| 2026-05-01 19:14 | remote-v1.bnaumann87.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 19:09 | upd-naum.bnaumann87.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 18:51 | map-entry.herbertrutt.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 18:44 | 93.71.143.3:9002 | Brute Ratel C4 | BruteRatel drb-ra |  abuse_ch |
| 2026-05-01 18:44 | 91.92.242.228:8008 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:44 | 94.154.32.247:2025 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 91.219.238.234:3500 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 18:43 | 89.114.115.200:8080 | Chaos | CHAOS drb-ra | abuse_ch |
| 2026-05-01 18:43 | 72.249.124.93:1977 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 59.152.212.164:443 | BianLian | BianLian drb-ra | abuse_ch |
| 2026-05-01 18:43 | 5.101.86.65:8643 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 5.101.86.65:6448 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 5.101.86.15:6798 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 5.101.86.34:5749 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 5.101.86.15:9267 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 5.101.82.190:5691 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 5.101.86.15:6448 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 46.183.222.27:39473 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 46.183.222.27:43204 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 45.9.168.220:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 45.154.98.20:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 45.150.11.22:3333 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-01 18:43 | 45.10.164.177:45123 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 18:43 | 38.54.122.233:63689 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-01 18:43 | 39.101.82.73:4506 | DeimosC2 | Deimos drb-ra | abuse_ch |
| 2026-05-01 18:43 | 38.190.224.75:4338 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 38.190.224.78:4338 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 31.57.219.42:2042 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 31.57.184.187:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 31.57.184.154:6606 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 18:43 | 212.50.233.30:10115 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 212.50.233.30:10123 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 209.127.184.165:2575 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 202.144.194.238:10115 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 202.144.194.238:10123 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 202.144.194.238:10111 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 195.88.191.41:443 | RansomHub | drb-ra RansomHub | abuse_ch |
| 2026-05-01 18:43 | 195.88.191.41:7666 | RansomHub | drb-ra RansomHub | abuse_ch |
| 2026-05-01 18:43 | 194.61.120.171:5881 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 192.227.232.124:443 | Havoc | drb-ra Havoc | abuse_ch |
| 2026-05-01 18:43 | 193.124.131.235:443 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 190.255.86.67:5066 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 190.255.86.67:9140 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 18:43 | 190.255.86.67:5011 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 18:43 | 185.212.128.85:9000 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-01 18:43 | 185.212.128.80:9000 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-01 18:43 | 185.212.128.199:9000 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-01 18:43 | 173.211.106.231:21320 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 18:43 | 172.245.54.187:443 | Havoc | drb-ra Havoc | abuse_ch |
| 2026-05-01 18:43 | 172.94.17.208:5500 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 18:43 | 169.40.135.17:9521 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 159.69.46.0:443 | NetSupportManager RAT | drb-ra NetSupport RAT | abuse_ch |
| 2026-05-01 18:43 | 155.103.71.115:50033 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 155.103.71.115:50030 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 146.185.233.71:35412 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 134.122.162.29:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 18:43 | 130.94.77.156:62727 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-01 18:43 | 114.132.29.20:8989 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 18:43 | 109.227.59.160:4433 | DanaBot | DanBot drb-ra | abuse_ch |
| 2026-05-01 18:43 | 104.168.5.25:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 107.175.113.106:55 | pupy | drb-ra pupyRat RAT | abuse_ch |
| 2026-05-01 18:43 | 109.176.229.9:3883 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 18:43 | 103.79.79.105:9001 | pupy | drb-ra pupyRat RAT | abuse_ch |
| 2026-05-01 18:43 | 103.110.65.166:52223 | Sliver | drb-ra sliver | abuse_ch |
| 2026-05-01 18:34 | r-relay.herbertrutt.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 18:21 | temp-f8.herbertrutt.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 18:15 | https://easylivingupgrades.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 18:09 | internal-r.sarahkapsreit.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 18:02 | login-web.sarahkapsreit.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 17:39 | user-portal.rolfgrassinger.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 17:15 | https://kilojolts.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://corporatestrategyformarketing.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://yourbizstrategyforinnovation.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://smbownerspathtobusinesssuccess.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://corporateguidebookforefficiency.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://comprehensiveupskillingsphere.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://cavityfreeliving.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://corporatestrategyforinnovation.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://visualculturehq.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://advancedxplorationstation.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://bizownersinnovation.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://residentadvisorforcomfort.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://yourbizstrategyforstability.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://healthysmilesdaily.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://comprehensiveclaritystation.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://rapidmts.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://butterandcheese.net/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://bizgrowthtips.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://lifewithlovedones.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://remarkablemedicine.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://day-online-trading.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://howtofixacar.info/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://browsebriankane.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://cityers.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://3-l.org/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://thursdaycooking.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://theartreserve.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://sundaycreek.org/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://quickstartupmanualforsuccess.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://homeownersfundamentals.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://personalinjuryandcaraccidentlawyernewsletter.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://homeownerslessons.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://firsthomeownerhelp.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://highimpactmanual.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://diyprojectsforhome.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://financiarul.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:15 | https://citytrav.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 17:10 | m-cache90.rolfgrassinger.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 17:08 | https://analytics-h15.icu/t.js | Unknown malware | ClickFix EXT |  HuntYethHounds |
