# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: haneymaney, SmartApeSG

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-04-v10432/1011

amazonascash.com
christopherchabannes.com
onlinecasinopinup.xyz
profille-cex-io.com
raloco.com
s127581-statspixel.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-05-v10433/1014

fablane.com
residencialcasabrasileira.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-09-v10435/1022

antiqueglossary.com
configuratorpro.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-10-v10436/1024

eastrenclouds.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-11-v10437/1028

gnavigatio.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-16-v10442/1045

arauas.com
gamefllix.com

# Reference: https://threatfox.abuse.ch/ioc/1191897/

implacavelvideos.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-23-v10446/1060

implacavelvideos.com
kgscrew.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-27-v10450/1073

cubicalwave.com
defeatdiseasewithdata.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-30-v10452/1080

cinaprofilm.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-11-02-v10456/1090

farmexpressmachine.com
pdfinfinity.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-11-06-v10458/1095

addisonlynch.com
andreeasasser.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-11-09-v10462/1107

cwgmanagementllc.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-11-14-v10465/1122

ilokod.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-11-14-v10465/1122
# Reference: https://www.virustotal.com/gui/file/95dc40efbe0248508644a24d661f815a83d95616dc78fbfeb389c9f43b36743d/detection

louisianaworkingdogs.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-11-20-v10469/1139

forumsecrets.com
gpksanfrancisco.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-11-28-v10474/1167

informativosatelital.com
nelubelei.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-11-30-v10476/1172

paradoxmarine.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-12-07-v10481/1190

jokergame1.com
perfilcovid.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-12-26-v10493/1234
# Reference: https://www.virustotal.com/gui/file/436e62fb9aacb2e384afd06ee8afbaa83aa152059361089caa7853b508bac212/detection

onlinesavingsjournal.com
polatliems.com
proexbit.com
proximaideia.com
realestateagentnorfolkvirginia.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2023-12-29-v10496/1248

ratingsentry.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-01-02-v10497/1255

jennifergalvin.com
jesusanaya.com
kineticwing.com
plannedtomatoes.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-01-08-v10501/1266

arkadyevna.com
boxtechcompany.com
choosetotruck.com
electricnico.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-01-10-v10503/1274

lazittarl.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-01-11-v10505/1278

mariateresacalderon.com

# Reference: https://threatfox.abuse.ch/browse/tag/SmartApeSG/ (# 2024-01-15)

phinetik.com
scorelineupdate.com

# Reference: https://threatfox.abuse.ch/browse/tag/SmartApeSG/ (# 2024-01-23)

188.127.224.127:443
188.127.224.145:443
188.127.224.160:443
188.127.224.199:443
188.127.225.84:443
5.181.156.45:443
appboltonik.com
suezey.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-01-24-v10513/1319

climosfevelt.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-01-31-v10520/1343

gigeconomycase.com
pngairservices.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-02-01-v10521/1348

cdn3-jquery.info
telotrace.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-02-05-v10524/1357

mysticselect.com
oemmasters.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-02-12-v10530/1373

casinovipclubs.com
grantallardserver.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-02-26-v10540/1411

aljannatquranteach.com
bbsupplyandsalon.com
betsmovepiyango47.com
bigcuda.com
eduvationgroup.com
eoskinec.com
ezwhatsappp.com
growcalm.com
grupodistribuidora.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-02-29-v10543/1423

africanbeatmaker.com
aiifolrida.com
amarod.com
auburnartwalk.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-02-22-v10538/1399

machineryideas.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-03-04-v10544/1431

briefscala.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-03-18-v10554/1469

