430	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	83.142.209.228:424	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.39:424	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	83.142.209.228:420	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.17:420	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.39:420	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.17:425	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	83.142.209.228:425	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.39:425	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	83.142.209.228:431	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.39:431	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.17:431	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.39:419	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	217.60.241.17:419	Tofsee	tofsee	abuse_ch
2026-06-09 06:21	83.142.209.228:419	Tofsee	tofsee	abuse_ch
2026-06-09 05:55	nkfjdum.pasoor11.bet	ClearFake	ClearFake	Anonymous
2026-06-09 05:55	hxmhpw.pishbinibet.casino	ClearFake	ClearFake	Anonymous
2026-06-09 05:53	sfdwdmq.mangobetfarsi.com	ClearFake	ClearFake	Anonymous
2026-06-09 05:52	moisca.com	Remus	RemusStealer	abuse_ch
2026-06-09 05:49	carogra.biz	Remus	RemusStealer	abuse_ch
2026-06-09 05:42	brazpi.shop	Remus	RemusStealer	abuse_ch
2026-06-09 05:42	godsblueprintforyourmarriage.com	Remus	RemusStealer	abuse_ch
2026-06-09 05:42	lmc014command.com	Remus	RemusStealer	abuse_ch
2026-06-09 05:42	gohan-suki.com	Remus	RemusStealer	abuse_ch
2026-06-09 05:42	eurogulf-group.com	Remus	RemusStealer	abuse_ch
2026-06-09 05:39	154.29.73.187:56523	Mirai	Mirai	abuse_ch
2026-06-09 05:27	http://kidos-bank.ru/index.htm	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://kaspersky.ru/index.htm	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://parex-bank.ru/index.htm	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://gaz-prom.ru/index.htm	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://color-bank.ru/index.php	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://adult-empire.com/index.php	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://virus-list.com/index.php	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://kaspersky.ru/index.php	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://ros-neftbank.ru/index.php	Berbew	Berbew	abuse_ch
2026-06-09 05:27	http://master-x.com/index.php	Berbew	Berbew	abuse_ch
2026-06-09 05:25	ojnkoxdg.pokerbazi.poker	ClearFake	ClearFake	Anonymous
2026-06-09 05:25	pokerbazi.poker	ClearFake	9June2026 ClearFake Commandline macOS	Gi7w0rm
2026-06-09 05:24	83.168.110.191:1336	Mirai	Mirai	abuse_ch
2026-06-09 05:18	hnainyw.ninjafruitcubes.bet	ClearFake	ClearFake	Anonymous
2026-06-09 05:11	alpinecamping.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	anascopr.net	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	associationaudrey.fr	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	attyx.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	blossomforth13.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	cnefa-dz.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	dbdideasturisticas.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	donnasalado.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	doorsec-dubai.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	drelectricia.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	elledisistemi.it	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	extrasegovia.es	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	homeenergyremodeling.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	jeffreykamenarchitect.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	noscalpelvasectomy.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	osteoporoza.si	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	raicesconsultoria.cl	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	realsproject.org	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	santacruzwebdesign.co	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	sharonneedles.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	soundsnatural.co.za	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	swojem.pl	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	thellio.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	theshipsproject.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	upstarthr.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	vitolilandscapedesign.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	wholefoodplantbasedrd.com	Vidar	compromised etherhiding Polygon WordPress	varysz
