# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Win32/Emotet#tab=2
# Reference: http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Spammer:Win32/Cetsiol.A#tab=2
# Reference: http://www.securityhome.eu/malware/malware.php?mal_id=1193064972549a82b0400072.08119525

ajeyftrjqeashgda.mobi
bardubar.com
cryspellingslaveseducation.eu
distrbilko.pw
labamito.ru
likesomessfortelr.eu
mail.ps4hacked.es
naimjax.ru
qwuyegasd3edarq6yu.org
thehappylattersforallpeopleoftheworld.eu
usportrock.ru
www6067ug.sakura.ne.jp

# Reference: https://pastebin.com/csipUv2z

http://regionsnews.net/OEqhU8Lg5
http://barcounterstools.info/gwzel4FlN0
http://latemia.com.br/obrqY699Rj
http://bestofcareer.com/clwPPAOykd
http://reelcreations.ie/KAqmCDJk
http://seaweldci.com/ADR
http://seilanithih.com.kh/Rfg0JO1
http://sunflowerschoolandcollege.com/ibb/papkaa17/OWFktY
http://dealtimer.com/AsIn9
http://abujarealproperties.com/fl
http://zippyrooter.com/lvUg6HFdC
http://puntoyaparteseguros.com/B9P3zyHmix
http://fastinternet.net.au/WDnndUN
http://mebel-m.com.ua/HuvTFu8
http://tomas.datanom.fi/testlab/YHMLRXJ
http://aliu-rdc.org/QwWKYJxM
http://2idiotsandnobusinessplan.com/wC7
http://7naturalessences.com/DFaSvtrS
http://hostmktar.com/mP
http://benimdunyamkres.com/v0vig1G1
http://alpharockgroup.com/HT
http://adminflex.dk/l5TF6w
http://gailong.net/X5AyWfJG
http://shunji.org/logsite/TJaaB
http://binar48.ru/OtTlVIU5
http://tonda.us/nK8Gqwgp8
http://acejapan.net/gTFikCcVIF
http://www.finspangonline.se/qpSw0SD
http://yazilimextra.com/jHQNAQVM9
http://tpms.net.pl/gXJTQL6qMO
http://ysd63.com/xw0jDX
http://exclusiv-residence.ro/IuWn6
http://leizerstamp.ir/zqiQcpE
http://firstchoicetrucks.net/kCV0l
http://olsenelectric.com/zVz4iwC

# Reference: https://www.malware-traffic-analysis.net/2018/08/16/index2.html

theeunload.website
mykeeptake.xyz

# Reference: https://www.virustotal.com/#/domain/bizercise.top

bizercise.top

# Reference: https://blog.talosintelligence.com/2019/03/threat-roundup-for-mar-01-to-mar-08.html (Doc.Downloader.Emotet-6878774-0)

uka.me
woelf.in

# Reference: https://twitter.com/Cryptolaemus1/status/1113429409946644480
# Reference: https://pastebin.com/raw/DZd2628u

192.186.96.125:8080
83.110.216.26:8443
189.159.103.149:8080
200.126.225.56:8080
189.190.169.221:7080
104.236.135.119:8080
162.243.125.212:8080
217.13.106.160:7080
5.230.147.179:8080
64.13.225.150:8080
94.76.200.114:8080
212.122.71.196:995
174.93.130.148:8443
181.92.117.141:993
133.242.156.30:7080
91.92.191.134:8080
63.77.201.245:443
69.198.17.7:8080
181.39.51.243:993
27.130.153.101:53
187.189.195.208:8443
174.106.108.31:80
60.49.36.149:50000
70.57.82.196:80
62.75.187.192:8080
95.128.43.213:8080
73.217.113.111:80
87.106.139.101:8080
211.63.71.72:8080
173.255.250.241:443
190.161.186.116:80
178.62.37.188:443
175.100.138.82:22
201.220.152.101:80
208.78.100.202:8080
167.114.210.191:8080
204.184.25.150:143
184.22.6.124:7080
45.33.49.124:443
201.152.34.208:995
85.104.59.244:20
103.12.133.7:8080
203.210.237.200:993
87.106.210.123:80
45.123.3.54:443
173.255.196.209:8080
138.201.140.110:8080
78.186.5.109:443
105.101.6.219:8080
186.4.234.27:443
83.222.124.62:8080
187.198.57.250:7080
147.135.210.39:8080
24.63.218.229:80
50.31.0.160:8080
67.205.149.117:443

