# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.virustotal.com/gui/ip-address/138.124.183.149/community

http://138.124.183.149
138.124.183.149:443
138.124.183.149:8000
138.124.183.149:8080
138.124.183.149:8443

# Reference: https://twitter.com/kyleehmke/status/1645499693844123648

systemupdateapps.com

# Reference: https://twitter.com/MichalKoczwara/status/1659501619858251778
# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/

http://103.109.100.222
http://104.156.149.138
http://104.194.215.254
http://104.194.222.35
http://104.200.67.244
http://104.200.72.25
http://104.200.72.94
http://104.200.73.117
http://104.200.73.239
http://104.223.0.85
http://104.234.118.129
http://104.238.223.15
http://104.238.35.112
http://104.238.35.26
http://104.255.168.249
http://108.174.60.151
http://13.59.168.154
http://134.195.88.27
http://139.99.52.102
http://139.99.78.141
http://144.208.127.18
http://149.154.158.114
http://149.154.158.120
http://149.154.158.153
http://149.154.158.214
http://149.154.158.56
http://151.236.21.76
http://151.236.9.60
http://155.94.160.243
http://157.254.194.223
http://162.252.175.211
http://172.245.128.35
http://172.86.122.183
http://172.86.123.67
http://172.96.137.153
http://172.96.137.220
http://172.96.137.249
http://172.96.137.29
http://173.232.2.41
http://173.254.235.24
http://173.44.226.73
http://18.144.70.39
http://18.159.131.209
http://18.204.17.193
http://185.214.10.116
http://192.121.16.180
http://192.144.37.56
http://192.161.48.17
http://192.161.48.60
http://192.169.6.79
http://192.52.167.39
http://192.71.227.126
http://193.149.129.110
http://193.29.59.109
http://198.252.108.86
http://198.252.109.40
http://198.252.109.57
http://198.252.98.186
http://204.152.203.94
http://208.123.119.100
http://208.123.119.230
http://209.182.225.124
http://216.146.25.60
http://216.238.72.107
http://217.195.153.177
http://23.163.0.228
http://23.163.0.241
http://23.163.0.34
http://23.229.117.247
http://3.134.86.154
http://3.236.161.7
http://34.219.121.232
http://35.157.43.44
http://37.220.31.17
http://37.220.31.54
http://44.212.9.14
http://45.128.156.10
http://45.128.156.43
http://45.145.186.188
http://45.66.249.118
http://45.82.72.227
http://45.86.163.228
http://5.183.95.20
http://5.183.95.54
http://5.206.224.39
http://5.230.72.245
http://5.230.73.234
http://5.230.74.62
http://5.230.74.81
http://52.53.186.224
http://52.59.214.191
http://54.144.145.126
http://54.227.224.229
http://54.70.125.21
http://60.251.43.146
http://64.44.185.125
http://66.85.156.78
http://66.85.156.83
http://66.85.27.163
http://85.239.34.36
http://96.44.156.206
http://96.44.157.203
http://96.45.160.162
102.189.34.123:8888
102.189.9.45:8080
103.109.100.222:443
103.21.221.175:8443
104.156.149.138:443
104.156.149.138:8000
104.156.149.138:8080
104.156.149.138:8443
104.194.215.254:443
104.194.215.254:5916
104.194.215.254:8000
104.194.215.254:8080
104.194.215.254:8443
104.194.222.35:443
104.194.222.35:8000
104.194.222.35:8080
104.194.222.35:8443
104.200.67.156:443
104.200.67.156:5701
104.200.67.156:8000
104.200.67.156:8080
104.200.67.156:8443
104.200.67.244:2763
104.200.67.244:443
104.200.67.244:8000
104.200.67.244:8080
104.200.67.244:8443
104.200.72.25:443
104.200.72.25:6544
104.200.72.25:8000
104.200.72.94:2567
104.200.72.94:443
104.200.72.94:8000
104.200.72.94:8080
104.200.72.94:8443
104.200.73.117:2552
104.200.73.117:3001
104.200.73.117:443
104.200.73.117:8000
104.200.73.117:8080
104.200.73.117:8443
104.200.73.239:443
104.200.73.239:8080
104.200.73.239:8443
104.223.0.85:443
104.223.0.85:8000
104.223.0.85:8080
104.223.0.85:8443
104.234.118.129:443
104.234.118.129:8000
104.234.118.129:8080
104.234.118.129:8443
104.238.223.10:10443
104.238.223.10:8080
104.238.223.10:8443
104.238.223.10:9090
104.238.223.19:8080
104.238.223.3:8443
104.238.223.5:443
104.238.35.112:443
104.238.35.112:8000
104.238.35.112:8080
104.238.35.112:8443
104.238.35.26:443
104.238.35.26:6488
104.238.35.26:8000
104.238.35.26:8080
104.238.35.26:8443
104.255.168.249:443
104.255.168.249:8000
104.255.168.249:8080
104.255.168.249:8443
108.165.178.42:44400
108.165.178.43:44400
108.174.60.151:8012
108.174.60.151:8443
109.248.150.13:443
109.248.6.207:31337
109.248.6.217:8080
13.39.160.220:443
13.59.168.154:443
13.59.168.154:8000
13.59.168.154:8080
13.59.168.154:8443
134.209.34.155:443
139.59.238.242:8443
139.99.52.102:443
139.99.52.102:8000
139.99.52.102:8080
139.99.52.102:8443
139.99.78.141:443
142.202.205.24:8000
142.202.205.24:8080
144.208.127.18:443
144.208.127.18:6405
144.208.127.18:8000
144.208.127.18:8080
144.208.127.18:8443
144.217.36.75:10011
146.70.158.169:8083
146.70.158.169:8888
146.70.158.169:9900
146.70.158.90:10443
146.70.158.90:443
146.70.161.27:8080
146.70.35.153:8443
147.182.185.94:8443
149.154.158.114:443
149.154.158.114:8000
149.154.158.114:8080
149.154.158.114:8443
149.154.158.120:443
149.154.158.120:5996
149.154.158.120:8000
149.154.158.120:8080
149.154.158.120:8443
149.154.158.153:2091
149.154.158.153:443
149.154.158.153:8000
149.154.158.153:8080
149.154.158.153:8443
149.154.158.154:8080
149.154.158.154:8443
149.154.158.214:443
149.154.158.214:8000
149.154.158.214:8080
149.154.158.214:8443
149.154.158.56:3190
149.154.158.56:443
149.154.158.56:5265
149.154.158.56:8000
149.154.158.56:8080
149.154.158.56:8443
15.188.49.63:8080
151.236.21.76:443
151.236.21.76:6700
151.236.21.76:8000
151.236.21.76:8080
151.236.21.76:8443
151.236.9.60:2052
151.236.9.60:443
151.236.9.60:8000
151.236.9.60:8080
151.236.9.60:8443
152.32.167.126:8443
154.237.225.34:8888
154.7.99.15:8443
155.94.160.243:443
155.94.160.243:4784
155.94.160.243:8000
155.94.160.243:8080
155.94.160.243:8443
157.254.194.223:3087
157.254.194.223:3895
157.254.194.223:443
157.254.194.223:8000
157.254.194.223:8080
157.254.194.223:8443
158.160.10.29:8443
158.160.12.175:8443
158.160.3.251:443
158.160.7.184:18443
158.160.7.184:8443
159.223.250.0:55555
159.65.124.252:55555
161.35.138.42:443
162.244.83.217:8080
162.252.175.211:5249
162.252.175.211:8000
162.252.175.211:8080
162.252.175.211:8443
162.33.179.116:443
163.172.132.163:443
165.22.31.213:43001
165.22.87.199:10081
165.232.112.135:443
168.119.88.236:28463
172.105.120.11:465
172.245.128.35:2598
172.245.128.35:3410
172.245.128.35:443
172.245.128.35:7018
172.245.128.35:7854
172.245.128.35:8000
172.245.128.35:8080
172.245.128.35:8443
172.86.122.183:443
172.86.123.67:3074
172.86.123.67:443
172.86.123.67:8000
172.86.123.67:8080
172.86.123.67:8443
172.93.193.157:8080
172.93.193.157:9090
172.93.96.60:31443
172.93.96.60:38443
172.93.96.61:31443
172.93.96.62:31443
172.96.137.153:443
172.96.137.153:8000
172.96.137.153:8080
172.96.137.153:8443
172.96.137.220:443
172.96.137.220:8000
172.96.137.220:8080
172.96.137.220:8443
172.96.137.249:443
172.96.137.249:6498
172.96.137.249:8000
172.96.137.249:8080
172.96.137.249:8443
172.96.137.29:443
172.96.137.29:4463
172.96.137.29:8000
172.96.137.29:8080
172.96.137.29:8443
173.232.2.41:4327
173.232.2.41:443
173.232.2.41:8000
173.232.2.41:8080
173.232.2.41:8443
173.254.235.24:443
173.254.235.24:8000
173.254.235.24:8080
173.254.235.24:8443
173.44.226.73:443
173.44.226.73:8000
173.44.226.73:8080
