#Feed Generated by Nantou County Education Network Center https[:]//abuse[.]ntct[.]edu[.]tw/outbound.txt
#Time range: 2026-05-04 14:00:01 CST to 2026-05-11 14:00:01 CST (7 days)
#Generated at: 2026-05-11 14:00:01 CST (Total execution time: 1.90 seconds)
101.32.110.253 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
101.37.36.149 # ETPRO MOBILE_MALWARE Trojan.Android.Apptrack.flinok CnC Beacon | Malware Command and Control Activity Detected
101.47.137.118 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
103.215.77.17 # ET MALWARE Win32/ProcessKiller CnC Initialization M1 | A Network Trojan was detected
104.21.34.154 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
107.154.81.204 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
114.114.114.114 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
117.89.250.246 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
119.29.29.29 # ET MALWARE BPFDoor ICMP Echo Request with X: (Outbound) | A Network Trojan was detected
119.8.176.171 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
121.229.107.182 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
121.237.177.9 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
123.240.92.7 # ET MALWARE Palevo/BFBot/Mariposa client join attempt | A Network Trojan was detected
124.108.137.219 # ET MALWARE BPFDoor ICMP Echo Request with X: (Outbound) | A Network Trojan was detected
124.223.147.188 # ET MALWARE Zeus POST Request to CnC - URL agnostic | Malware Command and Control Activity Detected
129.226.3.42 # ET MALWARE Zeus POST Request to CnC - URL agnostic | Malware Command and Control Activity Detected
13.248.169.48 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
134.65.77.131 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
140.121.130.58 # ET MALWARE BPFDoor ICMP Echo Request with X: (Outbound) | A Network Trojan was detected
142.250.196.196 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
142.251.170.192 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
143.92.48.145 # ET MALWARE Winos4.0 Framework CnC Login Message | Malware Command and Control Activity Detected
147.136.172.159 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
149.28.245.11 # ETPRO MALWARE Observed FakeUpdate Domain in TLS SNI | A Network Trojan was detected
152.89.234.225 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
154.44.28.105 # ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | Malware Command and Control Activity Detected
16.146.170.195 # ETPRO MALWARE Linopid HTTP CnC Beacon | Malware Command and Control Activity Detected
160.251.150.105 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
162.244.34.11 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
162.244.34.4 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
162.244.34.42 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
162.244.34.43 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
163.181.243.174 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
163.181.243.175 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
163.181.243.177 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
163.181.243.184 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
163.181.243.186 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
17.253.115.131 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.115.132 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.115.134 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.115.135 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.115.202 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.117.201 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.117.202 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.117.203 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.117.204 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.118.201 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.118.202 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.131 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.132 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.133 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.135 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.136 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.137 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.138 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.139 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.140 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.141 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.142 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.143 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.144 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.146 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.148 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.149 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.150 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.151 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.152 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.61.154 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.195 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.196 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.197 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.198 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.199 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.200 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.201 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.202 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.203 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.204 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.205 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.206 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.207 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.69.208 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.131 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.133 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.134 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.135 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.136 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.137 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.138 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.140 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.141 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.142 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.143 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.144 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.145 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.146 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.147 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.148 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.149 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.150 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.151 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.71.152 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.75.134 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.133 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.135 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.136 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.137 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.138 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.141 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.142 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.201 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.203 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
