################################################################
# ThreatFox IOCs: recent domains - CSV format                  #
# Last updated: 2025-03-14 09:05:56 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-03-14 09:05:56", "1448001", "sunlight-11.pages.dev", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-14 09:05:55", "1448002", "sandbox.silver-map-generator.shop", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-14 08:01:33", "1448014", "cpcalendars.bestonenewznet.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.1.242+cpcalendars.bestonenewznet.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-14 08:01:22", "1448012", "ecoprohaven.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/104.21.48.1+ecoprohaven.com", "AS13335,C2,censys,CLOUDFLARENET,Hookbot", "0", "DonPasci"
"2025-03-14 07:07:31", "1447569", "cpcalendars.apkhubnewz.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.16.1+cpcalendars.apkhubnewz.com", "AS13335,C2,censys,CLOUDFLARENET", "0", "dyingbreeds_"
"2025-03-14 07:07:24", "1447570", "manusiabodoh.cyberdark.xyz", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/104.21.83.156+manusiabodoh.cyberdark.xyz", "AS13335,C2,censys,CLOUDFLARENET,L3MON", "0", "dyingbreeds_"
"2025-03-14 07:07:23", "1447568", "balancefitnow.com", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/172.67.177.132+balancefitnow.com", "AS13335,C2,censys,CLOUDFLARENET,Hookbot", "0", "dyingbreeds_"
"2025-03-14 07:07:13", "1447507", "check.fetoq.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-14 07:07:12", "1447458", "check.lixir.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-14 07:05:11", "1447994", "main-connection.click", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:11", "1447995", "authentication-to.help", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:11", "1447996", "open-connect-to-cdn.cc", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:11", "1447997", "westmaidentrue.click", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447985", "fowlerkiawindsor.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447986", "gilchristautomotive.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447987", "genesisofkennesaw.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447988", "randywisebuickgmc.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447989", "machaiford.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447990", "deliveryoka.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447991", "security-confirmation.help", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447992", "id.kickfire.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:05:10", "1447993", "tapestryoftruth.com", "domain", "payload_delivery", "unknown", "None", "Unknown malware", "", "50", "", "clickfix", "0", "juroots"
"2025-03-14 07:02:29", "1447978", "ck1234-47763.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-03-14 07:02:29", "1447979", "javv-35412.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-03-14 07:02:29", "1447980", "thought-administrative.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-03-14 07:02:29", "1447981", "sywaxeha-41850.portmap.host", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-03-14 07:02:28", "1447974", "amazon-astrology.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-03-14 07:02:28", "1447975", "any-attraction.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-03-14 07:02:28", "1447976", "bensgaming.scr", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-03-14 07:02:28", "1447977", "choose-lamb.gl.at.ply.gg", "domain", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots"
"2025-03-14 06:59:46", "1447969", "qwertyuioplkjhgfdsazxcvbnm.ydns.eu", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots"
"2025-03-14 06:59:33", "1447953", "xkewvahimumw.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447954", "xmmclthkgjiif.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447955", "xsjmkpidceqdbr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447956", "xtnpcdvpk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447957", "xuvrrtrieyneqywuho.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447958", "xwixwsgjrikdwy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447959", "xxutcvxabf.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447960", "xydiiapyp.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447961", "yadmelssopju.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447962", "ycdcdlnfkalqeksvbdd.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447963", "ymkdsynulihl.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447964", "ymwtxtwjcutoy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447965", "yphrpamatxojboh.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447966", "ysfbbrplaclurpr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447967", "ysrmcymbqfkvkojv.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:33", "1447968", "yvxfdiit.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447932", "uokxkabepstc.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447933", "upmqnigaltqvuelscol.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447934", "uujlfjxvihatsr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447935", "vajgmayakgwhtjgsfay.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447936", "vpwyxhwimelfwslfmgt.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447937", "vrfbbnqw.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447938", "vtgdkhelxwotns.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447939", "vvmtviteuy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447940", "vwkvcbgrpuurtusi.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447941", "vxhhggrau.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447942", "wafhjtwygowhbdfn.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447943", "wblpbiohbm.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447944", "webqebxtabe.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447945", "welxufrahckhhipk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447946", "wfkmqwgvuqlegdwkeus.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447947", "whxtmyfgvpyr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447948", "wmhigjlmg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447949", "wphrrlsc.