| 2026-05-01 17:08 | https://analytics-h15.icu/ext.d7907680dd44.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 17:07 | https://analytics-h15.icu/ext-b.223652707572.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 17:06 | https://analytics-h15.icu/t.188cfd3975db.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 17:06 | analytics-h15.icu | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 17:01 | https://pixeldouble.xyz/ext.d7907680dd44.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 17:01 | https://pixeldouble.xyz/ext-b.223652707572.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 17:00 | https://pixeldouble.xyz/t.188cfd3975db.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 16:59 | https://pixeldouble.xyz/t.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 16:59 | pixeldouble.xyz | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 16:58 | root-hub.foersteron.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 16:57 | https://datawisp.xyz/ext.d7907680dd44.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 16:56 | https://datawisp.xyz/ext-b.223652707572.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 16:52 | https://datawisp.xyz/t.188cfd3975db.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 16:52 | https://datawisp.xyz/t.js | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 16:51 | datawisp.xyz | Unknown malware | ClickFix EXT | HuntYethHounds |
| 2026-05-01 16:44 | srv-secure.foersteron.work | ClearFake | ClearFake | Anonymous |
| 2026-05-01 16:28 | api-secured.tari8lax.surf | ClearFake | ClearFake |  threatcat_ch |
| 2026-05-01 16:23 | quej77v5.acce1eratpacify.digital | ClearFake | ClearFake | Anonymous |
| 2026-05-01 16:22 | v-log902.tari8lax.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 16:22 | esfas3nf.acce1eratpacify.digital | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 16:21 | https://goldenvectorlab.top/handler/user-controller.php | SmartApeSG | SmartApeSG |  monitorsg |
| 2026-05-01 16:21 | https://goldenvectorlab.top/handler/token-validator.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-01 16:21 | vtc44.herbertrutt.work | ClearFake | 1May2026 ClearFake Commandline Windows |  Gi7w0rm |
| 2026-05-01 16:21 | wint7-zone.tari8lax.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 16:21 | acce1eratpacify.digital | ClearFake | 1May2026 ClearFake Commandline macOS | Gi7w0rm |
| 2026-05-01 16:21 | geysergentle.bnaumann87.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 16:15 | https://planbcreative.org/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 16:15 | https://southerncaliforniacarrepairnews.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 16:11 | de3opzh.herbertrutt.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 16:11 | pric3-well.herbertrutt.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 16:11 | extractmonitor.herbertrutt.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 16:11 | kelcrest1ix.tari8lax.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 16:11 | ishevmrr.herbertrutt.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 16:05 | proto-l4tti.nexo5mir.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 15:59 | juqt41x.nexo5mir.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 15:53 | htms.nexo5mir.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 15:49 | transit-sur.nexo5mir.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 15:43 | alt-out1et.nexo5mir.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 15:38 | https://afraid.veloitall.cfd/ | Unknown malware | ClearFake ClickFix go-garble midie telegraph-deaddrop | Lenny_3BO |
| 2026-05-01 15:38 | 145.249.109.147:443 | Unknown malware | ClearFake ClickFix go-garble midie telegraph-deaddrop | Lenny_3BO |
| 2026-05-01 15:38 | afraid.veloitall.cfd | Unknown malware | ClearFake ClickFix go-garble midie telegraph-deaddrop | Lenny_3BO |
| 2026-05-01 15:38 | https://telegra.ph/Functions-04-03 | Unknown malware | ClearFake ClickFix midie telegraph-deaddrop | Lenny_3BO |
| 2026-05-01 15:38 | bui1-mount.sarahkapsreit.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:38 | 104.168.117.21:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike CobaltStrike cobeacon |  whoamix302 |
| 2026-05-01 15:38 | 74.48.175.22:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike CobaltStrike cobeacon | whoamix302 |
| 2026-05-01 15:38 | 204.44.70.29:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike CobaltStrike cobeacon | whoamix302 |
| 2026-05-01 15:38 | 154.17.27.199:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike CobaltStrike cobeacon | whoamix302 |
| 2026-05-01 15:38 | 49.128.218.209:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike CobaltStrike cobeacon | whoamix302 |
| 2026-05-01 15:36 | tgdrbxm.nexo5mir.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 15:31 | nobl-desi.puro2tal.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 15:30 | 45uwt.sarahkapsreit.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:30 | netq9.sarahkapsreit.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:30 | bundform.puro2tal.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:30 | microbesnow.sarahkapsreit.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:30 | podc4-node.puro2tal.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:30 | obser4-beam.sarahkapsreit.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:25 | 7309h.puro2tal.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 15:09 | manifestroya.sarahkapsreit.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:08 | g3ne-cast.puro2tal.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 15:04 | hypercargo.rolfgrassinger.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:04 | flam7-spark.rolfgrassinger.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 15:04 | ashvec.puro2tal.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:56 | 14yo-pulse.sena9vix.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 14:51 | shellamber.rolfgrassinger.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | sdfdf7.glid1zone.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | tidemeshnode.felo7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | eview.open2byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | flowhostunit.felo7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | gate.fast7link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | drift5pathgate.felo7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | vast7.glid1zone.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | f31nsn.lafaofn0thes.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | ftipbve.lafaofn0thes.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | vauminor.lafaofn0thes.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | modul3-stack.lafaofn0thes.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | https://mambet.lol/api/index.php?a=dl&token=d0a5e3b511c293206448ac44451b87f717fbdfa0c2f97242082bd2f29748a486&src=cloudflare&mode=cloudflare | Vidar | Vidar | whoamix302 |