17.253.85.205 # ETPRO MALWARE GET in ICMP Payload - Likely Covert Channel | A Network Trojan was detected
173.194.174.192 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
175.12.90.35 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
178.249.213.82 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
18.178.171.1 # ETPRO MALWARE SNEAKYFISH SSL Client Hello | A Network Trojan was detected
185.162.128.91 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.162.128.94 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.162.130.21 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.162.130.221 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.162.130.26 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.162.130.27 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.162.130.28 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.162.130.8 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.223.94.75 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
185.223.94.98 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
192.169.122.171 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
192.169.122.176 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
207.166.165.246 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
210.243.166.93 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
212.129.33.59 # ET MALWARE PeerBlight BitTorrent DHT CnC Checkin | A Network Trojan was detected
216.239.38.120 # ET MALWARE BPFDoor ICMP Echo Request with X: (Outbound) | A Network Trojan was detected
218.211.24.11 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
218.211.24.19 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
3.33.245.139 # ETPRO MALWARE Win32/Bayrob Checkin | Malware Command and Control Activity Detected
34.210.118.145 # ETPRO MALWARE Linopid HTTP CnC Beacon | Malware Command and Control Activity Detected
35.166.183.168 # ETPRO MALWARE Linopid HTTP CnC Beacon | Malware Command and Control Activity Detected
35.83.177.70 # ETPRO MALWARE Linopid HTTP CnC Beacon | Malware Command and Control Activity Detected
39.105.240.30 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
43.109.111.180 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
43.109.111.182 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
43.155.124.34 # ET MALWARE Zeus POST Request to CnC - URL agnostic | Malware Command and Control Activity Detected
43.173.75.177 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
43.212.139.111 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
43.213.166.250 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
45.32.121.11 # ETPRO MALWARE Win32/KillAV.PJ Updating | A Network Trojan was detected
45.56.90.99 # ET MALWARE Generic Dropper Installing PUP 1 | A Network Trojan was detected
47.246.38.174 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
47.246.38.175 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
47.246.38.176 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
47.246.38.177 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
47.246.38.178 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
47.246.38.181 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
47.246.38.219 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
47.246.38.220 # ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile | Potentially Bad Traffic
47.74.251.46 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
52.192.225.140 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
52.198.52.84 # ETPRO MALWARE SNEAKYFISH SSL Client Hello | A Network Trojan was detected
52.32.100.153 # ETPRO MALWARE Linopid HTTP CnC Beacon | Malware Command and Control Activity Detected
52.82.99.20 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
54.149.194.50 # ETPRO MALWARE Linopid HTTP CnC Beacon | Malware Command and Control Activity Detected
54.186.63.108 # ETPRO MALWARE Linopid HTTP CnC Beacon | Malware Command and Control Activity Detected
60.205.166.139 # ETPRO MALWARE Android/Spy.Banker.BDB Domain | Domain Observed Used for C2 Detected
61.216.106.199 # ETPRO MALWARE RamblePoint User-Agent Observed | Malware Command and Control Activity Detected
61.216.149.80 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
61.218.159.54 # ETPRO MALWARE Win32/Bayrob Checkin | Malware Command and Control Activity Detected
61.219.188.44 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
61.61.69.13 # ET MALWARE PikaBot User-Agent Observed | A Network Trojan was detected
67.215.246.10 # ET MALWARE PeerBlight BitTorrent DHT CnC Checkin | A Network Trojan was detected
67.23.25.123 # ETPRO MALWARE W32/Zemot.A Checkin | Malware Command and Control Activity Detected
74.125.203.192 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
74.125.23.192 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
82.221.103.244 # ET MALWARE PeerBlight BitTorrent DHT CnC Checkin | A Network Trojan was detected
84.17.37.1 # ET MALWARE upStage Proxy Heartbeat | A Network Trojan was detected
87.120.107.33 # ET MALWARE Arechclient2 Backdoor/SecTopRAT Related Activity M2 (GET) | A Network Trojan was detected
87.98.162.88 # ET MALWARE PeerBlight BitTorrent DHT CnC Checkin | A Network Trojan was detected
89.222.107.166 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
89.222.107.247 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
93.186.249.152 # ETPRO MALWARE W32/Zemot.A Checkin | Malware Command and Control Activity Detected
95.173.204.33 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
95.173.204.44 # ET MALWARE Possible ToneShell CnC Checkin M2 | A Network Trojan was detected
95.179.124.78 # ET MALWARE PeerBlight BitTorrent DHT CnC Checkin | A Network Trojan was detected
98.98.61.107 # ET MALWARE Possible NanoCore C2 60B | Malware Command and Control Activity Detected