7commbeta.com
ausgov.pro
edulokam.com
ezshipsy.com
worldofmantas.com

# Reference: https://twitter.com/ValidinLLC/status/1773355013948993727

chumnouyka.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-03-25-v10559/1507

jsluna.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-04-01-v10564/1522

arquivisticalocal.com
discovus.com
mtlaikins.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-04-02-v10565/1524

ahryssa.com
elmworldacademy.com
foradopicadeiro.com
techyureka.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-04-08-v10570/1548

fairfurryfriends.com

# Reference: https://threatfox.abuse.ch/browse/tag/SmartApeSG/ (# 2024-04-11)

185.216.70.123:443
5.181.156.5:443
ads-quantum.com
advanceddataenterprise.com
ahryssa.com
aljannatquranteach.com
arquivisticalocal.com
bbsupplyandsalon.com
bestopgoespink.com
bigcuda.com
briefscala.com
digestlivepro.com
discovus.com
edulokam.com
emonteiroadm.com
ezshipsy.com
fairfurryfriends.com
gitkonus.com
infineitsolutions.com
jsluna.com
machineryideas.com
mtlaikins.com
worldofmantas.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-04-15-v10575/1568

bid2cart.com
carlaweishale.com
hlktradecenter.com
jhansgansowen.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-04-16-v10576/1571

barhell.com
betvanced.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-04-22-v10580/1587

gnoticiasimparciais.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-04-29-v10585/1603

nanoderecho.com
pixelread.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-05-06-v10590/1615

firsho.com
geronimooficial.com
thecookoutcaterer.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-05-07-v10591/1617

libidotechnexus.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-05-17-v10598/1649

chezfur.com
osiria-agency.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-05-29-v10605/1672

079zain.com
1kt8j.com
burdurpastane.com
lilygovert91.top

# Reference: https://x.com/Threat_Down/status/1800919313798537505
# Reference: https://x.com/banthisguy9349/status/1808866680300249587

/cdn-vs/22per.php
/cdn-vs/33per.php

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-06-21-v10624/1751/1

intensedefense300.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-06-24-v10626/1760

bynx.store
messageflowpro.com
myoptimasunlab.com
onecapitalresidences.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-11-v10643/1813

daslkjfhi2.xyz
luxurycaborental.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-23-v10651/1840

2n8rd3zz1.top
coaching-the-boss.com
darchrif.com
knoxvillevideoproductions.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-17-v10647/1826

oakgrovetraining.com
shawns-landscaping.com
wilderglamour.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-18-v10648/1828

magaanthem.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-06-25-v10627/1764

aetherial.store
bochka-keitaro.space
buatywear.store
chemsentinel.com
eyesstore.store
jonmesserartwork.com
trollsburninginhell.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-25-v10653/1848

hhic.top
imc1.top

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-26-v10654/1853

canroura.com
nijanse.com
megasena777.top
novidadesfresquinhas.online

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-29-v10655/1856

astronomicspace.com
c08d.top
saxymiss.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-30-v10656/1858

megabahis664.com
saratu.com
velellablue.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-31-v10657/1862

myanswerpronto.com

# Reference: https://x.com/CyberRaiju/status/1821486680290861521
# Reference: https://x.com/CyberRaiju/status/1821486689186922844
# Reference: https://www.virustotal.com/gui/ip-address/195.2.73.149/relations
# Reference: https://www.virustotal.com/gui/ip-address/23.227.194.182/relations

2n8rd3zz1.top
3hhr8h2hx.top
4phloans.com
christmasxdecor.com
prokopiouefthalia-ltd.site

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-08-05-v10659/1875

didsit.com
funnypots.com
settisourchampion.site
writeindia.com

# Reference: https://threatfox.abuse.ch/browse/tag/SmartApeSG/ (# 2024-08-11)

10xshares.com
24f1989.com
adobefallshomes.com
aestheticainteriors.com
alphawatchrmf.com
andiandnoah.com
architecture-interior.com
barelytherejewels.com
beautyservicenearme.com
beetrootculture.com
berrebyre.com
boka-rem.com
bookmycooks.com
busbookingjbg.com
coffeecrumbs.com
cuponerachilanga.com
daveiz.top
denaumtz.com
dfwreds.com
dinets.best
elbied.com
elvesofiax.com
eternosrelojeria.com
faseries.com
feckwear.com
firstaischool.com
fulfillityourself.com
gamestockxchange.com
ghostcitygames.com
go8et.lol
hamaraneta.com
helloehoes.com
helpcenter.cyou
hippieblissprovising.com
icarusairlines.com
jaipurstylo.com
jimissupercool.com
jurassicworldtheexhibition.com
k1gkl25as.top
kingofdolomites.com
lindarealtytulum.com
loloalexander.com
lucabet68.online
mamajekisrecording.com
mansaentertainment.com
marcborowy.com
myclubpicks.com
newmarketofficecleaning.com
nilselsholz.com
onesmartiptv.com
osgnhr9zv.top
pdd888167.top
pelicanbcnsolutions.com
penisowners.com
performanscore.com
pixelbase.com
propertyclosings.com
ranconimports.com
redsquardhack.com
ripnoticebook.com
rvandccc.com
santapubcrawlchattanooga.com
sherwoodhomeshow.com
svif-venezuela.com
tempesolarcompany.com
theonelartist.com
upstatesunflowerfestival.com
veniam-veritatis.site
vfxfilmschool.com
womendonotdothat.com
ycva887.top
zp3mvmzab.top

