################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2026-02-03 00:03:14 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter"
"2026-02-03 00:03:14", "1740222", "79.137.72.182:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/79.137.72.182", "AS16276,C2,censys,OVH,Starkillerc2", "0", "DonPasci"
"2026-02-03 00:03:10", "1740221", "199.101.111.113:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.113", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-03 00:03:09", "1740220", "199.101.111.142:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.142", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-03 00:03:08", "1740218", "199.101.111.189:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/199.101.111.189", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-03 00:03:08", "1740219", "40.176.41.226:49152", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/40.176.41.226", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-03 00:02:43", "1740216", "47.115.175.62:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/47.115.175.62", "AdaptixC2,ALIBABA-CN-NET,AS37963,C2,censys", "0", "DonPasci"
"2026-02-03 00:02:37", "1740210", "148.113.55.238:8000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "False", "https://search.censys.io/hosts/148.113.55.238", "AS16276,C2,censys,hacktool,Mimikatz,open-dir,OVH", "0", "DonPasci"
"2026-02-03 00:01:59", "1740209", "192.248.184.13:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/192.248.184.13", "AS-VULTR,AS20473,C2,censys,panel,Unam", "0", "DonPasci"
"2026-02-03 00:00:52", "1740208", "104.250.169.100:29811", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/104.250.169.100", "AS212238,C2,CDNEXT,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-03 00:00:50", "1740207", "185.241.211.11:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "https://search.censys.io/hosts/185.241.211.11", "028f45e8dd4f225cb46a7d8003745a3a7f55d3a0,AS210558,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-03 00:00:24", "1740205", "81.70.102.138:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "https://search.censys.io/hosts/81.70.102.138", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2026-02-02 23:00:15", "1740197", "144.126.149.104:2001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 00:01:35", "100", "False", "https://search.censys.io/hosts/144.126.149.104", "AS40021,C2,censys,RAT", "0", "dyingbreeds_"
"2026-02-02 21:18:10", "1740181", "135.148.28.82:1234", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-03 00:01:47", "100", "False", "https://search.censys.io/hosts/135.148.28.82", "AS16276,C2,censys,OVH,RAT", "0", "dyingbreeds_"
"2026-02-02 21:17:53", "1740179", "156.241.130.87:9090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-03 00:00:28", "100", "False", "https://search.censys.io/hosts/156.241.130.87", "AS400619,C2,censys", "0", "dyingbreeds_"
"2026-02-02 21:17:52", "1740178", "39.105.18.59:10000", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-03 00:00:33", "100", "False", "https://search.censys.io/hosts/39.105.18.59", "AS37963,C2,censys", "0", "dyingbreeds_"
"2026-02-02 20:01:40", "1740128", "51.20.104.16:80", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/51.20.104.16", "AMAZON-02,AS16509,C2,censys,Starkillerc2", "0", "DonPasci"
"2026-02-02 20:01:35", "1740127", "54.175.13.9:22822", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/54.175.13.9", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-02 20:01:25", "1740126", "107.172.230.231:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "False", "https://search.censys.io/hosts/107.172.230.231", "AS-COLOCROSSING,AS36352,C2,censys,Gafgyt,open-dir", "0", "DonPasci"
"2026-02-02 20:01:22", "1740125", "191.101.59.202:23", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "False", "https://search.censys.io/hosts/191.101.59.202", "AS42831,C2,censys,Gafgyt,UKSERVERS-AS", "0", "DonPasci"
"2026-02-02 20:01:19", "1740124", "128.234.28.184:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "", "100", "False", "https://search.censys.io/hosts/128.234.28.184", "AS25019,censys,Chaos,panel,SAUDINETSTC-AS", "0", "DonPasci"
"2026-02-02 20:01:08", "1740123", "69.167.11.110:443", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-02 21:18:09", "100", "False", "https://search.censys.io/hosts/69.167.11.110", "AS40861,C2,censys,DcRAT,PARAD-40-ASN,RAT", "0", "DonPasci"
