################################################################ # ThreatFox IOCs: recent URLs - CSV format # # Last updated: 2026-05-22 19:15:03 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter" "2026-05-22 19:15:03", "1817415", "https://fearlesshomemaker.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-05-22 15:52:52", "1817356", "https://staticcloudflare.pro/api/css.js", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "100", "False", "https://x.com/i/status/2057759854056362104", "ClickFix", "0", "rmceoin" "2026-05-22 15:00:10", "1817353", "https://dip.fbvendas.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-22 15:00:09", "1817351", "https://dip.adasm188.top/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-22 14:45:59", "1817269", "https://ahokulairistouv.site:14001", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:59", "1817270", "https://apitelemetryinfrastructure.org:16759", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:58", "1817271", "https://baseridetvinasia.org:16415", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:57", "1817272", "https://berlinlogo.shop:19095", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:57", "1817273", "https://brakojundi.org:19049", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:56", "1817274", "https://brightmoonjourney.site:16843", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:56", "1817275", "https://cafecitta.com:5036", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:55", "1817276", "https://cdninfrastructure.org:13726", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:55", "1817277", "https://cheapgames.world:4702", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:55", "1817278", "https://datenarraqiloni.shop:3058", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:54", "1817279", "https://duaeshen.org:13404", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:52", "1817280", "https://faraserna.store:15486", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:52", "1817281", "https://getjoot.org:13331", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:51", "1817282", "https://goldencloudmeadow.site:1627", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:51", "1817283", "https://goldenleafdreams.site:10475", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:50", "1817284", "https://gongklaus.com:18683", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:49", "1817285", "https://hiddenforestpath.site:8392", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:49", "1817286", "https://himiltonperg.top:12925", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:48", "1817287", "https://horllleylenassa.store:19786", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:48", "1817288", "https://hyperivorationally.site:9929", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:47", "1817289", "https://illugvinati.co:18637", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:47", "1817290", "https://inoamito.com:19968", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:46", "1817291", "https://ironbigman.com:16143", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:46", "1817292", "https://ishakebanii.online:14620", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:46", "1817293", "https://joctalaquelland.store:5686", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:44", "1817294", "https://jonulimileallil.shop:10070", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:44", "1817295", "https://klaunsingjork.top:4822", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:43", "1817296", "https://klimonturo.org:11044", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:43", "1817297", "https://kurvioslash.org:11734", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:43", "1817298", "https://lionbuffet.info:12876", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:42", "1817299", "https://lotarolimited.org:6572", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:42", "1817300", "https://mediainfrastructure.org:1928", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:40", "1817301", "https://mildatatararthe.store:8781", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:40", "1817302", "https://mindfulyworld.org:6897", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:39", "1817303", "https://mitarrallhecaui.store:7686", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:38", "1817304", "https://monyepeiok.com:1882", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:38", "1817305", "https://netfabricx.org:7320", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:37", "1817306", "https://nodebridge.org:7317", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:37", "1817307", "https://ogdablondan.net:19466", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:36", "1817308", "https://ostagnollaminte.site:13748", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:36", "1817309", "https://pookingboot.top:7279", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:35", "1817310", "https://rafvery.com:9568", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:34", "1817311", "https://rainerciarrylen.site:2196", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:33", "1817312", "https://saveswildlife.org:16769", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:32", "1817313", "https://sayruuq.com:14378", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:32", "1817315", "https://shadowmoonlight.site:16263", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:31", "1817314", "https://server.elinventbg.org:13641", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