| 2026-04-28 13:17 | asse4-track.frosthaven.garden | ClearFake | ClearFake |  threatcat_ch |
| 2026-04-28 13:15 | https://rjayfinance.co.nz/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-28 13:03 | whnmkwvj.frosthaven.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 12:56 | vormarkor.frosthaven.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 12:50 | serlineis.frosthaven.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 12:33 | 5urv3-layer.stoneflare.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 12:27 | pastureclien.stoneflare.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 12:15 | https://infobymika.fr/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-28 12:15 | https://agrotimes.in/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-28 12:14 | dock-visu.stoneflare.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 12:03 | f4ct0-span.lightforge.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 11:55 | tpxovsr.lightforge.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 11:50 | formpea.lightforge.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 11:50 | 138.199.246.59:443 | Vidar | Vidar |  crep1x |
| 2026-04-28 11:50 | 162.55.89.244:443 | Vidar | Vidar | crep1x |
| 2026-04-28 11:50 | 136.243.169.148:443 | Vidar | Vidar | crep1x |
| 2026-04-28 11:50 | 136.243.116.27:443 | Vidar | Vidar | crep1x |
| 2026-04-28 11:50 | 136.243.87.142:443 | Vidar | Vidar | crep1x |
| 2026-04-28 11:49 | https://138.199.246.59/ | Vidar | Vidar | crep1x |
| 2026-04-28 11:49 | https://162.55.89.244/ | Vidar | Vidar | crep1x |
| 2026-04-28 11:49 | https://136.243.169.148/ | Vidar | Vidar | crep1x |
| 2026-04-28 11:49 | https://136.243.116.27/ | Vidar | Vidar | crep1x |
| 2026-04-28 11:49 | https://136.243.87.142/ | Vidar | Vidar | crep1x |
| 2026-04-28 11:43 | filt3-scope.lightforge.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 11:15 | https://7medindia.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-28 11:09 | civi-opti.shadowpeak.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 11:04 | broad7-grid.shadowpeak.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 10:53 | pitchzoneyview.sonicwavehost.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 10:47 | freq6taskunit.sonicwavehost.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 10:22 | staticflowsys.quantumpathnet.garden | ClearFake | 28April2026 ClearFake Commandline Windows |  Gi7w0rm |
| 2026-04-28 10:16 | 104.248.198.130:25001 | Kimwolf | c2 kimwolf |  Bitsight |
| 2026-04-28 10:16 | matrix6pathway.vectorpointsite.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 10:16 | 134.209.93.191:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 10:16 | scalezoneyview.vectorpointsite.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 10:16 | planemeshlogic.vectorpointsite.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 10:16 | quant9wavegate.quantumpathnet.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 10:16 | orbitmeshpath.quantumpathnet.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 10:16 | https://filefriedchicken.com/ss2/ | Unknown Stealer | ClickFix shub |  ineffyble |
| 2026-04-28 10:16 | pulse8sitebox.quantumpathnet.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 10:05 | corehostunit5.quantumpathnet.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 10:00 | https://fre.jornaltribunadearaxa.com.br/ | Vidar | Vidar | crep1x |
| 2026-04-28 10:00 | fre.jornaltribunadearaxa.com.br | Vidar | Vidar | crep1x |
| 2026-04-28 10:00 | https://fre.trbombom.com/ | Vidar | Vidar | crep1x |
| 2026-04-28 10:00 | fre.trbombom.com | Vidar | Vidar | crep1x |
| 2026-04-28 09:59 | atom2logicnet.quantumpathnet.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 09:42 | point8fluxsys.vectorpointsite.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 09:22 | 31.56.209.120:4764 | Remcos | remcos |  TomU |
| 2026-04-28 09:22 | linehostunit1.vectorpointsite.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 09:08 | vector3sitehub.vectorpointsite.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 09:07 | lead4tasksys.silicongateway.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 09:01 | silicon7point.silicongateway.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 09:01 | 206.189.11.23:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 09:01 | goldunitpath5.silicongateway.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 09:01 | 64.225.78.190:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 09:01 | 174.138.9.203:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 08:56 | https://v-panel.asia/auth/login?ddosprotected=2 | Vidar | c2 Vidar |  Kenas |
| 2026-04-28 08:56 | zincflowbase.silicongateway.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 08:55 | 18.162.186.253:8880 | ValleyRAT | RAT ValleyRAT |  abuse_ch |