"2026-02-02 20:01:05", "1740121", "23.101.8.73:1234", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-02 21:18:07", "100", "False", "https://search.censys.io/hosts/23.101.8.73", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2026-02-02 20:01:05", "1740122", "23.101.8.73:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-02 21:18:07", "100", "False", "https://search.censys.io/hosts/23.101.8.73", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2026-02-02 20:00:38", "1740120", "23.249.28.90:14994", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-02 21:17:54", "100", "False", "https://search.censys.io/hosts/23.249.28.90", "AS152156,C2,censys,Gh0st,NARUTO-AS-HK,RAT", "0", "DonPasci"
"2026-02-02 20:00:21", "1740119", "60.205.166.87:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-02 21:17:52", "100", "False", "https://search.censys.io/hosts/60.205.166.87", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci"
"2026-02-02 20:00:20", "1740118", "47.92.155.243:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-02 21:17:51", "100", "False", "https://search.censys.io/hosts/47.92.155.243", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci"
"2026-02-02 20:00:19", "1740117", "160.124.152.163:11703", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-02 21:17:51", "100", "False", "https://search.censys.io/hosts/160.124.152.163", "AS132839,C2,censys,CobaltStrike,cs-watermark-987654321,POWERLINE-AS-AP", "0", "DonPasci"
"2026-02-02 18:47:59", "1740019", "75.127.14.147:40090", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-03 01:47:58", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-02-02 18:47:09", "1740018", "38.55.105.79:2053", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-03 01:46:57", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-02 18:45:14", "1740017", "167.88.166.42:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-03 01:45:02", "75", "False", "None", "drb-ra,Havoc", "0", "abuse_ch"
"2026-02-02 18:44:51", "1740016", "161.189.2.64:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-03 01:44:45", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-02 18:44:06", "1740015", "146.70.51.74:2819", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:44:02", "75", "False", "None", "AsyncRAT,drb-ra,RAT", "0", "abuse_ch"
"2026-02-02 18:05:42", "1740005", "172.86.116.191:8848", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-02 18:52:08", "75", "False", "https://bazaar.abuse.ch/sample/0cfa3d1a5a9e9d690c0148510644037d671d81b8f946f6eb84227be5da8e547f/", "asyncrat", "0", "abuse_ch"
"2026-02-02 18:03:38", "1740003", "154.16.93.170:10119", "ip:port", "botnet_cc", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "100", "False", "https://tria.ge/260202-pj2hfsfs7e", "AS201341,C2,nanocore,rat,triage", "0", "DonPasci"
"2026-02-02 18:01:13", "1740001", "178.173.235.94:8990", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://tria.ge/260202-sf7rvacw5d", "AS931,C2,quasar,rat,triage", "0", "DonPasci"
"2026-02-02 18:00:52", "1740000", "146.70.49.42:7080", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "False", "https://tria.ge/260202-r1f9ysbx8f", "AS9009,asyncrat,C2,rat,triage", "0", "DonPasci"
"2026-02-02 18:00:42", "1739998", "37.46.196.22:42830", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-02 20:11:41", "100", "False", "https://tria.ge/260202-ryzzaabw9e", "AS6206,C2,rat,remcos,triage", "0", "DonPasci"
"2026-02-02 18:00:42", "1739999", "103.230.144.104:42830", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-02 20:11:42", "100", "False", "https://tria.ge/260202-ryzzaabw9e", "AS55720,C2,rat,remcos,triage", "0", "DonPasci"
"2026-02-02 16:40:06", "1739993", "193.161.193.99:36102", "ip:port", "botnet_cc", "win.vjw0rm", "None", "Vjw0rm", "", "100", "False", "None", "Vjw0rm", "0", "abuse_ch"
"2026-02-02 16:00:58", "1739991", "45.32.218.131:4444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:47:10", "100", "False", "https://search.censys.io/hosts/45.32.218.131", "AS-VULTR,AS20473,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2026-02-02 16:00:45", "1739990", "158.94.211.31:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/158.94.211.31", "APIVERSA,AS214976,C2,censys,open-dir,payload,Sliver", "0", "DonPasci"
