# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: mythicposeidon

# Reference: https://twitter.com/KorbenD_Intel/status/1406007597027708933
# Reference: https://twitter.com/AcooEdi/status/1409265045200986112
# Reference: https://github.com/its-a-feature/Mythic
# Reference: https://www.virustotal.com/gui/file/3560fce6eb996380b8daf223fe10d55086b9582593c6e2f62511cc5995f18005/detection
# Reference: https://www.virustotal.com/gui/file/8043d6c07fbd1e122c91eedf782c6ed7a539ab089a0eab48a50b2ab71127fa51/detection

20.86.10.75:7443

# Reference: https://twitter.com/MichalKoczwara/status/1438943089528348680

106.52.103.154:7443
107.155.81.125:7443
143.198.42.198:7443
157.230.93.100:7443
172.105.254.138:7443
194.5.212.165:7443
35.244.90.180:7443
52.13.1.165:7443
8.130.55.52:7443

# Reference: https://twitter.com/benkow_/status/1542047469860683777

cryptolvl-rsa-check.com

# Reference: https://github.com/conexioninversa/MalwareIntel/blob/main/C2_All.csv
# Reference: https://github.com/conexioninversa/MalwareIntel/blob/main/C2_Mythic.txt

101.35.90.253:7443
101.99.94.107:7443
103.134.19.125:7443
103.134.19.126:7443
103.140.187.203:7443
104.248.136.18:7443
104.248.88.172:7443
107.152.47.92:7443
107.174.68.34:7443
107.191.62.175:7443
109.248.6.210:7443
109.248.6.212:7443
109.248.6.225:7443
109.248.6.231:7443
109.248.6.250:7443
111.90.151.110:7443
121.196.173.138:7443
121.37.166.111:7443
124.156.19.110:7443
124.221.250.89:7443
13.214.180.60:7443
13.51.87.2:7443
13.55.56.50:7443
13.69.157.231:7443
130.51.20.132:7443
134.0.116.185:7443
134.122.109.56:7443
134.209.28.232:7443
135.181.207.18:7443
137.184.207.189:7443
137.184.3.67:7443
138.197.142.113:7443
138.68.127.9:7443
138.68.76.238:7443
139.144.19.118:7443
139.162.38.59:7443
139.59.144.58:7443
139.59.249.255:7443
139.59.72.48:7443
139.84.192.189:7443
139.84.227.243:7443
139.84.230.205:7443
139.99.89.117:7443
142.44.129.32:7443
142.93.141.182:7443
142.93.166.252:7443
142.93.246.237:7443
142.93.60.235:7443
143.110.176.131:7443
143.110.178.9:7443
143.110.217.151:7443
143.198.191.206:7443
143.198.226.82:7443
144.91.122.255:7443
145.131.8.169:7443
145.239.197.84:7443
146.190.38.149:7443
147.182.157.114:7443
147.182.231.226:7443
149.28.133.118:7443
149.28.136.54:7443
149.56.109.219:7443
152.136.200.244:7443
154.180.67.196:7443
157.230.93.100:7443
157.245.137.41:7443
158.160.3.23:7443
159.203.182.27:7443
159.203.59.54:7443
159.223.193.246:7443
159.223.194.254:7443
159.223.234.22:7443
159.223.7.193:7443
159.89.190.80:7443
159.89.191.115:7443
159.89.229.33:7443
159.89.53.38:7443
16.170.83.102:7443
16.171.18.142:7443
16.171.58.136:7443
160.20.147.34:7443
161.35.186.219:7443
164.90.158.199:7443
164.92.110.36:7443
164.92.72.33:7443
164.92.88.164:7443
165.227.45.251:7443
165.232.130.91:7443
165.232.174.143:7443
165.3.120.26:7443
167.88.180.75:7443
167.99.194.103:7443
170.187.201.243:7443
172.104.138.192:7443
172.104.175.112:7443
172.105.254.138:7443
173.255.226.84:7443
173.82.110.148:7443
177.124.72.24:7443
178.154.194.63:7443
178.62.99.183:7443
179.43.170.197:7443
18.133.78.17:7443
18.156.197.101:7443
185.117.90.224:7443
185.158.94.217:7443
185.16.39.178:7443
185.173.34.42:7443
185.187.169.34:7443
185.21.191.88:7443
185.215.180.99:7443
185.225.68.201:7443
185.225.68.202:7443
185.225.73.249:7443
185.237.15.89:7443
185.238.32.198:7443
185.245.182.209:7443
185.62.57.120:7443
188.225.73.137:7443
191.252.220.58:7443
192.3.255.153:7443
192.34.58.198:7443
193.41.237.173:7443
193.56.255.153:7443
194.156.120.146:7443
194.233.164.157:7443
194.233.68.172:7443
194.5.212.74:7443
195.97.212.20:7443
195.97.212.50:7443
20.106.123.23:7443
20.151.239.27:7443
20.163.220.14:7443
20.203.101.185:7443
20.220.187.29:7443
20.97.116.145:7443
204.44.85.16:7443
205.126.0.212:7443
207.148.5.58:7443
208.67.105.91:7443
208.68.38.191:7443
209.249.134.13:7443
209.249.134.3:7443
209.249.134.6:7443
216.153.57.94:7443
23.239.29.223:7443
23.94.40.126:7443
3.128.135.199:7443
3.133.152.144:7443
3.141.125.92:7443
3.212.113.251:7443
3.238.253.222:7443
3.27.5.90:7443
3.6.38.215:7443
3.64.133.252:7443
3.69.214.254:7443
3.80.39.181:7443
3.87.23.190:7443
34.133.122.8:7443
34.150.132.170:7443
34.215.75.141:7443
34.238.7.53:7443
34.240.115.152:7443
34.28.16.242:7443
34.67.166.244:7443
35.202.0.124:7443
35.78.243.160:7443
35.93.101.223:7443
35.93.133.191:7443
37.139.128.156:7443
37.187.123.146:7443
38.242.229.200:7443
40.69.93.39:7443
43.142.174.15:7443
43.142.60.207:7443
43.154.218.210:7443
43.156.134.248:7443
43.206.136.41:7443
45.133.238.221:7443
45.143.201.95:7443
45.147.228.52:7443
45.148.120.192:7443
45.32.100.15:7443
45.79.213.188:7443
45.87.154.87:7443
45.9.191.137:7443
46.101.153.42:7443
46.243.186.22:7443
47.250.53.207:7443
47.96.177.12:7443
5.188.34.118:7443
5.2.79.164:7443
5.252.176.198:7443
50.17.196.251:7443
51.13.165.60:7443
51.158.102.199:7443
51.77.214.92:7443
51.83.75.44:7443
52.205.104.104:7443
52.206.182.102:7443
52.221.205.86:7443
52.58.57.248:7443
52.63.64.64:7443
52.79.54.36:7443
52.89.133.37:7443
54.149.124.173:7443
54.163.224.147:7443
54.173.67.191:7443
54.175.46.12:7443
54.180.25.135:7443
54.197.245.200:7443
54.253.207.220:7443
54.74.215.121:7443
59.110.169.183:7443
61.19.242.42:7443
61.28.226.244:7443
62.113.196.46:7443
62.182.159.147:7443
63.250.44.170:7443
64.176.168.231:7443
64.176.40.100:7443
64.176.8.42:7443
64.227.107.179:7443
64.227.113.73:7443
64.227.162.219:7443
65.108.60.254:7443
66.228.45.170:7443
66.29.155.178:7443
66.85.92.234:7443
67.207.81.170:7443
67.207.81.80:7443
67.219.108.45:7443
68.183.132.227:7443
68.183.56.37:7443
68.183.60.125:7443
69.30.254.194:7443
70.34.195.186:7443
70.34.198.15:7443
70.34.210.178:7443
70.34.213.48:7443
70.34.214.252:7443
70.34.223.234:7443
74.207.254.195:7443
74.208.91.38:7443
77.91.75.165:7443
78.108.181.33:7443
78.108.182.240:7443
79.16.159.159:7443
83.244.163.202:7443
83.252.26.43:7443
86.105.252.221:7443
87.15.135.80:7443
88.208.100.189:7443
89.223.66.195:7443
89.44.201.72:7443
91.107.234.213:7443
91.207.183.54:7443
94.102.49.176:7443
94.140.115.118:7443
95.111.236.195:7443
95.179.140.228:7443
95.214.27.241:7443
95.217.82.117:7443
96.126.101.134:7443
99.153.7.209:7443
moofasa.grayhatfreelancing.com
mythic-ceramic.braindeadideas.com

# Reference: https://twitter.com/IronNetTR/status/1588154026297675777

ukreiif.live
c2.b1o.it
v56119.php-friends.de

# Reference: https://twitter.com/suyog41/status/1612412391010238466
# Reference: https://www.virustotal.com/gui/file/185254efe497aed539fe0d95ca40451985b8fa60a54a707760bfe5c53cce56d9/detection

http://70.34.195.186

# Reference: https://twitter.com/MichalKoczwara/status/1639587828899147777

1.13.174.161:7443
101.33.248.33:7443
101.43.156.89:7443
103.140.187.122:7443
103.15.105.29:7443
103.234.72.156:7443
103.35.151.195:7443
103.35.151.222:7443
103.56.19.196:7443
103.85.110.13:7443
104.168.142.135:7443
104.198.153.240:7443
104.236.186.248:7443
104.243.20.216:7443
106.15.170.198:7443
107.150.119.144:7443
107.174.78.227:7443
108.61.127.105:7443
109.248.6.249:7443
110.173.59.146:7443
110.173.59.147:7443
114.132.197.186:7443
114.55.58.137:7443
117.50.177.140:7443
118.193.37.157:7443
118.25.22.185:7443
121.199.166.58:7443
121.199.2.153:7443
121.5.112.42:7443
122.147.252.103:7443
128.199.227.227:7443
128.199.38.50:7443
13.115.21.133:7443
13.236.149.120:7443
132.145.153.214:7443
134.209.204.95:7443
134.209.26.96:7443
135.125.236.177:7443
136.244.95.237:7443
137.184.57.89:7443
137.184.86.247:7443
138.197.186.34:7443
138.197.224.55:7443
138.68.123.125:7443
138.68.149.85:7443
138.68.99.116:7443
138.68.99.223:7443
139.144.19.169:7443
139.144.27.201:7443
139.144.46.164:7443
139.162.155.164:7443
139.177.146.102:7443
139.177.196.67:7443
139.177.203.214:7443
139.224.254.195:7443
139.99.122.227:7443
140.238.221.59:7443
140.238.226.66:7443
141.193.159.146:7443
142.93.136.194:7443
143.110.155.198:7443
144.126.249.150:7443
144.34.180.27:7443
144.34.250.208:7443
145.239.197.144:7443
146.19.80.25:7443
146.190.128.88:7443
146.190.160.18:7443
146.59.237.220:7443
146.70.104.167:7443
147.182.170.15:7443
148.66.57.50:7443
148.66.57.51:7443
149.127.231.12:7443
149.28.90.162:7443
149.81.74.205:7443
149.81.74.206:7443
149.81.74.207:7443
149.81.87.18:7443
150.158.184.129:7443
150.158.27.149:7443
151.115.60.162:7443
151.80.106.50:7443
152.89.218.235:7443
154.202.59.96:7443
155.138.229.198:7443
158.247.213.192:7443
159.203.99.10:7443
159.65.202.74:7443
159.65.62.90:7443
159.89.106.178:7443
161.35.214.132:7443
162.33.177.38:7443
162.33.177.72:7443
164.90.132.211:7443
164.92.101.3:7443
164.92.161.89:7443
164.92.255.219:7443
165.227.176.139:7443
165.227.230.18:7443
165.227.231.125:7443
165.227.99.110:7443
167.172.83.4:7443
167.99.17.196:7443
168.138.93.130:7443
168.63.40.231:7443
170.130.55.160:7443
170.187.207.103:7443
171.22.30.222:7443
172.86.120.245:7443
172.86.121.214:7443
172.86.75.56:7443
172.96.192.52:7443
173.199.71.71:7443
173.82.135.18:7443
174.138.7.112:7443
178.128.144.124:7443
178.128.229.91:7443
178.62.47.29:7443
179.43.154.251:7443
179.60.150.147:7443
18.140.228.104:7443
18.159.62.29:7443
18.234.7.23:7443
182.61.145.9:7443
185.128.106.245:7443
185.130.45.94:7443
185.203.119.47:7443
185.25.51.144:7443
185.254.198.147:7443
185.73.124.16:7443
185.81.68.180:7443
185.82.218.214:7443
188.127.237.167:7443
188.166.161.123:7443
188.166.27.178:7443
188.166.81.141:7443
190.92.243.156:7443
192.227.194.106:7443
192.241.128.7:7443
192.3.128.185:7443
193.149.185.51:7443
193.29.13.203:7443
194.163.133.23:7443
194.87.218.16:7443
194.87.46.13:7443
195.123.225.18:7443
198.211.15.57:7443
198.211.48.141:7443
198.46.215.53:7443
20.61.4.19:7443
206.189.192.120:7443
206.189.252.100:7443
208.123.119.232:7443
212.53.167.167:7443
213.189.201.88:7443
213.52.128.52:7443
216.127.175.18:7443
217.6.46.91:7443
23.105.193.194:7443
23.224.135.138:7443
23.224.135.139:7443
23.224.135.140:7443
23.224.135.141:7443
23.224.135.142:7443
23.234.199.141:7443
23.82.141.146:7443
23.83.127.233:7443
23.94.131.51:7443
23.94.200.202:7443
3.130.73.232:7443
3.142.79.130:7443
3.235.153.136:7443
3.238.195.247:7443
3.8.115.155:7443
34.176.0.227:7443
34.201.98.138:7443
34.221.238.130:7443
35.180.135.137:7443
35.225.60.206:7443
35.236.117.76:7443
35.240.171.140:7443
35.72.242.198:7443
37.10.71.215:7443
37.120.238.184:7443
37.28.157.7:7443
37.48.120.35:7443
38.55.24.35:7443
39.98.48.67:7443
43.133.22.89:7443
43.207.147.229:7443
44.202.249.7:7443
44.211.101.170:7443
45.120.52.106:7443
45.120.52.149:7443
45.14.224.102:7443
45.153.231.136:7443
45.227.255.217:7443
45.227.255.223:7443
45.32.233.220:7443
45.56.114.203:7443
45.61.137.59:7443
45.77.221.80:7443
45.77.41.35:7443
45.79.125.241:7443
45.8.157.45:7443
45.89.234.23:7443
45.9.148.252:7443
45.9.148.64:7443
45.9.150.109:7443
46.101.179.149:7443
46.148.26.88:7443
46.21.153.155:7443
46.246.93.104:7443
46.29.160.10:7443
47.242.23.161:7443
47.57.0.78:7443
49.12.3.231:7443
5.178.2.76:7443
5.199.168.209:7443
5.199.173.106:7443
5.199.174.230:7443
51.15.252.225:7443
51.178.81.117:7443
51.81.201.194:7443
54.65.51.181:7443
54.91.1.255:7443
57.128.11.250:7443
57.128.195.112:7443
62.3.58.81:7443
63.250.54.32:7443
64.227.18.206:7443
64.44.102.190:7443
64.44.102.212:7443
65.108.250.5:7443
65.109.134.211:7443
65.21.180.80:7443
67.205.151.119:7443
67.205.184.220:7443
68.183.207.200:7443
68.183.42.154:7443
76.74.127.144:7443
76.74.127.145:7443
79.136.1.87:7443
8.219.200.180:7443
80.78.22.106:7443
81.200.149.183:7443
82.157.142.84:7443
84.32.248.95:7443
85.217.144.191:7443
85.239.54.16:7443
88.99.46.167:7443
89.116.234.48:7443
89.38.128.51:7443
89.44.9.148:7443
91.207.183.54:7443
91.234.199.4:7443
92.204.160.119:7443
92.205.29.124:7443
92.246.89.172:7443
93.95.229.168:7443

