################################################################
# ThreatFox IOCs: recent ip-port - CSV format                  #
# Last updated: 2025-10-20 00:04:03 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-10-20 00:04:03", "1618226", "3.91.9.4:1224", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/3.91.9.4", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2025-10-20 00:03:59", "1618225", "206.189.107.207:4444", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "https://search.censys.io/hosts/206.189.107.207", "AdaptixC2,AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "DonPasci"
"2025-10-20 00:03:58", "1618224", "34.22.85.55:8091", "ip:port", "botnet_cc", "win.adaptix_c2", "None", "AdaptixC2", "", "100", "https://search.censys.io/hosts/34.22.85.55", "AdaptixC2,AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM", "0", "DonPasci"
"2025-10-20 00:03:55", "1618223", "114.67.65.99:8000", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/114.67.65.99", "AS138421,C2,censys,CU-CN-AS,hacktool,Mimikatz,open-dir", "0", "DonPasci"
"2025-10-20 00:03:07", "1618222", "3.209.248.230:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "", "100", "https://search.censys.io/hosts/3.209.248.230", "AMAZON-AES,AS14618,C2,censys,DeimosC2", "0", "DonPasci"
"2025-10-20 00:02:32", "1618221", "27.124.41.58:4443", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/27.124.41.58", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,RAT,Venom", "0", "DonPasci"
"2025-10-20 00:02:28", "1618220", "102.117.166.215:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/102.117.166.215", "AS23889,C2,censys,MauritiusTelecom,Mythic", "0", "DonPasci"
"2025-10-20 00:01:50", "1618219", "185.194.141.222:62161", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/185.194.141.222", "AS197540,C2,censys,CobaltStrike,cs-watermark-666666666,NETCUP-AS", "0", "DonPasci"
"2025-10-19 20:42:52", "1618033", "185.49.70.76:443", "ip:port", "botnet_cc", "win.warmcookie", "Badspace,Carrotstick,QUICKBIND", "WarmCookie", "", "100", "None", "warmcookie", "0", "Rony"
"2025-10-19 20:03:06", "1618029", "58.244.47.120:10001", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/58.244.47.120", "AS4837,C2,censys,CHINA169-BACKBONE,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2025-10-19 20:02:55", "1618028", "192.142.10.111:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/192.142.10.111", "AS214036,C2,censys,Gafgyt,open-dir,ULTAHOST-AS", "0", "DonPasci"
"2025-10-19 20:02:42", "1618027", "52.22.211.254:443", "ip:port", "botnet_cc", "win.nimplant", "None", "Nimplant", "", "100", "https://search.censys.io/hosts/52.22.211.254", "AMAZON-AES,AS14618,C2,censys,Nimplant", "0", "DonPasci"
"2025-10-19 20:02:39", "1618026", "46.250.233.154:8080", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "", "100", "https://search.censys.io/hosts/46.250.233.154", "AS141995,C2,CAPL-AS-AP,censys,Posh", "0", "DonPasci"
"2025-10-19 20:02:38", "1618025", "46.250.233.154:8443", "ip:port", "botnet_cc", "win.poshc2", "None", "PoshC2", "", "100", "https://search.censys.io/hosts/46.250.233.154", "AS141995,C2,CAPL-AS-AP,censys,Posh", "0", "DonPasci"
"2025-10-19 20:02:36", "1618024", "13.228.79.218:5844", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.228.79.218", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-10-19 20:02:35", "1618023", "137.220.145.254:443", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "100", "https://search.censys.io/hosts/137.220.145.254", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,DcRAT,RAT", "0", "DonPasci"
"2025-10-19 20:02:29", "1618022", "136.115.153.49:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/136.115.153.49", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Mythic", "0", "DonPasci"
"2025-10-19 20:02:23", "1618020", "196.251.72.72:5444", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/196.251.72.72", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci"
"2025-10-19 20:02:23", "1618021", "157.20.182.9:4443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/157.20.182.9", "AS152485,AsyncRAT,C2,censys,HOSTER-AS-IN,RAT", "0", "DonPasci"
"2025-10-19 20:02:22", "1618019", "117.72.107.55:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/117.72.107.55", "AS141679,C2,censys,CHINATELECOM-IDC-BTHBD-AP,Supershell", "0", "DonPasci"
"2025-10-19 20:01:48", "1618017", "52.230.10.36:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/52.230.10.36", "AS8075,C2,censys,CobaltStrike,cs-watermark-987654321,MICROSOFT-CORP-MSN-AS-BLOCK", "0", "DonPasci"
"2025-10-19 20:01:48", "1618018", "120.48.123.10:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/120.48.123.10", "AS38365,BAIDU,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-10-19 20:01:47", "1618016", "185.196.11.20:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/185.196.11.20", "AS42624,C2,censys,CobaltStrike,cs-watermark-987654321,SWISSNETWORK02", "0", "DonPasci"
