################################################################ # ThreatFox IOCs: recent ip-port - CSV format # # Last updated: 2025-05-18 12:00:51 UTC # # # # Terms Of Use: https://threatfox.abuse.ch/faq/#tos # # For questions please contact threatfox [at] abuse.ch # ################################################################ # # "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter" "2025-05-18 12:00:51", "1525231", "172.234.250.243:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.234.250.243", "AKAMAI-LINODE-AP,AS63949,C2,censys,Mythic", "0", "DonPasci" "2025-05-18 12:00:46", "1525230", "192.227.220.27:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/192.227.220.27", "AS-COLOCROSSING,AS36352,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-18 12:00:45", "1525228", "128.90.115.247:5000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/128.90.115.247", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-05-18 12:00:45", "1525229", "205.234.144.127:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "100", "https://search.censys.io/hosts/205.234.144.127", "AS399486,AsyncRAT,C2,censys,RAT,VIRTUO", "0", "DonPasci" "2025-05-18 12:00:40", "1525227", "206.206.77.61:2222", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/206.206.77.61", "AS215311,C2,censys,payload,REGXA-CLOUD,Sliver", "0", "DonPasci" "2025-05-18 12:00:30", "1525226", "86.38.225.161:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/86.38.225.161", "AS396073,C2,censys,MAJESTIC-HOSTING-01,RAT,Remcos", "0", "DonPasci" "2025-05-18 09:00:35", "1525222", "49.233.87.64:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:58:21", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-18 08:58:31", "1525221", "154.8.233.224:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:40", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-18 08:55:26", "1525220", "84.38.184.97:9100", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 13:53:52", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-18 08:46:46", "1525219", "158.160.51.4:9100", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 13:46:00", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-18 08:11:53", "1525218", "47.121.203.184:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-18 08:05:48", "1525129", "196.251.72.252:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:49:39", "100", "https://search.censys.io/hosts/196.251.72.252", "AS401120,C2,censys,CHEAPY-HOST,RAT", "0", "dyingbreeds_" "2025-05-18 08:05:46", "1525125", "51.79.202.24:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:52:41", "100", "https://search.censys.io/hosts/51.79.202.24", "AS16276,C2,censys,OVH,RAT", "0", "dyingbreeds_" "2025-05-18 08:05:45", "1525135", "45.38.20.244:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 04:00:51", "100", "https://search.censys.io/hosts/45.38.20.244", "AS215659,C2,censys,MOEMOEKYUN,Mythic", "0", "dyingbreeds_" "2025-05-18 08:05:45", "1525138", "47.108.139.103:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.108.139.103", "AS37963,censys,Viper", "0", "dyingbreeds_" "2025-05-18 08:05:44", "1525139", "31.210.37.100:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/31.210.37.100", "AS60446,censys,DATEMA,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:44", "1525140", "13.60.46.114:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.60.46.114", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:43", "1525141", "61.174.243.80:40256", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/61.174.243.80", "AS136190,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:43", "1525144", "52.210.91.186:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.210.91.186", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:42", "1525142", "34.250.55.210:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.250.55.210", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:42", "1525143", "103.77.215.126:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.77.215.126", "AS140810,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:42", "1525145", "200.155.28.200:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/200.155.28.200", "AS15830,censys,EQUINIX,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:41", "1525146", "61.183.132.26:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/61.183.132.26", "AS4134,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:41", "1525147", "54.77.123.112:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.77.123.112", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:41", "1525148", "123.57.38.20:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/123.57.38.20", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:40", "1525149", "122.152.204.139:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/122.152.204.139", "AS45090,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:40", "1525150", "13.233.128.232:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/13.233.128.232", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:40", "1525151", "34.123.234.116:3000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.123.234.116", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:39", "1525152", "212.156.31.230:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/212.156.31.230", "AS9121,censys,GoPhish,Phishing,TTNET", "0", "dyingbreeds_" "2025-05-18 08:05:39", "1525153", "158.160.185.38:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/158.160.185.38", "AS200350,censys,GoPhish,Phishing,YANDEXCLOUD", "0", "dyingbreeds_" "2025-05-18 08:05:39", "1525154", "84.46.248.162:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/84.46.248.162", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:38", "1525155", "18.199.244.6:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.199.244.6", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:37", "1525156", "18.199.244.6:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/18.199.244.6", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:37", "1525157", "45.236.128.172:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/45.236.128.172", "AS52368,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-18 08:05:36", "1525205", "5.180.82.194:43957", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "75", "None", "Moobot", "0", "elfdigest" "2025-05-18 08:01:10", "1525217", "176.65.142.203:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/176.65.142.203", "-Reserved,AS215240,C2,censys,moobot", "0", "DonPasci" "2025-05-18 08:01:09", "1525216", "138.2.101.39:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "", "100", "https://search.censys.io/hosts/138.2.101.39", "AS31898,C2,censys,moobot,ORACLE-BMC-31898", "0", "DonPasci" "2025-05-18 08:00:58", "1525215", "54.244.141.27:19999", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:52:52", "100", "https://search.censys.io/hosts/54.244.141.27", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-18 08:00:50", "1525214", "198.46.199.107:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:49:51", "100", "https://search.censys.io/hosts/198.46.199.107", "AS-COLOCROSSING,AS36352,C2,censys,Mythic", "0", "DonPasci" "2025-05-18 08:00:45", "1525213", "66.63.187.252:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:53:13", "100", "https://search.censys.io/hosts/66.63.187.252", "AS214943,AsyncRAT,C2,censys,RAILNET,RAT", "0", "DonPasci" "2025-05-18 08:00:30", "1525210", "146.70.67.154:6513", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:45:19", "100", "https://search.censys.io/hosts/146.70.67.154", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-05-18 08:00:30", "1525211", "196.251.83.104:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/196.251.83.104", "AS401120,C2,censys,CHEAPY-HOST,RAT,Remcos", "0", "DonPasci" "2025-05-18 08:00:30", "1525212", "176.65.142.90:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:47:52", "100", "https://search.censys.io/hosts/176.65.142.90", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci" "2025-05-18 08:00:29", "1525209", "45.132.107.36:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:51:47", "100", "https://search.censys.io/hosts/45.132.107.36", "AS211381,C2,censys,PODAON,RAT,Remcos", "0", "DonPasci" "2025-05-18 08:00:13", "1525208", "193.37.58.234:48873", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:57:11", "100", "https://search.censys.io/hosts/193.37.58.234", "AS212238,C2,CDNEXT,censys,CobaltStrike,cs-watermark-100000", "0", "DonPasci" "2025-05-18 08:00:12", "1525207", "154.64.231.181:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://search.censys.io/hosts/154.64.231.181", "AS979,C2,censys,CobaltStrike,cs-watermark-987654321,NETLAB-SDN", "0", "DonPasci" "2025-05-18 06:19:50", "1525204", "193.161.193.99:45540", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "50", "", "c2,xworm", "0", "juroots" "2025-05-18 06:17:40", "1525200", "193.161.193.99:34383", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-18 06:16:37", "1525199", "109.242.232.94:10048", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "", "c2,darkcomet", "0", "juroots" "2025-05-18 06:15:34", "1525197", "45.138.68.10:9205", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/45.138.68.10#9205", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-18 06:15:10", "1525196", "103.214.109.34:10001", "ip:port", "botnet_cc", "win.extreme_rat", "ExtRat", "Xtreme RAT", "", "50", "https://www.shodan.io/host/103.214.109.34#10001", "c2,extreme,shodan", "0", "juroots" "2025-05-18 06:14:53", "1525195", "13.208.181.240:10397", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/13.208.181.240#10397", "c2,netsupport,shodan", "0", "juroots" "2025-05-18 06:14:34", "1525194", "185.208.159.102:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:48:35", "50", "https://www.shodan.io/host/185.208.159.102#80", "c2,oyster,shodan", "0", "juroots" "2025-05-18 06:14:06", "1525193", "86.123.49.75:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/86.123.49.75#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-18 06:14:05", "1525189", "24.144.82.16:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/24.144.82.16#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-18 06:14:05", "1525190", "37.252.19.120:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/37.252.19.120#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-18 06:14:05", "1525191", "172.232.121.75:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/172.232.121.75#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-18 06:14:05", "1525192", "195.2.71.152:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/195.2.71.152#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-18 