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447950", "wsesluarbidvie.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447951", "xembsvlmob.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:32", "1447952", "xkchjornedplpte.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447911", "rrlklsikpfjyoqmutl.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447912", "runeyjmqxveivksuvi.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447913", "ruwgckolcndwl.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447914", "ryqlltioyrcsu.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447915", "sgmrwormsiopg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447916", "siorjmrsxdqmvq.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447917", "sjkockatruoalmoyw.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447918", "stvkmflfmebvhfj.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447919", "swnpnodv.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447920", "tdjipoyhqmy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447921", "trerrxkctoktsl.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447922", "ttploevnivtsybduyb.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447923", "tttxbuvml.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447924", "uannluqgr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447925", "ubsvjxembk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447926", "ucmgwppmriigew.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447927", "uhryjrxaiusx.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447928", "uidogdafrpoafrpjxd.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447929", "uifwaxytj.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447930", "uipklsgctptgxacyuk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:31", "1447931", "unvvjslycjnxq.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447888", "oiojyponeomkelnis.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447889", "ooccvraeigmubs.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447890", "otetkpllcsbltf.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447891", "otsyktenpnwucbfrchd.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447892", "ouutdjxapd.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447893", "ovijhngejmo.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447894", "oxdyxnkpk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447895", "pjjnmthqubfpmvqtrti.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447896", "plwcsqynxj.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447897", "plyfrqjfynt.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447898", "qamxxbdglsnraye.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447899", "qcadtqyghmdqvwg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447900", "qckioymnowkwaxjwo.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447901", "qdretpbxcwjotwlhfr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447902", "qlagsssaavjqugh.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447903", "qwnxeahkdppgqeha.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447904", "qxwlheklcpoeticb.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447905", "rcxngqnhhjpgxtctdf.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447906", "rgoaqgojbiunk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447907", "rhcsjprmnacbg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447908", "rmttyrlnycyft.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447909", "rnsjcsjpipe.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:30", "1447910", "rqdumbol.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447866", "lmfempenskxs.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447867", "lmmsqtmkmpayyu.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447868", "lnapgrnuwlsn.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447869", "lntxwsbivuiwiymt.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447870", "luiyrtxaymj.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447871", "lwlqniwoe.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447872", "lwmsdhfcruswny.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447873", "lwqhcoemrdvncihd.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447874", "macygrytpknogdxxs.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447875", "mdtpfasvdqbxp.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447876", "miqbossmrbkpvjv.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447877", "mpfippgi.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447878", "mwdyqmtlt.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447879", "mwrgirlf.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447880", "mwtkhltvppdakhfrjxd.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447881", "myarnkqnhuxplwifpo.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447882", "niycwcdetltnokhhpd.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447883", "npmaskrnpivd.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447884", "ntdlseafxonbvkqed.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447885", "ntmhavejb.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447886", "nullucgghxu.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:29", "1447887", "ohnpvlmnlsyjwpp.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447846", "jegvsohfnwfpmqyux.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447847", "jlkvqxjxogtc.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447848", "jmvfljrrpxffppwyqj.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447849", "jnaxbhhekqoipte.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447850", "jrkaxdlkvhgsiyknhw.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447851", "jsfrrafslyyrqhwvyvo.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447852", "jyokjogwr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447853", "kajwyvopaanwnuopbj.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447854", "kanfdpobu.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447855", "ketodgaxlkx.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447856", "kgmhcpswm.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447857", "khwyrpvjvjhxqg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447858", "kjtrmwnxbk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447859", "kknmtnybwnlotlyxb.