"2025-10-19 18:46:47", "1617934", "3.29.233.176:20326", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:46:34", "75", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2025-10-19 18:44:10", "1617933", "13.126.163.149:113", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:44:05", "75", "None", "drb-ra,NetSupport,RAT", "0", "abuse_ch"
"2025-10-19 18:01:50", "1617929", "82.202.140.218:2323", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/251019-s5y61awnat", "AS208677,C2,triage,xworm", "0", "DonPasci"
"2025-10-19 16:03:34", "1617916", "51.20.141.234:44817", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:47:19", "100", "https://search.censys.io/hosts/51.20.141.234", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-10-19 16:03:28", "1617914", "176.124.206.73:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-10-20 00:45:04", "100", "https://search.censys.io/hosts/176.124.206.73", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci"
"2025-10-19 16:03:27", "1617913", "51.38.189.142:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-10-20 00:47:20", "100", "https://search.censys.io/hosts/51.38.189.142", "AS16276,C2,censys,Mythic,OVH", "0", "DonPasci"
"2025-10-19 16:03:22", "1617912", "85.239.236.90:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:47:51", "100", "https://search.censys.io/hosts/85.239.236.90", "AS40021,AsyncRAT,C2,censys,CONTABO-40021,RAT", "0", "DonPasci"
"2025-10-19 16:03:21", "1617911", "93.233.104.82:51123", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:48:03", "100", "https://search.censys.io/hosts/93.233.104.82", "AS3320,AsyncRAT,C2,censys,DTAG,RAT", "0", "DonPasci"
"2025-10-19 16:01:46", "1617909", "83.229.125.175:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/83.229.125.175", "AS139659,C2,censys,CobaltStrike,cs-watermark-987654321,LUCID-AS-AP", "0", "DonPasci"
"2025-10-19 16:01:46", "1617910", "124.221.237.102:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/124.221.237.102", "AS45090,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP", "0", "DonPasci"
"2025-10-19 12:48:51", "1617889", "106.52.2.166:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:48:34", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-19 12:02:56", "1617883", "1.116.110.49:8001", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/1.116.110.49", "AS45090,C2,censys,hacktool,MetaSploit,Meterpreter,TENCENT-NET-AP", "0", "DonPasci"
"2025-10-19 12:02:38", "1617881", "154.209.5.135:9999", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251019-mhj6ns1nbr", "AS142403,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-19 12:02:38", "1617882", "154.209.5.135:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251019-mhj6ns1nbr", "AS142403,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-19 12:02:34", "1617880", "34.230.185.98:80", "ip:port", "botnet_cc", "win.nimplant", "None", "Nimplant", "", "100", "https://search.censys.io/hosts/34.230.185.98", "AMAZON-AES,AS14618,C2,censys,Nimplant", "0", "DonPasci"
"2025-10-19 12:02:31", "1617879", "154.214.55.46:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-10-20 00:44:30", "100", "https://search.censys.io/hosts/154.214.55.46", "AS54801,C2,censys,DeimosC2,ZILLION-NETWORK", "0", "DonPasci"
"2025-10-19 12:02:29", "1617878", "93.198.178.7:82", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:48:02", "100", "https://search.censys.io/hosts/93.198.178.7", "AS3320,C2,censys,DTAG,Netsupport,RAT", "0", "DonPasci"
"2025-10-19 12:02:28", "1617877", "102.96.148.94:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:43:07", "100", "https://search.censys.io/hosts/102.96.148.94", "AS36925,ASMedi,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-10-19 12:02:26", "1617876", "27.124.41.45:4443", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/27.124.41.45", "AS152194,C2,censys,CTGSERVERLIMITED-AS-AP,RAT,Venom", "0", "DonPasci"
"2025-10-19 12:02:03", "1617875", "18.231.188.90:4444", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-10-20 00:45:15", "100", "https://search.censys.io/hosts/18.231.188.90", "AMAZON-02,AS16509,C2,censys,RAT,Remcos", "0", "DonPasci"
"2025-10-19 11:45:07", "1617871", "147.185.221.180:32737", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch"
"2025-10-19 10:49:28", "1617861", "163.181.228.145:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:19", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-19 10:49:28", "1617862", "163.181.228.198:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:19", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-19 10:49:20", "1617860", "155.102.4.140:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:11", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-19 08:49:52", "1617842", "42.193.230.26:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:36", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-19 08:03:45", "1617832", "91.92.241.8:80", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "https://search.censys.io/hosts/91.92.241.8", "AS214943,C2,censys,Gafgyt,open-dir,RAILNET", "0", "DonPasci"
