mirror of
https://github.com/valitydev/signature-base.git
synced 2024-11-06 18:15:20 +00:00
1573 lines
35 KiB
Plaintext
1573 lines
35 KiB
Plaintext
#
|
|
# LOKI C2 IOCs
|
|
# This file contains C2 server and decription
|
|
#
|
|
# FORMAT -----------------------------------------------------------------------
|
|
#
|
|
# # COMMENT
|
|
# c2-server.tld
|
|
# ip-address
|
|
#
|
|
|
|
# FireEye Operation Snowman https://goo.gl/x1v7mT
|
|
suroot.com
|
|
58.64.143.244
|
|
effers.com
|
|
118.99.60.142
|
|
58.64.200.178
|
|
58.64.200.179
|
|
103.20.192.4
|
|
58.64.199.22
|
|
58.64.199.25
|
|
180.150.228.102
|
|
111.118.21.105
|
|
me.scieron.com
|
|
cht.blankchair.com
|
|
ali.blankchair.com
|
|
dll.freshdns.org
|
|
rt.blankchair.com
|
|
book.flnet.org
|
|
|
|
# Sofacy report Dec 2015 https://goo.gl/WSvEM8
|
|
drivres-update.info
|
|
intelnetservice.com
|
|
intelsupport.net
|
|
softupdates.info
|
|
|
|
# Mofang report by FoxIT https://goo.gl/t3uUTG
|
|
video.today-nytimes.com
|
|
api.officeonlinetool.com
|
|
ie.update-windows-microsoft.com
|
|
travel.tripmans.com
|
|
dns.undpus.com
|
|
secure2.sophosrv.com
|
|
update.nfkllyuisyahooapis.com
|
|
www.go-gga.com
|
|
images.defexpoindia14.com
|
|
update.micrdsoft.com
|
|
support.f--secure.com
|
|
store.outlook-microsoft.net
|
|
b.support.outlook-microsoft.net
|
|
logon.had-one-job.com
|
|
www.avgfree.us
|
|
mail.upgoogle.com
|
|
wbmail.city-library.com
|
|
library.cpgcorp.org
|
|
103.229.124.1
|
|
103.39.78.131
|
|
107.191.61.105
|
|
112.213.117.52
|
|
116.251.210.77
|
|
116.251.216.165
|
|
116.251.216.227
|
|
116.251.216.72
|
|
116.251.219.142
|
|
117.17.10.10
|
|
151.236.14.53
|
|
176.31.220.160
|
|
178.209.51.164
|
|
178.209.52.72
|
|
192.157.229.164
|
|
198.98.103.7
|
|
210.245.85.83
|
|
23.89.200.128
|
|
23.89.201.173
|
|
38.109.190.55
|
|
49.213.18.15
|
|
50.117.47.66
|
|
50.117.47.67
|
|
61.250.92.79
|
|
|
|
# Project Sauron https://goo.gl/eFoP4A
|
|
185.78.64.121
|
|
rapidcomments.com
|
|
81.4.108.168
|
|
bikessport.com
|
|
178.211.40.117
|
|
176.9.242.188
|
|
www.myhomemusic.com
|
|
flowershop22.110mb.com
|
|
wildhorses.awardspace.info
|
|
217.160.176.157
|
|
5.196.206.166
|
|
|
|
# Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads https://goo.gl/OOB3mH
|
|
hackqz.f3322.org
|
|
120.209.40.157
|
|
bj6po.a1free9bird.com
|
|
|
|
# Black Oasis IOC https://goo.gl/jhJWRp
|
|
89.45.67.107
|
|
|
|
# US-CERT TA17-293A https://www.us-cert.gov/ncas/alerts/TA17-293A
|
|
cfemedia.com
|
|
grand-central.net
|
|
oilandgaseng.com
|
|
plantengineering.com
|
|
cfemedia.gcnpublishing.com
|
|
controleng.com
|
|
130.25.10.158
|
|
167.114.44.147
|
|
176.53.11.130
|
|
184.154.150.66
|
|
187.130.251.249
|
|
193.213.49.115
|
|
195.87.199.197
|
|
2.229.10.193
|
|
41.205.61.221
|
|
41.78.157.34
|
|
5.150.143.107
|
|
5.153.58.45
|
|
62.8.193.206
|
|
82.222.188.18
|
|
91.183.104.150
|
|
85.25.100.104
|
|
96.126.116.217
|
|
203.113.4.230
|
|
149.210.156.198
|
|
151.80.163.14
|
|
|
|
# Sofacy activity https://researchcenter.paloaltonetworks.com/2018/02/unit42-sofacy-attacks-multiple-government-entities/
|
|
cdnverify.net
|
|
|
|
# APT10 C2 IOCs - Source: AlienVault OTX
|
|
acsocietyy.com
|
|
anvprn.com
|
|
anycal1.com
|
|
appeal.ml
|
|
belowto.com
|
|
bridgeluxlightmadness.com
|
|
catholicmmb.com
|
|
ccfchrist.com
|
|
chibashiri.com
|
|
childrenstow.com
|
|
ckusshani.com
|
|
cloud-kingl.com
|
|
cloud-maste.com
|
|
companieshousesearch.com
|
|
duosay.com
|
|
emyta.com
|
|
essashi.com
|
|
fastmail2.com
|
|
geetkculture.net
|
|
gmpcw.com
|
|
goodsampjp.com
|
|
googlemeail.com
|
|
gostudymbaa.com
|
|
gotourisma.com
|
|
gt4study.com
|
|
gtsofta.com
|
|
hg8fmv.racing
|
|
hkhzhz.com
|
|
hotma11.com
|
|
hotma11.net
|
|
hotmai.info
|
|
icfeds.cf
|
|
ijica.in
|
|
incloud-obert.com
|
|
innov-tec.com.ua
|
|
ixrayeye.com
|
|
jica-go-jp.bike
|
|
jica-go-jp.biz
|
|
jimin-jp.biz
|
|
jimintokoy.com
|
|
jmuroran.com
|
|
jxsuyuisyahooapis.com
|
|
kimospace.com
|
|
lianhuaxinwen.com
|
|
mailcarriage.co.uk
|
|
mailserever.com
|
|
mailvserver.com
|
|
meltegorniesto.com
|
|