# Reference: https://twitter.com/makflwana/status/1085118389633175555

87.207.58.148:20

# Reference: https://twitter.com/pollo290987/status/1114007607352725504

103.12.133.7:8080
104.2.2.153:8080
104.236.135.119:8080
104.236.24.85:443
105.101.6.219:8080
105.225.191.133:80
106.51.237.174:50000
109.104.79.48:8080
109.73.52.242:8080
110.169.107.239:443
114.79.191.12:20
115.254.91.178:7080
115.74.214.134:443
120.63.130.239:465
125.99.106.225:80
133.242.156.30:7080
136.49.87.106:80
138.201.140.110:8080
138.68.139.199:443
139.59.19.157:80
144.76.117.247:8080
147.135.210.39:8080
154.120.228.126:8080
162.243.125.212:8080
165.227.213.173:8080
167.114.210.191:8080
171.101.196.138:80
173.255.196.209:8080
173.255.250.241:443
174.106.108.31:80
174.93.130.148:8443
175.100.138.82:22
176.58.93.123:8080
178.62.37.188:443
179.8.124.11:443
181.118.101.22:8080
181.15.177.100:443
181.16.4.180:80
181.170.252.83:80
181.170.93.38:8080
181.39.51.243:993
181.44.231.127:443
181.56.165.97:53
181.92.117.141:993
182.176.184.81:22
183.82.1.142:7080
184.160.113.4:993
184.22.6.124:7080
184.95.192.237:80
185.191.177.79:143
185.86.148.222:8080
186.139.160.193:8080
186.4.234.27:443
187.153.103.175:443
187.189.195.208:8443
187.189.210.143:80
187.198.57.250:7080
187.228.144.250:143
187.234.36.129:8443
188.51.153.187:993
189.148.145.183:50000
189.150.218.69:8080
189.156.223.10:20
189.159.103.149:8080
189.186.208.24:8443
189.190.169.221:7080
189.208.239.98:443
189.222.167.65:20
189.252.110.239:443
189.252.15.206:443
190.0.32.206:8080
190.104.229.114:8090
190.117.206.153:443
190.117.82.103:443
190.128.26.2:80
190.146.86.180:443
190.15.198.47:80
190.161.186.116:80
190.18.153.249:80
190.18.219.56:443
190.185.241.151:443
190.186.70.146:21
190.230.219.95:20
190.35.109.41:990
190.36.237.47:8443
190.96.118.53:443
190.97.219.241:80
192.155.90.90:7080
192.163.199.254:8080
192.186.96.125:8080
192.228.158.238:443
197.248.67.226:8080
197.88.12.80:53
200.114.142.40:8080
200.125.190.126:8080
200.126.225.56:8080
201.110.165.146:8443
201.138.11.223:8080
201.146.85.239:22
201.152.34.208:995
201.152.64.25:20
201.165.102.49:443
201.170.241.239:8080
201.220.152.101:80
201.236.95.82:80
201.239.154.191:443
201.97.91.217:443
203.210.237.200:993
204.138.46.166:7080
204.184.25.150:143
208.180.246.147:80
208.78.100.202:8080
209.159.244.240:443
210.2.86.72:8080
211.105.238.226:80
211.63.71.72:8080
212.122.71.196:995
212.31.106.90:22
216.221.73.45:443
217.13.106.160:7080
217.165.84.16:7080
217.165.84.98:20
219.94.254.93:8080
23.254.203.51:8080
24.137.254.148:80
24.63.218.229:80
2.50.4.159:443
27.130.153.101:53
37.209.252.121:80
41.227.243.107:80
41.71.19.150:80
43.229.62.186:8080
45.123.3.54:443
45.33.49.124:443
47.202.17.6:80
50.250.136.225:80
50.31.0.160:8080
51.255.50.164:8080
5.230.147.179:8080
5.9.128.163:8080
59.91.30.53:443
60.49.36.149:50000
61.2.56.167:80
62.75.143.100:7080
62.75.187.192:8080
63.77.201.245:443
64.13.225.150:8080
66.115.90.48:80
66.209.69.165:443
67.205.149.117:443
67.206.210.18:80
67.241.81.253:8443
68.191.37.107:80
69.163.33.82:8080
69.198.17.7:8080
70.184.8.94:80
70.57.82.196:80
71.11.157.249:80
72.47.248.48:8080
73.217.113.111:80
74.36.4.206:80
78.186.5.109:443
80.82.62.9:443
81.134.59.36:8080
81.22.137.186:8080
82.226.163.9:80
82.73.220.225:80
83.110.216.26:8443
83.110.80.67:22
83.222.124.62:8080
85.104.184.242:8080
85.104.59.244:20
87.106.139.101:8080
87.106.210.123:80
88.254.240.194:80
89.188.124.145:443
89.211.193.18:80
91.205.215.57:7080
91.92.191.134:8080
92.154.101.154:50000
92.48.118.27:8080
94.250.55.138:443
94.76.200.114:8080
95.128.43.213:8080
95.42.189.34:443
96.64.191.13:80
99.243.127.236:80