| 2026-05-01 14:51 | sync4logicway.vaxi4sync.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | tenso-sca.alterat-detach.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | 172.81.177.67:443 | Unknown malware | BotManager | whoamix302 |
| 2026-05-01 14:51 | 195.177.94.23:443 | Remcos | remcos RemcosRAT Remvio Socmer | whoamix302 |
| 2026-05-01 14:51 | whale-ether.pro | SantaStealer | SantaStealer |  tcains1 |
| 2026-05-01 14:51 | kelvaleen8.alterat-detach.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | https://categoryfire.shop/Cyrex.zip | Unknown Stealer | | stealer_hunter |
| 2026-05-01 14:51 | https://starhope.life/DivineX.zip | Unknown Stealer | | stealer_hunter |
| 2026-05-01 14:51 | https://roblox-exec.online/uploads/B%D0%BE%D0%BEtse%D1%85%D0%B5c64.zip | Unknown Stealer | | stealer_hunter |
| 2026-05-01 14:51 | https://ryoplaces.com/%F0%9D%99%B1%F0%9D%9A%98%F0%9D%9A%98%F0%9D%9A%9D%F0%9D%9A%9C%F0%9D%9A%9D%F0%9D%9A%8A%F0%9D%9A%99%F0%9D%9A%99%F0%9D%9A%8E%F0%9D%9A%9B%F0%9D%99%B0%F0%9D%9A%99%F0%9D%9A%99.zip | Unknown Stealer | | stealer_hunter |
| 2026-05-01 14:51 | velspirear4.alterat-detach.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:51 | yhmf.alterat-detach.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | neo-fa1l.alterat-detach.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | jsvpx.alterat-detach.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | engioasis.caronhyper7rophy.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | 6hfju7p.caronhyper7rophy.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | drivesummit.caronhyper7rophy.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | null8siteview.mori9port.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | 8022i.caronhyper7rophy.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | link2logicway.deno2link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | sub-w1nd.caronhyper7rophy.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | p1tch2-lab.caronhyper7rophy.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | pair7taskhub.deno2link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | clean4-spool.american-brazil.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | h5valpzn.american-brazil.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | bond4pathgate.deno2link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | ww79xq.american-brazil.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | r3nde2-frame.american-brazil.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | byte5logicnet.sara5byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | vor-lithos.american-brazil.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | bitsmeshnode.sara5byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | gab45f.american-brazil.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | dynnexos.sverbw2tch.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | filehostunit.sara5byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | data8logicway.tula8data.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | ref1ne-dock.sverbw2tch.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | uexmep0.sverbw2tch.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | core3taskhub.tula8data.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | zendra9um.establish-lads.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | palcas.establish-lads.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | https://crystalaxishub.top/handler/user-controller.php | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-01 14:50 | crystalaxishub.top | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-01 14:50 | https://crystalaxishub.top/handler/token-validator.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-01 14:50 | http://216.120.201.150 | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-01 14:50 | https://trysilverstrandhub.com/public | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-01 14:50 | trysilverstrandhub.com | SmartApeSG | SmartApeSG | monitorsg |
| 2026-05-01 14:50 | coolpix.establish-lads.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | foxalph.establish-lads.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | gard9-point.establish-lads.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | craftglobal.establish-lads.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | wild-ciph.demon5tratpripek.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | safehostunit.piva1save.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | shellsig.demon5tratpripek.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | 47.114.101.208:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 170.205.31.53:8443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 165.22.181.151:8443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 47.237.208.223:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 185.195.66.149:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 194.68.27.220:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 47.237.205.9:8443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 144.208.127.206:443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 114.132.199.129:8443 | Cobalt Strike | Agentemis Beacon Cobalt Strike cobeacon | whoamix302 |
| 2026-05-01 14:50 | 94.96.192.197:12529 | Xtreme RAT | ExtRat Xtreme RAT | whoamix302 |
| 2026-05-01 14:50 | steadybiome.demon5tratpripek.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | pcbnn.demon5tratpripek.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | swqtd.demon5tratpripek.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | stock6-watch.doe-negotation.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | shape5-mesh.doe-negotation.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | suddencast.doe-negotation.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | flow-pulse.doe-negotation.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | listenerble.meltdowntemptin8.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | mapphostunit.felo7zone.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | 1xoi047.meltdowntemptin8.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | ser-draex.meltdowntemptin8.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | auth-expo.meltdowntemptin8.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | wardes.vori7nex.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | fleetgolden.meltdowntemptin8.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | mernexex.vori7nex.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | jdwgg.hundred-weight.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | draw-hinge.hundred-weight.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | fiebird.hundred-weight.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | b4sic-route.hundred-weight.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:50 | 39hh3.sena9vix.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | l3tter7-logic.lami4qor.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | sub-5t4r.foersteron.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | zencrest8al.lami4qor.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | g3ne-dock.foersteron.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | solvaleis.lami4qor.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | lce7y.foersteron.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | erst.foersteron.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | 42v06.lami4qor.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | filterban.foersteron.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | dlrd.foersteron.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | bc17f0d2a9715c138f77b77eaf760e5f | Unknown malware | asus-sideload ClearFake ClickFix go-garble midie rundll32 WebDav | Lenny_3BO |