"2025-10-19 08:03:32", "1617831", "18.211.169.218:443", "ip:port", "botnet_cc", "win.nimplant", "None", "Nimplant", "", "100", "https://search.censys.io/hosts/18.211.169.218", "AMAZON-AES,AS14618,C2,censys,Nimplant", "0", "DonPasci"
"2025-10-19 08:02:54", "1617830", "64.225.117.10:8081", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-10-20 00:47:29", "100", "https://search.censys.io/hosts/64.225.117.10", "AS14061,C2,censys,DIGITALOCEAN-ASN,Havoc", "0", "DonPasci"
"2025-10-19 08:02:46", "1617829", "193.124.205.52:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:45:43", "100", "https://search.censys.io/hosts/193.124.205.52", "AS207994,AsyncRAT,BLOCKCHAIN-CREEK,C2,censys,RAT", "0", "DonPasci"
"2025-10-19 08:02:33", "1617828", "109.199.119.43:43160", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-10-20 00:43:53", "100", "https://search.censys.io/hosts/109.199.119.43", "AS51167,C2,censys,CONTABO,RAT,Remcos", "0", "DonPasci"
"2025-10-19 08:01:45", "1617827", "154.219.101.102:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:00", "100", "https://search.censys.io/hosts/154.219.101.102", "AS401696,C2,censys,CobaltStrike,COGNETCLOUD,cs-watermark-100000", "0", "DonPasci"
"2025-10-19 08:01:44", "1617826", "192.229.116.100:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:25", "100", "https://search.censys.io/hosts/192.229.116.100", "ANTBOX1-AS-AP,AS138995,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-10-19 08:01:43", "1617825", "155.94.154.27:8078", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:12", "100", "https://search.censys.io/hosts/155.94.154.27", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci"
"2025-10-19 06:40:09", "1617808", "65.185.19.181:25565", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "", "c2,njrat", "0", "juroots"
"2025-10-19 06:39:20", "1617670", "91.134.240.139:8080", "ip:port", "botnet_cc", "win.lokipws", "Burkina,Loki,LokiBot,LokiPWS", "Loki Password Stealer (PWS)", "", "75", "https://threatquery.com/engines/ip.html?value=91.134.240.139&type=ip", "AS16276,c2,LokiBot,threatquery", "0", "threatquery"
"2025-10-19 06:39:19", "1617729", "45.207.158.21:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:43", "100", "https://search.censys.io/hosts/45.207.158.21", "AS61112,C2,censys", "0", "dyingbreeds_"
"2025-10-19 06:39:19", "1617730", "47.243.175.24:65321", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:50", "100", "https://search.censys.io/hosts/47.243.175.24", "AS45102,C2,censys", "0", "dyingbreeds_"
"2025-10-19 06:39:19", "1617731", "1.15.134.238:13356", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:48:25", "100", "https://search.censys.io/hosts/1.15.134.238", "AS45090,C2,censys", "0", "dyingbreeds_"
"2025-10-19 06:39:18", "1617733", "64.225.117.10:8082", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-10-20 00:47:29", "100", "https://search.censys.io/hosts/64.225.117.10", "AS14061,C2,censys,DIGITALOCEAN-ASN", "0", "dyingbreeds_"
"2025-10-19 06:39:18", "1617734", "213.152.186.116:43763", "ip:port", "botnet_cc", "win.bit_rat", "None", "BitRAT", "2025-10-19 04:02:31", "100", "https://search.censys.io/hosts/213.152.186.116", "AS49453,C2,censys,GLOBALLAYER,RAT", "0", "dyingbreeds_"
"2025-10-19 06:39:17", "1617732", "157.20.182.18:4443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:44:32", "100", "https://search.censys.io/hosts/157.20.182.18", "AS152485,C2,censys,RAT", "0", "dyingbreeds_"
"2025-10-19 06:39:17", "1617737", "74.124.24.29:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/74.124.24.29", "AS13767,censys,DATABANK-DFW,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:16", "1617735", "177.21.21.15:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/177.21.21.15", "AS28186,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-19 06:39:15", "1617736", "172.86.192.30:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.86.192.30", "AS53732,Botnet,byob,C2,censys,INNSYS", "0", "dyingbreeds_"
"2025-10-19 06:39:15", "1617738", "3.232.52.86:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.232.52.86", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:14", "1617739", "154.40.47.52:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/154.40.47.52", "AS979,censys,GoPhish,NETLAB-SDN,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:14", "1617740", "181.32.34.242:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/181.32.34.242", "AS3816,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:14", "1617741", "128.140.45.123:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/128.140.45.123", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:13", "1617742", "45.141.3.55:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.141.3.55", "AS212663,censys,GoPhish,Phishing,REMOTE-ADMIN-AS", "0", "dyingbreeds_"