| 2026-04-28 08:55 | hhskkmmtyust.cn | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-28 08:41 | neon2logicgate.silicongateway.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 08:39 | 95.40.189.27:886 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-28 08:37 | 43.248.172.30:56310 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-28 08:37 | xiaoshihou37.org | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-28 08:37 | j6fadacai.com | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-28 08:35 | 156.247.51.70:56310 | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-28 08:34 | carbonmeshnode.silicongateway.garden | ClearFake | ClearFake | threatcat_ch |
| 2026-04-28 08:34 | xiaoshihou40.org | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-28 08:34 | liull6.com | ValleyRAT | RAT ValleyRAT | abuse_ch |
| 2026-04-28 08:20 | rapid8wavenet.pixelstormbase.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 08:14 | deltahostgate.pixelstormbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 08:10 | puresyncbase1.pixelstormbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 08:02 | 134.122.6.193:8080 | Chaos | AS14061 CHAOS DigitalOcean LLC |  antiphishorg |
| 2026-04-28 08:00 | 134.122.6.193:8080 | Chaos | CHAOS ViriBack | abuse_ch |
| 2026-04-28 07:58 | embermeshnode.pixelstormbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 07:58 | iron5logicway.pixelstormbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 07:42 | frost9taskunit.pixelstormbase.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 07:42 | macro6siteview.alphafluxnode.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 07:42 | 206.189.15.178:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 07:42 | atlasgridflow.alphafluxnode.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 07:20 | gravit4fluxbox.alphafluxnode.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 07:20 | solarpointnet.alphafluxnode.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 07:20 | 206.189.108.236:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 07:20 | lunar2waveunit.alphafluxnode.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 07:20 | 159.223.8.71:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 07:20 | http://172.86.91.94/api/ | Anatsa | |  johannes |
| 2026-04-28 07:20 | http://193.24.123.18:85/api/ | Anatsa | | johannes |
| 2026-04-28 07:20 | http://162.252.173.37:85/api/ | Anatsa | | johannes |
| 2026-04-28 07:20 | tempohostlink.alphafluxnode.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 06:58 | radiant7path.orbitmeshunit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 06:58 | smartmesh1sys.orbitmeshunit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 06:58 | blue3zonepath.orbitmeshunit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 06:55 | 144.202.105.204:8888 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-04-28 06:54 | https://wi8sar.digital/script.sh | Unknown malware | macOS |  HuntYethHounds |
| 2026-04-28 06:53 | wi8sar.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:52 | http://round5on.digital/script.sh | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:52 | round5on.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:52 | http://joue7make.digital/script.sh | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:51 | joue7make.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:51 | 101.35.122.246:80 | Cobalt Strike | CobaltStrike cs-watermark-666666666 | abuse_ch |
| 2026-04-28 06:50 | http://po1vax.digital/script.sh | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:50 | po1vax.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:50 | 175.24.201.23:8443 | Cobalt Strike | CobaltStrike cs-watermark-987654321 | abuse_ch |
| 2026-04-28 06:49 | https://kymlo2.digital/script.sh | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:49 | kymlo2.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:48 | https://heavyset-that.digital/script.sh | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:48 | heavyset-that.digital | Unknown malware | macOS | HuntYethHounds |
| 2026-04-28 06:46 | urbanhostgate.orbitmeshunit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 06:37 | http://googlemeets.click.goooggle.click/download.php | Unknown malware | Fake Google Meet | HuntYethHounds |
| 2026-04-28 06:37 | http://googlemeets.click.goooggle.click/verify.php | Unknown malware | Fake Google Meet | HuntYethHounds |
| 2026-04-28 06:35 | http://googlemeets.click.goooggle.click | Unknown malware | Fake Google Meet | HuntYethHounds |
| 2026-04-28 06:35 | googlemeets.click.goooggle.click | Unknown malware | Fake Google Meet | HuntYethHounds |