| 2026-05-01 14:49 | 52f84ca88409bddcbfc4dd7d6a048af9 | Unknown malware | asus-sideload ClearFake ClickFix go-garble midie rundll32 WebDav | Lenny_3BO |
| 2026-05-01 14:49 | 5ed7708134d1da60c2376a3f89fe28d94c0f9db760b29ce1530e42757352c8bb | Unknown malware | asus-sideload ClearFake ClickFix go-garble midie rundll32 WebDav | Lenny_3BO |
| 2026-05-01 14:49 | https://blobir.vori7nex.surf/software-distribution-dxnp2c7/meta-verify.index | Unknown malware | ClearFake ClickFix midie rundll32 WebDav | Lenny_3BO |
| 2026-05-01 14:49 | signddude5.camp | Unknown malware | ClearFake ClickFix midie | Lenny_3BO |
| 2026-05-01 14:49 | dyndra4et.rolfgrassinger.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | b4y-drive.rolfgrassinger.work | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:49 | 4ijbsg80.sena9vix.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 14:48 | goldenvectorlab.top | NetSupportManager RAT | NetSupport RAT |  varysz |
| 2026-05-01 14:44 | 8.222.192.153:8000 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | 54.205.26.32:443 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | 64.83.42.94:443 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | 47.236.91.172:443 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | 165.22.16.194:80 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | 118.25.178.35:80 | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | nuli.qzz.io | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | secure-server.sbs | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | update.cdn-update.workers.dev | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:44 | mole-yxzzxy.xyz | Cobalt Strike | CobaltStrike drb-ra | abuse_ch |
| 2026-05-01 14:38 | lqush.sena9vix.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 14:33 | watc-forma.sena9vix.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 14:30 | frr.ambil-disini.web.id | Vidar | Vidar |  crep1x |
| 2026-05-01 14:30 | https://frr.ambil-disini.web.id/ | Vidar | Vidar | crep1x |
| 2026-05-01 14:30 | frr.rubensbruno.adv.br | Vidar | Vidar | crep1x |
| 2026-05-01 14:30 | https://frr.rubensbruno.adv.br/ | Vidar | Vidar | crep1x |
| 2026-05-01 14:25 | tal-fluxor.sena9vix.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 14:15 | https://papeleraelchasqui.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-05-01 14:11 | tztuq.lami4qor.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 13:48 | growth2-mark.lami4qor.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 13:43 | partner-track.vori7nex.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 13:37 | glac14-frame.vori7nex.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 13:35 | cc.92lu1.cc | ValleyRAT | valleyrat_s2 | abuse_ch |
| 2026-05-01 13:32 | cliedrift.vori7nex.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 13:31 | 47.236.106.45:7777 | ValleyRAT | valleyrat_s2 | abuse_ch |
| 2026-05-01 13:30 | u888lm.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-05-01 13:30 | tribunmedia.it.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-05-01 13:30 | gamebai789.club | Nanocore RAT | NanoCore | abuse_ch |
| 2026-05-01 13:30 | minework.io | Nanocore RAT | NanoCore | abuse_ch |
| 2026-05-01 13:30 | acyd.io | Nanocore RAT | NanoCore | abuse_ch |
| 2026-05-01 13:30 | 2.26.124.185:6001 | AsyncRAT | asyncrat RAT | abuse_ch |
| 2026-05-01 13:26 | blobir.vori7nex.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 13:25 | 175.178.237.54:1588 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-01 13:25 | 47.236.106.45:6666 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-01 13:25 | http://cw525100.tw1.ru/L1nc0In.php | DCRat | dcrat RAT | abuse_ch |
| 2026-05-01 13:25 | 181.71.188.50:443 | Remcos | RAT RemcosRAT | abuse_ch |
| 2026-05-01 13:25 | 172.67.130.172:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:25 | 104.21.3.119:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:25 | 192.124.249.34:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:25 | 104.21.84.88:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:25 | 172.67.190.146:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:25 | 172.67.142.34:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:25 | 104.21.27.94:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:25 | 104.21.67.141:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:25 | 172.67.177.58:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-05-01 13:09 | site8siteview.felo7zone.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 13:01 | grid5pathgate.felo7zone.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 12:48 | plot2taskhub.felo7zone.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 12:41 | areameshnode.felo7zone.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 12:36 | zone7logicnet.felo7zone.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 12:30 | mark9siteview.karo3view.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 12:20 | scan2pathgate.karo3view.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 12:14 | lookhostunit.karo3view.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 12:09 | seek7taskhub.karo3view.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 12:03 | findmeshsite.karo3view.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 11:58 | view3logicway.karo3view.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 11:50 | last7siteview.piva1save.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 11:44 | disk4pathgate.piva1save.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 11:33 | hold8taskhub.piva1save.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 11:28 | keepmeshnode.piva1save.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 11:22 | save1logicnet.piva1save.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 11:14 | mark1siteview.tula8data.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 11:09 | hard6pathgate.tula8data.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 11:03 | infonodeunit.tula8data.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 11:00 | https://mm1.rubensbruno.adv.br/ | Vidar | Vidar | crep1x |
| 2026-05-01 11:00 | mm1.ambil-disini.web.id | Vidar | Vidar | crep1x |
| 2026-05-01 11:00 | https://mm1.ambil-disini.web.id/ | Vidar | Vidar | crep1x |
| 2026-05-01 11:00 | mm1.rubensbruno.adv.br | Vidar | Vidar | crep1x |
| 2026-05-01 10:51 | basemeshsite.tula8data.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 10:40 | full9siteview.sara5byte.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 10:35 | save4pathgate.sara5byte.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 10:17 | load1taskhub.sara5byte.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 10:00 | site9siteview.deno2link.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 09:43 | techhostunit.deno2link.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 09:30 | joinmeshsite.deno2link.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 09:12 | gate5pathgate.mori9port.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 09:06 | datahostunit.mori9port.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 09:00 | open2taskhub.mori9port.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 08:54 | linkmeshnode.mori9port.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 08:53 | port9logicnet.mori9port.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 08:43 | 96.125.132.83:443 | BianLian | BianLian drb-ra | abuse_ch |