"2025-10-19 06:39:13", "1617743", "13.37.206.106:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.37.206.106", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:12", "1617745", "66.103.210.105:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/66.103.210.105", "AS35916,censys,GoPhish,MULTA-ASN1,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:11", "1617744", "13.60.244.167:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.60.244.167", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:11", "1617746", "172.172.125.127:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.172.125.127", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:11", "1617747", "200.85.49.125:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/200.85.49.125", "AS23201,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:10", "1617748", "217.76.51.68:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/217.76.51.68", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:10", "1617749", "137.74.41.241:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/137.74.41.241", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:10", "1617750", "124.221.3.225:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/124.221.3.225", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:09", "1617751", "5.75.196.7:4444", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/5.75.196.7", "AS24940,censys,GoPhish,HETZNER-AS,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:09", "1617752", "124.70.11.63:46654", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/124.70.11.63", "AS55990,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:08", "1617753", "147.93.108.235:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/147.93.108.235", "AS-HOSTINGER,AS47583,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:39:08", "1617754", "46.101.252.98:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/46.101.252.98", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-19 06:38:23", "1617802", "134.209.173.227:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-10-19 06:38:23", "1617803", "134.209.173.227:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-10-19 06:38:23", "1617804", "134.209.173.227:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "asyncrat,c2", "0", "juroots"
"2025-10-19 06:01:45", "1617771", "82.22.184.156:7771", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "https://tria.ge/251019-e9dtzaek2y", "AS215703,C2,triage,xworm", "0", "DonPasci"
"2025-10-19 04:02:53", "1617756", "3.80.223.90:8159", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/3.80.223.90", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2025-10-19 04:02:03", "1617755", "172.94.36.23:1906", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-10-20 00:45:00", "100", "https://search.censys.io/hosts/172.94.36.23", "AS212238,C2,CDNEXT,censys,RAT,Remcos", "0", "DonPasci"
"2025-10-19 02:55:09", "1617721", "185.149.24.201:22330", "ip:port", "botnet_cc", "win.purelogs", "None", "PureLogs Stealer", "", "100", "None", "PureLogsStealer", "0", "abuse_ch"
"2025-10-19 02:49:16", "1617720", "211.159.178.25:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:28", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-19 02:49:09", "1617719", "175.178.225.121:2083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:22", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-19 02:49:07", "1617718", "159.75.95.192:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:19", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-19 01:45:08", "1617708", "196.251.73.187:7000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-10-19 01:00:03", "1617703", "76.72.162.53:3333", "ip:port", "botnet_cc", "win.revenge_rat", "Revetrat", "Revenge RAT", "", "100", "None", "RevengeRAT", "0", "abuse_ch"
"2025-10-19 00:02:59", "1617696", "54.89.229.206:789", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/54.89.229.206", "AMAZON-AES,AS14618,C2,censys,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2025-10-19 00:02:58", "1617695", "81.68.194.58:4567", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/81.68.194.58", "AS45090,C2,censys,hacktool,MetaSploit,Meterpreter,TENCENT-NET-AP", "0", "DonPasci"
"2025-10-19 00:02:29", "1617692", "13.40.127.157:4841", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/13.40.127.157", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-10-19 00:02:18", "1617691", "45.74.8.8:404", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:47:02", "100", "https://search.censys.io/hosts/45.74.8.8", "AS3223,AsyncRAT,C2,censys,RAT,VOXILITY", "0", "DonPasci"
"2025-10-18 23:35:04", "1617687", "196.119.182.167:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch"
"2025-10-18 22:55:04", "1617682", "101.200.124.250:7890", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "None", "Meterpreter", "0", "abuse_ch"
