# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv
# Reference: https://www.virustotal.com/gui/file/58f312371c51abaa8b1fc48826b30ea0238d4b023e89fe3fb60ab1b7c92a1a94/detection

http://101.126.39.149
http://106.75.26.183
http://106.75.28.54
http://107.172.8.49
http://107.173.111.26
http://124.223.63.236
http://149.28.150.214
http://154.22.127.117
http://175.197.65.135
http://38.54.57.118
http://38.60.203.171
http://66.42.113.183
1.13.195.134:3232
101.133.172.90:3232
101.32.37.92:3232
101.34.209.73:3232
101.34.222.185:3232
101.35.235.109:3232
101.35.252.249:3232
101.37.13.119:3232
101.42.4.160:3232
103.101.204.67:3232
103.110.152.8:3232
103.116.245.65:3232
103.142.146.11:3232
103.142.146.12:3232
103.142.146.13:3232
103.209.129.193:3232
103.218.0.51:3232
103.218.0.52:3232
103.218.0.53:3232
103.218.1.14:3232
103.218.1.15:3232
103.218.1.16:3232
103.218.1.57:3232
103.218.1.58:3232
103.218.1.59:3232
103.230.216.239:3232
103.230.216.240:3232
103.230.216.241:3232
103.230.216.242:3232
103.230.216.243:3232
103.230.216.244:3232
103.230.218.163:3232
103.231.254.57:2096
103.233.8.188:3333
103.233.8.189:3333
103.233.8.190:3333
103.243.181.118:3232
103.243.181.124:3232
103.243.181.125:3232
103.43.18.230:3232
103.99.178.15:3232
104.194.152.11:222
104.214.168.71:3232
104.233.163.244:3232
106.52.18.198:3232
106.52.216.39:3232
106.53.39.191:3232
107.172.0.206:3232
107.172.0.209:3232
107.172.191.253:3232
107.172.21.113:8443
107.173.210.67:3232
110.40.139.46:3232
110.92.64.28:3232
110.92.65.150:3232
110.92.65.151:3232
110.92.65.153:3232
110.92.65.154:3232
110.92.65.155:3232
110.92.65.156:3232
111.10.223.221:3232
111.229.211.161:3232
111.230.102.189:3232
111.231.145.137:3232
111.231.28.30:3232
112.124.23.104:3232
114.132.61.132:3232
114.55.250.233:3232
116.196.120.131:3232
117.50.184.22:3232
117.72.74.16:3232
117.72.74.197:3232
117.72.9.31:3232
118.123.1.178:3232
118.195.138.159:3232
118.25.150.250:3232
118.89.66.70:3232
118.89.88.241:3232
119.29.209.159:3232
119.29.238.164:3232
119.45.190.210:3232
120.26.243.135:3232
120.76.74.159:3232
121.196.221.251:3232
121.36.248.151:3232
121.37.170.202:3232
121.41.18.122:3232
122.10.10.100:3232
122.10.10.106:3232
122.10.10.115:3232
122.10.10.95:3232
122.10.11.39:3232
122.10.110.207:3232
122.10.13.220:3232
122.10.14.72:3232
122.10.17.234:3232
122.10.18.180:3232
122.10.19.170:3232
122.10.19.237:3232
122.10.20.66:3232
122.10.20.72:3232
122.10.20.82:3232
122.10.24.140:3232
122.10.24.59:3232
122.10.25.160:3232
122.10.25.35:3232
122.10.26.139:3232
122.10.26.163:3232
122.10.26.67:3232
122.10.27.236:3232
122.10.27.247:3232
122.10.27.248:3232
122.10.35.100:3232
122.10.35.102:3232
122.10.35.121:3232
122.10.4.195:3232
122.10.4.88:3232
122.10.4.96:3232
122.10.4.98:3232
122.10.42.163:3232
122.10.48.112:3232
122.10.48.55:3232
122.10.48.60:3232
122.10.48.87:3232
122.10.48.8:3232
122.10.49.176:3232
122.10.49.179:3232
122.10.49.32:3232
122.10.50.136:3232
122.10.50.210:3232
122.10.50.227:3232
122.10.50.237:3232
122.10.52.151:3232
122.10.52.163:3232
122.10.52.177:3232
122.10.52.185:3232
122.10.52.199:3232
122.10.52.213:3232
122.10.52.230:3232
122.10.52.61:3232
122.10.68.203:3232
122.10.68.252:3232
122.10.68.39:3232
122.10.69.199:3232
122.10.69.216:3232
123.60.128.4:3232
124.220.0.201:3232
124.220.133.70:3232
124.221.56.114:3232
124.222.124.9:3232
124.222.164.235:3232
124.223.180.54:3232
128.199.208.125:3232
129.211.13.156:3232
13.64.156.254:3232
139.159.144.245:3232
139.159.250.245:33232
139.180.185.87:443
139.196.162.198:43232
139.224.198.190:3232
139.59.110.64:2222
139.59.110.64:25565