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447860", "kybtkxbydck.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447861", "lajlfdbqqr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447862", "lcddsotgdgqoba.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447863", "lcuhrxaoii.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447864", "lhrclcobwenxtyae.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:28", "1447865", "lifbirmfvircwvtijkh.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447823", "guytydndwwdcjn.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447824", "gvrqkrosdmjqufbfgdg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447825", "hdjeydvla.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447826", "hekcyjodkgrymjrq.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447827", "hfifjndycdwti.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447828", "hgpcrbwvnkkupirfv.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447829", "hjvrrqtmbvql.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447830", "hkbawmpjeg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447831", "hkrahmfmygyuipmwh.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447832", "hqcflqmvtush.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447833", "hqwjqvnty.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447834", "hrwkoyatnwdbtpusq.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447835", "iadryjrf.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447836", "iclrdmwlabaayyiy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447837", "icslsfanne.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447838", "imorgpjbnvbpmkemfro.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447839", "iodkkjqeraxic.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447840", "itkpqydlmqlfi.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447841", "itoxtsufaixmin.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447842", "ittuytyiceydiploubs.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447843", "iuehgutgmv.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447844", "iusatlmffgbxbcijdeb.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:27", "1447845", "iyxanlwgwhxcxavlsr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447802", "ehoywqmeyiokvhrxfqp.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447803", "eighlesddpwxl.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447804", "eigvtbfgem.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447805", "endcsebevthmcmojixr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447806", "famous-zopa.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447807", "fatpuclfsy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447808", "fhemcavaxrfptgifkw.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447809", "fhjvummcifit.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447810", "fieuinqtyqixemglomx.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447811", "fjicwyuyyppsei.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447812", "fkyqpvdwcmyk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447813", "fmtqkxcirxxgbupuxq.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447814", "ftxssxsavmbpulv.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447815", "fwllkforvkuqjclvy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447816", "gapfvinskqkvfht.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447817", "gbpilwqacn.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447818", "gjrrukbmrlskdyt.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447819", "gmeoghttmef.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447820", "gotcqsiunccajymh.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447821", "grabcminkphuei.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:26", "1447822", "guinobsiekcjtbolscm.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447781", "boulasvsvt.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447782", "bpoungre.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447783", "bsqckdniooybq.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447784", "bvwecxcfobr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447785", "bxhajhktmgnrwob.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447786", "bxmsbgqujsgq.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447787", "cbthmgvqvyrjcfeesh.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447788", "celsrxswsg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447789", "cjkmgelfr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447790", "ckpjqbryyfbjew.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447791", "cmdptnkxqgxxtbk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447792", "cnbpdmqaxkredxnk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447793", "cnhvrwkwr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447794", "ddkapqsrdhtprae.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447795", "dhrsdbtnxja.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447796", "dhvpkajvuhobg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447797", "djntrmarljlrkdqr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447798", "dlvynung.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447799", "dorsakrjsywexee.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447800", "drcowrkmdm.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:25", "1447801", "egpoajyeasr.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447768", "acostcihprfqbgiuhfo.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447769", "affxqgwn.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447770", "aoeexvsdaacscmqm.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447771", "asfabbwpms.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447772", "asuknifg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447773", "asxlemnbyioy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447774", "baffmgpnfdgspqduk.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447775", "barmfrpkvhohj.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447776", "bdwgecyw.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447777", "bgdhyvokpchokesy.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447778", "bjxyatlg.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447779", "bodubeqadbm.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:59:24", "1447780", "boibflwylfapinygm.com", "domain", "botnet_cc", "win.ramnit", "Nimnul", "Ramnit", "", "50", "", "c2,ramnit", "0", "juroots"