2026-06-09 05:11	8.219.158.30:80	Cobalt Strike	45102 c2 censys Cobalt Strike	sojubear
2026-06-09 05:11	196.75.218.37:2222	Meterpreter	36903 c2 censys MetaSploit	sojubear
2026-06-09 05:11	19678a2d474affb5164942a842488275dafc988bab2e5918e38422f152ecc66b	ClearFake	ClearFake ClickFix Loader rundll32 WebDav	Lenny3BO
2026-06-09 05:10	https://flzocge.penality.bet/083442ba-5bf1-4cc5-8440-04740f3ca9be/	ClearFake	ClearFake ClickFix rundll32 WebDav	Lenny3BO
2026-06-09 05:10	flzocge.penality.bet	ClearFake	ClearFake ClickFix rundll32 WebDav	Lenny3BO
2026-06-09 05:10	194.38.138.155:8443	Cobalt Strike	c2 erebus-wraith nation-state-hunter t1059_003 t1071_001	Erebu
2026-06-09 05:10	192.3.176.232:4099	Remcos		skocherhan
2026-06-09 05:10	webflare.beer	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-09 05:10	berlof.shop	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-09 05:10	firazit.com	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-09 05:10	macerapindasi.com	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-09 05:10	servupdt.com	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-09 04:43	kodhfeq.one1xbet.net	ClearFake	ClearFake	Anonymous
2026-06-09 04:04	wsiflnb.persian.sex	ClearFake	ClearFake	Anonymous
2026-06-09 03:54	mnnwpo.jamjahani2026.football	ClearFake	ClearFake	Anonymous
2026-06-09 03:24	jjcuameq.parspoker90.com	ClearFake	ClearFake	Anonymous
2026-06-09 03:24	rgcecjho.parspoker90.com	ClearFake	ClearFake	threatcat_ch
2026-06-09 03:21	scsadmm.penaltibazi.com	ClearFake	ClearFake	Anonymous
2026-06-09 03:15	aoeseeuk.winpars.casino	ClearFake	ClearFake	Anonymous
2026-06-09 03:14	winpars.casino	ClearFake	9June2026 ClearFake Commandline macOS	Gi7w0rm
2026-06-09 02:47	gialird.pishbini11.com	ClearFake	ClearFake	Anonymous
2026-06-09 02:45	120.55.246.213:18443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-06-09 02:42	pishbini11.com	ClearFake	ClearFake	threatcat_ch
2026-06-09 02:04	byiuatd.pinnaclebetting.bet	ClearFake	ClearFake	Anonymous
2026-06-09 02:03	pinnaclebetting.bet	ClearFake	ClearFake	threatcat_ch
2026-06-09 02:00	85.209.48.248:8443	VShell	Vshell	Anonymous
2026-06-09 01:57	naszmks.pinbahiis.com	ClearFake	ClearFake	Anonymous
2026-06-09 01:56	pinbahiis.com	ClearFake	ClearFake	threatcat_ch
2026-06-09 01:54	xgcstm.yasbet90.com	ClearFake	ClearFake	Anonymous
2026-06-09 01:45	lokino.perfectgameiran.com	ClearFake	ClearFake	Anonymous
2026-06-09 01:30	www.yuzuapp.io	Nanocore RAT	NanoCore	abuse_ch
2026-06-09 01:24	q62sm4y0.parsgoal90.com	ClearFake	ClearFake	Anonymous
2026-06-09 01:23	uszq523p.parsgoal90.com	ClearFake	ClearFake	threatcat_ch
2026-06-09 01:22	x8igi8bm.yektbet.bet	ClearFake	ClearFake	threatcat_ch
2026-06-09 01:22	plyxcbx.wrfc8.com	ClearFake	ClearFake	Anonymous
2026-06-09 00:39	pblgwhm.x50wheel.bet	ClearFake	ClearFake	Anonymous
2026-06-09 00:05	oknmhjx.xenicalby6.com	ClearFake	ClearFake	Anonymous
2026-06-08 23:48	nnwhxh.pik.bet	ClearFake	ClearFake	Anonymous
2026-06-08 23:45	149.88.66.234:20050	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-06-08 23:43	pik.bet	ClearFake	8June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-08 23:35	deglis.perspolisbet.bet	ClearFake	ClearFake	Anonymous
2026-06-08 23:34	perspolisbet.bet	ClearFake	8June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-08 23:24	akvljg.perspolisbet90.com	ClearFake	ClearFake	Anonymous
2026-06-08 23:23	nlwgc0c9.yekbetiran.com	ClearFake	ClearFake	Anonymous