# Reference: https://twitter.com/MichalKoczwara/status/1645071233468231685

44.213.147.172:7443
dental-delta.com

# Reference: https://twitter.com/drb_ra/status/1651296690882609177

192.3.255.153:7443

# Reference: https://twitter.com/drb_ra/status/1651296694678552576

http://192.3.255.153

# Reference: https://twitter.com/drb_ra/status/1651840154674315266

http://18.221.85.189

# Reference: https://twitter.com/drb_ra/status/1651840181056536576

http://34.205.83.91

# Reference: https://twitter.com/drb_ra/status/1651840255043985408

143.110.176.131:8081

# Reference: https://twitter.com/drb_ra/status/1651840258982526976

143.110.176.131:7443

# Reference: https://twitter.com/drb_ra/status/1651840280402771968

http://159.223.122.189

# Reference: https://twitter.com/drb_ra/status/1652384292960436227

http://43.156.134.248

# Reference: https://twitter.com/drb_ra/status/1652384375516852228

165.22.106.97:60443

# Reference: https://twitter.com/drb_ra/status/1652746167170596864

http://3.89.175.141

# Reference: https://twitter.com/drb_ra/status/1652746266734911491
# Reference: https://twitter.com/drb_ra/status/1652746270119800833

http://149.28.133.118
149.28.133.118:7443

# Reference: https://twitter.com/drb_ra/status/1653108569418391571

3.27.5.90:7443

# Reference: https://twitter.com/drb_ra/status/1653471045683167239
# Reference: https://twitter.com/drb_ra/status/1653471050007494677

http://64.176.8.42
64.176.8.42:7443

# Reference: https://twitter.com/drb_ra/status/1654195831883329536

http://3.145.90.243

# Reference: https://twitter.com/drb_ra/status/1654195891312513040

85.10.132.13:443

# Reference: https://twitter.com/drb_ra/status/1654195943061835784

http://158.160.30.214

# Reference: https://twitter.com/drb_ra/status/1654195946488582149

158.160.30.214:7443

# Reference: https://twitter.com/drb_ra/status/1654195961177034774

http://158.160.68.213

# Reference: https://twitter.com/drb_ra/status/1654195984170209293

173.53.60.45:8433

# Reference: https://twitter.com/drb_ra/status/1654196010984275968

http://206.81.6.121

# Reference: https://twitter.com/drb_ra/status/1654455427512299521

18.133.78.17:7443

# Reference: https://twitter.com/drb_ra/status/1654920506108260352

http://3.212.20.90

# Reference: https://twitter.com/drb_ra/status/1654920546256076800

43.156.134.248:7443

# Reference: https://twitter.com/drb_ra/status/1654920617622110210

http://149.28.177.78

# Reference: https://twitter.com/drb_ra/status/1655282940039839751

http://91.107.234.213

# Reference: https://twitter.com/drb_ra/status/1655282952949907457

http://101.34.73.171

# Reference: https://twitter.com/drb_ra/status/1655282966140968961

http://104.200.20.89

# Reference: https://twitter.com/drb_ra/status/1656007710918287366

http://45.66.216.108

# Reference: https://twitter.com/drb_ra/status/1656007759400259586

http://110.41.168.34

# Reference: https://twitter.com/drb_ra/status/1656007791679610887

149.28.177.78:443

# Reference: https://twitter.com/drb_ra/status/1656370036922019879

35.92.10.91:7443

# Reference: https://twitter.com/drb_ra/status/1656370063409049617

http://54.196.114.16

# Reference: https://twitter.com/drb_ra/status/1656370094497230869

91.107.234.213:7443

# Reference: https://twitter.com/drb_ra/status/1656370151565000704

158.160.68.213:7443

# Reference: https://twitter.com/drb_ra/status/1656732585047851008

http://159.203.1.70

# Reference: https://twitter.com/drb_ra/status/1657095005691863055

64.176.3.97:443

# Reference: https://twitter.com/drb_ra/status/1657457418375241729

45.66.216.108:7443

# Reference: https://twitter.com/drb_ra/status/1657457492379541507
# Reference: https://twitter.com/drb_ra/status/1657457495911149569

http://109.248.6.250
109.248.6.250:8008

# Reference: https://twitter.com/drb_ra/status/1657457582884175874

216.238.77.195:443

# Reference: https://twitter.com/drb_ra/status/1657819643359182850

13.236.177.3:7443

# Reference: https://twitter.com/drb_ra/status/1657819672455069696

35.89.34.50:7443

# Reference: https://twitter.com/drb_ra/status/1657819722572877827

84.46.241.248:7443

# Reference: https://twitter.com/drb_ra/status/1657819751295471618

111.90.150.101:443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/

http://100.21.223.19
http://104.248.88.172
http://107.191.62.175
http://108.61.190.25
http://109.248.6.225
http://114.116.232.244
http://121.40.217.151
http://13.66.164.102
http://136.144.254.191
http://138.197.145.159
http://139.144.19.118
http://139.180.144.223
http://139.84.192.189
http://139.84.227.243
http://139.84.227.60
http://139.84.230.205
http://139.84.231.133
http://142.93.251.5
http://143.110.217.151
http://143.198.128.249
http://145.131.8.169
http://147.182.164.5
http://154.180.67.196
http://158.247.231.22
http://164.90.158.199
http://170.64.148.46
http://172.174.43.14
http://173.255.226.84
http://18.118.133.253
http://18.222.26.9
http://185.187.169.34
http://193.41.237.173
http://194.171.96.118
http://194.87.68.235
http://20.190.110.190
http://216.238.77.195
http://23.239.29.223
http://3.136.22.144
http://3.145.1.242
http://3.19.216.182
http://3.217.163.182
http://34.123.204.199
http://34.136.7.143
http://34.67.166.244
http://35.225.155.204
http://35.78.243.160
http://35.80.3.250
http://35.93.133.191
http://37.187.123.146
http://38.54.1.55
http://40.69.93.39
http://43.206.136.41
http://44.206.161.150
http://44.237.82.37
http://45.79.36.179
http://50.17.171.212
http://52.15.89.185
http://52.20.136.152
http://64.176.179.222
http://64.176.40.100
http://64.44.135.113
http://67.205.190.217
http://67.219.103.77
http://67.219.108.45
http://70.34.198.15
http://74.207.254.195
http://89.44.201.72
http://90.84.193.31
http://94.102.49.176
100.21.223.19:443
101.34.73.171:7443
101.99.94.107:17443
104.248.131.203:443
104.42.151.103:443
107.174.68.34:7443
107.182.181.15:7443
107.191.62.175:7443
107.23.135.123:7443
108.61.190.25:7443
108.61.204.217:7443
109.248.6.210:7443
109.248.6.250:443
111.90.150.101:7443
116.203.150.138:7443
121.40.217.151:7443
13.48.176.95:7443
13.55.56.50:17443
13.57.58.92:443
130.51.20.132:444
137.184.151.45:7443
138.68.127.9:443
138.68.71.226:7443
139.162.38.59:7443
139.180.144.223:7443
139.59.144.58:443
139.84.192.189:7443
139.99.89.117:17443
139.99.89.117:3000
139.99.89.117:8443
142.93.166.252:443
144.34.163.218:7443
144.91.122.255:17443
144.91.122.255:3000
146.190.140.172:7443
157.230.70.139:7443
157.230.93.100:3000
158.160.69.66:7443
158.247.231.22:7443
159.223.234.218:7443
159.223.234.22:443
16.171.43.215:7443
16.171.9.210:7443
161.35.247.112:7443
161.97.110.155:443
161.97.110.155:7443
164.92.136.107:7443
164.92.240.184:7443
165.227.45.251:17443
165.232.174.143:443
167.172.110.153:7443
168.119.103.232:7443
172.105.254.138:17443
172.105.254.138:3000
172.105.33.165:7443
18.117.39.158:443
18.163.79.192:7443
18.219.119.7:443
185.202.172.46:7443
192.236.155.121:443
192.241.133.70:7443
192.248.154.64:7443
194.233.164.157:81
195.189.96.70:443
195.189.99.90:27443
195.189.99.90:443
195.97.212.20:17443
198.177.123.60:7443
198.23.208.20:7443
20.151.239.27:7443
20.203.101.185:443
20.245.83.102:443
20.51.147.175:7443
20.70.208.224:443
216.238.77.195:7443
217.6.46.91:9443
3.138.113.81:7443
3.144.109.31:7443
3.144.34.96:1337
3.144.34.96:7443
3.15.12.135:8088
3.21.101.180:443
3.27.5.90:443
3.80.39.181:7443
3.84.125.232:443
32.132.189.190:7443
34.171.152.194:443
34.219.23.14:7443
34.235.167.187:8989
35.222.81.113:443
35.224.68.217:443
35.225.155.204:443
35.78.243.160:7443
38.54.1.55:7443
38.54.24.6:7443
40.69.93.39:3000
43.133.34.128:7443
43.154.155.146:7443
44.213.147.172:443
44.214.119.213:7443
45.133.238.221:7443
45.148.120.187:7443
45.148.120.192:17443
45.156.243.188:7443
45.33.22.174:7443
45.77.254.85:7443
45.79.213.188:7443
45.81.243.128:7443
45.87.154.87:3000
5.188.34.118:443
50.116.1.198:443
52.14.58.76:1337
52.14.58.76:7443
52.16.215.82:7443
52.232.197.207:443
52.234.252.120:443
54.152.184.1:443
54.197.245.200:17443
54.197.245.200:3000
54.211.74.154:443
54.219.249.57:443
54.221.106.82:7443
61.19.242.42:7444
61.28.226.244:8443
64.176.179.222:7443
64.176.40.100:7443
64.44.135.113:443
64.57.248.125:443
65.109.9.51:7443
66.42.94.137:7443
67.205.151.31:443
67.207.81.170:7443
70.34.195.186:443
70.34.245.253:7443
78.193.254.183:7443
79.24.21.47:7443
79.32.28.251:7443
79.51.145.99:7443
8.217.67.189:7443
81.200.145.213:7443
84.32.131.58:37443
84.32.131.58:443
84.54.50.110:7443
87.17.17.71:7443
87.2.206.131:7443
94.102.49.176:17443
95.111.236.195:7443
95.216.172.190:7443
96.9.228.105:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-07-27)

104.243.33.129:443
164.92.88.164:7443
165.232.127.17:443
54.242.209.161:443
77.91.75.165:7443
95.214.27.241:7443
makethumbmoney.com

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-07-30)

http://3.69.214.254
13.59.29.56:7443
185.45.195.30:443
3.69.214.254:7443
86.48.25.106:7443
88.119.175.140:443
aviditycellars.com
boxofficeseer.com
thesheenterprise.com

# Reference: https://threatfox.abuse.ch/ioc/1146556/

154.204.60.177:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-08-04)

172.105.163.143:7443
64.176.162.36:7443
78.141.210.148:7443

# Reference: https://twitter.com/drb_ra/status/1688079122826711040

http://64.176.162.36

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-08-08)

178.128.127.243:7443
185.215.180.99:7443
20.163.220.14:7443
20.25.147.190:7443
35.80.3.250:7443
4.228.97.16:7443

# Reference: https://twitter.com/drb_ra/status/1689347656751935489

179.43.170.197:7443

# Reference: https://twitter.com/drb_ra/status/1689347680835665920

64.176.168.231:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-08-11)

http://64.176.168.231
103.225.198.216:7443
146.190.38.149:7443
167.99.194.103:7443
188.124.39.62:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-08-13)

18.188.7.186:7443
65.109.229.239:7443
motorrungoli.com
rosevalleylimousine.com
shchiswear.com

# Reference: https://twitter.com/drb_ra/status/1691159572776415232

18.188.7.186:7443

# Reference: https://threatfox.abuse.ch/ioc/1150419/

3.19.246.184:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-08-17)

http://44.203.60.76
159.89.164.248:7443
164.92.72.33:7443
177.124.72.24:7443
185.62.57.120:7443
3.133.152.144:7443
3.139.80.162:7443
44.233.194.117:7443
5.252.176.198:7443
54.175.46.12:7443
66.85.92.234:7443
70.34.250.166:7443
89.223.66.195:7443
99.153.7.209:7443

# Reference: https://threatfox.abuse.ch/ioc/1150866/

http://70.34.250.166

# Reference: https://www.virustotal.com/gui/file/75ab2570442b10e8f8087c844418bccfd52598952037a3a668d9d42efe500d3f/detection

103.145.13.69:8081

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-08-25)
# Reference: https://twitter.com/drb_ra/status/1694420880502214955

http://18.206.251.188
142.93.60.235:7443
165.3.127.224:7443
39.104.63.94:7443
95.164.22.13:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-08-29)

108.61.163.195:7443
120.53.87.201:37445
138.124.180.241:443
185.174.101.53:443
23.152.0.193:443
67.207.81.80:7443
51.250.108.206:7443
ivermectinorder.com
personmetal.com
vectorsandarrows.com

# Reference: https://twitter.com/drb_ra/status/1696957590243016710

68.183.60.125:7443

# Reference: https://twitter.com/drb_ra/status/1696957610556088425

185.117.90.224:7443

# Reference: https://twitter.com/drb_ra/status/1696957641828794600

http://54.164.36.37

# Reference:: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-09-06)

http://108.61.163.195
http://139.84.226.120
http://44.203.168.236
http://64.176.224.4
107.148.0.215:7443
139.84.226.120:7443
170.178.201.212:7443
185.14.45.232:7443
193.56.255.153:7443
194.5.212.74:7443
207.148.123.73:58013
34.238.7.53:7443
45.153.129.164:7443
45.66.248.13:443
64.176.224.4:7443
cannabishang.com

# Reference: https://www.shodan.io/host/5.252.176.198

5.252.176.198:7443
proff-online.xyz
mi4.proff-online.xyz

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-09-20)

http://149.248.51.25
http://192.248.153.47
http://216.238.83.145
http://34.226.245.52
http://35.88.35.138
103.46.185.11:7443
103.46.185.9:7443
103.46.185.13:7443
120.46.138.126:7443
124.222.181.240:7443
137.184.67.135:7443
138.197.156.131:7443
139.180.136.59:7443
139.59.109.136:7443
143.198.101.96:7443
147.182.216.178:7443
147.182.232.123:7443
149.248.51.25:7443
161.35.184.135:7443
164.155.204.61:7443
167.235.59.8:7443
172.104.205.113:7443
185.43.222.183:7443
188.124.39.62:7744
192.241.152.108:7443
192.248.153.47:7443
193.134.210.75:7443
198.52.123.223:7443
201.243.95.21:7443
201.243.95.27:7443
216.128.141.126:7443
216.238.83.145:7443
217.68.58.93:7443
3.234.128.163:7443
34.206.208.220:7443
34.229.89.43:443
34.237.94.238:7443
35.161.156.250:7443
35.176.89.226:7443
35.88.35.138:7443
44.217.229.194:7443
45.137.118.181:7443
45.152.67.193:7443
45.55.195.215:7443
45.82.153.168:7443
46.4.112.27:7443
52.3.243.166:7443
54.250.176.92:7443
54.89.65.128:7443
64.31.63.82:7443
91.207.183.26:7443
94.131.98.34:7443

