# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: billgates, gates, setag, ganiw # Reference: https://otx.alienvault.com/pulse/560c150e67db8c47d4ce2b14/ mou521.f3322.org say.f322.net # Reference: https://otx.alienvault.com/pulse/55cb66f24637f20b6e54ab88/ liunx.200jh.com # Reference: https://otx.alienvault.com/pulse/557b7ca6b45ff5450f63f4f5/ wuzu520.com # Reference: https://twitter.com/michalmalik/status/1143879771878830080 auth.to0ls.com 111.90.140.35:80 # Reference: https://twitter.com/michalmalik/status/1143887109599748097 vpn.to0ls.com 115.231.218.64:8226 # Reference: https://www.virustotal.com/gui/file/4b5f1e8d5e804ca7d52a9d58e5bfc0626e912a3a0c89545cf057a65fdb31b119/behavior oa.to0ls.com # Reference: https://www.virustotal.com/gui/domain/to0ls.com/detection to0ls.com # Reference: https://otx.alienvault.com/pulse/5d37185951ea5a026c813388 aduidc.xyz # Reference: https://twitter.com/m00zh33/status/855714481757855744 # Reference: https://www.virustotal.com/gui/file/f2ea3350868cc02969c73777faf7ada5d988528ed4fbd9f72c8a8aa7bd56b705/detection 115.231.218.64:13864 # Reference: https://www.virustotal.com/gui/file/87f56f8ef4379adeff48e059d6ee9dce0891457f6fb21c6baadd426ce617ce32/detection 119.10.151.120:36000 # Reference: https://www.virustotal.com/gui/file/79f58ac03859146971c7299b0b52db54b92428d4303b206433ab3c853b1e27b1/detection 216.58.203.46:2221 216.58.203.46:6001 wysps.cn # Reference: https://www.virustotal.com/gui/file/912625884c6239cf6a81fb9309b79fbd7f85fb9176797b5548779cb551f9e1c9/detection 103.59.113.150:2021 jkx3.com # Reference: https://www.virustotal.com/gui/file/54e12d4c510e50fa0a615ca98355fda23a3dc4e3a5fb5bf24a4cf105475f635a/detection 103.45.147.37:8080 103.59.113.150:8899 # Reference: https://www.virustotal.com/gui/file/11c898566e20d41510dded64bcc305b89f765a89ca520c3d3e34c4e2f07b20f8/detection 114.118.98.185:8081 # Reference: https://www.virustotal.com/gui/file/062d1ba24ade9b04bb1acb272950c323b07fc86d7c99b9173ea15e8fd82ea754/detection 91.195.240.82:8080 autumn.f3322.com # Reference: https://www.virustotal.com/gui/file/414e092e5d9683fb40824db7571f9b1c6fd954fb620c89c5ee44a6b29fb9ef6f/detection 103.45.174.24:4570 # Reference: https://www.virustotal.com/gui/file/08d3ba9d45ef8a5ceac9786498083263809c84005283ed6ec82b51ec8d6478d6/detection 193.218.38.152:2019 # Reference: https://www.virustotal.com/gui/file/df5e62cc034557cdc18bf7588bcc0ff4fc5a2b0e15a8ee8f93b7b0e0a838c347/detection 45.158.21.91:8080 # Reference: https://www.virustotal.com/gui/file/640f5e05ea64ab85f0892cffd212e0b123dbcfc0b2e636cf825caa673528c9da/detection 152.136.255.75:8000 152.136.255.75:8080 # Reference: https://www.virustotal.com/gui/file/ece2e79c764df03afef7dcc0916ce1573d806d2d38074e63d744300506f6da27/detection 103.59.113.150:8000 # Reference: https://www.virustotal.com/gui/file/b63c638840c7182497a5667076a89d2838398e92c7cbf064f4de71e95b246526/detection 62.234.147.170:2020 # Reference: https://www.virustotal.com/gui/file/e83e40c09a86bd40f6abc5dd0c65b001c190c9db4cdd827e98928db10de87e05/detection 103.59.113.150:52 # Reference: https://www.virustotal.com/gui/file/193b05153d594ea6e37d4666e4de85d13a90532ee5bb02e3b650acb9cffc5129/detection 