microhotmail.com
|
|
microsoften.com
|
|
missbc.ca
|
|
mofa-go-jp.com
|
|
nokia1umia.com
|
|
oipbl.com
|
|
osaka-jpgo.com
|
|
osce-press.org
|
|
poulsenv.com
|
|
radiorig.com
|
|
salvaiona.com
|
|
sapporot.com
|
|
scholz-versand.com
|
|
siteinit.info
|
|
skypecommunications.net
|
|
stevenlf.com
|
|
thinkofnews.com
|
|
tokyo-gojp.com
|
|
tor-projects.org
|
|
ubuntusofta.com
|
|
unhamj.com
|
|
urearapetsu.com
|
|
veryhuai.info
|
|
vscue.com
|
|
wdsupdates.com
|
|
woyaofanwen.com
|
|
wthelpdesk.com
|
|
xsince.tk
|
|
yah000rg.com
|
|
yahooadmin.net
|
|
yahoorigist.com
|
|
zafronecromien.com
|
|
zccw.cc
|
|
zhousafe.com
|
|
002562066559681.r3u8.com
|
|
031168053846049.r3u8.com
|
|
0625.have8000.com
|
|
1.gadskysun.com
|
|
11.usyahooapis.com
|
|
19518473326.r3u8.com
|
|
1960445709311199.r3u8.com
|
|
1j.www1.biz
|
|
1z.itsaol.com
|
|
2014.zzux.com
|
|
202017845.r3u8.com
|
|
2139465544784.r3u8.com
|
|
2789203959848958.r3u8.com
|
|
3q.wubangta.info
|
|
3q.wubangtu.info
|
|
5590428449750026.r3u8.com
|
|
5q.niushenghuo.info
|
|
6r.suibian2010.info
|
|
a.wubangtu.info
|
|
a1.suibian2010.info
|
|
ab.4pu.com
|
|
abc.wikaba.com
|
|
abcd100621.3322.org
|
|
abcd120719.6600.org
|
|
abcd120807.3322.org
|
|
acc.emailfound.info
|
|
acc.lehigtapp.com
|
|
ad.getfond.info
|
|
ad.webbooting.com
|
|
additional.sexidude.com
|
|
af.zyns.com
|
|
afc.https443.org
|
|
ako.ddns.us
|
|
algorithm.ddnsgeek.com
|
|
amos.2288.org
|
|
amxil.opmuert.org
|
|
androidmusicapp.onmypc.us
|
|
announcements.toythieves.com
|
|
aotuo.9966.org
|
|
apec.qtsofta.com
|
|
app.lehigtapp.com
|
|
apple.cmdnetview.com
|
|
apple.defensewar.org
|
|
apple.ikwb.com
|
|
appledownload.ourhobby.com
|
|
appleimages.itemdb.com
|
|
appleimages.longmusic.com
|
|
applelib120102.9966.org
|
|
applemirror.organiccrap.com
|
|
applemirror.squirly.info
|
|
applemusic.isasecret.com
|
|
applemusic.itemdb.com
|
|
applemusic.wikaba.com
|
|
applemusic.xxuz.com
|
|
applemusic.zzux.com
|
|
apples.sytes.net
|
|
appleupdate.itemdb.com
|
|
area.wthelpdesk.com
|
|
army.xxuz.com
|
|
art.p6p6.net
|
|
asfzx.x24hr.com
|
|
av.ddns.us
|
|
availab.wikaba.com
|
|
availability.justdied.com
|
|
ba.my03.com
|
|
baby.macforlinux.net
|
|
baby.myie12.com
|
|
baby.usmirocomney.net
|
|
babyprintf.2288.org
|
|
back.jungleheart.com
|
|
back.mofa.dynamic-dns.net
|
|
bak.have8000.com
|
|
bak.ignorelist.com
|
|
bak.un.dnsrd.com
|
|
balance1.wikaba.com
|
|
balk.n7go.com
|
|
banana.cmdnetview.com
|
|
barrybaker.3322.org
|
|
barrybaker.6600.org
|
|
bbs.jungleheart.com
|
|
be.mrslove.com
|
|
be.yourtrap.com
|
|
bethel.webhop.net
|
|
bexm.cleansite.biz
|
|
bezu.itemdb.com
|
|
bk56.twilightparadox.com
|
|
blaaaaaaaaaaaa.windowsupdate.3-a.net
|
|
blitzmediaplayer02.blitzmediaplayer.com
|
|
blog.defensewar.org
|
|
bluecoat.isasecret.com
|
|
brand.fartit.com
|
|
bulletproof.squirly.info
|
|
cao.p6p6.net
|
|
cata.qtsofta.com
|
|
cc.dynamicdns.co.uk
|
|
ccupdatedata.authorizeddns.net
|
|
cd.usyahooapis.com
|
|
cdaets-my.sharepoint.com
|
|
cdn.incloud-go.com
|
|
cdn.sanecat.com
|
|
center.shenajou.com
|
|
cgei493860.r3u8.com
|
|
cia.ezua.com
|
|
cia.toh.info
|
|
ciaoci.chickenkiller.com
|
|
civilwar123.authorizeddns.org
|
|
civilwar520.onmypc.org
|
|
cloudns.8800.org
|
|
club.personanddog.info
|
|
cms.sindeali.com
|
|
cnnews.mylflv.com
|
|
cnnews.mylftv.com
|
|
commissioner.shenajou.com
|
|
commons.onedumb.com
|
|
contactus.myddns.com
|
|
contactus.onmypc.us
|
|
contract.4mydomain.com
|
|
contractus.qpoe.com
|
|
contractus.zzux.com
|
|
coreck.suayay.com
|
|
cpu.4pu.com
|
|
cs.lflink.com
|
|
ctdl.windowsupdate.itsaol.com
|
|
ctdl.windowsupdate.nsatcdns.com
|
|
ctldl.appledownload.ourhobby.com
|
|
ctldl.applemusic.itemdb.com
|
|
ctldl.itunesmusic.jkub.com
|
|
ctldl.microsoftmusic.onedumb.com
|
|
ctldl.microsoftupdate.qhigh.com
|
|
ctldl.windowsupdate.authorizeddns.org
|
|
ctldl.windowsupdate.authorizeddns.us
|
|
ctldl.windowsupdate.dnset.com
|
|
ctldl.windowsupdate.esmtp.biz
|
|
ctldl.windowsupdate.ezua.com
|
|
ctldl.windowsupdate.fartit.com
|
|
ctldl.windowsupdate.gettrials.com
|
|
ctldl.windowsupdate.itsaol.com