"2025-03-14 06:58:46", "1447767", "z-openings.gl.at.ply.gg", "domain", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "", "c2,quasar", "0", "juroots"
"2025-03-14 06:58:29", "1447766", "gabh.gotdns.ch", "domain", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots"
"2025-03-14 06:58:14", "1447762", "botnet.tcp-bypass.ovh", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "mirai", "0", "juroots"
"2025-03-14 06:58:14", "1447763", "c2.crucialnetworks.xyz", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "mirai", "0", "juroots"
"2025-03-14 06:58:14", "1447764", "net.20b20t.com.tr", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "mirai", "0", "juroots"
"2025-03-14 06:58:14", "1447765", "newageofkifirempire.camdvr.org", "domain", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "50", "", "mirai", "0", "juroots"
"2025-03-14 06:57:49", "1447761", "www.ypherpunkpress.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447743", "www.rgent-loan-633032398.click", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447744", "www.rlinker.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447745", "www.rops-newser456.sbs", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447746", "www.sassrgaceeytp.digital", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447747", "www.ssisted-living-5.bond", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447748", "www.tair-lift-65694.bond", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447749", "www.tikahshafie.cloud", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447750", "www.uantiv.art", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447751", "www.ubyx.digital", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447752", "www.ulnmatrix.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447753", "www.ultigenius.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447754", "www.unsetvistahotels.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447755", "www.uskdeveloper.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447756", "www.volvedirectivesolutions.info", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447757", "www.wiftcarcare.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447758", "www.xbeykozharunyakar.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447759", "www.xvideos.red", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:48", "1447760", "www.ynonymnetwork.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447724", "www.k5004.casino", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447725", "www.mnbeauty.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447726", "www.mniscientnews.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447727", "www.nepf.bid", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447728", "www.ngfuwlofip.bond", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447729", "www.niliidd.irish", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447730", "www.nkywords6598.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447731", "www.nsold-cars-tribe.today", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447732", "www.oberwayenergy.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447733", "www.one.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447734", "www.ortop-corp.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447735", "www.ouse136.click", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447736", "www.oveworldquick.sbs", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447737", "www.pioxc.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447738", "www.qhelp.live", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447739", "www.rbitswaves.info", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447740", "www.reamsquad11fantasy.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447741", "www.reenmounttravel.online", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:47", "1447742", "www.renddshop.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447704", "www.atvikxtt.tech", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447705", "www.cskftyn.biz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447706", "www.deadirectiveconsultinghub.info", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447707", "www.eagleinsuranceplans.fun", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447708", "www.ealthcare-trends-76690.bond", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447709", "www.earfat.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447710", "www.eautyservicesrc.info", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447711", "www.ebbidy.app", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447712", "www.edralb.irish", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447713", "www.endon.cloud", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447714", "www.ental-implants-89727.bond", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447715", "www.erratech.tech", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447716", "www.estfreshmove.sbs", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447717", "www.et1000.biz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447718", "www.etsumamoto.pro", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447719", "www.ewtym.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447720", "www.gmstudio.net", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447721", "www.hatushyamcraneservice.online", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447722", "www.icisuo6.pro", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:46", "1447723", "www.imalayanscent.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:45", "1447697", "www.58-pet-funeral-services-14.cfd", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:45", "1447698", "www.8068.locker", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:45", "1447699", "www.aki-spin.casino", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:45", "1447700", "www.alamalaenava.shop", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:45", "1447701", "www.andalend.xyz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:45", "1447702", "www.antx.buzz", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 06:57:45", "1447703", "www.assaustreetcapitalplanning.info", "domain", "botnet_cc", "win.formbook", "win.xloader", "Formbook", "", "50", "", "c2,formbook", "0", "juroots"