| 2026-04-28 06:34 | http://www.diamondexchangeus.store.goooggle.click/download.php | Unknown malware | Fake Google Meet | HuntYethHounds |
| 2026-04-28 06:33 | http://www.diamondexchangeus.store.goooggle.click | Unknown malware | Fake Google Meet | HuntYethHounds |
| 2026-04-28 06:33 | diamondexchangeus.store.goooggle.click | Unknown malware | Fake Google Meet | HuntYethHounds |
| 2026-04-28 06:32 | https://web-view.org/get/adobe/Reader_en_install.exe | Unknown malware | Fake Adobe | HuntYethHounds |
| 2026-04-28 06:31 | https://web-view.org/get/adobe/ | Unknown malware | Fake Adobe | HuntYethHounds |
| 2026-04-28 06:31 | web-view.org | Unknown malware | Fake Adobe | HuntYethHounds |
| 2026-04-28 06:29 | freetaskunit.cyberpeaklink.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 06:29 | cool2meshbit.cyberpeaklink.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 06:29 | stellar5bitnode.orbitmeshunit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 06:29 | vastlogicweb.orbitmeshunit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 06:29 | cloudnewupdate.us | Unknown malware | Fake Adobe | HuntYethHounds |
| 2026-04-28 06:28 | http://cloudnewupdate.us/acrobat/windows/visit.php | Unknown malware | Fake Adobe | HuntYethHounds |
| 2026-04-28 06:27 | http://cloudnewupdate.us/acrobat/windows/adobe.php | Unknown malware | Fake Adobe | HuntYethHounds |
| 2026-04-28 06:23 | https://etomoe.cfd/log.php | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-28 06:22 | https://etomoe.cfd/api/index.php | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-28 06:22 | https://etomoe.cfd/cf.js | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-28 06:21 | etomoe.cfd | Unknown malware | ClickFix ErrTraffic | HuntYethHounds |
| 2026-04-28 05:57 | packnoirland.raxonviewunit.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | gategoldberg3.raxonviewunit.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | datanoirgold5.sylosyncbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | srvvertland.sylosyncbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | linkholzbaum2.sylosyncbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | webopenmond.sylosyncbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | sync8kaltberg.sylosyncbase.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | core3darkstar.novismetaweb.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | approugesoft.novismetaweb.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | netpetitwald9.novismetaweb.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | flowironhaus.novismetaweb.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | zonebleuzeit1.novismetaweb.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | goldstarport.mivorpulsegate.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | noirmondsite.mivorpulsegate.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | taskironland.dexishostpath.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | baseopenwald.mivorpulsegate.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | unitkaltwind2.mivorpulsegate.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:57 | claudedesktop-llm.gitlab.io | ClearFake | ClearFake | ineffyble |
| 2026-04-28 05:57 | 164.92.210.57:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:57 | 104.248.197.185:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:57 | 64.227.79.172:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:56 | 104.248.192.244:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:56 | globfastfire7.raxonviewunit.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | bitbluemond.raxonviewunit.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | 167.99.209.253:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:56 | 68.183.6.224:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:56 | pathnoirbaum1.zexislinkhub.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | userfastzeit.zexislinkhub.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | 167.172.45.157:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:56 | 165.232.81.57:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:56 | loadpetitstar.zexislinkhub.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | 209.38.45.156:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:56 | baseopenwald.qivorpaknode.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | pointrougesoft.zexislinkhub.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | viewdarkberg9.zexislinkhub.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | sysvert7holz.qivorpaknode.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | metabluefire.qivorpaknode.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | goldstarport.qivorpaknode.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | petitwaldnet.dexisnetflow.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | ironhausflow2.dexisnetflow.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | hostfastland.dexisnetflow.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | rougesoft9app.dexisnetflow.garden | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | bleu-3.dexis-serv.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | haus-1.mivon-tech.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | https://zentav.top/trace/audit-module.js | SmartApeSG | SmartApeSG |  monitorsg |