|
|
ctldl.windowsupdate.lflinkup.com
|
|
ctldl.windowsupdate.mrface.com
|
|
ctldl.windowsupdate.nsatcdns.com
|
|
ctldl.windowsupdate.organiccrap.com
|
|
ctldl.windowsupdate.x24hr.com
|
|
cvnx.zyns.com
|
|
daddy.gostudyantivirus.com
|
|
dcc.jimingroup.com
|
|
dd.ddns.us
|
|
de.onmypc.info
|
|
dear.loveddos.com
|
|
dec.seyesb.acmetoy.com
|
|
dedydns.ns01.us
|
|
department.shenajou.com
|
|
desktopweatheralerts02.desktopweatheralerts00.desktopweatheralerts.com
|
|
details.squirly.info
|
|
development.shenajou.com
|
|
devilcase.acmetoy.com
|
|
dfgwerzc.3322.org
|
|
dick.ccfchrist.com
|
|
digsby.ourhobby.com
|
|
disruptive.https443.net
|
|
dlmix.ourdvs.com
|
|
dns.snakesearch.info
|
|
dnspoddwg.authorizeddns.org
|
|
do.ddns.ms
|
|
document.methoder.com
|
|
document.shenajou.com
|
|
domainnow.yourtrap.com
|
|
download.applemusic.itemdb.com
|
|
download.microsoftmusic.onedumb.com
|
|
download.windowsupdate.authorizeddns.org
|
|
download.windowsupdate.dedgesuite.net
|
|
download.windowsupdate.dnset.com
|
|
download.windowsupdate.itsaol.com
|
|
download.windowsupdate.lflinkup.com
|
|
download.windowsupdate.nsatcdns.com
|
|
download.windowsupdate.x24hr.com
|
|
downloadlink.mypicture.info
|
|
dreamsture.iego.cn
|
|
drives.methoder.com
|
|
dst.1dumb.com
|
|
dutchbros.apps.playnetwork.com
|
|
dyncojinf.6600.org
|
|
dynsbluecheck.7766.org
|
|
ea.onmypc.info
|
|
ea.rebatesrule.net
|
|
edgar.ccfchrist.com
|
|
ehshiroshima.mylftv.com
|
|
eric-averyanov.wha.la
|
|
eservake.jetos.com
|
|
eu.acmetoy.com
|
|
eu.wha.la
|
|
eu.zzux.com
|
|
ewe.toshste.com
|
|
eweek.2waky.com
|
|
ewms.6600.org
|
|
express.lflinkup.com
|
|
extraordinary.dynamic-dns.net
|
|
fabian.ccfchrist.com
|
|
fastemail.dnsrd.com
|
|
fbi.sexxxy.biz
|
|
fbi.zyns.com
|
|
fcztqbg.zj.r3u8.com
|
|
feasot.4pu.com
|
|
feed.jungleheart.com
|
|
fg.v4.download.windowsupdates.dnsrd.com
|
|
fgipv6.download.windowsupdate.com.mwcname.com
|
|
file.zzux.com
|
|
files.architectisusa.com
|
|
fileshare.serveftp.com
|
|
film.everydayfilmlink.com
|
|
filmlist.everydayfilmlink.com
|
|
findme.epac.to
|
|
fire.mrface.com
|
|
firefoxcomt.arkouowi.com
|
|
fish.toh.info
|
|
fiveavmersi.websegoo.net
|
|
fjs.wikaba.com
|
|
flea.poulsenv.com
|
|
flynews.edns.biz
|
|
fo.mysecondarydns.com
|
|
foal.wchildress.com
|
|
follow.wha.la
|
|
foo.shenajou.com
|
|
for.ddns.mobi
|
|
fr.wikaba.com
|
|
franck.demoones.com
|
|
freeright.10dig.net
|
|
friendlysupport.giize.com
|
|
ftp.2014.zzux.com
|
|
ftp.additional.sexidude.com
|
|
ftp.afc.https443.org
|
|
ftp.announcements.toythieves.com
|
|
ftp.apple.ikwb.com
|
|
ftp.appledownload.ourhobby.com
|
|
ftp.appleimages.itemdb.com
|
|
ftp.appleimages.longmusic.com
|
|
ftp.appleimages.organiccrap.com
|
|
ftp.applemirror.organiccrap.com
|
|
ftp.applemirror.squirly.info
|
|
ftp.applemusic.isasecret.com
|
|
ftp.applemusic.itemdb.com
|
|
ftp.applemusic.wikaba.com
|
|
ftp.applemusic.xxuz.com
|
|
ftp.applemusic.zzux.com
|
|
ftp.appleupdate.itemdb.com
|
|
ftp.architectisusa.com
|
|
ftp.asfzx.x24hr.com
|
|
ftp.availab.wikaba.com
|
|
ftp.availability.justdied.com
|
|
ftp.back.jungleheart.com
|
|
ftp.balance1.wikaba.com
|
|
ftp.be.mrslove.com
|
|
ftp.brand.fartit.com
|
|
ftp.bulletproof.squirly.info
|
|
ftp.cia.ezua.com
|
|
ftp.cia.toh.info
|
|
ftp.civilwar123.authorizeddns.org
|
|
ftp.civilwar520.onmypc.org
|
|
ftp.cloudfileserverbs.dynamicdns.co.uk
|
|
ftp.cnnews.mylftv.com
|
|
ftp.commons.onedumb.com
|
|
ftp.contractus.qpoe.com
|
|
ftp.cvnx.zyns.com
|
|
ftp.de.onmypc.info
|
|
ftp.details.squirly.info
|
|
ftp.devilcase.acmetoy.com
|
|
ftp.disruptive.https443.net
|
|
ftp.domainnow.yourtrap.com
|
|
ftp.ea.onmypc.info
|
|
ftp.ehshiroshima.mylftv.com
|
|
ftp.eric-averyanov.wha.la
|
|
ftp.eu.acmetoy.com
|
|
ftp.eu.wha.la
|
|
ftp.eu.zzux.com
|
|
ftp.fbi.sexxxy.biz
|
|
ftp.file.zzux.com
|
|
ftp.findme.epac.to
|
|
ftp.fire.mrface.com
|
|
ftp.fjs.wikaba.com
|
|
ftp.fr.wikaba.com
|
|
ftp.fuck.ikwb.com
|
|
ftp.fuckmm.dns-dns.com
|
|
ftp.generat.almostmy.com
|
|
ftp.goldtoyota.com
|
|
ftp.goodmusic.justdied.com
|
|
ftp.helpus.ddns.info
|
|