173.44.226.73:8443
178.62.197.32:10443
178.62.197.32:443
179.61.154.3:8443
18.144.70.39:443
18.144.70.39:8000
18.144.70.39:8080
18.144.70.39:8443
18.159.131.209:3365
18.159.131.209:443
18.159.131.209:8000
18.159.131.209:8080
18.159.131.209:8443
18.204.17.193:443
18.204.17.193:8000
18.204.17.193:8080
18.204.17.193:8443
18.221.191.129:443
185.108.129.62:8080
185.156.252.168:443
185.17.40.156:9443
185.193.126.62:8443
185.214.10.116:4417
185.214.10.116:443
185.214.10.116:8000
185.214.10.116:8080
185.214.10.116:8443
185.243.112.166:80
185.243.112.166:8000
185.243.112.166:8080
185.243.112.166:8443
185.99.133.112:3068
185.99.133.112:443
185.99.133.112:5249
185.99.133.112:5252
185.99.133.112:5984
185.99.133.112:7012
185.99.133.112:8000
185.99.133.112:8080
185.99.133.112:8443
188.116.24.4:58444
188.225.73.216:443
192.121.16.180:443
192.161.48.17:3101
192.161.48.17:3834
192.161.48.17:443
192.161.48.17:8000
192.161.48.17:8080
192.161.48.17:8443
192.161.48.51:443
192.161.48.51:8080
192.161.48.60:443
192.161.48.60:8000
192.161.48.60:8080
192.161.48.60:8443
192.169.6.79:443
192.169.6.79:8000
192.169.6.79:8080
192.169.6.79:8443
192.52.167.39:443
192.52.167.39:7083
192.52.167.39:8000
192.52.167.39:8080
192.52.167.39:8443
192.71.227.126:443
192.71.227.126:5992
192.71.227.126:8000
192.71.227.126:8080
192.71.227.126:8443
192.74.254.207:8443
193.149.129.110:10443
193.149.129.110:3389
193.149.185.27:8443
193.29.187.217:443
193.29.59.109:443
193.29.59.109:8000
193.29.59.109:8080
193.29.59.109:8443
193.36.117.117:443
194.135.119.168:443
194.26.29.87:8444
195.128.235.20:53
195.133.40.108:8443
198.252.108.86:3150
198.252.108.86:443
198.252.108.86:8000
198.252.108.86:8080
198.252.108.86:8443
198.252.109.40:3152
198.252.109.40:443
198.252.109.40:8000
198.252.109.40:8080
198.252.109.40:8443
198.252.109.57:3167
198.252.109.57:4011
198.252.109.57:443
198.252.109.57:6658
198.252.109.57:8000
198.252.109.57:8080
198.252.109.57:8443
198.252.98.186:443
198.252.98.186:8000
198.252.98.186:8080
198.252.98.186:8443
204.152.203.94:443
204.152.203.94:6994
204.152.203.94:8000
204.152.203.94:8080
204.152.203.94:8443
207.246.68.214:443
207.246.68.214:8080
208.123.119.100:443
208.123.119.100:5591
208.123.119.100:8000
208.123.119.100:8080
208.123.119.100:8443
208.123.119.230:443
208.123.119.230:6544
208.123.119.230:8000
208.123.119.230:8080
208.123.119.230:8443
209.182.225.124:443
209.182.225.124:7878
209.182.225.124:8000
209.182.225.124:8080
209.182.225.124:8443
209.205.211.2:8088
209.205.211.3:8088
209.205.211.4:8088
209.205.211.5:8088
209.205.211.6:8088
213.142.147.65:8080
213.164.30.188:443
216.146.25.60:443
216.146.25.60:8000
216.146.25.60:8080
216.146.25.60:8443
216.238.78.86:443
216.238.83.131:443
217.195.153.177:443
217.195.153.177:8000
217.195.153.177:8080
217.195.153.177:8443
217.195.153.228:8089
23.106.223.117:443
23.163.0.228:3333
23.163.0.228:443
23.163.0.228:8000
23.163.0.228:8080
23.163.0.228:8443
23.163.0.241:443
23.163.0.241:8000
23.163.0.241:8080
23.163.0.241:8443
23.163.0.34:3588
23.163.0.34:7891
23.229.117.247:443
3.134.86.154:3177
3.134.86.154:443
3.134.86.154:8000
3.134.86.154:8080
3.134.86.154:8443
3.236.161.7:443
3.236.161.7:4933
3.236.161.7:5276
3.236.161.7:8000
3.236.161.7:8080
3.236.161.7:8443
3.249.5.101:3306
34.172.205.52:443
34.219.121.232:2363
34.219.121.232:443
34.219.121.232:7946
34.219.121.232:8000
34.219.121.232:8080
34.219.121.232:8443
34.249.53.58:443
35.157.43.44:443
35.157.43.44:8000
35.157.43.44:8080
35.157.43.44:8443
35.180.225.185:8444
35.181.59.201:4443
35.183.14.149:443
35.183.14.149:8000
35.183.14.149:8080
35.183.14.149:8443
37.220.31.17:2095
37.220.31.17:4400
37.220.31.17:443
37.220.31.17:8000
37.220.31.17:8080
37.220.31.17:8443
37.220.31.54:443
37.220.31.54:8080
37.220.31.54:8443
41.199.178.166:8888
43.139.241.58:1311
43.139.241.58:5600
43.139.241.58:9122
43.155.77.226:1234
44.212.18.9:443
44.212.9.14:3103
44.212.9.14:443
44.212.9.14:6000
44.212.9.14:8000
44.212.9.14:8080
44.212.9.14:8443
45.114.129.150:443
45.125.64.198:8989
45.128.156.10:3390
45.128.156.10:443
45.128.156.10:8000
45.128.156.10:8080
45.128.156.10:8443
45.128.156.43:443
45.128.156.43:7078
45.128.156.43:8000
45.128.156.43:8080
45.128.156.43:8443
45.134.174.99:443
45.138.172.80:8443
45.145.186.188:443
45.145.186.188:8000
45.145.186.188:8080
45.145.186.188:8443
45.33.119.19:443
45.66.249.118:2091
45.66.249.118:443
45.66.249.118:8000
45.66.249.118:8080
45.66.249.118:8443
45.76.181.107:8080
45.77.198.117:443
45.82.72.227:443
45.86.163.228:443
45.86.163.228:7305
45.86.163.228:8000
45.86.163.228:8080
45.86.163.228:8443
5.161.51.212:443
5.183.95.20:2116
5.183.95.20:3156
5.183.95.20:443
5.183.95.20:8080
5.183.95.20:8443
5.183.95.54:2404
5.183.95.54:3122
5.183.95.54:443
5.183.95.54:8000
5.183.95.54:8080
5.183.95.54:8443
5.230.72.245:443
5.230.72.245:8000
5.230.72.245:8080
5.230.72.245:8443
5.230.73.234:2048
5.230.73.234:443
5.230.73.234:8000
5.230.73.234:8080
5.230.73.234:8443
5.230.74.62:443
5.230.74.62:6061
5.230.74.62:8000
5.230.74.62:8080
5.230.74.62:8443
5.230.74.81:443
5.230.74.81:8000
5.230.74.81:8080
5.230.74.81:8443
5.45.67.163:8080
51.15.218.118:8080
51.250.67.119:8443
51.255.5.14:7780
51.68.190.20:443
51.81.61.109:9090
51.91.79.144:7780
52.53.186.224:443
52.53.186.224:8000
52.53.186.224:8080
52.53.186.224:8443
52.59.214.191:443
52.59.214.191:8000
52.59.214.191:8080
52.59.214.191:8443
52.87.206.242:3622
54.144.145.126:3021
54.144.145.126:443
54.144.145.126:8000
54.144.145.126:8080
54.144.145.126:8443
54.173.59.51:8443
54.186.116.62:443
54.227.224.229:443
54.227.224.229:8000
54.227.224.229:8080
54.227.224.229:8443
54.37.136.82:8443
54.38.48.4:8443
54.70.125.21:443
54.70.125.21:4437
54.70.125.21:8000
54.70.125.21:8080
54.70.125.21:8443
62.182.159.155:30009
62.182.159.155:30015
64.190.113.176:1443
64.44.185.125:3194
64.44.185.125:3622
64.44.185.125:443
64.44.185.125:8000
64.44.185.125:8080
64.44.185.125:8443
64.52.80.219:1443
65.109.225.7:443
66.85.156.78:2084
66.85.156.78:443
66.85.156.78:8000
66.85.156.78:8080
66.85.156.78:8443
66.85.156.83:443
66.85.156.83:8000
66.85.156.83:8080
66.85.156.83:8443
66.85.27.163:3333
66.85.27.163:443
66.85.27.163:5249
66.85.27.163:8000
66.85.27.163:8080
66.85.27.163:8443
67.43.236.29:8443
67.43.236.30:8443
74.119.194.165:8444
74.137.167.112:8080
76.74.127.146:443
76.74.127.147:443
77.91.75.72:8443
78.111.99.46:443
78.142.29.14:443
80.211.65.159:110
80.211.65.159:8080
80.211.65.159:8443
80.66.76.77:8443
80.78.22.88:8443
80.92.206.206:443
81.68.255.200:18443
82.117.136.242:9999
83.97.20.170:10443
83.97.20.170:443
83.97.20.170:8443
83.97.20.170:9443
84.201.176.161:8443
89.147.110.189:443
89.203.129.100:443
89.203.129.101:443
89.203.129.125:443
89.203.129.126:443
89.203.129.66:443
89.203.129.98:443
89.203.129.99:443
91.234.199.211:443
93.95.224.189:25
93.95.228.138:443
94.158.244.220:8080
94.158.244.220:8443
95.179.251.217:443
95.213.145.101:8080
95.213.145.101:8081
96.44.156.206:443
96.44.156.206:5573
96.44.156.206:8000
96.44.156.206:8080
96.44.156.206:8443
96.44.157.203:443
96.44.157.203:5582
96.44.157.203:7283
96.44.157.203:8000
96.44.157.203:8080
96.44.157.203:8443
96.45.160.162:8012