"2025-10-18 20:03:04", "1617663", "213.176.19.66:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-10-20 00:46:18", "100", "https://search.censys.io/hosts/213.176.19.66", "AS207713,BianLian,C2,censys,GIR-AS", "0", "DonPasci"
"2025-10-18 20:02:43", "1617661", "176.65.148.166:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-10-19 04:00:41", "100", "https://search.censys.io/hosts/176.65.148.166", "AS51396,C2,censys,moobot,PFCLOUD", "0", "DonPasci"
"2025-10-18 20:02:43", "1617662", "176.46.152.89:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-10-19 04:00:42", "100", "https://search.censys.io/hosts/176.46.152.89", "AS214351,C2,censys,FEMOIT,moobot", "0", "DonPasci"
"2025-10-18 20:02:32", "1617660", "15.160.191.234:44817", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:44:28", "100", "https://search.censys.io/hosts/15.160.191.234", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-10-18 20:02:26", "1617659", "79.137.196.144:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-10-19 04:00:23", "100", "https://search.censys.io/hosts/79.137.196.144", "AEZA-AS,AS210644,C2,censys,Hookbot", "0", "DonPasci"
"2025-10-18 20:02:20", "1617657", "193.124.205.52:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:45:43", "100", "https://search.censys.io/hosts/193.124.205.52", "AS207994,AsyncRAT,BLOCKCHAIN-CREEK,C2,censys,RAT", "0", "DonPasci"
"2025-10-18 20:02:20", "1617658", "157.20.182.18:2026", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:44:32", "100", "https://search.censys.io/hosts/157.20.182.18", "AS152485,AsyncRAT,C2,censys,HOSTER-AS-IN,RAT", "0", "DonPasci"
"2025-10-18 20:02:16", "1617656", "195.246.231.248:8443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/195.246.231.248", "AS44925,C2,censys,payload,Sliver,THE-1984-AS", "0", "DonPasci"
"2025-10-18 20:02:09", "1617655", "16.171.175.22:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-10-20 00:44:38", "100", "https://search.censys.io/hosts/16.171.175.22", "AMAZON-02,AS16509,C2,censys,Sliver", "0", "DonPasci"
"2025-10-18 20:02:01", "1617654", "206.119.178.33:2043", "ip:port", "botnet_cc", "elf.gobrat", "None", "GobRAT", "", "100", "https://search.censys.io/hosts/206.119.178.33", "AS133199,C2,censys,GobRAT,RAT,SONDERCLOUDLIMITED-AS-AP", "0", "DonPasci"
"2025-10-18 20:01:44", "1617653", "198.55.109.241:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:27", "100", "https://search.censys.io/hosts/198.55.109.241", "AS-COLOCROSSING,AS36352,C2,censys,CobaltStrike,cs-watermark-666666666", "0", "DonPasci"
"2025-10-18 20:01:42", "1617652", "5.199.139.36:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:54", "100", "https://search.censys.io/hosts/5.199.139.36", "AS24961,C2,censys,CobaltStrike,cs-watermark-987654321,MYLOC-AS", "0", "DonPasci"
"2025-10-18 19:40:05", "1617649", "154.91.84.96:9865", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-10-18 18:44:11", "1617642", "135.125.107.53:9443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-10-20 00:44:08", "75", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2025-10-18 18:10:07", "1617638", "193.233.164.21:6000", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-10-18 18:02:37", "1617633", "154.23.184.79:3303", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-s7dm3sgp9t", "AS140227,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 18:02:37", "1617634", "103.236.70.38:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-r88zyafr6w", "AS134768,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 18:02:37", "1617635", "103.236.70.38:8888", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-r88zyafr6w", "AS134768,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 18:02:37", "1617636", "103.236.70.38:80", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-r88zyafr6w", "AS134768,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 18:02:36", "1617630", "38.47.221.20:6666", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-tyfazsspal", "AS140227,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 18:02:36", "1617631", "154.23.184.79:3301", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-s7dm3sgp9t", "AS140227,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 18:02:36", "1617632", "154.23.184.79:3302", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-s7dm3sgp9t", "AS140227,C2,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 18:01:47", "1617628", "64.225.69.61:7895", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://tria.ge/251018-szq87sgp2v", "AS14061,C2,rat,remcos,triage", "0", "DonPasci"
"2025-10-18 16:40:06", "1617619", "5.175.234.16:7010", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
"2025-10-18 16:15:03", "1617615", "31.223.81.157:1337", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2025-10-18 16:02:24", "1617612", "119.167.245.20:10250", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-10-20 00:43:58", "100", "https://search.censys.io/hosts/119.167.245.20", "AS4837,C2,censys,CHINA169-BACKBONE,DeimosC2", "0", "DonPasci"