# Reference: https://twitter.com/KorbenD_Intel/status/1704197999398711425
# Reference: https://www.virustotal.com/gui/ip-address/107.174.68.34/relations

sith.team
account.sith.team
login.sith.team
outlook.sith.team

# Reference: https://twitter.com/r3dbU7z/status/1704854108455551274
# Reference: https://www.virustotal.com/gui/file/09cf19407cccd9f273ed0d79968309873e135be56962267638104ad274561884/detection

r2.hansesecure.com
safe2.hansesecure.com

# Reference: https://twitter.com/0xRevolver/status/1686312879824183297

185.245.182.209:3000

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-10-11)

http://149.56.109.219
http://45.61.130.40
http://47.103.205.56
http://51.254.53.14
http://54.168.147.222
104.154.113.5:443
104.238.187.71:443
104.45.53.35:443
104.45.53.36:443
104.45.53.41:443
104.45.53.44:443
104.45.53.8:443
108.142.191.197:443
108.142.191.201:443
108.142.191.234:443
108.142.191.239:443
108.142.191.247:443
118.31.72.66:7443
13.40.190.57:7443
130.211.196.186:443
139.59.109.136:443
141.98.7.18:7443
143.198.166.150:7443
146.190.157.226:7443
149.248.79.89:7443
159.223.113.15:7443
165.22.0.181:7443
167.172.136.176:7443
172.104.206.233:7443
172.245.205.13:7443
172.245.92.84:7443
177.124.72.24:8091
179.43.191.198:7443
179.43.191.199:7443
179.43.191.202:7443
185.141.63.166:7443
185.241.124.217:7443
188.127.224.177:7443
188.40.162.125:7443
193.134.210.75:443
195.154.166.134:7443
198.148.80.86:7443
20.11.212.157:7443
20.160.18.155:443
20.92.38.251:443
20.92.62.101:7443
207.191.226.206:7443
209.133.48.222:7443
216.128.141.126:443
3.18.3.115:8443
3.70.6.51:7443
31.42.186.161:7443
34.123.112.247:443
34.124.204.208:7443
34.142.156.79:7443
34.28.132.129:443
34.71.167.255:443
35.188.19.120:443
35.192.141.183:443
35.193.180.184:443
35.225.227.102:443
35.225.49.240:443
35.226.165.138:443
35.226.49.76:443
35.87.234.204:7443
4.227.189.107:7443
45.151.126.118:7443
45.152.67.193:443
45.61.130.40:443
45.77.41.214:7443
47.103.205.56:7443
51.222.31.152:443
51.254.53.14:443
54.168.147.222:7443
62.109.24.105:7443
62.182.84.234:7443
65.109.103.227:7443
68.183.152.119:7443
72.200.119.176:7443
74.234.223.12:443
83.97.20.136:7443
88.214.25.253:7443
91.219.150.98:7443
95.111.236.195:8086
95.164.19.54:7443
agorasecurity.it
bijusdaclara.shop
crowdstrike.training
lifeisff.fun
modabarataonline.shop
plrdofuturo.online
semacucar.online
telegramvip.shop
ads.telegramvip.shop
do-sfo01.jetserver.net
m.agorasecurity.it
v2r-cn2.lifeisff.fun

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-11-01)

angelbusinessteam.com
bitscoinc.com
boezgrt.com
bureaudecreationalienor.com
danagroupegypt.com
displaymercials.com
formulaautoparts.com
hatchdesignsnh.com
hom4u.com
jongchul.democrat
lucasdoors.com
naservpn.cf
pacatman.com
sms-atc.com
turanmetal.com
franc.naservpn.cf

# Reference: https://research.nccgroup.com/2023/11/01/popping-blisters-for-research-an-overview-of-past-payloads-and-exploring-recent-developments/

avblokhutten.com
digtupu.com
futuretechfarm.com
licencesolutions.com
remontisto.com
szdeas.com
visioquote.com
d1hp6ufzqrj3xv.cloudfront.net
/s/0.7.8/clarity.js

# Reference: https://www.virustotal.com/gui/ip-address/64.176.196.183/community

http://64.176.196.183
64.176.196.183:7443

# Reference: https://www.virustotal.com/gui/ip-address/87.239.108.174/community

87.239.108.174:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-11-22)

http://65.20.81.156
139.144.117.63:7443
20.61.184.114:443
34.41.225.176:443
34.67.177.99:443
34.69.229.157:443
34.70.168.68:443
47.96.188.106:7443
51.124.39.181:443
51.144.234.167:443
52.136.206.130:443
52.136.206.142:443
52.136.206.160:443
52.136.206.169:443
52.136.206.183:443
64.176.164.107:7443
65.20.81.156:7443
74.234.222.210:443
74.234.222.211:443
74.234.222.214:443
88.208.100.189:8443
pwndrop.aptiv-hr.com

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-12-03)

http://3.82.143.108
http://35.86.185.174
http://44.211.190.165
http://64.176.164.107
103.146.202.34:443
103.146.202.34:7443
116.62.172.40:7443
120.55.37.69:7443
121.40.171.154:7443
121.43.166.96:7443
154.38.167.90:7443
164.92.111.233:7443
18.132.68.205:443
18.132.68.205:7443
18.135.210.230:443
18.170.170.237:443
194.150.167.136:7443
20.11.178.186:443
20.11.190.12:443
20.211.241.0:443
24.199.125.32:443
3.86.97.154:7443
34.145.104.44:8443
34.212.248.231:443
38.180.44.56:7443
47.99.135.136:7443
5.78.40.129:7443
52.45.163.230:7443
archiefilmco.com
production.knime.youknights.nl

# Reference: https://www.virustotal.com/gui/file/37ffaccba0469d9125dd072241ec7d99652e2e46897f7c6d3db98a19d92b20e6/detection
# Reference: https://www.virustotal.com/gui/file/5642b834e99ee75d5a43418947a37a988b4226ed4544f6108e51258e078c1663/detection

http://139.59.72.48

# Reference: https://www.virustotal.com/gui/ip-address/13.127.166.232/detection

13.127.166.232:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-12-17)

136.244.66.89:443
162.19.175.57:7443
20.62.199.199:7443
4.198.144.143:443
4.227.178.226:7443
64.176.67.54:7443
91.92.250.237:7443
97.151.135.208:7443
alderwood-staging.creativefolks.dev
pia.australiasoutheast.cloudapp.azure.com

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2023-12-22)

http://64.31.63.82
120.27.131.3:7443
13.235.248.157:7443
13.245.207.111:9922
135.181.39.81:7443
137.184.185.109:7443
137.184.67.135:443
137.184.80.125:443
143.198.72.108:7443
149.40.62.223:7443
154.90.49.23:7443
157.90.21.73:7443
159.100.6.167:7443
159.203.163.53:7443
159.65.22.88:443
162.0.222.178:7443
164.90.210.111:7443
165.227.106.254:7443
167.172.97.111:443
167.99.182.53:7443
168.1.193.211:7443
172.104.237.247:7443
172.206.9.120:7443
18.234.193.16:7443
185.187.169.34:17443
188.166.153.84:7443
20.11.149.168:443
20.211.251.199:443
208.85.17.219:7443
209.105.242.245:7443
217.12.200.158:7443
3.26.24.38:443
3.31.40.188:443
34.142.175.189:7443
34.87.162.94:7443
35.171.17.63:7443
35.197.55.147:7443
38.242.21.22:7443
38.54.59.79:7443
38.54.63.8:7443
44.197.84.49:443
44.197.84.49:7443
45.79.100.129:7443
52.211.169.127:7443
52.222.96.153:443
52.222.96.153:7443
64.176.66.86:7443
64.23.155.109:7443
65.20.101.150:7443
83.212.98.93:443
84.201.163.253:7443
liquiditv.com
c6-v5.v2red.xyz
wtf.creativefolks.dev

# Reference: https://embee-research.ghost.io/threat-intel-queries-with-fofabot/

104.198.178.178:3000
104.238.187.71:7443
111.90.150.101:3000
123.207.50.70:7443
129.211.212.43:8443
136.244.66.89:7443
149.248.21.89:7443
159.89.8.28:443
160.1.6.79:443
162.19.175.57:3000
162.55.176.85:50050
164.90.209.184:7443
165.227.213.147:7552
165.232.64.60:443
165.232.64.60:7443
172.105.92.240:9000
176.103.52.51:7443
178.128.92.166:7443
18.135.210.230:7443
185.142.184.125:7443
185.16.43.59:7443
192.236.155.121:7443
193.201.126.69:443
193.201.126.69:45632
194.233.170.94:9000
195.189.96.70:27443
20.38.38.53:7443
20.56.52.211:7443
207.180.234.141:7443
207.244.242.35:7443
23.168.152.5:7443
24.199.72.221:7443
3.140.197.75:443
3.27.149.232:7443
3.65.28.179:7443
3.75.96.112:7443
34.171.179.211:443
35.161.156.250:3000
4.198.112.20:443
40.67.215.229:7443
45.61.130.40:7443
45.61.137.134:7443
47.243.46.93:7443
47.245.114.11:7443
49.51.68.151:7443
50.116.1.198:7443
51.254.53.14:7443
54.154.24.24:7443
64.225.100.2:443
64.226.104.86:443
64.227.124.8:443
64.227.124.8:7443
64.23.149.255:7443
64.23.170.241:7443
64.44.135.113:7443
65.20.106.42:7443
70.39.90.80:7443
74.208.172.242:3000
74.208.172.242:7443
84.201.141.119:7443
84.46.241.248:3000
87.121.87.101:7443
95.164.84.84:7443
97.151.208.70:7443
a95b408d5ca94f4f.home-vip.xyz
ahv-id-4649.vps.awcloud.nl
blackhatethicalhacking.com
bounty.blackhatethicalhacking.com
erp.home-vip.xyz
home-vip.xyz
itemkxczfph.home-vip.xyz
lqvfecrehlcgwuleoglx.home-vip.xyz
mythic.blog
mythic.fr
mythic.run
new.bemythic.com
opnhqgjjgfl.home-vip.xyz
queilani.com
social.blackhatethicalhacking.com
ss.vet.sapphire.net
thissubdomainshouldnotexist.home-vip.xyz

# Reference: https://www.virustotal.com/gui/ip-address/192.210.140.35/community

192.210.140.35:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-02-12)

137.184.43.170:443
143.198.131.4:7443
164.92.189.59:443
172.245.156.157:7443
185.189.196.191:443
185.196.9.10:7443
217.114.43.93:7443
34.72.157.21:443
35.202.200.238:443
46.101.195.151:443
69.46.36.208:7443
80.90.179.251:7443
ansible-tower-pocket-node1.validatorsheaven.network
kitrknis.com
snf-893982.vm.okeanos.grnet.gr

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-02-25)

122.114.11.150:7443
13.237.100.49:7443
130.193.34.93:7443
134.255.233.199:63443
139.162.249.47:443
147.182.158.99:7443
157.90.120.132:7443
158.160.97.165:7443
164.92.238.134:443
172.212.163.113:7443
174.138.6.9:7443
178.62.237.92:7443
20.41.216.145:7443
23.101.226.140:443
34.82.156.114:7443
38.60.216.65:7443
38.60.249.75:7443
51.250.74.43:7443
51.81.90.181:443
52.162.200.36:7443
69.46.36.208:443
69.46.36.209:443
69.46.36.209:7443
69.46.36.210:443
69.46.36.210:7443
69.46.36.211:443
69.46.36.211:7443
69.46.36.215:7443
69.46.36.216:443
69.46.36.216:7443
69.46.36.217:443
69.46.36.217:7443
69.46.36.218:443
69.46.36.218:7443
69.46.36.219:443
69.46.36.219:7443
69.46.36.220:443
69.46.36.220:7443
74.48.56.81:7443
78.129.165.233:7443
88.214.25.240:7443
91.92.253.26:7443
95.217.6.101:7443
data.iexcom.de
gymlog.de
ovh.rfc.pp.ua
trainlog.de

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-03-31)

104.236.72.104:7443
109.116.212.249:443
113.190.198.225:7443
134.209.171.201:7443
138.197.116.57:7443
139.84.137.24:7443
143.244.132.162:7443
143.244.186.6:7443
154.90.49.110:7443
161.97.141.230:7443
164.90.238.212:7443
172.174.105.127:7443
193.169.245.94:7443
194.163.169.13:7443
198.23.228.167:7443
20.168.0.131:7443
209.38.188.72:7443
210.215.129.104:7443
217.182.79.54:7443
3.0.250.71:7443
3.132.184.13:443
34.134.107.175:7443
34.231.255.33:7443
38.47.101.176:7443
38.54.63.253:7443
38.60.254.215:2112
46.101.81.127:7443
78.47.48.88:8443
8.220.135.161:7443
82.97.251.102:7443
93.148.180.205:443
95.183.54.20:7443
a1photoprinting.com
americanhomeservicesllc.com
anambrabasiceducation.com
audiolabelectronics.com
b2bsupermarkets.com
b2bturkishtextile.com
chryatech.com
cmfgsi.com
colortreeva.com
computerfeuerwehr.com
crabonchips.com
cristinastanciu.com
daffigallery.com
dallassutherland.com
detectiveman.com
etsprayfoam.com
freeautotalk.com
happeelearning.com
hostel99.com
insproscp.com
jobmalta.com
kingtonyamerica.com
mello-roos.com
michaelcaneconsultants.com
mowilderness.com
mtgimports.com
netdognetworks.com
peacecheese.com
pipelinning.com
pixgraphie.com
redactweb.com
sdlsd.com
shinemarksystems.com
strokestownlearningzone.com
thebestoftenerife.com
thesolutionmatrix.com

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-04-10)

103.20.60.248:7443
104.131.187.5:7443
104.156.255.239:7443
109.123.252.6:7443
129.226.154.137:443
130.193.40.102:7443
137.184.39.229:7443
139.144.96.187:7443
142.93.79.177:7443
143.198.73.229:7443
149.28.144.85:7443
159.100.6.45:7443
165.227.90.98:7443
168.119.236.136:7443
172.104.110.118:7443
185.170.144.142:7443
216.153.61.72:7443
3.0.250.71:8443
3.146.206.142:7443
3.216.133.137:7443
3.223.6.69:7443
3.239.164.16:7443
3.27.90.144:7443
3.76.124.183:7443
31.129.57.189:7443
34.16.198.174:7443
34.195.136.4:7443
35.171.228.255:7443
35.189.178.127:7443
38.207.179.24:7443
38.60.217.106:7443
39.100.72.235:7443
43.154.80.163:7443
45.55.38.40:7443
45.95.174.253:7443
45.95.174.39:7443
57.180.189.117:7443
61.162.223.117:7443
62.171.158.126:7443
62.210.188.78:7443
64.23.196.210:3000
77.106.68.26:7443
80.87.206.160:7443
94.198.54.202:7443

# Reference: https://pastebin.com/WvhSFbkF

104.37.190.52:7443
149.104.26.229:7443
158.160.71.51:7443
64.23.196.210:7443
c2.rmrf.one
ip14.ip-51-254-53.eu
mythic.pcfindercentral.com
whitedesk.cow-procyon.ts.net