# Reference: https://threatfox.abuse.ch/browse/tag/SmartApeSG/ (# 2024-08-18)

belvedereparkway.site
bet89on.store
boylegmfg.com
carnivalsale.com
estafetaofj.top
gxsicmj3l.top
kirklareliliste.cfd
legderlivesapp.online
tlymxvx.top

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-08-19-v10669/1904

localdominationsystems.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-08-21-v10671/1910

aweland.store
iprotosample.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-08-23-v10673/1914

elmipardaz.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-08-26-v10674/1918

birddogerc.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-08-27-v10675/1920

financialinvestmentsgrp.com

# Reference: https://x.com/Max_Mal_/status/1831063028508565836

securityassociationgoa.com

# Reference: https://x.com/silentpush_labs/status/1831716500597809506
# Reference: https://www.virustotal.com/gui/file/0dc3a40e9f726f18e3ebac92ee5944d9c12b2ee71252f2b711434c3628877ca1/detection

genifyart.com
howtocleanseptictank.com
villasara974.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-08-30-v10678/1926

sofinefitness.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-08-29-v10677/1924

rentyrooms.com

# Reference: https://threatfox.abuse.ch/browse/malware/js.fakeupdates/ (# 2024-09-09)

http://103.25.61.30
http://104.161.32.84
http://128.254.207.82
http://146.19.254.43
http://147.45.47.87
http://147.45.68.67
http://147.45.78.168
http://147.45.78.74
http://162.252.175.197
http://162.33.177.118
http://166.1.173.27
http://185.158.251.240
http://185.217.197.52
http://193.26.115.181
http://193.26.115.80
http://212.129.36.157
http://213.252.232.161
http://217.195.153.158
http://23.137.253.76
http://23.92.208.54
http://23.95.182.33
http://31.207.37.227
http://37.128.207.92
http://45.128.232.135
http://45.59.170.27
http://45.66.248.122
http://45.88.186.159
http://54.145.152.164
http://77.221.149.184
http://77.83.199.148
http://81.94.150.21
http://86.124.171.111
http://88.119.175.92
http://89.208.107.232
103.25.61.30:443
104.161.32.84:443
109.120.133.115:443
128.254.207.82:443
135.148.153.89:443
140.82.12.6:443
141.8.193.79:443
141.8.198.223:443
142.202.240.61:443
146.19.254.43:443
147.45.125.182:443
147.45.68.67:443
147.45.78.168:443
147.45.79.91:443
147.78.47.83:443
154.29.75.236:443
158.160.11.208:443
158.160.14.246:443
158.160.167.238:443
158.160.169.50:443
158.160.171.112:443
162.252.175.117:443
162.252.175.197:443
162.252.175.98:443
166.1.173.27:443
170.75.170.7:443
173.211.81.11:443
173.44.141.131:443
173.44.141.244:443
179.60.147.91:443
179.60.147.94:443
185.158.251.240:443
185.251.91.214:443
185.251.91.91:443
185.68.93.221:443
185.68.93.9:443
188.68.221.152:443
193.106.175.140:443
193.124.22.107:443
193.124.41.246:443
193.222.62.236:443
193.26.115.181:443
193.26.115.80:443
199.250.194.144:443
206.206.123.249:443
212.113.120.69:443
213.226.112.82:443
213.252.232.161:443
23.137.253.76:443
23.92.208.54:443
23.95.182.12:443
23.95.182.29:443
23.95.182.33:443
31.184.253.65:443
31.41.44.109:443