06:13:51", "1525185", "105.156.224.14:5006", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#5006", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:51", "1525186", "105.156.224.14:7071", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#7071", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:51", "1525187", "41.143.200.243:10443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#10443", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:51", "1525188", "41.143.200.243:47990", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#47990", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:50", "1525181", "105.156.224.14:8081", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8081", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:50", "1525182", "105.156.224.14:10250", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#10250", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:50", "1525183", "105.156.224.14:8009", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8009", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:50", "1525184", "105.156.224.14:5986", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#5986", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:49", "1525177", "105.156.224.14:8181", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8181", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:49", "1525178", "105.156.224.14:8880", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8880", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:49", "1525179", "105.156.224.14:8085", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8085", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:49", "1525180", "105.156.224.14:9001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#9001", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:48", "1525173", "105.156.224.14:9002", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#9002", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:48", "1525174", "105.156.224.14:6443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#6443", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:48", "1525175", "105.156.224.14:8834", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8834", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:48", "1525176", "105.156.224.14:4064", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#4064", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:47", "1525169", "105.156.224.14:47990", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#47990", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:47", "1525170", "105.156.224.14:31337", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#31337", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:47", "1525171", "105.156.224.14:2087", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#2087", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:47", "1525172", "105.156.224.14:55553", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#55553", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:46", "1525166", "105.156.224.14:1926", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#1926", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:46", "1525167", "105.156.224.14:2376", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#2376", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:46", "1525168", "105.156.224.14:8083", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#8083", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:45", "1525163", "105.156.224.14:4444", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#4444", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:45", "1525164", "105.156.224.14:3780", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#3780", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:45", "1525165", "105.156.224.14:9898", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/105.156.224.14#9898", "c2,quasar,shodan", "0", "juroots" "2025-05-18 06:13:24", "1525161", "101.200.183.130:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/101.200.183.130#80", "c2,cobaltstrike,shodan", "0", "juroots" "2025-05-18 06:13:24", "1525162", "154.8.233.224:81", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.8.233.224#81", "c2,cobaltstrike,shodan", "0", "juroots" "2025-05-18 06:13:01", "1525160", "154.8.233.224:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 06:13:24", "50", "https://www.shodan.io/host/154.8.233.224#8081", "c2,cobaltstrike,cs-watermark-600000,shodan", "0", "juroots" "2025-05-18 06:12:45", "1525159", "118.178.192.36:8092", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 06:13:24", "50", "https://www.shodan.io/host/118.178.192.36#8092", "c2,cobaltstrike,cs-watermark-305419896,shodan", "0", "juroots" "2025-05-18 06:12:42", "1525158", "101.200.183.130:88", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 06:13:25", "50", "https://www.shodan.io/host/101.200.183.130#88", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-05-18 04:00:58", "1525137", "18.182.66.217:6003", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:48:14", "100", "https://search.censys.io/hosts/18.182.66.217", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-18 04:00:42", "1525136", "8.220.195.197:8903", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/8.220.195.197", "ALIBABA-CN-NET,AS45102,C2,censys,payload,Sliver", "0", "DonPasci" "2025-05-18 04:00:31", "1525131", "45.80.158.95:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:52:08", "100", "https://search.censys.io/hosts/45.80.158.95", "AS210558,C2,censys,RAT,Remcos,SERVICES-1337-GMBH", "0", "DonPasci" "2025-05-18 04:00:31", "1525132", "104.37.4.116:6012", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:43:33", "100", "https://search.censys.io/hosts/104.37.4.116", "ACEHOSTONLINE,AS214059,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-18 04:00:31", "1525133", "104.37.4.116:6013", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:43:33", "100", "https://search.censys.io/hosts/104.37.4.116", "ACEHOSTONLINE,AS214059,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-18 04:00:30", "1525127", "172.94.27.162:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:47:22", "100", "https://search.censys.io/hosts/172.94.27.162", "AS396356,C2,censys,LATITUDE-SH,RAT,Remcos", "0", "DonPasci" "2025-05-18 04:00:30", "1525128", "185.157.162.132:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:48:27", "100", "https://search.censys.io/hosts/185.157.162.132", "AS42675,C2,censys,OBEHOSTING,RAT,Remcos", "0", "DonPasci" "2025-05-18 04:00:30", "1525130", "79.110.49.199:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:53:26", "100", "https://search.censys.io/hosts/79.110.49.199", "AS399486,C2,censys,RAT,Remcos,VIRTUO", "0", "DonPasci" "2025-05-18 04:00:29", "1525126", "196.251.115.237:5001", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:49:27", "100", "https://search.censys.io/hosts/196.251.115.237", "AS401116,C2,censys,NYBULA,RAT,Remcos", "0", "DonPasci" "2025-05-18 02:57:46", "1525123", "49.233.87.64:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:58:21", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-18 02:56:06", "1525122", "154.8.233.224:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:40", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-18 02:56:05", "1525121", "154.8.233.224:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:40", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-18 02:56:03", "1525120", "154.219.119.16:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:38", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-18 02:55:59", "1525119", "152.136.52.129:8082", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:35", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-18 02:55:25", "1525118", "119.29.201.113:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:00", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-18 01:57:48", "1524918", "172.104.143.142:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:47", "1524917", "92.65.104.212:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:46", "1524916", "120.26.4.73:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:45", "1524915", "49.232.230.33:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:44", "1524914", "193.188.23.150:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:57:11", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:43", "1524913", "205.185.122.202:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:42", "1524912", "156.238.245.84:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:41", "1524911", "94.103.4.228:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:40", "1524910", "60.204.210.63:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:38", "1524909", "13.218.104.66:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:37", "1524908", "106.15.127.125:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:36", "1524907", "64.176.60.8:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:35", "1524906", "8.147.118.153:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:34", "1524905", "45.143.234.221:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:33", "1524904", "150.109.109.38:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:32", "1524903", "47.236.58.201:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:31", "1524902", "47.109.201.173:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:30", "1524901", "43.138.81.232:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:29", "1524900", "43.140.243.146:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:28", "1524899", "47.100.68.73:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:27", "1524898", "47.108.157.156:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-18 01:57:24", "1524885", "176.65.138.123:7716", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-05-18 00:01:15", "1524933", "118.184.186.43:54681", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-05-18 13:44:08", "100", "https://search.censys.io/hosts/118.184.186.43", "AS138950,censys,Chaos,CHINATELECOM-JIANGSU-WUXI-INTERNATIONAL-IDC,panel", "0", "DonPasci" "2025-05-18 00:01:13", "1524932", "82.27.2.254:55650", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-05-18 04:01:04", "100", "https://search.censys.io/hosts/82.27.2.254", "AS215703,C2,censys,FREAKHOSTING,moobot", "0", "DonPasci" "2025-05-18 00:01:01", "1524931", "15.152.32.140:789", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:45:30", "100", "https://search.censys.io/hosts/15.152.32.140", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-18 00:01:00", "1524930", "3.24.180.187:14265", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:50:56", "100", "https://search.censys.io/hosts/3.24.180.187", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-18 00:00:59", "1524929", "111.170.171.242:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 13:43:53", "100", "https://search.censys.io/hosts/111.170.171.242", "AS151185,C2,censys,CT-XIANGYANG-IDC2,DcRAT,RAT", "0", "DonPasci" "2025-05-18 00:00:57", "1524928", "193.35.154.157:4449", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-05-18 04:00:48", "100", "https://search.censys.io/hosts/193.35.154.157", "AS212219,C2,censys,HOSTINGDUNYAM,RAT,Venom", "0", "DonPasci" "2025-05-18 00:00:54", "1524927", "110.231.239.196:14782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:41", "100", "https://search.censys.io/hosts/110.231.239.196", "AS4837,C2,censys,CHINA169-BACKBONE,Quasar,RAT", "0", "DonPasci" "2025-05-18 00:00:47", "1524926", "196.251.87.67:7777", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:49:45", "100", "https://search.censys.io/hosts/196.251.87.67", "AS401120,AsyncRAT,C2,censys,CHEAPY-HOST,RAT", "0", "DonPasci" "2025-05-18 00:00:46", "1524925", "94.101.128.110:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:54:22", "100", "https://search.censys.io/hosts/94.101.128.110", "AS50810,AsyncRAT,C2,censys,MOBINNET-AS,RAT", "0", "DonPasci" "2025-05-18 00:00:35", "1524923", "34.45.231.202:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:51:10", "100", "https://search.censys.io/hosts/34.45.231.202", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Sliver", "0", "DonPasci" "2025-05-18 00:00:35", "1524924", "18.191.200.148:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/18.191.200.148", "AMAZON-02,AS16509,C2,censys,open-dir,payload,Sliver", "0", "DonPasci" "2025-05-18 00:00:34", "1524922", "34.30.115.167:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:51:10", "100", "https://search.censys.io/hosts/34.30.115.167", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Sliver", "0", "DonPasci" "2025-05-18 00:00:19", "1524921", "45.131.42.75:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:57:51", "100", "https://search.censys.io/hosts/45.131.42.75", "AS49505,C2,censys,CobaltStrike,SELECTEL", "0", "DonPasci" "2025-05-18 00:00:16", "1524920", "118.178.192.36:4444", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:55:58", "100", "https://search.censys.io/hosts/118.178.192.36", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-305419896", "0", "DonPasci" "2025-05-18 00:00:10", "1524919", "1.94.181.67:28088", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:55:14", "100", "https://search.censys.io/hosts/1.94.181.67", "AS55990,C2,censys,CobaltStrike,cs-watermark-987654321,HWCSNET", "0", "DonPasci" "2025-05-17 