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-05-18)

http://149.56.109.219
http://35.86.185.174
http://45.61.130.40
http://47.103.205.56
http://51.254.53.14
http://54.168.147.222
http://64.176.164.107
http://64.176.196.183
http://64.31.63.82
http://65.20.81.156
103.69.194.227:7443
107.172.159.50:7443
107.175.0.167:7443
110.168.29.157:7443
119.76.173.139:7443
128.199.59.209:7443
13.79.48.220:3000
13.79.48.220:7443
138.197.66.41:7443
161.35.207.209:7443
172.233.172.190:7443
18.170.123.22:7443
3.109.78.6:7443
3.130.124.10:443
34.221.207.33:7443
35.177.104.235:7443
43.134.118.235:7443
45.14.66.194:7443
45.9.148.129:7443
47.251.12.23:7443
72.14.186.33:7443
80.79.4.177:7443
83.97.20.142:7443
91.107.207.2:7443
93.127.197.83:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-06-01)

http://107.172.159.50
http://118.31.164.200
http://120.27.139.123
http://121.127.33.25
http://121.199.0.100
http://121.40.157.89
http://121.43.166.96
http://122.114.252.179
http://128.199.59.209
http://129.226.154.137
http://13.238.128.178
http://13.40.187.52
http://13.50.224.236
http://13.58.109.128
http://134.209.171.201
http://135.181.205.15
http://137.184.39.229
http://138.197.66.41
http://142.93.74.10
http://143.198.233.101
http://146.148.110.87
http://147.45.150.204
http://149.104.26.229
http://152.42.162.105
http://158.160.71.51
http://159.223.0.196
http://161.35.207.209
http://172.174.105.127
http://172.201.107.88
http://185.158.94.217
http://185.16.43.59
http://185.178.46.202
http://20.186.89.88
http://20.229.189.122
http://201.243.95.21
http://210.215.129.104
http://217.12.200.158
http://3.144.95.38
http://3.16.25.250
http://3.23.94.235
http://3.82.197.233
http://34.16.7.41
http://34.171.128.254
http://34.31.178.96
http://35.153.232.88
http://35.163.149.144
http://35.177.104.235
http://35.239.106.52
http://37.187.118.185
http://44.224.147.7
http://45.133.238.221
http://47.242.227.140
http://47.74.90.4
http://47.76.61.241
http://47.96.141.218
http://47.96.141.72
http://47.96.254.47
http://47.99.102.146
http://5.255.116.34
http://51.250.108.206
http://52.14.189.239
http://54.183.137.162
http://54.74.198.96
http://62.171.158.126
http://64.23.149.255
http://65.20.72.205
http://68.183.69.22
http://94.131.8.254
http://95.217.6.101
110.168.29.138:7443
115.87.213.147:7443
120.26.203.206:443
121.43.176.110:443
13.48.128.36:7443
13.60.75.58:7443
135.181.205.15:7443
138.197.156.131:443
142.93.74.10:7443
143.198.116.46:443
143.244.162.77:7443
147.211.222.35:443
147.45.150.204:7443
152.42.162.105:7443
152.42.245.111:7443
152.89.92.204:7443
159.223.0.196:7443
159.65.42.191:7443
162.55.63.241:7443
164.90.230.22:3000
167.172.150.173:7443
168.100.8.115:7443
172.104.157.108:7443
172.187.154.69:443
172.247.44.101:7443
176.32.68.83:7443
178.128.92.166:443
18.176.67.169:443
18.176.67.169:7443
185.241.124.218:7443
195.88.87.66:7443
2.207.107.91:443
20.16.73.54:443
20.160.204.211:7443
20.231.230.3:443
20.234.209.66:443
20.234.212.176:443
20.234.212.180:443
24.181.166.196:7443
3.133.126.43:443
34.219.143.252:443
35.222.211.147:443
35.226.15.73:443
37.187.118.185:7443
37.27.92.9:443
38.60.136.208:7443
43.134.38.211:7443
43.206.219.14:7443
45.15.158.15:7443
45.8.99.215:7443
47.237.20.201:7443
5.42.100.30:7443
51.20.108.241:7443
52.32.75.223:443
52.73.128.242:443
54.173.147.137:8443
58.8.255.53:7443
65.20.72.205:7443
73.15.226.35:443
79.154.35.27:7443
89.23.118.175:3000
89.23.118.175:7443
89.44.199.196:443
91.107.207.2:443
92.204.83.36:7443
94.156.144.46:443
94.156.144.46:7443
94.198.216.204:7443
98.71.132.101:8443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-06-15)

100.25.159.142:7443
103.117.101.73:7443
13.53.216.241:7443
13.60.5.73:7443
13.60.6.180:7443
13.60.91.126:7443
139.84.217.198:7443
144.202.12.174:7443
152.42.198.168:7443
158.247.250.154:7443
16.16.185.182:7443
16.171.113.25:7443
16.171.181.75:7443
162.212.154.121:7443
172.104.153.104:7443
172.86.75.53:7443
172.94.53.132:7443
3.15.156.228:7443
3.19.59.206:7443
3.9.82.206:7443
38.242.198.230:7443
43.135.3.17:7443
44.234.240.58:7443
51.15.227.211:7443
51.20.119.112:7443
51.20.127.177:7443
51.20.134.151:7443
51.20.76.114:7443
54.234.100.124:7443
61.14.210.209:7443
89.185.85.206:7443

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s.csv

100.29.99.57:7443
104.131.11.46:7443
107.172.100.174:7443
107.174.121.75:7443
109.123.231.134:7443
119.76.173.60:7443
13.201.63.1:7443
13.40.7.10:7443
13.49.76.223:7443
134.122.91.70:7443
135.148.132.167:7443
139.59.184.185:7443
139.59.86.97:7443
14.225.217.103:7443
14.225.217.205:7443
14.225.217.7:7443
14.225.254.224:7443
14.225.255.166:7443
14.225.255.32:7443
144.86.159.57:7443
149.224.90.120:7443
152.42.232.171:7443
152.42.245.62:7443
154.90.55.68:7443
159.223.0.196:8081
159.223.224.93:7443
16.16.66.176:7443
16.170.163.148:7443
160.238.36.36:7443
162.251.95.44:7443
165.232.177.53:7443
171.99.147.172:7443
172.104.33.179:7443
172.235.56.104:7443
176.32.38.63:7443
18.141.14.103:7443
185.181.219.211:7443
185.245.182.209:443
194.163.168.80:7443
198.7.121.101:7443
20.185.50.39:7443
204.152.203.78:3000
209.151.148.168:7443
217.79.255.137:7443
35.84.184.254:7443
40.115.32.175:7443
43.143.216.228:7443
44.223.17.221:7443
45.154.3.150:7443
45.156.24.8:7443
46.101.118.11:7443
46.8.237.108:7443
46.8.237.247:7443
47.109.51.223:7443
47.245.14.36:7443
52.183.57.173:7443
52.3.251.97:7443
52.87.231.174:7443
52.90.26.228:7443
61.90.98.156:7443
64.227.141.158:7443
64.227.142.233:7443
66.42.99.86:7443
8.222.231.128:7443
80.78.22.77:7443
82.153.138.128:7443
82.153.138.168:7443
83.229.120.117:7443
84.21.171.55:7443
85.114.138.96:7443
86.38.247.225:7443
87.242.107.248:7443
88.214.25.227:7443
98.80.109.237:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-08-10)

107.172.78.188:7443
129.148.44.247:7443
138.68.134.123:7443
14.225.254.102:7443
154.90.55.68:443
157.245.146.223:443
170.64.132.144:7443
172.105.27.15:443
172.105.27.15:7443
172.235.56.104:443
188.166.71.109:7443
188.253.113.4:7443
20.14.86.180:7443
20.86.134.86:443
209.38.45.156:443
3.81.34.172:443
34.195.55.134:7443
4.227.88.111:443
4.227.88.122:443
4.227.88.137:443
4.227.88.150:443
4.227.88.213:443
4.227.88.239:443
43.135.3.17:443
43.143.216.228:443
44.223.17.221:443
54.82.134.185:443
62.84.121.110:2443
64.225.100.125:443
66.42.99.86:443
66.70.202.83:7443
67.205.162.200:443
81.208.161.44:443
81.208.161.44:7443
91.207.183.165:7443
aeroflightparts.com
ankaplast.com
aquatictt.com
bbm-e.com
biofuelsevent.com
blftrade.com
bp-training.com
colinscaravans.com
cormdale.com
freeflashbuilder.com
identi-tech.com
inabove.com
lc218.com
office-adr.com
patpricespeaks.com
seowebguy.com
shippwd.com
twm-master.com

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-18)

107.173.101.225:7443
168.100.8.98:7443
176.32.35.154:7443
194.87.252.169:7443
20.51.254.237:7443
209.38.216.116:7443
44.243.24.208:7443
54.187.19.75:7443
84.32.131.58:49123

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-08-18)

http://194.195.122.86
134.209.101.248:443
164.90.180.68:443
176.32.35.154:443
3.130.245.28:443
34.31.249.65:443
52.168.20.124:8080

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-24)

121.165.30.164:7443
167.88.180.98:7443
170.64.134.216:7443
172.232.190.135:7443
193.42.63.53:7443
3.139.98.190:7443
45.145.229.103:7443
54.152.126.132:7443
83.229.120.73:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-08-25)

http://34.30.202.89
54.227.68.178:7443
83.229.120.73:8443
gadgetised.com
totemcontent.com
usedstuf.com

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash&ref_id=3672e7c8f8d#tab=host_pairs_v2

147-182-150-146.ipv4.staticdns3.io
1496043-cu51648.tw1.ru
161-35-113-194.cprapid.com
172-105-27-15.ip.linodeusercontent.com
18-133-77-74.cprapid.com
45-77-151-211.ipv4.staticdns3.io
a1skiphiremanchester.co.uk
affectionate-curran.161-35-113-194.plesk.page
agitated-buck.161-35-113-194.plesk.page
algadirschool.com
androidtv.com.mx
apgecommerce.net
app.sensius.no
app.tempmesh.io
autoconfig.0xasec.se
autodiscover.tmesh.app
autosite.cloud
awesome-chatelet.161-35-113-194.plesk.page
baiyokef.sg04.tmd.cloud
bankfab.co
bbs.algadirschool.com
be.djp.maxchat.co.id
blog.sensius.no
booking.bmesh.io
brrrrr-app.massan.club
c2.devolutions-distribution.com
casabeatricita.com.mx
chalusroad.com
chazkitnstage.ecomerciar.com
chinamayjoshi.xyz
cl1.icu
cpanel.baiyokef.sg04.tmd.cloud
cpanel.liveandlettravel.com
cpanel.smtp-out.sg04.tmd.cloud
cpcalendars.liveandlettravel.com
crm.mngr.me
demo.norwichdeli.com
devlab-local.com
devolutions-distribution.com
directus.mngr.me
distracted-engelbart.161-35-113-194.plesk.page
djp.maxchat.co.id
ec2-13-58-109-128.us-east-2.compute.amazonaws.com
ec2-18-191-106-202.us-east-2.compute.amazonaws.com
ec2-3-130-245-28.us-east-2.compute.amazonaws.com
ec2-3-144-46-167.us-east-2.compute.amazonaws.com
ec2-3-16-25-250.us-east-2.compute.amazonaws.com
ec2-3-81-34-172.compute-1.amazonaws.com
ec2-3-98-162-62.ca-central-1.compute.amazonaws.com
ec2-34-219-143-252.us-west-2.compute.amazonaws.com
ec2-35-153-232-88.compute-1.amazonaws.com
ec2-35-177-104-235.eu-west-2.compute.amazonaws.com
ec2-52-53-207-84.us-west-1.compute.amazonaws.com
ec2-54-173-147-137.compute-1.amazonaws.com
ec2-54-226-62-246.compute-1.amazonaws.com
ecommerceenroll.com
ecstatic-benz.161-35-113-194.plesk.page
efkalex.com
egrvxh.algadirschool.com
electronicproduct.xyz
enigma-puzzle-game.com
entityapi.bmesh.io
enumeratrix.site
eteocretan.01168530.xyz
eventoslienzoscharros.com.mx
expmle.com
falcontaxe.com
fastlinkapp.com
flash.algadirschool.com
foundationcapitl.com
fullmetal.ec-secops.com
globaltradestations.com
gotomypc.us.com
hr-policies.com
imap.0xasec.se
inspiring-lamport.161-35-113-194.plesk.page
instagram.infosur.cl
instagram.seba.cl
intelligent-maxwell.161-35-113-194.plesk.page
invoicevalidator.net
keen-visvesvaraya.161-35-113-194.plesk.page
kiosk.mismo.store
list.chalusroad.com
mail.0xasec.se
mail.baiyokef.sg04.tmd.cloud
mail.liveandlettravel.com
mail.sg03.tmd.cloud
mail.smtp-out.sg03.tmd.cloud
manchester-airport-parking-uk.co.uk
matrix.cl1.icu
mcm-node05.virtuallythere.in
microsoft-ofifce.com
mismo.cc
mk3-lab.com
mta-sts.0xasec.se
mythic-840.polarbear.dev
mythic-r-888.polarbear.dev
mythic-r903.polarbear.dev
mythic.c2scratch.com
mythic.egress.site
mythic.loginconnect.org
mythicalconnect.eastus.cloudapp.azure.com
najlaa.eu
nikyak228.freemyip.com
norwichdeli.innovel.app
ns1.sg03.tmd.cloud
ns1.sg04.tmd.cloud
ns2.sg03.tmd.cloud
ns2.sg04.tmd.cloud
ns21.sg03.tmd.cloud
ns3.sg03.tmd.cloud
pdq-support.fieldertechnology.com
pie-001.huntelsystems.com
protocoloceromanchas.com
quantumcultures.com
rest.projecthopeinaction.org
restaurantdumonde.com
reverent-jepsen.161-35-113-194.plesk.page
rspamd.0xasec.se
serpa.e-kounoupidi.gr
services.kevinscooper.com
sg03.tmd.cloud
sg04.tmd.cloud
signalapi.bmesh.io
smtp-out.sg03.tmd.cloud
smtp-out.sg04.tmd.cloud
smtp.0xasec.se
staging.rjlawsandsons.com
stake-cookinggr.com
summerfi.us
suspicious-diffie.161-35-113-194.plesk.page
tastyapplepie.com
tempcontrolapi.bmesh.io
test.security.factorial.dev
the-mort.net
tycaq.xyz
uiuxindia.in
update-gitlab.com
v2202210183584204389.luckysrv.de
vmi1972939.contaboserver.net
vps.mdorin.win
webdisk.liveandlettravel.com
webdisk.orientalpearl.com.my
webdisk.smtp-out.sg03.tmd.cloud
webdisk.smtp-out.sg04.tmd.cloud
webmail.baiyokef.sg04.tmd.cloud
webmail.masterpro-asia.com
webmail.smtp-out.sg04.tmd.cloud
workstation-eg.co
xenodochial-mclaren.161-35-113-194.plesk.page
zoom.flatux.com

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-08)

108.59.184.209:7443
119.76.173.123:7443
13.37.124.10:7443
137.184.211.26:7443
141.94.221.216:7443
143.198.64.151:7443
159.203.133.189:7443
18.252.54.182:7443
192.109.241.19:7443
195.208.174.240:7443
206.189.134.185:7443
207.180.224.247:3000
207.180.224.247:7443
34.229.172.80:7443
45.147.231.115:7443
45.92.9.144:7443
54.147.0.38:7443
54.227.68.178:3000
54.227.99.217:7443
57.155.2.68:7443
61.90.98.248:7443
66.187.76.148:7443
80.78.26.4:7443
89.58.55.99:7443
94.130.23.223:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-09-08)

13.250.18.253:7443
164.90.177.232:443
18.246.162.241:7443
18.252.54.182:443
34.229.172.80:3000
34.231.227.34:443
35.204.187.119:443
51.178.137.204:7443
54.174.132.126:443
64.23.213.61:7443
66.165.244.226:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-09-09)

35.91.140.183:7443
51.145.154.243:443
52.136.249.248:443
85.165.42.32:7443
88.218.66.21:7443
92.222.217.152:7443

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-14)

http://35.84.184.254
128.199.78.132:7443
165.232.118.207:7443
176.124.212.28:7443
185.125.101.221:7443
206.188.196.66:7443
46.8.226.37:7443
61.90.3.30:7443
77.221.154.58:7443
85.192.56.42:7443
88.90.159.162:7443

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-22)

128.199.59.56:7443
147.182.150.146:7443
149.248.59.104:7443
167.172.42.118:7443
170.64.175.56:7443
35.200.161.35:7443
45.32.198.60:7443
64.226.91.107:7443
68.183.192.21:7443
74.249.9.163:7443
91.103.252.119:7443

# Reference: https://threatfox.abuse.ch/browse/tag/Mythic/ (# 2024-09-22)

http://46.8.237.247
159.89.9.20:443
165.232.118.207:443
34.171.84.82:443
46.166.165.95:443
51.144.103.170:443
51.144.104.92:443
51.144.105.221:443
51.145.156.236:443
52.255.47.35:443