| 2026-04-28 05:56 | zeit-berg-8.novis-data.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | open-3n.novis-data.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | iron-fire-6s.novis-data.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | rouge-4.novis-data.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | dark-wald-3.sylix-host.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | petit-star-8z.sylix-host.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | https://claudedesktop-llm.gitlab.io/wae/ | ClearFake | | ineffyble |
| 2026-04-28 05:56 | viewdarkberg.dexishostpath.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | pathnoirbaum.dexishostpath.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | https://claudedesktopllm.gitlab.io/crs/ | Unknown Stealer | | ineffyble |
| 2026-04-28 05:56 | globfastfire.vortextaskbit.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | fastland8zeit.mivontechzone.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | noirgoldstar.mivontechzone.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | vertbaumview.mivontechzone.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | holzunit3link.mivontechzone.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | tarsier.cloudshell.svc | Cobalt Strike | |  duggusa |
| 2026-04-28 05:56 | syncbergzeit5.mivontechzone.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:56 | newcheckout.shop | magecart | Magecart | Localhost |
| 2026-04-28 05:56 | office.australia-wealth.com | FAKEUPDATES | SocGholish | monitorsg |
| 2026-04-28 05:56 | turbostat.shop | magecart | Magecart | Localhost |
| 2026-04-28 05:56 | stylejingle.com | magecart | Magecart | Localhost |
| 2026-04-28 05:56 | grand6nodehub.cyberpeaklink.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 05:55 | pixellowersoon.top | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | ministat.shop | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | tagmanager.guru | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | styledontcryyy.com | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | hyperstat.shop | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | stylebackrooooms.com | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | gigatag.info | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | stylenemesiis.com | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | styleinfinity.top | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | styleoutsperee.com | magecart | Magecart | Localhost |
| 2026-04-28 05:55 | swift5tasknet.zenithflowgrid.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | clearpointdata.zenithflowgrid.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | trendscan8meta.cryptovoxelsync.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | shieldpurelink.cryptovoxelsync.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | bright3nodeview.cryptovoxelsync.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | proxyfastzone.cryptovoxelsync.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | deepcloud9base.cryptovoxelsync.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | signalwestport.cryptovoxelsync.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | https://217.145.227.150/ | Unknown Stealer | |  solostalking |
| 2026-04-28 05:55 | wildpathbase.cyberpeaklink.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | apex3stormlink.cyberpeaklink.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | vividmeshflow.zenithflowgrid.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | light8siteview.zenithflowgrid.garden | ClearFake | 28April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | termopasta.com | Unknown Stealer | | ineffyble |
| 2026-04-28 05:55 | foewpeee2tol.com | Unknown Stealer | | ineffyble |
| 2026-04-28 05:55 | fb094867dcb3f56391ca8a60016c5cd9872b529814b0fe48e1e7ea4563ce24ed | Unknown malware | AMSI-BYPASS ClickFix MP3-HTA-polyglot mshta VBScript | Lenny_3BO |
| 2026-04-28 05:55 | 20bf8267c60aeaafb90c224d865e163401a016b8568f95a6f1743fc74af62d9e | Unknown malware | AMSI-BYPASS ClickFix MP3-HTA-polyglot mshta VBScript | Lenny_3BO |