22:57:18", "1524897", "137.220.205.223:7777", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:24", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-17 21:00:20", "1524890", "62.60.226.191:1912", "ip:port", "botnet_cc", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "100", "None", "RedLineStealer", "0", "abuse_ch" "2025-05-17 20:53:26", "1524889", "8.217.245.162:58008", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:53:36", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-17 20:52:19", "1524888", "49.232.6.238:443", "ip:port", "botnet_cc", "win.bianlian", "None", "BianLian", "2025-05-18 13:52:29", "75", "None", "Bianlian,drb-ra", "0", "abuse_ch" "2025-05-17 20:51:24", "1524887", "39.40.184.19:995", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-18 13:51:35", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-17 20:21:44", "1524886", "202.181.24.126:9663", "ip:port", "botnet_cc", "elf.bashlite", "gayfgt,Gafgyt,qbot,torlus,lizkebab", "Bashlite", "", "100", "", "Gafgyt", "0", "NDA0E" "2025-05-17 20:01:24", "1524884", "86.48.26.83:8080", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/86.48.26.83", "AS40021,Byakugan,C2,censys,NL-811-40021,panel,Stealer", "0", "DonPasci" "2025-05-17 20:01:12", "1524883", "15.228.248.225:2404", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 04:00:51", "100", "https://search.censys.io/hosts/15.228.248.225", "AMAZON-02,AS16509,C2,censys,DcRAT,RAT", "0", "DonPasci" "2025-05-17 20:01:08", "1524882", "188.225.9.121:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 13:48:49", "100", "https://search.censys.io/hosts/188.225.9.121", "AS9123,C2,censys,Havoc,TIMEWEB-AS", "0", "DonPasci" "2025-05-17 20:01:05", "1524877", "105.156.224.14:9042", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:05", "1524878", "105.156.224.14:30165", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:05", "1524879", "105.156.224.14:2080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:05", "1524880", "105.156.224.14:4433", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:05", "1524881", "105.156.224.14:19161", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:04", "1524872", "105.156.224.14:64101", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:04", "1524873", "105.156.224.14:22560", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:04", "1524874", "105.156.224.14:55556", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:04", "1524875", "105.156.224.14:60902", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:04", "1524876", "105.156.224.14:1534", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:03", "1524866", "105.156.224.14:26002", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:03", "1524867", "105.156.224.14:55396", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:03", "1524868", "105.156.224.14:56988", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:03", "1524869", "105.156.224.14:10761", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:03", "1524870", "105.156.224.14:36433", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:03", "1524871", "105.156.224.14:62732", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:02", "1524863", "105.156.224.14:47594", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:02", "1524864", "105.156.224.14:2", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:42", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:02", "1524865", "105.156.224.14:50001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:01", "1524861", "105.156.224.14:3494", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:01", "1524862", "105.156.224.14:5628", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:00", "1524855", "105.156.224.14:5386", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:00", "1524856", "105.156.224.14:6001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:00", "1524857", "105.156.224.14:14591", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:00", "1524858", "105.156.224.14:31879", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:00", "1524859", "105.156.224.14:53226", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:01:00", "1524860", "105.156.224.14:51094", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:59", "1524850", "105.156.224.14:12509", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:59", "1524851", "105.156.224.14:29885", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:59", "1524852", "105.156.224.14:37781", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:59", "1524853", "105.156.224.14:47662", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:59", "1524854", "105.156.224.14:623", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:58", "1524846", "105.156.224.14:57916", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:58", "1524847", "105.156.224.14:58175", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:58", "1524848", "105.156.224.14:2116", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:58", "1524849", "105.156.224.14:9201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:57", "1524841", "105.156.224.14:47824", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:57", "1524842", "105.156.224.14:752", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:57", "1524843", "105.156.224.14:5980", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:57", "1524844", "105.156.224.14:23037", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:57", "1524845", "105.156.224.14:103", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:56", "1524836", "105.156.224.14:22054", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:56", "1524837", "105.156.224.14:2083", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:56", "1524838", "105.156.224.14:2125", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:56", "1524839", "105.156.224.14:3260", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:56", "1524840", "105.156.224.14:43942", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:55", "1524833", "105.156.224.14:11300", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:55", "1524834", "105.156.224.14:15443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:55", "1524835", "105.156.224.14:20183", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:54", "1524828", "105.156.224.14:25255", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:54", "1524829", "105.156.224.14:32938", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:54", "1524830", "105.156.224.14:47999", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:54", "1524831", "105.156.224.14:636", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:54", "1524832", "105.156.224.14:3000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:53", "1524826", "105.156.224.14:12746", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:53", "1524827", "105.156.224.14:63524", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/105.156.224.14", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-17 20:00:45", "1524825", "206.238.115.155:443", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:50:08", "100", "https://search.censys.io/hosts/206.238.115.155", "AS399077,AsyncRAT,C2,censys,RAT,TERAEXCH", "0", "DonPasci" "2025-05-17 20:00:44", "1524824", "103.27.225.199:2021", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:43:20", "100", "https://search.censys.io/hosts/103.27.225.199", "AS22363,AsyncRAT,C2,censys,PHMGMT-AS1,RAT", "0", "DonPasci" "2025-05-17 20:00:31", "1524823", "158.247.215.42:443", "ip:port", "botnet_cc", "win.pupy", "Patpoopy", "pupy", "2025-05-18 13:46:04", "100", "https://search.censys.io/hosts/158.247.215.42", "AS-VULTR,AS20473,C2,censys,Pupy,RAT", "0", "DonPasci" "2025-05-17 20:00:29", "1524822", "185.157.162.132:443", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:48:27", "100", "https://search.censys.io/hosts/185.157.162.132", "AS42675,C2,censys,OBEHOSTING,RAT,Remcos", "0", "DonPasci" "2025-05-17 20:00:26", "1524821", "154.194.35.243:4567", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-05-18 04:00:16", "100", "https://search.censys.io/hosts/154.194.35.243", "AS215123,C2,censys,DarkComet,QZ,RAT", "0", "DonPasci" "2025-05-17 20:00:09", "1524820", "137.220.205.223:9999", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:24", "100", "https://search.censys.io/hosts/137.220.205.223", "AS152194,C2,censys,CobaltStrike,cs-watermark-987654321,CTGSERVERLIMITED-AS-AP", "0", "DonPasci" "2025-05-17 19:09:23", "1524815", "47.83.164.89:7777", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "https://x.com/skocherhan/status/1923802868525437418", "None", "0", "JaffaCakes118" "2025-05-17 18:55:09", "1524812", "107.150.0.72:9792", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" "2025-05-17 18:40:49", "1524810", "178.208.187.90:3778", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-05-17 17:56:21", "1524804", "51.79.57.15:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "2025-05-17 17:56:22", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-17 17:56:21", "1524805", "45.154.96.21:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-17 17:56:21", "1524806", "176.100.36.19:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-17 17:56:21", "1524807", "51.38.140.90:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-17 17:56:21", "1524808", "37.114.50.115:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-17 17:56:21", "1524809", "128.0.118.43:181", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "censys,Mirai", "0", "NDA0E" "2025-05-17 16:10:10", "1524797", "38.181.35.83:6628", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-17 16:01:12", "1524796", "120.26.48.72:54681", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-05-18 13:44:14", "100", "https://search.censys.io/hosts/120.26.48.72", "ALIBABA-CN-NET,AS37963,censys,Chaos,panel", "0", "DonPasci" "2025-05-17 16:01:09", "1524795", "89.42.88.163:80", "ip:port", "botnet_cc", "elf.moobot", "None", "MooBot", "2025-05-18 04:01:04", "100", "https://search.censys.io/hosts/89.42.88.163", "AS211409,C2,censys,FOXIBYTES,moobot", "0", "DonPasci" "2025-05-17 16:00:56", "1524794", "18.231.125.241:1194", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:48:18", "100", "https://search.censys.io/hosts/18.231.125.241", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-17 16:00:53", "1524793", "200.100.117.217:7000", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "2025-05-18 04:00:47", "100", "https://search.censys.io/hosts/200.100.117.217", "AS27699,C2,censys,RAT,TELEFONICA,Venom", "0", "DonPasci" "2025-05-17 16:00:50", "1524792", "142.147.97.184:1000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:42", "100", "https://search.censys.io/hosts/142.147.97.184", "AS64236,C2,censys,Quasar,RAT,UNREAL-SERVERS", "0", "DonPasci" "2025-05-17 16:00:47", "1524789", "172.232.121.75:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:47:10", "100", "https://search.censys.io/hosts/172.232.121.75", "AKAMAI-LINODE-AP,AS63949,C2,censys,Mythic", "0", "DonPasci" "2025-05-17 16:00:47", "1524790", "144.91.92.240:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:45:11", "100", "https://search.censys.io/hosts/144.91.92.240", "AS51167,C2,censys,CONTABO,Mythic", "0", "DonPasci" "2025-05-17 16:00:47", "1524791", "144.172.93.173:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:45:06", "100", "https://search.censys.io/hosts/144.172.93.173", "AS14956,C2,censys,Mythic,ROUTERHOSTING", "0", "DonPasci" "2025-05-17 15:30:12", "1524786", "39.46.104.231:6903", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-17 14:43:19", "1524780", "87.65.108.118:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/87.65.108.118#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-17 14:42:42", "1524777", "43.199.156.171:16027", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/43.199.156.171#16027", "c2,netsupport,shodan", "0", "juroots" "2025-05-17 14:42:09", "1524776", "91.132.92.182:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/91.132.92.182#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 