# Reference: https://threatfox.abuse.ch/browse/tag/Bianlian%20Go%20Trojan/

http://104.200.72.6
http://104.238.223.5
http://149.154.158.120
http://162.252.172.194
http://165.22.244.32
http://172.105.94.31
http://172.96.188.130
http://185.243.112.166
http://192.71.227.236
http://216.238.78.86
http://23.163.0.149
http://3.82.108.57
http://66.29.151.151
http://89.23.107.110
104.200.72.25:2222
104.200.72.2:443
104.200.72.2:5804
104.200.72.2:7005
104.200.72.2:8000
104.200.72.2:8080
104.200.72.2:8443
104.200.72.6:443
104.200.72.6:5089
104.200.72.6:8000
104.200.72.6:8080
104.200.72.6:8443
149.154.158.114:3098
151.236.9.60:5569
162.252.172.194:2604
162.252.172.194:3180
162.252.172.194:3405
162.252.172.194:443
162.252.172.194:4572
162.252.172.194:7480
162.252.172.194:8000
162.252.172.194:8080
162.252.172.194:8443
172.96.188.130:3524
172.96.188.130:443
172.96.188.130:5195
172.96.188.130:8000
172.96.188.130:8080
172.96.188.130:8443
185.112.146.250:8080
188.241.240.117:8443
188.241.240.203:8443
192.144.37.56:80
192.52.167.39:5876
192.71.227.236:443
192.71.227.236:5004
192.71.227.236:8080
192.71.227.236:8443
210.16.121.40:5000
23.163.0.149:443
23.163.0.149:8000
23.163.0.149:8080
23.163.0.149:8443
3.236.161.7:2051
3.82.108.57:443
3.82.108.57:8000
3.82.108.57:8080
3.82.108.57:8443
34.219.121.232:2705
37.220.31.54:4435
37.220.31.54:8000
37.228.129.4:443
45.150.65.235:443
46.30.190.27:100
46.30.190.27:443
62.182.159.155:30050
64.190.113.2:7443
66.29.151.151:443
66.85.27.163:2575
89.248.172.108:8080
95.163.181.86:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-07-23)

http://104.200.67.41
http://13.215.227.78
http://13.38.36.123
http://146.70.115.26
http://162.19.175.54
http://172.104.62.140
http://173.254.236.139
http://18.191.133.139
http://188.208.141.203
http://192.71.227.116
http://192.71.227.70
http://23.163.0.32
http://23.163.0.50
http://23.163.0.51
http://3.109.108.143
http://3.72.105.50
http://37.1.220.35
http://5.104.80.155
http://5.183.95.165
http://51.255.171.187
http://54.186.70.33
http://54.193.91.232
http://62.84.103.107
http://95.164.46.139
104.200.67.41:443
104.200.72.25:6604
104.200.72.2:4915
104.200.72.2:6500
104.238.35.112:3543
109.248.150.13:8443
13.215.227.78:443
13.215.227.78:8000
13.215.227.78:8080
13.215.227.78:8443
13.38.37.128:443
130.193.43.10:8443
134.122.60.222:8443
135.181.94.156:4444
141.98.168.159:443
146.70.115.26:443
146.70.115.26:8000
146.70.115.26:8080
146.70.115.26:8443
149.248.14.201:3524
158.160.110.214:8080
162.0.225.155:443
162.19.175.54:443
162.19.175.54:8000
162.19.175.54:8080
162.19.175.54:8443
162.244.83.217:8081
162.252.172.194:4242
162.252.172.194:4844
162.252.172.194:5554
162.252.172.194:7773
167.71.15.25:443
168.119.183.224:3001
168.119.183.224:3198
168.119.183.224:4439
168.119.183.224:5905
169.239.129.77:443
169.239.129.77:8000
172.104.62.140:443
173.254.236.139:4100
173.254.236.139:443
173.254.236.139:6022
173.254.236.139:8080
173.254.236.139:8443
18.191.133.139:443
18.191.133.139:5526
18.191.133.139:8000
18.191.133.139:8080
18.191.133.139:8443
185.108.129.37:53
188.208.141.203:3006
188.208.141.203:443
188.208.141.203:8000
188.208.141.203:8080
188.208.141.203:8443
188.34.130.46:8080
192.161.48.17:4441
192.52.167.83:5597
192.52.167.83:6057
192.52.167.83:6512
192.52.167.83:6716
192.71.227.116:3183
192.71.227.116:443
192.71.227.116:8000
192.71.227.116:8080
192.71.227.116:8443
192.71.227.70:443
192.71.227.70:8000
192.71.227.70:8080
192.71.227.70:8443
194.156.98.226:12389
195.154.166.134:22222
203.161.54.85:443
216.189.149.71:8080
216.189.159.34:5000
216.238.78.86:800
23.106.215.47:8443
23.163.0.149:4021
23.163.0.50:3138
23.163.0.50:443
23.163.0.50:5264
23.163.0.50:8000
23.163.0.50:8080
23.163.0.50:8443
23.163.0.51:443
23.163.0.51:8000
23.163.0.51:8080
23.163.0.51:8443
3.109.108.143:2569
3.109.108.143:443
3.109.108.143:6478
3.109.108.143:8000
3.109.108.143:8080
3.109.108.143:8443
3.72.105.50:443
3.72.105.50:8000
3.72.105.50:8080
3.72.105.50:8443
3.82.108.57:3173
43.139.241.58:889
43.239.158.5:8081
45.150.65.251:443
45.32.124.182:443
45.76.181.107:3128
5.104.80.155:443
5.181.20.110:443
5.183.95.165:2557
5.183.95.165:443
5.183.95.165:8000
5.183.95.165:8080
5.183.95.165:8443
51.255.5.104:993
51.38.103.199:443
51.38.103.199:4433
51.68.190.20:4433
51.91.79.105:993
54.186.70.33:443
54.186.70.33:7010
54.186.70.33:8000
54.186.70.33:8080
54.186.70.33:8443
54.193.91.232:443
54.193.91.232:4502
54.193.91.232:8000
54.193.91.232:8080
54.193.91.232:8443
62.182.159.155:30021
62.182.159.155:30066
62.84.103.107:443
74.119.194.165:8443
85.217.222.44:443
91.234.199.23:443
94.232.46.24:100
94.232.46.24:443
95.164.46.139:443
95.164.46.139:8000
95.164.46.139:8080
95.164.46.139:8443