:30", "1817316", "https://shadowmountainpeak.site:17029", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:30", "1817317", "https://sheapandrun.com:5573", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:29", "1817318", "https://silentforestpath.site:6639", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:29", "1817319", "https://siviroussnake.com:7561", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:28", "1817320", "https://sparinboits.top:6355", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:28", "1817321", "https://storytimewithjosh.org:14114", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:28", "1817322", "https://talakegifren.net:12978", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:27", "1817323", "https://thegreatestjew.org:18983", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:26", "1817324", "https://timeoutbasketball.org:2677", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:25", "1817325", "https://toparmarragusme.shop:15238", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:25", "1817326", "https://torizomazo.org:12699", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:24", "1817327", "https://transivorationally.site:3504", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:24", "1817328", "https://ulmaveylllataon.store:12889", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:23", "1817329", "https://vawneokontilyar.site:1888", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:22", "1817330", "https://vortexiventrically.site:13210", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:21", "1817331", "https://wanderingcloudsong.site:5364", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:21", "1817332", "https://whisperingwindtree.site:7715", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:20", "1817333", "https://wnctesla.org:10194", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:20", "1817334", "https://wonzakerind.com:16643", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:19", "1817335", "https://zadvandersto.best:6536", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:19", "1817336", "https://zaeblietiprocl.store:13761", "url", "botnet_cc", "apk.antidot", "None", "Antidot", "", "100", "False", "", "antidot", "0", "seckle" "2026-05-22 14:45:16", "1817344", "http://it-solutions-bayern.com:6431", "url", "payload_delivery", "win.remus", "None", "Remus", "", "50", "False", "", "c2", "0", "epol" "2026-05-22 14:45:13", "1817345", "http://woodfez.biz:7582", "url", "payload_delivery", "win.remus", "None", "Remus", "", "50", "False", "", "c2", "0", "epol" "2026-05-22 14:45:12", "1817346", "http://firewai.biz:48261", "url", "payload_delivery", "win.remus", "None", "Remus", "", "50", "False", "", "c2", "0", "epol" "2026-05-22 13:32:11", "1817263", "https://opaqueshellsoftsmoke.monster/indexactiverevenue.php", "url", "payload_delivery", "win.satacom", "CurlyGate,LegionLoader,RobotDropper", "Satacom", "", "100", "False", "https://x.com/AndrewPetrus/status/2057813304727552345?s=20", "curlygate,legionloader,satacom", "0", "andrewpetrus" "2026-05-22 13:32:11", "1817264", "https://totebagsforwork.com/nfront.php", "url", "payload_delivery", "win.satacom", "CurlyGate,LegionLoader,RobotDropper", "Satacom", "", "100", "False", "https://x.com/AndrewPetrus/status/2057813304727552345?s=20", "curlygate,legionloader,satacom", "0", "andrewpetrus" "2026-05-22 13:32:11", "1817265", "https://totebagsforwork.com/nback.php", "url", "payload_delivery", "win.satacom", "CurlyGate,LegionLoader,RobotDropper", "Satacom", "", "100", "False", "https://x.com/AndrewPetrus/status/2057813304727552345?s=20", "curlygate,legionloader,satacom", "0", "andrewpetrus" "2026-05-22 10:15:03", "1817245", "https://jumpthehurdle.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-05-22 09:30:10", "1817225", "https://pfo.fbvendas.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-22 09:30:09", "1817223", "https://pfo.adasm188.top/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-22 08:12:11", "1817068", "https://candipoker.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v10", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:10", "1817069", "https://sam-sa.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v10", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:10", "1817070", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v12", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:10", "1817071", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v11", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:09", "1817072", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v10", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:09", "1817073", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v9", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:09", "1817074", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v8", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:08", "1817075", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v7", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:08", "1817076", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/v5", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:07", "1817077", "https://candipoker.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t10", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:07", "1817079", "https://sam-sa.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t11", "url", "payload_delivery", "unknown", "None", "Unknown malware", "2026-05-22 16:11:19", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:06", "1817078", "https://sam-sa.