"2025-03-14 04:01:42", "1447559", "cpcalendars.topandbestnews.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.137.7+cpcalendars.topandbestnews.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-14 04:01:41", "1447558", "cpcalendars.ipmnewsworld.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.45.93+cpcalendars.ipmnewsworld.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-14 00:01:34", "1447533", "cpcontacts.10bestbusiness.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.128.43+cpcontacts.10bestbusiness.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-14 00:01:32", "1447532", "webmail.takeufagame1212.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.112.1+webmail.takeufagame1212.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 22:58:08", "1447514", "www.of123pro.online", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-13 22:57:36", "1447513", "ejones.b-cdn.net", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-13 22:57:28", "1447512", "cattwo.top", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-13 20:56:55", "1447504", "ns2.sdsdsdfsdf145.shop", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-13 20:56:51", "1447503", "ns1.sdsdsdfsdf145.shop", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-13 20:01:42", "1447488", "cpcalendars.mtpolice077.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.58.15+cpcalendars.mtpolice077.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:41", "1447485", "16.171.114.30.sslip.io", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/16.171.114.30+16.171.114.30.sslip.io", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci"
"2025-03-13 20:01:41", "1447486", "webmail.businessnewznetwork.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.134.87+webmail.businessnewznetwork.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:41", "1447487", "cpcalendars.theyestechnewsz.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.80.1+cpcalendars.theyestechnewsz.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:40", "1447483", "cpanel.topzbuscartio.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.32.1+cpanel.topzbuscartio.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:40", "1447484", "cpcalendars.businesswithloyal.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.175.156+cpcalendars.businesswithloyal.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:39", "1447481", "cpcontacts.enjoyedufabet.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.194.23+cpcontacts.enjoyedufabet.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:39", "1447482", "webmail.dmfortsites.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.18.207+webmail.dmfortsites.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:38", "1447479", "webdisk.playufabetgames.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.112.1+webdisk.playufabetgames.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:38", "1447480", "cpcontacts.businesssabart.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.185.61+cpcontacts.businesssabart.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:37", "1447477", "cpcalendars.fivetopbusiness.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.11.152+cpcalendars.fivetopbusiness.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:37", "1447478", "cpanel.foodiesfrenzy.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.64.10+cpanel.foodiesfrenzy.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 20:01:28", "1447475", "magical-shockley.156-253-228-19.plesk.page", "domain", "botnet_cc", "apk.hook", "None", "Hook", "", "100", "https://search.censys.io/hosts/156.253.228.19+magical-shockley.156-253-228-19.plesk.page", "AS213995,C2,censys,FROSTYHOSTING-AS,Hookbot", "0", "DonPasci"
"2025-03-13 18:07:45", "1447461", "s.p.formaxprime.co.uk", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2025-03-13 17:43:50", "1447454", "check.kakib.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 16:39:08", "1447456", "sixjs6pn.top", "domain", "botnet_cc", "win.cryptbot", "None", "CryptBot", "", "100", "https://www.virustotal.com/gui/domain/sixjs6pn.top", "c2,domain,virustotal", "0", "DonPasci"
"2025-03-13 16:19:15", "1447402", "check.newyf.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 16:19:14", "1447406", "movtime76.shop", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114155750696934259", "SmartApeSG", "0", "monitorsg"
"2025-03-13 16:01:36", "1447440", "cpanel.businesspros.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.146.217+cpanel.businesspros.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 16:01:35", "1447439", "webmail.top5business.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.80.1+webmail.top5business.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 16:01:34", "1447438", "webmail.topgadgettechnewz1.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.11.49+webmail.topgadgettechnewz1.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 14:40:03", "1447379", "citychron.life", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:40:02", "1447380", "vibrantlo.today", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:40:02", "1447381", "skylinejo.world", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:40:01", "1447383", "sightsa.bet", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:40:00", "1447382", "snipersecrets.world", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:59", "1447384", "urbanexpe.world", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:58", "1447385", "urbanjour.today", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:57", "1447386", "airsoftadv.life", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:56", "1447387", "hiddenstr.world", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:56", "1447388", "armamentg.life", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:56", "1447389", "rangefinde.today", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:55", "1447390", "pathsofur.today", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:55", "1447391", "localfl.bet", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:54", "1447392", "townsands.bet", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:54", "1447393", "citypulsez.life", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:53", "1447394", "localjour.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:53", "1447395", "townadven.life", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:52", "1447396", "gunsandg.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:52", "1447397", "cityvib.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:52", "1447398", "industryin.today", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:51", "1447399", "reloadrevol.bet", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "", "Domain,Lumma,Lumma Stealer,Stealer", "0", "RacWatchin8872"