ftp.hii.qhigh.com
|
|
ftp.innocent-isayev.sexidude.com
|
|
ftp.invoices.sexxxy.biz
|
|
ftp.iphone.vizvaz.com
|
|
ftp.itlans.isasecret.com
|
|
ftp.itunesdownload.jkub.com
|
|
ftp.itunesdownload.wikaba.com
|
|
ftp.itunesimages.itemdb.com
|
|
ftp.itunesimages.itsaol.com
|
|
ftp.itunesimages.qpoe.com
|
|
ftp.itunesmirror.fartit.com
|
|
ftp.itunesmirror.itsaol.com
|
|
ftp.itunesmusic.ikwb.com
|
|
ftp.itunesmusic.jetos.com
|
|
ftp.itunesmusic.jkub.com
|
|
ftp.itunesmusic.zzux.com
|
|
ftp.itunesupdate.itsaol.com
|
|
ftp.itunesupdates.organiccrap.com
|
|
ftp.japanfilmsite.ikwb.com
|
|
ftp.jimin.mymom.info
|
|
ftp.jp.serveuser.com
|
|
ftp.key.zzux.com
|
|
ftp.knowledge.sellclassics.com
|
|
ftp.lan.dynssl.com
|
|
ftp.latestnews.epac.to
|
|
ftp.latestnews.organiccrap.com
|
|
ftp.leedong.longmusic.com
|
|
ftp.macfee.mrface.com
|
|
ftp.maffc.mrface.com
|
|
ftp.malware.dsmtp.com
|
|
ftp.manager.jetos.com
|
|
ftp.martin.sellclassics.com
|
|
ftp.mason.vizvaz.com
|
|
ftp.mediapath.organiccrap.com
|
|
ftp.microsoft.got-game.org
|
|
ftp.microsoft.mrface.com
|
|
ftp.microsoftimages.organiccrap.com
|
|
ftp.microsoftmusic.mrbasic.com
|
|
ftp.microsoftqckmanager.pcanywhere.net
|
|
ftp.microsoftupdate.mrbasic.com
|
|
ftp.microsoftupdate.qhigh.com
|
|
ftp.micrsoftware.dsmtp.com
|
|
ftp.mircsoft.compress.to
|
|
ftp.mmy.ddns.us
|
|
ftp.mod.jetos.com
|
|
ftp.mofa.dynamic-dns.net
|
|
ftp.mofa.ns01.info
|
|
ftp.moscowdic.trickip.org
|
|
ftp.msg.ezua.com
|
|
ftp.musicfile.ikwb.com
|
|
ftp.musicjj.zzux.com
|
|
ftp.mymusicbox.vizvaz.com
|
|
ftp.myphpwebsite.itsaol.com
|
|
ftp.myrestroomimage.isasecret.com
|
|
ftp.na.americanunfinished.com
|
|
ftp.na.onmypc.org
|
|
ftp.newsdata.jkub.com
|
|
ftp.newsroom.cleansite.info
|
|
ftp.no.authorizeddns.org
|
|
ftp.nsa.mefound.com
|
|
ftp.nt.mynumber.org
|
|
ftp.nttdata.otzo.com
|
|
ftp.nz.compress.to
|
|
ftp.ol.almostmy.com
|
|
ftp.oracleupdate.dns04.com
|
|
ftp.portal.mrface.com
|
|
ftp.portal.sendsmtp.com
|
|
ftp.portalser.dynamic-dns.net
|
|
ftp.praskovya-matveyeva.mefound.com
|
|
ftp.praskovya-ulyanova.dumb1.com
|
|
ftp.products.almostmy.com
|
|
ftp.products.cleansite.us
|
|
ftp.products.serveuser.com
|
|
ftp.purchase.lflinkup.org
|
|
ftp.recent.dns-stuff.com
|
|
ftp.recent.fartit.com
|
|
ftp.referred.gr8domain.biz
|
|
ftp.referred.yourtrap.com
|
|
ftp.register.ourhobby.com
|
|
ftp.registration2.instanthq.com
|
|
ftp.registrations.4pu.com
|
|
ftp.registrations.organiccrap.com
|
|
ftp.remeberdata.iownyour.org
|
|
ftp.reserveds.onedumb.com
|
|
ftp.rethem.almostmy.com
|
|
ftp.sdmsg.onmypc.org
|
|
ftp.se.toythieves.com
|
|
ftp.secertnews.mrbasic.com
|
|
ftp.senseye.ikwb.com
|
|
ftp.senseye.mrbonus.com
|
|
ftp.septdlluckysystem.jungleheart.com
|
|
ftp.seraphim-yurieva.justdied.com
|
|
ftp.serv.justdied.com
|
|
ftp.server1.proxydns.com
|
|
ftp.seyesb.acmetoy.com
|
|
ftp.shugiin.jkub.com
|
|
ftp.singed.otzo.com
|
|
ftp.sstday.jkub.com
|
|
ftp.support1.mrface.com
|
|
ftp.supportus.mefound.com
|
|
ftp.svc.dynssl.com
|
|
ftp.synssl.dnset.com
|
|
ftp.tamraj.fartit.com
|
|
ftp.tfa.longmusic.com
|
|
ftp.thunder.wikaba.com
|
|
ftp.ticket.instanthq.com
|
|
ftp.ticket.serveuser.com
|
|
ftp.tokyofile.2waky.com
|
|
ftp.tophost.dynamicdns.co.uk
|
|
ftp.transfer.lflinkup.org
|
|
ftp.transfer.mrbasic.com
|
|
ftp.transfer.vizvaz.com
|
|
ftp.ugreen.itemdb.com
|
|
ftp.uk.dynamicdns.org.uk
|
|
ftp.un.ddns.info
|
|
ftp.un.dnsrd.com
|
|
ftp.usa.itsaol.com
|
|
ftp.well.itsaol.com
|
|
ftp.well.mrbasic.com
|
|
ftp.wike.wikaba.com
|
|
ftp.windowfile.itemdb.com
|
|
ftp.windowsimages.itemdb.com
|
|
ftp.windowsimages.qhigh.com
|
|
ftp.windowsmirrors.vizvaz.com
|
|
ftp.windowsupdate.2waky.com
|
|
ftp.windowsupdate.3-a.net
|
|
ftp.windowsupdate.authorizeddns.us
|
|
ftp.windowsupdate.dns05.com
|
|
ftp.windowsupdate.esmtp.biz
|
|
ftp.windowsupdate.ezua.com
|
|
ftp.windowsupdate.fartit.com
|
|
ftp.windowsupdate.gettrials.com
|
|
ftp.windowsupdate.instanthq.com
|
|
ftp.windowsupdate.jungleheart.com
|
|
ftp.windowsupdate.lflink.com
|
|
ftp.windowsupdate.mrface.com
|
|
ftp.windowsupdate.mylftv.com
|
|