41.216.178.180:6666 # Reference: https://blog.netlab.360.com/ten-families-of-malicious-samples-are-spreading-using-the-log4j2-vulnerability-now/ # Reference: https://www.virustotal.com/gui/file/7950f0401d3b740f0a03216ecc01cf46a1c92ec0bdae9ab02abb7f1388e7e181/detection # Reference: https://www.virustotal.com/gui/file/b81363c91b8085e4d4b43fa21821687e557f3a602d35d36b8c156cec23a7212f/detection # Reference: https://www.virustotal.com/gui/file/8413eeee489f2a1e7f29e2f11769cbd2f1460c5866c5433b7c2e8b361d7d76a0/detection # Reference: https://www.virustotal.com/gui/file/94c0fae038b4224f6b51f85efe46d6f42fda03543b14774dc1f36a21cb080ab0/detection http://155.94.154.170 154.82.110.5:1234 154.204.58.11:1314 155.94.178.138:1314 155.94.178.138:25004 300gsyn.it 7cfa.win # Reference: https://threatfox.abuse.ch/ioc/275380/ 154.82.110.5:25009 # Reference: https://www.virustotal.com/gui/file/1356f128ed0c2db167784d148518c59771304b067969703fa23bc223e6b04d6c/detection shenhaozhe.com # Reference: https://elfdigest.com/brief/3a987e4972535a9e992253dce168e0499d8b6dfc6e4e19cc8be6153397668967 vnc8.com # Reference: https://www.virustotal.com/gui/file/958767cb0a166af573d1ecfea5085d682aac96d65ed2bac2e9d470d9e725f8b3/detection 45.195.69.113:9888 a9474796.top # Reference: https://www.virustotal.com/gui/file/55068fdd7ce83867fa7ff23dc2d16241fbd3832016374fc255e416eb6541e958/detection 156.96.155.233:145 # Reference: https://twitter.com/banthisguy9349/status/1780546149918589090 # Reference: https://www.virustotal.com/gui/ip-address/198.98.56.144/relations # Reference: https://www.virustotal.com/gui/file/d8d522f2f72de16a235c17b6d32bad930d2a21a8c2664a76880c9b4b53ec1b58/detection # Reference: https://www.virustotal.com/gui/file/cfaaf70ca32d5ff133378cc0cfdc0cd5f27d91abf6853404df57208a8a7d3de4/detection # Reference: https://www.virustotal.com/gui/file/b43f51ff2d22190de7506715402aa89521a55d2a24f15044103dfe6fb2cb860c/detection # Reference: https://www.virustotal.com/gui/file/74657f37833f2575615c578fd5a2493a324a74502086da04038620c5fc2006de/detection # Reference: https://www.virustotal.com/gui/file/036a2f04ab56b5e7098c7d866eb21307011b812f126793159be1c853a6a54796/detection # Reference: https://www.virustotal.com/gui/file/3182d6f81e0230ddc26cccaf6bfe52286fa06e2e3481c68ab8f9f97853ea812e/detection http://198.98.56.144 103.144.245.249:520 154.12.83.150:6001 198.98.56.144:10105 198.98.56.144:13142 198.98.56.144:25000 198.98.56.144:6001 02maill.com xsvi.cc cve.02maill.com ddos.xsvi.cc syn.02maill.com syn.xsvi.cc xiaokkk.02maill.com # Reference: https://twitter.com/banthisguy9349/status/1785929217038815723 # Reference: https://urlhaus.abuse.ch/host/209.141.36.242/ # Reference: https://www.virustotal.com/gui/file/8c3af7feeaf76b8d3af15b19856ea5b73a336572bb6d08d891403d75d29a9eb7/detection http://209.141.36.242 154.91.82.185:6001 209.141.36.242:25000 # Reference: https://www.virustotal.com/gui/file/8f935a0559e1508daeacc7cd2a19d39b19b7f42281176e691c4f2907d68bedc0/detection 3.10.0.190:6 3.128.69.167:6 44.224.41.160:6 # Generic trails /ddos2.4 /ddos32-64 /syn25000 /udp25000