| 2026-05-01 08:43 | 83.143.58.252:8015 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | fast1siteview.vaxi4sync.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 08:43 | 84.201.14.11:2177 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-01 08:43 | 80.66.84.163:61845 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 72.56.246.58:80 | Chaos | CHAOS drb-ra | abuse_ch |
| 2026-05-01 08:43 | 74.48.194.213:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 78.40.209.53:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 62.60.226.63:6856 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 64.89.163.114:6606 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.57:1984 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.60:6798 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.76:1338 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.76:9323 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.76:9521 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.78:9323 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.81.81:4315 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.34:6913 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.4:2428 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 5.101.86.4:6448 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 46.151.182.71:22 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 47.103.106.26:2333 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 08:43 | 47.83.254.175:6321 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 08:43 | 45.77.127.102:6606 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 08:43 | 46.151.182.161:58001 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 46.151.182.33:4747 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 45.43.11.194:2026 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 45.133.174.41:8080 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 4.236.165.30:4321 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 08:43 | 31.58.58.168:51272 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 31.58.76.179:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 3.19.238.211:31337 | Sliver | drb-ra sliver | abuse_ch |
| 2026-05-01 08:43 | 217.60.241.19:5903 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 207.174.0.178:8206 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-01 08:43 | 20.2.83.254:3333 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-01 08:43 | 203.202.232.104:2444 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 195.177.94.130:2037 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 198.135.55.193:32241 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 193.24.211.62:23581 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 193.24.211.62:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 194.116.236.110:6161 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 190.2.150.52:853 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 192.159.99.131:1458 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 192.253.248.29:443 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 185.28.84.202:8080 | Chaos | CHAOS drb-ra | abuse_ch |
| 2026-05-01 08:43 | 178.16.53.63:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 178.128.252.142:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 178.16.52.24:789 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 178.16.53.183:111 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 172.94.101.157:3011 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 169.40.135.35:6158 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 172.111.198.151:3001 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-01 08:43 | 163.5.102.110:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 163.5.102.110:2407 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 163.5.102.99:6325 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 164.68.99.7:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 158.220.113.212:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 158.94.209.210:443 | Eye Pyramid | drb-ra EyePyramid | abuse_ch |
| 2026-05-01 08:43 | 158.94.209.227:443 | Eye Pyramid | drb-ra EyePyramid | abuse_ch |
| 2026-05-01 08:43 | 154.83.148.26:22050 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 155.103.70.100:50030 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 155.103.70.100:50033 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 155.103.70.68:2323 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 151.243.109.10:9323 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 151.243.109.213:6325 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 146.190.133.216:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 143.202.105.137:9001 | DanaBot | DanBot drb-ra | abuse_ch |
| 2026-05-01 08:43 | 136.0.41.76:8443 | Evilginx | drb-ra EvilGinx EvilGoPhish | abuse_ch |
| 2026-05-01 08:43 | 138.9.0.87:8015 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 138.9.212.10:8015 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 130.12.180.184:2602 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 132.243.223.0:2404 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 109.123.249.123:7443 | Unknown malware | drb-ra Mythic | abuse_ch |
| 2026-05-01 08:43 | 111.229.144.163:60000 | Unknown malware | drb-ra RAT | abuse_ch |
| 2026-05-01 08:43 | 124.198.131.36:9958 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 103.83.87.60:1515 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 104.238.34.58:7788 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:43 | 103.140.238.45:8887 | Sliver | drb-ra sliver | abuse_ch |
| 2026-05-01 08:43 | 103.140.238.45:8888 | Sliver | drb-ra sliver | abuse_ch |
| 2026-05-01 08:43 | 103.147.228.120:8015 | Remcos | drb-ra RAT RemcosRAT | abuse_ch |
| 2026-05-01 08:38 | next5pathgate.vaxi4sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 08:32 | loadhostunit.vaxi4sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 08:30 | tick8taskhub.vaxi4sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 08:24 | timemeshsite.vaxi4sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 08:14 | pure8siteview.neto7cloud.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 08:11 | http://scout.hollowdelta.site | Vidar | bandoozle Vidar | abuse_ch |
| 2026-05-01 08:11 | scout.hollowdelta.site | Vidar | bandoozle Vidar | abuse_ch |
| 2026-05-01 08:08 | vast2pathgate.neto7cloud.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 08:01 | hostunitgate.neto7cloud.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 07:54 | air9taskhub.neto7cloud.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 07:49 | sky4meshnode.neto7cloud.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 07:43 | cloud7logicnet.neto7cloud.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 07:37 | wash8siteview.felo7wave.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 07:27 | https://mambet.lol/log.php | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-05-01 07:27 | https://mambet.lol/api/index.php | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-05-01 07:25 | https://mambet.lol/cf.js | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-05-01 07:25 | mambet.lol | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-05-01 07:21 | surf2taskhub.felo7wave.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 07:14 | byte9taskhub.open2byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 07:14 | next4pathgate.kren3sync.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 07:14 | loadhostunit.open2byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 07:14 | port4pathgate.open2byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 07:14 | zero.masscan.cloud | Shai-Hulud | |  johannes |