# Reference: https://twitter.com/ReBensk/status/1686034350914027521
# Reference: https://twitter.com/ReBensk/status/1690633619197284352
# Reference: https://www.virustotal.com/gui/ip-address/5.42.199.96/relations

aobrso.xyz
bitrefill.club
boosl.digital
chatgptupdate.xyz
dawokzc.xyz
early-ventures.com
eooddt.xyz
fer-apps.com
hs-home.online
hs-login.digital
hs-login.info
hs-login.live
hs-login.online
hs-main.digital
kbnacv.xyz
menoris.top
openai-android.com
palfread.xyz
pond0x.digital
sant-login.digital
sant-login.live
seaxvnz.xyz
somanus.top
someasdw.xyz
strong-fit.digital
subarus.top
update-app.digital
whats-business.info
windowsmail-alert.com

# Reference: https://www.virustotal.com/gui/ip-address/91.215.85.206/relations

asdawdwq1.xyz
bapolinaw.top
beedoris.top
daaknotr.xyz
fepilox.top
morenolar.top
santolk.xyz
semubla.top
subanugar.top
sumokare.top
surkokal.top
vakistor.top
vefilonas.top
wehostol.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1686112108440584192
# Reference: https://www.virustotal.com/gui/file/91dcd5aa1aecb64065b83392cc7cc1eb74f5244bcc16bb6d42486122e2038a48/detection

chrome-down.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-01)

http://103.20.235.154
http://104.238.35.76
http://13.215.228.73
http://151.236.20.110
http://151.236.20.232
http://158.255.208.115
http://162.252.172.69
http://45.80.151.49
103.20.235.154:443
103.20.235.154:8000
103.20.235.154:8080
104.194.222.35:3598
104.238.35.76:443
104.238.35.76:8000
104.238.35.76:8080
104.238.35.76:8443
13.215.228.73:443
13.215.228.73:8000
13.215.228.73:8080
13.215.228.73:8443
135.125.250.237:8443
140.82.54.186:443
147.78.46.40:22222
151.236.20.110:443
151.236.20.232:443
158.255.208.115:443
162.252.172.69:443
162.252.172.69:8000
162.252.172.69:8080
162.252.172.69:8443
171.217.52.185:8443
171.221.170.20:8443
188.208.141.203:2703
188.208.141.203:6358
193.164.249.99:443
216.128.151.226:1234
216.189.159.34:8443
23.163.0.228:3299
5.255.123.19:8445
65.49.204.225:8443
66.29.151.151:8443
91.213.50.35:442

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-02)

http://135.125.250.237
103.20.235.154:8443
103.208.86.32:443
103.208.86.32:8080
103.208.86.32:8443
135.125.250.237:443
135.125.250.237:8000
135.125.250.237:8080
162.252.172.69:5641
208.123.119.153:8443
23.163.0.228:6667
45.82.153.168:8443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-04)

103.208.86.32:5382
103.208.86.32:8000
158.160.30.214:8443
208.123.119.153:8000
208.123.119.153:8080
94.156.6.19:443
94.156.6.19:8080

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-05)

http://103.208.86.32
http://151.236.9.205
http://208.123.119.153
104.194.222.35:7877
158.160.30.214:8443
208.123.119.153:4021
208.123.119.153:443
45.58.52.123:5000

# Reference: https://threatfox.abuse.ch/ioc/1149059/

94.198.53.89:30001

# Reference: https://threatfox.abuse.ch/ioc/1149179/

23.163.0.228:2049

# Reference: https://threatfox.abuse.ch/ioc/1149232/

103.20.235.154:3116

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-11)

103.20.235.154:2561
109.248.6.223:8443
13.215.228.73:6581
135.125.250.237:3170
135.125.250.237:5222
194.156.98.226:20143
208.123.119.153:4486
23.163.0.228:4772

# Reference: https://twitter.com/drb_ra/status/1690435421413453826

104.194.222.87:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-12)

http://104.194.222.87
http://85.239.52.212
104.194.222.87:443
104.194.222.87:8000
104.194.222.87:8080
104.194.222.87:8443
144.208.127.115:8443
43.139.241.58:8888
85.239.52.212:443
85.239.52.212:8000
85.239.52.212:8080
85.239.52.212:8443

# Reference: https://twitter.com/drb_ra/status/1691522556132515840

161.97.78.118:8443

# Reference: https://twitter.com/drb_ra/status/1692066082998165638

85.13.119.232:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-18)

146.70.115.26:5490
51.15.18.85:443
97.74.80.232:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-20)

104.194.222.87:5003
162.19.175.54:5601
23.163.0.50:4132
5.230.67.2:8443
66.29.145.128:443
85.239.52.212:2347

# Reference: https://twitter.com/drb_ra/status/1693334365621653813

45.153.241.96:8443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-27)

http://142.93.141.211
135.125.250.237:2556
135.125.250.237:4844
135.125.250.237:7221
141.98.168.19:443
146.70.115.26:6529
198.199.76.216:8443
45.45.219.118:8080
45.82.153.168:8444
66.85.26.162:443
66.85.26.162:8000
66.85.26.162:8443
85.13.119.234:443
85.239.52.212:2016
85.239.52.212:5996

# Reference: https://twitter.com/drb_ra/status/1695508287595147377

159.223.223.189:8443

# Reference: https://www.virustotal.com/gui/file/7f75bdb9bb83ee748aec4c83c12e07c431f76ed17a1a1c20dd3a961e427c3012/detection
# Reference: https://www.virustotal.com/gui/file/d38656b3bc95be933f07dbc962b7c97dda6c05e7018d75e364674d0ee8404b1a/detection
# Reference: https://www.virustotal.com/gui/file/31aa9c4fdba2c77725f0d0070972626e09beadf701a25ba4cb17aeecc1cfd674/detection
# Reference: https://www.virustotal.com/gui/file/23fed8966f6a0dee7fcb5b04f1c1fbf067cef500da12aed46da187776e587663/detection

128.14.75.92:6666
163.181.82.79:2890
163.181.92.82:2890
27.124.34.142:4140
43.249.30.130:6318
47.246.24.82:2819
47.246.24.82:2890
8398.top
best-ten.top
cookielive.top
hondatotolink.xyz
jun88.top
konoha88.xyz
tmslot88.xyz
uextlbth.xyz
yy222.top
zs9l3puj.top
bbs.cookielive.top
news.cookielive.top
six.best-ten.top
bbs.cookielive.top.w.kunlunhuf.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-08-29)

http://66.85.26.162
13.215.227.78:4138
158.160.68.42:8443
135.125.250.237:3064
208.123.119.100:4567
62.141.75.134:443
66.85.26.162:8080
94.198.53.89:30063

# Reference: https://threatfox.abuse.ch/ioc/1152438/

85.239.52.212:4084

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-03)

103.109.100.222:8443
103.20.235.154:3898
103.208.86.32:4810
162.19.175.54:6996
195.123.218.117:443
208.123.119.100:2858
208.123.119.153:7387
85.13.119.235:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-04)

http://104.194.222.70
103.20.235.154:4353
103.20.235.154:5113
104.194.222.70:443
104.194.222.70:8000
104.194.222.70:8080
104.194.222.70:8443
135.125.250.237:3430
192.236.192.207:443
45.153.231.73:443
85.13.119.236:443
85.239.52.212:5266
89.203.129.77:443
94.198.53.89:30081
95.179.147.117:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-06)

104.194.11.252:8443
104.243.32.53:8443
104.243.33.83:8443
104.243.33.84:8443
104.243.33.85:8443
204.152.203.90:5903
208.123.119.100:6613
212.118.42.117:443
34.207.174.202:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-11)

141.98.168.19:25
170.247.3.189:443
204.152.203.90:2048

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-20)

http://13.212.116.128
http://194.4.48.63
http://194.68.26.216
http://204.152.203.90
http://45.56.162.16
http://66.85.26.54
103.20.235.154:3076
103.20.235.154:3080
104.194.222.87:3907
104.236.1.224:8080
105.197.95.254:8080
13.212.116.128:443
13.212.116.128:8000
13.212.116.128:8080
13.212.116.128:8443
135.125.250.237:4224
135.125.250.237:5841
143.198.46.29:5060
143.198.46.29:587
149.91.91.174:8443
172.96.137.159:8000
172.96.137.159:8443
176.119.30.73:443
188.127.242.204:443
188.127.242.204:8443
194.68.26.216:443
194.68.26.216:8000
194.68.26.216:8080
194.68.26.216:8443
2.59.254.29:8443
204.152.203.90:443
204.152.203.90:8000
204.152.203.90:8080
204.152.203.90:8443
23.227.203.245:8443
34.219.121.232:3127
45.56.162.16:443
45.56.162.16:7693
45.56.162.16:8000
45.56.162.16:8080
45.56.162.16:8443
45.56.165.30:8443
65.109.3.80:4444
66.29.155.94:8443
66.85.26.54:443
66.85.26.54:8000
66.85.26.54:8080
66.85.26.54:8443
87.247.185.109:8585