| 2026-04-28 05:55 | 159.223.235.96:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:55 | https://zentav.top/trace/refresh-css.php | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-28 05:55 | 142.93.135.177:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:55 | blue-fire-8w.syr2moxel.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | haus-4.syr2moxel.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | zentav.top | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-28 05:55 | https://zentav.top/trace/alias-thread.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-28 05:55 | browserperplexity.com | Unknown malware | ClickFix MP3-HTA mshta Polyglot | Lenny_3BO |
| 2026-04-28 05:55 | macarona.autos | Unknown malware | AMSI-BYPASS ClickFix mshta RC4 victim-fingerprint | Lenny_3BO |
| 2026-04-28 05:55 | 165.22.207.128:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:55 | soft-5.vok7laren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | 64.89.161.71:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:55 | kalt-berg-2.vok7laren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | https://datanexlab.top/trace/refresh-css.php | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-28 05:55 | datanexlab.top | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-28 05:55 | https://datanexlab.top/trace/alias-thread.js | SmartApeSG | SmartApeSG | monitorsg |
| 2026-04-28 05:55 | 64.89.160.215:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:55 | holz-baum-5.tal4miren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | open-7.tal4miren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | 64.89.161.74:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:55 | fast-zeit-1.tal4miren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | 64.89.160.216:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:55 | truebasecore.com | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | https://truebasecore.com/io | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | http://104.225.129.105/ | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | http://216.120.201.116/ | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | 146.71.81.232:443 | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | 104.225.129.105:443 | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | 216.120.201.116:443 | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | zentideen.pax4moren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:55 | 9c1a60b1e67f071d7100ae8dfde9efb77cbf7688f8cbe6461b27319c9d7f8742 | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | 3559ecb1e3c264bbc17b992b1d055bea42dbcb60e9397e24a33e9f09d5d307e2 | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:55 | d79e2990fa848ed9038f30dad65e30d6a3b335d78542d992de895a857e08351c | Unknown malware | Aorta ClickFix sideload SmartApeSG | Lenny_3BO |
| 2026-04-28 05:54 | stagesteril.pax4moren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:54 | 167.99.35.20:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:54 | 161.35.144.223:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:54 | 64.89.161.70:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:54 | 142.93.128.30:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:54 | zbh50.nol7sirex.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:54 | 5.175.215.42:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:54 | vordraor5.nol7sirex.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:54 | 83.142.209.252:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:54 | 64.89.160.214:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:54 | 64.89.161.72:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:54 | wwj2alum.pax4moren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-28 05:54 | 83.142.209.248:25001 | Kimwolf | c2 kimwolf | Bitsight |
| 2026-04-28 05:42 | neogateway9sys.cyberpeaklink.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 05:16 | bold7logicgate.zenithflowgrid.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 04:57 | primeglowunit.zenithflowgrid.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 04:03 | openmondkalt.mivontechzone.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 03:25 | winopenhaus.vortextaskbit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 03:19 | scanvertzeit1.vortextaskbit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 03:12 | gategoldberg.vortextaskbit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 03:06 | packnoirland7.vortextaskbit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 02:52 | bitbluemond4.vortextaskbit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 02:40 | userfastzeit.dexishostpath.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 02:25 | loadpetitstar3.dexishostpath.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 02:16 | pointrougesoft8.dexishostpath.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 01:36 | sysvert7holz.mivorpulsegate.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 01:24 | metabluefire6.mivorpulsegate.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 01:19 | hostfastland.novismetaweb.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 01:00 | https://isn.jornaltribunadearaxa.com.br/ | Vidar | Vidar | crep1x |