"2026-02-02 16:00:39", "1739989", "85.122.114.230:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-03 01:48:10", "100", "False", "https://search.censys.io/hosts/85.122.114.230", "ALEXHOST,AS200019,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-02 15:55:05", "1739987", "47.76.86.151:23156", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "2026-02-03 01:08:52", "100", "False", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-02-02 14:33:06", "1739985", "109.107.168.147:80", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "2026-02-02 15:30:03", "75", "False", "https://bazaar.abuse.ch/sample/d631655ad3ef9e7c854c86ae399a9c830bef784c6a51468d192f65a79bbb7c8b/", "RAT,RemoteX", "0", "abuse_ch"
"2026-02-02 13:56:35", "1739978", "82.165.181.201:1791", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-02-02 18:20:09", "100", "False", "None", "Mirai", "0", "elfdigest"
"2026-02-02 12:03:05", "1739977", "137.220.171.139:3001", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260202-kvdtbadx5d", "AS152194,C2,rat,triage,valleyrat", "0", "DonPasci"
"2026-02-02 12:01:40", "1739970", "35.91.130.139:3389", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/35.91.130.139", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-02 12:01:39", "1739968", "51.84.67.82:4369", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/51.84.67.82", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-02 12:01:39", "1739969", "35.91.130.139:389", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/35.91.130.139", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-02 12:01:38", "1739967", "3.148.165.26:18080", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/3.148.165.26", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-02 12:01:11", "1739966", "20.52.248.45:1024", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-03 01:46:07", "100", "False", "https://search.censys.io/hosts/20.52.248.45", "AS8075,C2,censys,DcRAT,MICROSOFT-CORP-MSN-AS-BLOCK,RAT", "0", "DonPasci"
"2026-02-02 12:01:00", "1739962", "203.159.90.147:1940", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-02 20:14:11", "100", "False", "https://tria.ge/260202-ntzwyacw8g", "AS210558,C2,rat,remcos,triage", "0", "DonPasci"
"2026-02-02 12:00:55", "1739961", "92.5.116.250:9999", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "False", "https://search.censys.io/hosts/92.5.116.250", "AS31898,C2,censys,ORACLE-BMC-31898,payload,Sliver", "0", "DonPasci"
"2026-02-02 12:00:36", "1739960", "45.141.148.131:2026", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260202-mrd11shz2g", "AS44382,C2,triage,xworm", "0", "DonPasci"
"2026-02-02 11:35:44", "1739951", "216.126.225.121:59666", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2026-02-03 02:11:22", "100", "False", "None", "Mirai", "0", "elfdigest"
"2026-02-02 11:01:14", "1739957", "3.239.159.127:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/3.239.159.127", "AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-02 11:01:13", "1739956", "34.230.96.152:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/34.230.96.152", "AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-02 11:01:12", "1739955", "54.91.139.12:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/54.91.139.12", "AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-02 11:01:10", "1739954", "54.169.252.127:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/54.169.252.127", "AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-02 11:00:31", "1739953", "185.181.8.10:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:45:37", "100", "False", "https://search.censys.io/hosts/185.181.8.10", "AS41436,C2,censys,CLOUDWEBMANAGE-EU,RAT", "0", "dyingbreeds_"
"2026-02-02 08:53:18", "1739943", "83.229.83.143:5555", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-03 01:48:08", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-02-02 08:53:00", "1739942", "75.2.114.63:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-03 01:47:58", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-02 08:46:42", "1739940", "161.189.63.171:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-03 01:44:46", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-02 08:42:08", "1739938", "206.189.90.233:443", "ip:port", "botnet_cc", "win.vshell", "None", "VShell", "", "100", "False", "https://www.virustotal.com/gui/file/0032bea768058f2986a7dab4c1bd4eca2b28ea5eff53e9334f117dff356f7bec", "AS14061,c2,DIGITALOCEAN-ASN,virustotal,vshell", "0", "DonPasci"