31.41.44.97:443
31.44.4.118:443
37.128.207.92:443
45.128.232.135:443
45.130.201.28:443
45.143.94.2:443
45.59.170.27:443
45.66.248.122:443
45.88.186.159:443
45.88.186.194:443
5.101.50.209:443
5.180.154.53:443
5.188.88.177:443
5.188.88.20:443
5.188.88.218:443
5.53.125.205:443
50.114.177.189:443
50.114.37.52:443
54.145.152.164:443
65.21.119.50:443
77.221.149.184:443
77.83.199.148:443
80.249.144.188:443
80.249.146.170:443
81.94.150.21:443
83.69.236.128:443
83.69.236.143:443
84.38.181.66:443
84.38.182.16:443
84.38.182.217:443
87.228.19.162:443
87.251.79.15:443
89.23.110.52:443
91.212.166.21:443
92.63.176.42:443
94.241.168.240:443
0777arsy.000webhostapp.com
1storiginal.com
7-dots.com
a-onevacuums.com
abrito.wecreateyou.pt
aclarilari.com
ade.tw
africa.thesmalladventureguide.com
aitcaid.com
allall94.com
allpillowsmatter.com
altcoin-cryptocurrency-trading-platform.what-todo.com
alyamama78.000webhostapp.com
anfal.com.pk
annybrenn.com
appercity.com
archiwummuzeumziemizbaszynskiej.zck.org.pl
aridient.com
ashleypuerner.com
assinatura-digital-segura.com
assuredtreecare.com.au
asterism.co.nz
atlanticbeachrealty.com
autojaro.sk
awakentoyoga.com
awlandsafaris.com
balangabriel.com
bankbates.com
battological-envelo.000webhostapp.com
bellejamaica.com
benefits.melanatedbloodlinesrestoration.com
bericht.es
bhawpals.000webhostapp.com
blog.learningpie.in
blog.qrstaff.in
bp8k4k.serveravatartmp.com
bretagne-balades.com
cactusgroupwebtest.com
cafeespeciales.com
cafemocha.thehostmandu.com
camarascomunitarias.live
car.hapeye.net
cartwheels.000webhostapp.com
ccfg-conakry.org
cdnjscloudforced.com
chequeado.com
chhimi.com
chrome.freegeneratorai.com
coccal-pocket.000webhostapp.com
collar.agrcwv.org
comingoutcovenant.com
computerteknik.000webhostapp.com
comunidadfit.com
congregacionkoinonia.000webhostapp.com
connect.p2p-secure.org
crossco.semseo3.beget.tech
cvts.rut.digital
cxosnextgen.com
danieltravels.net
darskhososy.com
demo1.itaoda.com
demo21.itaoda.com
demo3.itaoda.com
demo31.itaoda.com
demo40.itaoda.com
demo46.itaoda.com
demo5.itaoda.com
demo56.itaoda.com
denhamlawoffice.com
dental.simptomi.rs
dev.edades-west.make.technology
dovuzu3rz.top
dreclass.com
drmadhurao.com
drsohrabi.net
druck.7uptheme.net
e-tirechains.com
e2sky.com
ec2-175-41-161-53.ap-southeast-1.compute.amazonaws.com
employee1.1ummah.org.au
emvision.com.my
english.cabrerallamas.com
fans.smalladventureguide.com
fbstapes.ru
femza.org.ar
filisfoodtruck.com
firdesktop.000webhostapp.com
firstpresbyterianpaulding.com
florquedafulgor.000webhostapp.com
flynews.us
folioasia.com
formulario1.frontec.cl
frightyserver.org
ganharcomblog.com
garage.the-namers.com
georgiaprivateinvestigations.com
germanclics.com
giorja.com
giraganaceuti.compradondevives.es
go4clinic.000webhostapp.com
greyspartners.com
gtaonlinestore.000webhostapp.com
hamza738.000webhostapp.com
hlcelms-new.herminahospitals.com
idt.builderallwppro.com
incachespace.com
inno.obec.go.th
insureafrica.co.za
interplast.com
ipva2024-detransp.com
iscrizione.handmadecampania.it
ixiapartner.com