# Reference: https://twitter.com/drb_ra/status/1703662101107999163

46.148.139.144:8081

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-22)

http://45.56.165.30
104.194.222.70:5000
149.56.95.151:7443
162.0.230.23:443
172.96.137.159:2181
172.96.137.159:8080
185.243.114.63:443
43.139.241.58:109
45.12.2.230:443
45.56.165.30:8000
69.57.161.144:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-23)

http://172.96.137.159
194.4.48.63:443
198.177.123.207:443
204.152.203.90:5004
45.56.165.30:443
45.56.165.30:8080
45.86.163.224:443
45.86.163.224:8080
46.148.139.144:8008
69.57.163.45:8081
79.137.203.215:8443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-24)

http://45.86.163.224
135.125.250.237:6218
172.96.137.159:443
204.152.203.90:5371
45.45.219.118:53
45.56.165.30:5299
45.86.163.224:8000
45.86.163.224:8443
69.57.161.144:8443
89.208.106.3:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-27)

http://45.153.231.73
146.70.41.200:443
194.68.26.216:5050
195.62.53.94:8080
45.56.162.16:5426
5.182.39.10:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-09-29)

http://216.146.25.23
103.20.235.195:6588
198.177.124.107:443
216.146.25.23:443
216.146.25.23:5000
216.146.25.23:8000
216.146.25.23:8080
216.146.25.23:8443
45.64.186.135:443
45.64.186.135:8000
45.64.186.135:8443
45.87.155.88:443
89.203.129.78:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-10-03)

http://46.148.139.144
185.82.200.188:8080
195.62.53.94:443
216.146.25.23:2458
3.81.68.30:443
45.86.163.188:100
46.148.139.144:8085
80.240.28.100:8080
85.13.119.233:443
88.119.169.140:4444
94.198.50.195:5000

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-10-07)

http://151.236.22.64
http://151.236.8.237
http://192.236.192.207
http://45.45.219.141
103.20.235.195:4784
120.48.110.233:8081
138.201.174.150:8080
146.70.115.26:5221
151.236.22.64:443
151.236.22.64:8000
151.236.22.64:8080
151.236.22.64:8443
151.236.8.237:443
162.19.175.54:2335
185.248.144.158:443
185.49.69.36:4444
194.68.26.216:6361
195.62.53.94:4444
43.139.241.58:423
45.45.219.141:53
45.86.163.224:4175
45.86.163.224:7169
46.148.139.144:443
66.29.140.11:7071
89.203.129.79:443
94.198.50.195:5800
94.198.50.195:5900

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-10-19)

http://104.238.35.163
http://104.238.60.64
http://104.238.61.150
http://149.154.158.199
http://208.123.119.123
http://45.56.165.27
104.236.210.243:8080
104.238.35.163:5984
104.238.35.163:8000
104.238.35.163:8080
104.238.35.163:8443
104.238.60.64:443
104.238.60.64:8000
104.238.60.64:8080
104.238.60.64:8443
104.238.61.150:443
104.238.61.150:8000
104.238.61.150:8080
122.226.191.252:8443
149.154.158.199:443
149.154.158.199:8000
149.154.158.199:8080
149.154.158.199:8443
162.19.175.101:8080
163.177.79.82:8443
172.96.137.159:5275
192.121.87.187:8081
208.123.119.123:443
208.123.119.123:8000
208.123.119.123:8080
208.123.119.123:8443
216.238.78.86:6667
44.203.127.31:443
45.56.165.27:443
45.56.165.27:8000
45.56.165.27:8080
45.56.165.27:8443
45.86.163.224:5483
45.86.163.224:7017
46.148.139.144:4444
54.193.91.232:9001
66.29.130.171:443
85.13.118.11:443
85.13.118.40:443
85.239.54.142:7443
94.131.3.160:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-11-01)

http://103.57.250.152
103.57.250.152:443
103.57.250.152:6463
103.57.250.152:8000
103.57.250.152:8080
103.57.250.152:8443
104.238.61.150:8443
104.36.229.15:443
104.36.229.15:8080
157.245.48.209:143
216.189.155.134:8080
216.238.78.86:6666
66.29.155.44:8443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-11-03)

http://104.238.34.130
http://104.36.229.15
http://23.152.0.64
http://91.102.162.229
103.20.235.195:2815
103.57.250.152:3014
103.57.250.152:3771
103.57.250.152:5749
103.57.250.152:6477
104.238.34.130:443
104.238.35.163:2184
104.238.60.64:4814
104.238.60.84:3346
104.36.229.15:8000
104.36.229.15:8443
149.154.158.34:443
149.154.158.34:8000
149.154.158.34:8080
149.154.158.34:8443
157.245.48.209:8088
192.52.166.233:3993
193.31.28.88:993
208.123.119.123:5142
208.123.119.123:5214
23.152.0.64:443
23.152.0.64:8443
31.13.195.125:10443
45.12.2.242:443
45.61.139.234:8083
65.109.166.117:443
85.239.54.206:8081
91.102.162.229:443
95.179.157.228:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-11-10)

http://194.213.18.45
http://3.76.100.131
103.57.250.152:6707
104.36.229.15:5101
104.36.229.15:7507
13.215.228.73:6411
13.59.168.154:3417
144.172.79.129:443
149.154.158.34:10101
151.236.20.194:443
151.236.22.64:4359
151.236.22.64:5915
151.236.22.64:6544
157.245.48.209:443
162.0.228.202:4443
185.240.103.195:8443
194.213.18.45:443
194.213.18.45:8000
194.213.18.45:8080
194.213.18.45:8443
195.2.92.206:443
20.68.243.107:443
213.139.205.146:5000
213.139.205.146:6388
23.152.0.64:8000
3.76.100.131:4424
3.76.100.131:443
3.76.100.131:8000
3.76.100.131:8080
3.76.100.131:8443
34.245.119.31:443
45.56.165.27:7001
45.86.163.224:7559
54.193.91.232:3155
54.193.91.232:9443
63.250.42.18:587
85.239.53.152:443
94.198.50.195:6000

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-11-22)

173.254.235.30:8000
americanauth0.com
aria21.pw
awards2go.org
conflictt.almostmy.com
luxspal.com
m.1co.net
plasmans.online
platform.awards2go.org
ptkick.com
srv82054434.ultasrv.net
us.1co.net
v3.aria21.pw
yksdemg.top

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-11-23)

http://173.254.235.30
104.238.60.64:3971
139.59.40.48:8080
173.254.235.30:443
173.254.235.30:8080
173.254.235.30:8443
185.248.100.118:443
2.58.14.41:443
213.139.205.146:443
213.139.205.146:6806
213.139.205.146:8000
213.139.205.146:8080

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-12-03)

http://104.238.35.85
http://104.238.60.76
http://142.202.205.35
http://151.236.22.48
http://185.82.127.212
http://45.152.85.15
http://88.119.171.56
103.11.64.167:8080
104.238.35.85:443
104.238.35.85:8000
104.238.35.85:8080
104.238.35.85:8443
104.238.60.76:8000
104.238.60.76:8080
104.238.60.76:8443
104.36.229.15:6136
13.215.227.78:5532
13.215.228.73:10443
13.215.228.73:1433
13.36.137.110:443
142.202.205.35:443
142.202.205.35:8000
142.202.205.35:8080
142.202.205.35:8443
151.236.22.48:443
151.236.22.48:8000
151.236.22.48:8080
151.236.22.48:8443
173.254.235.30:1433
176.119.159.39:8443
192.121.113.129:2057
213.139.205.146:3739
45.76.80.199:8000
45.86.163.224:2098
5.230.44.53:443
80.78.26.69:2096
80.78.26.69:8443
95.164.46.54:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-12-11)

http://104.200.67.5
http://104.225.129.142
104.200.67.5:2086
104.200.67.5:443
104.225.129.142:5971
104.225.129.142:8000
104.225.129.142:8080
104.225.129.142:8443
104.238.60.76:443
5.230.67.144:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2023-12-17)

http://104.200.72.113
http://136.0.3.240
http://136.244.98.49
http://151.236.22.182
http://66.85.27.144
http://91.121.44.23
http://91.236.230.169
http://96.44.166.186
104.200.72.113:443
104.200.72.113:8000
104.200.72.113:8080
104.200.72.113:8443
13.215.228.73:3521
136.0.3.240:8080
151.236.22.182:443
151.236.22.182:8000
151.236.22.182:8080
151.236.22.182:8443
185.141.24.220:8443
185.196.9.238:8443
185.244.130.43:8443
185.7.219.106:443
188.241.58.179:443
192.121.113.129:4073
192.121.113.129:5062
209.73.143.227:8080
213.183.56.95:8085
3.106.130.174:443
3.25.93.101:443
37.120.239.146:8443
45.134.173.229:443
45.66.248.135:3510
45.66.248.135:4593
5.161.223.88:2101
5.161.223.88:4104
66.85.27.144:443
66.85.27.144:8000
66.85.27.144:8080
66.85.27.144:8443
85.217.222.42:443
91.236.230.169:443
91.236.230.169:8000
91.236.230.169:8080
91.236.230.169:8443
94.131.100.223:4444
94.131.107.198:8443
94.198.50.195:9000
94.198.50.195:9200