| 2026-05-01 07:14 | vhs.delrosal.net | Unknown malware | | johannes |
| 2026-05-01 07:14 | tumama.hns.to | Unknown malware | | johannes |
| 2026-05-01 07:14 | blackice.sol-domain.org | Unknown malware | | johannes |
| 2026-05-01 07:14 | https://trindastal.com/8250d149-9bf8-566d-9d7d-ea925eae0a4c/ | CASTLELOADER | | johannes |
| 2026-05-01 07:14 | cheeshomireciple.com | CASTLELOADER | | johannes |
| 2026-05-01 07:14 | https://t.me/dusty_vintage | Unknown malware | OpenClaw | johannes |
| 2026-05-01 07:12 | bbbadfflkhroksd.cn | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-01 07:12 | 18.167.65.85:8880 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-05-01 07:10 | wave7logicnet.felo7wave.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 07:08 | 165.154.24.229:80 | Cobalt Strike | CobaltStrike cs-watermark-391144938 | abuse_ch |
| 2026-05-01 07:08 | 203.160.54.22:8080 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-05-01 07:08 | 103.230.15.38:81 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-05-01 07:08 | 106.75.31.247:80 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-05-01 07:08 | 146.19.125.9:80 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-05-01 07:04 | 92.112.127.184:17691 | MooBot | moobot | abuse_ch |
| 2026-05-01 07:02 | http://wheat.gardenplume.store/ | Vidar | bandoozle Vidar | abuse_ch |
| 2026-05-01 07:02 | wheat.gardenplume.store | Vidar | bandoozle Vidar | abuse_ch |
| 2026-05-01 07:02 | fast9siteview.kren3sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 07:01 | https://t.me/izjdbzps | Vidar | bandoozle Vidar | abuse_ch |
| 2026-05-01 07:00 | 45.148.120.78:23459 | Bashlite | Gafgyt | abuse_ch |
| 2026-05-01 06:53 | fix1logicnet.pavi1xen.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | patchmeshnode.pavi1xen.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | full7siteview.everfo7mat.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | run4taskhub.pavi1xen.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | starthostunit.pavi1xen.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | jump7pathgate.pavi1xen.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | save2siteview.pavi1xen.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | datehostunit.years-quackery.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | soil6logicway.grov6lira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | rootmeshsite.grov6lira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | grow3taskhub.grov6lira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | leafhostunit.grov6lira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | wild5pathgate.grov6lira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | cut2taskhub.dismemb7harlot.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | base8siteview.grov6lira.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | cold3logicnet.flen3qor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | ice7taskhub.flen3qor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | mistmeshnode.flen3qor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | rainhostunit.flen3qor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | zero4pathgate.flen3qor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | pure9siteview.flen3qor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | temp4pathgate.kutsy-proquac.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | gold7logicway.verdi7rax.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | richmeshsite.verdi7rax.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | scan8siteview.kutsy-proquac.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | coin4taskhub.verdi7rax.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | view8logicnet.lookin8back.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | bankhostunit.verdi7rax.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | mint2pathgate.verdi7rax.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | map4logicnet.exceedvil1ager.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | scan5pathgate.lookin8back.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | gridmeshnode.exceedvil1ager.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | back9siteview.lookin8back.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | plot7taskhub.exceedvil1ager.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | basehostunit.exceedvil1ager.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | zone2pathgate.exceedvil1ager.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | mark9siteview.exceedvil1ager.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | scan3logicway.counter-graphol.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | zero7pathgate.eleuther-stupidity.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | void4siteview.eleuther-stupidity.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | sync8taskhub.counter-graphol.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | linkhostunit.counter-graphol.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | port5pathgate.counter-graphol.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | data1siteview.counter-graphol.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | peak6logicnet.finchre5t.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | stem4pathgate.goddess-tapir.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | tint7logicnet.colorfu1prep.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | highmeshnode.finchre5t.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | top2taskhub.finchre5t.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | starhostunit.finchre5t.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | huemeshnode.colorfu1prep.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | edge5pathgate.finchre5t.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | rich4taskhub.colorfu1prep.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | view9siteview.finchre5t.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | mask4logicway.mesper-faced.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | hidemeshsite.mesper-faced.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | glow8siteview.colorfu1prep.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | null7taskhub.mesper-faced.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | voidhostunit.mesper-faced.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | none3pathgate.mesper-faced.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | past9taskhub.centenary-kurgan.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | zero8siteview.mesper-faced.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | wind5logicnet.po5ehuweather.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | rainmeshnode.po5ehuweather.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | cold9taskhub.po5ehuweather.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | heat5logicnet.chaevodh0t.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | lasthostunit.po5ehuweather.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | burnmeshnode.chaevodh0t.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | mist2pathgate.po5ehuweather.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | fire2taskhub.chaevodh0t.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | move7logicnet.vibe7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | fast7siteview.chaevodh0t.