jac.b-a.group
jenniferhallasi652005.000webhostapp.com
jkagri.com
job-test.ifrigate.ru
jrun.com.hk
jswebcloud.net
kineticrockburgers.com
kwik.tn
latinate-matters.000webhostapp.com
lawconsult.pe
legrainparis.fr
leoapexphoto.com
lisbonvinylcutters.com
lkk.collection.aixpirts.com
lms.tonalismo.com
lonuestrogsm.000webhostapp.com
matesonthemove.org
medisur-rgl.com.ar
menucore.com
mercadochubut.gob.ar
merelio.000webhostapp.com
mobile.wisechoicesupplements.ph
mondalhardware.com
moneymoj.com
moveterramogi.000webhostapp.com
mozila.freegeneratorai.com
mytrucknow.volomoso.com
nano.anygreaterways.tech
nctest.syndicatedcapitalgh.com
ndas8m92.lol
ndas8m92.shop
netzheft.frnrw.de
new.mullicatownship.org
new.usmortgage.com
nidaagroup.net
nikesoccerbootoutletol.com
nimbroeducation.000webhostapp.com
noels.be
noonanwaste.com
noticiaseh.com.ar
oldbrooklynbrewingcompany.com
opera.freegeneratorai.com
optifitme.com
paperbound-bulk.000webhostapp.com
peeriosity.com
pharmahome.ae
phpsearch.com
plazanorte.pe
point.readytocheckline.com
poivyzeaa.top
progeturepublica.net
proxyknow.com
psafetysolutions.com
queimaxofc.com
rashidaljabrigroup.com
regaloscaos.es.ht
relacion.traxxcp.com.au
rossanalabs.com
roughdiamond.jp
sakarealestate.co.uk
sanicorpec.com
savemuch.000webhostapp.com
sentry-cxso.onrender.com
servicebasix.com
serwis-impacto.pl
shrachirealty.com
sosiologi.fisip.unpad.ac.id
soundsend.com
southasianfitness.com
staging.aspectuw.com.au
staging.secuodsoft.com
start.readytocheckline.com
sticky.oystergardening.name
store.powermatic.co.th
student-voice.com
student.simplelifestrategies.com
sustaincharlotte.org
swedenborgian-gangw.000webhostapp.com
swiftflicks.com
szerviz.microstore.hu
takartboutique.com
talk2rami.com
tcmtecnologia.com
teamvedika.com
test.bigbeautifulbuys.com
theapplefix.com
thegardengasteiz.com
theonerealsolution.com
thesantacon.com
timelineconstructions.com
tneacounseling.com
tobaccoturk.com
track.dioslogistics.com
trialstaging.trialrun.us
tsc.signalovernoise.co.uk
uat.zeroowatch.com
uhappyevents.com
v775136o.beget.tech
ventasdetodoloqueseteocurra.com
version.urban-truth.com
vselectrics.gr
vud.register.arpsychotherapy.com
w3qualitytime.com
wanimation.com
wheelsonthedanforth.ca
wordpresscommunities.com
wp.korinek.link
wynton45.com
xbaseweb.com
xinyizhou0310.com
ybc77.000webhostapp.com
ygbrandmaker.000webhostapp.com
youlovesports.com
yourchoiceplumbers.com.au
yrinvinsible.com
yshrirambook.online
zado-shoes.com

# Reference: https://x.com/silentpush_labs/status/1835797849478447240

whizability.com

# Reference: https://www.virustotal.com/gui/file/da9d3b086392fc07f53942da35ebd1e739c63f7682f902b45c3dee03646168da/detection

/cdn-vs/data.php
/cdn-vs/download.php

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-09-25-v10703/2006

roadrunnersell.com

# Reference: https://x.com/DaveLikesMalwre/status/1841030772091994495
# Reference: https://app.validin.com/detail?type=ip&find=193.42.38.131#tab=resolutions

indoprimitiveart.com
paperbearsweets.com

# Generic

/cache/ewmrgqnaww.php
/ewmrgqnaww.php