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-10-13)

104.131.172.8:7443
104.194.134.165:7443
108.61.96.197:7443
109.120.179.20:7443
136.244.109.139:7443
137.220.57.209:7443
139.84.149.212:7443
139.84.163.210:7443
139.84.195.78:7443
141.164.45.186:7443
142.93.188.223:7443
143.198.204.173:7443
143.198.70.94:7443
144.202.72.130:7443
146.190.5.183:7443
149.248.4.114:7443
149.248.56.154:7443
149.28.83.179:7443
152.67.149.246:7443
155.138.139.243:7443
157.245.195.246:7443
163.172.171.199:7443
164.92.179.221:7443
167.71.217.124:7443
167.71.234.132:7443
170.64.225.181:7443
170.64.234.99:7443
178.156.133.137:7443
185.43.4.69:7443
185.43.4.70:7443
185.43.4.72:7443
185.43.4.73:7443
185.43.4.80:7443
188.120.254.229:7443
194.87.85.8:15329
195.100.198.220:7443
198.255.103.64:7443
20.115.66.63:7443
20.174.169.119:7443
20.92.252.75:7443
212.227.243.51:8443
213.252.246.168:7443
216.128.129.3:7443
217.28.130.27:7443
23.163.0.90:8443
34.101.140.123:7443
45.32.113.133:7443
45.61.152.130:7443
45.76.234.154:7443
45.77.151.211:7443
51.250.27.34:7443
52.128.230.42:7443
52.128.230.43:7443
52.128.230.44:7443
52.128.230.45:7443
52.128.230.46:7443
62.109.30.217:7443
62.231.109.225:7443
64.176.214.38:7443
64.176.38.230:7443
66.42.40.228:7443
68.183.195.95:7443
78.141.204.24:7443
78.141.228.83:7443
78.24.220.122:7443
80.87.199.167:7443
87.120.114.216:7443
87.120.114.217:7443
94.232.40.36:7443
94.232.43.221:443
94.232.43.221:7443

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash#tab=host_pairs_v2

133.ip-51-38-70.eu
blackpythondeda.duckdns.org
evilc0rp.xyz
johndoe.social
officesupport.us.com
pidgey.evilc0rp.xyz
supportgoogle.duckdns.org
tiendanube-docs.chazki.com
tiendanube.chazki.com

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash&ref_id=0ffe9cdc6a5#tab=host_pairs

0732.aierhn.com
105.ip-176-31-162.eu
allckmining.xyz
findeat.info
generalbae.com
lgedgovbd.duckdns.org
livineasyandraven.com
mythic-r-876.polarbear.dev
mythic.officetvm03.com
myuniqueapp.crabdance.com
ns1.sendcupons24.shop
pingmemaybe.xyz
servicemode.click
vks19176.ip-176-31-162.eu
vps-312f1129.vps.ovh.net

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash#tab=host_pairs

bashaws.com
bodrangzen.site
fastlinkapp.com
m885.holo366.com
mm80.dspmanag.com
toteasl.com

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-11-10)

http://34.207.191.27
102.117.160.175:7443
102.117.163.174:7443
102.117.165.23:7443
102.117.167.127:7443
102.117.167.140:7443
102.117.168.178:7443
102.117.169.130:7443
102.117.172.240:7443
102.117.173.130:7443
104.238.173.142:443
112.121.163.50:7443
112.121.163.52:7443
112.121.163.53:7443
112.121.163.54:7443
129.21.21.96:7443
135.237.136.253:7443
138.197.169.184:7443
140.115.59.30:7443
146.190.67.158:7443
149.28.140.167:7443
155.138.154.222:7443
159.65.226.207:7443
159.65.230.149:7443
159.65.234.99:7443
159.65.235.211:7443
161.35.88.226:7443
167.172.85.227:7443
176.31.162.105:7443
178.76.175.221:7443
185.121.234.47:7443
185.245.106.251:7443
185.246.189.172:7443
188.210.10.69:7443
188.245.172.199:7443
192.248.172.66:7443
193.181.35.205:7443
193.181.35.216:7443
193.181.35.217:7443
193.181.35.223:7443
193.181.35.227:7443
193.181.35.247:7443
193.233.201.112:7443
193.84.71.214:7443
195.231.58.21:7443
20.37.96.32:7443
204.48.22.193:7443
207.148.79.120:7443
207.148.83.9:7443
34.86.23.85:7443
37.27.222.79:7443
38.54.45.41:7443
38.54.82.115:7443
38.60.206.68:7443
4.240.117.185:7443
43.155.75.50:7443
45.141.59.99:7443
45.32.74.250:7443
45.76.36.228:443
50.241.208.67:7443
51.195.219.100:7443
51.38.70.133:7443
64.225.60.194:7443
65.20.84.77:7443
65.20.86.232:7443
67.207.86.159:7443
67.219.111.231:7443
68.183.84.10:3000
77.243.85.54:7443
8.222.165.108:7443
81.0.218.25:7443
81.249.255.153:7443
82.115.223.228:3000
82.115.223.228:7443
94.72.141.243:7443
95.179.248.79:7443

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash#tab=host_pairs (# 2024-12-04)

9un.store
abacusllc.com
abacusmas2.abacussolutionsllc.com
abacussolutions.com
abacussolutionsllc.com
armysi.cc
br3w.net
c220g5-110414.wisc.cloudlab.us
checkboxcdn.net
curricula.com-v3-status.com
ec2-34-222-156-67.us-west-2.compute.amazonaws.com
edge01.network.abacussolutions.com
edgesec01.network.abacussolutions.com
elastic.net-v2-status.net
excelsystems.com
giftcard.net-v2-status.net
kstone.abacussolutions.com
login.microsoft.onlne.net-v2-status.net
looksoftware.net
mail.armysi.cc
micrasoftsignin.net-v2-status.net
microsoft.onlne.net-v2-status.net
microsoftonline.com-v3-status.com
multistradatour.com
oktosign.net-v2-status.net
onlne.net-v2-status.net
pentagon.pontiac.dev
pizza.net-v2-status.net
polisen.swedencentral.cloudapp.azure.com
purpletm.online
qtsdallas.abacussolutions.com
qtsmetro.abacussolutions.com
red-869.polarbear.dev
red-912.polarbear.dev
redteam.baby
seasonalpresells.co.uk
second-chance.top
shieldmoney.red-vs-blue.team
support.net-v2-status.net
theautomotiveservices.com
v0c.us
weave.micrasoftsignin.net-v2-status.net
weaveworkforce.oktosign.net-v2-status.net

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash#tab=host_pairs (# 2024-12-15)

1.54.41.34.bc.googleusercontent.com
165-22-250-3.cprapid.com
2019-mytutoring.inspirationeducation.co.nz
29604-47823.bacloud.info
2tf.us
62-11-43-167.dialup.tiscali.it
80-79-4-177.hosted-by-worldstream.net
api.holadigital.agency
bitubi.co.id
c-73-213-108-128.hsd1.dc.comcast.net
cpanel.bitubi.co.id
ec2-34-216-3-35.us-west-2.compute.amazonaws.com
full-cup.com
holadigital.agency
mail.165-22-250-3.cprapid.com
nflxworkshopdemo.com
nomad-solution.com
ol8.us
osmosrs.fun
oz9.us
planetf1.net
red-856.polarbear.dev
test2.yeezybuy.top
vader.xw.rs

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-01-02)

102.117.160.152:7443
102.117.160.161:7443
102.117.161.58:7443
102.117.162.232:7443
102.117.162.237:7443
102.117.163.191:7443
102.117.163.231:7443
102.117.164.102:7443
102.117.164.233:7443
102.117.164.234:7443
102.117.165.57:7443
102.117.166.74:7443
102.117.167.2:7443
102.117.167.52:7443
102.117.167.70:7443
102.117.168.81:7443
102.117.168.85:7443
102.117.169.175:7443
102.117.169.182:7443
102.117.170.173:7443
102.117.170.61:7443
102.117.171.213:7443
102.117.172.111:7443
102.117.172.183:7443
102.117.172.32:7443
102.117.172.70:7443
102.117.173.224:7443
102.117.173.251:7443
102.117.173.38:7443
102.117.174.105:7443
102.117.174.17:7443
102.117.174.238:7443
102.117.174.240:7443
102.117.174.24:7443
102.117.174.85:7443
102.117.175.12:7443
102.117.175.153:7443
102.117.175.201:7443
103.136.150.235:7443
104.198.169.239:7443
104.236.58.24:7443
107.161.50.115:7443
124.36.254.203:8443
128.105.144.88:7443
13.201.109.246:7443
134.122.45.31:7443
134.209.249.56:7443
135.125.9.127:7443
137.184.246.113:443
138.197.182.249:7443
139.59.151.76:7443
143.198.62.165:7443
147.182.148.204:7443
147.182.152.159:7443
149.28.61.158:8773
152.70.251.130:7443
155.138.133.23:7443
157.20.182.69:7443
157.20.182.70:7443
157.20.182.71:7443
159.223.180.240:7443
163.172.190.229:7443
164.90.212.160:7443
165.232.65.107:7443
165.232.71.253:7443
172.232.159.49:7443
18.217.8.59:7443
18.254.131.168:7443
185.196.8.12:7443
188.245.231.249:8443
192.145.47.163:7443
193.181.35.198:7443
193.181.35.209:7443
193.181.35.228:7443
193.181.35.240:7443
193.181.35.244:7443
193.233.112.81:7443
198.38.87.31:7443
199.247.28.150:7443
2.56.179.129:7443
20.121.120.162:7443
20.57.132.222:7443
20.93.23.234:7443
204.93.201.124:7443
207.148.70.8:7443
212.87.222.134:7443
213.139.205.60:7443
217.156.66.89:3000
217.156.66.89:7443
217.69.7.58:7443
27.106.122.172:7443
34.136.97.109:7443
34.222.156.67:7443
34.42.192.245:7443
4.197.169.184:7443
45.88.106.149:7443
46.101.125.217:7443
46.8.237.108:8443
5.175.237.184:7443
5.230.35.245:7443
50.21.176.83:7443
52.33.71.198:7443
64.227.48.216:7443
64.7.199.47:7443
65.38.120.21:7443
65.49.235.182:7443
66.245.194.159:443
66.42.60.183:7443
8.155.8.190:7443
8.218.106.62:7443
83.229.122.31:7443
86.124.168.227:7443
87.121.61.235:8921
90.46.126.20:7443
93.183.82.56:7443
96.18.247.142:7443
96.19.122.253:7443
96.45.189.139:7443

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash#tab=host_pairs (# 2025-01-07)

185-196-8-12.cprapid.com
62.68.75.16.ip.pph.systems
adsmartwave.com
ec2-13-59-178-90.us-east-2.compute.amazonaws.com
ec2-54-176-66-101.us-west-1.compute.amazonaws.com
id-formulare-ag-login.myz.info
ipv6.185-196-8-12.cprapid.com
m-ag-dkb-login-id.itsaol.com
mail.185-196-8-12.cprapid.com
remaxvizion.al
server2.fireflycamp.net
serviweb-ag-dkb.itsaol.com

# Reference: https://x.com/BlinkzSec/status/1888539832428748862

176.31.162.105:3000
caldera.nit-solutions.com
control.lancet-app.ru
dev.riskyclick.shopify.io

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash#tab=host_pairs (# 2025-02-09)

0x1f4b0.com
0.0.1004.0x1f4b0.com
00.0x1f4b0.com
001.0x1f4b0.com
002.0x1f4b0.com
003.0x1f4b0.com
004.0x1f4b0.com
005.0x1f4b0.com
008.0x1f4b0.com
08.0x1f4b0.com
09hc.com
224.185.60.34.bc.googleusercontent.com
browsermi000.0x1f4b0.com
chat57.binance.com001.0x1f4b0.com
cloud000.0x1f4b0.com
crypto-loot.co000.0x1f4b0.com
dns.0x1f4b0.com
dsomedia.com
ec2-13-53-166-6.eu-north-1.compute.amazonaws.com
elevatorretreat.shop
g.0x1f4b0.com
genreich.com
gus000.0x1f4b0.com
host000.0x1f4b0.com
kennasoul.shop
maplegamble.com
mvideo.0x1f4b0.com
mypeaceofpeace.shop
peacefulsuns.shop
phoenixsoulpeace.shop
pr0000.0x1f4b0.com
pr0gramm.000.0x1f4b0.com
pxtcapital.com
quadriosoulfood.shop
remotas.skyynet.com.br
tomcatcapital.com
tunna.ru
universalfeelz.shop
vmi1243780.contaboserver.net
wardagen.ru
woo-headless-bcknd.maksimer.es
wss.0x1f4b0.com
ww.pr0g000.0x1f4b0.com
ww.pr0gramm.000.0x1f4b0.com
ww.pr0gramm000.0x1f4b0.com
ww8000.0x1f4b0.com

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash#tab=host_pairs (# 2025-04-19)

13-36-177-151.cprapid.com
134-122-90-122.cprapid.com
139-59-34-92.cprapid.com
156.13.194.35.bc.googleusercontent.com
158924-apple.com
16-171-27-214.cprapid.com
172-233-183-147.ip.linodeusercontent.com
173-249-52-37.cprapid.com
188-166-56-10.cprapid.com
2wayshipping.com
33.55.141.34.bc.googleusercontent.com
448.su
69-55-60-146.cprapid.com
71.ip-51-75-18.eu
aadcdn.trains.brighton-station.co.uk
account.verifiedaccesssecure.icu
accounts.verifiedaccesssecure.icu
acfinance.org
admin.pagoservice.com
ads.verifiedaccesssecure.icu
advh.verifiedaccesssecure.icu
after-sales-service.top
alicro-2025.top
amazingsoulpeace.shop
angry-bird.cloud
api-pk1.securportal.com
api.pagoservice.com
app.staging.og-image.shopify.vpetritz.net
apps1.ams-sga.verifiedaccesssecure.icu
autsh.verifiedaccesssecure.icu
autw02.aviosim.net
azinbek.com
azurefordsharepoint.com
bensdiraghamel.shop
bolt.citrixapp.net
c.go-mpluse.verifiedaccesssecure.icu
c1973e6d7f504400ae02eb4fe756823f.ddns.gcloud.gg
cdn-helper.com
cdn-static-cloud.net
cdn.geekim.co.il
cdn.verifiedaccesssecure.icu
cloudsink.eu.com
clubimport.ca
com50063427851.top
com78963445311.top
connect-x.westeurope.cloudapp.azure.com
coreflow.pw
crmsupp.mooo.com
docs.wegoagain.store
documents.gsuite.me
dods.verifiedaccesssecure.icu
empowermm.verifiedaccesssecure.icu
enterprise-cdn.com
facite.uneouro.edu.br
fb.com50063427851.top
fedex-h388bx.securportal.com
focused-moore.165-227-157-172.plesk.page
health-updates.co.uk
healthleaf.in
hosthereexfilanything.xyz
hotfoodie-delivery.xyz
idoverse.com
infodynamics-llc.com
ip206.ip-51-38-215.eu
ip241.ip-198-244-130.eu
ipv6.16-171-27-214.cprapid.com
isd.verifiedaccesssecure.icu
jrhte.verifiedaccesssecure.icu
keyboard-map.com
kindlebook.xyz
kingspolo.com
krrrrrooooooks.shop
liftasoul.shop
lighttomysoul.com
lms.lkpbtw.com
login.matejicek.it
login.security-token-80170943286932432.online
login.verifiedaccesssecure.icu
logon.matejicek.it
lopezheatingandcooling.com
lv426.xenoops.net
mach1ml-ford.com
mail.16-171-27-214.cprapid.com
mailtracking.xyz
manager.fhm.cloud
mediainsights.net
microsupersilly.acfinance.org
msd.verifiedaccesssecure.icu
msfed.verifiedaccesssecure.icu
myaccount.verifiedaccesssecure.icu
mythic-integration-testing.polarbear.dev
mythic.napas-redteam.online
nodemy.hoshino-bot.biz.id
nodesss.wall.xin.biz.id
ns1.hosthereexfilanything.xyz
ns1.umarusman.id
ns2.hosthereexfilanything.xyz
ns2.sendcupons24.shop
ns2.umarusman.id
o.verifiedaccesssecure.icu
office.verifiedaccesssecure.icu
oidjaowidjwadioawjdio.5kch.net
origin.wltic.co
outk.verifiedaccesssecure.icu
page.tolcc.sbs
pagoservice.com
panda-app-ford.com
panel.hoshino-bot.biz.id
privetnote.com
pro.aviosim.net
psdep.ru
qqwpifbznkmp.chickenkiller.com
query.verifiedaccesssecure.icu
reporting.verifiedaccesssecure.icu
sautsa.verifiedaccesssecure.icu
sci.verifiedaccesssecure.icu
sealabs.biz
search.verifiedaccesssecure.icu
sece.verifiedaccesssecure.icu
security-token-80170943286932432.online
server-5-252-178-137.da.direct
shenhe2025.top
shopping.verifiedaccesssecure.icu
smth.verifiedaccesssecure.icu
solofeelings.shop
sortedveil.top
srv12998481.ultasrv.net
srv533540523.host.ultaserver.net
sso.verifiedaccesssecure.icu
staging.og-image.shopify.vpetritz.net
staticfiles.ithelpdesk.uz
storage.microsupersilly.acfinance.org
studio.mind-verse.de
t.verifiedaccesssecure.icu
tcscdn.ru
tomcatcapital.fr
topclth.click
trains.brighton-station.co.uk
transmatic.in
tribescale.co
ulgroup.verifiedaccesssecure.icu
ulup.verifiedaccesssecure.icu
unique-yanbal.site
usaa.verifiedaccesssecure.icu
verifiedaccesssecure.icu
vhg.verifiedaccesssecure.icu
video-ondemand.webexglobal.com
vm116571.xxvps.net
vmi2322316.contaboserver.net
vps-9e181ecb.vps.ovh.net
vps-decec77a.vps.ovh.net
wall-store.xin.biz.id
woo-headless-bcknd.utvikl.es
ws.pagoservice.com
wxszjwl.com
xn--meements-6nb.pl
ywb.verifiedaccesssecure.icu
zeeasadel.blue-ptrodactyl.me