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-01-17)

http://151.236.16.27
http://156.236.76.243
http://162.252.175.240
http://2.58.15.111
http://209.127.186.195
http://209.127.186.233
http://209.127.186.46
http://5.255.97.126
143.110.192.8:10451
143.110.192.8:27978
151.236.16.27:443
151.236.16.27:8000
151.236.16.27:8080
151.236.16.27:8443
154.223.20.226:8080
156.236.76.243:443
156.236.76.243:8000
156.236.76.243:8080
156.236.76.243:8443
157.230.175.190:6595
157.230.175.190:7405
162.0.225.166:443
162.252.175.240:443
162.252.175.240:8000
162.252.175.240:8080
162.252.175.240:8443
164.92.159.114:443
168.119.225.154:1194
185.243.112.245:8443
188.166.9.214:8443
2.58.15.111:443
2.58.15.111:8080
2.58.15.111:8443
2.58.15.126:443
209.127.186.195:443
209.127.186.195:8000
209.127.186.195:8080
209.127.186.195:8443
209.127.186.233:443
209.127.186.233:8000
209.127.186.233:8080
209.127.186.233:8443
209.127.186.233:9443
209.127.186.46:443
209.127.186.46:8000
209.127.186.46:8080
209.127.186.46:8443
38.62.236.182:4567
45.55.132.52:5060
45.55.132.52:587
45.66.248.135:4308
45.66.248.135:7438
46.149.76.101:443
5.255.97.126:443
5.255.97.126:8000
5.255.97.126:8080
5.255.97.126:8443
51.81.110.44:443
62.84.103.154:443
85.13.119.42:443
85.239.52.71:7940
94.103.87.88:443
94.131.102.241:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-02-04)

http://38.62.230.181
http://38.62.236.152
143.110.192.8:18336
143.110.192.8:44387
185.49.70.105:8080
209.127.186.195:9443
216.238.83.84:8443
38.62.230.181:443
38.62.236.152:443
38.62.236.182:34712
45.58.52.17:9090
51.158.96.140:443
88.214.25.249:8443
94.103.87.88:25
94.103.87.88:8080

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-02-13)

http://108.181.0.232
http://172.205.219.119
104.238.60.87:2696
143.110.192.8:58637
157.230.175.190:6534
157.230.175.190:7754
209.127.186.234:64242
216.189.159.197:53
220.77.118.115:53
23.229.31.21:25623
23.229.31.21:39561
31.220.80.82:53
37.128.207.56:53
45.128.133.21:443
45.152.85.10:443
45.66.248.135:5833
45.66.248.84:42282
51.15.235.86:53
91.238.181.248:8080

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-02-25)

http://216.146.26.94
http://45.45.219.118
103.35.189.93:10443
103.35.189.93:443
103.35.189.93:8443
145.239.230.233:8443
185.11.61.124:20000
185.83.113.126:32004
185.83.113.126:32005
185.83.113.126:32009
185.83.113.126:32012
185.83.113.126:32017
185.83.113.126:32023
185.83.113.126:32031
210.16.120.210:53
216.146.26.94:443
37.120.239.146:8085
45.61.138.43:20000
5.255.117.32:4971
51.159.183.32:443
94.103.87.88:3306
94.103.87.88:465
94.198.50.195:8000

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-03-03)

http://151.236.16.11
http://162.252.175.153
http://23.94.120.119
http://45.61.138.43
104.200.72.113:40484
104.238.35.20:16655
104.238.60.87:443
104.238.60.87:5995
108.181.0.232:58049
128.14.226.110:143
13.37.127.130:443
136.0.3.71:443
136.0.3.71:49737
136.0.3.71:5295
136.0.3.71:5671
140.82.20.246:8443
142.129.135.121:443
146.70.100.113:22222
151.236.16.232:8226
151.236.16.48:5901
154.223.20.108:8443
154.90.62.224:53
157.230.175.190:4891
157.230.175.190:49553
163.177.79.82:7443
164.92.243.255:42691
179.60.149.241:8443
185.196.11.148:8443
185.225.70.160:27311
185.225.70.160:43029
213.226.100.35:53
216.238.83.84:8000
23.227.202.153:8443
23.227.202.28:35676
37.120.239.146:23250
45.152.85.15:443
45.55.128.82:443
62.182.84.172:443
64.74.160.238:1433
64.74.160.238:3306
64.74.160.238:5432
66.85.27.144:24513
94.103.87.88:1433
94.103.87.88:4444
94.103.87.88:445
94.198.50.195:10000
94.198.50.195:9800
95.164.19.54:8085
95.179.189.177:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-03-24)

104.238.60.87:3509
185.225.70.160:10810
192.169.7.83:64499
31.42.186.231:443
96.9.225.129:37826

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-03-31)

1.117.72.174:443
104.200.72.22:2373
111.180.192.60:8443
13.38.235.203:443
151.236.16.211:33367
151.236.26.171:3410
162.252.175.153:80
172.187.180.204:443
185.234.216.209:20000
185.234.216.209:20001
192.121.162.196:8080
192.64.86.243:8080
51.159.183.32:9000
51.195.115.244:7639
64.7.198.249:443
96.9.225.129:19701

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-04-14)

116.203.56.238:1194
128.14.226.110:448
185.234.216.209:20002
185.234.216.209:20003
185.234.216.209:20004
185.234.216.209:20005
185.234.216.209:20006
185.234.216.209:20007
185.234.216.209:20008
185.234.216.209:20009
185.234.216.209:20010
185.234.216.209:20011
185.234.216.209:20012
185.234.216.209:20017
192.121.162.196:8443
203.96.177.103:8080
66.85.173.32:2268

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-05-21)

http://45.152.85.10
103.136.150.94:8080
104.200.72.177:57067
104.200.72.177:6513
104.223.76.201:2779
104.223.76.201:44102
104.225.129.140:58883
104.238.61.20:7800
109.120.178.253:8443
128.14.237.229:443
128.14.237.229:8888
135.181.67.161:443
141.195.112.200:8443
142.93.109.84:443
146.70.80.94:20020
149.154.158.222:36884
149.154.158.222:3933
151.236.16.48:47163
151.236.26.171:12041
157.245.70.79:443
158.160.87.195:8443
159.223.220.207:1433
159.223.220.207:443
159.223.220.207:5060
162.252.175.170:8443
164.92.231.251:10000
164.92.231.251:1433
164.92.231.251:443
164.92.231.251:5060
167.88.172.166:8443
172.96.137.156:55295
172.96.137.156:64447
185.234.216.209:20022
185.234.216.209:20023
185.234.216.209:20027
185.234.216.209:20031
185.234.216.209:20032
185.234.216.209:20034
185.234.216.209:20035
185.234.216.209:20036
185.234.216.209:20037
185.234.216.209:20038
185.234.216.209:20039
185.234.216.209:20048
185.234.216.209:20054
193.227.134.120:443
193.227.134.247:443
195.80.148.170:9090
2.58.15.151:13576
203.96.177.103:8443
23.94.120.119:5443
37.228.138.163:8080
38.60.223.86:53
45.121.147.114:443
45.121.147.117:443
45.121.50.136:443
45.152.85.10:8443
45.56.165.131:6781
5.104.80.155:8443
5.8.18.9:20000
62.233.57.237:443
64.95.13.226:1433
64.95.13.226:443
64.95.13.226:5060
65.20.78.91:8443
8.218.228.15:60478
80.71.149.154:8686
92.243.64.130:28002