139.59.110.64:3333
139.9.65.87:3232
14.225.254.102:3232
142.171.133.69:3232
149.104.29.241:3232
149.88.67.143:3232
152.136.128.162:3232
152.32.172.190:3232
152.32.219.243:3232
154.198.245.52:59932
154.21.201.195:3232
156.245.12.220:7066
156.245.12.221:7066
156.245.12.57:7066
156.245.12.87:7066
156.245.12.92:7066
159.75.180.29:3232
160.20.57.10:3232
160.20.57.27:3232
160.20.57.29:3232
160.20.57.30:3232
160.20.57.8:3232
160.20.57.9:3232
160.20.59.245:3232
160.20.59.247:3232
160.20.59.248:3232
164.92.158.48:3232
167.88.173.250:222
167.88.173.250:443
167.88.173.250:8080
167.88.174.213:222
167.88.175.232:222
167.88.175.232:443
167.88.175.232:8080
171.244.57.47:3232
172.65.116.198:25565
175.178.90.5:3232
179.60.149.78:5000
18.162.55.221:3232
182.160.6.136:3232
182.204.176.187:3232
193.42.11.40:2082
194.104.146.24:3232
198.44.248.243:3232
198.44.248.53:3232
198.44.249.178:3232
198.44.249.205:3232
198.44.249.209:3232
198.44.249.238:3232
198.44.249.243:3232
198.44.249.37:3232
198.44.249.44:3232
198.44.249.49:3232
198.44.250.236:3232
198.44.250.87:3232
198.44.251.110:3232
198.44.251.34:3232
198.44.251.71:3232
198.44.251.89:3232
198.98.61.27:443
20.2.223.147:3232
202.61.141.147:3232
202.61.141.166:3232
202.61.141.168:3232
202.94.68.11:3232
202.94.68.25:3232
206.238.199.21:443
213.139.205.133:443
216.224.119.201:3232
222.112.248.181:3232
23.234.36.212:3232
23.234.37.132:3232
23.234.37.153:3232
23.234.37.176:3232
23.234.37.69:3232
23.234.37.74:3232
23.234.38.80:3232
23.234.38.93:3232
23.234.39.130:3232
23.234.39.132:3232
23.234.39.133:3232
23.234.39.138:3232
23.234.39.145:3232
23.234.39.158:3232
23.234.39.185:3232
23.234.39.190:3232
23.234.39.52:3232
23.234.39.57:3232
23.234.39.5:3232
23.94.70.113:3232
23.94.70.114:3232
23.95.140.60:3232
23.95.44.47:8001
27.124.36.21:2096
27.124.36.28:2096
27.124.36.9:2096
34.81.83.87:3232
35.220.242.222:2333
36.212.144.244:3232
37.49.228.150:443
37.49.228.63:443
38.181.25.62:3232
38.45.126.178:3232
38.45.126.179:3232
38.45.126.180:3232
38.45.126.181:3232
38.45.126.182:3232
38.55.201.124:2095
38.6.218.204:3232
39.101.205.127:3232
39.106.50.189:3232
39.97.52.57:3232
39.98.115.22:3232
39.98.204.142:3232
4.193.233.245:3232
4.224.84.20:3232
40.124.112.232:3232
42.194.178.221:3232
42.240.131.50:9090
42.51.43.235:3232
43.129.83.221:3232
43.132.120.112:3232
43.132.156.20:3232
43.134.118.131:3232
43.136.176.207:3232
43.136.99.149:3232
43.138.25.144:3232
43.143.112.29:3232
45.112.205.187:3232
45.112.206.44:3232
45.112.206.47:3232
45.112.206.48:3232
45.144.136.94:3232
45.145.228.9:3232
45.147.26.131:3232
45.152.65.65:3232
45.152.67.101:3232
45.249.92.39:3232
45.249.92.76:3232
45.249.92.80:3232
45.249.92.89:3232
45.249.92.90:3232
45.249.93.126:3232
45.61.136.173:5000
45.76.151.207:13232
45.76.178.63:443
45.77.216.188:3232
45.94.43.41:3232
45.95.175.121:3232
47.106.171.201:3232
47.108.136.43:3232
47.108.175.134:10832
47.109.29.37:3232
47.119.22.47:3232
47.120.22.59:3232
47.120.40.27:3232
47.120.73.216:3232
47.236.36.158:3232
47.237.86.35:3232
47.238.84.157:3232
47.242.8.254:3232
47.242.95.207:3232
47.243.38.68:3232
47.252.44.35:3232
47.94.143.32:3232
47.98.158.167:3232
47.98.177.117:3232
47.98.188.214:3232
49.232.128.4:3232
49.233.206.56:3232
49.235.182.67:3232
5.255.105.221:443
5.255.114.220:443
5.255.127.142:443
60.204.232.46:3232
74.48.45.204:3232
8.130.135.45:3232
8.134.211.144:3232
8.137.59.132:3232
8.138.119.106:3232
8.210.100.19:3232
8.213.212.170:3232
8.213.217.173:3232
8.217.200.158:3232
8.218.138.77:3232
8.218.239.22:3232
81.70.93.58:3232
91.208.184.195:3232