ftp.windowsupdate.rebatesrule.net
|
|
ftp.windowsupdate.sellclassics.com
|
|
ftp.windowsupdate.serveusers.com
|
|
ftp.yandexr.sellclassics.com
|
|
fu.chromeenter.com
|
|
fu.epac.to
|
|
fuck.ikwb.com
|
|
fuckdd.8800.org
|
|
fuckmm.8800.org
|
|
fuckmm.dns-dns.com
|
|
fukuoka.cloud-maste.com
|
|
gavin.ccfchrist.com
|
|
generat.almostmy.com
|
|
generousd.hopto.org
|
|
gensuzuki.6600.org
|
|
gh.mysecondarydns.com
|
|
gifuonlineshopping.mynumber.org
|
|
glicense.shenajou.com
|
|
globalnews.wikaba.com
|
|
gmail.com.mailsserver.com
|
|
gold.polopurple.com
|
|
goodmusic.justdied.com
|
|
gooesdataios.instanthq.com
|
|
google.macforlinux.net
|
|
google.usrobothome.com
|
|
hamiltion.catholicmmb.com
|
|
happy.workerisgood.com
|
|
helpus.ddns.info
|
|
helshellfucde.8866.org
|
|
hii.qhigh.com
|
|
hk-china.485445bd7ac73d726fd60eef9f7f1044.pw
|
|
hk-china.d8a4d1bc0af4b49721b10b7a6cb6bb29.pw
|
|
hk.2012yearleft.com
|
|
hk.cmdnetview.com
|
|
hk.have8000.com
|
|
hk.loveddos.com
|
|
home.trickip.org
|
|
hotmail.com.mailsserver.com
|
|
hukuoka.cloud-maste.com
|
|
iamges.itunesmusic.jkub.com
|
|
ibmmsg.strangled.net
|
|
idpmus.hostport9.net
|
|
im.suibian2010.info
|
|
image.laoscript.org
|
|
image.websago.info
|
|
images.itunesmusic.jkub.com
|
|
images.thedomais.info
|
|
images.tokyo-gojp.com
|
|
images.tyoto-go-jp.com
|
|
images.windowsupdate.organiccrap.com
|
|
imap.architectisusa.com
|
|
imap.dnset.com
|
|
imap.lflink.com
|
|
imap.onmypc.net
|
|
imap.ygto.com
|
|
img.microtoo.info
|
|
img.station155.com
|
|
inbox.webmailgoogle.com
|
|
ingemar.catholicmmb.com
|
|
innocent-isayev.sexidude.com
|
|
inspgon.re26.com
|
|
interpreter.shenajou.com
|
|
invoices.sexxxy.biz
|
|
io.jkub.com
|
|
iphone.vizvaz.com
|
|
ipv4.applemusic.itemdb.com
|
|
ipv4.itunesmusic.jkub.com
|
|
ipv4.japanenvnews.qpoe.com
|
|
ipv4.microsoftmusic.onedumb.com
|
|
ipv4.microsoftupdate.mrbasic.com
|
|
ipv4.microsoftupdate.qhigh.com
|
|
ipv4.windowsupdate.3-a.net
|
|
ipv4.windowsupdate.authorizeddns.org
|
|
ipv4.windowsupdate.authorizeddns.us
|
|
ipv4.windowsupdate.dnset.com
|
|
ipv4.windowsupdate.esmtp.biz
|
|
ipv4.windowsupdate.ezua.com
|
|
ipv4.windowsupdate.fartit.com
|
|
ipv4.windowsupdate.gettrials.com
|
|
ipv4.windowsupdate.itsaol.com
|
|
ipv4.windowsupdate.lflink.com
|
|
ipv4.windowsupdate.lflinkup.com
|
|
ipv4.windowsupdate.mrface.com
|
|
ipv4.windowsupdate.mylftv.com
|
|
ipv4.windowsupdate.nsatcdns.com
|
|
ipv4.windowsupdate.x24hr.com
|
|
ipv6microsoft.dlmix.ourdvs.com
|
|
itlans.isasecret.com
|
|
itunesdownload.jkub.com
|
|
itunesdownload.vizvaz.com
|
|
itunesdownload.wikaba.com
|
|
itunesimages.itemdb.com
|
|
itunesimages.itsaol.com
|
|
itunesimages.qpoe.com
|
|
itunesmirror.fartit.com
|
|
itunesmirror.itsaol.com
|
|
itunesmusic.ikwb.com
|
|
itunesmusic.jetos.com
|
|
itunesmusic.jkub.com
|
|
itunesmusic.zzux.com
|
|
itunesupdate.itsaol.com
|
|
itunesupdates.organiccrap.com
|
|
iw.mrslove.com
|
|
james.tffghelth.com
|
|
janpan.bigmoney.biz
|
|
janpun.americanunfinished.com
|
|
jap.japanmusicinfo.com
|
|
japan.fuckanti.com
|
|
japan.linuxforover.com
|
|
japan.loveddos.com
|
|
japanenvnews.qpoe.com
|
|
japanfilmsite.ikwb.com
|
|
japanfst.japanteam.org
|
|
jcie.mofa.ns01.info
|
|
jepsen.r3u8.com
|
|
jimin.jimindaddy.com
|
|
jimin.mymom.info
|
|
jiussharefiles.ddns.net
|
|
jj.mysecondarydns.com
|
|
josadae.ygto.com
|
|
jp.rakutenmusic.com
|
|
jp.serveuser.com
|
|
jp.virhub.biz
|
|
jpn.longmusic.com
|
|
jpnxzshopdata.authorizeddns.org
|
|
jpstarmarket.serveusers.com
|
|
kaka.lehigtapp.com
|
|
kawasaki.cloud-maste.com
|
|
kawasaki.unhamj.com
|
|
kbjr.zvgkbjj.com
|
|
kennedy.tffghelth.com
|
|
key.zzux.com
|
|
kikimusic.sellclassics.com
|
|
kmd.crabdance.com
|
|
knowledge.sellclassics.com
|
|
koala.acsocietyy.com
|
|
ktgmktanxgvn.r3u8.com
|
|
kxsbwappupdate.dhcp.biz
|
|
kztmusiclnk.dnsrd.com
|
|
lan.dynssl.com
|
|
last.p6p6.net
|
|
latestnews.epac.to
|
|
latestnews.organiccrap.com
|
|
leedong.longmusic.com
|
|
lennon.fftpoor.com
|
|
license.shenajou.com
|
|
lie.jetos.com
|
|
lion.wchildress.com
|
|
livehouse.myz.info
|
|
lizard.poulsenv.com