"2026-02-02 08:01:46", "1739936", "3.145.34.156:6008", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/3.145.34.156", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-02 08:01:17", "1739931", "197.134.38.207:8080", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "False", "https://search.censys.io/hosts/197.134.38.207", "AS24835,C2,censys,RAT,RAYA-AS,Venom", "0", "DonPasci"
"2026-02-02 08:01:13", "1739930", "81.78.221.15:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-02 11:00:40", "100", "False", "https://search.censys.io/hosts/81.78.221.15", "AS5378,C2,censys,Quasar,RAT,Vodafone", "0", "DonPasci"
"2026-02-02 08:01:05", "1739929", "107.172.31.102:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:43:21", "100", "False", "https://search.censys.io/hosts/107.172.31.102", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2026-02-02 08:01:00", "1739928", "107.172.31.101:4465", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:43:20", "100", "False", "https://search.censys.io/hosts/107.172.31.101", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci"
"2026-02-02 08:00:47", "1739927", "83.229.83.143:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-03 01:48:08", "100", "False", "https://search.censys.io/hosts/83.229.83.143", "AS41436,C2,censys,CLOUDWEBMANAGE-EU,Sliver", "0", "DonPasci"
"2026-02-02 08:00:44", "1739926", "60.205.251.199:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-03 01:47:46", "100", "False", "https://search.censys.io/hosts/60.205.251.199", "ALIBABA-CN-NET,AS37963,C2,censys,Sliver", "0", "DonPasci"
"2026-02-02 08:00:25", "1739921", "156.241.130.87:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-03 01:49:11", "100", "False", "https://search.censys.io/hosts/156.241.130.87", "AROSS-AS,AS400619,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-02-02 08:00:20", "1739920", "120.48.113.36:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-02 11:00:08", "100", "False", "https://search.censys.io/hosts/120.48.113.36", "AS38365,BAIDU,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2026-02-02 07:36:27", "1739918", "158.94.209.33:443", "ip:port", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "100", "False", "None", "ClickFix", "0", "threatcat_ch"
"2026-02-02 06:23:12", "1739865", "185.209.161.130:9506", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle"
"2026-02-02 06:20:14", "1739849", "157.250.207.98:1999", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle"
"2026-02-02 06:19:46", "1739841", "138.226.237.35:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "2026-02-02 20:00:54", "100", "False", "None", "1,c2,loader,StealC,stealer", "0", "Bitsight"
"2026-02-02 06:19:44", "1739733", "196.251.107.130:80", "ip:port", "botnet_cc", "win.stealc", "None", "Stealc", "2026-02-02 17:00:46", "100", "False", "None", "01x02x2026,c2,loader,StealC,stealer", "0", "Bitsight"
"2026-02-02 06:03:22", "1739882", "8.219.245.55:2008", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "https://tria.ge/260202-edasfacs9f", "AS45102,C2,rat,triage,valleyrat", "0", "DonPasci"
"2026-02-02 06:00:26", "1739875", "86.174.162.51:1772", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260202-ayj5dsav8c", "AS2856,C2,triage,xworm", "0", "DonPasci"
"2026-02-02 06:00:25", "1739874", "3.15.2.57:4545", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260202-cxq8esbw2e", "AS16509,C2,triage,xworm", "0", "DonPasci"
"2026-02-02 04:01:33", "1739873", "18.217.34.53:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/18.217.34.53", "AMAZON-02,AS16509,C2,censys,clickfix,first-stage", "0", "DonPasci"
"2026-02-02 04:01:00", "1739872", "196.251.107.131:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2026-02-03 01:46:01", "100", "False", "https://search.censys.io/hosts/196.251.107.131", "AS214351,C2,censys,DcRAT,FEMOIT,RAT", "0", "DonPasci"
"2026-02-02 04:00:50", "1739871", "23.27.175.17:31202", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:46:37", "100", "False", "https://search.censys.io/hosts/23.27.175.17", "AS149440,AsyncRAT,C2,censys,EVOXTENTERPRISE-AS-AP,RAT", "0", "DonPasci"
"2026-02-02 04:00:36", "1739870", "194.71.107.243:443", "ip:port", "botnet_cc", "unknown_rat", "None", "Unknown RAT", "", "100", "False", "https://search.censys.io/hosts/194.71.107.243", "AS57169,C2,censys,EDIS-AS-EU,RAT,SpiceRAT", "0", "DonPasci"