| 2026-04-28 01:00 | isn.jornaltribunadearaxa.com.br | Vidar | Vidar | crep1x |
| 2026-04-28 00:30 | https://isn.trbombom.com/ | Vidar | Vidar | crep1x |
| 2026-04-28 00:30 | isn.trbombom.com | Vidar | Vidar | crep1x |
| 2026-04-28 00:11 | nodezeitmond.sylosyncbase.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-28 00:04 | winopenhaus.raxonviewunit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-27 23:59 | scanvertzeit.raxonviewunit.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-27 23:02 | taskironland.zexislinkhub.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-27 22:51 | unitkaltwind.qivorpaknode.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-27 22:48 | unificandoelser.com | StrelaStealer | StrelaStealer | threatcat_ch |
| 2026-04-27 22:45 | noirmondsite4.qivorpaknode.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-27 22:15 | https://studio.mascaf-production.infobymika.fr/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 22:13 | bleuzeit8zone.dexisnetflow.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-27 22:00 | https://nde.imoveisavendaemaraxa.com.br/ | Vidar | Vidar | crep1x |
| 2026-04-27 22:00 | https://nde.vi-ler.dk/ | Vidar | Vidar | crep1x |
| 2026-04-27 22:00 | nde.imoveisavendaemaraxa.com.br | Vidar | Vidar | crep1x |
| 2026-04-27 22:00 | nde.vi-ler.dk | Vidar | Vidar | crep1x |
| 2026-04-27 21:48 | darkstarcore.dexisnetflow.garden | ClearFake | ClearFake | Anonymous |
| 2026-04-27 21:44 | petit-fire-5.dexis-serv.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 21:32 | dark-land-8b.dexis-serv.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 21:20 | holz-baum-7k.mivon-tech.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 21:15 | https://staging.online-paystub.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 21:15 | https://mimidavid.arellabs.org/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 21:09 | vert-4.mivon-tech.in.net | ClearFake | ClearFake | Anonymous |
| 2026-04-27 21:04 | gold-mond-2.mivon-tech.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 20:58 | noir-9.mivon-tech.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 20:53 | fast-star-5x.mivon-tech.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 20:42 | kalt-5.novis-data.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 20:38 | soft-land-1.novis-data.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 20:26 | haus-2x.sylix-host.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 20:16 | bleu-9.sylix-host.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 20:11 | holz-berg-5.sylix-host.in.net | ClearFake | ClearFake | Anonymous |
| 2026-04-27 20:08 | kanoulasdrive.gr | StrelaStealer | StrelaStealer | threatcat_ch |
| 2026-04-27 20:05 | vert-1.sylix-host.in.net | ClearFake | ClearFake | Anonymous |
| 2026-04-27 19:54 | open-6.raxos-node.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 19:48 | gold-land-4m.raxos-node.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 19:43 | noir-2.raxos-node.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 19:39 | fast-fire-9.raxos-node.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 19:30 | zeit-5.raxos-node.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 19:21 | blue-mond-3k.raxos-node.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 19:15 | gold-star-5s.qen9vital.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 19:09 | fast-2.syr2moxel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 19:04 | wald-baum-9.syr2moxel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 18:56 | bleu-3k.syr2moxel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 18:50 | zeit-land-7.syr2moxel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 18:29 | iron-6.vok7laren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 18:21 | petit-mond-1.vok7laren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 18:00 | rouge-9v.vok7laren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 17:56 | dark-star-4.vok7laren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 17:50 | zeroclipstudiophotography.com | StrelaStealer | StrelaStealer | threatcat_ch |
| 2026-04-27 17:43 | vert-2k.tal4miren.in.net | ClearFake | ClearFake | Anonymous |
| 2026-04-27 17:38 | gold-land-3.tal4miren.in.net | ClearFake | ClearFake | Anonymous |
| 2026-04-27 17:34 | noir-8.tal4miren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 17:25 | c3da-glow.pax4moren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 17:17 | rpa.vi-ler.dk | Vidar | lv80gzr Vidar | abuse_ch |