# Reference: https://twitter.com/ozuma5119/status/1123474884221382656

http://117.196.47.110/teapot/badge/ringin/merge/

# Reference: https://twitter.com/ozuma5119/status/1127619333444730886

tamsuamy.com
66.84.11.168:8080

# Reference: https://twitter.com/P3pperP0tts/status/1135976656751996928

142.4.198.249:7080
162.243.125.212:8080
170.150.11.245:8080

# Reference: https://twitter.com/bry_campbell/status/1164689134012833792
# Reference: https://pastebin.com/raw/7Kq2e1ik

104.131.11.150:8080
104.131.208.175:8080
104.236.151.95:7080
142.93.88.16:443
144.139.247.220:80
159.89.179.87:7080
162.144.119.216:8080
162.243.125.212:8080
170.150.11.245:8080
176.31.200.130:8080
177.242.214.30:80
187.163.180.243:22
195.242.117.231:8080
216.98.148.156:8080
217.13.106.160:7080
31.12.67.62:7080
45.123.3.54:443
45.32.158.232:7080
46.101.142.115:8080
46.105.131.69:443
64.13.225.150:8080
69.45.19.145:8080
70.32.84.74:8080
75.127.14.170:8080
91.83.93.103:7080

# Reference: https://www.virustotal.com/gui/file/09007a7ee335c0556b4a519596b589f55a0451ac540d5bbfd009f58bd9cdeb69/detection
# Reference: https://app.any.run/tasks/f78c73cb-c3b2-4ea1-a50e-187a3545eb57/

176.113.82.144:443
realty4rent.hk

# Reference: https://app.any.run/tasks/1c298a26-6a84-425f-bc1e-d37438a3ef58/

/guids/xian/ringin/

# Reference: https://twitter.com/MalwareBlueTeam/status/1171447070307188738
# Reference: https://app.any.run/tasks/ad2a8ad2-884e-4971-93bb-628305633af7/

cwbsa.org
greatvacationgiveaways.com
ulukantasarim.com

# Reference: https://twitter.com/JAMESWT_MHT/status/1173526753308020736
# Reference: https://app.any.run/tasks/d488ee5e-8fac-47b1-b60c-56a6e39dbd89/

179.24.118.93:990
190.55.39.215:80
190.55.86.138:8443
/ringin/usbccid/

# Reference: https://twitter.com/reecdeep/status/1173858862467883008

179.12.170.88:8080
/ringin/merge/

# Reference: https://twitter.com/Paladin3161/status/1173758599442468864

alldc.pw
dentalsearchsolutions.com
dywanypers.pl
keqiang.pro
playasrivieramaya.com

# Reference: https://twitter.com/SethKingHi/status/1173825828053872641

139.59.242.76:8080
149.202.153.251:8080
159.69.211.211:7080
181.230.126.152:8090
190.13.146.47:443
190.92.103.7:80
192.241.175.184:8080
203.150.19.63:443
216.154.222.52:7080
69.164.216.124:8080
93.78.205.196:443