# Reference: https://x.com/malwrhunterteam/status/1897957945326866616
# Reference: https://www.virustotal.com/gui/file/2a32d7be1e8dc2127c5ae8c0b74a993d25fdea5a58031587b78254253b198449/detection
# Reference: https://www.virustotal.com/gui/file/ecbfaead6fd3303a6c26d78cedc858b07504d0c8a11b5587024032168eb5330f/detection

portalaccesowifi.cloud

# Reference: https://x.com/malwrhunterteam/status/1903052269387456845
# Reference: https://www.virustotal.com/gui/file/6a67b94630c1d49afb8af416ae8498f0472a5f394ea4757392efa909d913eff0/detection

http://134.199.209.199
http://142.93.165.203
http://142.93.224.147
http://161.35.85.95

# Reference: https://x.com/malwrhunterteam/status/1902115802066907642
# Reference: https://www.virustotal.com/gui/file/918acb9ee8c0f85b371d942e6c8240b7dddb9082b14d621f537ca473f6b7757d/detection
# Reference: https://www.virustotal.com/gui/file/a5c9ed072145694445396925f362bd94209af04abb1b9e00cc3a400891815f69/detection

http://129.226.161.217

# Reference: https://x.com/malwrhunterteam/status/1908215142698897708
# Reference: https://x.com/malwrhunterteam/status/1908216684479205667
# Reference: https://www.virustotal.com/gui/file/ef2056a6724ad654e3c36234863ab34b9e0e6fa3e6f31340682c37dc2c5cb32e/detection
# Reference: https://www.virustotal.com/gui/file/48f328fedb94ed7a2ce915e3b4f44f45e45b5375f6ed90e2de2e731357bedd8b/detection
# Reference: https://www.virustotal.com/gui/file/750f0367139bd2e0c6aa02630d8599ac854a38083a5a3733203edb500048dfa7/detection

http://146.190.248.108
http://159.203.45.201
http://170.64.184.236
http://188.166.78.195

# Reference: https://x.com/malwrhunterteam/status/1910413016354500898
# Reference: https://www.virustotal.com/gui/file/e16867c07676fbbfbcf22671e0fb2d90905e871c315d40c3388a1c1edceaa744/detection

http://170.64.176.152

# Reference: https://x.com/malwrhunterteam/status/1912630667076141495
# Reference: https://www.virustotal.com/gui/file/a2ffcaf180400a332d5ad06338b3528cf22a16486d8027ee21be503a9690aefb/detection

http://142.93.225.19
http://188.166.231.83

# Reference: https://x.com/malwrhunterteam/status/1925293286123540864
# Reference: https://www.virustotal.com/gui/file/3688c97136bca0f0e32c6cf8679e75e98e71db0e0c06212b09bf21ff1b24954f/detection

http://206.189.157.192
206.189.157.192:443
/hvuj42C9hMMsJIseTfJZ000Z

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-06-14)

100.26.198.187:7443
102.117.160.105:7443
102.117.160.22:7443
102.117.161.105:7443
102.117.161.204:7443
102.117.162.128:7443
102.117.162.146:7443
102.117.162.185:7443
102.117.162.215:7443
102.117.163.178:7443
102.117.163.86:7443
102.117.165.169:7443
102.117.165.226:7443
102.117.165.92:7443
102.117.166.115:7443
102.117.166.157:7443
102.117.166.249:7443
102.117.166.55:7443
102.117.167.122:7443
102.117.167.141:7443
102.117.167.162:7443
102.117.167.174:7443
102.117.167.97:7443
102.117.168.104:7443
102.117.168.172:7443
102.117.168.190:7443
102.117.168.19:7443
102.117.169.103:7443
102.117.169.121:7443
102.117.169.230:7443
102.117.169.90:7443
102.117.170.16:7443
102.117.170.193:7443
102.117.170.21:7443
102.117.170.93:7443
102.117.171.104:7443
102.117.171.152:7443
102.117.171.208:7443
102.117.171.47:7443
102.117.171.94:7443
102.117.172.150:7443
102.117.172.239:7443
102.117.172.255:7443
102.117.173.199:7443
102.117.173.23:7443
102.117.173.7:7443
102.117.173.86:7443
102.117.174.178:7443
102.117.174.226:7443
102.117.174.250:7443
102.117.175.16:7443
102.117.175.187:7443
103.122.221.199:7443
103.134.22.156:7443
103.146.202.34:8664
103.148.163.45:7443
103.172.92.80:7443
103.214.157.231:7443
103.30.76.254:7443
103.43.75.230:7443
103.68.251.236:7443
104.194.134.237:7443
104.238.147.148:7443
104.245.145.186:7443
105.101.192.241:7443
107.172.102.50:7443
107.173.31.37:7443
107.174.133.204:7443
107.189.21.227:443
107.189.28.204:7443
110.43.122.248:7443
111.31.93.136:7443
114.119.181.164:443
116.181.1.54:7443
119.45.25.207:8443
120.24.250.89:7443
128.199.68.233:7443
129.21.21.80:7443
129.226.161.217:7443
13.201.109.246:8443
13.36.177.151:7443
13.38.77.31:7443
13.48.55.8:7443
13.53.166.6:7443
13.66.164.102:80
134.122.55.34:7443
134.122.62.169:7443
134.199.169.177:7443
134.199.194.208:7443
134.209.250.88:7443
135.220.0.32:7443
137.184.190.241:7443
138.197.163.42:7443
138.68.163.131:7443
139.59.34.92:7443
139.59.35.118:7443
139.59.50.35:7443
139.59.64.52:7443
139.84.168.224:7443
141.164.41.136:7443
142.93.165.203:7443
142.93.225.19:7443
143.110.183.41:7443
143.110.213.30:7443
143.198.186.79:7443
143.198.188.193:7443
143.198.200.58:7443
144.172.114.99:7443
144.172.87.71:7443
144.172.93.173:7443
144.202.26.74:7443
144.202.66.198:7443
144.91.92.240:7443
145.131.8.169:80
146.190.103.70:7443
146.190.248.108:7443
147.45.153.220:7443
147.45.45.140:7443
147.45.45.148:7443
147.45.45.149:7443
147.45.45.151:7443
148.135.101.111:7443
149.248.17.199:7443
149.248.51.122:7443
149.248.79.46:7443
150.5.174.231:7443
150.95.104.230:7443
152.42.155.82:2025
152.53.55.12:7443
154.205.151.12:7443
154.205.154.146:7443
155.138.132.158:7443
155.138.146.111:7443
155.138.208.161:7443
156.244.7.92:7443
156.38.228.92:7443
157.180.117.192:3000
157.254.221.123:7443
158.160.31.57:7443
159.100.248.159:7443
159.100.9.105:7443
159.198.64.103:7443
159.65.244.146:7443
159.89.36.127:7443
160.178.141.90:7443
161.132.51.146:7443
161.132.68.248:7443
161.35.218.205:7443
161.35.246.140:7443
161.35.85.95:7443
162.0.237.114:7443
162.243.8.214:7443
162.250.121.174:7443
164.215.103.160:7443
164.90.154.150:7443
164.90.158.199:80
164.90.166.202:7443
164.90.172.49:7443
164.90.180.58:7443
164.92.184.73:7443
164.92.210.147:7443
164.92.211.176:7443
165.22.22.203:7443
165.22.227.238:7443
165.22.27.153:7443
165.227.233.49:7443
166.88.95.137:13443
167.71.236.37:7443
167.99.66.81:7443
170.64.153.126:7443
170.64.176.152:7443
170.64.184.236:7443
172.188.218.53:7443
172.232.121.75:7443
172.232.123.136:7443
172.233.136.253:7443
172.234.250.243:7443
172.235.128.96:7443
172.235.16.243:7443
172.245.126.247:7443
172.81.131.230:7443
172.86.66.7:7443
173.208.162.225:7443
173.249.52.37:3000
173.249.52.37:7443
173.255.204.48:7443
173.255.232.239:7443
174.113.16.60:9601
174.113.20.53:9601
174.138.103.46:7443
174.138.16.40:7443
174.138.8.142:7443
176.100.36.135:7443
176.100.37.204:7443
176.65.141.106:7443
176.65.143.133:7443
176.65.144.221:7443
178.128.246.187:7443
178.128.56.193:7443
178.172.173.38:7443
18.169.110.44:7443
18.183.132.204:7443
18.231.172.87:7443
185.126.82.230:7443
185.14.92.177:7443
185.183.243.251:7443
185.196.11.208:7443
185.208.158.217:7443
185.211.4.26:7443
185.254.198.245:7443
188.127.225.9:7443
188.130.154.246:7443
188.166.231.83:7443
188.166.237.148:7443
188.166.56.10:7443
190.123.46.143:7443
192.227.209.49:7443
192.227.227.198:7077
192.24.224.215:7443
192.248.158.190:7443
192.46.223.145:7443
192.64.115.155:7443
193.163.203.62:7443
193.23.219.54:7443
193.242.184.77:7443
194.102.180.136:7443
194.13.81.122:7443
194.163.190.186:7443
194.164.194.149:7443
194.171.96.118:80
194.195.241.185:8010
194.233.73.173:37443
194.44.60.50:7443
194.5.152.192:7443
195.211.190.134:7443
195.85.115.244:7443
196.251.73.154:9000
196.251.73.34:7443
196.251.80.110:7443
196.251.80.131:7443
196.251.80.132:7443
196.251.80.173:7443
196.251.80.180:7443
196.251.80.202:7443
196.251.80.235:7443
197.224.232.255:7443
197.224.236.164:7443
197.224.239.175:7443
198.244.130.241:7443
198.244.249.180:7443
198.46.199.107:7443
198.46.228.233:7443
20.162.58.23:7443
20.195.8.103:7443
20.255.59.102:7443
20.55.64.14:7443
20.77.64.172:7443
202.142.177.153:7443
204.48.27.82:7443
206.81.22.85:7443
207.154.205.158:7443
207.180.206.87:7443
207.180.253.60:7443
207.231.109.89:7443
209.141.43.189:7443
209.141.52.16:7443
209.38.162.253:7443
209.38.253.70:7443
209.74.71.198:7443
209.74.81.48:443
212.216.175.143:7443
212.51.144.135:7443
213.209.143.31:7443
213.232.204.203:7443
213.57.61.194:7443
216.8.154.253:7443
216.8.185.112:7443
217.154.212.25:7443
217.154.22.37:7443
221.132.29.137:7443
23.145.40.108:7443
23.145.40.182:7443
23.152.0.81:7443
24.199.120.164:7443
3.146.176.12:7443
3.225.132.90:7443
3.85.11.163:7443
31.172.74.201:7443
34.133.215.114:7443
34.133.43.230:7443
34.135.224.210:7443
34.148.224.101:7443
34.170.74.230:7443
34.176.10.48:7443
34.2.141.23:443
34.23.216.158:7443
34.23.94.159:7443
34.38.189.222:7443
34.45.97.62:7443
34.55.211.94:7443
34.60.182.67:7443
34.71.161.241:7443
34.74.153.220:7443
34.74.204.123:7443
34.78.98.77:7443
35.153.129.150:7443
35.184.47.55:7443
35.184.95.33:7443
35.188.91.172:7443
35.192.196.133:7443
35.194.13.156:7443
35.196.227.117:7443
35.227.3.131:7443
35.227.94.171:7443
35.88.59.138:7443
35.92.58.127:7443
36.133.19.224:7443
37.252.4.149:7443
37.27.248.162:7443
37.59.108.112:7443
37.60.254.174:7443
38.132.122.213:7443
38.132.122.214:7443
38.249.110.240:7443
38.249.110.241:7443
38.249.110.242:7443
38.249.110.243:7443
38.249.110.244:7443
38.249.110.245:7443
38.249.110.246:7443
38.249.110.247:7443
38.249.110.248:7443
38.249.110.249:7443
38.249.110.250:7443
38.249.110.251:7443
38.249.111.240:7443
38.249.111.241:7443
38.249.111.242:7443
38.249.111.243:7443
38.249.111.244:7443
38.249.111.245:7443
38.249.111.246:7443
38.249.111.247:7443
38.249.111.248:7443
38.249.111.249:7443
38.249.111.250:7443
38.249.111.251:7443
38.249.112.240:7443
38.249.112.241:7443
38.249.112.242:7443
38.249.112.243:7443
38.249.112.244:7443
38.249.112.245:7443
38.249.112.246:7443
38.249.112.247:7443
38.249.112.248:7443
38.249.112.249:7443
38.249.112.250:7443
38.249.112.251:7443
38.249.113.211:7443
38.249.113.212:7443
38.249.113.213:7443
38.249.113.214:7443
38.249.113.215:7443
38.249.113.216:7443
38.249.113.217:7443
38.249.113.218:7443
38.249.113.219:7443
38.249.113.220:7443
38.249.113.221:7443
38.249.113.222:7443
38.54.16.144:7443
38.60.249.172:7443
38.60.250.204:7443
38.76.247.230:7443
4.221.185.235:7443
43.134.46.128:7443
43.163.90.110:7443
45.135.180.12:7443
45.149.172.87:7443
45.15.162.116:7443
45.32.183.176:7443
45.32.236.137:80
45.33.110.200:7443
45.42.40.191:7443
45.61.150.101:7443
45.63.24.192:7443
45.66.157.21:7443
45.76.30.116:7443
45.76.45.142:7443
45.8.114.228:7443
45.92.9.110:7443
46.101.127.46:7443
46.202.152.138:7443
47.83.219.200:7443
49.12.197.66:7443
5.199.162.25:7443
5.230.42.175:7443
5.255.111.114:7443
5.34.182.45:7443
50.116.22.186:7443
51.103.166.59:7443
51.158.120.162:7443
51.195.218.230:7443
51.195.91.59:7443
51.38.215.206:7443
51.75.18.71:7443
51.84.67.174:7443
52.143.175.222:1337
52.156.71.15:443
52.186.168.134:7443
52.240.158.4:7443
54.145.59.120:7443
54.176.66.101:7443
54.186.132.100:7443
54.211.188.176:7443
54.224.124.72:7443
56.155.12.98:7443
62.171.170.49:7443
63.33.82.34:7443
64.226.108.63:7443
64.226.68.251:8880
64.227.134.175:7443
64.227.25.115:7443
64.23.207.221:7443
64.23.209.98:7443
64.23.255.224:7443
64.7.198.136:7443
65.109.226.131:7443
65.2.149.170:7443
65.20.97.245:443
65.38.120.27:7443
65.38.121.128:7443
66.29.134.102:7443
66.42.85.46:7443
67.207.76.111:8880
67.219.111.218:7443
69.55.60.146:7443
71.191.212.43:7443
73.135.172.24:7443
74.234.188.88:7443
77.110.126.70:7443
77.223.100.85:7443
77.73.129.82:7443
78.153.136.231:7443
8.148.212.158:7443
8.209.249.160:7443
8.222.135.47:7443
82.115.26.167:7443
82.156.109.69:7443
82.165.150.130:7443
84.247.148.249:7443
84.32.188.17:7443
84.32.190.92:7443
84.32.9.223:7443
85.209.128.159:7443
87.121.79.90:7443
87.121.79.95:7443
87.242.124.66:7443
88.119.169.53:7443
88.119.171.167:7443
89.117.48.231:7443
89.147.111.169:7443
89.23.108.20:7443
91.134.72.203:7443
91.218.141.72:7443
91.222.173.167:7443
91.84.97.238:7443
91.99.15.185:7443
91.99.23.89:7443
93.115.172.26:7443
93.95.230.53:7443
94.232.246.119:7443
95.111.221.102:7443
95.111.221.117:7443
95.164.54.241:7443
95.182.100.3:7443
95.182.100.51:7443
95.217.218.240:7443
96.9.125.174:7443

