# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: redtail

# Reference: https://x.com/banthisguy9349/status/1837039110889832699
# Reference: https://www.akamai.com/blog/security-research/2024-redtail-cryptominer-pan-os-cve-exploit
# Reference: https://www.virustotal.com/gui/file/de96a56c5508bb69c20f171a141263ebed92823eb3249dccb9db1ff350b37b31/detection

http://154.216.18.19
http://94.156.177.109
185.216.70.138:2137
193.222.96.163:2137
78.153.140.51:2137

# Reference: https://twitter.com/sicehice/status/1782173520006365560
# Reference: https://www.virustotal.com/gui/file/015a5025ba2d3a419165d506f399cef408fb611427debe725a76b44a482c7f24/detection

94.156.79.60:2137
94.156.79.60:43782
identitynetwork.top
proxies.identitynetwork.top
srv.identitynetwork.top

# Reference: https://twitter.com/sicehice/status/1763739244541919656
# Reference: https://www.virustotal.com/gui/file/298edc45b70b1548df2c1293ba3938376778e34cd7b91dbd8ad939c5ef10c111/detection
# Reference: https://www.virustotal.com/gui/file/f61b55a58f227a057c71d5b0d76d6288f8861278d10be8a4bee7d7ddf81b82da/detection

http://185.216.70.138

# Reference: https://x.com/banthisguy9349/status/1837039751548792886
# Reference: https://urlhaus.abuse.ch/browse/tag/redtail (# 2024-09-20)

http://194.59.31.163
http://45.14.226.13
http://93.123.39.157

# Reference: https://x.com/banthisguy9349/status/1853879859732181019

http://103.69.238.48
http://104.108.92.93
http://104.121.31.190
http://104.209.135.153
http://104.252.74.31
http://104.95.246.49
http://106.14.215.97
http://106.153.81.106
http://107.158.235.122
http://107.163.108.34
http://107.174.43.241
http://109.106.241.28
http://109.123.64.40
http://111.254.141.39
http://112.175.249.92
http://112.74.100.65
http://115.111.76.2
http://118.214.69.19
http://120.50.141.91
http://121.83.217.246
http://124.218.220.241
http://128.199.219.27
http://128.199.6.236
http://13.113.144.176
http://13.127.162.169
http://13.224.211.198
http://13.69.182.231
http://13.73.103.128
http://130.211.219.39
http://130.61.98.129
http://134.68.53.15
http://137.184.213.83
http://145.239.81.47
http://147.135.166.192
http://15.235.9.239
http://150.136.220.99
http://152.199.34.150
http://154.195.201.106
http://154.216.16.40
http://154.216.17.30
http://154.216.18.136
http://154.216.18.19
http://154.216.19.227
http://154.216.19.57
http://154.216.19.60
http://154.216.20.102
http://154.216.20.216
http://154.216.20.97
http://154.56.54.229
http://154.92.92.252
http://156.232.163.170
http://156.234.115.156
http://156.241.108.185
http://157.167.105.162
http://157.7.132.160
http://158.69.67.88
http://159.69.248.193
http://160.121.77.119
http://162.240.42.10
http://162.241.149.254
http://162.241.229.166
http://164.215.103.47
http://164.92.178.113
http://167.154.10.174
http://167.235.246.190
http://167.99.244.88
http://169.61.172.49
http://171.13.92.162
http://173.184.68.232
http://174.138.181.249
http://175.247.187.89
http://176.9.202.53
http://18.136.151.187
http://18.136.38.29
http://18.155.189.235
http://18.160.216.176
http://18.164.79.143
http://18.176.244.244
http://18.179.50.104
http://18.190.88.82
http://183.107.154.211
http://184.56.105.58
http://185.172.128.93
http://185.196.10.231
http://185.66.250.13
http://186.5.203.27
http://186.6.206.22
http://187.212.211.9
http://192.141.168.10
http://192.158.27.67
http://194.59.30.110
http://195.133.247.202
http://195.49.128.73
http://198.143.134.42
http://199.247.3.182
http://2.22.168.15
http://2.22.38.17
http://20.105.104.36
http://20.19.98.204
http://20.22.158.52
http://206.1.69.46
http://206.233.190.121
http://209.163.194.112
http://209.181.103.208
http://209.205.113.58
http://210.129.8.131
http://211.86.60.99
http://213.135.180.61
http://217.160.108.116
http://217.92.66.151
http://221.158.56.96
http://23.197.154.93
http://23.198.184.29
http://23.198.35.45
http://23.203.77.222
http://23.211.156.47
http://23.211.171.105
http://23.219.96.176
http://23.23.56.1
http://23.248.220.106
http://23.38.81.61
http://23.40.227.242
http://23.44.78.123
http://23.47.89.200
http://23.51.85.66
http://23.61.39.211
http://23.67.66.12
http://23.75.16.136
http://23.94.238.95
http://3.110.91.52
http://3.164.170.133
http://3.222.230.132
http://3.223.149.187
http://3.6.10.178
http://3.67.164.100
http://34.124.246.195
http://34.160.220.63
http://34.243.61.47
http://34.36.128.81
http://35.182.224.137
http://37.17.229.195
http://38.148.234.97
http://38.55.215.131
http://4.156.237.61
http://43.200.140.234
http://43.249.92.166
http://44.203.173.205
http://44.227.7.18
http://45.14.226.13
http://45.141.100.59
http://45.55.124.172
http://45.93.139.147
http://47.102.225.20
http://49.248.175.170
http://5.182.211.150
http://5.78.98.21
http://50.77.86.157
http://51.161.108.165
http://51.210.242.152
http://52.20.54.1
http://52.216.216.172
http://52.84.155.54
http://54.161.24.225
http://54.215.170.96
http://54.95.188.80
http://62.129.231.110
http://62.154.241.230
http://64.6.247.230
http://65.1.154.155
http://71.43.179.26
http://77.87.193.136
http://77.90.55.84
http://79.255.252.227
http://8.149.143.101
http://84.199.237.184
http://85.31.236.108
http://85.31.240.146
http://85.91.44.143
http://86.48.21.91
http://86.61.130.100
http://87.100.9.22
http://87.120.117.92
http://89.234.156.56
http://89.28.98.228
http://89.40.0.43
http://91.194.55.94
http://91.207.137.222
http://93.114.234.100
http://94.156.177.109
http://94.228.133.166
http://95.58.241.30
http://98.98.154.51
http://99.84.163.69