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t12", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:05", "1817080", "https://sam-sa.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t10", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:05", "1817081", "https://sam-sa.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t8", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:05", "1817082", "https://sam-sa.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t7", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:03", "1817083", "https://sam-sa.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t5", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:03", "1817084", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t12", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:02", "1817085", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t11", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:02", "1817086", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t8", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:01", "1817087", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t7", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:12:00", "1817088", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t5", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:11:59", "1817089", "https://linkedco.net/infos.php?fronts=1", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "candipoker,clickfix,cyrillic-homoglyph,fingerfix,linkedco,namlongland,sam-sa,wininet-stager", "0", "Lenny_3BO" "2026-05-22 08:11:30", "1817157", "https://www.creassociates.us/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/www.creassociates.us", "ClickFix", "0", "CarsonWilliams" "2026-05-22 08:11:24", "1817190", "http://43.173.100.69:8888/supershell/login/", "url", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "False", "None", "AS132203,supershell,Tencent Building Kejizhongyi Avenue", "0", "antiphishorg" "2026-05-22 08:11:13", "1817045", "https://microsmeet.xyz/api/mn/6676097740/update", "url", "payload_delivery", "unknown", "None", "Unknown malware", "2026-05-21 22:57:17", "80", "False", "None", "apt,clickfix,lazarus,livekit,teams-spoof,unc1069,waveshaper", "0", "Lenny_3BO" "2026-05-22 08:10:54", "1817014", "https://maik-freudenberg.de/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/maik-freudenberg.de", "ClickFix", "0", "CarsonWilliams" "2026-05-22 08:10:52", "1817009", "https://biletors.cfd/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/biletors.cfd", "ClickFix", "0", "CarsonWilliams" "2026-05-22 05:26:23", "1817173", "https://hms.xybcaap.my.id/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "None", "0", "threatcat_ch" "2026-05-22 01:30:09", "1817138", "https://mal.fbvendas.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-22 01:30:08", "1817136", "https://mal.adasm188.top/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-21 16:30:10", "1817025", "https://thu.fbvendas.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-21 16:30:08", "1817023", "https://thu.adasm188.top/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-21 14:54:44", "1816968", "https://awalitsystems.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/awalitsystems.com", "ClickFix", "0", "CarsonWilliams" "2026-05-21 14:54:43", "1816970", "https://wp.dildobegins.ink/gscqgqdendiivnpvnw", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/wp.dildobegins.ink", "ClickFix", "0", "CarsonWilliams" "2026-05-21 14:54:41", "1816971", "https://aifreeuse.pro/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/aifreeuse.pro", "ClickFix", "0", "CarsonWilliams" "2026-05-21 14:00:09", "1816979", "https://tee.fbvendas.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-21 14:00:08", "1816977", "https://tee.adasm188.top/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-21 11:55:36", "1816863", "http://198.135.51.79/08189bc59f5e44a0979b.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:14:00", "100", "False", "None", "1905,c2,loader,StealC,stealer", "0", "Bitsight" "2026-05-21 08:00:11", "1816889", "https://ori.fazvende.com.br/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-21 08:00:09", "1816887", "https://ori.tristans-tea.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-21 07:06:47", "1816866", "https://62.238.11.129/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-05-21 07:06:47", "1816867", "https://178.105.113.226/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "False", "", "Vidar", "0", "crep1x" "2026-05-21 06:46:12", "1816853", "http://trailblazehealth.com/curl/6e2d25066bc1db68a10d55189c7c0bae6443d5178fd4310808270e261236ce30", "url", "payload_delivery", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "ClickFix,MacSync", "0", "effy" "2026-05-21 06:46:11", "1816854", "https://api-metrics-5453.com/curl/3e97b0eddfddb28e10008f9348381b2665e1ad12476315b24a64808696c3347b", "url", "payload_delivery", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "ClickFix,MacSync", "0", "effy" "2026-05-21 05:40:42", "1816828", "http://198.135.51.79", "url", "botnet_cc", "win.stealc", "None", "Stealc", "", "75", "False", "https://bazaar.abuse.ch/sample/5c807ad6b96d051a1db40918015541d35f6b6a82c9541823b413409b61ef08cc/", "stealc", "0", "abuse_ch" "2026-05-21 05:01:13", "1816761", "https://pafu.eco.to/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/pafu.eco.to", "ClickFix", "0", "CarsonWilliams" "2026-05-21 05:00:55", "1816808", "https://gardeninfrastructurecore.garden/80ad8f13-a651-414f-8be5-0252e6fd5ad0/ggl.bsc", "url", "payload_delivery", "js.clearfake", "None", "ClearFake", "", "85", "False", "None", "clearfake,clickfix,rundll32,webdav", "0", "Lenny_3BO" "2026-05-21 