← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
OSINT Volley 2026-02-11 - Quasar RAT/IClickFix/Havoc
WHITE pduggusa 2026-02-11 Modified: 2026-03-13
152
IOCs
HIGH VOLUME
Automated OSINT sweep from ThreatFox. Top malware: Quasar RAT(1351), IClickFix(236), Havoc(47), ClearFake(45), AsyncRAT(44). Source: abuse.ch ThreatFox API. SSL enriched: 19 IPs with HTTPS, 9 self-signed (C2 candidates). Pattern 54: sweep→volley automation.
osint-volleythreatfoxautomatedquasar-raticlickfixhavocc2-infrastructure
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Quasar RAT IClickFix Havoc ClearFake AsyncRAT
Indicators of Compromise (152)
All hostname domain URL
TYPEINDICATORDESCRIPTIONCREATED
hostname cinder.way17call-in.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname powney.prd.redroselin.org ThreatFox: Havoc - botnet_cc 2026-02-11
hostname sparrow.way17call-in.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname ubdz2y87f.localto.net ThreatFox: XWorm - botnet_cc 2026-02-11
hostname dkl.primarycolors.org ThreatFox: Vidar - botnet_cc 2026-02-11
hostname mosaic.pucker8reined.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname legendwaredump-50855.portmap.host ThreatFox: Unknown malware - botnet_cc 2026-02-11
hostname tamil.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname dmv.de.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname 6543.cn.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname 6960.cn.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
domain hitclub-web.us.org ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname marketrasen.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname ahf.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname ryu.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname rrb.us.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname koh.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname 789p.uk.net ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname worldclass.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname hybrids.us.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname dyw.uk.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname polytropos.eu.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname slrbi356-30384.portmap.host ThreatFox: XWorm - botnet_cc 2026-02-11
hostname lumen.pucker8reined.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname legendwaredump-62861.portmap.host ThreatFox: Unknown malware - botnet_cc 2026-02-11
domain laundrysyndicserai.com ThreatFox: DeerStealer - botnet_cc 2026-02-11
domain futureentrepreneurhub.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain blazingtigerpower.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain stormfurycommandhqex.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain netrovalixsystems.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain silverlilysummer.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain energyefficienttools.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
hostname administrator.corepulseworks.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain primeaiinfrastructure.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain nexustelecomltd.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain brightmorningsunrise.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain abqdealershipsnew.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain futureinnovationlab.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
hostname administrator.smartlaunchzone.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
domain proactiveitinfrastructure.com ThreatFox: Unknown RAT - botnet_cc 2026-02-11
hostname vjdisnli.rightsisyphus.digital ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname onx0xsoi.rightsisyphus.digital ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname harbor.enter483pro.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
domain hubjimfoodsales.shop ThreatFox: Unknown RAT - botnet_cc 2026-02-11
hostname mneqg-31-41-90-253.a.free.pinggy.link ThreatFox: Unknown malware - botnet_cc 2026-02-11
domain tv88-km.cyou ThreatFox: AsyncRAT - botnet_cc 2026-02-11
domain tv88-vip.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
domain kp88.ink ThreatFox: AsyncRAT - botnet_cc 2026-02-11
domain ax88vn01.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname comet.enter483pro.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname api.genesisproj.org ThreatFox: Unknown Stealer - botnet_cc 2026-02-11
URL https://psicogenealogia.com.br/ ThreatFox: Unknown malware - payload_delivery 2026-02-11
URL https://151.247.22.202/ ThreatFox: Vidar - botnet_cc 2026-02-11
domain angry-toaster.com ThreatFox: SantaStealer - botnet_cc 2026-02-11
hostname willow.art67quarrel.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname glacier.art67quarrel.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname monarch.dle759zone.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname angxo.kozow.com ThreatFox: AsyncRAT - botnet_cc 2026-02-11
hostname nectar.dle759zone.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
domain myghibligenerator.com ThreatFox: Unknown Stealer - botnet_cc 2026-02-11
hostname orbit.flash97all.coupons ThreatFox: ClearFake - payload_delivery 2026-02-11
hostname victorlopes.agencialegalads.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname vayna.in.digitaljaydeep.in ThreatFox: IClickFix - botnet_cc 2026-02-11
domain usbirdrep.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain upbirdrep.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain trybirdrep.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain turkey-company.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain trybirdrank.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain thietbidiencongnghiep.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain thecatflix.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain hotgirltiktok.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain inspirec.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname poloidesign.com.75156372-90-20180116090518.webstarterz.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname youthvxolenceproject.com.springvillehomestead.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain winbee.jp ThreatFox: IClickFix - botnet_cc 2026-02-11