|
|
lottedfstravel.webbooting.com
|
|
lzf550.r3u8.com
|
|
ma.vizvaz.com
|
|
mac.goldtoyota.com
|
|
mac.methoder.com
|
|
macfee.mrface.com
|
|
maffc.mrface.com
|
|
mail.architectisusa.com
|
|
mail.cbppnews.com
|
|
mail.macforlinux.net
|
|
mailj.hostport9.net
|
|
mailowl.jkub.com
|
|
malcolm.fftpoor.com
|
|
malware.dsmtp.com
|
|
manager.architectisusa.com
|
|
manager.jetos.com
|
|
maofajapa.3322.org
|
|
markabcinfo.dynamicdns.me.uk
|
|
martin.sellclassics.com
|
|
mason.vizvaz.com
|
|
mbaby.macforlinux.net
|
|
medexplor.thedomais.info
|
|
mediapath.organiccrap.com
|
|
meibubaker.3322.org
|
|
mesjm.emailfound.info
|
|
message.emailfound.info
|
|
message.p6p6.net
|
|
messagea.emailfound.info
|
|
mf.ddns.info
|
|
microcnmlgb.3322.org
|
|
microdef.2288.org
|
|
microhome.wikaba.com
|
|
microsoft.got-game.org
|
|
microsoft.mrface.com
|
|
microsoftdownload.zzux.com
|
|
microsoftempowering.sendsmtp.com
|
|
microsoftgame.mrface.com
|
|
microsoftgetstarted.sexidude.com
|
|
microsoftimages.organiccrap.com
|
|
microsoftmirror.mrbasic.com
|
|
microsoftmusic.itemdb.com
|
|
microsoftmusic.mrbasic.com
|
|
microsoftmusic.onedumb.com
|
|
microsoftqckmanager.pcanywhere.net
|
|
microsoftstore.jetos.com
|
|
microsoftstore.onmypc.net
|
|
microsoftstores.itemdb.com
|
|
microsoftupdate.mrbasic.com
|
|
microsoftupdate.qhigh.com
|
|
microsoftupdates.vizvaz.com
|
|
micrsoftware.dsmtp.com
|
|
mircsoft.compress.to
|
|
mivsee.website0012.net
|
|
mmofoojap.2288.org
|
|
mmy.ddns.us
|
|
mobile.2waky.com
|
|
mocha.100fanwen.com
|
|
mod.jetos.com
|
|
mofa.dynamic-dns.net
|
|
mofa.ns01.info
|
|
mofa.strangled.net
|
|
mongoles.3322.org
|
|
monkey.2012yearleft.com
|
|
monkey.windowsupdate.nsatcdns.com
|
|
moscowstdsupdate.toythieves.com
|
|
mrsloveaqx.mrslove.com
|
|
ms.ecc.u-tokyo-ac-jp.com
|
|
mseupdate.ourhobby.com
|
|
msg.ezua.com
|
|
msn.incloud-go.com
|
|
mtonline0416.dyndns.org
|
|
muller.exprenum.com
|
|
music.acmetoy.com
|
|
music.applemusic.itemdb.com
|
|
music.cleansite.us
|
|
music.websegoo.net
|
|
musicfile.ikwb.com
|
|
musicinfo.everydayfilmlink.com
|
|
musicjj.zzux.com
|
|
musiclinker.jkub.com
|
|
musicsecph.squirly.info
|
|
mx.yetrula.eu
|
|
mymusicbox.lflinkup.org
|
|
mymusicbox.vizvaz.com
|
|
mynutrition2go.orderlunchesatwork.com
|
|
myphpwebsite.itsaol.com
|
|
myrestroomimage.isasecret.com
|
|
mytodaynews.publicvm.com
|
|
mytwhomeinst.sendsmtp.com
|
|
myurinikoreaaps.ninth.biz
|
|
na.americanunfinished.com
|
|
na.onmypc.org
|
|
nasa.xxuz.com
|
|
nec.website0012.net
|
|
newdata.ygto.com
|
|
news.100fanwen.com
|
|
news.japanteam.org
|
|
news.turkceil.tk
|
|
news.voanews.hk
|
|
newsdata.jkub.com
|
|
newsfile.toythieves.com
|
|
newsreport.justdied.com
|
|
newsroom.cleansite.info
|
|
nezwq.ezua.com
|
|
ngcc.8800.org
|
|
nk10.belowto.com
|
|
nk20.belowto.com
|
|
nlddnsinfo.https443.org
|
|
nmrx.mrbonus.com
|
|
nn.dynssl.com
|
|
no.authorizeddns.org
|
|
node.mofaess.com
|
|
nodns2.qipian.org
|
|
nposnewsinfo.qhigh.com
|
|
ns1.belowto.com
|
|
ns1.pickcars.net
|
|
ns1.tlchs2.ml
|
|
ns2.belowto.com
|
|
ns21.belowto.com
|
|
ns22.belowto.com
|
|
ns4.belowto.com
|
|
ns5.belowto.com
|
|
nsa.mefound.com
|
|
nt.mynumber.org
|
|
nttdata.otzo.com
|
|
nunluck.re26.com
|
|
nz.compress.to
|
|
officechoiceau-my.sharepoint.com
|
|
ol.almostmy.com
|
|
oms.sindeali.com
|
|
oop.jumpingcrab.com
|
|
openmofa.8866.org
|
|
oracleupdate.dns04.com
|
|
outlook.otzo.com
|
|
outlook.sindeali.com
|
|
owlmedia.mefound.com
|
|
peopleinfodata.3-a.net
|
|
phptecinfohelp.itemdb.com
|
|
pic.nicklockluckydog.org
|
|
pictures.everydayfilmlink.com
|
|
pj.qpoe.com
|
|
points.mofaess.com
|
|
pop.architectisusa.com
|
|
pop.loveddos.com
|
|
portal.mrface.com
|
|
portal.sendsmtp.com
|
|
portalser.dynamic-dns.net
|
|
praskovya-matveyeva.mefound.com
|
|
praskovya-ulyanova.dumb1.com
|
|
premium.redforlinux.com
|
|
procore.orderlunchesatwork.com
|
|
products.almostmy.com
|
|
products.cleansite.us
|
|
products.serveuser.com
|
|
program.acmetoy.com
|
|
prrmes4019.r3u8.com
|
|
purchase.lflinkup.org
|
|
q6.niushenghuo.info
|
|
qf.laoscript.org
|
|