04:59:58", "1816706", "http://aulinked.org/infos.php?fronts=1", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "clickfix,fingerfix,ironpython,winhttp", "0", "Lenny_3BO" "2026-05-21 04:59:57", "1816707", "https://namlongland.net/ebd417db-979c-51f8-aedf-88a2bf8aa6c3/t9", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "75", "False", "None", "clickfix,fingerfix,ironpython,winhttp", "0", "Lenny_3BO" "2026-05-21 04:59:53", "1816703", "https://ackerkann.lol/api/v1/session", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-05-21 04:10:01", "100", "True", "None", "KongTuke", "0", "monitorsg" "2026-05-21 04:59:53", "1816704", "https://ackerkann.lol/api/v1/verify", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-05-21 04:10:04", "100", "True", "None", "KongTuke", "0", "monitorsg" "2026-05-21 04:59:51", "1816701", "https://ackerkann.lol/file.js", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-05-21 04:09:59", "100", "True", "None", "KongTuke", "0", "monitorsg" "2026-05-21 04:59:50", "1816699", "https://lolfler.lol/api/v1/session", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-05-21 03:11:16", "100", "True", "None", "KongTuke", "0", "monitorsg" "2026-05-21 04:59:50", "1816700", "https://lolfler.lol/api/v1/verify", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-05-21 03:11:17", "100", "True", "None", "KongTuke", "0", "monitorsg" "2026-05-21 04:59:48", "1816697", "https://lolfler.lol/file.js", "url", "payload_delivery", "js.kongtuke", "TAG-124,js.LandUpdate808", "KongTuke", "2026-05-21 03:11:14", "100", "True", "None", "KongTuke", "0", "monitorsg" "2026-05-21 04:59:46", "1816694", "https://platecrumbs.com/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/platecrumbs.com", "ClickFix", "0", "CarsonWilliams" "2026-05-21 04:59:30", "1816656", "https://www.dunebuggydubai.ae/", "url", "payload_delivery", "unknown", "None", "Unknown malware", "", "90", "False", "https://clickfix.carsonww.com/domains/www.dunebuggydubai.ae", "ClickFix", "0", "CarsonWilliams" "2026-05-20 22:00:10", "1816772", "https://spl.fazvende.com.br/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-20 22:00:09", "1816770", "https://spl.tristans-tea.com/", "url", "botnet_cc", "win.vidar", "None", "Vidar", "", "100", "True", "None", "vidar", "0", "crep1x" "2026-05-20 15:38:57", "1816645", "http://31.56.209.88/c1d59c10e8d343a09790.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:14:34", "100", "False", "None", "c2,loader,medik,StealC,stealer", "0", "Bitsight" "2026-05-18 11:28:09", "1815943", "http://144.31.203.24/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2026-05-22 17:28:34", "100", "False", "None", "c2,SmokeLoader", "0", "Bitsight" "2026-05-18 11:28:05", "1815913", "http://144.31.203.12/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2026-05-22 16:28:19", "100", "False", "None", "c2,SmokeLoader", "0", "Bitsight" "2026-05-18 11:27:58", "1815866", "http://144.31.158.255/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2026-05-22 18:28:45", "100", "False", "None", "c2,SmokeLoader", "0", "Bitsight" "2026-05-17 05:52:27", "1815332", "http://144.31.57.65/2a7400fe251b4b4687fe.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:16:58", "100", "False", "None", "c2,loader,os,StealC,stealer", "0", "Bitsight" "2026-05-12 14:48:59", "1811440", "http://cdntestconnect.com/ed54b97a570943999715.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:09:50", "100", "False", "None", "c2,first,loader,StealC,stealer", "0", "Bitsight" "2026-05-10 18:39:13", "1809572", "http://108.59.252.214/9290546939c94eebbdb2.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-21 20:46:27", "100", "False", "None", "c2,loader,modo,StealC,stealer", "0", "Bitsight" "2026-05-08 12:18:54", "1808779", "http://95.85.236.66/cd44fb36ede645bf842e.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-21 11:17:33", "100", "False", "None", "c2,loader,StealC,stealer,w27", "0", "Bitsight" "2026-05-08 08:00:21", "1808423", "http://secure.controlpanel.asia/330311481fe14ab99814.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:19:38", "100", "False", "None", "c2,CDCDCDC,loader,StealC,stealer", "0", "Bitsight" "2026-05-06 20:53:25", "1807882", "http://178.16.55.25/bcbb13c7c8984290857b.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:23:22", "100", "False", "None", "c2,FFF0506,loader,StealC,stealer", "0", "Bitsight" "2026-05-05 17:17:43", "1807073", "http://5.252.177.67/bb7f17919d0a4d0aaf22.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:13:29", "100", "False", "None", "c2,loader,StealC,stealer,win20", "0", "Bitsight" "2026-05-05 13:58:25", "1807037", "http://213.165.47.49/480bee37986b4097bc20.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 18:53:41", "100", "False", "None", "c2,loader,StealC,stealer,test", "0", "Bitsight" "2026-05-05 13:58:14", "1807059", "http://89.46.38.100/c0b30d15260a4d8888dc.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:10:13", "100", "False", "None", "c2,loader,M1,StealC,stealer", "0", "Bitsight" "2026-05-05 13:12:36", "1807027", "http://217.119.129.37/2a7400fe251b4b4687fe.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:22:06", "100", "False", "None", "2,c2,loader,StealC,stealer", "0", "Bitsight" "2026-05-05 12:59:27", "1806983", "http://196.251.107.130/16b022998f754137b60a.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:21:45", "100", "False", "None", "c2,loader,RUN,StealC,stealer", "0", "Bitsight" "2026-05-05 12:59:20", "1806998", "http://213.165.47.174/0cddd9346bd3479aab11.