domain simz2.jp ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname shop.jlct.jp ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname abac-kompresszor.hu.technorollshop.hu ThreatFox: IClickFix - botnet_cc 2026-02-11
domain wagnertech.lu ThreatFox: IClickFix - botnet_cc 2026-02-11
domain businessthrust.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain account-captcha-id4234.cfd ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname satwikskincare.com.digitaljaydeep.in ThreatFox: IClickFix - botnet_cc 2026-02-11
domain yoursny.org ThreatFox: IClickFix - botnet_cc 2026-02-11
domain yarapon.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname xbox.sumillionaires.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname wp.zyratalk.co ThreatFox: IClickFix - botnet_cc 2026-02-11
domain winwinexpert.ru ThreatFox: IClickFix - botnet_cc 2026-02-11
domain vipbirdrep.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain volokno.net ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname webdisk.tamiltotamil.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname webmail.kasatnews.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname webdisk.giracoin.io ThreatFox: IClickFix - botnet_cc 2026-02-11
domain vietorigin.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname vidaedinheiro.com.agenciadelivearte.com.br ThreatFox: IClickFix - botnet_cc 2026-02-11
domain urzone.in ThreatFox: IClickFix - botnet_cc 2026-02-11
domain truongminhduc.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain tradesunjapan.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain taskageniusalamin.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain sp0t.biz ThreatFox: IClickFix - botnet_cc 2026-02-11
domain tehahfandbtrading.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname souzaeferro.agencialegalads.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain skyxin.ch ThreatFox: IClickFix - botnet_cc 2026-02-11
domain abeno-snake.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain taias.lt ThreatFox: IClickFix - botnet_cc 2026-02-11
domain sl-baker.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname soulcirclewellness.rocketrobs.co.za ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname smtp.he-connect.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname smtp.fixmystrings.co.uk ThreatFox: IClickFix - botnet_cc 2026-02-11
domain sitebh.com.br ThreatFox: IClickFix - botnet_cc 2026-02-11
domain seminariodiocesedejanauba.com.br ThreatFox: IClickFix - botnet_cc 2026-02-11
domain sbludwig.de ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname mail.jot.adw.mybluehost.me ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname taqrisenterprise.com.nexus-my.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain ulwaza.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain saturnfoundation.in ThreatFox: IClickFix - botnet_cc 2026-02-11
domain wewheel.net ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname webmail.umeedshiksharath.org ThreatFox: IClickFix - botnet_cc 2026-02-11
domain womenworkingtogether.com.au ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname web12.alliancepaytest.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname wishlist.miarcus.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname website.studiocaravan.net ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname webmail.uranium-news.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname webdisk.super77a.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname twessy.tasawk.net ThreatFox: IClickFix - botnet_cc 2026-02-11
domain topone-fc.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname website-e4b7844b.joyfulsouthernmama.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname webdisk.dinsosjombang.id ThreatFox: IClickFix - botnet_cc 2026-02-11
domain tsuchiya-miso.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname valorcomunica.agenciadelivearte.com.br ThreatFox: IClickFix - botnet_cc 2026-02-11
domain triplobby.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname travelpass.zambosur.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname toiler.wesix.com.br ThreatFox: IClickFix - botnet_cc 2026-02-11
domain terecon.ch ThreatFox: IClickFix - botnet_cc 2026-02-11
domain tenmaru7hikiyose.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain taxi-saranda-shehaj.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname signature.seaskyservices.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname socialsecurityprimer.southernsummits.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain southbaybythegulfdestin.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain soda89.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain seribijutsu.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain schluesselringe.de ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname freekids.amosca.com.br ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname zbhnozatrading.com.nexus-my.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain yzempire.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname skjsb.my.nexus-my.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain shophomevn.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname 189632.web25.swisscenter.com ThreatFox: IClickFix - botnet_cc 2026-02-11
domain soulcirclewellness.co.za ThreatFox: IClickFix - botnet_cc 2026-02-11
domain ipacarai.com ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname sto.ttc-auto.ru ThreatFox: IClickFix - botnet_cc 2026-02-11
domain ystar.jp ThreatFox: IClickFix - botnet_cc 2026-02-11
hostname whm.chinabandy.org ThreatFox: IClickFix - botnet_cc 2026-02-11
References (2)
↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch