# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: globalshadow

# Reference: https://x.com/ValidinLLC/status/1801688671671713971
# Reference: https://app.validin.com/detail?find=134.122.189.60&type=ip4#tab=host_pairs_v2

http://134.122.189.57
http://134.122.189.60
http://134.122.189.65
http://147.45.198.139
http://217.144.107.183
http://45.95.174.238
http://46.175.151.47
http://5.42.73.13
http://77.105.160.13
http://91.219.63.91
aolikeji.online
api.taha.devbros.ir
app.cscec.pro
appolonies.com
c3thpm.xyz
cc.dongsongwl.cn
chrome.c3thpm.xyz
cscec.pro
cy.dongsongwl.com
cy13.dongsongwl.com
dongsongwl.cn
dongsongwl.com
fmportal.xyz
fx.hfniansong.com
fx.tianjimedia.xyz
gg.hfniansong.com
gl.dongsongwl.cn
gl1.hfniansong.com
glgg.aolikeji.online
gll.hfniansong.cn
gl3.hfniansong.com
glh.dongsongwl.cn
gup.dongsongwl.cn
guy.dongsongwl.cn
htadmin2006.mpoloniexs.com
htk81959.mpoloniexos.com
investmentcomparing-us.com
jesusslab.com
kff.cscec.pro
laceokoboji.com
m.mpoloniexos.com
mpoloniexos.com
mpoloniexs.com
p.mpoloniexos.com
qq.kwbhuah.cn
seguridad-millenium.com
sg.dongsongwl.cn
sg.hfniansong.com
software.fmportal.xyz
tianjimedia.xyz
ww.dongsongwl.cn

# Reference: https://x.com/raghav127001/status/1808270926439764066
# Reference: https://app.validin.com/detail?find=%3A%3A%22og%3Atitle%22%3A%3A%22Google%20Chrome%20%E2%80%93%20Download%20the%20fast%2C%20secure%20browser%20from%20Google%22&type=raw&ref_id=cad9f5c1fe6#tab=host_pairs_v2

1c-prog.kz
3esolucionesintegrales.com
3smarin.com
69lut.com
7ssolution.com
aalborg-print-skilte.dk
abi.africa
abmsolucionesti.com.ar
accessibleboat.com
adaptersamaison.com
admin.sortstring.com
agayautomobiles.com
agenciam2a.com.br
agrobombas.cl
aguilastalento.com
aircraftbattel.com
aitanavargas.com
akm.opole.pl
alban.fb-graphiklab.com
alivreouvert.fr
allocleo.com
amctech.fr
amr.mwi.solutions
amradvogados.adv.br
analytics.flyinc.de
answers2wealth.com
antz.innoq.com.sg
api.ggecdc.co.id
api.studybuddy.me
apidev.ggecdc.co.id
apiworktask.kokitechgroup.cm
apogee-promotion.fr
app-works.videotop.mycpanel.rs
app.dinkes.purwakartakab.go.id
app.iki-com.com
appdevelopment.es
appypie.hadi-hassan.de
architectsudarshana.com
architectsudarshana.kasumedialabs.com
argan-argan.com
arganargan.com
arka-india.com
artmobile.am
asiafood.sk
asiatriathloncup.com
askopan.com
associazioneiocosi.com
atgcomunicacao.com.br
audaztec.azurewebsites.net
aula-mentor.iberperitus.com
autoescolamarina.com.br
autofficinashop.it
auzou-co-uk.mon.world
auzou.de
b2c.amwear.com
b2svision.com
baanmonjor.com
balancedwellmedical.net
barbara-creations.fr
bardeleconomie.fr
barqueroybonilla.com
barranquillafashionweek.org
basis.sa
battagliasl.ch
bcca-e-learning-campus.com
bdmperu.com
berlin.openideas.com.ar
bikeshopweb.com
bioenergyweb.es
blackly.com.sa
boxposlovi.rs
brikengenharia.com
bsd-security.org
bug.snptechno.com
bumarket.mn
bwfurniture.com
bytecti.com.bytecsolucoes.com.br
cabanasbrisadelmar.com
caffecarissimi.com
caitonthedaily.com
calendar.experiencesikhi.com
campsite.pl
capepress.com.br
carbolux.net
careertown.co.za
carregamento.petrovina.com.br
casino-gitano.berlin
cazafugasespana.com
cbd247.net
cbd247.shop
cbsracingmanuals.nl
celtahass.com
certsignify.com
cescopel.com.br
chaletsdelujosantander.com
championoac.com
chat.niedersachsen-web-radio.net
checkout.dev.deseguidores.com
citolag.com.br
claytonbeck.com
claytonjbeckiii.com
clearview-ci.net
clementguillaumont.fr
cleodor.com
cleodor.de
cmanchenoarquitectos.com
cms.clement-roy.fr
cocoonplace.com
coffeehts.com.br
cogrid.in
cold-home.pl
colegioabo.cl
completa.net
completaacessorios.com.br
completaatacadista.com
comunicascuola.it
construtoraluanova.eng.br
contraloriamunicipaldeheres-bolivar.gob.ve
coopcrecimiento.com
cooperativa.yisraelschool.com
coopmontecristo.com.ar
coordinamentomeridionale.org
cotonwayshop.com
cotonwayshop.de
cotonwayshop.es
coursupremetogo.tg
cowlsupplies.com
cpanel.hobbspump.com
cpcalendars.hobbspump.com
cpcontacts.hobbspump.com
crescerperfil.turbinesocial.com.br
crew.virtualpoaf.pt
crown-z.com
csmprime.com.br
curveballsols.com
dalcar.com.br
darshan.cyber-web.in
database.umzug-logistic.de
decalogopublicidadeinfancia.uy
delightfulflavours.com
delimarepresentacoes.com.br
delphoi.net
demab-gmbh.de
demo.cleodor.com
demo.fnpdigital.ch
des1gny.com
des1gny.de
destiny-tools.com
destinynetwork.net
digitaliza-dos.es
digitel.mx
digixp.eu
dimardistribuidora.com.ar
dnsoriyarom.com
do.amepos.in
dogbin.co.za
donnart.com.br
e7world.com
eagle.tips
eapplicationonline.com
ebc.com.sa
eboutique.ouimums.com
eccehomo.sk
ecoadvnsports.org
ecosunscreen.es
eefd.gr
egalileo.com.ar
elearning800.com
elitebriard.com
elrugidotxapeldun.com
elx-sa.com
ems.auzzietech.com
endomed.kylos.net.pl
energy-and-services.com
energy-transition.id
envirola.com
epicideaslab.com
esembal.es
espacolexus.com.br
estereoprestamo.com
events.dream-corner.com
evolvemarketing.net
example.inosis.id
exposolutions.com.br
facebook.popstudios.com.sv
familiacessel.com.br
farbybranth.pl
femmesparlementairessenegal.com
ferienwohnung-interbieten.de
fitness-style.es
flaksgarten.com
focus-server2.gr
foleysfotos.com
forgeriniartes.com.br
formacion.institutopotencialhumano.com
formation.legrandsoft.com
foto-hirche.de
funakoshi.furendo.co.jp
funandfans.com
fundacionestudiosconcursales.com
futuraaposentadoria.com.br
fyssafety.com
gaekona.com
gaydivorce.co.za
gbv-ge.de
gemkimya.com
genusswirten.at
geohotel.in
ggecdc.co.id
gifts-collectibles.com
gigstop.com
gl-formation.legrandsoft.com
gokbaysigorta.com
gps.snptechno.com
grandes-ecoles.net
granjaencantada.muustackhost.com
granjaencantada.uy
granti.com.br
greengoolds.com
grupoluanova.com.br
gruporu.com.mx
guide-habitat.ibim-vcf.xyz
guliberweb.kstechacademy.com
gustavobertolotto.com
h2h-feelsafe.com
hanomag-al28-technik.de
hastaniizle.com
help.ratehex.com
hemomin.es
hesaka.furendo.co.jp
hi.eliteindigo.com
hialuronycaps.com
home.simpleservicesng.net
homltechpay.bbcvoyage.com
hotcapital.io
hotel-president.com
hotfix.cms.io.auzzietech.com
hq.em-cloud-solutions.de
humanprojectbf.com
hytecflow.com
hzb.com.ar
icdeeh.com
ieqr620.flecksys.com.br
immi-trail.com
incalzireivar.ro 
informaticagranada.com
initialsjobs.com
inovinil.pt
insta.turbinesocial.com.br
insys4.net
iris.citenum.com
isew.energy-transition.id
isew.energytransition.id
islamhouse.info
ithouse.by
iwwamumbai.info
jankaresort.bt
jardindesruches.com
jasikan.ghanadistricts.gov.gh
jcv45.fr
jettbot.online
jinhaihw.com
jmmelektrikerandbygg.se
jordidaa.es
jpkiselavoda.com.mk
jpos.my
k3sdev.com
kam-kar.com
karzyr.fr
kerimaba.com
kerobokanvillas.com
kevlarpro.in
king.bytecsolucoes.com.br
kohinoorproperties.hmiitsolution.co.in
kotaccess.com
kotaccess.fr
kotaccess.net
kotaccess.org
koushikchatterjee.in
krishnapowersolutions.in
kroowat.net
laboratoire-lypord.com
lafabrikdemeaux.fr
laflordevimbodi.com
lahjiri.com
laposte.td
lasento.com
latinlangs.com.br
lauramoragues.es
laurelafarge.com
led-ads.com
legacy.stylewisedirect.com
li334-138.members.linode.com
linepro.biz
lms.direct
lnconstrucoes.com.br
lnincorporadora.com.br
lobosgroup.com
locandaditrasqua.it
loja.turbinesocial.com.br
loneworkersite.com
m1.stylewisedirect.com
macbari.com
madaba-admin.josequal.com
made2measurecovers.com
madeinportugal13.com
maf-creations.fr
maf-elearning.com
magento-246095-983363.cloudwaysapps.com
magneticscooter.fr
mail.aalborg-print-skilte.dk
mail.asiatriathloncup.com
mail.bikeshopweb.com
mail.bwfurniture.com
mail.cabanasbrisadelmar.com
mail.capepress.com.br
mail.championoac.com
mail.coopmontecristo.com.ar
mail.curveballsols.com
mail.drindoliaphysio.com
mail.egalileo.com.ar
mail.elearning800.com
mail.foleysfotos.com
mail.gaydivorce.co.za
mail.ggecdc.co.id
mail.granjaencantada.uy
mail.joomlaadvanced.com
mail.kerobokanvillas.com
mail.krishnapowersolutions.in
mail.laboratoire-lypord.com
mail.lobosgroup.com
mail.maagayatriindustries.com
mail.mobilehomemagazine.org
mail.montecristo.com.ar
mail.mtf.rzv.mybluehost.me
mail.nissiseg.com.br
mail.noonenergy.com.br
mail.oms.eng.br
mail.ruyatoken.net
mail.sc4rzor6192.universe.wf
mail.scf24.de
mail.snbic.com
mail.srideviawasiyavidyapeeth.in
mail.ssa106.com
mail.steelservice.com.br
mail.theyellowchillitustin.com
mail.tyctustin.com
mail817834801.mywebspace.zone
mail838727492.mywebspace.zone
majesticacq.com
malaussane.com
management-fees.com
manager.beautynet.ps
mandmproperty.net
mangaloreorthodontics.com
mangmoom.net
mansexch.bbcvoyage.com
manual-adp.hostingmuu.com
mariagvfx.com
maternus-stube.de
mattheusnevesadvocacia.com.br
mbcsat.com
melsomelanders.de
menusdigitalesqr.es
metawealthinc.com
mg.visionsadv.com
midlandcowl.com
mikronomi.com
misafirhane.org.tr
mmousse.ch
mobilehomemagazine.org
mobilis.net.br
mobiltest-online.de
moda-e.de
moh.innovasolution.net
moha2.at
monel.popstudios.com.sv
montecarlo-adm.com
montecristo.com.ar
motoresquiroz.com
movilcomputer.es
mtf.rzv.mybluehost.me
mypfasystems.com
mysql-admin.legrandsoft.com
mysql-admin2.legrandsoft.com
nabiwang.com
netzcall.com
newjazzmedia.com
newjazzmedia.newjazz.net
newsreelfilms.co.za
newvision-marketresearch.com
ninadesign.ge
nissinsaat.com
nissiseg.com.br
novaesolution.com
novusshield.com
ns1.energytransition.id
ns1.gartenland.kylos.net.pl
ns1.npainclinic.com
ns2.npainclinic.com
oblgaz-nn.ru
odishapublication.com
odpeci.com
oferte.pretul-zilei.ro
old.stroykan.com.ua
olivier-moyson.be
oms.eng.br
oms.net.br
oms.srv.br
onboarding.xpressmeals.com.ng
ontocin.energy-and-services.com
oogiel.top
opsa365.com
orientfood.sk
originalbeef.com.br
paletline.co.rs
panel.zarowkiledowe.com
papeterie-floquet.fr
paradies-design.com
paralegalplace.ca
parrilha.adv.br
pedrasrusticas.com
peliculasmultiaudio.com
petrovina-sistema.jungconnect.com.br
pgoperu.com
pilates-brno.cz
pismo-deda.by
pniasan-stp.org
portal.experiencesikhi.com
portal.fsfx.co.id
postmaster.nabiwang.com
pratibemfeitocursos.com.br
pravniprekladyonline.cz
pro-logos.com.ar
prolec-direct.com
promo.alphapublicidad.com
promptdigitalservices.app
propertycircle.pk
pru.ghanadistricts.gov.gh
psiconalma.es
publikiosk.com
puech-volailles.fr
puppyfrenchies.com
purekineticsnj.com
pwa.legrandsoft.com
qreatas.xsrv.jp
qubitx.co.za
qubitxgroup.co.za
qubitxgroup.com
r2qualis.com.br
raffelpc.de
rampashidraulicas.mx
rebuild.novusshield.com
recharged.lima-city.de
redcreaprints.com.redcreaproductions.com
renderyourdreams.de
rentapot.co.za
rentnerstimme.de
restaurant.xpressmeals.com.ng
revvcorpus.com.br
rgpdeasy.com
richtsteig.de
romeo-sierra.fr
rossbeld.com
rowanconlin.com
rsrurales.com
rubicoffeeshop.com.br
ruhuyasin.com
ruyatoken.net
sadashivam.in
saladeocio.com
salesdemov2.inosis.id
salmoo.net
sanchezcantosabogados.com
satuekhos.com
sc-texturen.lima-city.de
sdb.energyprogramme.xyz
semeioncorp.com
sendfiles.manjotsingh.xyz
senegal-judo.com
sentiersgraphiques.com
server.businesscircle.at
server1.npainclinic.com
shipperairways.com
sidegigger.com
sistema.restaurante.m6digital.cl
sistema.tpa.tour.m6digital.cl
sistemfascinador.cl.m6digital.cl
skjaldmaer.de
smartbrain.jctinfotech.com
smartchoicetec.com.co
smirko.com
socialismnow.org
softcabs.com
soke2enerji.com
solarpumpmonitor.ma
sperryengineering.com
spinyourlook.com
ssa106.com
ssa106.kasumedialabs.com
starmagic2.mydemoweblink.com
static.24.212.99.88.clients.your-server.de
static.acotron.com
steelservice.com.br
studiogobbetto.com
suhail.us
suhailgroup.com
sunnymovers4u.com
suratthani.uxui-brand.com
suzuki-t350.de
synergiaconsulting.ch
szantynamolo.pl
tagesmuetter-wb.de
takeoffacademy.in
takepaella.com.ws4.cctech.sk
tastygoods.com
taxrefundassist.ie
techuarranz.com
termoidraulicapg.com
test.popstudios.com.sv
test.vip-it.co.za
test2.zenith-photo.fr
testjoom.eefd.gr
tfm.shawontea.com.bd
themisprotectonline.ch
therave.vip
theraveboxoffice.com
theyellowchillitustin.mtf.rzv.mybluehost.me
thfruit.vn
tinaenergyhealer.com
tommywilde.com
toptendulichmy.com
trabant-team-ulm.de
tradeshowent.com
transcommunication.online
transmision.com.mx
transportesmaua.com.br
tri-citycomputerrepair.com
tripleachemie.de
trochia.com.br
tropilhagrill.com.br
ttransfo.com
tuasesoramiento.com
tusfuturasvacaciones.com.uy
two-dolphins.com.ua
tworound.it
unisomv.com
unisuscarriers.com
unitedflair.com
us.spinyourlook.com
usinanegocios.hospedagemdesites.ws
vcsi.vantagesolutions.biz
veronita.com
veronita.de
viamorelithecity.efacturas.net
videotop.mycpanel.rs
vidrialum.efacturas.net
vidrieriacentral.efacturas.net
villa-karkos-mykonos.com
vinetulix.com
vinetulix.com.magazinm.net
vip-it.co.za
virtualpoaf.pt
voidarquitectura.com
voidlab.es
wanghao.efacturas.net
web.risjan.com
web.turismo.m6digital.cl
webmail.technobrains.co.in
website-286f3fa4.fiveshines.com
wisconsinrocks.com
wordpress-536104-2441796.cloudwaysapps.com
world.co.th
wsa.ggecdc.co.id
xlinitypaybill.com
xmaping.com
xn----8sbm3akdllj4hza.xn--p1acf
xn--cmancheoarquitectos-13b.com
xn--jrgen-jansen-dlb.de
xn--mobiltest-bro-6ob.de
xpertoenwebs.com
xpressmeals.com.ng
yassine-cherfi.com
zabburyat.ru
zelle-power.com
zerrougoussama.digitalinit.net
ziidev.com
zonafranka.efacturas.net
zoo.efacturas.net

# Reference: https://x.com/CyberRaiju/status/1811314197742940258
# Reference: https://x.com/ValidinLLC/status/1811407786019840292

advannced-ip-scanner.com
advnanced-ip-scanner.com
angryip.icu
atssassian.com
ciltrix.com
doxy.icu
doxy.ws

# Reference: https://www.validin.com/blog/practical_malware_infrastructure_discovery_with_pdns/
# Reference: https://www.virustotal.com/gui/ip-address/206.206.123.151/relations

http://154.23.145.118
http://154.26.197.179
http://154.31.168.194
http://154.31.168.195
http://154.31.168.197
http://154.31.168.216
http://154.31.169.208
http://154.31.169.210
http://154.31.169.214
http://154.31.169.216
http://154.31.170.196
http://154.31.170.197
http://154.31.170.201
http://154.31.170.202
http://154.31.170.216
http://154.31.170.220
http://154.31.171.195
http://154.31.171.200
http://154.31.171.209
http://154.31.171.211
http://154.31.171.213
http://154.31.171.218
http://154.31.171.221
http://154.31.172.196
http://154.31.172.199
http://154.31.172.206
http://154.31.172.213
http://154.31.172.215
http://154.31.172.219
http://154.31.173.201
http://154.31.173.219
http://154.31.174.195
http://154.31.174.207
http://154.31.174.222
http://154.31.175.208
http://154.31.184.77
http://154.31.184.83
http://154.31.184.93
http://154.31.185.72
http://154.31.185.75
http://154.31.186.77
http://154.31.186.81
http://154.31.187.90
http://154.31.188.71
http://154.31.188.75
http://154.31.188.94
http://154.31.189.68
http://154.31.189.78
http://154.31.190.81
http://154.31.190.89
http://154.31.191.74
http://154.31.191.81
http://154.31.191.93
http://199.188.200.47
http://206.206.123.151
2013nknfl.com
amandalohiser.com
antonioqueiroz.com
asia-budget-airlines.com
baseballheavy.com
bigclothshop.com
bjl6651.com
cajasahel.com
chroupdt.com
cicadtime.com
cjxxw.net
columbusmoringa.com
corsegardenloisirs.com
crowbarlivemusic.com
db-expert.net
developing-movie.com
dobuenosaires.com
drcesargonzalez.com
dubbedclub.com
duluthareahome.com
ejerciciospowerplate.com
finaloop-mfg.com
gambarsurat.com
gosiawlodarczykphotography.com
guerrillateacher.com
jacobmadison.com
jewish-wines.com
jltxwl.cn
labarcadewilliamcalderon.com
lawrencekentucky.com
marilynmonroeart.net
matuokoumuten.com
mediart-assenede.com
meherpurbdnews.com
mmvtul.cn
my-football-team.com
netfuerza.com
nmorl.com
orchidsandviolets.com
plusminusband.com
polsterlieder.com
sdwybz.com
seherelayyah.com
sendai-motorshow2009.com
seputarmamuju.com
shvoptech.com
skpics.com
striptease-berlin.com
sxhl-t.com
tekaslittleblog.com
timberland163.com
vzukokan.com
yhuifeng.com
aqmoe.bigclothshop.com
bio0u.sdwybz.com
bumbb.db-expert.net
bvlze.gosiawlodarczykphotography.com
chrome.google.com.clearwebstats.com
cycjr.finaloop-mfg.com
dtvgq.ejerciciospowerplate.com
dzfek.orchidsandviolets.com
eewcm.timberland163.com
eivjz.marilynmonroeart.net
eodic.yhuifeng.com
evewz.cajasahel.com
glgg7s.jltxwl.cn
gmwbv.shvoptech.com
goqcl.antonioqueiroz.com
hlukw.jewish-wines.com
hqxto.my-football-team.com
ibtss.guerrillateacher.com
iwufy.jacobmadison.com
iyrka.baseballheavy.com
jefkc.dobuenosaires.com
jjqph.2013nknfl.com
khfxc.matuokoumuten.com
kxkje.developing-movie.com
lfaui.polsterlieder.com
loqrk.23tqw.cn
lyckw.sxhl-t.com
mbicn.dubbedclub.com
mcftr.columbusmoringa.com
nogyc.seputarmamuju.com
nojmk.cjxxw.net
nvtkd.netfuerza.com
oagsb.plusminusband.com
okoef.tekaslittleblog.com
ontcy.mediart-assenede.com
ouwhn.ottosspecialtyfoods.com
qbskt.cicadtime.com
qcdye.sendai-motorshow2009.com
qlqya.nmorl.com
qsxmv.asia-budget-airlines.com
rxsbx.crowbarlivemusic.com
swlyg.lawrencekentucky.com
tuqvt.seherelayyah.com
tyfur.vzukokan.com
uampn.gambarsurat.com
ucizl.187-films.com
updatechrllom.com
updatechullom.com
updatechulom.com
vkner.striptease-berlin.com
voljt.dobuenosaires.com
vwzaq.bjl6651.com
wbqbs.mmvtul.cn
wzvrw.amandalohiser.com
xeunn.drcesargonzalez.com
xkfxg.labarcadewilliamcalderon.com
yqala.corsegardenloisirs.com
zilgp.meherpurbdnews.com
zrqum.duluthareahome.com
zwywf.skpics.com

# Reference: https://x.com/malwrhunterteam/status/1816015420584800681

crowndstrikeoffice365.blob.core.windows.net
msoffice365updater.blob.core.windows.net
msofflce365ypdate.blob.core.windows.net
office365-load.com
office365updatter.blob.core.windows.net
systemwidowsupdate.blob.core.windows.net
updatemsoffice.blob.core.windows.net
updatemsoffice365.blob.core.windows.net
/WidowsSystem-update.zip
/msoffice365update.msi
/msoffice365update.rar
/msoffice365update.zip
/office365crowndStrike.msi
/office365crowndStrike.rar
/office365crowndStrike.zip

# Reference: https://x.com/nahamike01/status/1815889519331459080
# Reference: https://www.virustotal.com/gui/ip-address/4.206.218.87/relations

crowdstrike-office365.com
microsoft.crowdstrike-office365.com
go.microsoft.crowdstrike-office365.com

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-07-18-v10648/1828

cctvv2023.9hlw.com

# Reference: https://x.com/AlvieriD/status/1816813199250858206

kakaocall.com
kakaocall.kr
kakocalls.kr
krkakaocallen.tech
api.kakaocall.com

# Reference: https://x.com/4n6Bexaminer/status/1817871971893551538
# Reference: https://www.virustotal.com/gui/file/1162e11df8106c6fffee7ec883a137d1e982fbf4bd8b34a5fa90cd6a44c4850b/detection
# Reference: https://www.virustotal.com/gui/file/a08468098e6ab3c515366049a8f8b394d53445b60dbce2b0e4c9c7f3c3bc58de/detection

http://81.19.137.179
cryptomac.dev
tneunarchiver.com

# Reference: https://x.com/malwrhunterteam/status/1817992311042871489
# Reference: https://www.virustotal.com/gui/file/e3880c7db78e09748fe9caf02f330b1c61cd3aaaa31ffe93fb5ba1fb1035f761/detection

94.131.108.78:7118
sharjahconnect.online
portal.sharjahconnect.online

# Reference: https://app.validin.com/detail?find=%3A%3A%22twitter%3Asite%22%3A%3A%22%40NibiruChain%22&type=raw&ref_id=94060f2ee61#tab=host_pairs_v2

airdrop-nibiru-dj4.pages.dev
airdrop.nibiruchain.org
airdrop.nibirufinance.net
airdrops-nibirucom.pages.dev
app.nibiru-network.com
app.nibirun-network.com
banananan.pages.dev
check-nibiru.pages.dev
claim-nibiru.pages.dev
defi-nibiru.pages.dev
dfggff.pages.dev
earns-nibiru.pages.dev
event-niburu.com
gain-nibirucom.pages.dev
gamified-nibirucom.pages.dev
gemcoin.one
link-nibiru.pages.dev
lunar-nibirucom.pages.dev
mail.nibiru-reward.com
makenibiru.pages.dev
nbiiru.pages.dev
new-nibirucom.pages.dev
nib-cap-2002.pages.dev
nib1337.pages.dev
nibiiru-fi.xyz
nibirewards.pages.dev
nibiriu.pages.dev
nibiru-air.com
nibiru-airdrops.pages.dev
nibiru-chain.firebaseapp.com
nibiru-fi-6c6.pages.dev
nibiru-fi.pages.dev
nibiru-finance.com
nibiru-grab-1902.pages.dev
nibiru-network.com
nibirun-network.com
nibiru-reward.com
nibiru-test.pages.dev
nibiru.ink
nibiruchain.one
nibiruchain.org
nibirufinance.net
nibiruchain.pages.dev
nibiruchains.pages.dev
nibirufi-5mq.pages.dev
nibirufi.net
nibirufi.pages.dev
nibiruin.pages.dev
nibirurewards.pages.dev
nibu5.pages.dev
nidiru.net
test2-7g8.pages.dev
testingcloud-4jf.pages.dev
testmocabot.pages.dev
verifynibiru.surge.sh
web-nibirucom.pages.dev
yunusgoatmdr.foundation

# Reference: https://app.validin.com/detail?find=%3A%3A%22og%3Atitle%22%3A%3A%22Google%20Chrome%20%E2%80%93%20Download%20the%20fast%2C%20secure%20browser%20from%20Google%22&type=raw&ref_id=0900f74db99#tab=host_pairs_v2

aggelidis.appit.gr
aralia.co.uk
asset.revolvehost.com
audit.cabinetyvesfumanal.com
backup.skila.tn
beautyanddiet.appit.gr
bfce.co.uk
bizacademy.pro
blog.appit.gr
blog.envitia.com
chat.simpleservicesng.net
cleverway.appit.gr
cvqrcode.com
dawnparkprimary.co.za
energytest.geniusschoolthailand.com
envitia.co.uk
files.energy-transition.id
frauh.rocks
geniustest.geniusschoolthailand.com
gmdva.org
gms-stuttgart.com
haibangtech.com
harshika.brushncode.com
ibomplazanews.com
inner.dnawc.com.br
inui.cc
ipv6.mightywaters.co.uk
justiciable.net
kickback4kids.com
mail.gmdva.org
mail.pniasan-stp.org
mail.synergiaconsulting.ch
mail.vps-9456455.wattsp.com.br
manudesalvador.com
new.envitia.com
nomila.eu
nomila.it
ns61.greavesdesign.co.uk
nuevanation.legrandsoft.com
omegasolarisa.com.ar
oregano.appit.gr
pladetall.com
plasticoslaoca.com
pzc2mbdadmin.inosis.id
relook.cforem-univ-ouaga.org
shop.cleodor.com
sis.cetsoaxaca.gob.mx
software.shawontea.com.bd
tdyp.geniusschoolthailand.com
test.appit.gr

# Reference: https://app.validin.com/detail?find=%3A%3A%22og%3Atitle%22%3A%3A%22Google%20Chrome%20%E2%80%93%20Download%20the%20fast%2C%20secure%20browser%20from%20Google%22&type=raw&ref_id=0900f74db99#tab=host_pairs_v2

137.ip-51-68-47.eu
216-10-249-147.cprapid.com
alertaafocat.afocatchimboteancash.org
alonistiotis.appit.gr
apadrina.unolivar.com
bestellen.shufucuisine.nl
bolsas.diseno24.com
calculator.inosis.id
casadecourosrita.com.br
cazafugasespana.es
cleantech.appit.gr
cnm-international.fr
construtoraluanova.grupoluanova.com.br
contenidos.institutopotencialhumano.com
demo.cyber-web.in
demo3.fnpdigital.ch
deneme.larimarmadencilik.com.tr
dexi-doll.de
digefa.isjo-technology.com
divine.heladivacoir.com
ead.soufabra.com.br
ebtnbrindes.com.br
elite.appit.gr
enjoymaranello.com
fdua.inosis.id
files.energytransition.id
frauh.me
gys.innoq.com.sg
hertzthailand.cslox.com
highriskpaymentpros.com
images.toscana-database.eu
jobs.savehousecompany.com
jovenes.reinodecristo.es
juldem.ru
kaurcrm.kaurmigration.com
komprosubito.it
kotaccess.eu
lauracast.bykmedya.com
link.experiencesikhi.com
mail.appit.gr
mail.bimagril.com.br
mail.brikengenharia.com
mail.christoffel.com.au
mail.cvqrcode.com
mail.decalogopublicidadeinfancia.uy
mail.designgil.virtuaserver.com.br
mail.dev.deseguidores.com
mail.dnsoriyarom.com
mail.fitness-style.es
mail.jpos.my
mail.server1.npainclinic.com
mail.studiogobbetto.com
manual-ab.hostingmuu.com
mareverde.appit.gr
media.opsa365.com
mediaworks-io.videotop.mycpanel.rs
mercurisg.appit.gr
mir-ok.ru
mobex2.virtuaserver.com.br
mta-sts.mail.appleyardtreecare.co.uk
mta-sts.mail.magichourgeneration.com
nigelherbs.innoq.com.sg
nites.ksn1.go.th
otwarcie.polsail.org
palomardelrio.online
penca.muustack.com
pss.legrandsoft.com
resteappel.combo.fun
roberto.filnux.com
s817834794.online.de
salmoo.net.laboratoire-lypord.com
sis.innoq.com.sg
sistem.market.m6digital.cl
sistema.prueba.lobuscas.cl
socadireg.legrandsoft.com
solarinfinity.de
ssbgmbh.at
staging.forte-it.co.za
studio88.es
tailormade.appit.gr
test.creasia.co.th
tharwa.eddirasa.com
theheads.appit.gr
tour.qreatas.com
trinay.aid-pc.fr
trivias.clientesbatchile.com
urbangreyfurniture.dreamzadvertising.com
uvlakolomouc.cz
varoutas.appit.gr
vbthailandtour.iamvolleyballth.com
vialum.efacturas.net
vidrieriakaren.efacturas.net
vitalagro.efacturas.net
voice.bophana.org
vsolar.es
wanzig.efacturas.net
xunaiwei.efacturas.net
yamamoto.furendo.co.jp
zonafrankafvg.efacturas.net

# Reference: https://app.validin.com/detail?find=%3A%3A%22og%3Atitle%22%3A%3A%22Google%20Chrome%20%E2%80%93%20Download%20the%20fast%2C%20secure%20browser%20from%20Google%22&type=raw#tab=host_pairs_v2

adem-racunovodski-servis.si
anuskanetraclinic.com
argentinisimo.es
avocado.cc
banko.hamidousif.com
billing.mgelectricalsolutions.ca
bimc.debunked.website
cabanasbrisadelmar.terraidea.net
customers.prodata.id
customgiftboxes.us
demo.websitedesigning.shop
demo2.fnpdigital.ch
demoff.inosis.id
dev.61ik.it
dev.ldradio.eu
dietstories.appit.gr
energytransition.id
espacodosarcanjos.flecksys.com.br
event.isakarnataka.org
ezazu.alsolutions.eu
facturas.cnsi.org.ar
famideli.appit.gr
giobarber.appit.gr
heydeyisernia.com
holmtechpay.bbcvoyage.com
hostmaster.appleyardtreecare.co.uk
hostmaster.stairclimbers.co.uk
ikapens.pakrt.id
itukaichi.furendo.co.jp
kfz-service-eichinger.de
konie.smoldzino.org
lasento.de
mail.216-10-249-147.cprapid.com
mail.awakenbox.com.br
mail.brilho.co
mail.inovinil.pt
mail.sabhaiyaha.com
mail.sbsldcollegeofpharmacy.in
mail.videotop.mycpanel.rs
mail.wattsp.com.br
mail3.sabisima.com
manggang.oende.dev
mobiltest-bueros.de
ms-srl.it
mta-sts.mail.exposedesigns.co.uk
murilo.eng.br
myseosucksnew.wpenginepowered.com
nissannp300.frimax.mx
ns2.designgil.virtuaserver.com.br
ns2.energytransition.id
old.horsily.fr
parangon.legrandsoft.com
portal.completa.com.br
presswelthllc.com
retaildemov1.inosis.id
ribel.appit.gr
rpenterpriseservices.net.redcreaproductions.com
s556630935.onlinehome.fr
showa-lab.furendo.co.jp
staging.fredensborg.no
staging.tresalpain.fr
summerparty.ti4you.com
surin.uxui-brand.com
takuhai.furendo.co.jp
tienda.eogsa.com
truelifesports.appit.gr
tryout.pvgdemo.cloud
ts.sn4psh0t.de
vanity.appit.gr
veterinariamydogtor.efacturas.net
vientotextil.efacturas.net
viverescarlita.efacturas.net
vmi910724.contaboserver.net
waikani.efacturas.net
webmail.kaurmigration.com
weissenthurm.corona-testzentrum-rlp.de
wordpress.thamilselvan.fr
wp.furendo.co.jp
www2.deepakohri.com
wzfys.stevemorrisphotography.com
yenyjumbo.efacturas.net
yuanxing.efacturas.net
yummi.efacturas.net
zarifis.appit.gr
zonarenault.efacturas.net

# Reference: https://x.com/Root0ne/status/1819078738367422944
# Reference: https://x.com/Root0ne/status/1819078750862299539

http://146.185.233.45
http://89.23.100.181
http://94.141.122.39
http://94.141.122.57
89.23.100.181:443
fdsaffsda.lol
hasmterkombat.net
tonsroulette.click

# Reference: https://app.validin.com/detail?find=TON%20SPIN&type=raw&ref_id=dbbf242ace7#tab=host_pairs_v2

http://109.120.151.46
http://185.212.130.6
http://31.31.196.177
http://43.134.52.39
http://45.130.41.23
http://5.42.103.96
http://64.20.51.238
http://76.76.21.22
http://79.124.40.33
http://89.116.192.249
http://89.169.53.214
http://92.53.99.174
01928hheiuwf.buzz
1003gyrhgerkg.buzz
100tonspin.biz
123rhughehrig.buzz
1ytywrguiweug.buzz
5ytywrguiweug.buzz
77weigwoeg.buzz
81.19.137.173.sslip.io
89283ierngierjkg.buzz
9192iehfuiewnifwe.buzz
9874uywehyuwh.buzz
adrop.lat
aircatizen.xyz
airdogsdrop.one
airdropcrypto.sbs
airdropdoge.cfd
airdropnotcoin.online
airdroppwizz.store
airdropton.sbs
airdropwizz.tech
airmtw.top
airnotcashes.com
airnotcoin.xyz
airnotdrop.xyz
airton1.buzz
alltondrop.cfd
ankugding.shop
appdkb.xyz
ascobits.com
asdawsdaasd.cfd
asdftpndhair3333.cfd
b1zepf.cfd
bellowflame.xyz
bemo-finance.xyz
bergserom.shop
birdyty.cfd
bishokol.shop
bitchange-world.com
bitfly-change.com
bitvail.com
blasterswap.top
blum-drop.quest
blumairdroping.top
blumcrypto.buzz
blumdrop.io
blumroll.cfd
bobokolo.shop
bomlopkdroop.shop
bookingreservation.uk
bruharas.ru
byfinex.com
catizen-rewards.com
catizenairdrop.sbs
chokdontron.cfd
claimcoins.lol
claimdrop.lol
claimnotcoinairdrop.top
claims.lol
claimshamster.com
claimton.one
click-exchange.net
coin-distribution.top
coindrooo.skin
coinhube.buzz
coinroulette.xyz
coinsphere.shop
coinsupportrewards.co
coinszalupoins1488.space
cpanel.happinessclub.ae
cryptdrop.org
crypto-daily.xyz
cryptoinstagram.click
cryptoweb3dex.shop
cwolf.top
ddtonroulet.cfd
dickinssn.shop
dmobot.earncash.me
dogs-drop.live
dogsairdropton.xyz
dogsdaily.sbs
dogston.xyz
dogswalet.sbs
domain-hueyn.lol
dominodrop.shop
drondds.xyz
drop-ton.top
dropblum.shop
earncash.me
emirogluterzin.com
endphasenotxcoin.xyz
eth-etf.net
event-news.prodata.id
exabrus675.xyz
example13.buzz
exc-tonex.cfd
fintap.cfd
fjasjkfsakjfkjsakfjksa.pics
flackosg.cwolf.top
fluffs.club
fraqment.top
freecryptasd.com
freedurov-airdrop.sbs
freedurov.buzz
freedurov.one
freetonairdrop.shop
freetonspin.buzz
fryufvryfryusgfety.shop
fuggrnnrsdu32.xyz
gdrop.one
get-free-notcoin-airdrop.sbs
get-ton.lol
getblum-drop.top
gfdkfdsfgsdfg.online
ghspasalon.ru
gifton.cc
gnomfiesta0201.buzz
goodbooms.top
goton.lol
griptoncoin.shop
hamster-exchange.pro
hamsterclub.pro
hamstercombatswapton.buzz
hamsterhelp.lol
hamswappertgchange.xyz
haypt.shop
hebebsjsjaj.xyz
hedgehoginthefogen.xyz
helpcenterdocs.com
heuristic-sanderson.18-184-205-87.plesk.page
hfreuhfuhegueguegher.shop
honeypie.sa.com
hotton.top
hottonspin.sbs
hubaton.cfd
inkton.xyz
instantclaim.site
ipv6.tonspin.online
iuwefhwefjkwef.buzz
jebejdjd.buzz
jejehsbntjsgw.buzz
jett.lol
jfhjgireguhreuighuer.shop
jhfjhfjhefjefejhef.cfd
joinlotterytelegram.com
joytonbot.com
koladnuba.cfd
koybox.com
letbitro.com
loivesrdw.online
luckyton.online
luckyton.top
magic-love.ru
mail.tonswallet.com
maintoncompany.com
metatoken.cfd
ministerstvo.xyz
mycoinlisting.ru
myskins.biz
mytonwallet.network
mytonwallet.pro
naeban.com
narsdjiniadefj.com
narseaawd.cfd
nasabit.com
netston.com
noexy.one
nosbycoin.com
not-fi.lol
not-fl.com
notairdopped.shop
notapp.top
notappdrop.com
notcash.eu
notcoin-dash.one
notcoin.city
notcoin.design
notcoin.email
notcoin.org.uk
notcoin.rocks
notcoinairdop.sbs
notcoinclaims.com
notcoindrop.tech
notcoindropfree.shop
notcoingiveaways.xyz
notcoinshop.shop
notdrop-claim.com
notdrop.website
notfinder.top
notikbegemotik.buzz
notiksobatotik.shop
notkeeperdrop.eu
notrocketroulette.one
notrolldd.cfd
noyreks.top
ns1.icdserv.gov.ae
ns2.icdserv.gov.ae
osfvplblty.com
pancakes-swapp.com
qeta.buzz
ritchir.shop
roll-toncc.cfd
roll-ttonx.cfd
ropizbit.com
rostabit.com
roulettearly.one
rrrrrrrulet.xyz
ruletka02.xyz
ruletkaa.xyz
ruletkamur.shop
ruletkass.xyz
ruletkavir.shop
ruletkkkka.xyz
ruleton.xyz
ruletonka.xyz
ruuuuullletttt.xyz
sanoxbit.com
sdfkhjgfhsdhk.shop
sdogs.site
slfashkld.site
spin-ton.live
spinair.net
spinrul.xyz
spinton.sbs
spintoon.buzz
spinwallet.buzz
spinxton.cfd
spinxton.lol
spinxton.sbs
stakekick.xyz
stashairdrop.xyz
stlatsp.tech
ston-fi-ton.top
stonfi-drop.com
stonfidrop.xyz
stonfigive.shop
swizzbets.com
tbton.net
telephottoe.buzz
tellarusd.com
test.liberstech.com
tgdrop.cc
tgspin.com
tkton.org
tnton.org
ton-9gy.pages.dev
ton-airdrop.pages.dev
ton-airdrop.us
ton-bouns.xyz
ton-drop.live
ton-exchanger.top
ton-giveaway.pages.dev
ton-roulette.cfd
ton-roulette.lol
ton-roulette.online
ton-roulette.pro
ton-roulette.space
ton-spin.com
ton-spin.live
ton-spin.pro
ton-spin.shop
ton-spin.site
ton-spines.sbs
ton-testing-15521544.pages.dev
ton.earncash.me
ton1.biz
ton100.app
ton100.xyz
ton1000.buzz
tonair.cfd
tonair.club
tonairdropped.shop
tonapp.sbs
tonbetwheel.world
tonbonus.buzz
tonbonus.sbs
tonboxes.one
tonclaimairdrop.cfd
toncoin-gift.com
toncoin-spin.cfd
toncoin.gold
toncoin.hair
toncoinairdev.sbs
toncoinairdrop.life
toncoinairdropofficial.shop
toncoinclaim.sbs
toncoindrops.shop
toncoinroulette.buzz
toncoinsp.com
toncoinspin.xyz
toncoinspindrop.shop
tonconnect.world
tonconnectbackend.homes
toncryptospin.pro
tondrop.baby
tondropgiveaway.buzz
tondrops.cfd
tonelite.xyz
tonfortune.me
tonfragment.buzz
tonfreeairdrop.pages.dev
tonfreespin.biz
tongifts.org
tongifts.win
tongive.ru
tongive.top
tongiveaway.biz
tongiveaway.lat
tongiveaway.world
tonicsproject.xyz
tonisweet.pages.dev
tonkeep.ru
tonkeeperairdrop.fun
tonkeepersafe.xyz
tonmax.website
tonn-evd.pages.dev
tonns.pages.dev
tonofficialairdrop.com
tonoodrops.shop
tonportal.club
tonprize.biz
tonprize.cfd
tonprize.club
tonprize.top
tonprize.xyz
tonroll.cc
tonroll.pro
tonroulet.xyz
tonroulette.biz
tonroulette.cfd
tonroulette.com
tonroulette.life
tonroulette.online
tonroulette.org
tonroulette.pro
tonroulette.space
tonroulette.top
tonroulettes.buzz
tonruletka.site
tonruletka.top
tonruletka228.cfd
tonrulette.fun
tons-8li.pages.dev
tonsot.lol
tonspacer.pages.dev
tonspin.baby
tonspin.click
tonspin.in
tonspin.live
tonspin.lol
tonspin.net
tonspin.online
tonspin.quest
tonspin.ru
tonspin.sbs
tonspin.store
tonspin.top
tonspinbest.xyz
tonspinbonus.cfd
tonspincommunity.one
tonspinfree.buzz
tonspinfree.xyz
tonspinner.net
tonspins.lat
tonspins.lol
tonspins.ru
tonspins.sbs
tonspinthebest.cfd
tonspinx.com
tonsroulette.click
tonstake.eu
tonston.online
tonswallet.com
tontape.com
tonton-1gu.pages.dev
tonwebapp.buzz
tonwex.site
tonwheel.biz
tonwheel.icu
tonwheel.one
tonwheels.one
tonwl.com
topwallet.site
trustwurrrsdh.com
upcoins.xyz
ups-colis.fr
usdtnet.click
valikret.com
valocux.com
valoroffers.fun
vedos.one
verifyclaimspace.biz
w3ton.shop
wavestars.buzz
wearnew.xyz
web.notcoin.city
web3drop.cfd
welcome-ton.xyz
wellesse.xyz
wexam.top
wexden.lol
wgwegerhatrhrh.buzz
wh1354840.ispot.cc
wh17738.web1.maze-host.ru
wheelqwqeqr.shop
withdrawcoin.xyz
wokelmose.xyz
worldspace.click
www-open-network.com
zybersswap.space
xr.followersflex.com
zaleti-10000-ton-proshu-tebya.cfd
zalupcoin.space
zealy.click
zxczxczxc.buzz

# Reference: https://app.validin.com/detail?find=%3A%3A%22og%3Atitle%22%3A%3A%22Google%20Chrome%20%E2%80%93%20Download%20the%20fast%2C%20secure%20browser%20from%20Google%22&type=raw#tab=host_pairs_v2

159.253.214.149.srvlist.ukfast.net
a-z-riskconsult.ch
admin.kalitorental.de
admin.travilogs.id
agapevida.com.br
agapevida.flecksys.com.br
agnolinposapavimenti.it
airsense.loniticsstudios.in
alpha.ppe-monitoring.com
antrax.thecamels.pl
apps.prointures.com.co
asset.snptechno.com
atanys.com
autodiscover.thelucknowjournal.com
avayehazar.ir
avrlv.junjungolf.com
beta.alwankids.com
boletos.terminalprivadoglobal.com
casadocirco.com.br
chrome-be8.workers.dev
coisacoisa.com.br
cvqrcode.lpmglobalrelations.com
delivery.appit.gr
demo.pom.inosis.id
designgil.virtuaserver.com.br
dev.deseguidores.com
dev.flue-supplies-uk.co.uk
dev.havwoods.co.uk
divinelankaholidays.heladivacoir.com
doctor.sreseo.com
ehavk.org
endustri.dogus.edu.tr
fastfoodtakis.appit.gr
feroxgmbh.at
filtro.innoq.com.sg
fuchu.furendo.co.jp
g.appit.gr
google-update.pages.dev
google.chrome-be8.workers.dev
h2938834.stratoserver.net
hangi.easyfishoil.com
hiperconfeiteiro.com.br
influencer.diskonmu.com
ip210.ip-51-254-244.eu
job.geannistar.ro
jujugold.in
kabe.furendo.co.jp
korban.innoq.com.sg
lalpchimiste.fr
lidersrl.com.py
lonza.innoq.com.sg
mail.airforceschoolagra.edu.in
mail.npainclinic.com
mail.sbsld.co.in
manage.geniusschoolthailand.com
mapa.cetsoaxaca.gob.mx
marketing.innovasolution.net
media.smartgroup.rs
media1.smartgroup.rs
mercuris.appit.gr
misuhuko.agasumo.com
new-k8s.netray.id
news.kissclass.com
nomina-srl.it
ns1.appit.gr
ns1.webasatir.ir
ns2.appit.gr
ntutsdg.vaserver.com
omertacoffee.appit.gr
pathumthani.uxui-brand.com
picasso-authentificationfr.sc4rzor6192.universe.wf
programmer-iq.com
qbnna.reachchanelhandbags.com
qtbbmarket.onevr.store
question2.inosis.id
rayong.uxui-brand.com
reep.energyprogramme.xyz
rekrutacja.tischner.edu.pl
robertaferreiraarquitetura.com
s375266543.mialojamiento.es
sc4rzor6192.universe.wf
secret-story.legrandsoft.com
server.qrl.wvd.mybluehost.me
sierra.sofiaconseil.com
solitaire-quarter-demo.inosis.id
srv975.seohost1.pl
stock.combo.fun
subnet.jinom.net
takaramachi.furendo.co.jp
taqseema.jaffnait.com
techshoow.com
training.legrandsoft.com
turkberi.com
udfc.iamsportwear.com
unetel.ci
update.chrome-be8.workers.dev
v1.dinkes.purwakartakab.go.id
veramoreiramarioursino.efacturas.net
vialsu.efacturas.net
victorsegura.efacturas.net
viverplast.efacturas.net
vmi1015154.contaboserver.net
vps-9456455.wattsp.com.br
wj666.rhythmsnet.org
wp.uessapuquio.gob.pe
xtalk.datastructure.co.th
yecard.efacturas.net
yitailang.efacturas.net
zonademaquinas.efacturas.net