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:16:44", "100", "False", "None", "c2,loader,steal,StealC,stealer", "0", "Bitsight" "2026-05-05 12:59:19", "1807009", "http://89.169.12.194/2a7400fe251b4b4687fe.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-21 21:02:27", "100", "False", "None", "b3,c2,loader,StealC,stealer", "0", "Bitsight" "2026-05-05 12:59:16", "1807013", "http://193.111.117.51/94a5dbd165044e85b88e.php", "url", "botnet_cc", "win.stealc", "None", "Stealc", "2026-05-22 19:21:36", "100", "False", "None", "c2,loader,neverhigh,StealC,stealer", "0", "Bitsight" "2026-05-02 05:24:17", "1803956", "https://arsimonopa.com/live/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:23:13", "100", "False", "None", "c2,Latrodectus", "0", "Bitsight" "2026-05-02 05:24:15", "1803960", "https://lemonimonakio.com/live/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:09:53", "100", "False", "None", "c2,Latrodectus", "0", "Bitsight" "2026-04-26 18:11:00", "1800411", "http://91.92.242.236/oPvjr94jfe/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "2026-05-22 19:22:42", "100", "False", "None", "54e64e,amadey,c2", "0", "Bitsight" "2026-04-23 04:45:34", "1796426", "http://196.251.107.248/kont2rt/index.php", "url", "botnet_cc", "win.amadey", "None", "Amadey", "2026-05-22 19:09:08", "100", "False", "None", "Amadey", "0", "abuse_ch" "2026-04-19 18:25:29", "1794638", "http://213.5.130.87", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-04-17 18:15:06", "1793645", "http://213.5.130.147", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:26", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-04-16 19:15:17", "1792984", "https://vosefarm.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-22 17:30:53", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-15 20:15:31", "1792382", "https://rankandtrack.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-22 11:30:56", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 18:35:26", "1790897", "http://185.183.35.120", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-04-14 12:17:09", "1789083", "https://rrfacility.com.br/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-22 12:01:04", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 12:16:29", "1788938", "https://vaartamedia.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-21 09:01:00", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 11:36:18", "1787721", "https://reimonstracking.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-20 19:30:49", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 11:34:56", "1787430", "https://engelspakistan.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-20 22:00:49", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 11:34:56", "1787431", "https://foodclub.ae/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-22 03:00:54", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 11:33:52", "1787225", "https://keepyourbalance-coaching.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-20 23:30:50", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 11:32:51", "1787027", "https://cannabis-dna.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-22 19:15:04", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 11:32:44", "1786989", "https://newraal.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-21 01:30:52", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 09:48:05", "1786648", "https://eliteusalogistics.com/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-22 02:00:53", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 09:44:45", "1786009", "https://sjconcepts.co.uk/", "url", "payload_delivery", "win.vidar", "None", "Vidar", "2026-05-22 13:00:59", "75", "True", "None", "ClickFix,compromised,EtherHiding,Polygon,Vidar,WordPress", "1", "m_govcert_ch" "2026-04-14 06:06:10", "1785529", "http://185.183.35.206", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:30", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-04-11 07:06:31", "1783849", "https://cdn.mensualgeneratr.com/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2026-05-22 18:27:04", "100", "False", "None", "c2,SmokeLoader", "0", "Bitsight" "2026-03-16 10:41:19", "1767951", "http://82.38.71.155/", "url", "botnet_cc", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "2026-05-22 18:43:35", "100", "False", "None", "c2,SmokeLoader", "0", "Bitsight" "2026-03-05 06:17:58", "1758456", "http://213.5.130.197", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-21 18:02:14", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-03-05 06:17:57", "1758457", "http://213.5.130.154", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-03-05 06:17:56", "1758458", "http://213.5.130.200", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:29", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-03-05 06:17:55", "1758459", "http://213.5.130.131", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:28", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-03-05 06:17:54", "1758461", "http://213.5.130.189", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:28", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-01-26 13:57:13", "1737664", "https://fluraresto.me/live/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:24:32", "100", "False", "None", "c2,Latrodectus", "0", "Bitsight" "2026-01-26 13:57:13", "1737665", "https://mastralakkot.live/live/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:15:29", "100", "False", "None", "c2,Latrodectus", "0", "Bitsight" "2026-01-05 13:21:42", "1691605", "http://213.5.130.122", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:28", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-01-05 