14:42:08", "1524773", "167.99.51.2:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/167.99.51.2#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 14:42:08", "1524774", "64.227.174.56:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/64.227.174.56#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 14:42:08", "1524775", "185.14.31.2:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/185.14.31.2#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 14:42:05", "1524771", "41.143.200.243:5986", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#5986", "c2,quasar,shodan", "0", "juroots" "2025-05-17 14:42:05", "1524772", "41.143.200.243:5006", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#5006", "c2,quasar,shodan", "0", "juroots" "2025-05-17 14:42:04", "1524767", "41.143.200.243:7443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#7443", "c2,quasar,shodan", "0", "juroots" "2025-05-17 14:42:04", "1524768", "41.143.200.243:16993", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#16993", "c2,quasar,shodan", "0", "juroots" "2025-05-17 14:42:04", "1524769", "41.143.200.243:9091", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9091", "c2,quasar,shodan", "0", "juroots" "2025-05-17 14:42:04", "1524770", "41.143.200.243:9002", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9002", "c2,quasar,shodan", "0", "juroots" "2025-05-17 14:17:58", "1524700", "43.140.37.228:8022", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:57", "1524701", "45.77.15.155:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:53", "1524702", "106.54.186.146:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:51", "1524703", "103.4.8.40:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:47", "1524704", "119.45.250.61:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:46", "1524705", "103.195.191.221:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:40", "1524706", "1.94.228.130:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:39", "1524707", "45.192.99.52:9991", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:38", "1524708", "116.62.208.141:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:35", "1524709", "61.135.130.176:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:34", "1524710", "139.224.191.58:10010", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 14:17:32", "1524711", "47.113.219.193:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 12:01:12", "1524740", "88.216.68.32:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:54:03", "100", "https://search.censys.io/hosts/88.216.68.32", "AS204770,censys,CHERRYSERVERS3-AS,EvilGoPhish,panel,Phishing", "0", "DonPasci" "2025-05-17 12:00:54", "1524739", "101.99.94.33:4449", "ip:port", "botnet_cc", "win.venom", "None", "Venom RAT", "", "100", "https://search.censys.io/hosts/101.99.94.33", "AS45839,C2,censys,RAT,SHINJIRU-MY-AS-AP,Venom", "0", "DonPasci" "2025-05-17 12:00:43", "1524736", "115.190.82.210:6606", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:44:00", "100", "https://search.censys.io/hosts/115.190.82.210", "AS137718,AsyncRAT,C2,censys,RAT,VOLCANO-ENGINE", "0", "DonPasci" "2025-05-17 12:00:43", "1524737", "115.190.82.210:7707", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:44:00", "100", "https://search.censys.io/hosts/115.190.82.210", "AS137718,AsyncRAT,C2,censys,RAT,VOLCANO-ENGINE", "0", "DonPasci" "2025-05-17 12:00:43", "1524738", "196.251.116.59:8888", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:49:34", "100", "https://search.censys.io/hosts/196.251.116.59", "AS401116,AsyncRAT,C2,censys,NYBULA,RAT", "0", "DonPasci" "2025-05-17 12:00:28", "1524734", "104.243.35.242:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:43:28", "100", "https://search.censys.io/hosts/104.243.35.242", "AS23470,C2,censys,RAT,RELIABLESITE,Remcos", "0", "DonPasci" "2025-05-17 12:00:28", "1524735", "5.8.19.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:52:36", "100", "https://search.censys.io/hosts/5.8.19.105", "AS42474,C2,censys,IL,RAT,Remcos", "0", "DonPasci" "2025-05-17 12:00:27", "1524732", "37.120.206.166:63513", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:51:21", "100", "https://search.censys.io/hosts/37.120.206.166", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-05-17 12:00:27", "1524733", "146.70.67.90:6513", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:45:20", "100", "https://search.censys.io/hosts/146.70.67.90", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-05-17 12:00:10", "1524731", "139.159.148.68:18443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:25", "100", "https://search.censys.io/hosts/139.159.148.68", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci" "2025-05-17 12:00:08", "1524730", "106.75.78.139:33333", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:55:35", "100", "https://search.censys.io/hosts/106.75.78.139", "AS4808,C2,censys,CHINA169-BJ,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-05-17 10:58:33", "1524712", "13.61.187.30:443", "ip:port", "botnet_cc", "win.meterpreter", "None", "Meterpreter", "2025-05-18 13:56:22", "75", "None", "drb-ra,Metasploit,Meterpreter", "0", "abuse_ch" "2025-05-17 10:22:14", "1524681", "13.217.84.67:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:13", "1524682", "81.70.251.110:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:13", "1524683", "1.12.73.153:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:12", "1524684", "47.115.202.29:50050", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:10", "1524685", "43.142.137.164:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:10", "1524686", "124.70.34.224:10080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:09", "1524687", "193.37.69.42:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:08", "1524688", "139.59.43.25:44319", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:07", "1524689", "139.180.212.104:8880", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:06", "1524690", "81.70.197.166:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:05", "1524691", "137.184.162.1:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:03", "1524692", "13.229.249.25:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:02", "1524693", "111.229.116.40:8090", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:01", "1524694", "222.186.56.77:4443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:22:00", "1524695", "103.59.110.143:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:21:59", "1524696", "54.226.0.4:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:21:59", "1524697", "51.210.104.196:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:21:58", "1524698", "107.175.36.100:20001", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:21:57", "1524699", "139.180.202.103:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike,shodan", "0", "orlof_v" "2025-05-17 10:15:11", "1524680", "154.23.184.57:4433", "ip:port", "botnet_cc", "win.valley_rat", "Winos", "ValleyRAT", "", "100", "None", "RAT,ValleyRAT", "0", "abuse_ch" "2025-05-17 10:10:37", "1524678", "216.9.227.170:2013", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-17 10:07:39", "1524673", "105.101.121.203:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/105.101.121.203#1604", "c2,darkcomet,shodan", "0", "juroots" "2025-05-17 10:07:24", "1524672", "2.143.144.138:6001", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/2.143.144.138#6001", "c2,netsupport,shodan", "0", "juroots" "2025-05-17 10:06:55", "1524670", "18.132.35.207:30001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/18.132.35.207#30001", "c2,netbus,shodan", "0", "juroots" "2025-05-17 10:06:55", "1524671", "18.132.35.207:3151", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/18.132.35.207#3151", "c2,netbus,shodan", "0", "juroots" "2025-05-17 10:06:38", "1524669", "176.126.163.56:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/176.126.163.56#9000", "c2,sectop,shodan", "0", "juroots" "2025-05-17 10:06:37", "1524668", "91.184.242.37:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/91.184.242.37#9000", "c2,sectop,shodan", "0", "juroots" "2025-05-17 10:06:20", "1524665", "41.143.200.243:2087", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#2087", "c2,quasar,shodan", "0", "juroots" "2025-05-17 10:06:20", "1524666", "41.143.200.243:9898", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9898", "c2,quasar,shodan", "0", "juroots" "2025-05-17 10:06:20", "1524667", "41.143.200.243:8443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#8443", "c2,quasar,shodan", "0", "juroots" "2025-05-17 10:06:19", "1524663", "41.143.200.243:7548", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#7548", "c2,quasar,shodan", "0", "juroots" "2025-05-17 10:06:19", "1524664", "41.143.200.243:5001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#5001", "c2,quasar,shodan", "0", "juroots" "2025-05-17 10:06:16", "1524662", "1.94.238.169:55555", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/1.94.238.169#55555", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-05-17 08:55:06", "1524661", "84.33.244.17:443", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 13:53:52", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-17 08:54:39", "1524660", "8.130.15.174:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 13:53:28", "75", "None", "drb-ra,Havoc", "0", "abuse_ch" "2025-05-17 08:54:28", "1524659", "70.31.125.18:2222", "ip:port", "botnet_cc", "win.qakbot", "Oakboat,Pinkslipbot,Qbot,Quakbot", "QakBot", "2025-05-18 13:53:18", "75", "None", "drb-ra,Qakbot,Qbot,Quakbot", "0", "abuse_ch" "2025-05-17 08:53:49", "1524658", "51.79.255.203:8080", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-17 19:53:06", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-17 08:52:28", "1524657", "38.253.29.29:8080", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 13:51:30", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-17 08:47:09", "1524656", "167.99.51.2:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:46:57", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-17 08:46:55", "1524655", "165.227.163.243:31337", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "2025-05-18 13:46:44", "75", "None", "BruteRatel,drb-ra", "0", "abuse_ch" "2025-05-17 08:46:41", "1524654", "163.181.72.106:4506", "ip:port", "botnet_cc", "win.deimos_c2", "None", "DeimosC2", "2025-05-18 13:46:31", "75", "None", "Deimos,drb-ra", "0", "abuse_ch" "2025-05-17 08:01:12", "1524653", "34.141.142.28:8080", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-05-18 14:12:02", "100", "https://search.censys.io/hosts/34.141.142.28", "AS396982,censys,Chaos,GOOGLE-CLOUD-PLATFORM,panel", "0", "DonPasci" "2025-05-17 08:00:58", "1524652", "18.231.248.100:14385", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "100", "https://search.censys.io/hosts/18.231.248.100", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-17 08:00:57", "1524651", "154.44.186.53:8848", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 04:00:50", "100", "https://search.censys.io/hosts/154.44.186.53", "AS214036,C2,censys,DcRAT,RAT,ULTAHOST-AS", "0", "DonPasci" "2025-05-17 08:00:51", "1524649", "88.198.50.169:7201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:41", "100", "https://search.censys.io/hosts/88.198.50.169", "AS24940,C2,censys,HETZNER-AS,Quasar,RAT", "0", "DonPasci" "2025-05-17 08:00:51", "1524650", "212.53.231.176:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-18 04:00:42", "100", "https://search.censys.io/hosts/212.53.231.176", "AS62336,C2,censys,PURTEL-AS,Quasar,RAT", "0", "DonPasci" "2025-05-17 08:00:50", "1524647", "85.239.33.120:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 04:00:38", "100", "https://search.censys.io/hosts/85.239.33.120", "ALEXHOST,AS200019,C2,censys,Hookbot", "0", "DonPasci" "2025-05-17 08:00:50", "1524648", "108.165.230.99:8089", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 04:00:39", "100", "https://search.censys.io/hosts/108.165.230.99", "AS210356,BATTLEHOST,C2,censys,Hookbot", "0", "DonPasci" "2025-05-17 08:00:48", "1524645", "158.220.95.153:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 04:00:34", "100", "https://search.censys.io/hosts/158.220.95.153", "AS51167,C2,censys,CONTABO,Mythic", "0", "DonPasci" "2025-05-17 08:00:44", "1524644", "45.141.84.229:15747", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "100", "https://search.censys.io/hosts/45.141.84.229", "AS206728,C2,censys,MEDIALAND-AS,RAT,Sectop", "0", "DonPasci" "2025-05-17 08:00:43", "1524643", "128.90.106.188:4000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:44:26", "100", "https://search.censys.io/hosts/128.90.106.188", "AS40861,AsyncRAT,C2,censys,PARAD-40-ASN,RAT", "0", "DonPasci" "2025-05-17 08:00:42", "1524642", "5.180.105.158:8808", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:52:31", "100", "https://search.censys.io/hosts/5.180.105.158", "AS209737,AsyncRAT,C2,censys,RAT", "0", "DonPasci" "2025-05-17 08:00:32", "1524641", "167.99.51.2:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:46:57", "100", "https://search.censys.io/hosts/167.99.51.2", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci" "2025-05-17 08:00:31", "1524640", "134.209.72.63:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:44:40", "100", "https://search.censys.io/hosts/134.209.72.63", "AS14061,C2,censys,DIGITALOCEAN-ASN,Sliver", "0", "DonPasci" "2025-05-17 08:00:27", "1524638", "176.65.142.