qtds1979.3322.org
|
|
qtds1979.gicp.net
|
|
quick.oldbmwy.com
|
|
qwer9876.vicp.cc
|
|
rain.orctldl.windowsupdate.authorizeddns.us
|
|
rdns-4.infoproduto1.tk
|
|
read.xxuz.com
|
|
recent.dns-stuff.com
|
|
recent.fartit.com
|
|
record.hostport9.net
|
|
record.webssl9.info
|
|
record.wschandler.com
|
|
referred.gr8domain.biz
|
|
referred.yourtrap.com
|
|
register.ourhobby.com
|
|
registration2.instanthq.com
|
|
registrations.4pu.com
|
|
registrations.organiccrap.com
|
|
report.perrydale.com
|
|
reports.tomorrowforgood.com
|
|
reserveds.onedumb.com
|
|
resources.applemusic.itemdb.com
|
|
rethem.almostmy.com
|
|
rlbeiydn.hi.r3u8.com
|
|
rpt.perrydale.com
|
|
rtg.jrwr.space
|
|
saiyo.exprenum.com
|
|
sakai.unhamj.com
|
|
sappore.cloud-maste.com
|
|
sapporo.cloud-maste.com
|
|
sat.suayay.com
|
|
saverd.re26.com
|
|
sb.iffymonkey.com
|
|
sbuudd.webssl9.info
|
|
sc.weboot.info
|
|
scorpion.poulsenv.com
|
|
scripts.3-a.net
|
|
scrlk.exprenum.com
|
|
sdmsg.onmypc.org
|
|
se.toythieves.com
|
|
sea.websegoo.net
|
|
secertnews.mrbasic.com
|
|
secmicrosooo.6600.org
|
|
secserverupdate.toh.info
|
|
secure.orderlunchesatwork.com
|
|
sell.mofaess.com
|
|
sema.linuxsofta.com
|
|
send.have8000.com
|
|
send.mofa.ns01.info
|
|
sendmsg.jumpingcrab.com
|
|
senseye.ikwb.com
|
|
senseye.mrbonus.com
|
|
septdlluckysystem.jungleheart.com
|
|
seraphim-yurieva.justdied.com
|
|
serv.justdied.com
|
|
server1.micoosofts.com
|
|
server1.proxydns.com
|
|
severeweatheralerts02.severeweatheralerts.net
|
|
severeweatheralerts02.severeweatheralerts00.severeweatheralerts.net
|
|
seyesb.acmetoy.com
|
|
sh.chromeenter.com
|
|
sha.25u.com
|
|
sha.ikwb.com
|
|
shadowgolden.10dig.net
|
|
shoppingcentre.station155.com
|
|
shrimp.bdoncloud.com
|
|
shrimp.usffunicef.com
|
|
shugiin.jkub.com
|
|
signup.l3p95.net
|
|
singed.otzo.com
|
|
sky.oldbmwy.com
|
|
sma.jimindaddy.com
|
|
smartmediaconverter02.smartmediaconverter00.smartmediaconverter.com
|
|
smo.gadskysun.com
|
|
smtp.architectisusa.com
|
|
smtp.macforlinux.net
|
|
smtp230.toldweb.com
|
|
somthing.re26.com
|
|
sstday.jkub.com
|
|
start.usrobothome.com
|
|
stone.jumpincrab.com
|
|
stone.jumpingcrab.com
|
|
storm-alerts02.storm-alerts00.storm-alerts.net
|
|
style.u-tokyo-ac-jp.com
|
|
support1.mrface.com
|
|
supportus.mefound.com
|
|
svc.dynssl.com
|
|
sxl1979.gicp.net
|
|
synssl.dnset.com
|
|
sz.thedomais.info
|
|
taipei.yourtrap.com
|
|
taipeifoodsite.ocry.com
|
|
tamraj.fartit.com
|
|
telegraph.mefound.com
|
|
test.usyahooapis.com
|
|
tfa.longmusic.com
|
|
tianshao007.vicp.cc
|
|
ticket.instanthq.com
|
|
ticket.jetos.com
|
|
ticket.serveuser.com
|
|
tidatacenter.shenajou.com
|
|
tisdatacenter.shenajou.com
|
|
tisupdateinfo.faqserv.com
|
|
tokyofile.2waky.com
|
|
tophost.dynamicdns.co.uk
|
|
toya.7766.org
|
|
transfer.lflinkup.org
|
|
transfer.mrbasic.com
|
|
transfer.vizvaz.com
|
|
trasul.mypicture.info
|
|
travelyokogawafz.fartit.com
|
|
trendmicroupdate.shenajou.com
|
|
trendsecurity.shenajou.com
|
|
trout.belowto.com
|
|
tv.goldtoyota.com
|
|
tw.2012yearleft.com
|
|
twmusic.proxydns.com
|
|
twnic.ignorelist.com
|
|
twpeoplemusicsite.my03.com
|
|
twsslpopservupro.dynssl.com
|
|
twtravelinfomation.toythieves.com
|
|
twx.mynumber.org
|
|
u1.fartit.com
|
|
u1.haoyujd.info
|
|
ugreen.itemdb.com
|
|
ui.hdcdui.com
|
|
uk.dynamicdns.org.uk
|
|
ukuoka.cloud-maste.com
|
|
ultimedia.vmmini.com
|
|
un.ddns.info
|
|
un.dnsrd.com
|
|
unspa.hostport9.net
|
|
update.arkouowi.com
|
|
update.dnsqaz.com
|
|
update.yourtrap.com
|
|
updatemirrors.fartit.com
|
|
updates.itsaol.com
|
|
ups.improvejpese.com
|
|
usa.got-game.org
|
|
usa.itsaol.com
|
|
usa.japanteam.org
|
|
usbage.gicp.net
|
|
usiness.vmmini.com
|
|
ut-portal-u-tokyo-ac-jp.tyoto-go-jp.com
|
|
uu.logon-live.com
|
|
uu.niushenghuo.info
|
|
ux.niushenghuo.info
|
|
v4.appledownload.ourhobby.com
|
|
v4.itunesmusic.jkub.com
|
|
v4.microsoftmusic.onedumb.com
|
|
v4.microsoftupdate.mrbasic.com
|
|
v4.windowsupdate.authorizeddns.org
|
|
v4.windowsupdate.dedgesuite.net
|
|
v4.windowsupdate.dnset.com
|
|
v4.windowsupdate.itsaol.com