"2025-10-18 16:02:24", "1617613", "89.116.44.137:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-10-20 00:47:54", "100", "https://search.censys.io/hosts/89.116.44.137", "AS46475,C2,censys,DeimosC2,LIMESTONENETWORKS", "0", "DonPasci"
"2025-10-18 16:02:21", "1617611", "56.228.6.106:27957", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:47:25", "100", "https://search.censys.io/hosts/56.228.6.106", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-10-18 16:02:17", "1617610", "45.45.218.216:8082", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-10-19 04:00:23", "100", "https://search.censys.io/hosts/45.45.218.216", "AS63473,C2,censys,Hookbot,HOSTHATCH", "0", "DonPasci"
"2025-10-18 16:02:16", "1617609", "161.35.224.107:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-10-20 00:44:41", "100", "https://search.censys.io/hosts/161.35.224.107", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-10-18 15:38:51", "1617605", "45.58.56.34:8880", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-10-18 15:38:50", "1617603", "47.108.117.100:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-391144938", "0", "abuse_ch"
"2025-10-18 15:38:50", "1617604", "192.229.116.99:8888", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:25", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-10-18 15:38:30", "1617602", "119.94.50.160:5555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-19 20:01:47", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch"
"2025-10-18 12:49:25", "1617577", "143.92.43.246:8011", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:48:57", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-18 12:49:07", "1617576", "114.132.235.230:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:48:40", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-18 12:41:28", "1617573", "91.92.241.145:59013", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "https://app.any.run/tasks/09601994-5630-4259-867a-a918617ebab9", "c2,xworm", "0", "juroots"
"2025-10-18 12:02:56", "1617567", "168.245.200.176:3790", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "", "100", "https://search.censys.io/hosts/168.245.200.176", "AS58580,C2,censys,FASTRACK,hacktool,MetaSploit,Meterpreter", "0", "DonPasci"
"2025-10-18 12:02:41", "1617565", "123.123.151.50:7777", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-f6p89sypay", "AS4808,C2,CHINA169-BJ,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 12:02:41", "1617566", "123.123.151.50:9999", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://tria.ge/251018-f6p89sypay", "AS4808,C2,CHINA169-BJ,rat,triage,valleyrat", "0", "DonPasci"
"2025-10-18 12:02:30", "1617564", "125.227.185.100:22053", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-10-20 00:44:04", "100", "https://search.censys.io/hosts/125.227.185.100", "AS3462,C2,censys,DeimosC2,HINET", "0", "DonPasci"
"2025-10-18 12:02:27", "1617563", "13.36.178.155:41795", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:44:06", "100", "https://search.censys.io/hosts/13.36.178.155", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-10-18 12:02:22", "1617562", "194.5.97.227:1604", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-10-19 04:00:26", "100", "https://search.censys.io/hosts/194.5.97.227", "AS149020,C2,censys,Quasar,RAT,WEBHORIZON-AS-AP", "0", "DonPasci"
"2025-10-18 12:02:21", "1617561", "91.92.242.76:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-10-19 04:00:24", "100", "https://search.censys.io/hosts/91.92.242.76", "AS209800,C2,censys,Hookbot,METASPINNER-ASN", "0", "DonPasci"
"2025-10-18 12:02:20", "1617560", "138.68.177.82:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-10-20 00:44:12", "100", "https://search.censys.io/hosts/138.68.177.82", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci"
"2025-10-18 12:02:14", "1617559", "148.251.67.144:50000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:44:26", "100", "https://search.censys.io/hosts/148.251.67.144", "AS24940,AsyncRAT,C2,censys,HETZNER-AS,RAT", "0", "DonPasci"
"2025-10-18 12:01:52", "1617558", "81.214.22.14:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-10-19 20:02:31", "100", "https://tria.ge/251018-n2ldhs1ke1", "AS9121,C2,quasar,rat,triage,TTNET", "0", "DonPasci"
"2025-10-18 10:48:51", "1617541", "114.67.243.235:8089", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:48:41", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch"
"2025-10-18 10:20:02", "1617535", "185.208.158.78:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-10-19 20:02:31", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch"
"2025-10-18 09:40:03", "1617528", "43.225.47.23:443", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch"