2026-06-08 23:22	frowben.yasbetapp.com	ClearFake	ClearFake	Anonymous
2026-06-08 23:22	oxyna912.yekbetiran.com	ClearFake	ClearFake	threatcat_ch
2026-06-08 23:14	gsoxdy.vezaratshart.com	ClearFake	ClearFake	Anonymous
2026-06-08 23:07	pvvvvn.perfectgame.casino	ClearFake	ClearFake	Anonymous
2026-06-08 23:00	https://uru.fixsm188.top/	Vidar	Vidar	crep1x
2026-06-08 23:00	uru.firesupport.com	Vidar	Vidar	crep1x
2026-06-08 23:00	https://uru.firesupport.com/	Vidar	Vidar	crep1x
2026-06-08 23:00	uru.fixsm188.top	Vidar	Vidar	crep1x
2026-06-08 22:48	sewgqnm.winxbet.co	ClearFake	ClearFake	Anonymous
2026-06-08 22:33	lohgcyy.winsportiran.com	ClearFake	ClearFake	Anonymous
2026-06-08 22:15	e40nbbpq.winmastersbetiran.com	ClearFake	ClearFake	Anonymous
2026-06-08 22:14	winmastersbetiran.com	ClearFake	8June2026 ClearFake Commandline macOS	Gi7w0rm
2026-06-08 21:55	xeledkz.olabahiskayit.com	ClearFake	ClearFake	Anonymous
2026-06-08 21:22	xf4v3zjk.parspoker.casino	ClearFake	ClearFake	Anonymous
2026-06-08 21:17	ngieimu.kvbel.com	ClearFake	ClearFake	Anonymous
2026-06-08 21:07	zfomko.jamjahani.cash	ClearFake	ClearFake	Anonymous
2026-06-08 21:00	182.255.82.121:443	Havoc	Havoc	Anonymous
2026-06-08 20:42	rbbhubp.kbshavanese.com	ClearFake	ClearFake	Anonymous
2026-06-08 20:00	74.48.202.123:443	Havoc	Havoc	Anonymous
2026-06-08 20:00	74.48.202.123:80	Havoc	Havoc	Anonymous
2026-06-08 20:00	103.51.147.252:8084	VShell	Vshell	Anonymous
2026-06-08 20:00	111.119.234.82:8888	Unknown malware	Supershell	Anonymous
2026-06-08 20:00	ojpqxkm.one1x.bet	ClearFake	ClearFake	Anonymous
2026-06-08 19:43	182.23.2.163:12297	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-06-08 19:43	155.103.70.100:13407	Remcos	drb-ra RAT RemcosRAT	abuse_ch
2026-06-08 19:25	https://gts.firesupport.com/	Vidar	gr0u4 Vidar	abuse_ch
2026-06-08 19:25	gts.firesupport.com	Vidar	gr0u4 Vidar	abuse_ch
2026-06-08 19:25	gts.fixsm188.top	Vidar	gr0u4 Vidar	abuse_ch
2026-06-08 19:25	https://gts.fixsm188.top/	Vidar	gr0u4 Vidar	abuse_ch
2026-06-08 19:22	chzldmh3.parsbet90.com	ClearFake	ClearFake	Anonymous
2026-06-08 19:21	b8i7k0hi.parsbet90.com	ClearFake	ClearFake	threatcat_ch
2026-06-08 19:21	pbustxk.penalty.casino	ClearFake	ClearFake	Anonymous
2026-06-08 19:16	https://crystalforgeway.top/role/refresh-layout.js	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 19:16	https://crystalforgeway.top/role/role-view.js	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 19:16	crystalforgeway.top	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 19:16	https://crystalforgeway.top/role/api-sessionstore	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 19:12	15.235.189.218:56001	Unknown malware		abuse_ch
2026-06-08 19:03	64.95.13.15:80	KongTuke	Kongtuke	abuse_ch
2026-06-08 19:03	hfpfhy7zytroclo.top	KongTuke	Kongtuke	abuse_ch
2026-06-08 19:01	20.81.43.36:1011	PureLogs Stealer	PureLogsStealer	abuse_ch
2026-06-08 18:59	20.81.43.36:8030	PureLogs Stealer	PureLogsStealer	abuse_ch
2026-06-08 18:59	webdot.ddns.net	PureLogs Stealer	PureLogsStealer	abuse_ch
2026-06-08 18:58	pbtgvx.pablobet90.com	ClearFake	ClearFake	Anonymous
2026-06-08 18:47	twvjaye.penalti.website	ClearFake	ClearFake	Anonymous
2026-06-08 18:44	aencte.oxidbet.bet	ClearFake	ClearFake	Anonymous
2026-06-08 18:39	zoasav.onlineshart.com	ClearFake	ClearFake	Anonymous
2026-06-08 18:14	robodomain.sbs	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 18:07	zexrhdz.penaltibazi.com	ClearFake	ClearFake	Anonymous
2026-06-08 18:02	persianshart.com	ClearFake	8June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-08 17:54	sirata.asia	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	sitepromclop.click	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	smackit.lat	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	smesharik.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	spartanec.lat	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	superpooper.click	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	webanalytics-cdn.