13:21:41", "1691603", "http://213.5.130.151", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-01-05 13:21:40", "1691604", "http://213.5.130.124", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:28", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2026-01-05 13:21:40", "1691606", "http://213.5.130.187", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:26", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:52", "1665523", "http://213.5.130.104", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:29", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:52", "1665524", "http://213.5.130.180", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:26", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:50", "1665525", "http://213.5.130.106", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:28", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:49", "1665526", "http://213.5.130.102", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:49", "1665527", "http://213.5.130.152", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:28", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:49", "1665528", "http://213.5.130.107", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:49", "1665529", "http://213.5.130.153", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:29", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:48", "1665530", "http://213.5.130.100", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:48", "1665531", "http://213.5.130.182", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:29", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-12-01 14:57:47", "1665532", "http://213.5.130.181", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-11-25 06:01:37", "1649775", "http://213.5.130.84", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:29", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-11-25 06:01:36", "1649776", "http://213.5.130.96", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:29", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-11-25 06:01:36", "1649777", "http://213.5.130.98", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:30", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-11-25 06:01:35", "1649778", "http://213.5.130.160", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:26", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-11-12 09:18:13", "1639223", "https://telegram.me/tkt1kr", "url", "botnet_cc", "win.vidar", "None", "Vidar", "2026-05-21 11:15:58", "100", "False", "", "Vidar", "0", "crep1x" "2025-10-21 13:19:24", "1624166", "http://213.5.130.75", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:30", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-10-21 13:19:23", "1624167", "http://213.5.130.10", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:27", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-10-21 13:19:22", "1624169", "http://213.5.130.90", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:29", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-10-21 13:19:22", "1624170", "http://213.5.130.89", "url", "botnet_cc", "unknown", "None", "Unknown malware", "2026-05-22 18:01:28", "100", "False", "None", "c2,REMPROXY", "0", "BlackLotusLabs" "2025-05-11 05:00:17", "1519450", "https://topguningit.com/test/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:22:16", "100", "False", "", "None", "0", "Rony" "2024-10-22 13:56:41", "1338675", "https://stripplasst.com/live/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:16:24", "100", "False", "https://www.vmray.com/latrodectus-a-year-in-the-making/", "c2,latrodectus,vmray", "0", "DonPasci" "2024-10-22 13:56:39", "1338673", "https://skinnyjeanso.com/live/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:08:40", "100", "False", "https://www.vmray.com/latrodectus-a-year-in-the-making/", "c2,latrodectus,vmray", "0", "DonPasci" "2024-10-22 13:56:34", "1338670", "https://coolarition.com/live/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:07:21", "100", "False", "https://www.vmray.com/latrodectus-a-year-in-the-making/", "c2,latrodectus,vmray", "0", "DonPasci" "2024-09-19 14:07:51", "1326051", "https://isomicrotich.com/test/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:13:19", "50", "False", "None", "1.7,Alpha", "0", "spamhaus" "2024-09-19 14:07:50", "1326052", "https://rilomenifis.com/test/", "url", "botnet_cc", "win.latrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:21:22", "50", "False", "None", "1.7,Alpha", "0", "spamhaus" "2024-08-30 07:05:10", "1317376", "https://pikchestop.com/test/", "url", "botnet_cc", "win.lactrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:17:47", "49", "False", "https://www.netskope.com/jp/blog/latrodectus-rapid-evolution-continues-with-latest-new-payload-features", "None", "0", "johannes" "2024-08-30 07:05:10", "1317377", "https://indepahote.com/test/", "url", "botnet_cc", "win.lactrodectus", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Latrodectus", "2026-05-22 19:08:44", "49", "False", "https://www.netskope.com/jp/blog/latrodectus-rapid-evolution-continues-with-latest-new-payload-features", "None", "0", "johannes" "2024-07-25 16:50:18", "1303634", "http://45.61.136.20/index.php/jlbcyg0q595vs4hef0", "url", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "2026-05-21 15:45:50", "100", "False", "None", "Loki", "0", "abuse_ch" "2024-03-22 19:47:18", "1248363", "https://titnovacrion.top/live/", "url", "botnet_cc", "win.unidentified_111", "BLACKWIDOW,IceNova,Latrodectus,Lotus", "Unidentified 111 (Latrodectus)", "2026-05-22 19:17:43", "100", "False", "", "None", "0", "Cryptolaemus1" # Number of entries: 220