#
# dyndns_ponmocup
#
# ipv4 hash:ip ipset
#
# [DynDNS.org] 
# (http://security-research.dyndns.org/pub/malware-feeds/) 
# Ponmocup. The malware powering the botnet has been around 
# since 2006 and it’s known under various names, including 
# Ponmocup, Vundo, Virtumonde, Milicenso and Swisyn. It has 
# been used for ad fraud, data theft and downloading 
# additional threats to infected systems. Ponmocup is one of 
# the largest currently active and, with nine consecutive 
# years, also one of the longest running, but it is rarely 
# noticed as the operators take care to keep it operating 
# under the radar.
#
# Maintainer      : DynDNS.org
# Maintainer URL  : http://security-research.dyndns.org/pub/malware-feeds/
# List source URL : http://security-research.dyndns.org/pub/malware-feeds/ponmocup-infected-domains-shadowserver.csv
# Source File Date: Sun Aug 21 19:28:07 UTC 2022
#
# Category        : malware
# Version         : 1439
#
# This File Date  : Sun Aug 21 19:40:30 UTC 2022
# Update Frequency: 1 day 
# Aggregation     : none
# Entries         : 50 unique IPs
#
# Full list analysis, including geolocation map, history,
# retention policy, overlaps with other lists, etc.
# available at:
#
#  http://iplists.firehol.org/?ipset=dyndns_ponmocup
#
# Generated by FireHOL's update-ipsets.sh
# Processed with FireHOL's iprange
#
3.18.7.81
3.19.116.195
3.130.204.160
18.119.154.66
46.30.213.87
52.86.6.113
54.153.111.129
54.209.32.212
62.149.140.104
63.247.141.235
64.70.19.52
66.96.149.32
67.20.112.11
69.12.64.226
69.61.26.162
69.90.25.210
72.172.132.43
74.208.236.193
74.208.236.248
77.92.75.4
77.105.36.251
79.124.76.10
82.118.24.217
85.13.140.101
87.98.239.19
89.221.250.12
94.130.190.96
94.152.142.140
95.142.65.77
136.243.80.165
144.76.45.43
157.7.144.5
160.153.95.7
162.255.166.188
173.209.47.104
173.254.30.178
184.168.113.105
192.99.161.26
199.67.250.59
200.170.151.200
201.182.97.35
203.174.34.49
206.188.193.120
208.113.213.71
213.186.33.18
213.186.33.19
217.76.132.246
217.160.0.152
217.160.0.225
217.160.0.240