"2026-02-02 04:00:18", "1739869", "120.27.211.70:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-03 01:48:59", "100", "False", "https://search.censys.io/hosts/120.27.211.70", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-02-02 04:00:16", "1739868", "160.124.104.172:11703", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-02 11:00:14", "100", "False", "https://search.censys.io/hosts/160.124.104.172", "AS132839,C2,censys,CobaltStrike,cs-watermark-987654321,POWERLINE-AS-AP", "0", "DonPasci"
"2026-02-02 02:25:05", "1739866", "193.161.193.99:51272", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2026-02-02 00:02:42", "1739863", "16.50.158.8:1912", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/16.50.158.8", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-02 00:02:42", "1739864", "16.50.158.8:11112", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/16.50.158.8", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-02 00:02:33", "1739862", "64.7.199.35:4321", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "2026-02-03 01:47:51", "100", "False", "https://search.censys.io/hosts/64.7.199.35", "AdaptixC2,AS399629,BLNWX,C2,censys", "0", "DonPasci"
"2026-02-02 00:01:02", "1739861", "155.138.211.85:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-03 01:44:33", "100", "False", "https://search.censys.io/hosts/155.138.211.85", "AS-VULTR,AS20473,C2,censys,Mythic", "0", "DonPasci"
"2026-02-02 00:00:54", "1739860", "216.126.224.83:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:46:27", "100", "False", "https://search.censys.io/hosts/216.126.224.83", "AS14956,AsyncRAT,C2,censys,RAT,ROUTERHOSTING", "0", "DonPasci"
"2026-02-02 00:00:34", "1739859", "156.226.21.115:8000", "ip:port", "botnet_cc", "win.ghost_rat", "Farfli,Gh0st RAT,PCRat", "Ghost RAT", "2026-02-02 11:00:19", "100", "False", "https://search.censys.io/hosts/156.226.21.115", "AISI-AS-AP,AS132813,C2,censys,Gh0st,RAT", "0", "DonPasci"
"2026-02-01 23:00:59", "1739857", "3.122.45.135:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/3.122.45.135", "AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 23:00:57", "1739856", "54.197.86.42:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/54.197.86.42", "AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 23:00:56", "1739855", "35.159.20.100:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/35.159.20.100", "AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 23:00:24", "1739854", "98.85.71.175:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-02 00:01:05", "100", "False", "https://search.censys.io/hosts/98.85.71.175", "AS14618,C2,censys,Mythic", "0", "dyingbreeds_"
"2026-02-01 22:10:42", "1739852", "185.106.179.79:8888", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/23e82be61fb19583d1f8082a5639d61c03707558d0cba3b59f65c12eaca11a7c/", "valleyrat_s2", "0", "abuse_ch"
"2026-02-01 22:10:41", "1739851", "185.106.179.79:80", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "75", "False", "https://bazaar.abuse.ch/sample/23e82be61fb19583d1f8082a5639d61c03707558d0cba3b59f65c12eaca11a7c/", "valleyrat_s2", "0", "abuse_ch"
"2026-02-01 22:05:05", "1739850", "185.106.179.79:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-02-01 20:01:28", "1739847", "78.13.213.227:5530", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/78.13.213.227", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-01 20:01:28", "1739848", "78.13.213.227:8080", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/78.13.213.227", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-01 20:01:23", "1739846", "45.89.125.181:8443", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "False", "https://search.censys.io/hosts/45.89.125.181", "AdaptixC2,AS213250,C2,censys,ITP-SOLUTIONS", "0", "DonPasci"
"2026-02-01 20:00:59", "1739845", "20.125.56.34:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-03 01:46:06", "100", "False", "https://search.censys.io/hosts/20.125.56.34", "AS8075,C2,censys,Havoc,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2026-02-01 20:00:58", "1739844", "94.242.52.160:1080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-01 23:00:27", "100", "False", "https://search.censys.io/hosts/94.242.52.160", "AS43317,C2,censys,Quasar,RAT,VEESP-AS", "0", "DonPasci"