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	whynotebanarot.xyz	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	yanepidor.mom	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	yoshicity.xyz	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	myverifhouse.sbs	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	myverifyblog.sbs	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	nenadopapa.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	peachbro.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	pinokros.xyz	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	pohuimne.lol	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	ponikas.cyou	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	pringlesbob.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	productionmaza.sbs	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	prokladka.lol	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	sandman.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	sandman.lat	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	marmelad.lat	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	megamegalodon.click	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	merindashop.cyou	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	mexicodreams.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	microblogver.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	microchlen.lat	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	microloh.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	milksos.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	mnepohui.sbs	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	mob.lanjut.in	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	myblobtop.site	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	mygoodblog.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	mygoodblog.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	etomoe.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	etomoidomen.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	ganiballektor.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	gdedengikarlos.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	gdelogi.lol	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	govnol.lat	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	gppcdnns.beer	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	ivangay.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	lenders.digital	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	lizablud.shop	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	mambet.lol	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	marinaradom.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	biggestchlen.xyz	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	biletors.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	blobtop.sbs	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	bobik.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	bulletpop.cyou	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	chinabowl.club	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	chubrik.sbs	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	cloudflare-check.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	comicstar.lat	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	corppop.shop	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	cosmostars.shop	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	diddyparty.click	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	abrikos.xyz	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	anakondabob.club	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	ap7.supportly.au	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	arigatodomen.sbs	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	babybon.cfd	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	bearman.bond	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	bigbadwolf.click	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:54	biggestchlen.lol	Unknown Stealer	c2 etherhiding Polygon	varysz