| 2026-04-27 17:17 | https://rpa.vi-ler.dk/ | Vidar | lv80gzr Vidar | abuse_ch |
| 2026-04-27 17:17 | rpa.imoveisavendaemaraxa.com.br | Vidar | lv80gzr Vidar | abuse_ch |
| 2026-04-27 17:17 | https://rpa.imoveisavendaemaraxa.com.br/ | Vidar | lv80gzr Vidar | abuse_ch |
| 2026-04-27 17:08 | agjlskc.pax4moren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 17:03 | hputcl37.pax4moren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:59 | qncd.nol7sirex.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:50 | pil0t1-mesh.nol7sirex.in.net | ClearFake | ClearFake | Anonymous |
| 2026-04-27 16:46 | culqxa.nol7sirex.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:43 | cine2-path.nol7sirex.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:34 | bz110bs.kyr1vomen.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:30 | cort4-node.kyr1vomen.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:26 | lumvaleum3.kyr1vomen.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:24 | queuedirect.tov6larek.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 16:24 | publshi.tov6larek.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 16:24 | cour1e-core.kyr1vomen.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 16:24 | bay6-beam.kyr1vomen.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 16:11 | ezyunbs.kyr1vomen.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:08 | wakanda33.it.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-27 16:07 | snet88.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-27 16:07 | nnzn.sa.com | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-27 16:06 | fb88.dfwf.io | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-27 16:06 | dfwf.io | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-27 16:06 | devtourandtrevels.in.net | Nanocore RAT | NanoCore | abuse_ch |
| 2026-04-27 16:04 | vmbspptn.tov6larek.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 16:01 | http://92.63.102.121/Lowbase.php | DCRat | dcrat RAT | abuse_ch |
| 2026-04-27 16:01 | http://cc011590.tw1.ru/L1nc0In.php | DCRat | dcrat RAT | abuse_ch |
| 2026-04-27 16:00 | 161.35.110.36:22 | NjRAT | njrat | abuse_ch |
| 2026-04-27 15:59 | 172.67.187.211:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-27 15:59 | 46.202.138.60:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-27 15:59 | tal-lithix.tov6larek.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:58 | 104.18.4.119:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-27 15:58 | 104.18.5.119:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-27 15:57 | 172.67.140.186:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-27 15:57 | 104.21.33.27:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-27 15:56 | 104.21.88.251:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-27 15:56 | 172.67.155.48:443 | Nanocore RAT | NanoCore RAT | abuse_ch |
| 2026-04-27 15:50 | 6lzo5xl.tov6larek.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:44 | norcore2ix.tov6larek.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:41 | platform.exathomeswebuyarizona.com | FAKEUPDATES | SocGholish | monitorsg |
| 2026-04-27 15:40 | parfsdp.sydo9marel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:38 | vortideum.rax2liven.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 15:38 | https://v-panel.buzz/auth/login?ddosprotected=1 | Vidar | c2 Vidar | Kenas |
| 2026-04-27 15:37 | htusgm8k.sydo9marel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:33 | fhgcivkk.sydo9marel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:28 | brand-vau.sydo9marel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:24 | vbl60o.sydo9marel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:21 | alt-enc0.sydo9marel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:15 | cultu3-array.rax2liven.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 15:15 | https://homeecosavingsideas.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 15:06 | booey.rax2liven.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 15:05 | nubebdn.sokla3ren.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 15:05 | meta-5umm.qim8vorel.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 15:05 | cin3m2-frame.vex7lurin.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 15:05 | arkmarkix.rax2liven.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 15:05 | h4rbor-phase.rax2liven.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 14:53 | sercresta4.rax2liven.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:49 | kel-fluxor.qim8vorel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:43 | syntarepo.qim8vorel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:39 | ioszf.qim8vorel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:36 | cedthe.qim8vorel.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:26 | birchpayload.qim8vorel.in.net | ClearFake | ClearFake | Anonymous |