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:47:46", "100", "https://search.censys.io/hosts/176.65.142.105", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci" "2025-05-17 08:00:27", "1524639", "91.206.169.79:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:54:12", "100", "https://search.censys.io/hosts/91.206.169.79", "AS210558,C2,censys,RAT,Remcos,SERVICES-1337-GMBH", "0", "DonPasci" "2025-05-17 08:00:26", "1524637", "176.65.142.114:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:47:46", "100", "https://search.censys.io/hosts/176.65.142.114", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci" "2025-05-17 08:00:12", "1524636", "159.75.84.224:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:48", "100", "https://search.censys.io/hosts/159.75.84.224", "AS45090,C2,censys,CobaltStrike,cs-watermark-305419896,TENCENT-NET-AP", "0", "DonPasci" "2025-05-17 08:00:08", "1524635", "38.47.106.119:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:57:29", "100", "https://search.censys.io/hosts/38.47.106.119", "AS55933,C2,censys,CLOUDIE-AS-AP,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-05-17 08:00:06", "1524634", "144.172.92.218:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:28", "100", "https://search.censys.io/hosts/144.172.92.218", "AS14956,C2,censys,CobaltStrike,cs-watermark-987654321,ROUTERHOSTING", "0", "DonPasci" "2025-05-17 06:45:00", "1524370", "185.200.191.124:443", "ip:port", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "75", "https://bazaar.abuse.ch/sample/4641c993478534eeca8f5c777f352e0f3592d1dc67f52fabc3ff3957f195e8ab/", "MetaStealer", "0", "abuse_ch" "2025-05-17 06:35:34", "1524364", "185.29.8.65:6374", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-17 06:35:34", "1524365", "216.9.227.170:1213", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "50", "", "c2,remcos", "0", "juroots" "2025-05-17 06:30:34", "1524349", "85.239.33.120:8089", "ip:port", "botnet_cc", "apk.ermac", "None", "ERMAC", "", "50", "https://www.shodan.io/host/85.239.33.120#8089", "c2,ermac,shodan", "0", "juroots" "2025-05-17 06:30:20", "1524348", "79.124.62.10:9000", "ip:port", "botnet_cc", "win.sectop_rat", "1xxbot,ArechClient", "SectopRAT", "", "50", "https://www.shodan.io/host/79.124.62.10#9000", "c2,sectop,shodan", "0", "juroots" "2025-05-17 06:30:07", "1524347", "13.208.60.44:4063", "ip:port", "botnet_cc", "win.blackshades", "None", "BlackShades", "", "50", "https://www.shodan.io/host/13.208.60.44#4063", "blackshades,c2,shodan", "0", "juroots" "2025-05-17 06:29:52", "1524346", "88.247.35.166:1604", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "", "50", "https://www.shodan.io/host/88.247.35.166#1604", "c2,darkcomet,shodan", "0", "juroots" "2025-05-17 06:29:40", "1524345", "156.223.210.247:1177", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "50", "https://www.shodan.io/host/156.223.210.247#1177", "c2,njrat,shodan", "0", "juroots" "2025-05-17 06:29:27", "1524344", "210.215.129.230:4443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/210.215.129.230#4443", "c2,shodan,villain", "0", "juroots" "2025-05-17 06:29:13", "1524343", "162.254.85.213:9443", "ip:port", "botnet_cc", "win.brute_ratel_c4", "BOLDBADGER,BruteRatel", "Brute Ratel C4", "", "50", "https://www.shodan.io/host/162.254.85.213#9443", "bruteratel,c2,shodan", "0", "juroots" "2025-05-17 06:28:42", "1524341", "118.122.8.221:19071", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/118.122.8.221#19071", "c2,netbus,shodan", "0", "juroots" "2025-05-17 06:28:42", "1524342", "18.132.35.207:6001", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/18.132.35.207#6001", "c2,netbus,shodan", "0", "juroots" "2025-05-17 06:28:22", "1524340", "2.143.144.138:600", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/2.143.144.138#600", "c2,netsupport,shodan", "0", "juroots" "2025-05-17 06:28:21", "1524338", "18.208.161.116:49", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/18.208.161.116#49", "c2,netsupport,shodan", "0", "juroots" "2025-05-17 06:28:21", "1524339", "16.78.93.131:7634", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "", "50", "https://www.shodan.io/host/16.78.93.131#7634", "c2,netsupport,shodan", "0", "juroots" "2025-05-17 06:27:55", "1524335", "47.120.38.173:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/47.120.38.173#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-17 06:27:55", "1524336", "190.123.46.143:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/190.123.46.143#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-17 06:27:55", "1524337", "100.29.177.149:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/100.29.177.149#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-17 06:27:54", "1524334", "91.99.67.190:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "50", "https://www.shodan.io/host/91.99.67.190#3333", "c2,gophish,phishing,shodan", "0", "juroots" "2025-05-17 06:27:29", "1524331", "8.216.80.229:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/8.216.80.229#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 06:27:29", "1524332", "192.210.201.119:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/192.210.201.119#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 06:27:29", "1524333", "51.79.255.203:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/51.79.255.203#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 06:27:28", "1524329", "80.78.30.127:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/80.78.30.127#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 06:27:28", "1524330", "156.244.46.77:31337", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "50", "https://www.shodan.io/host/156.244.46.77#31337", "c2,shodan,sliver", "0", "juroots" "2025-05-17 06:27:09", "1524327", "41.143.200.243:1926", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#1926", "c2,quasar,shodan", "0", "juroots" "2025-05-17 06:27:09", "1524328", "41.143.171.44:8085", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.171.44#8085", "c2,quasar,shodan", "0", "juroots" "2025-05-17 06:27:08", "1524324", "41.143.200.243:10909", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#10909", "c2,quasar,shodan", "0", "juroots" "2025-05-17 06:27:08", "1524325", "41.143.200.243:9095", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9095", "c2,quasar,shodan", "0", "juroots" "2025-05-17 06:27:08", "1524326", "41.143.200.243:4434", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#4434", "c2,quasar,shodan", "0", "juroots" "2025-05-17 06:27:07", "1524322", "41.143.200.243:8139", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#8139", "c2,quasar,shodan", "0", "juroots" "2025-05-17 06:27:07", "1524323", "41.143.200.243:9443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "50", "https://www.shodan.io/host/41.143.200.243#9443", "c2,quasar,shodan", "0", "juroots" "2025-05-17 06:26:26", "1524321", "106.38.201.218:8800", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/106.38.201.218#8800", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-05-17 06:26:25", "1524320", "124.221.30.83:8889", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/124.221.30.83#8889", "c2,cobaltstrike,cs-watermark-666666666,shodan", "0", "juroots" "2025-05-17 06:26:23", "1524319", "101.35.109.246:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/101.35.109.246#443", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-05-17 06:26:22", "1524316", "120.27.20.98:10086", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:04", "50", "https://www.shodan.io/host/120.27.20.98#10086", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-05-17 06:26:22", "1524317", "154.44.10.82:8840", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/154.44.10.82#8840", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-05-17 06:26:22", "1524318", "1.95.148.173:2083", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "https://www.shodan.io/host/1.95.148.173#2083", "c2,cobaltstrike,cs-watermark-987654321,shodan", "0", "juroots" "2025-05-17 06:21:25", "1524313", "45.81.23.48:47001", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "50", "", "None", "0", "Abodovic" "2025-05-17 06:11:53", "1524254", "54.37.226.59:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:08:00", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:53", "1524255", "8.134.70.73:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:08:19", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:52", "1524256", "118.107.42.247:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:08:41", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:52", "1524257", "117.72.74.85:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:51", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:52", "1524258", "47.116.181.251:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:28", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:51", "1524259", "113.250.188.15:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:30", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:51", "1524260", "118.107.42.250:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:50", "1524261", "103.82.53.18:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:16", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:50", "1524262", "1.14.200.238:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-17 23:09:18", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:49", "1524263", "49.0.246.64:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:49", "1524264", "117.72.107.255:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:48", "1524265", "15.156.70.35:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:47", "1524266", "117.72.17.162:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "75", "https://x.com/abodovic1", "c2,censys,CobaltStrike", "0", "Abodovic" "2025-05-17 06:11:47", "1524267", "150.241.97.83:31999", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:45:37", "90", "https://search.censys.io/hosts/150.241.97.83", "AEZA-AS,AS210644,C2,censys", "0", "dyingbreeds_" "2025-05-17 06:11:47", "1524272", "147.45.116.129:2053", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-17 04:00:44", "100", "https://search.censys.io/hosts/147.45.116.129", "AS215540,C2,censys,GCS-AS,Hookbot", "0", "dyingbreeds_" "2025-05-17 06:11:45", "1524273", "176.65.140.223:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 13:47:42", "100", "https://search.censys.io/hosts/176.65.140.223", "AS214717,C2,censys,DOLPHINHOST-AS,Hookbot", "0", "dyingbreeds_" "2025-05-17 