# Reference: https://twitter.com/killamjr/status/1173960346572378112

59055.cn
larissalinhares.com.br
robotechcity.com
toptarotist.nl
xinlou.info

# Reference: https://twitter.com/lazyactivist192/status/1173983779981012994
# Reference: https://pastebin.com/ya09DEzC

103.97.95.218:143
104.131.11.150:8080
104.236.246.93:8080
109.104.79.48:8080
109.169.86.13:8080
117.197.124.36:443
123.168.4.66:22
136.243.177.26:8080
138.201.140.110:8080
138.68.106.4:7080
142.44.162.209:8080
144.139.247.220:80
149.202.153.252:8080
149.62.173.247:8080
151.80.142.33:80
159.203.204.126:8080
159.65.241.220:8080
159.65.25.128:8080
162.243.125.212:8080
169.239.182.217:8080
173.212.203.26:8080
175.100.138.82:22
177.246.193.139:20
178.254.6.27:7080
178.62.37.188:443
178.79.161.166:443
178.79.163.131:8080
179.32.19.219:22
179.62.18.56:443
181.143.53.227:21
181.188.149.134:80
181.36.42.205:443
181.81.143.108:80
182.176.106.43:995
182.176.132.213:8090
182.76.6.2:8080
183.82.97.25:80
183.87.87.73:80
185.129.92.210:7080
185.86.148.222:8080
185.94.252.13:443
186.4.172.5:443
186.4.172.5:8080
186.4.194.153:993
186.83.133.253:8080
187.155.233.46:443
187.188.166.192:80
188.166.253.46:8080
189.209.217.49:80
190.1.37.125:443
190.117.206.153:443
190.145.67.134:8090
190.186.203.55:80
190.19.42.131:80
190.200.64.180:7080
190.221.50.210:8080
190.226.44.20:21
190.230.60.129:80
190.53.135.159:21
198.199.106.229:8080
198.199.88.162:8080
200.21.90.6:8080
200.57.102.71:8443
200.58.171.51:80
201.163.74.202:443
201.212.57.109:80
201.250.11.236:50000
203.25.159.3:8080
206.189.98.125:8080
211.63.71.72:8080
212.71.234.16:8080
217.113.27.158:443
217.160.182.191:8080
217.199.175.216:8080
222.214.218.192:8080
23.92.22.225:7080
31.12.67.62:7080
31.172.240.91:8080
37.157.194.134:443
37.208.39.59:7080
41.220.119.246:80
45.123.3.54:443
45.33.49.124:443
46.105.131.87:80
46.21.105.59:8080
46.29.183.211:8080
5.196.35.138:7080
5.77.13.70:80
59.152.93.46:443
62.210.142.58:8080
62.75.143.100:7080
62.75.187.192:8080
64.13.225.150:8080
75.127.14.170:8080
77.245.101.134:8080
77.55.211.77:8080
78.188.105.159:21
78.24.219.147:8080
79.127.57.42:80
79.143.182.254:8080
80.85.87.122:8080
81.169.140.14:443
85.104.59.244:20
86.42.166.147:80
86.98.25.30:53
87.106.136.232:8080
87.106.139.101:8080
87.230.19.21:8080
88.156.97.210:80
88.250.223.190:8080
89.188.124.145:443
91.205.215.57:7080
91.205.215.66:8080
91.83.93.103:7080
91.83.93.124:7080
91.92.191.134:8080
92.222.125.16:7080
92.222.216.44:8080
94.205.247.10:80
95.128.43.213:8080

# Reference: https://blog.malwarebytes.com/botnets/2019/09/emotet-malspam-campaign-uses-snowdens-new-book-as-lure/
# Reference: https://otx.alienvault.com/pulse/5d8a324eb4ec65a6ab67f511

62.75.171.248:7080
cia.com.py

# Reference: https://twitter.com/reecdeep/status/1179310971761901570
# Reference: https://pastebin.com/stDdCGt8

80.240.141.141:7080
/child/free/ringin/

# Reference: https://www.virustotal.com/gui/file/985c26006ec5b38ff8c77239ccd33f1019918282c4cb50e541a58bcf8267d7bd/detection