"2025-10-18 09:22:10", "1617524", "194.33.61.103:443", "ip:port", "botnet_cc", "win.rhadamanthys", "None", "Rhadamanthys", "", "100", "https://www.joesandbox.com/analysis/1797558/0/iochtml", "AS215826,joesandbox,PARTNER-HOSTING-LTD,Rhadamanthys,stealer", "0", "DonPasci"
"2025-10-18 08:44:12", "1617517", "135.125.107.53:443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-10-20 00:44:08", "75", "None", "BruteRatel,drb-ra", "0", "abuse_ch"
"2025-10-18 08:02:53", "1617510", "3.26.67.220:554", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:46:33", "100", "https://search.censys.io/hosts/3.26.67.220", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci"
"2025-10-18 08:02:48", "1617509", "181.161.10.162:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-10-19 04:00:25", "100", "https://search.censys.io/hosts/181.161.10.162", "AS7418,C2,censys,Quasar,RAT,TELEFONICA", "0", "DonPasci"
"2025-10-18 08:02:41", "1617508", "107.173.152.144:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-10-19 04:00:17", "100", "https://search.censys.io/hosts/107.173.152.144", "AS-COLOCROSSING,AS36352,C2,censys,Supershell", "0", "DonPasci"
"2025-10-18 07:35:03", "1617477", "85.208.84.208:4411", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "2025-10-19 06:21:03", "100", "None", "XWorm", "0", "abuse_ch"
"2025-10-18 05:45:12", "1617462", "45.155.54.62:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "75", "", "APT,APT36,StealthServer,TransparentTribe", "0", "abuse_ch"
"2025-10-18 04:02:24", "1617449", "41.141.124.55:443", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-10-20 00:46:48", "100", "https://search.censys.io/hosts/41.141.124.55", "AS36903,C2,censys,MT-MPLS,Netsupport,RAT", "0", "DonPasci"
"2025-10-18 04:01:20", "1617447", "168.138.228.68:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/168.138.228.68", "AS31898,censys,GoPhish,ORACLE-BMC-31898,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:20", "1617448", "119.28.6.250:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/119.28.6.250", "AS132203,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:19", "1617446", "198.46.143.115:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/198.46.143.115", "AS-COLOCROSSING,AS36352,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:18", "1617444", "192.248.161.226:3000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/192.248.161.226", "AS-VULTR,AS20473,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:18", "1617445", "34.105.192.157:3389", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.105.192.157", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:17", "1617442", "109.73.201.245:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/109.73.201.245", "AS9123,censys,GoPhish,Phishing,TIMEWEB-AS", "0", "dyingbreeds_"
"2025-10-18 04:01:17", "1617443", "193.70.42.0:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/193.70.42.0", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:16", "1617440", "37.59.112.102:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/37.59.112.102", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:16", "1617441", "18.135.6.22:2222", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.135.6.22", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:15", "1617438", "16.171.17.38:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/16.171.17.38", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:15", "1617439", "52.204.61.251:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.204.61.251", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:14", "1617437", "44.216.161.8:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/44.216.161.8", "AMAZON-AES,AS14618,censys,GoPhish,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:01:13", "1617436", "40.84.43.13:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/40.84.43.13", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_"
"2025-10-18 04:00:54", "1617432", "118.91.36.181:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/118.91.36.181", "AS10175,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:54", "1617433", "61.77.145.112:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/61.77.145.112", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:54", "1617434", "39.109.145.78:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/39.109.145.78", "AS55430,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:53", "1617429", "70.94.36.247:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/70.94.36.247", "AS11427,Botnet,byob,C2,censys,TWC-11427-TEXAS", "0", "dyingbreeds_"
"2025-10-18 04:00:53", "1617430", "211.193.130.88:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/211.193.130.88", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:53", "1617431", "220.92.72.82:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/220.92.72.82", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:52", "1617425", "212.251.145.230:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/212.251.145.230", "AS2119,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:52", "1617426", "41.205.51.242:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/41.205.51.242", "AS36907,Botnet,byob,C2,censys,TVCaboAngola", "0", "dyingbreeds_"