06:11:44", "1524280", "172.245.82.123:60000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/172.245.82.123", "AS-COLOCROSSING,AS36352,censys,Viper", "0", "dyingbreeds_" "2025-05-17 06:11:44", "1524281", "103.149.90.231:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/103.149.90.231", "AS142032,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:44", "1524282", "84.200.24.88:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/84.200.24.88", "AS44066,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:43", "1524283", "185.30.208.29:8082", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.30.208.29", "AS199917,censys,DECIMA-AS,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:43", "1524284", "194.163.190.200:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/194.163.190.200", "AS51167,censys,CONTABO,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:42", "1524285", "47.113.202.225:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/47.113.202.225", "AS37963,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:42", "1524286", "185.238.2.144:60008", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/185.238.2.144", "AS200313,censys,GoPhish,INTERNET-IT,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:41", "1524287", "54.77.123.112:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.77.123.112", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:40", "1524288", "3.16.55.246:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/3.16.55.246", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:40", "1524289", "52.56.128.85:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.56.128.85", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:39", "1524290", "52.78.66.48:80", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/52.78.66.48", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:39", "1524291", "34.151.202.206:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.151.202.206", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:37", "1524292", "146.190.147.191:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/146.190.147.191", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:37", "1524293", "5.129.200.4:3434", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/5.129.200.4", "AS9123,censys,GoPhish,Phishing,TIMEWEB-AS", "0", "dyingbreeds_" "2025-05-17 06:11:36", "1524294", "35.176.128.30:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/35.176.128.30", "AMAZON-02,AS16509,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:36", "1524296", "48.209.8.189:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/48.209.8.189", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:35", "1524295", "34.123.234.116:443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.123.234.116", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:35", "1524299", "54.36.208.252:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/54.36.208.252", "AS16276,censys,GoPhish,OVH,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:34", "1524297", "64.227.173.94:1724", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/64.227.173.94", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:34", "1524298", "167.71.93.67:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/167.71.93.67", "AS14061,censys,DIGITALOCEAN-ASN,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:33", "1524300", "159.138.136.69:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/159.138.136.69", "AS136907,censys,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:32", "1524301", "20.84.117.139:3333", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/20.84.117.139", "AS8075,censys,GoPhish,MICROSOFT-CORP-MSN-AS-BLOCK,Phishing", "0", "dyingbreeds_" "2025-05-17 06:11:32", "1524302", "34.100.236.204:3000", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "", "100", "https://search.censys.io/hosts/34.100.236.204", "AS396982,censys,GOOGLE-CLOUD-PLATFORM,GoPhish,Phishing", "0", "dyingbreeds_" "2025-05-17 06:04:58", "1524310", "47.254.149.115:8081", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-17 06:04:58", "1524311", "103.45.65.80:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:55:30", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-17 06:04:58", "1524312", "156.238.224.164:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 08:11:54", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-17 06:04:44", "1524309", "104.143.38.36:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-05-17 06:04:42", "1524305", "196.251.83.52:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 08:11:31", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-17 06:04:42", "1524306", "106.15.105.78:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-666666666", "0", "abuse_ch" "2025-05-17 06:04:42", "1524307", "120.76.238.109:800", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-17 06:04:42", "1524308", "196.251.83.52:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 08:11:35", "100", "None", "CobaltStrike,cs-watermark-987654321", "0", "abuse_ch" "2025-05-17 06:04:38", "1524304", "154.92.15.53:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "None", "CobaltStrike", "0", "abuse_ch" "2025-05-17 04:01:14", "1524279", "193.252.54.170:8081", "ip:port", "botnet_cc", "win.mimikatz", "None", "MimiKatz", "", "100", "https://search.censys.io/hosts/193.252.54.170", "AS3215,C2,censys,France,hacktool,Mimikatz,open-dir", "0", "DonPasci" "2025-05-17 04:00:52", "1524277", "3.249.21.15:5984", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:50:57", "100", "https://search.censys.io/hosts/3.249.21.15", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-17 04:00:51", "1524276", "54.191.4.203:1963", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:52:49", "100", "https://search.censys.io/hosts/54.191.4.203", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-17 04:00:48", "1524274", "202.61.192.161:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 13:50:03", "100", "https://search.censys.io/hosts/202.61.192.161", "AS197540,C2,censys,Havoc,NETCUP-AS", "0", "DonPasci" "2025-05-17 04:00:48", "1524275", "202.61.192.161:4433", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 13:50:03", "100", "https://search.censys.io/hosts/202.61.192.161", "AS197540,C2,censys,Havoc,NETCUP-AS", "0", "DonPasci" "2025-05-17 04:00:28", "1524270", "34.45.231.202:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/34.45.231.202", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,open-dir,payload,Sliver", "0", "DonPasci" "2025-05-17 04:00:28", "1524271", "86.123.49.75:80", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "", "100", "https://search.censys.io/hosts/86.123.49.75", "AS8708,C2,censys,open-dir,payload,RCS-RDS,Sliver", "0", "DonPasci" "2025-05-17 04:00:23", "1524268", "146.70.137.90:3010", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:45:17", "100", "https://search.censys.io/hosts/146.70.137.90", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-05-17 04:00:23", "1524269", "172.111.244.100:37830", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:47:05", "100", "https://search.censys.io/hosts/172.111.244.100", "AS9009,C2,censys,M247,RAT,Remcos", "0", "DonPasci" "2025-05-17 01:30:16", "1524120", "196.119.86.83:10000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-17 00:02:31", "1524119", "8.134.85.229:47486", "ip:port", "botnet_cc", "win.chaos", "FakeRyuk,RyukJoke,Yashma", "Chaos", "2025-05-18 13:53:29", "100", "https://search.censys.io/hosts/8.134.85.229", "ALIBABA-CN-NET,AS37963,censys,Chaos,panel", "0", "DonPasci" "2025-05-17 00:02:15", "1524117", "35.179.132.39:789", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:51:13", "100", "https://search.censys.io/hosts/35.179.132.39", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-17 00:02:15", "1524118", "3.135.183.122:718", "ip:port", "botnet_cc", "win.netsupportmanager_rat", "NetSupport", "NetSupportManager RAT", "2025-05-18 13:50:54", "100", "https://search.censys.io/hosts/3.135.183.122", "AMAZON-02,AS16509,C2,censys,Netsupport,RAT", "0", "DonPasci" "2025-05-17 00:02:14", "1524116", "206.206.76.25:8080", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-17 04:01:27", "100", "https://search.censys.io/hosts/206.206.76.25", "AS215311,C2,censys,DcRAT,RAT,REGXA-CLOUD", "0", "DonPasci" "2025-05-17 00:02:13", "1524114", "45.141.233.60:55330", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 13:51:52", "100", "https://search.censys.io/hosts/45.141.233.60", "AS214943,C2,censys,DcRAT,RAILNET,RAT", "0", "DonPasci" "2025-05-17 00:02:13", "1524115", "213.209.150.22:55140", "ip:port", "botnet_cc", "win.dcrat", "DarkCrystal RAT", "DCRat", "2025-05-18 13:50:25", "100", "https://search.censys.io/hosts/213.209.150.22", "AS214943,C2,censys,DcRAT,RAILNET,RAT", "0", "DonPasci" "2025-05-17 00:02:10", "1524113", "18.228.31.163:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 13:48:18", "100", "https://search.censys.io/hosts/18.228.31.163", "AMAZON-02,AS16509,C2,censys,Havoc", "0", "DonPasci" "2025-05-17 00:02:06", "1524112", "24.96.73.177:8080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:41", "100", "https://search.censys.io/hosts/24.96.73.177", "AS12083,C2,censys,Quasar,RAT,WOW-INTERNET", "0", "DonPasci" "2025-05-17 00:02:05", "1524111", "45.141.233.43:50555", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-18 13:51:52", "100", "https://search.censys.io/hosts/45.141.233.43", "AS214943,C2,censys,Hookbot,RAILNET", "0", "DonPasci" "2025-05-17 00:01:58", "1524110", "88.237.19.77:1000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:54:04", "100", "https://search.censys.io/hosts/88.237.19.77", "AS9121,AsyncRAT,C2,censys,RAT,TTNET", "0", "DonPasci" "2025-05-16 21:57:21", "1524105", "47.92.216.212:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:58:15", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-16 20:56:21", "1524104", "165.154.226.249:53", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:49", "75", "None", "CobaltStrike,drb-ra", "0", "abuse_ch" "2025-05-16 20:53:24", "1524101", "80.78.30.127:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:53:41", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-16 20:52:28", "1524100", "51.79.255.203:8888", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:52:41", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-16 20:51:14", "1524099", "38.147.171.158:16521", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:51:25", "75", "None", "drb-ra,Sliver", "0", "abuse_ch" "2025-05-16 20:02:32", "1524096", "123.60.135.200:8082", "ip:port", "botnet_cc", "win.vshell", "None", "Vshell", "2025-05-17 04:01:35", "100", "https://search.censys.io/hosts/123.60.135.200", "AS55990,C2,censys,HWCSNET,Vshell", "0", "DonPasci" "2025-05-16 