67.225.229.55:8080

# Reference: https://paste.cryptolaemus.com/emotet/2019/09/26/emotet-malware-IoCs_09-26-19.html

109.104.79.48:8080
109.169.86.13:8080
114.79.134.129:443
119.159.150.176:443
119.59.124.163:8080
119.92.51.40:8080
123.168.4.66:22
138.68.106.4:7080
139.5.237.27:443
149.62.173.247:8080
151.80.142.33:80
159.203.204.126:8080
170.84.133.72:7080
170.84.133.72:8443
178.249.187.151:8080
178.79.163.131:8080
179.62.18.56:443
181.123.0.125:80
181.167.53.209:80
181.188.149.134:80
181.230.212.74:80
181.36.42.205:443
183.82.97.25:80
184.69.214.94:20
185.187.198.10:8080
185.86.148.222:8080
186.0.95.172:80
186.83.133.253:8080
187.155.233.46:443
187.188.166.192:80
187.199.158.226:443
187.199.158.226:7080
187.235.239.214:8080
189.166.68.89:443
189.187.141.15:50000
190.1.37.125:443
190.104.253.234:990
190.117.206.153:443
190.158.19.141:80
190.200.64.180:7080
190.221.50.210:8080
190.230.60.129:80
190.230.60.129:8080
190.38.14.52:80
200.21.90.6:8080
200.57.102.71:8443
200.58.171.51:80
201.163.74.202:443
201.184.65.229:80
201.214.74.71:80
203.25.159.3:8080
211.229.116.97:80
212.71.237.140:8080
217.113.27.158:443
217.199.160.224:8080
217.199.175.216:8080
23.92.22.225:7080
46.163.144.228:80
46.21.105.59:8080
46.28.111.142:7080
46.29.183.211:8080
46.41.134.46:8080
46.41.151.103:8080
5.196.35.138:7080
5.77.13.70:80
50.28.51.143:8080
51.15.8.192:8080
62.75.143.100:7080
62.75.160.178:8080
71.244.60.230:7080
71.244.60.231:7080
77.245.101.134:8080
77.55.211.77:8080
79.143.182.254:8080
80.240.141.141:7080
80.85.87.122:8080
81.169.140.14:443
86.42.166.147:80
87.106.77.40:7080
88.250.223.190:8080
89.188.124.145:443
91.205.215.57:7080
91.83.93.124:7080
66.228.32.31:443
198.50.170.27:8080
216.98.148.157:8080
101.187.237.217:20
103.255.150.84:80
103.97.95.218:143
104.131.11.150:8080
104.236.246.93:8080
119.15.153.237:80
136.243.177.26:8080
138.201.140.110:8080
142.44.162.209:8080
144.139.247.220:80
149.167.86.174:990
149.202.153.252:8080
159.65.25.128:8080
162.144.47.94:7080
169.239.182.217:8080
173.212.203.26:8080
177.246.193.139:20
178.254.6.27:7080
178.79.161.166:443
179.32.19.219:22
180.183.112.185:21
181.143.194.138:443
181.143.53.227:21
182.176.106.43:995
182.176.132.213:8090
182.76.6.2:8080
185.142.236.163:443
185.94.252.13:443
186.4.172.5:443
186.4.172.5:8080
186.75.241.230:80
187.144.189.58:50000
188.166.253.46:8080
189.209.217.49:80
190.106.97.230:443
190.108.228.48:990
190.145.67.134:8090
190.18.146.70:80
190.186.203.55:80
190.211.207.11:443
190.226.44.20:21
190.228.72.244:53
190.53.135.159:21
199.19.237.192:80
200.21.90.6:80
200.71.148.138:8080
201.251.43.69:8080
206.189.98.125:8080
211.63.71.72:8080
212.129.24.82:8080
212.71.234.16:8080
217.145.83.44:80
217.160.182.191:8080
222.214.218.192:8080
24.51.106.145:21
27.147.163.188:8080
31.12.67.62:7080
31.172.240.91:8080
37.157.194.134:443
41.220.119.246:80
45.123.3.54:443
45.33.49.124:443
46.105.131.87:80
47.41.213.2:22
5.196.74.210:8080
62.75.187.192:8080
63.142.253.122:8080
77.237.248.136:8080
78.188.105.159:21
78.24.219.147:8080
80.11.163.139:21
80.11.163.139:443
83.136.245.190:8080
85.104.59.244:20
85.106.1.166:50000
86.98.25.30:53
87.106.136.232:8080
87.106.139.101:8080
87.230.19.21:8080
88.156.97.210:80
88.247.163.44:80
91.205.215.66:8080
92.222.125.16:7080
92.222.216.44:8080
94.205.247.10:80
95.128.43.213:8080
46.105.131.69:443
176.31.200.130:8080
104.131.58.132:8080
108.179.216.46:8080
110.36.234.146:80
113.52.135.33:7080
115.88.70.226:7080
125.99.61.162:7080
138.197.140.163:8080
139.59.242.76:8080
143.95.101.72:8080
148.240.52.172:80
152.170.220.95:80
162.214.27.219:7080
162.241.232.82:8080
176.58.93.123:80
178.249.187.150:7080
179.62.18.56:443
181.113.229.139:990
181.165.150.211:143
181.230.126.152:8090
181.55.171.237:8080
186.10.16.244:53
186.117.174.26:80
186.29.155.101:50000
186.93.167.147:443
190.117.206.153:443
190.13.146.47:443
190.55.39.215:80
190.55.86.138:8443
190.92.103.7:80
190.96.118.15:443
194.50.163.106:8080
197.211.244.6:443
200.114.134.8:20
201.244.125.210:995
203.150.19.63:443
216.154.222.52:7080
216.70.88.55:8080
41.60.202.26:22
45.33.1.161:8080
46.32.229.152:8080
5.189.148.98:8080
51.38.134.203:8080
70.45.30.28:80
78.109.34.178:443
83.169.33.157:8080
93.78.205.196:443
94.177.253.126:80
178.32.255.133:443
198.46.150.196:7080