# Reference: https://x.com/MichalKoczwara/status/1792925748568756258

216.189.159.34:8443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-06-12)

http://104.238.61.20
104.200.72.177:47513
121.40.69.44:443
128.14.237.188:83
144.76.91.151:8080
146.70.80.94:20004
151.236.16.18:25184
158.160.64.178:8443
158.160.82.115:8443
165.227.187.77:1433
165.227.187.77:443
165.227.187.77:5060
172.187.161.228:443
172.96.137.156:21132
185.234.216.209:20024
185.234.216.209:20025
185.234.216.209:20033
185.234.216.209:20041
185.234.216.209:20042
185.234.216.209:20043
185.234.216.209:20044
185.234.216.209:20050
185.234.216.209:20051
185.234.216.209:20052
185.234.216.209:20064
185.59.74.254:8080
185.7.219.103:443
193.239.86.162:443
194.163.160.254:53
195.54.160.90:54320
197.243.57.122:60000
206.237.4.54:7443
206.237.4.54:9443
213.183.56.95:25
45.56.165.131:5142
46.250.255.162:8080
5.104.80.155:27564
54.215.94.76:57580
66.85.173.32:25532
91.92.246.183:8443
91.92.250.190:443
92.243.64.130:31205
94.156.67.3:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-06-26)

http://91.236.230.33
104.225.129.140:59393
166.88.159.17:8443
185.158.248.39:443
185.170.212.17:443
185.229.9.27:445
185.229.9.27:8080
185.229.9.27:8090
185.234.216.209:20069
185.234.216.209:20075
185.234.216.209:20076
185.234.216.209:20077
185.234.216.209:20078
185.234.216.209:20082
185.29.10.248:8080
185.29.8.219:8080
206.237.28.231:8443
45.133.195.90:443
45.41.187.137:7613
5.252.176.46:8443
91.207.183.16:25
94.156.67.3:8080

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-07-03)

http://216.238.73.7
108.170.52.131:13587
120.26.192.87:443
128.14.237.188:8080
146.70.80.94:20013
159.65.174.201:1433
159.65.174.201:443
159.65.174.201:5060
185.229.9.27:21
185.229.9.27:8888
91.236.230.33:4511
91.245.253.10:443
92.38.160.73:8080
94.198.50.195:20000
gard-ner-toyota.com
joeyrichl.top
tppen-op.one

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-07-10)

103.136.43.10:8443
103.57.249.42:8443
116.62.142.170:443
146.71.81.126:3291
164.90.194.34:443
194.213.18.182:443
203.161.43.195:444
5.252.176.136:9090
67.217.60.68:8443
91.236.230.33:6595
96.9.225.128:57870
astachk0809.xyz
encrypt.astachk0809.xyz
paul.sportlearningcenters.info

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-07-20)

103.30.77.80:8443
104.238.34.207:2082
104.238.34.207:3223
108.170.52.131:18564
108.170.52.131:54948
172.96.137.156:3812
185.234.66.239:443
185.250.193.175:8443
192.71.26.33:3203
193.233.207.171:8443
217.69.14.240:1433
217.69.14.240:443
217.69.14.240:5060
31.45.231.174:8080
45.66.249.200:443
51.254.39.116:8080
61.252.141.88:8443
85.239.53.248:443
85.239.53.248:6002
85.239.53.248:6219
92.243.64.130:17076
95.164.61.31:443

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-03)

http://206.237.4.54
151.236.16.18:47702
192.121.87.111:8085
206.237.4.54:8080
45.56.162.5:2964
85.239.53.248:40998
94.131.110.141:8443
96.44.156.220:5670

# Reference: https://x.com/malwrhunterteam/status/1822916015975456792
# Reference: https://www.virustotal.com/gui/file/34bd368f378e9d1b887bf33e98e4e9ccd0424decadd353a717ed9f330629c074/detection

85.239.53.248:5621

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-18)

http://91.219.227.184
103.119.47.150:61788
151.236.16.18:64749
151.236.16.44:43354
158.255.215.115:8443
166.88.159.247:8443
185.234.66.239:8443
38.175.202.22:48621
43.248.136.194:443
5.35.71.175:8443
136.169.29.34.bc.googleusercontent.com

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-24)

109.236.90.53:8443
118.178.132.183:443
144.208.127.130:41702
157.230.53.228:443
194.213.18.183:4871
38.175.202.22:16889
77.221.148.156:8080
91.92.250.21:20006

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-07)

104.238.34.207:4420
105.96.57.196:8080
144.208.127.130:51993
184.174.96.108:8080
185.229.9.27:3389
192.121.17.45:8089
194.213.18.181:52887
64.95.10.106:1433
64.95.10.106:443
64.95.10.106:5060
89.39.149.246:8443
91.92.250.21:20001
91.92.250.21:20002
91.92.250.21:20003
91.92.250.21:20004
91.92.250.21:20005
91.92.250.21:20007
91.92.250.21:20008

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-09-09)

151.236.16.70:29403
185.229.9.27:636
194.213.18.183:4512
194.48.248.151:8443
216.181.107.134:30263

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-14)

104.219.214.103:8080
163.172.148.233:443
216.106.66.162:8443
216.106.66.163:8443
64.7.199.165:8888
85.235.151.5:8443

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-22)

104.225.129.104:5931
104.238.34.207:7573
165.227.69.170:1433
165.227.69.170:443
165.227.69.170:5060
167.88.160.15:8080
185.229.9.27:443
194.213.18.181:26256
194.68.27.93:53312
85.235.151.5:443
89.23.107.207:20000
91.216.169.108:8443
91.92.245.123:8443
92.243.66.51:25
96.44.156.220:24467

# Reference: https://www.virustotal.com/gui/file/5bc9478d90533ebccf09c7204999853bae36db997b230e2809090c7827c8ced0/detection

bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion
bianlivemqbawcco4cx4a672k2fip3guyxudzurfqvdszafam3ofqgqd.onion

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-10-07)

http://79.141.162.184
130.193.52.194:443
143.198.179.167:1433
143.198.179.167:443
143.198.179.167:5060
146.70.143.147:18095
151.236.16.40:10351
158.160.3.224:443
185.76.79.207:38378
216.181.107.134:41296
43.198.93.208:443
51.250.27.83:443
51.250.44.190:8443
62.60.211.206:8080
77.73.67.162:8080
85.239.54.36:5603
86.107.101.47:24553
89.1.88.252:443
92.243.64.200:7258

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-10-13)

http://194.36.188.25
104.36.229.149:5168
169.239.130.36:993
194.68.27.93:40812
195.230.23.91:8443
195.85.115.58:443
45.95.175.213:8443
89.23.113.220:8083

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-11-09)

http://103.125.217.129
104.200.72.15:10403
104.225.129.141:2244
104.36.229.149:28333
144.208.127.130:14906
159.89.112.223:443
170.130.55.197:8443
172.96.137.106:4567
185.193.48.92:445
185.28.119.50:5415
193.124.185.129:8443
194.213.18.181:16963
194.213.18.181:20290
203.161.43.187:53
23.227.198.237:3963
37.1.202.248:8443
5.255.110.93:2249
5.255.110.93:6114
8.140.226.110:443
84.201.158.123:57523
85.239.54.36:2866
86.104.72.238:8443
87.120.114.51:20000
92.243.66.51:8024

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-11-10)

104.168.135.176:443
104.168.140.238:443
108.174.199.133:443
23.254.244.163:443
45.61.136.118:443
45.76.144.235:443
5.187.48.26:8443
51.16.209.105:443

# Reference: https://x.com/AlvieriD/status/1861509478211801543

bianliaoxoeriowgqohcly4a6sbkpc3se2yvxgidxomxlpuhx5ehrpad.onion

# Reference: https://x.com/ShanHolo/status/1864250930088071219
# Reference: https://www.virustotal.com/gui/file/7b15f570a23a5c5ce8ff942da60834a9d0549ea3ea9f34f900a09331325df893/detection

64.52.80.120:6171

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2024-12-04)

http://216.219.94.99
104.225.129.141:2207
104.225.129.141:46464
104.238.60.168:2602
147.45.141.206:8443
147.45.154.131:443
151.236.16.40:34236
181.215.39.2:4444
181.215.39.2:8443
185.163.193.251:443
45.61.136.147:3917
45.61.136.147:3929
64.95.11.206:10443
64.95.11.206:1433
64.95.11.206:443
64.95.11.206:5060
65.21.153.27:8443
80.76.51.148:8443
85.239.52.16:2083
85.239.52.16:2443
85.239.52.16:2781
87.121.61.252:443
88.218.168.33:8443
91.236.230.33:6399
91.236.230.33:6400