"2026-02-01 20:00:51", "1739843", "193.106.196.99:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:45:51", "100", "False", "https://search.censys.io/hosts/193.106.196.99", "AS215898,AsyncRAT,C2,censys,RAT,SAGANETWORK", "0", "DonPasci"
"2026-02-01 20:00:40", "1739842", "45.154.98.170:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-03 01:47:08", "100", "False", "https://search.censys.io/hosts/45.154.98.170", "AS210558,C2,censys,SERVICES-1337-GMBH,Sliver", "0", "DonPasci"
"2026-02-01 20:00:16", "1739839", "112.124.61.189:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-01 23:00:07", "100", "False", "https://search.censys.io/hosts/112.124.61.189", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2026-02-01 18:45:33", "1739738", "172.86.114.24:37775", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-03 01:45:15", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-02-01 18:44:54", "1739737", "158.94.210.31:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-03 01:44:40", "75", "False", "None", "drb-ra,RAT,RemcosRAT", "0", "abuse_ch"
"2026-02-01 18:43:31", "1739736", "112.48.228.48:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-03 01:43:29", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-01 16:50:36", "1739732", "185.234.73.46:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-03 01:49:16", "75", "False", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2026-02-01 16:28:30", "1739723", "109.107.177.135:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "None", "AS216071,browser,SERVERS TECH FZCO", "0", "antiphishorg"
"2026-02-01 16:01:28", "1739730", "196.75.43.11:2222", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/196.75.43.11", "AS36903,C2,censys,hacktool,MetaSploit,Meterpreter,MT-MPLS", "0", "DonPasci"
"2026-02-01 16:00:59", "1739729", "45.192.110.20:8089", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2026-02-01 23:00:26", "100", "False", "https://search.censys.io/hosts/45.192.110.20", "AS401701,C2,censys,COGNETCLOUD-2,Quasar,RAT", "0", "DonPasci"
"2026-02-01 16:00:57", "1739728", "91.84.100.170:10000", "ip:port", "botnet_cc", "win.ghostsocks", "None", "GhostSocks", "", "100", "False", "None", "relay,tier-1", "0", "Rony"
"2026-02-01 16:00:51", "1739727", "85.17.54.227:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:48:11", "100", "False", "https://search.censys.io/hosts/85.17.54.227", "AS60781,AsyncRAT,C2,censys,LEASEWEB-NL-AMS-01,RAT", "0", "DonPasci"
"2026-02-01 16:00:48", "1739726", "86.48.0.251:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-01 23:00:18", "100", "False", "https://search.censys.io/hosts/86.48.0.251", "AS51167,C2,censys,CONTABO,Supershell", "0", "DonPasci"
"2026-02-01 16:00:33", "1739725", "45.74.0.135:2405", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-03 01:47:12", "100", "False", "https://search.censys.io/hosts/45.74.0.135", "AS212238,C2,CDNEXT,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-01 15:45:07", "1739673", "178.17.62.24:1337", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "False", "None", "Gafgyt", "0", "elfdigest"
"2026-02-01 15:25:11", "1739722", "158.94.209.121:7720", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "False", "None", "PureLogsStealer", "0", "abuse_ch"
"2026-02-01 14:30:12", "1739717", "103.215.77.84:4433", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "False", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2026-02-01 12:01:37", "1739710", "172.111.198.20:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "False", "https://tria.ge/260201-krdzxaft7g", "AS3223,C2,quasar,rat,triage", "0", "DonPasci"
"2026-02-01 12:01:31", "1739709", "159.89.43.34:1337", "ip:port", "botnet_cc", "win.empire_downloader", "None", "Empire Downloader", "", "100", "False", "https://search.censys.io/hosts/159.89.43.34", "AS14061,C2,censys,DIGITALOCEAN-ASN,Starkillerc2", "0", "DonPasci"
"2026-02-01 12:01:27", "1739708", "34.229.232.38:46537", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/34.229.232.38", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-01 12:01:23", "1739707", "83.168.95.235:1024", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/83.168.95.235", "AS202520,C2,censys,Nosviak,Panel,SKYPASS-AS", "0", "DonPasci"