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-03)

http://18.162.96.1
101.133.224.149:3232
101.43.162.6:3232
103.232.213.19:3232
106.15.6.137:3232
122.10.49.28:3232
124.221.248.167:3232
139.180.142.50:3232
139.186.208.41:3232
146.19.100.179:443
182.204.180.4:3232
192.3.36.170:3232
198.44.251.230:3232
198.46.143.21:3232
209.97.165.234:3232
43.242.203.214:2095
45.249.92.74:3232
47.109.53.241:3232
49.232.143.213:3232
54.179.248.243:3232
74.119.193.13:3232
8.210.53.205:3232

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-18)

http://154.12.60.192
101.201.153.25:3232
101.34.228.140:3232
101.35.228.105:3232
106.52.246.227:3232
106.54.224.64:3232
107.172.239.112:3232
107.174.90.202:8001
111.229.97.115:3232
111.92.243.240:3232
114.116.254.52:2323
116.205.118.94:3232
118.195.184.173:3232
119.45.219.31:3232
121.40.191.211:3232
124.221.68.191:3232
124.222.38.4:3232
130.162.152.153:2095
130.162.152.153:443
141.98.212.52:4242
154.198.245.47:64932
154.201.71.12:3232
154.213.109.59:3232
156.238.230.63:3232
156.238.243.161:3232
156.250.157.199:3232
156.250.157.205:3232
159.89.192.52:3232
165.154.13.192:3232
165.22.62.14:3232
172.245.168.179:3232
182.204.181.177:3232
185.224.128.67:3232
192.3.166.106:3232
202.94.68.41:3232
206.237.7.22:3232
207.167.85.92:3232
222.88.186.81:23704
23.234.36.196:3232
23.94.117.44:3232
27.25.152.79:3232
39.106.225.53:3232
43.136.20.206:53
43.143.130.124:3232
45.148.120.72:3232
45.148.120.87:3232
45.249.92.37:3232
45.249.92.38:3232
45.249.92.75:3232
47.100.27.130:3232
47.103.159.186:3232
47.116.174.107:3232
47.243.13.249:3232
49.235.170.73:3232
61.75.17.197:3232
64.52.80.137:3232