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2024-12-15)

http://185.195.65.40
104.168.151.112:443
104.36.229.179:18486
104.36.229.179:5729
122.114.8.215:8443
146.19.24.84:8443
147.45.141.206:443
154.203.197.96:8443
170.254.233.122:443
194.213.18.181:7300
209.38.96.84:8443
35.175.232.182:443
35.181.160.134:443
40.91.218.95:8443
45.61.136.147:4717
45.89.66.93:4444
62.234.69.114:443
81.19.140.84:443
85.239.52.16:6790
89.223.66.195:8443
91.142.94.77:8443
94.232.247.101:443

# Reference: https://x.com/DarkWebInformer/status/1872796738173714794

104.225.129.101:35247

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-01-02)

http://45.129.199.234
107.189.26.195:8443
142.93.234.59:443
151.236.16.40:2014
151.236.16.40:57144
154.216.17.241:443
157.230.164.90:443
167.71.69.135:443
184.94.215.147:53
185.193.48.92:4675
185.229.9.27:993
185.76.79.207:9977
194.213.18.181:49493
208.123.119.103:7453
45.130.147.118:443
69.197.176.26:8443
70.34.202.129:8443

# Reference: https://x.com/pe4Chscreeching/status/1876568211430477921
# Reference: https://search.censys.io/hosts/85.239.53.59

85.239.53.59:22
85.239.53.59:6316

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-01-25)

http://104.200.72.146
http://104.200.73.216
http://104.225.129.141
http://104.238.35.179
http://162.252.173.100
http://62.210.28.199
http://69.46.15.169
http://85.239.54.99
http://86.106.87.158
http://86.107.101.94
104.200.67.252:3966
104.200.72.146:3389
104.200.73.216:3389
104.225.129.101:63618
104.225.129.101:8465
104.225.129.141:4018
104.238.57.44:56099
104.238.57.44:64598
108.61.216.142:1433
108.61.216.142:443
108.61.216.142:5060
128.254.230.110:443
151.236.22.19:3375
151.236.22.19:4421
164.92.223.252:443
185.239.48.114:27700
185.241.5.217:8081
185.76.79.26:24443
185.76.79.26:51835
185.87.49.47:443
193.56.255.245:443
208.73.200.28:9999
23.227.198.237:20451
23.227.198.237:50262
23.227.198.237:57226
23.227.198.237:64103
3.64.60.12:443
3.86.153.4:443
44.201.115.56:443
45.41.187.117:5973
51.250.0.16:443
52.12.243.110:8888
64.52.80.103:6798
69.46.15.169:3389
81.17.31.98:1124
85.239.54.99:23443
85.239.54.99:3126
85.239.54.99:5362
86.106.87.158:3389
86.107.101.94:3389
89.38.225.185:443
89.46.235.60:8443
94.198.40.6:20001
94.198.40.6:20002
94.198.40.6:20022
95.179.233.26:8090

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2025-03-18)

http://104.238.57.233
http://172.96.137.108
http://172.96.137.32
http://5.255.106.12
http://52.149.122.11
http://91.199.160.129
http://98.82.12.229
103.88.241.207:8443
104.194.152.28:8080
104.200.67.252:50955
104.200.73.216:43696
104.200.73.237:8081
104.225.129.141:4242
104.238.35.179:3389
104.238.35.179:36800
104.238.35.179:38901
104.238.35.179:8081
104.37.184.39:10443
108.61.229.202:1433
108.61.229.202:443
108.61.229.202:5060
109.73.207.39:443
142.93.251.139:3225
142.93.251.139:3388
142.93.251.139:4188
142.93.251.139:6325
149.28.17.188:8443
151.236.16.144:64250
151.236.16.20:45871
151.236.16.20:52395
151.236.16.242:12818
162.252.173.253:5619
162.33.177.12:443
162.33.179.99:1433
172.96.137.108:6663
185.143.220.126:8080
185.229.9.27:465
185.245.107.14:443
190.211.254.7:38040
190.211.254.7:8081
193.0.178.196:443
193.169.228.19:10000
195.49.25.226:443
195.82.146.13:21
206.72.200.109:8443
209.38.155.61:1433
209.97.146.219:1433
209.97.146.219:443
209.97.146.219:5060
23.227.198.199:8081
23.227.198.237:13937
23.227.198.237:26348
31.220.80.82:8081
37.77.104.150:443
46.243.7.173:8080
46.243.7.173:8443
5.255.106.12:3389
52.24.182.51:64438
54.183.176.59:30534
54.252.152.91:7443
62.210.28.199:443
62.210.28.199:8443
64.52.80.103:3544
64.95.11.150:28080
81.177.223.222:45427
85.235.151.5:8080
85.239.54.183:7833
85.239.54.99:3783
86.106.87.158:26935
88.212.241.105:993
91.199.137.26:8080
91.245.255.27:8443
94.198.40.6:20025
94.198.40.6:20028

# Reference: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/
# Reference: https://github.com/eset/malware-ioc/tree/master/ransomhub

149.154.158.222:33031
92.243.64.200:6991

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2025-05-04)

http://216.238.83.84
104.200.73.83:748
108.181.0.228:7443
154.18.239.10:8080
162.216.112.124:8088
176.34.84.216:443
195.167.27.182:443
195.201.169.56:8080
217.61.60.69:443
34.16.57.191:443
38.134.148.175:443
38.54.27.119:8443
64.176.220.177:1433
64.176.220.177:443
64.176.220.177:5060
81.19.141.47:8443
93.183.93.208:8443
162-33-179-116.cprapid.com
as-fall.quarantine-pnap-vlan51.web-hosting.com
ec2-13-215-227-78.ap-southeast-1.compute.amazonaws.com
ec2-13-215-228-73.ap-southeast-1.compute.amazonaws.com
ec2-13-59-168-154.us-east-2.compute.amazonaws.com
ec2-3-76-100-131.eu-central-1.compute.amazonaws.com
ec2-34-207-174-202.compute-1.amazonaws.com
ec2-34-219-121-232.us-west-2.compute.amazonaws.com
ec2-54-193-91-232.us-west-1.compute.amazonaws.com
ip54.ip-162-19-175.eu
rob-135.mailempower.com
static.117.166.109.65.clients.your-server.de

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-06-14)

http://5.183.95.52
104.200.73.83:556
119.3.166.133:18443
128.199.7.255:443
139.162.1.232:8443
15.237.93.235:443
151.236.16.111:724
152.53.242.51:8443
156.244.28.230:8443
162.220.14.204:8443
162.33.179.99:443
170.64.148.46:443
18.142.54.122:443
185.158.249.231:8080
195.206.234.15:443
216.219.95.87:8008
23.227.199.37:6443
35.246.117.158:443
45.135.180.38:8443
45.95.175.213:443
49.232.6.238:443
64.190.113.215:443
70.34.213.29:443
74.50.85.27:53
81.19.141.47:443
83.217.223.34:8080
83.217.223.34:8443
91.219.150.100:8098
94.198.40.6:20024
94.198.40.6:20033
95.142.45.249:443
95.169.180.105:8443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2025-07-13)

107.161.154.18:8080
107.161.154.83:8080
136.243.148.42:636
151.236.16.111:556
154.205.145.243:8443
154.93.37.96:8443
159.65.233.1:443
172.235.52.85:8080
172.235.52.85:8443
18.144.17.191:443
192.153.57.17:6441
194.48.142.120:8443
194.5.212.164:8080
195.206.234.15:1433
195.206.234.38:443
45.77.122.146:8443
45.77.122.146:9443
54.219.186.229:443
81.19.141.47:9443
85.239.54.109:443
94.198.40.6:20007
95.142.45.249:636
95.163.158.71:8080
95.163.158.71:993

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-07-26)

http://216.238.83.34
31.45.231.174:9443
5.79.96.117:8081
67.217.228.190:1433

# Reference: https://threatfox.abuse.ch/browse/malware/win.bianlian/ (# 2025-09-04)

http://103.199.155.2
http://18.142.251.65
http://85.120.81.84
129.212.180.89:443
162.33.179.148:443
172.190.147.123:8443
178.128.25.174:443
18.143.195.26:443
185.22.154.73:443
193.235.146.184:443
197.162.208.113:8888
216.238.83.34:443
216.238.83.34:8081
44.196.152.102:443
67.217.228.190:10443
68.168.222.6:8443
74.50.88.4:8080
80.97.160.206:443
89.110.126.139:443
89.35.131.62:443

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-10-05)

http://147.45.143.187
http://46.30.190.85
195.206.234.39:443
223.108.168.163:6008
45.152.85.15:8443
85.122.120.89:789
90.156.225.238:443
94.198.40.6:20045
95.163.158.71:443