"2025-03-13 14:39:50", "1447400", "check.gulov.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 14:23:45", "1447355", "check.gimyh.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 14:00:07", "1447353", "check.lapib.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 13:38:07", "1447343", "check.tozuj.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 12:47:05", "1447249", "cyberetc.com", "domain", "payload_delivery", "js.fakeupdates", "FakeUpdate,SocGholish", "FAKEUPDATES", "", "100", "https://infosec.exchange/@monitorsg/114154330959768876", "KongTuke", "0", "monitorsg"
"2025-03-13 12:46:59", "1447210", "check.pajyg.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 12:35:35", "1447318", "decorathnome.icu", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/decorathnome.icu", "c2,stealer,VirusTotal", "0", "DonPasci"
"2025-03-13 12:34:39", "1447317", "wirybringero.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/wirybringero.shop", "c2,stealer,VirusTotal", "0", "DonPasci"
"2025-03-13 12:34:37", "1447316", "togoltrove.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/togoltrove.shop", "c2,stealer,VirusTotal", "0", "DonPasci"
"2025-03-13 12:34:26", "1447315", "urbanexp.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/urbanexp.digital", "c2,stealer,VirusTotal", "0", "DonPasci"
"2025-03-13 12:34:25", "1447314", "weaponrywo.digital", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/weaponrywo.digital", "c2,stealer,VirusTotal", "0", "DonPasci"
"2025-03-13 12:34:04", "1447313", "electryuonicpulse.world", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/electryuonicpulse.world", "c2,stealer,VirusTotal", "0", "DonPasci"
"2025-03-13 12:33:57", "1447312", "ce43370.tw1.ru", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/ce43370.tw1.ru", "c2,domain,rat,VirusTotal", "0", "DonPasci"
"2025-03-13 09:57:42", "1447284", "d.p.formaxprime.co.uk", "domain", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "", "Vidar", "0", "crep1x"
"2025-03-13 08:01:55", "1447233", "ip212-227-245-12.pbiaas.com", "domain", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/212.227.245.12+ip212-227-245-12.pbiaas.com", "AS8560,C2,censys,hacktool,IONOS-AS,Mimikatz,open-dir", "0", "DonPasci"
"2025-03-13 08:01:30", "1447229", "webmail.answerallnewz.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.40.20+webmail.answerallnewz.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 08:01:29", "1447228", "webdisk.toto7vgames.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.211.220+webdisk.toto7vgames.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 08:01:28", "1447226", "cpcontacts.generalnewzsab.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.164.170+cpcontacts.generalnewzsab.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 08:01:28", "1447227", "cpcalendars.expressnewzgames.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.37.253+cpcalendars.expressnewzgames.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 07:11:34", "1447200", "check.cudol.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 06:57:23", "1447201", "verynicepeoplesforsweetkiss.duckdns.org", "domain", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "", "RAT,RemcosRAT", "0", "abuse_ch"
"2025-03-13 06:45:48", "1447169", "cpanel.hostsportstoto9.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.179.243+cpanel.hostsportstoto9.com", "AS13335,C2,censys,CLOUDFLARENET", "0", "dyingbreeds_"
"2025-03-13 06:45:22", "1447112", "check.hehoi.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 06:45:11", "1447048", "check.fesuy.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-13 04:01:44", "1447153", "burnsmcd.co", "domain", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/161.35.120.26+burnsmcd.co", "AS14061,censys,DIGITALOCEAN-ASN,EvilGinx,panel,Phishing", "0", "DonPasci"
"2025-03-13 02:54:56", "1447126", "mcnn.ru", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-13 00:01:40", "1447095", "webmail.mtstronggame7.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.31.170+webmail.mtstronggame7.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:39", "1447093", "webmail.b2bbsuiness.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.83.221+webmail.b2bbsuiness.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:39", "1447094", "cpcontacts.top5business.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.59.12+cpcontacts.top5business.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:38", "1447090", "cpanel.homeimprovementbloopers.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.48.1+cpanel.homeimprovementbloopers.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:38", "1447091", "ip234.ip-51-81-171.us", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/51.81.171.234+ip234.ip-51-81-171.us", "AS16276,C2,censys,Havoc,OVH", "0", "DonPasci"
"2025-03-13 00:01:38", "1447092", "cpcontacts.gamesoftotoandtotoof.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.135.8+cpcontacts.gamesoftotoandtotoof.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:37", "1447088", "webmail.fortnewzoutlooks.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.16.1+webmail.fortnewzoutlooks.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:37", "1447089", "cpanel.onebusinessportal.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.84.198+cpanel.onebusinessportal.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:36", "1447087", "webmail.paranewslivesab.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.32.1+webmail.paranewslivesab.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:35", "1447084", "carsrpg.online", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/185.43.5.227+carsrpg.online", "AS29182,C2,censys,Havoc,RU-JSCIOT", "0", "DonPasci"