2026-06-08 17:24	ikbnssq.persian.sex	ClearFake	ClearFake	Anonymous
2026-06-08 17:23	persian.sex	ClearFake	8June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-08 17:22	0fqk0ho2.mrbet90.com	ClearFake	ClearFake	Anonymous
2026-06-08 17:20	v6o8c9xi.mrbet90.com	ClearFake	ClearFake	threatcat_ch
2026-06-08 17:18	https://spaceco.com/ch	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 17:18	https://emberhorizon.top/role/role-view.js	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 17:18	emberhorizon.top	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 17:18	https://emberhorizon.top/role/api-sessionstore	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 17:18	https://emberhorizon.top/role/refresh-layout.js	SmartApeSG	SmartApeSG	monitorsg
2026-06-08 17:18	62.76.229.102:56782	Cobalt Strike	ClearFake ClickFix CobaltStrike Hvnc OutPack RAT stealer TOR	denkaj
2026-06-08 17:18	enterprise1.pages.dev	Cobalt Strike	ClearFake ClickFix CobaltStrike OutPack	denkaj
2026-06-08 17:18	endpoint.xsn10.com	Cobalt Strike	ClearFake ClickFix LOLBin	denkaj
2026-06-08 17:18	api.asn15.com	Cobalt Strike	ClearFake ClickFix LOLBin	denkaj
2026-06-08 17:18	e3300ce9dce0d41690e711b8ee3bb5498ccf25c68d4bafe35416a77a2d88cbd2	Cobalt Strike	CobaltStrike Hvnc OutPack RAT stealer	denkaj
2026-06-08 17:18	83a85d92277f0c762414e97f26538e4657f28a1cebe3e4f5d5d32e5ecf7b458a	Cobalt Strike	CobaltStrike Hvnc OutPack RAT stealer	denkaj
2026-06-08 17:18	22wsnikmydlkyx4cwmiykxis7kjy4ugmlz453amazqhflwo3wjsz5tad.onion	Cobalt Strike	CobaltStrike OutPack RAT TOR	denkaj
2026-06-08 17:18	https://kevinfreels.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 17:14	t748i6is.volleyball.vip	ClearFake	ClearFake	Anonymous
2026-06-08 17:03	zebswzz.one1xbet.net	ClearFake	ClearFake	Anonymous
2026-06-08 16:50	chinabowl.club	Unknown Webinject	ErrTraffic	Gi7w0rm
2026-06-08 16:49	lizablud.shop	Unknown Webinject	ErrTraffic	Gi7w0rm
2026-06-08 16:34	flnntj.persianabet.casino	ClearFake	ClearFake	Anonymous
2026-06-08 16:34	persianabet.casino	ClearFake	8June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-08 16:26	idwpuur.ninjafruitcubes.bet	ClearFake	ClearFake	Anonymous
2026-06-08 16:25	https://sad.firesupport.com/	Vidar	gr0u4 Vidar	abuse_ch
2026-06-08 16:25	sad.firesupport.com	Vidar	gr0u4 Vidar	abuse_ch
2026-06-08 16:25	https://sad.fixsm188.top/	Vidar	gr0u4 Vidar	abuse_ch
2026-06-08 16:25	sad.fixsm188.top	Vidar	gr0u4 Vidar	abuse_ch
2026-06-08 16:24	hfgzvf.perfectgameiran.com	ClearFake	ClearFake	Anonymous
2026-06-08 16:24	perfectgameiran.com	ClearFake	8June2026 ClearFake Commandline Windows	Gi7w0rm
2026-06-08 16:23	syheuby.mangobetfarsi.com	ClearFake	ClearFake	Anonymous
2026-06-08 15:45	qcqsin.yasbet90.com	ClearFake	ClearFake	Anonymous
2026-06-08 15:45	vvpfsda.pasoor11.bet	ClearFake	ClearFake	Anonymous
2026-06-08 15:20	e20yl90d.parsgoal90.com	ClearFake	ClearFake	Anonymous
2026-06-08 15:20	iebtnuo1.parsgoal90.com	ClearFake	ClearFake	threatcat_ch
2026-06-08 15:20	zjuflao.pasur21.com	ClearFake	ClearFake	Anonymous
2026-06-08 14:50	souljaboynft.io	Nanocore RAT	NanoCore	abuse_ch
2026-06-08 14:43	https://tknmetal.net/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:43	https://victormeloadvogado.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:43	https://oficialwebsitepromotion.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:43	https://www.jkbuildersg.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:43	https://www.kevinfreels.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:43	https://ireflect.net/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:43	https://www.iconlng.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:42	https://www.danielediana.it/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:42	https://developmental-twins.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:42	https://www.ciberci.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:42	https://www.argirisangelopoulos.gr/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:42	https://buktijpmaluku.info/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:42	https://andreawirsum.com/de/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:42	00000l.nvms9000.su	Mirai		uwucutecatgirl