# Reference: https://x.com/Huntio/status/1822132377923244221
# Reference: https://www.virustotal.com/gui/ip-address/5.180.154.111/relations

cryptaxcalc.com
parsecdesk.com
uifancontrol.com

# Reference: https://reasonlabs.com/research/new-widespread-extension-trojan-malware-campaign
# Reference: https://www.virustotal.com/gui/collection/04480b9dc7eb0e7150ff89df24c8f30f11f40714b93a1cab00712bde7019fc55

activesearchbar.me
customsearchbar.me
exyzsearch.com
kondoserp1.com
laxsearch.com
microsearch.me
msf-console.com
msf-edge.com
nvoptimie.com
nvoptimize.com
nvoptimizer.com
qcomsearch.com
qtrsearch.com
safesearcheng.com
search-good.com
searchnukes.com
securedatacorner.com
simplenewtab.com
sslwindows.com
wincloudservice.com
wonderstab.com
yglsearch.com
yoursearchbar.me

# Reference: https://x.com/raghav127001/status/1825763832087851155
# Reference: https://x.com/DonPasci/status/1825791465739395466
# Reference: https://www.virustotal.com/gui/ip-address/47.236.48.41/relations
# Reference: https://www.virustotal.com/gui/file/56f75fb8e77ff6e8d5b2c047da0a63171e0a2c54cfad892ad838418860f4280f/detection
# Reference: https://www.virustotal.com/gui/file/52a7bfbed55663478fc03e8ff947895be2c4551dbb2375bfecb10a08b3f1da0d/detection
# Reference: https://www.virustotal.com/gui/file/46cfff0cee312d316bebc21c708e4c07ed9967cdb845d21f151e86dcfa4a079e/detection
# Reference: https://www.virustotal.com/gui/file/3b6390c9f2ac0b2c35fd2a3def40a707231d41c3bc347f6a6a5b44e7a34ead45/detection

http://103.1.40.146
http://103.1.40.158
http://103.1.40.240
http://142.171.140.2
http://143.92.52.49
http://143.92.52.88
http://156.251.50.124
http://156.251.50.175
http://47.236.48.41
http://47.76.158.249
143.92.57.75:15628
154.213.18.97:65535
47.236.48.41:443
aisizhushou.com
gchromex64.com
laowang-vpn.com
partimefc.xyz
scndsusmus.com
sl888.win
pckljso.szxinshili.cn
www2222222wfqwf-1327129302.cos.ap-chengdu.myqcloud.com
www97asfasf-1327129302.cos.ap-chengdu.myqcloud.com

# Reference: https://x.com/StrikeReadyLabs/status/1827034995103559727
# Reference: https://www.virustotal.com/gui/file/34fea0c0708ecfceb592029910626ca699fb5f18595599d47a9ec87749940884/detection
# Reference: https://www.virustotal.com/gui/file/5ed854b4ed07250521f0da12b810128b014b2c6e83b8ba51b80dfa9e4252a3bf/detection
# Reference: https://www.virustotal.com/gui/file/c6e595d44257f293200b926123cea0f3cdbd622b32226758e907f9829d652833/detection

cisco-webexapp.com

# Reference: https://x.com/JAMESWT_MHT/status/1828838467423666297
# Reference: https://threatfox.abuse.ch/browse/tag/RobotDropper/
# Reference: https://www.virustotal.com/gui/file/0391ad908a691a98cb347e33d6da8b44efb519d51134275b7cf00e5fcbf3d2b0/detection
# Reference: https://www.virustotal.com/gui/file/03e1816244c55ee12a718b263bb777a6390236a70bd53187dc8be888da1068bd/detection

get-lic.com
get-license12.com
get-license2.com
get-license4.com
to-license2.com

# Reference: https://x.com/Merlax_/status/1828971706859356334
# Reference: https://x.com/V3n0mStrike/status/1829017873605447709

miargentina.online
miargentina.xyz
app.miargentina.online

# Reference: https://x.com/RacWatchin8872/status/1829163583986643429

http://178.32.6.100
178.32.6.100:443

# Reference: https://x.com/NDA0E/status/1829218803668140208
# Reference: https://app.validin.com/detail?type=raw&find=RapidShare+-+Fast+%26+Secure+File+Transfer+for+Free#tab=host_pairs_v2

bestabilityapp.monster
bestofficialapp.monster
bestpowerapp.monster
bestquickapp.monster
bestquickapps.monster
cleanpowerapp.monster
cleanpowerapps.monster
eliteabilityapp.monster
eliteactiveapps.monster
eliteofficialapp.monster
elitequickapp.monster
extraactiveapp.monster
extralightapp.monster
extraperfectapps.monster
extrapowerapps.monster
freeabilityapp.monster
freeactiveapp.monster
freedigitalapp.monster
freeneatapp.monster
freenewapp.monster
freeofficialapp.monster
freeperfectapps.monster
freepowerapp.monster
freepowerapps.monster
freequickapp.monster
freshcoolapp.monster
freshlightapp.monster
freshneatapp.monster
freshquickapps.monster
getabilityapp.monster
getactiveapps.monster
getdigitalapp.monster
getnewapp.monster
getofficialapp.monster
goldpowerapp.monster
goldpowerapps.monster
grandactiveapps.monster
grandfutureapp.monster
hotabilityapp.monster
hotapps.monster
hotdigitalapp.monster
hotfreeapp.com
hotgrandapp.monster
hotleaderapp.monster
hotpowerapp.monster
keyactiveapp.monster
keyactiveapps.monster
newactiveapps.monster
poweractiveapp.monster
poweractiveapps.monster
pureactiveapps.monster
purefutureapp.monster
purenewapp.monster
pureofficialapp.monster
purequickapp.monster
runabilityapp.monster
runactiveapps.monster
runleaderapp.monster
runofficialapp.monster
runpowerapps.monster
safeactiveapps.monster
safeapps.monster
safecoolapp.monster
safedigitalapp.monster
safegrandapp.monster
safelightapp.monster
safenewapp.monster
safeperfectapps.monster
safepowerapp.monster
saveactiveapp.monster
saveactiveapps.monster
savegrandapp.monster
savepowerapps.monster
sendcoolapp.monster
sendperfectapps.monster
speedabilityapp.monster
speedgrandapp.monster
speedigitalapp.monster
speedpowerapps.monster
storeactiveapp.monster
topactiveapp.monster
topgrandapp.monster
topnewapp.monster
topowerapps.monster
topstarapp.monster
useperfectapps.monster
vipactiveapp.monster
vipactiveapps.monster
vipdigitalapp.monster
vipnewapp.monster
vipperfectapps.monster
webabilityapp.monster
webactiveapps.monster
webdigitalapp.monster
webfutureapp.monster
webpowerapp.monster
webpowerapps.monster
webstarapp.monster

# Reference: https://x.com/Huntio/status/1830840049073823851
# Reference: https://www.virustotal.com/gui/file/b553cd19fefd923981b8a14685630f844f9c3ced2fc392b0fad76d216f7334da/detection