20:02:21", "1524091", "41.143.171.44:49152", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:57", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:21", "1524092", "41.143.171.44:830", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:58", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:21", "1524093", "41.143.171.44:80", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:10", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:21", "1524094", "41.143.171.44:21482", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:50", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:21", "1524095", "41.143.171.44:8082", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:15", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:20", "1524086", "41.143.171.44:6061", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:44", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:20", "1524087", "41.143.171.44:40736", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:09", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:20", "1524088", "41.143.171.44:4841", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:52", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:20", "1524089", "41.143.171.44:8636", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:45", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:20", "1524090", "41.143.171.44:832", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:51", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:19", "1524082", "41.143.171.44:20201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:48", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:19", "1524083", "41.143.171.44:15814", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:55", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:19", "1524084", "41.143.171.44:24813", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:49", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:19", "1524085", "41.143.171.44:7547", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:01", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:18", "1524076", "41.143.200.243:25565", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:18", "1524077", "41.143.200.243:63612", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:18", "1524078", "41.143.200.243:4839", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:18", "1524079", "41.143.200.243:4841", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:18", "1524080", "41.143.200.243:24400", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:18", "1524081", "41.143.171.44:18244", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:02", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:17", "1524071", "41.143.200.243:5985", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:17", "1524072", "41.143.200.243:18310", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:17", "1524073", "41.143.200.243:22954", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:17", "1524074", "41.143.200.243:6000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:17", "1524075", "41.143.200.243:21556", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:16", "1524066", "41.143.200.243:33095", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:16", "1524067", "41.143.200.243:34492", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:16", "1524068", "41.143.200.243:46202", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:16", "1524069", "41.143.200.243:5000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:16", "1524070", "41.143.200.243:5556", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:15", "1524060", "41.143.200.243:28434", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:15", "1524061", "41.143.200.243:36153", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:15", "1524062", "41.143.200.243:44819", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:15", "1524063", "41.143.200.243:16360", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:15", "1524064", "41.143.200.243:39634", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:15", "1524065", "41.143.200.243:46704", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:14", "1524055", "41.143.200.243:12608", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:14", "1524056", "41.143.200.243:40615", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:14", "1524057", "41.143.200.243:62658", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:14", "1524058", "41.143.200.243:12984", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:14", "1524059", "41.143.200.243:17238", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:13", "1524050", "41.143.200.243:50995", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:13", "1524051", "41.143.200.243:53747", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:13", "1524052", "41.143.200.243:2", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:43", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:13", "1524053", "41.143.200.243:8122", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:13", "1524054", "41.143.200.243:11055", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:12", "1524044", "41.143.200.243:20080", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:12", "1524045", "41.143.200.243:27153", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:12", "1524046", "41.143.200.243:3128", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:12", "1524047", "41.143.200.243:32941", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:12", "1524048", "41.143.200.243:47228", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:12", "1524049", "41.143.200.243:51776", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:11", "1524039", "41.143.200.243:40000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:11", "1524040", "41.143.200.243:58083", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:11", "1524041", "41.143.200.243:929", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:11", "1524042", "41.143.200.243:1201", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:11", "1524043", "41.143.200.243:8883", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:10", "1524034", "41.143.200.243:6443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:10", "1524035", "41.143.200.243:43204", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:10", "1524036", "41.143.200.243:3390", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:10", "1524037", "41.143.200.243:43645", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:10", "1524038", "41.143.200.243:33840", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:09", "1524029", "41.143.200.243:50621", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:09", "1524030", "41.143.200.243:8636", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:09", "1524031", "41.143.200.243:18811", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:09", "1524032", "41.143.200.243:44657", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:09", "1524033", "41.143.200.243:5903", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:08", "1524024", "41.143.200.243:65524", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:08", "1524025", "41.143.200.243:119", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:08", "1524026", "41.143.200.243:14701", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:08", "1524027", "41.143.200.243:38788", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:08", "1524028", "41.143.200.243:46259", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:07", "1524019", "41.143.200.243:60000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:07", "1524020", "41.143.200.243:31225", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:07", "1524021", "41.143.200.243:46857", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:07", "1524022", "41.143.200.243:48213", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:07", "1524023", "41.143.200.243:39313", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:06", "1524018", "41.143.200.243:3389", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://search.censys.io/hosts/41.143.200.243", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 20:02:04", "1524016", "178.172.173.38:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:48:04", "100", "https://search.censys.io/hosts/178.172.173.38", "AS6697,BELPAK-AS,C2,censys,Mythic", "0", "DonPasci" "2025-05-16 20:02:04", "1524017", "209.38.162.253:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:50:14", "100", "https://search.censys.io/hosts/209.38.162.253", "AS14061,C2,censys,DIGITALOCEAN-ASN,Mythic", "0", "DonPasci" "2025-05-16 20:02:03", "1524014", "185.254.198.245:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:48:40", "100", "https://search.censys.io/hosts/185.254.198.245", "AS30860,C2,censys,Mythic,YURTEH-AS", "0", "DonPasci" "2025-05-16 20:02:03", "1524015", "34.38.189.222:7443", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-18 13:51:10", "100", "https://search.censys.io/hosts/34.38.189.222", "AS396982,C2,censys,GOOGLE-CLOUD-PLATFORM,Mythic", "0", "DonPasci" "2025-05-16 20:01:55", "1524013", "116.205.245.113:8888", "ip:port", "botnet_cc", "unknown", "None", "Unknown malware", "2025-05-17 04:00:26", "100", "https://search.censys.io/hosts/116.205.245.113", "AS55990,C2,censys,HWCSNET,Supershell", "0", "DonPasci" "2025-05-16 20:01:41", "1524011", "194.180.48.36:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:49:15", "100", "https://search.censys.io/hosts/194.180.48.36", "AS201814,C2,censys,MEVSPACE,RAT,Remcos", "0", "DonPasci" "2025-05-16 20:01:41", "1524012", "198.23.200.105:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:49:48", "100", "https://search.censys.io/hosts/198.23.200.105", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-16 20:01:40", "1524010", "104.37.4.116:6011", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:43:33", "100", "https://search.censys.io/hosts/104.37.4.116", "ACEHOSTONLINE,AS214059,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-16 20:01:23", "1524009", "121.196.211.254:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:06", "100", "https://search.censys.io/hosts/121.196.211.254", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-305419896", "0", "DonPasci" "2025-05-16 20:01:19", "1524008", "118.25.148.25:1443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:55:59", "100", "https://search.censys.io/hosts/118.25.148.25", "AS45090,C2,censys,CobaltStrike,cs-watermark-391144938,TENCENT-NET-AP", "0", "DonPasci" "2025-05-16 20:01:18", "1524007", "119.28.116.34:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:56:00", "100", "https://search.censys.io/hosts/119.28.116.34", "AS132203,C2,censys,CobaltStrike,cs-watermark-987654321,TENCENT-NET-AP-CN", "0", "DonPasci" "2025-05-16 19:39:35", "1524006", "66.63.187.232:1111", "ip:port", "botnet_cc", "win.xworm", "None", "XWorm", "", "75", "", "XWorm", "0", "abuse_ch" "2025-05-16 19:32:30", "1524004", "196.251.88.153:6609", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "", "75", "", "AsyncRAT,RAT", "0", "abuse_ch" "2025-05-16 19:19:01", "1523999", "103.245.231.8:7198", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:19:00", "1523994", "45.66.228.71:10000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:19:00", "1523995", "51.75.32.168:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:19:00", "1523996", "77.75.230.145:8000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:19:00", "1523997", "37.114.37.78:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:19:00", "1523998", "89.208.113.170:974", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:18:59", "1523990", "147.45.68.82:9000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:18:59", "1523991", "212.11.64.197:10000", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:18:59", "1523992", "45.134.39.55:9999", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:18:59", "1523993", "46.203.233.164:666", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:18:58", "1523989", "77.110.103.206:1337", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "100", "", "botnet,censys,ddos,ddos-api,Mirai,ssh,ssh-c2", "0", "NDA0E" "2025-05-16 19:08:55", "1523985", "89.185.80.37:443", "ip:port", "botnet_cc", "win.metastealer", "None", "MetaStealer", "", "75", "", "MetaStealer", "0", "abuse_ch" "2025-05-16 18:43:50", "1523973", "160.187.246.174:12121", "ip:port", "botnet_cc", "elf.mirai", "Katana", "Mirai", "", "75", "None", "Mirai", "0", "elfdigest" "2025-05-16 18:43:50", "1523974", "156.238.233.49:18080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v" "2025-05-16 18:43:50", "1523975", "111.231.7.138:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v" "2025-05-16 18:43:49", "1523976", "107.173.60.88:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v" "2025-05-16 18:43:49", "1523977", "38.54.14.145:443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v" "2025-05-16 18:43:48", "1523978", "8.147.118.153:8080", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v" "2025-05-16 18:43:48", "1523979", "82.163.22.139:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "100", "https://intelinsights.substack.com/p/from-939-to-85-hunting-cobalt-strike", "censys,cobaltstrike", "0", "orlof_v" "2025-05-16 