# Reference: https://x.com/Xanderuxsf5/status/1940324239481217359

135.181.27.123:7443

# Reference: https://app.validin.com/detail?find=8fda9d86d62e7121dc00bcd1ae63b077&type=hash&ref_id=5205a99a37b#tab=host_pairs (# 2025-07-02)

100.25.215.41:7443
101.126.129.20:7443
102.117.162.103:7443
102.117.163.138:7443
102.117.164.190:7443
102.117.166.0:7443
102.117.166.168:7443
102.117.166.229:7443
102.117.167.79:7443
102.117.168.167:7443
102.117.168.1:7443
102.117.168.208:7443
102.117.168.240:7443
102.117.169.82:7443
102.117.171.204:7443
102.117.172.48:7443
102.117.172.98:7443
102.117.173.95:7443
102.117.174.45:7443
103.150.93.21:7443
103.249.132.15:7443
104.143.38.196:7443
104.197.223.71:7443
104.198.32.120:7443
104.225.141.53:7443
104.237.139.40:7443
107.189.16.86:7443
108.143.59.186:7443
109.196.100.217:7443
109.199.96.93:7443
116.203.56.37:7443
121.40.220.190:7443
121.43.151.165:7443
13.112.79.42:7443
13.211.97.137:7443
13.232.53.239:7443
13.245.162.103:7443
13.40.135.17:7443
13.52.44.164:7443
13.53.36.197:7443
13.57.28.51:7443
13.58.222.12:7443
13.59.135.64:7443
13.59.178.90:7443
13.60.157.223:7443
134.122.90.122:7443
134.199.163.239:7443
134.209.226.202:7443
135.125.241.31:7443
139.59.142.203:7443
139.59.16.42:7443
139.59.181.253:7443
139.84.141.11:7443
140.82.30.66:7443
143.198.132.49:7443
143.198.29.141:7443
144.76.245.44:7443
145.223.22.43:7443
146.190.69.218:7443
149.28.112.142:7443
151.106.10.246:7443
151.243.81.164:7443
153.92.209.65:7443
154.205.140.226:7443
154.216.19.192:7443
156.244.7.15:7443
157.230.102.151:7443
157.230.178.249:7443
157.245.157.179:7443
157.90.30.248:7443
159.203.142.209:7443
159.223.195.83:7443
159.223.3.220:7443
159.65.125.64:7443
159.65.234.127:7443
159.89.1.205:7443
16.171.27.214:7443
161.35.113.194:7443
162.120.71.226:7443
162.248.102.237:7443
162.55.40.7:7443
164.92.155.174:7443
164.92.184.13:7443
164.92.250.100:7443
164.92.65.135:7443
165.22.250.3:7443
165.22.72.249:7443
165.227.157.172:7443
167.172.106.107:7443
167.71.61.42:7443
167.99.244.140:7443
167.99.6.167:7443
167.99.7.170:7443
168.119.51.215:7443
168.231.110.190:7443
170.64.158.181:7443
172.104.164.141:7443
172.105.189.218:7443
172.174.130.200:7443
172.211.22.127:7443
172.211.232.90:7443
172.211.76.242:7443
172.211.76.248:7443
172.211.77.102:7443
172.211.77.241:7443
172.211.79.38:7443
172.234.245.193:7443
172.236.110.210:7443
174.138.44.199:7443
176.114.65.151:7443
178.175.136.232:7443
178.62.245.228:7443
18.116.43.64:7443
18.117.132.56:7443
18.117.157.122:7443
18.117.162.159:7443
18.118.195.212:7443
18.119.192.75:7443
18.134.8.10:7443
18.188.3.106:7443
18.188.51.6:7443
18.191.106.202:7443
18.191.40.255:7443
18.214.142.159:7443
18.217.66.0:7443
18.222.120.120:7443
18.234.143.128:7443
18.237.245.78:7443
180.149.37.61:7443
184.72.126.53:7443
185.217.131.33:7443
185.67.124.7:7443
188.245.200.133:7443
188.68.222.7:7443
192.227.227.241:7443
192.227.249.119:7443
192.241.157.169:7443
193.123.117.55:7443
193.148.162.68:7443
193.149.129.107:7443
195.14.123.88:7443
195.189.227.54:7443
196.251.114.54:7443
196.251.80.142:7443
197.224.237.132:7443
20.106.217.159:7443
20.106.233.97:7443
20.120.225.17:7443
20.126.86.233:7443
20.126.87.32:7443
20.163.58.233:7443
20.171.94.133:7443
20.175.119.152:7443
20.229.219.115:7443
20.229.219.117:7443
20.229.219.150:7443
20.229.219.26:7443
20.229.219.27:7443
20.229.219.78:7443
20.229.219.79:7443
20.229.219.84:7443
20.229.219.96:7443
20.232.196.39:7443
20.46.236.73:7443
20.48.177.62:7443
20.73.75.104:7443
20.73.75.135:7443
20.73.75.175:7443
20.73.75.223:7443
20.73.75.228:7443
20.8.97.35:7443
20.8.97.39:7443
20.8.97.44:7443
20.8.97.47:7443
20.83.166.168:7443
202.162.108.27:7443
202.61.137.238:7443
204.152.223.120:7443
206.189.85.172:7443
207.148.3.13:7443
209.141.60.209:7443
209.38.222.192:7443
209.97.188.10:7443
212.192.13.201:7443
212.83.148.39:7443
216.225.205.4:7443
23.143.168.16:7443
23.20.183.202:7443
24.199.122.155:7443
3.107.174.254:7443
3.107.46.228:7443
3.127.4.29:7443
3.133.131.110:7443
3.134.86.220:7443
3.138.174.114:7443
3.142.225.253:7443
3.143.159.154:7443
3.144.12.123:7443
3.144.46.167:7443
3.145.49.56:7443
3.147.48.119:7443
3.148.145.103:7443
3.149.28.193:7443
3.15.21.172:7443
3.213.12.114:7443
3.215.181.99:7443
3.227.184.192:7443
3.68.92.103:7443
3.81.135.160:7443
3.82.219.218:7443
3.94.53.140:7443
3.96.152.179:7443
3.98.162.62:7443
34.118.177.200:7443
34.121.122.172:7443
34.123.169.84:7443
34.133.155.178:7443
34.133.246.95:7443
34.133.57.177:7443
34.141.55.33:7443
34.165.170.59:7443
34.165.84.96:7443
34.170.48.16:7443
34.171.233.67:7443
34.173.105.212:7443
34.176.213.31:7443
34.204.171.158:7443
34.28.79.25:7443
34.29.233.110:7443
34.32.61.157:7443
34.41.54.1:7443
34.42.137.158:7443
34.42.69.46:7443
34.58.113.233:7443
34.60.185.224:7443
34.61.138.114:7443
34.68.58.67:7443
34.71.86.158:7443
34.95.22.12:7443
35.188.157.70:7443
35.193.194.5:7443
35.193.78.79:7443
35.196.90.200:7443
35.202.165.99:7443
35.202.222.181:7443
35.223.175.100:7443
35.232.107.94:7443
35.239.231.129:7443
35.240.77.53:7443
35.246.57.139:7443
35.79.51.127:7443
35.87.210.123:7443
36.255.63.84:7443
38.54.63.162:7443
38.99.121.61:7443
39.100.75.168:7443
4.197.175.81:7443
40.69.91.248:7443
40.74.49.90:7443
40.74.51.38:7443
40.74.52.128:7443
40.74.55.25:7443
43.198.187.252:7443
43.200.42.167:7443
43.205.216.176:7443
44.201.155.166:7443
44.203.126.43:7443
44.203.248.108:7443
44.214.89.122:7443
44.222.186.172:7443
44.223.28.169:7443
44.246.89.112:7443
44.251.164.0:7443
45.12.142.154:7443
45.132.245.196:7443
45.137.99.106:7443
45.147.201.71:7443
45.200.149.14:7443
45.61.150.76:7443
45.76.25.115:7443
46.101.210.236:7443
46.101.232.163:7443
46.101.83.145:7443
47.239.199.51:7443
47.57.181.195:7443
47.76.51.11:7443
47.76.61.197:7443
47.76.74.124:7443
47.83.23.246:7443
47.97.203.138:7443
48.216.129.112:7443
5.188.116.251:7443
5.193.223.21:7443
5.230.70.43:7443
5.252.178.137:7443
5.53.125.69:7443
50.17.18.227:7443
50.18.43.35:7443
51.12.50.194:7443
51.15.224.30:7443
51.16.245.34:7443
51.83.224.113:7443
51.83.225.255:7443
51.84.106.44:7443
52.15.80.186:7443
52.158.33.2:7443
52.175.34.208:7443
52.221.250.95:7443
52.232.101.42:7443
52.232.96.143:7443
52.25.188.122:7443
52.37.170.243:7443
52.43.0.86:7443
52.52.167.27:7443
52.53.207.84:7443
52.59.225.23:7443
54.147.185.125:7443
54.158.206.132:7443
54.159.152.29:7443
54.160.134.78:7443
54.176.186.155:7443
54.185.190.255:7443
54.196.192.138:7443
54.208.226.253:7443
54.218.90.249:7443
54.226.62.246:7443
54.247.71.250:7443
54.248.189.212:7443
54.252.241.158:7443
57.181.244.184:7443
62.11.43.167:7443
64.137.9.118:7443
64.226.94.119:7443
64.227.123.59:7443
64.23.158.78:7443
64.23.184.118:7443
65.0.26.137:7443
67.205.141.81:7443
68.168.222.249:7443
68.183.113.240:7443
68.183.33.95:7443
68.219.250.95:7443
71.126.179.250:7443
74.207.235.197:7443
74.226.218.228:7443
74.235.82.223:7443
77.223.101.223:7443
78.142.230.219:7443
8.210.9.166:7443
8.219.69.133:7443
8.223.0.66:7443
8.223.13.185:7443
81.177.217.56:7443
82.153.138.236:7443
84.38.181.166:7443
86.248.107.198:7443
87.106.44.241:7443
88.80.145.250:7443
89.169.138.11:7443
89.31.122.21:7443
90.156.156.106:7443
91.184.232.123:7443
91.242.229.83:7443
91.99.105.252:7443
91.99.108.177:7443
91.99.72.91:7443
95.179.159.159:7443
95.217.178.98:7443
96.2.91.102:7443
96.9.125.200:7443
114.138.61.34.bc.googleusercontent.com
120.32.198.104.bc.googleusercontent.com
139-59-181-253.cprapid.com
192.227.227.241.sslip.io
1ms.zip
212-83-148-39.rev.poneytelecom.eu
50-116-22-186.ip.linodeusercontent.com
67-205-141-81.cprapid.com
accounts.rubyhall.in.net
adfs.1ms.zip
admin.padstm.com
alittletooraph.com
amazonurlsfordirect.com
autoconfig.james.us.eu.org
autodiscover.james.us.eu.org
awscorp.net
blogger.accounts.rubyhall.in.net
box.james.us.eu.org
bppp03.lon.do-12k.net
cdn.collinsongrants.com
cloud.centech.co.zw
content.accounts.rubyhall.in.net
cpcontacts.67-205-141-81.cprapid.com
cx104.vallecort.com.br
demo.livingwatersmuseum.org
drive.rubyhall.in.net
dyn-141-72.kch-lan.ru
ec2-100-25-215-41.compute-1.amazonaws.com
ec2-44-246-89-112.us-west-2.compute.amazonaws.com
entraaid.org
evaluationcurrency.com
floridafinancial.org
fls-na.rubyhall.in.net
ftp.zenboards.eu
idhealthcare.westus3.cloudapp.azure.com
intercorpretail.live
ip-104-237-139-40.cloudezapp.io
ip-50-116-22-186.cloudezapp.io
ip31.ip-135-125-241.eu
irc.catgirlsaresexy.org
james.us.eu.org
lndonesia.cam
login.collinsongrants.com
login.microsoftonline.collinsongrants.com
login.microsoftonline.com.1ms.zip
login.rubyhall.in.net
m.rubyhall.in.net
m1n1r1.ch
mail.alittletooraph.com
malpython.xathrya.id
mathiasputzola.com
microsoft.collinsongrants.com
microsoftonline.rubyhall.in.net
mrme00.duckdns.org
mta-sts.box.james.us.eu.org
mta-sts.james.us.eu.org
mta73.bwcasino.email
my.snlper5.com
myaccount.accounts.rubyhall.in.net
myaccount.rubyhall.in.net
mycombo.store
mythic-r-958.polarbear.dev
mythic.5kch.net
mythic.dynu.net
nclcorp.net
notifications.rubyhall.in.net
outlook.microsoft.cnline.us
p2p-10.registros-srv.net
padstm.com
php.pixysos.com
play.rubyhall.in.net
qiuruizhen.fun
razesec.com
reporting.microsoft.cnline.us
rt.threat.city
rubyhall.in.net
shq-uk-cdn.com
ssl.rubyhall.in.net
stackio.fr
storage.microsoft.cnline.us
ticketadministrator.de
unifi.ekefi.com
v2202007125964123448.hotsrv.de
v220201141477133635.goodsrv.de
webdisk.67-205-141-81.cprapid.com
webmail.lachpek.com
wordpress.imacias.me
x.airgbg.com