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | stepmeshnode.vibe7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | run4taskhub.vibe7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | pathmeshsite.colorist-resignat.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | starthostunit.vibe7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | dash3taskhub.colorist-resignat.bet | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | jump2pathgate.vibe7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | fast9siteview.vibe7wave.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | spin4logicway.flow4axis.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | turnmeshsite.flow4axis.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | axis8taskhub.flow4axis.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | high7logicnet.nexo7peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | gearhostunit.flow4axis.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | peakmeshnode.nexo7peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | bolt5pathgate.flow4axis.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | star4taskhub.nexo7peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | dash7siteview.flow4axis.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | pointhostunit.nexo7peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | clean9logicnet.pure9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | top9pathgate.nexo7peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | washmeshnode.pure9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | view2siteview.nexo7peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | voidhostunit.pure9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | meltmeshsite.voda4flux.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | zero4pathgate.pure9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:53 | free8siteview.pure9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | glow8taskhub.voda4flux.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | link2logicway.flex2node.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | portmeshsite.flex2node.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | heat5pathgate.voda4flux.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | sync7taskhub.flex2node.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | http://217.145.227.150/stealer/public/login.php | Unknown malware | AS205775 NEON CORE NETWORK LLC qatar |  antiphishorg |
| 2026-05-01 06:52 | https://tools.doxbin.cy/windows | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-01 06:52 | fire1siteview.voda4flux.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | byte3pathgate.flex2node.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | slowmeshnode.kali9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | null9siteview.flex2node.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | rest3taskhub.kali9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | high5logicnet.tide5peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | basehostunit.kali9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | topmeshnode.tide5peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | peak2taskhub.tide5peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | long2siteview.kali9drift.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | starhostunit.tide5peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | edge4pathgate.tide5peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | view8siteview.tide5peak.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | foci5taskhub.mero2beam.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | core8logicway.dash8core.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | lenshostunit.mero2beam.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | basemeshsite.dash8core.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | unit3taskhub.dash8core.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | pure4siteview.mero2beam.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | sync5logicnet.sora5link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | hard5pathgate.dash8core.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | portmeshnode.sora5link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | chip9siteview.dash8core.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | link1taskhub.sora5link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | aero1logicnet.glid1zone.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | datahostunit.sora5link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | wingmeshnode.glid1zone.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | flowhostunit.glid1zone.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | skypathgate4.glid1zone.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | map2taskhub.tavi8grid.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | areahostunit.tavi8grid.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | glowmeshsite.surf3beam.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | beam7taskhub.surf3beam.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | site7siteview.tavi8grid.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | focihostunit.surf3beam.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | lens4pathgate.surf3beam.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | loadmeshnode.pilo1byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | pure8siteview.surf3beam.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | volt7logicnet.fast7link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | readhostunit.pilo1byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | ampmeshnode.fast7link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | watt2taskhub.fast7link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | loadhostunit.fast7link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | fuse5pathgate.fast7link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | grid9siteview.fast7link.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | open2logicway.open2byte.surf | ClearFake | 1May2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | https://www.edwinmsarmiento.com/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-01 06:52 | https://snakcscornerbd.com/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-01 06:52 | https://labo.univ-msila.dz/labs/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-01 06:52 | https://www.drkonradrack.at/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-01 06:52 | https://70.34.205.43/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-01 06:52 | https://document-share-id382929992933.sisregcel.com/ | Unknown malware | ClickFix | CarsonWilliams |
| 2026-05-01 06:52 | http://47.238.118.2:8888/supershell/login/ | Unknown malware | AS45102 Supershell | antiphishorg |
| 2026-05-01 06:52 | 47.238.118.2:8888 | Unknown malware | AS45102 Supershell | antiphishorg |
| 2026-05-01 06:52 | fc042d5bfecb1da4d2821c28c3a3b754.5df12747c755c71bd07c59710b1567bf.traefik.default | Cobalt Strike | |  duggusa |
| 2026-05-01 06:52 | plotmeshsite.nelo2qir.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | naughtyza.co.za | ClearFake | ClearFake | varysz |
| 2026-05-01 06:52 | mykeycounter.com | ClearFake | ClearFake | varysz |
| 2026-05-01 06:52 | weddingpioneer.com | ClearFake | ClearFake | varysz |
| 2026-05-01 06:52 | usanews24.info | ClearFake | ClearFake | varysz |
| 2026-05-01 06:52 | highpressurecleaningdurban.co.za | ClearFake | ClearFake | varysz |
| 2026-05-01 06:52 | 766866.com | ClearFake | ClearFake | varysz |
| 2026-05-01 06:52 | deal9siteview.sali8mor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:52 | sachhiprerna.com | ClearFake | ClearFake | varysz |