| 2026-04-27 14:23 | shield-sile.sokla3ren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:15 | https://bookshelfculture.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 14:15 | https://icebath.org.il/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 14:15 | https://petloverspalace.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 14:15 | https://bayviewgourmet.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 14:15 | https://ecocolours.in/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 14:15 | https://aspirefitnessclub.com/ | Vidar | ClickFix compromised etherhiding Polygon Vidar WordPress | Anonymous |
| 2026-04-27 14:14 | 1r72in.sokla3ren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:10 | vorlith8on.sokla3ren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:07 | rn3tric-grid.sokla3ren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:03 | 4hs7joli.sokla3ren.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 14:00 | https://ser.imoveisavendaemaraxa.com.br/ | Vidar | Vidar | crep1x |
| 2026-04-27 14:00 | ser.imoveisavendaemaraxa.com.br | Vidar | Vidar | crep1x |
| 2026-04-27 14:00 | https://ser.vi-ler.dk/ | Vidar | Vidar | crep1x |
| 2026-04-27 14:00 | ser.vi-ler.dk | Vidar | Vidar | crep1x |
| 2026-04-27 14:00 | rydr.vex7lurin.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 13:56 | m35h1-loop.vex7lurin.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 13:48 | knyo.vex7lurin.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 13:43 | hiddenbyt.vex7lurin.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 13:36 | bcfapelw.mer4talon.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:36 | finger.linked-on.com | Unknown malware | ClickFix finger-lolbas fingerfix linkedin-lure Python-embed | Lenny_3BO |
| 2026-04-27 13:36 | https://linked-on.com/leyts.php?Npier=1 | Unknown malware | ClickFix finger-lolbas fingerfix linkedin-lure Python-embed | Lenny_3BO |
| 2026-04-27 13:36 | 107.170.45.91:443 | Unknown malware | ClickFix finger-lolbas fingerfix linkedin-lure Python-embed | Lenny_3BO |
| 2026-04-27 13:36 | https://mtg-life.net/95126aeb-4120-56b1-8c9e-63fdf0c0b6f9/scr7 | Unknown malware | ClickFix fingerfix python-shellcode-loader | Lenny_3BO |
| 2026-04-27 13:36 | 173.44.141.222:443 | Unknown malware | ClickFix fingerfix python-shellcode-loader | Lenny_3BO |
| 2026-04-27 13:36 | mtg-life.net | Unknown malware | ClickFix fingerfix python-shellcode-loader | Lenny_3BO |
| 2026-04-27 13:36 | 08a474368a2f94f347ad9e1a0a08d4258fcf49c6b9373214f7901bb770bacca4 | Unknown malware | ClickFix fingerfix python-shellcode-loader | Lenny_3BO |
| 2026-04-27 13:36 | quor-meshis.vex7lurin.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:32 | 185.193.126.248:27000 | Unknown malware | | abuse_ch |
| 2026-04-27 13:29 | fa1thf6-gate.oasis-reimburse.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:29 | gatewa-qua.incub-teahouse.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:29 | sortdynamic.eggman8eisha.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:29 | queryspecimen.pares-system.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:29 | banncip.judges-spire.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:29 | lumlithex.mer4talon.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:29 | https://sigmatauethifarma.com/file.js | KongTuke | Kongtuke | monitorsg |
| 2026-04-27 13:29 | sigmatauethifarma.com | KongTuke | Kongtuke | monitorsg |
| 2026-04-27 13:29 | https://sigmatauethifarma.com/t | KongTuke | Kongtuke | monitorsg |
| 2026-04-27 13:29 | https://sigmatauethifarma.com/g | KongTuke | Kongtuke | monitorsg |
| 2026-04-27 13:28 | 23ofcfv.khudrukmumb1es.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:28 | 93f5qz.khudrukmumb1es.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:28 | tal-draet.khudrukmumb1es.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:28 | arkcoreix.judges-spire.in.net | ClearFake | 27April2026 ClearFake Commandline Windows | Gi7w0rm |
| 2026-04-27 13:28 | https://bcaccount.co.th/?u=fwjxxjdhc4fkhntp263ah3a | Emmenhtal | html-smuggling spamtrap |  jahlives |
| 2026-04-27 13:28 | https://sigmatauethifarma.com/c | KongTuke | Kongtuke | monitorsg |
| 2026-04-27 13:28 | https://cj06y9v4xab.com/d | KongTuke | Kongtuke | monitorsg |
| 2026-04-27 13:28 | cj06y9v4xab.com | KongTuke | Kongtuke | monitorsg |
| 2026-04-27 13:28 | vitalpalette.mer4talon.in.net | ClearFake | ClearFake | threatcat_ch |
| 2026-04-27 13:26 | 54.255.15.131:10086 | Ghost RAT | Gh0stRAT RAT | abuse_ch |
| 2026-04-27 13:24 | 206.238.199.22:10086 | Ghost RAT | Gh0stRAT RAT | abuse_ch |