182.92.116.32:12777

# Reference: https://x.com/StrikeReadyLabs/status/1831695133927964710
# Reference: https://www.virustotal.com/gui/file/e1b9bf97ec9db39642fe803236d4dfa8e5b86633c434d5815e4d951408dbfabc/detection

documento-nacionalautoridade-infracao2025.com

# Reference: https://x.com/kddx0178318/status/1832029590794960915
# Reference: https://app.validin.com/detail?find=%3A%3A%22og%3Atitle%22%3A%3A%22%D0%92%D0%B5%D0%B1-%D0%B1%D1%80%D0%B0%D1%83%D0%B7%D0%B5%D1%80%20Google%20Chrome%22&type=raw&ref_id=e3749e2d42b#tab=host_pairs_v2

browser-chrome.com
browser-chrome.ru
browser-google.com
browser.guru
cast.mix.am
chrome-browser.org
chrome-browser.site
chrome-soft.website
dl.xetapp.com
download-chrome.ru
download-chrome.us
download-soft.website
freechrome.online
g2stat.com
get-firefox.ru
google-browser.com
gstat.rest
img.xetapp.com
internet-browser.ru
k-lite-codec.ru
klite-codec.ru
m.xetapp.com
minecraft-free.ru
radio.mix.am
ru.xetapp.com
server.xetapp.com
soft-pack.xyz
torrentsoft.icu
win-browser.click
win-browser.website
win-os.ru
winbrowser.online
windows-browser.website
windows-chrome.ru
windows-photoshop.ru
zoom-setup.ru

# Reference: https://app.validin.com/detail?find=Your%20software%20in%20search%20of%20cryptocurrencies&type=raw&ref_id=8e37a36d042#tab=host_pairs_v2

antyhellproject.com
bestcs.space
borkep.com
duets.space
kaupx.com
zeetev.com

# Reference: https://app.validin.com/detail?find=77.246.156.239&type=ip4&ref_id=4737e58766c#tab=resolutions

bohemian.am
chromebrowse.com
datanalyze.xyz
dex.am
fidelityconsult.am
finex.am
gastroman.am

# Reference: https://app.validin.com/detail?find=82.146.50.198&type=ip4&ref_id=4737e58766c#tab=resolutions

apastou.com
chrome-browser.download
chrome-browser.pro
google-chrome.co
xet.app
xetapp.com
xetapp.cy

# Reference: https://x.com/kddx0178318/status/1834545168403296409
# Reference: https://app.any.run/tasks/b81c945b-3c42-4385-ba54-331fd7f7b367

adobeacrobat.help

# Reference: https://cybernews.com/security/chrome-extension-hides-new-malware-to-steal-crypto/
# Reference: https://www.virustotal.com/gui/file/441274c48b1fdb869c4a0ebee070562eff724827fdd128f033d12b16cd7d3f2f/detection

aiblocksecurity.com
atmos-wallet.com
cf-blockchain.com
chain-ai-security.com
claimyourrefund.net
fca-recovery.org
fca-uk.eu
funds-ca.org
igc-markets.com
infinitrade.co
liberty-wallet.com
spider-wallet.com
spiderx.co
tandem-markets.com
wow-wallet.com

# Reference: https://x.com/malwrhunterteam/status/1837606124117196826
# Reference: https://x.com/vm001cn/status/1837852873482518938
# Reference: https://www.virustotal.com/gui/ip-address/146.19.247.45/relations
# Reference: https://app.any.run/tasks/561efc41-17f6-439e-939e-180af4a4a7e5
# Reference: https://www.virustotal.com/gui/file/221c04745766b7dd65ff78d3590b2476f8de00c5fe17c1eb7d3aff34a9033df9/detection
# Reference: https://www.virustotal.com/gui/file/e0de36cbad8e3215fb8ef9c1de0cbbf8341ef39e2cd74a45e502ac36be816fe3/detection
# Reference: https://www.virustotal.com/gui/file/ded955dedc31888c4a3466a1a507f1f1163ef5758caef53f363aa5423d852064/detection
# Reference: https://www.virustotal.com/gui/file/496b7707e779c1aa2d22954037f5df17a0e528f4f3e97f89cbf40c795c57e36c/detection
# Reference: https://www.virustotal.com/gui/file/1960c1143b51f56eb9579e6199d77933072861213b4f19df5ec2c77cc9d2ae86/detection

172.86.67.251:11000
aieditpro-activation.com
flashffl.com
/?PSublOXpdWLdKWeniWfy=
/?PSublOXpdWLdKWeniWfy

# Reference: https://x.com/iam_rajhans/status/1839221953980149808
# Reference: https://x.com/banthisguy9349/status/1839264533220622816
# Reference: https://urlscan.io/result/671c33c6-6e5e-4380-830b-dbb1758f8aca/
# Reference: https://urlscan.io/result/64ae6b58-5466-4a7c-8d5d-21495868d33c/
# Reference: https://urlscan.io/search/#filename:%22cisco-webex-meetings.d794.svg%22
# Reference: https://www.virustotal.com/gui/file/45257b5cd16d391bc37afe4a6534610cb1bb70c14dbec15b5594ad798d31933f/detection

http://3.26.166.171
3.26.166.171:443
dialin.comalco.co.nz
psf04172.webex.umi.ai
meetcalltest.webex.com.test.webexarcor.arcorsa.myshn.net

# Reference: https://x.com/malwrhunterteam/status/1840142672121491635
# Reference: https://www.virustotal.com/gui/file/cfd260eb3c55d66c92ead1ee26a9c5ef6114f1af997d2729a97c6eb551ade87c/detection

lifesuma.com

# Reference: https://x.com/ValidinLLC/status/1840803634004598800
# Reference: https://app.validin.com/detail?type=dom&find=elrifeno.com#tab=host_pairs_v2

dbschemats.com
edgeupgrade.com
heidisqli.com
javadevssdk.com
mozilaupgrade.com

# Reference: https://x.com/cyberfeeddigest/status/1841174097398808671
# Reference: https://urlscan.io/result/f4d6fb9b-20cd-4dcc-955a-4ffe26867788/

slackmessenger.site

# Reference: https://blog.avast.com/fakecrack-campaign

14redirect.cfd
aeddkiu6745q.cfd
asud28cv.cfd
baed92all.cfd
bny734uy.cfd
dert1mku.cfd
er67ilky.cfd
fr56cvfi.cfd
freefiles33.xyz
freefiles34.xyz
freefilesxx.xyz
goes12by.cfd
kohuy31ng.cfd
lixn62ft.cfd
mihatrt34er.cfd
oliy67sd.cfd
uzas871iu.cfd
wae23iku.cfd
wrtgh56mh.cfd
xzctn14il.cfd
yhf78aq.cfd

# Reference: https://app.validin.com/detail?type=hash&find=a4161ee18a72e85440751fdc66cbc561#tab=host_pairs_v2

13landing.cfd
5vgy7.pro
akale4.pro
as1sw.pro
as7yh.pro
ased48u.pro
ax5g.pro
bazi78.pro
bitch12.pro
bnf8.pro
cfr4res.top
civik78.pro
ck9px.pro
cvt6v.pro
cwiaswe.pro
de4rf.pro
de4rv.pro
dewihfa.online
dispensewith.xyz
doulbesofts.cfd
downloadlinkworld.cfd
eu9n.pro
ex4redirect.cfd
exe2redirectbox.pro
exe3redirects.pro
fg7y.pro
fileblaze.click
filecr.click
filecr.one
freesetup.sbs
fukir4.pro
fukk7en.pro
fvgy7.pro
get-file.click
gfbmdsnr6.pro
hbg6.pro
hgfgbvjd9.pro
ia34r.pro
ijbh45.pro
ijj8by0.pro
iptvbites.buzz
ku8in.pro
m7yi.pro
matona.online
mino45.pro
mrrsi8.pro
nbb7.pro
nfjienks.pro
nh72w.pro
nik8.pro
nmh7y.pro
nvrikxme.click
olk8c.pro
olp0v.pro
plo9j.pro
qa2dc.pro
qa2s2.pro
qn5ty.pro
rars-freeload.com
redirectbox.pro
redirectnewnetwork.click
rhfiems4j.pro
rncskod.pro
rover5t.pro
sat7.pro
sdnb40.pro
sdrb9.pro
thvnjd5bd1.pro
trial-uploader.store
vbne4.pro
vf4fg.pro
vgh2t6.pro
vurjkxsik4.pro
vvt7y.pro
ws3ed.pro
ws4rt6.pro
xc5f6.pro
xerv6.pro
xh7tyh98ik.world
xxlim67.pro
yhein8.pro
zjwndi5ka.pro
mail.dewihfa.online
mail.doulbesofts.cfd
mail.filecr.click
mail.filecr.one
mail.iptvbites.buzz
online.matona.online
dewihfa.online.matona.online