2026-06-08 14:42	https://www.altecva.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:42	horizon.nvms9000updates.su	Mirai		uwucutecatgirl
2026-06-08 14:42	000.nvms9000.su	Mirai		uwucutecatgirl
2026-06-08 14:42	0000.nvms9000.su	Mirai		uwucutecatgirl
2026-06-08 14:42	000.hikvision-cctv.su	Mirai		uwucutecatgirl
2026-06-08 14:42	0000.hikvision-cctv.su	Mirai		uwucutecatgirl
2026-06-08 14:42	00000.hikvision-cctv.su	Mirai		uwucutecatgirl
2026-06-08 14:42	0000g7bd7.hikvision-cctv.su	Mirai		uwucutecatgirl
2026-06-08 14:42	botdealers.st	Mirai		uwucutecatgirl
2026-06-08 14:42	kys.botdealers.st	Mirai		uwucutecatgirl
2026-06-08 14:42	62.171.142.134:6379	XMRIG	module-load Muhstik redis	nullblue67
2026-06-08 14:42	47.253.94.140:2375	RedTail	docker-api Redtail	nullblue67
2026-06-08 14:42	45.238.101.91:2375	RedTail	docker-api Redtail	nullblue67
2026-06-08 14:42	189.51.43.54:80	RedTail	libredtail-http Redtail	nullblue67
2026-06-08 14:42	167.126.6.183:80	RedTail	libredtail-http Redtail	nullblue67
2026-06-08 14:42	https://wowlowski.icu/api/v1/verify	KongTuke	Kongtuke	monitorsg
2026-06-08 14:42	https://wowlowski.icu/file.js	KongTuke	Kongtuke	monitorsg
2026-06-08 14:42	wowlowski.icu	KongTuke	Kongtuke	monitorsg
2026-06-08 14:42	https://wowlowski.icu/api/v1/session	KongTuke	Kongtuke	monitorsg
2026-06-08 14:42	https://wowlowski.icu/api/v1/status	KongTuke	Kongtuke	monitorsg
2026-06-08 14:42	https://aura-checkpoint.top/o	KongTuke	Kongtuke	monitorsg
2026-06-08 14:42	aura-checkpoint.top	KongTuke	Kongtuke	monitorsg
2026-06-08 14:42	app-front.anmaradigital.com	FAKEUPDATES	SocGholish	monitorsg
2026-06-08 14:42	https://jkylenewton.com/	Unknown malware	ClickFix	CarsonWilliams
2026-06-08 14:37	fporlgd.penality.bet	ClearFake	ClearFake	Anonymous
2026-06-08 14:35	107.175.148.82:3001	Remcos	remcos	abuse_ch
2026-06-08 14:00	154.23.189.122:14782	Quasar RAT	QuasarRAT	Anonymous
2026-06-08 14:00	130.12.180.36:22	AsyncRAT	asyncrat	Anonymous
2026-06-08 13:59	vdchddh.penaltibazi.com	ClearFake	ClearFake	Anonymous
2026-06-08 13:47	xhfecr.jamjahani2026.football	ClearFake	ClearFake	Anonymous
2026-06-08 13:35	88aavn.one	Nanocore RAT	NanoCore	abuse_ch
2026-06-08 13:34	jwfckz.onlineshart.com	ClearFake	ClearFake	Anonymous
2026-06-08 13:30	hexbear.io	Nanocore RAT	NanoCore	abuse_ch
2026-06-08 13:28	oczvda.oxidbet.bet	ClearFake	ClearFake	Anonymous
2026-06-08 13:20	jjgnawd.penalti.website	ClearFake	ClearFake	Anonymous
2026-06-08 13:20	te3znaut.parspoker90.com	ClearFake	ClearFake	Anonymous
2026-06-08 13:20	hknnbq.pablobet90.com	ClearFake	ClearFake	Anonymous
2026-06-08 13:19	x3v1t7wb.parspoker90.com	ClearFake	ClearFake	threatcat_ch
2026-06-08 13:19	g1rxiw6o.parspoker90.com	ClearFake	ClearFake	threatcat_ch
2026-06-08 13:05	104.239.66.136:2017	XWorm	XWorm	abuse_ch
2026-06-08 12:05	007c16460b4b540cdbdb2488eb9be57baed53a31f2544bda86e3d21fb5e019ff	Unknown RAT		TomU
2026-06-08 12:05	ac2248d66cadf6597f428cde47f98c1adbb382da0473cceca632dec08ecf3e06	Unknown RAT		TomU
2026-06-08 12:04	https://vrdccbank.com/Doppee12.exe	Unknown RAT		TomU
2026-06-08 12:00	h0t75jy5.betgopro.com	ClearFake	ClearFake	Anonymous
2026-06-08 12:00	193.93.193.93:8822	Unknown RAT		TomU
2026-06-08 11:50	zrqkapj.one1x.bet	ClearFake	ClearFake	Anonymous
2026-06-08 11:45	106.14.116.17:19443	Cobalt Strike	CobaltStrike drb-ra	abuse_ch
2026-06-08 11:15	fhvteyb.kbshavanese.com	ClearFake	ClearFake	Anonymous
2026-06-08 11:00	117.72.115.168:8080	Cobalt Strike	CobaltStrike	Anonymous
2026-06-08 11:00	117.72.115.168:80	Cobalt Strike	CobaltStrike	Anonymous
2026-06-08 11:00	117.72.115.168:443	Cobalt Strike	CobaltStrike	Anonymous
2026-06-08 11:00	45.61.163.145:8080	Cobalt Strike	CobaltStrike	Anonymous
2026-06-08 10:55	cebsrg.jamjahani.football	ClearFake	ClearFake	Anonymous
2026-06-08 10:32	hjwaxur.kvbel.com	ClearFake	ClearFake	Anonymous
2026-06-08 10:32	gwu729hw.parspoker.casino	ClearFake	ClearFake	Anonymous