# Reference: https://paste.cryptolaemus.com/emotet/2019/09/26/emotet-malware-IoCs_09-26-19.html

tamariaclinic.com/blog/po22/
a3infra.com/config.charge/92/
www.kairod.com/4rvg/fg19/
www.weifanhao.com/wp-admin/mm6zz6158/
aladilauto.com/wp-admin/o273wu4/
marchekit.com/wp-admin/oaxj1/
matteogiovanetti.com/wp-admin/264/
fntc-test.xcesslogic.com/wp-content/3b7s9209/
m.alahmads.com/wordpress/h5ut582/
ejob.magnusideas.com/cgi-bin/i5834/
otc-manila.com/wp-admin/q2zht7567/
www.mti.shipindia.com/wp-admin/css/21nd31328/
www.wisdomabc.com/css/wm8fu9190/
reportingnew.xyz/wordpress/3f0880/
metaphysicalhub.com/bkp_08092019/9nvo876799/
gg4.devs-group.com/amdcwdp/YPRqWcJFaE/
tlbplanning.org/wp-admin/KqrBgDoSq/
eternalsea.cn/qfpka0q/tPeJNBsE/
banglaay.com/wp-includes/VRVWLAbrjy/
www.shizizmt.com/jr/633mjf4w8_54d4cu-209964833/
aplikasi.bangunrumah-kita.com/b8kee0mj/0m3l_clo7kkcub-76/
altaikawater.com/wp-admin/4jh8s_sxm6m3eec-441/
antoinegimenez.com/css/hUgHbaEf/
auto-moto-ecole-vauban.fr/wp-admin/ww42_lwln3c-1236328628/
avant2017.amsi-formations.com/prog/skzHGQddV/
cheaptrainticket.cogbiz-infotech.com/cgi-bin/9vsx4g6l_p5x29co-43731795/
gsfcloud.com/fir/qx88b0qgfq_tdpfmobexf-881829012/
fabiogutierrez.com.br/loja/bEZYtLkJGj/
gruasasuservicio.com/cgi-bin/YdFmLIEsIB/
itf.palemiya.com/wp-includes/IIswblOCV/
moda.9l.pl/calendar/HugncgqxUR/
sweetmagazine.org/wp-admin/z0jxuhjao_n6me674y8i-3862/
precisieving.com/wp-admin/db090yl5_bwwmv-86392/
ucomechina.com/wp-content/aVMBsBCy/
your-event.es/mailin/OgXcBNiq/
lensakaca21.com/wp-admin/dBfxiIyp/
ithync.net/wp-includes/tyyYyGS/
blog.coopealbaterense.es/wp-admin/dnf3-nl9qg-869655/
lumiinx.eu/inc/prevents/addtosavedlist/nStxFTJB/
lupusvibes.ca/wp-admin/jnmvgio-dsl-6986784805/
cielouvert.fr/syvhqw1/nkch-nzf59az7e-99571/
demo.magerase.co.uk/wp-admin/wKpBbWmF/
www.accountingtoindia.com/fhsao/txsp1-fcy9gfh-11178860/
diawan.club/wordpress/ZnbSfWu/
lelecars.it/wp-admin/khrufjms-sijs5jz1e3-532825/
notiwebs.xyz/wordpress/vBfQVN/
ocstudio.tv/wp-admin/qWhNBtEM/
dulich.goasiatravel.com/wp-admin/mCXZnnARx/
www.hellotech.io/fivestar/vHYxCPeDd/
hospitalitysource.co.uk/test/lohXuP/
mobasara13.zahidulzibon.com/hyi/iGIuWmPa/
munishjindal.com/wp-content/tIZtULuZv/
www.cowabungaindustries.com/cgi-bin/hv3g9x-hkzj-9002618725/
sgiff.com/css/ixuc3k-wus7v022j-4995897081/
thesafeplace.net/wp/AsHrwMT/