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-24)

http://154.12.62.30
http://47.103.217.230
101.200.160.159:3232
101.34.254.202:3232
103.218.240.156:443
106.13.236.35:3232
118.89.200.251:3232
120.26.60.197:3232
130.162.152.153:3232
134.122.174.186:3232
139.224.208.155:3232
149.88.78.50:3232
152.136.107.163:3232
154.201.90.181:3232
18.162.169.133:3232
206.206.125.54:3232
47.99.78.222:3232
49.233.169.129:3232
52.185.157.28:3232
54.254.181.10:3232
64.69.40.144:3232
8.136.102.68:3232

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 20204-09-08)

http://119.45.132.253
http://120.55.168.178
http://166.88.95.112
1.92.68.76:3232
101.43.62.241:3232
107.173.111.26:443
107.173.111.26:53
112.124.39.205:3232
113.45.132.242:3232
120.79.86.98:3232
121.41.33.162:3232
121.43.129.67:3232
121.43.59.114:3232
122.51.212.130:3232
134.122.174.172:3232
134.122.174.223:3232
142.171.227.226:3232
152.32.213.110:3232
156.238.230.211:3232
166.88.57.117:3232
185.205.210.220:8443
192.144.214.219:3232
198.23.197.241:3232
199.15.77.14:4242
23.94.66.68:3232
23.94.70.198:3232
27.124.34.31:2096
27.124.4.249:2096
38.147.171.184:3232
38.55.201.108:3232
39.106.153.195:3232
43.133.40.63:3232
43.143.251.151:3232
45.15.143.197:44581
45.152.66.128:3232
45.64.52.30:3232
47.103.27.212:3232
47.108.130.170:3232
47.236.39.234:3232
47.238.113.82:443
47.238.238.211:3232
47.239.13.3:3232
47.97.205.102:3232
47.98.168.171:3232
47.99.60.17:3232
49.235.149.170:3232
50.114.5.231:3232
8.142.124.166:3232
8.220.223.113:3232
83.229.121.154:3232
83.229.124.115:3232

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-15)

http://1.13.255.20
http://110.42.247.84
http://156.224.27.182
http://192.248.181.208
http://38.58.188.98
http://8.154.35.6
103.97.179.174:3232
106.13.185.246:3232
106.54.193.152:3232
139.224.82.56:3322
159.75.148.143:3232
185.242.232.143:3232
202.59.9.109:4242
223.26.52.25:3232
223.26.52.26:3232
223.26.52.27:3232
27.124.34.25:2096
27.124.34.26:2096
47.100.191.110:3232
47.122.62.7:3232
47.96.72.100:3232
50.114.5.82:3232
83.229.124.37:3232

# Reference: https://www.fortinet.com/blog/threat-research/threat-actors-exploit-geoserver-vulnerability-cve-2024-36401
# Reference: https://otx.alienvault.com/pulse/66e0b0caffa8120f0871c74b
# Reference: https://www.virustotal.com/gui/file/9bf642a7e14f0a0b0a784f00a0d1cf590ac60ae5ae378d29d435519f4d9dbf2b/detection
# Reference: https://www.virustotal.com/gui/file/b67ab1b9b66fdc2c4ed1689698a54a347c2bdd6eaff87039ae337675243670d8/detection
# Reference: https://www.virustotal.com/gui/file/b80e9466b7bb42959c29546b8c052e67fcaa0f591857617457d5d28348bd8860/detection

181.214.58.14:18201
181.214.58.14:33231
181.214.58.14:61231
/ksofthp

# Reference: https://x.com/malwrhunterteam/status/1836673026282193156
# Reference: https://www.virustotal.com/gui/file/e6e3f77e3e3156ea656e6097509a1b6880f723b78b1575c3e1b074c05e93af1e/detection

104.168.50.203:9932

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-22)

http://172.86.80.27
http://172.86.82.58
http://89.213.51.15
101.200.63.188:3232
103.212.49.88:3232
107.173.118.149:3232
149.104.24.149:3232
159.223.47.208:3232
172.86.65.3:3232
192.210.141.106:3232
45.125.12.77:3232
47.239.198.192:3232
47.253.99.144:3232
8.218.162.45:3232