"2026-02-01 12:00:51", "1739706", "77.238.248.158:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "False", "https://search.censys.io/hosts/77.238.248.158", "AS216071,C2,censys,RAT,Sectop,VDSINA", "0", "DonPasci"
"2026-02-01 12:00:37", "1739705", "217.182.67.157:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-03 01:46:29", "100", "False", "https://search.censys.io/hosts/217.182.67.157", "AS16276,C2,censys,OVH,Sliver", "0", "DonPasci"
"2026-02-01 12:00:33", "1739704", "120.79.89.234:8082", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-03 01:43:33", "100", "False", "https://search.censys.io/hosts/120.79.89.234", "ALIBABA-CN-NET,AS37963,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-01 12:00:27", "1739702", "103.57.220.129:6767", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260201-g7ve2sct5h", "AS135905,C2,triage,xworm", "0", "DonPasci"
"2026-02-01 12:00:27", "1739703", "64.89.163.160:5050", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "False", "https://tria.ge/260201-gvsexsbt8h", "AS401626,C2,triage,xworm", "0", "DonPasci"
"2026-02-01 11:01:11", "1739699", "201.204.61.140:443", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "", "100", "False", "https://search.censys.io/hosts/201.204.61.140", "AS11830,C2,censys", "0", "dyingbreeds_"
"2026-02-01 11:01:02", "1739698", "157.250.202.55:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/157.250.202.55", "AS26666,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 11:01:00", "1739697", "3.122.45.135:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/3.122.45.135", "AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 11:00:59", "1739696", "170.187.237.39:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/170.187.237.39", "AS63949,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 11:00:58", "1739695", "200.58.100.246:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/200.58.100.246", "AS27823,censys,Dattatec.com,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 11:00:56", "1739694", "150.158.12.220:33331", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/150.158.12.220", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 11:00:54", "1739693", "41.220.143.87:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/41.220.143.87", "AS36909,censys,GoPhish,HABARI-CO-TZ-AS,Phishing", "0", "dyingbreeds_"
"2026-02-01 11:00:53", "1739692", "143.110.252.240:9999", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/143.110.252.240", "AS14061,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 11:00:52", "1739691", "112.126.25.151:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/112.126.25.151", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2026-02-01 09:35:04", "1739689", "172.111.213.109:3421", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "False", "None", "RAT,RemcosRAT", "0", "abuse_ch"
"2026-02-01 09:00:21", "1739688", "38.180.137.181:2285", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "False", "None", "PureLogsStealer", "0", "abuse_ch"
"2026-02-01 08:48:03", "1739687", "79.137.76.173:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2026-02-03 01:48:01", "75", "False", "None", "Bianlian,drb-ra", "0", "abuse_ch"
"2026-02-01 08:46:46", "1739686", "23.27.140.118:62134", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-03 01:46:37", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-01 08:46:32", "1739685", "209.151.145.164:4000", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2026-02-03 01:46:22", "75", "False", "None", "Deimos,drb-ra", "0", "abuse_ch"
"2026-02-01 08:43:39", "1739684", "13.250.222.197:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2026-02-03 01:43:38", "75", "False", "None", "drb-ra,Sliver", "0", "abuse_ch"
"2026-02-01 08:01:25", "1739683", "16.58.157.121:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "https://search.censys.io/hosts/16.58.157.121", "AMAZON-02,AS16509,C2,censys,clickfix,first-stage", "0", "DonPasci"
"2026-02-01 08:01:18", "1739681", "16.26.245.13:44818", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/16.26.245.13", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-01 08:01:18", "1739682", "16.26.245.13:51668", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/16.26.245.13", "AMAZON-02,AS16509,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-01 08:00:54", "1739680", "167.86.142.38:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-02-03 01:45:00", "100", "False", "https://search.censys.io/hosts/167.86.142.38", "AS25019,C2,censys,Netsupport,RAT,SAUDINETSTC-AS", "0", "DonPasci"