18:10:15", "1523980", "185.196.9.158:6689", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:48:33", "100", "None", "AsyncRAT,RAT", "0", "abuse_ch" "2025-05-16 16:50:17", "1523967", "150.241.93.127:4782", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "None", "QuasarRAT,RAT", "0", "abuse_ch" "2025-05-16 16:15:14", "1523965", "192.169.69.26:1000", "ip:port", "botnet_cc", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "100", "None", "NjRAT", "0", "abuse_ch" "2025-05-16 16:02:21", "1523964", "194.87.220.47:443", "ip:port", "botnet_cc", "win.havoc", "Havokiz", "Havoc", "2025-05-18 13:49:21", "100", "https://search.censys.io/hosts/194.87.220.47", "AS9123,C2,censys,Havoc,TIMEWEB-AS", "0", "DonPasci" "2025-05-16 16:02:19", "1523963", "41.143.171.44:31842", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:08", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:18", "1523958", "41.143.171.44:16993", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:45", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:18", "1523959", "41.143.171.44:49013", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:46", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:18", "1523960", "41.143.171.44:59006", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:07", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:18", "1523961", "41.143.171.44:4101", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:01", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:18", "1523962", "41.143.171.44:6001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:05", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:17", "1523954", "41.143.171.44:4840", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:54", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:17", "1523955", "41.143.171.44:119", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:15", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:17", "1523956", "41.143.171.44:587", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:05", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:17", "1523957", "41.143.171.44:6443", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:48", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:16", "1523950", "41.143.171.44:19999", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:48", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:16", "1523951", "41.143.171.44:32287", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:16", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:16", "1523952", "41.143.171.44:33228", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:58", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:16", "1523953", "41.143.171.44:81", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:08", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:15", "1523946", "41.143.171.44:44819", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:00", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:15", "1523947", "41.143.171.44:50580", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:07", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:15", "1523948", "41.143.171.44:50805", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:47", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:15", "1523949", "41.143.171.44:25565", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:12", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:14", "1523941", "41.143.171.44:6667", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:11", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:14", "1523942", "41.143.171.44:10414", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:16", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:14", "1523943", "41.143.171.44:37872", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:52", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:14", "1523944", "41.143.171.44:58440", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:04", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:14", "1523945", "41.143.171.44:231", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:00", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:13", "1523936", "41.143.171.44:49626", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:53", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:13", "1523937", "41.143.171.44:4839", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:11", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:13", "1523938", "41.143.171.44:5986", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:44", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:13", "1523939", "41.143.171.44:46993", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:04", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:13", "1523940", "41.143.171.44:2761", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:47", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:12", "1523932", "41.143.171.44:427", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:57", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:12", "1523933", "41.143.171.44:2087", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:05", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:12", "1523934", "41.143.171.44:8000", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:56", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:12", "1523935", "41.143.171.44:18082", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:14", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:11", "1523929", "41.143.171.44:771", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:53", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:11", "1523930", "41.143.171.44:4242", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:06", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:11", "1523931", "41.143.171.44:37681", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:59", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:10", "1523924", "41.143.171.44:1433", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:51", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:10", "1523925", "41.143.171.44:2455", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:56", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:10", "1523926", "41.143.171.44:35055", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:12", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:10", "1523927", "41.143.171.44:38504", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:06", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:10", "1523928", "41.143.171.44:49294", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:09", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:09", "1523920", "41.143.171.44:41795", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:00", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:09", "1523921", "41.143.171.44:58603", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:50", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:09", "1523922", "41.143.171.44:623", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:55", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:09", "1523923", "41.143.171.44:990", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:47", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:08", "1523916", "41.143.171.44:9042", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:54", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:08", "1523917", "41.143.171.44:14265", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:08", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:08", "1523918", "41.143.171.44:28640", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:14", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:08", "1523919", "41.143.171.44:32965", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:46", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:07", "1523912", "41.143.171.44:49502", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:17", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:07", "1523913", "41.143.171.44:591", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:49", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:07", "1523914", "41.143.171.44:833", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:13", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:07", "1523915", "41.143.171.44:7001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:06", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:06", "1523907", "41.143.171.44:1911", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:54", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:06", "1523908", "41.143.171.44:2404", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:17", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:06", "1523909", "41.143.171.44:4730", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:02", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:06", "1523910", "41.143.171.44:20001", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:01:03", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:06", "1523911", "41.143.171.44:37341", "ip:port", "botnet_cc", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "2025-05-17 04:00:46", "100", "https://search.censys.io/hosts/41.143.171.44", "AS36903,C2,censys,MT-MPLS,Quasar,RAT", "0", "DonPasci" "2025-05-16 16:02:04", "1523906", "147.45.116.129:80", "ip:port", "botnet_cc", "apk.hook", "None", "Hook", "2025-05-17 04:00:38", "100", "https://search.censys.io/hosts/147.45.116.129", "AS215540,C2,censys,GCS-AS,Hookbot", "0", "DonPasci" "2025-05-16 16:01:57", "1523904", "172.111.151.97:57", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:47:03", "100", "https://search.censys.io/hosts/172.111.151.97", "AS9009,AsyncRAT,C2,censys,M247,RAT", "0", "DonPasci" "2025-05-16 16:01:56", "1523903", "185.208.156.253:6000", "ip:port", "botnet_cc", "win.asyncrat", "None", "AsyncRAT", "2025-05-18 13:48:34", "100", "https://search.censys.io/hosts/185.208.156.253", "AS42624,AsyncRAT,C2,censys,RAT,SWISSNETWORK02", "0", "DonPasci" "2025-05-16 16:01:44", "1523901", "51.79.255.203:443", "ip:port", "botnet_cc", "win.sliver", "None", "Sliver", "2025-05-18 13:52:41", "100", "https://search.censys.io/hosts/51.79.255.203", "AS16276,C2,censys,OVH,Sliver", "0", "DonPasci" "2025-05-16 16:01:40", "1523898", "172.245.208.27:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:47:16", "100", "https://search.censys.io/hosts/172.245.208.27", "AS-COLOCROSSING,AS36352,C2,censys,RAT,Remcos", "0", "DonPasci" "2025-05-16 16:01:40", "1523899", "176.65.142.109:2404", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "2025-05-18 13:47:46", "100", "https://search.censys.io/hosts/176.65.142.109", "AS214717,C2,censys,DOLPHINHOST-AS,RAT,Remcos", "0", "DonPasci" "2025-05-16 16:01:40", "1523900", "196.251.115.237:5000", "ip:port", "botnet_cc", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "100", "https://search.censys.io/hosts/196.251.115.237", "AS401116,C2,censys,NYBULA,RAT,Remcos", "0", "DonPasci" "2025-05-16 16:01:36", "1523897", "93.105.1.235:1593", "ip:port", "botnet_cc", "win.darkcomet", "Breut,Fynloski,klovbot", "DarkComet", "2025-05-17 04:00:17", "100", "https://search.censys.io/hosts/93.105.1.235", "AS29314,C2,censys,DarkComet,RAT,VECTRANET-AS", "0", "DonPasci" "2025-05-16 16:01:22", "1523896", "1.94.96.91:8443", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:55:16", "100", "https://search.censys.io/hosts/1.94.96.91", "AS55990,C2,censys,CobaltStrike,cs-watermark-666666666,HWCSNET", "0", "DonPasci" "2025-05-16 16:01:19", "1523895", "39.100.70.46:1556", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:57:32", "100", "https://search.censys.io/hosts/39.100.70.46", "ALIBABA-CN-NET,AS37963,C2,censys,CobaltStrike,cs-watermark-391144938", "0", "DonPasci" "2025-05-16 16:01:18", "1523894", "64.176.60.8:80", "ip:port", "botnet_cc", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "2025-05-18 13:58:27", "100", "https://search.censys.io/hosts/64.176.60.8", "AS-VULTR,AS20473,C2,censys,CobaltStrike,cs-watermark-987654321", "0", "DonPasci" # Number of entries: 621