# Reference: https://twitter.com/BarryShooshooga/status/1182535664643923968

mayurpai.com
mastersjarvis.com
nyc.rekko.com
lagriffeduweb.com
onickdoorsonline.com

# Reference: https://any.run/report/06f1f3ab993e994fe2b14126c50f009854081f55e52e26d5f0e2a325c5c5280f/e304cf8f-c3e5-4c03-a37d-2eb47266e450

offmaxindia.com

# Reference: https://github.com/silence-is-best/c2db#emotet

69.162.169.173:8080

# Reference: https://twitter.com/D3LabIT/status/1182633589764165640
# Reference: https://app.any.run/tasks/e6e252dc-6a94-4e61-ae21-a581beee5114/
# Reference: https://pastebin.com/zKBnkxqq

http://110.36.234.146
http://191.82.16.60
91.83.93.105:8080
110.36.234.146:80
191.82.16.60:80
91.83.93.105:8080
216.98.148.181:8080
68.183.190.199:8080
190.230.60.129:80
183.82.97.25:80
114.79.134.129:443
89.188.124.145:443
178.79.163.131:8080
76.69.29.42:80
87.106.77.40:7080
178.249.187.151:8080
62.75.143.100:7080
201.163.74.202:443
62.75.160.178:8080
181.188.149.134:80
186.0.95.172:80
217.199.160.224:8080
203.25.159.3:8080
189.160.49.234:8443
190.104.253.234:990
71.244.60.230:7080
159.203.204.126:8080
71.244.60.231:7080
142.93.82.57:8080
46.41.151.103:8080
138.68.106.4:7080
5.1.86.195:8080
149.62.173.247:8080
170.84.133.72:7080
190.230.60.129:8080
190.97.30.167:990
190.85.152.186:8080
200.58.171.51:80
51.15.8.192:8080
190.158.19.141:80
91.83.93.124:7080
139.5.237.27:443
123.168.4.66:22
81.169.140.14:443
187.188.166.192:80
212.71.237.140:8080
186.1.41.111:443
77.245.101.134:8080
181.29.101.13:8080
181.44.166.242:80
185.86.148.222:8080
86.42.166.147:80
190.221.50.210:8080
94.183.71.206:7080
181.36.42.205:443
170.84.133.72:8443
68.183.170.114:8080
79.129.0.173:8080
184.69.214.94:20
189.180.243.255:8080
200.57.102.71:8443
109.104.79.48:8080
185.187.198.10:8080
80.85.87.122:8080
181.143.101.18:8080
119.59.124.163:8080
46.163.144.228:80
50.28.51.143:8080
88.250.223.190:8080
190.38.14.52:80
119.159.150.176:443
5.77.13.70:80
200.51.94.251:143
82.196.15.205:8080
201.199.93.30:443
5.196.35.138:7080
46.28.111.142:7080
125.99.61.162:7080
189.166.68.89:443
151.80.142.33:80
79.143.182.254:8080
119.92.51.40:8080
46.101.212.195:8080
46.29.183.211:8080
91.205.215.57:7080
190.10.194.42:8080
77.55.211.77:8080
109.169.86.13:8080
190.1.37.125:443

# Reference: https://app.any.run/tasks/a30f1cfa-5088-4993-9435-58e2df1791a9/

181.16.17.210:443
chefchaouen360.com
faithmontessorischools.com
japanesepdf.com

# Reference: https://twitter.com/blackorbird/status/1191185536372920320

46.105.131.68:8080

# Generic trails

/ringin/
/meecpy20181/
/xian/