"2025-03-13 00:01:35", "1447085", "cpcontacts.gamesoffashion45.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.155.74+cpcontacts.gamesoffashion45.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-13 00:01:35", "1447086", "cpcalendars.onlinebesttotogamesnewz.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.210.67+cpcalendars.onlinebesttotogamesnewz.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:22:54", "1447045", "jsfiles-bqq.pages.dev", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-12 20:22:53", "1447046", "bbb1-9we.pages.dev", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-12 20:22:53", "1447047", "items.kycc-camera.shop", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
"2025-03-12 20:03:35", "1447021", "crosshairc.life/dAnjhw", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "None", "c2,Lumma,Lumma Stealer,LummaStealer", "0", "TRACLabs_"
"2025-03-12 20:01:33", "1447042", "cpcalendars.ufabetandcasinos.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.189.151+cpcalendars.ufabetandcasinos.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:33", "1447043", "webdisk.domizmusk.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.179.163+webdisk.domizmusk.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:32", "1447039", "cpcalendars.fastnewclub.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.68.76+cpcalendars.fastnewclub.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:32", "1447040", "cpcalendars.ufabets.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.112.1+cpcalendars.ufabets.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:32", "1447041", "cpanel.fivetopbusiness.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.112.1+cpanel.fivetopbusiness.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:31", "1447037", "webdisk.gamesandufabetpro.website", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.130.30+webdisk.gamesandufabetpro.website", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:31", "1447038", "webdisk.bsttoolswx.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.177.150+webdisk.bsttoolswx.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:30", "1447035", "cpcalendars.dmustkpoint.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.45.213+cpcalendars.dmustkpoint.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:30", "1447036", "webdisk.modegenerlshub.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.130.252+webdisk.modegenerlshub.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:29", "1447033", "company.fithiphealthy.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/86.54.42.182+company.fithiphealthy.com", "AS42624,C2,censys,Havoc,SWISSNETWORK02", "0", "DonPasci"
"2025-03-12 20:01:29", "1447034", "cpcalendars.wealthwrknetwork.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.148.249+cpcalendars.wealthwrknetwork.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:28", "1447030", "cpcontacts.onebusinessportal.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.196.148+cpcontacts.onebusinessportal.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:28", "1447031", "ip70-185-170-81.mc.at.cox.net", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/70.185.170.81+ip70-185-170-81.mc.at.cox.net", "AS22773,ASN-CXA-ALL-CCI-22773-RDC,C2,censys,Havoc", "0", "DonPasci"
"2025-03-12 20:01:28", "1447032", "webmail.newzmediaworld.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.144.192+webmail.newzmediaworld.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 20:01:27", "1447029", "cpcontacts.fortnewzoutlooks.xyz", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.32.1+cpcontacts.fortnewzoutlooks.xyz", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 19:55:16", "1447018", "7paa3sg1yhyax.cfc-execute.bj.baidubce.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-12 16:01:18", "1446995", "market-lum.fun", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://search.censys.io/hosts/104.21.31.67+market-lum.fun", "AS13335,C2,censys,CLOUDFLARENET,LummaStealer,panel,stealer", "0", "DonPasci"
"2025-03-12 12:48:35", "1446969", "gov.nic-in.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-12 12:48:31", "1446968", "backup.timebrokepush.com", "domain", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-03-12 12:47:15", "1446966", "kbracketba.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/kbracketba.shop", "c2,domain,lumma,stealer,VirusTotal", "0", "DonPasci"
"2025-03-12 12:47:14", "1446965", "menuedgarli.shop", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/menuedgarli.shop", "c2,domain,lumma,stealer,VirusTotal", "0", "DonPasci"
"2025-03-12 12:47:06", "1446964", "sweetmdreampillow.today", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://www.virustotal.com/gui/domain/sweetmdreampillow.today", "c2,domain,lumma,stealer,VirusTotal", "0", "DonPasci"
"2025-03-12 12:46:27", "1446963", "artemcd9.beget.tech", "domain", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://www.virustotal.com/gui/domain/artemcd9.beget.tech", "c2,domain,RAT,VirusTotal", "0", "DonPasci"
"2025-03-12 12:01:32", "1446954", "webmail.bestnewznetworks.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/172.67.212.211+webmail.bestnewznetworks.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 12:01:31", "1446953", "cpcalendars.newzofnetworksera.com", "domain", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "", "100", "https://search.censys.io/hosts/104.21.64.1+cpcalendars.newzofnetworksera.com", "AS13335,C2,censys,CLOUDFLARENET,Havoc", "0", "DonPasci"
"2025-03-12 12:01:16", "1446946", "cityscapea.run", "domain", "botnet_cc", "win.lumma", "LummaC2 Stealer", "Lumma Stealer", "", "100", "https://search.censys.io/hosts/104.21.64.1+cityscapea.run", "AS13335,C2,censys,CLOUDFLARENET,LummaStealer,panel,stealer", "0", "DonPasci"
"2025-03-12 11:39:25", "1446908", "check.baruy.icu", "domain", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "None", "ClearFake", "0", "threatcat_ch"
# Number of entries: 423