"2025-10-18 04:00:52", "1617427", "119.199.107.160:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/119.199.107.160", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:52", "1617428", "222.104.130.91:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/222.104.130.91", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:51", "1617421", "119.197.86.48:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/119.197.86.48", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:51", "1617422", "114.29.89.96:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/114.29.89.96", "AS38669,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:51", "1617423", "14.39.94.118:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/14.39.94.118", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:51", "1617424", "121.131.45.82:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/121.131.45.82", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:50", "1617417", "202.128.23.121:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/202.128.23.121", "AS3605,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:50", "1617418", "61.76.128.209:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/61.76.128.209", "AS4766,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:50", "1617419", "138.19.136.60:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/138.19.136.60", "AS9269,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:50", "1617420", "110.35.142.86:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/110.35.142.86", "AS9569,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:49", "1617414", "42.98.205.186:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/42.98.205.186", "AS4760,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:49", "1617415", "116.49.241.4:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/116.49.241.4", "AS4760,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:49", "1617416", "69.14.17.104:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/69.14.17.104", "AS12083,Botnet,byob,C2,censys,WOW-INTERNET", "0", "dyingbreeds_"
"2025-10-18 04:00:48", "1617412", "71.79.103.3:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/71.79.103.3", "AS10796,Botnet,byob,C2,censys,TWC-10796-MIDWEST", "0", "dyingbreeds_"
"2025-10-18 04:00:48", "1617413", "89.23.240.21:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/89.23.240.21", "AS42541,Botnet,byob,C2,censys,FIBERBY", "0", "dyingbreeds_"
"2025-10-18 04:00:47", "1617411", "218.212.157.249:8443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/218.212.157.249", "AS55430,Botnet,byob,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:41", "1617410", "137.220.145.250:443", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-10-18 04:02:23", "100", "https://search.censys.io/hosts/137.220.145.250", "AS152194,C2,censys,RAT", "0", "dyingbreeds_"
"2025-10-18 04:00:24", "1617409", "172.94.111.55:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-10-20 00:44:59", "100", "https://search.censys.io/hosts/172.94.111.55", "AS9009,C2,censys,M247,RAT", "0", "dyingbreeds_"
"2025-10-18 04:00:20", "1617408", "87.121.79.106:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-10-20 00:47:52", "90", "https://search.censys.io/hosts/87.121.79.106", "AS213725,C2,censys,UK-03AI", "0", "dyingbreeds_"
"2025-10-18 04:00:19", "1617407", "185.112.144.245:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-10-20 00:45:20", "90", "https://search.censys.io/hosts/185.112.144.245", "AS44925,C2,censys,THE-1984-AS", "0", "dyingbreeds_"
"2025-10-18 04:00:14", "1617406", "8.134.255.60:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-18 04:01:38", "100", "https://search.censys.io/hosts/8.134.255.60", "AS37963,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:13", "1617405", "47.108.21.186:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:45", "100", "https://search.censys.io/hosts/47.108.21.186", "AS37963,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:12", "1617404", "114.67.98.107:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-18 04:01:38", "100", "https://search.censys.io/hosts/114.67.98.107", "AS138421,C2,censys", "0", "dyingbreeds_"
"2025-10-18 04:00:11", "1617403", "188.137.180.79:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-10-20 00:49:24", "100", "https://search.censys.io/hosts/188.137.180.79", "AS211381,C2,censys,PODAON", "0", "dyingbreeds_"
"2025-10-18 03:35:06", "1617398", "193.161.193.99:37356", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "100", "None", "XWorm", "0", "abuse_ch"
# Number of entries: 206