| 2026-05-01 06:52 | 2339fba9695ad25fcd79f232c4b635023f5621eb927a53601db84eb428b3116e | Unknown malware | ClickFix ConnectWise RMM-as-RAT ScreenConnect | Lenny_3BO |
| 2026-05-01 06:51 | d19f88dc8c825614e4898d06c7eeb28bace5156344aed4d708bcdd25a970866d | Unknown malware | ClickFix ConnectWise RMM-as-RAT ScreenConnect | Lenny_3BO |
| 2026-05-01 06:51 | https://mawenterprises.co/.April/A3.msi | Unknown malware | ClickFix ConnectWise RMM-as-RAT ScreenConnect | Lenny_3BO |
| 2026-05-01 06:51 | http://mawenterprises.co/.April/A1.mp4 | Unknown malware | ClickFix ConnectWise RMM-as-RAT ScreenConnect | Lenny_3BO |
| 2026-05-01 06:51 | mawenterprises.co | Unknown malware | ClickFix ConnectWise RMM-as-RAT ScreenConnect | Lenny_3BO |
| 2026-05-01 06:51 | win4pathgate.sali8mor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | report.error-report.com | ClearFake | ClearFake | varysz |
| 2026-05-01 06:51 | 2026op.com | Unknown malware | ClickFix ConnectWise RMM-as-RAT ScreenConnect | Lenny_3BO |
| 2026-05-01 06:51 | html-load.cc | ClearFake | ClearFake | varysz |
| 2026-05-01 06:51 | error-report.com | ClearFake | ClearFake | varysz |
| 2026-05-01 06:51 | fb.content-loader.com | ClearFake | ClearFake | varysz |
| 2026-05-01 06:51 | ilmukomputer.org | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | varysz |
| 2026-05-01 06:51 | strategicadvisersllc.com | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | varysz |
| 2026-05-01 06:51 | pittsburgh-carpet.com | IClickFix | ClickFix | varysz |
| 2026-05-01 06:51 | pipingpotcurry.com | ClearFake | ClearFake | varysz |
| 2026-05-01 06:51 | luckhostunit.sali8mor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | diskmeshnode.everfo7mat.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | past6siteview.undo-wingless.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | zone7taskhub.nelo2qir.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | areahostunit.nelo2qir.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | axis3pathgate.nelo2qir.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | core8taskhub.technic2lweak.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | mark8siteview.nelo2qir.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | heat5logicnet.thora5ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | glowmeshnode.thora5ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | burn9taskhub.thora5ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | firehostunit.thora5ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | dash2taskhub.expresser-pray.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | warm7siteview.thora5ven.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | risk3logicway.sali8mor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | send8siteview.expresser-pray.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:51 | spin6taskhub.sali8mor.bet | ClearFake | 30April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-05-01 06:50 | waithostunit.kren3sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 06:44 | last7taskhub.kren3sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 06:36 | tickmeshsite.kren3sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 06:30 | time3logicway.kren3sync.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 06:30 | t7h.plugazapp.com.br | Vidar | Vidar | crep1x |
| 2026-05-01 06:30 | https://t7h.plugazapp.com.br/ | Vidar | Vidar | crep1x |
| 2026-05-01 06:30 | t7h.ambil-disini.web.id | Vidar | Vidar | crep1x |
| 2026-05-01 06:30 | https://t7h.ambil-disini.web.id/ | Vidar | Vidar | crep1x |
| 2026-05-01 06:24 | full2siteview.pilo1byte.surf | ClearFake | ClearFake | threatcat_ch |
| 2026-05-01 06:19 | file7pathgate.pilo1byte.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 06:07 | save4taskhub.pilo1byte.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 05:56 | byte1logicnet.pilo1byte.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 05:45 | zone5pathgate.tavi8grid.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 05:28 | plotmeshsite.tavi8grid.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 05:23 | grid8logicway.tavi8grid.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 05:18 | null9siteview.sora5link.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 05:11 | byte4pathgate.sora5link.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 04:38 | beam8pathgate.mero2beam.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 04:21 | lightmeshsite.mero2beam.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 04:16 | ray2logicway.mero2beam.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 04:01 | stay7pathgate.kali9drift.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 03:36 | move9logicnet.kali9drift.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 03:16 | ionhostunit.voda4flux.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 02:54 | flow4logicway.voda4flux.surf | ClearFake | ClearFake | Anonymous |
| 2026-05-01 02:43 | 94.176.3.228:48765 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 94.198.96.164:52452 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 94.198.96.164:55025 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 95.111.250.175:5435 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 98.81.111.167:4321 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 98.97.125.70:8883 | DanaBot | DanBot drb-ra | abuse_ch |
| 2026-05-01 02:43 | 91.202.233.153:43555 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 91.215.85.151:47653 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 91.219.238.234:2700 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 93.127.134.156:80 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 94.154.35.160:1234 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 94.154.35.160:6466 | DCRat | dcrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 94.154.35.73:1111 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 84.54.33.7:6745 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 85.121.5.202:5689 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 85.155.186.2:3821 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 89.125.50.18:30031 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 90.58.26.10:6060 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 83.136.209.49:56002 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 83.136.209.49:56003 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 83.97.20.133:443 | BianLian | BianLian drb-ra | abuse_ch |
| 2026-05-01 02:43 | 83.97.20.133:80 | BianLian | BianLian drb-ra | abuse_ch |
| 2026-05-01 02:43 | 83.98.39.53:8443 | DanaBot | DanBot drb-ra | abuse_ch |
| 2026-05-01 02:43 | 83.98.39.54:8443 | DanaBot | DanBot drb-ra | abuse_ch |
| 2026-05-01 02:43 | 84.54.33.227:7829 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 79.135.160.20:9999 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 80.96.109.95:7443 | Unknown malware | Covenant drb-ra | abuse_ch |
| 2026-05-01 02:43 | 80.96.113.212:8080 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 81.229.251.143:443 | DanaBot | DanBot drb-ra | abuse_ch |
| 2026-05-01 02:43 | 83.136.209.49:56001 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 66.163.115.78:8808 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |
| 2026-05-01 02:43 | 66.85.27.18:80 | Havoc | drb-ra Havoc | abuse_ch |
| 2026-05-01 02:43 | 68.64.178.130:9900 | AdaptixC2 | AdaptixC2 drb-ra | abuse_ch |
| 2026-05-01 02:43 | 72.56.246.58:443 | Chaos | CHAOS drb-ra | abuse_ch |
| 2026-05-01 02:43 | 72.56.246.58:8080 | Chaos | CHAOS drb-ra | abuse_ch |
| 2026-05-01 02:43 | 66.163.115.78:6606 | AsyncRAT | asyncrat drb-ra RAT | abuse_ch |