"2026-02-01 08:00:51", "1739679", "46.201.19.142:5901", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2026-02-01 11:00:27", "100", "False", "https://search.censys.io/hosts/46.201.19.142", "AS6849,C2,censys,RAT,UKRTELNET,Venom", "0", "DonPasci"
"2026-02-01 08:00:43", "1739678", "157.20.182.24:1339", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:44:34", "100", "False", "https://search.censys.io/hosts/157.20.182.24", "AS152485,AsyncRAT,C2,censys,HOSTER-AS-IN,RAT", "0", "DonPasci"
"2026-02-01 08:00:42", "1739677", "193.106.196.99:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:45:52", "100", "False", "https://search.censys.io/hosts/193.106.196.99", "AS215898,AsyncRAT,C2,censys,RAT,SAGANETWORK", "0", "DonPasci"
"2026-02-01 08:00:41", "1739676", "102.204.223.152:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-01 11:00:15", "100", "False", "https://search.censys.io/hosts/102.204.223.152", "ABCCLOUDSDNBHD-AS-AP,AS139923,C2,censys,Supershell", "0", "DonPasci"
"2026-02-01 08:00:29", "1739675", "107.172.238.14:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-03 01:43:19", "100", "False", "https://search.censys.io/hosts/107.172.238.14", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci"
"2026-02-01 08:00:28", "1739674", "190.255.92.38:5061", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2026-02-03 01:45:47", "100", "False", "https://search.censys.io/hosts/190.255.92.38", "AS3816,C2,censys,COLOMBIA,RAT,Remcos", "0", "DonPasci"
"2026-02-01 07:31:38", "1739672", "101.37.210.197:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "False", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch"
"2026-02-01 06:50:27", "1739667", "144.172.102.252:56001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "False", "https://bazaar.abuse.ch/sample/e139d83928a106d94c0951cced11070dd1c0b9ecaa3a13aa7b90bfabe43e41c2/", "None", "0", "abuse_ch"
"2026-02-01 06:28:25", "1739387", "130.193.34.57:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "80", "False", "None", "mirai", "0", "seckle"
"2026-02-01 06:28:21", "1739426", "195.178.136.38:80", "ip:port", "botnet_cc", "win.gcleaner", "None", "GCleaner", "2026-02-03 02:20:48", "100", "False", "None", "GCleaner,loader", "0", "Bitsight"
"2026-02-01 06:02:57", "1739666", "185.26.236.215:5553", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "False", "https://tria.ge/260201-blgzyafs6d", "AS57169,C2,njrat,triage", "0", "DonPasci"
"2026-02-01 04:01:25", "1739653", "139.59.135.147:4444", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "False", "https://search.censys.io/hosts/139.59.135.147", "AS14061,C2,censys,DIGITALOCEAN-ASN,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2026-02-01 04:01:03", "1739652", "91.215.85.39:443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "2026-02-01 11:00:30", "100", "False", "https://search.censys.io/hosts/91.215.85.39", "AS200593,C2,censys,Posh,PROSPERO-AS", "0", "DonPasci"
"2026-02-01 04:01:00", "1739651", "102.98.89.14:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2026-02-03 01:43:08", "100", "False", "https://search.censys.io/hosts/102.98.89.14", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2026-02-01 04:00:57", "1739650", "143.198.215.97:8080", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2026-02-03 01:43:52", "100", "False", "https://search.censys.io/hosts/143.198.215.97", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2026-02-01 04:00:43", "1739648", "158.94.208.135:1000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2026-02-03 01:44:38", "100", "False", "https://search.censys.io/hosts/158.94.208.135", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci"
"2026-02-01 04:00:41", "1739647", "102.204.223.168:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2026-02-01 11:00:16", "100", "False", "https://search.censys.io/hosts/102.204.223.168", "ABCCLOUDSDNBHD-AS-AP,AS139923,C2,censys,Supershell", "0", "DonPasci"
"2026-02-01 04:00:11", "1739646", "82.146.49.236:9540", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2026-02-01 11:00:07", "100", "False", "https://search.censys.io/hosts/82.146.49.236", "AS29182,C2,censys,CobaltStrike,cs-watermark-987654321,RU-JSCIOT", "0", "DonPasci"
# Number of entries: 169