# Reference: https://x.com/1ZRR4H/status/1942640765894603200

64.137.9.118:4334

# Reference: https://x.com/PrakkiSathwik/status/1945102076725371202
# Reference: https://www.virustotal.com/gui/file/9d9e93b7b9043f280e0866447dada3adadca295af67b7051cd9ab3b0156f3541/detection
# Reference: https://www.virustotal.com/gui/file/4c607f5e641810e940c93fef07de3c548773457fddde81bfc3b0d043ec60a6e6/detection

http://128.199.29.110
http://165.227.149.208
http://178.128.204.138
http://64.227.189.57

# Reference: https://app.validin.com/detail?type=hash&find=8fda9d86d62e7121dc00bcd1ae63b077#tab=host_pairs (# 2025-07-20)

144-172-87-71.cprapid.com
152.42.233.8.nip.io
202-142-177-153.cprapid.com
31.213.176.34.bc.googleusercontent.com
45-147-201-71.cprapid.com
548125.com
5itn.l.time4vps.cloud
64-227-189-57.cprapid.com
67.182.60.34.bc.googleusercontent.com
85.23.86.34.bc.googleusercontent.com
abcssa.duckdns.org
account.collinsongrants.com
account.malharnest.com
admin-test-23da9c.152.42.233.8.nip.io
alimbasvurbizdenalmeh.icu
analytics.amtek.co.za
api-uptime-cdn297.net
api.campuspv.com
appie.pay-structures.info
appiecert.25u.com
authsync.site
autobillingsystem.com
autobillingsystem.top
autoconfig.campuspv.com
autodiscover.campuspv.com
autodiscover.tempoestil.com
automedina.com
beni.bigbankorg.com
briteever.com
burayabankadomaini.duckdns.org
businesscontactportals.com
campuspv.com
ccnccmy.com
clinicadelcancer.org
cloudinator-admin.devkh.asia
collinsongrants.com
cpanel.tempoestil.com
cpcalendars.campuspv.com
cpcalendars.tempoestil.com
cpcontacts.tempoestil.com
de.ddnsxmyjd.top
digitalocean.live
docs.9o7h.com
documentos01a.lourocuidabeldelasempre.sbs
doorshis.com
double-wood.com
dvcloud.myddns.me
ec2-18-169-110-44.eu-west-2.compute.amazonaws.com
elecfederal.com
electronicsincds.com
electronicsjust4fun.com
electronicsphantom.com
events.api.campuspv.com
fastfoodnewyorkcity.com
firefox.redirectme.net
flow.invstfund.io
fourstreamingonline.work
ganon-vkmcnxjq.cycura.ninja
gcstatecollege.com
hax-man.fr
host.tempoestil.com
import.pazardanal.com
ip83.ip-66-70-202.net
jojo1035.com
koon-my.com
lammersvilleusd.theworkpc.com
lamovilidadsostenible.automedina.com
limenlinon.com
login.campuspv.com
lp-access.com
m.instagram.authsync.site
mail.144-172-87-71.cprapid.com
mail.tempoestil.com
mariadelosangeles.campuspv.com
mc-5.tech
mcc-sg.com
missenglishexams.campuspv.com
myimmunitypass.com
mythi.connectivity-portal.com
mythic-dev.polarbear.dev
mythic-r-956-dev.polarbear.dev
nonlinearcomms.info
ns1.campuspv.com
ns1.maintainenaceservices.com
ns1.reset-github.com
ns2.maintainenaceservices.com
ns2.reset-github.com
office-mirror-ue.duckdns.org
office.bundybrands.com
old.ktvh.com
onlineaeh.com
onlinescb.link
onpoinlcu.com
order.akoof.com
pay-structures.info
payload.site
perks.appreciationhub.net
pg.airgbg.com
ph-testing.org
poltechbuher.allaris.ca
prosenbob.com
quasuar.com
recleau.com
red-977.polarbear.dev
saleszga.com
santutxuht.eus
secure-landing.com
souvenienced.com
specameri.com
sso.campuspv.com
static.etherpad-update.xyz
sv-9nv7xzgnsh.cloud.elastika.pe
tarcoblues.com
techtylerair.com
tempoestil.com
the-webinfo.com
tiktokverificationcenter.com
treeatoz.com
treecapecod.com
vd3znd.easypanel.host
venzuq.com
viuv.campuspv.com
webdisk.campuspv.com
webdisk.tempoestil.com
webmail.tempoestil.com
zzcoldstores.northeurope.cloudapp.azure.com

# Reference: https://x.com/BlinkzSec/status/1948015815501938851

101.43.220.177:7443
104.248.170.98:7443
134.199.153.141:7443
134.199.166.195:443
140.84.160.190:7443
144.126.229.140:7443
144.172.101.181:7443
161.97.77.61:7443
184.83.83.47:7443
185.196.10.242:7443
192.227.227.241:7077
194.102.175.170:7443
194.182.86.110:7443
194.48.248.102:7443
206.189.227.148:7443
3.87.188.100:7443
34.0.227.68:443
34.1.135.57:7443
34.61.22.123:7443
45.150.108.175:7443
47.111.1.101:7443
65.109.169.219:7443
84.200.128.150:7443
95.111.254.223:7443

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-07-26)

102.117.161.232:7443
102.117.162.135:7443
102.117.165.12:7443
102.117.166.114:7443
102.117.167.7:7443
102.117.168.232:7443
102.117.170.175:7443
102.117.170.97:7443
102.117.172.217:7443
102.117.173.10:7443
103.230.69.188:7443
106.14.51.126:7443
106.14.59.171:7443
107.174.0.22:7443
107.189.26.86:7443
111.90.151.59:7443
118.24.147.60:7443
134.199.166.195:7443
135.222.128.238:443
136.24.173.189:7443
137.220.54.244:7443
139.162.132.15:7443
139.162.166.229:7443
139.162.176.251:3000
139.162.176.251:7443
139.162.18.28:443
139.162.18.28:7443
139.162.18.30:7443
139.162.190.174:7443
139.59.190.193:7443
139.84.151.13:7443
14.241.163.8:7443
141.11.1.120:7443
146.0.74.15:7443
147.93.152.86:7443
152.42.233.8:7443
154.49.3.1:47443
154.83.92.128:7443
158.158.0.196:7443
160.25.7.240:7443
161.97.76.244:7443
161.97.78.71:7443
163.172.234.31:7443
164.92.238.177:7443
165.22.72.249:3000
165.227.143.23:7443
170.64.246.104:7443
172.104.161.105:443
172.105.121.80:7443
172.232.151.42:7443
173.195.100.143:7443
178.128.204.138:7443
18.162.39.65:7443
18.213.88.53:7443
18.219.161.203:7443
185.130.212.73:7443
185.165.171.136:7443
185.169.252.240:7443
185.205.210.226:7443
185.241.208.247:7443
194.102.175.30:7443
196.251.115.220:7443
196.251.80.245:7443
196.251.85.220:7443
196.251.87.27:7443
204.152.223.120:7080
216.126.225.3:7443
217.60.38.16:6443
3.108.184.104:7443
3.143.108.51:7443
3.80.202.39:7443
3.83.201.170:7443
34.140.122.13:7443
34.193.45.197:7443
34.30.106.150:7443
34.31.17.91:7443
34.45.4.71:7443
34.55.163.144:7443
34.61.193.219:7443
34.72.186.101:7443
35.186.174.238:7443
37.27.249.191:7443
38.54.13.56:7443
45.221.115.160:7443
45.38.20.87:7443
45.78.225.208:7443
45.9.2.214:7443
45.91.169.228:7443
46.101.158.51:7443
46.101.246.74:7443
46.30.188.236:7443
47.121.135.220:7443
49.207.177.87:443
5.161.72.36:7443
5.230.34.149:7443
51.161.119.101:7443
51.210.96.122:7443
51.91.248.230:7443
54.162.185.235:7443
54.91.53.71:7443
56.228.12.2:7443
57.128.105.169:7443
57.155.89.101:443
63.141.255.194:7443
64.227.189.57:7443
65.108.151.141:7443
68.168.222.171:7443
68.168.222.249:3000
80.78.24.124:7443
80.78.25.217:7443
81.181.111.41:7443
87.228.114.68:7443
89.32.41.47:7443
91.108.125.15:7443

# Reference: https://x.com/SinghSoodeep/status/1950458333858832513
# Reference: https://www.virustotal.com/gui/file/4b9208f5e2322a228d99e3b3ca642131bc08d677728fbe50a57de78959dc63c9/detection

http://134.122.75.150
http://209.38.207.232

# Reference: https://x.com/solostalking/status/1958146598585905328

185.117.91.141:7443

# Reference: https://x.com/malwrhunterteam/status/1963853220775698692
# Reference: https://www.virustotal.com/gui/file/9feb4d4d275c4b57b9185d50bd41a3259d331b23ca90242ec2b0b1f8048d7de5/detection
# Reference: https://www.virustotal.com/gui/file/4186c021fa5fc05090f9bf21c2dc2ba2738a616908a761fa5db8fd27ee5045c7/detection

87.254.212.120:8080

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-10-05)

101.132.186.25:7443
102.117.160.246:7443
102.117.160.58:7443
102.117.160.78:7443
102.117.161.221:7443
102.117.161.33:7443
102.117.161.34:7443
102.117.162.244:7443
102.117.163.190:7443
102.117.164.172:7443
102.117.164.9:7443
102.117.165.178:7443
102.117.165.215:7443
102.117.168.227:7443
102.117.169.108:7443
102.117.170.146:7443
102.117.170.192:7443
102.117.170.1:7443
102.117.171.150:7443
102.117.172.39:7443
102.117.173.123:7443
102.117.173.167:7443
102.117.173.45:7443
102.117.173.73:7443
103.214.112.9:7443
103.241.67.251:7443
104.156.254.226:7443
104.248.144.119:7443
107.175.31.178:7443
107.191.49.75:7443
109.205.181.248:7443
109.69.58.171:7443
111.229.194.248:7443
112.124.61.206:7443
112.124.61.206:80
114.67.81.245:7443
115.120.247.133:7443
115.144.211.186:7443
116.203.40.76:7443
129.212.184.123:7443
129.212.189.231:7443
134.199.195.223:7443
137.184.83.210:7443
138.124.123.107:7443
139.177.201.16:7443
139.59.111.220:7443
139.84.215.44:7443
142.93.86.246:7443
143.110.176.198:7443
143.110.191.198:7443
143.198.144.177:7443
146.190.161.203:7443
146.59.246.133:7443
147.93.102.225:7443
149.28.112.197:7443
15.206.72.142:7443
150.109.45.120:7443
154.84.184.74:7443
157.180.124.14:7443
158.178.196.68:2003
158.220.109.150:7443
158.247.225.14:7443
158.69.197.228:7443
159.65.155.15:7443
159.69.211.165:7443
16.170.231.124:7443
16.171.38.71:443
160.187.146.223:7443
161.97.116.14:7443
164.92.145.34:443
164.92.147.85:7443
165.232.148.135:7443
165.232.41.180:7443
166.1.22.248:443
167.172.44.149:7443
167.71.155.231:7443
167.71.214.133:7443
168.100.239.215:7443
168.119.241.157:7443
170.64.163.25:7443
170.64.206.129:7443
172.233.97.159:7443
176.123.2.6:7443
179.43.186.228:7443
18.158.94.111:7443
18.184.8.83:7443
18.188.140.220:443
18.212.12.10:7443
18.219.16.8:7443
18.219.51.236:7443
18.220.79.189:443
18.253.62.84:7443
18.253.70.97:7443
185.100.168.112:7443
185.132.53.28:7443
185.142.184.149:7443
185.157.160.127:7443
185.170.58.214:7443
185.174.135.178:7443
185.196.10.163:7443
185.196.10.243:7443
185.196.8.251:7443
185.202.236.143:7443
185.207.65.79:7443
185.76.78.105:7443
188.124.51.141:7443
192.109.138.67:7443
192.71.27.8:7443
193.233.127.71:7443
194.12.8.26:7443
194.163.131.46:7443
194.59.31.30:7443
194.87.82.8:7443
195.177.94.244:7443
195.246.230.92:7443
195.65.41.209:7443
196.251.117.177:7443
196.251.117.219:7443
196.251.69.134:7443
197.224.232.159:7443
197.224.233.159:7443
197.224.234.159:7443
197.224.235.183:7443
197.224.235.75:7443
197.224.236.16:7443
197.224.237.243:7443
197.224.238.178:7443
197.224.238.59:7443
197.224.239.206:7443
197.224.239.239:7443
197.224.239.89:7443
2.241.123.75:7443
2.241.188.30:7443
20.116.113.168:7443
20.42.107.78:7443
20.84.60.5:3000
20.84.60.5:7443
207.154.205.11:7443
207.254.22.248:7443
209.222.4.175:3000
209.38.174.51:7443
209.97.175.29:7443
212.11.64.215:7443
213.111.157.235:7443
213.163.201.241:7443
213.165.60.13:7443
213.199.53.152:7443
213.218.234.181:7443
216.144.226.242:7443
23.88.39.201:7443
23.94.255.183:7443
3.22.28.73:7443
3.24.114.211:7443
3.76.47.39:7443
3.91.11.124:7443
31.56.45.188:7443
31.97.71.171:7443
34.128.175.224:443
34.132.178.245:7443
34.238.232.4:443
34.46.94.95:7443
34.59.29.91:7443
34.63.8.239:7443
34.69.221.5:7443
34.79.88.214:443
35.187.169.204:7443
35.92.162.47:7443
37.27.202.104:7443
37.32.9.150:7443
37.97.133.245:7443
4.206.46.1:7443
4.210.171.193:7443
43.135.79.17:7443
43.155.18.55:7443
43.229.150.95:7443
45.135.180.246:7443
45.135.180.246:81
45.137.70.250:7443
45.143.203.241:7443
45.144.55.160:7443
45.154.98.48:7443
45.156.27.209:7443
45.43.163.22:7443
45.55.67.75:7443
45.63.12.95:7443
45.76.254.251:7443
45.94.47.195:7443
45.94.47.223:8000
47.100.42.223:7443
48.217.187.10:7443
5.223.67.5:7443
51.75.250.56:7443
51.75.38.2:7443
51.83.137.148:7443
52.188.184.174:7443
54.175.247.131:7443
54.190.133.237:7443
54.226.204.243:7443
62.72.22.223:3000
64.226.102.22:7443
64.226.120.251:7443
64.227.191.233:7443
64.227.5.124:7443
64.52.80.101:7443
65.109.89.93:80
65.20.75.143:7443
65.20.99.39:7443
65.38.121.223:7443
65.87.7.142:7443
65.87.7.28:7443
65.87.7.5:7443
66.228.42.166:7443
66.42.48.169:7443
66.78.40.148:7443
68.183.217.161:7443
69.197.134.139:7443
72.60.113.209:7443
72.60.17.111:7443
75.158.42.85:3000
77.14.2.181:7443
77.14.26.209:7443
77.14.44.190:7443
77.3.211.79:7443
77.3.50.229:7443
77.8.201.17:7443
77.8.235.68:7443
78.138.9.69:7443
78.159.156.173:7443
79.110.49.105:7443
8.210.206.41:8000
8.217.237.58:7443
80.85.157.81:7443
80.93.219.123:7443
82.25.93.185:7443
82.77.149.113:7443
82.77.149.114:7443
82.77.149.117:7443
82.77.149.118:7443
82.77.149.119:7443
82.77.149.120:7443
82.77.149.121:7443
82.77.149.122:7443
82.77.149.123:7443
82.77.149.124:7443
82.77.149.125:7443
82.77.149.126:7443
84.201.165.215:7443
85.217.171.188:7443
86.120.167.56:7443
89.197.168.150:7443
90.48.210.177:7443
91.229.239.115:7443
95.112.103.2:7443
95.112.32.154:7443
95.113.133.105:7443
95.113.157.237:7443
95.179.209.246:7443
98.71.179.164:7443

# Reference: https://x.com/DonPasci/status/1975956137922179154

159.198.36.237:443