|
|
v4.windowsupdate.lflinkup.com
|
|
v4.windowsupdate.mrface.com
|
|
v4.windowsupdate.nsatcdns.com
|
|
v4.windowsupdate.x24hr.com
|
|
v4.windowsupdates.dnsrd.com
|
|
video.vmdnsup.org
|
|
visualstudio.authorizeddns.net
|
|
vm.vmdnsup.org
|
|
vmyiersend.websago.info
|
|
vmyisan.website0012.net
|
|
voov.2288.org
|
|
wcxh.mynetav.net
|
|
web.dpp.rrims.org
|
|
web.paramerat.com
|
|
webdirectnews.dynamicdns.biz
|
|
webinfoseco.ygto.com
|
|
webjz.9966.org
|
|
webmailentry.jetos.com
|
|
webmonder.gicp.net
|
|
webposter.gicp.net
|
|
websiteboo.website0012.net
|
|
websqlnewsmanager.ninth.biz
|
|
webwxjz.3322.org
|
|
well.itsaol.com
|
|
well.mrbasic.com
|
|
whale.toshste.com
|
|
whellbuy.wschandler.com
|
|
whois.nictr.info
|
|
whyis.haoyujd.info
|
|
wike.wikaba.com
|
|
win7.myz.info
|
|
windowfile.itemdb.com
|
|
windowsimages.itemdb.com
|
|
windowsimages.qhigh.com
|
|
windowsmirrors.vizvaz.com
|
|
windowsstores.gettrials.com
|
|
windowsstores.organiccrap.com
|
|
windowsupdate.2waky.com
|
|
windowsupdate.3-a.net
|
|
windowsupdate.acmetoy.com
|
|
windowsupdate.authorizeddns.net
|
|
windowsupdate.authorizeddns.org
|
|
windowsupdate.authorizeddns.us
|
|
windowsupdate.com.mwcname.com
|
|
windowsupdate.dedgesuite.net
|
|
windowsupdate.dns05.com
|
|
windowsupdate.dnset.com
|
|
windowsupdate.esmtp.biz
|
|
windowsupdate.ezua.com
|
|
windowsupdate.fartit.com
|
|
windowsupdate.gettrials.com
|
|
windowsupdate.instanthq.com
|
|
windowsupdate.itsaol.com
|
|
windowsupdate.jungleheart.com
|
|
windowsupdate.lflink.com
|
|
windowsupdate.mrface.com
|
|
windowsupdate.mylftv.com
|
|
windowsupdate.nsatcdns.com
|
|
windowsupdate.organiccrap.com
|
|
windowsupdate.rebatesrule.net
|
|
windowsupdate.sellclassics.com
|
|
windowsupdate.serveusers.com
|
|
windowsupdate.vizvaz.com
|
|
windowsupdate.wcwname.com
|
|
windowsupdate.x24hr.com
|
|
windowsupdate.ygto.com
|
|
windowsupdates.dnset.com
|
|
windowsupdates.ezua.com
|
|
windowsupdates.ikwb.com
|
|
windowsupdates.itemdb.com
|
|
windowsupdates.proxydns.com
|
|
www-meti-go-jp.tyoto-go-jp.com
|
|
www.2014.zzux.com
|
|
www.97sm.com
|
|
www.9gowg.tech
|
|
www.abdominal.faqserv.com
|
|
www.additional.sexidude.com
|
|
www.afc.https443.org
|
|
www.aiisoo.com
|
|
www.androidmusicapp.onmypc.us
|
|
www.announcements.toythieves.com
|
|
www.anx-own-334.mrbasic.com
|
|
www.apple.ikwb.com
|
|
www.appledownload.ourhobby.com
|
|
www.appleimages.itemdb.com
|
|
www.appleimages.longmusic.com
|
|
www.appleimages.organiccrap.com
|
|
www.applejuice.itemdb.com
|
|
www.applemirror.organiccrap.com
|
|
www.applemirror.squirly.info
|
|
www.applemusic.isasecret.com
|
|
www.applemusic.itemdb.com
|
|
www.applemusic.wikaba.com
|
|
www.applemusic.xxuz.com
|
|
www.applemusic.zzux.com
|
|
www.appleupdate.itemdb.com
|
|
www.appleupdateurl.2waky.com
|
|
www.aprilmusic.com
|
|
www.architectisusa.com
|
|
www.army.xxuz.com
|
|
www.art.p6p6.net
|
|
www.asfzx.x24hr.com
|
|
www.availab.wikaba.com
|
|
www.availability.justdied.com
|
|
www.avasters.com
|
|
www.babymusicsitetr.mymom.info
|
|
www.back.jungleheart.com
|
|
www.balance1.wikaba.com
|
|
www.be.mrslove.com
|
|
www.belowto.com
|
|
www.billing.organiccrap.com
|
|
www.blaaaaaaaaaaaa.windowsupdate.3-a.net
|
|
www.bqcpu.com
|
|
www.brand.fartit.com
|
|
www.bulletproof.squirly.info
|
|
www.cabbage.iownyour.biz
|
|
www.cbppnews.com
|
|
www.ccupdatedata.authorizeddns.net
|
|
www.cdn.incloud-go.com
|
|
www.center.shenajou.com
|
|
www.chaindungeons.com
|
|
www.cia.ezua.com
|
|
www.cia.toh.info
|
|
www.civilwar123.authorizeddns.org
|
|
www.civilwar520.onmypc.org
|
|
www.cloud-maste.com
|
|
www.cnnews.mylftv.com
|
|
www.commissioner.shenajou.com
|
|
www.commons.onedumb.com
|
|
www.contractus.qpoe.com
|
|
www.corp-dnsonline.itsaol.com
|
|
www.courier.jetos.com
|
|
www.cress.mynetav.net
|
|
www.ctdl.windowsupdate.nsatcdns.com
|
|
www.ctldl.microsoftupdate.qhigh.com
|
|
www.ctldl.windowsupdate.authorizeddns.us
|
|
www.ctldl.windowsupdate.esmtp.biz
|
|
www.ctldl.windowsupdate.mrface.com
|
|
www.cwiinatonal.com
|
|
www.dasoftactivemodule.toythieves.com
|
|
www.dasonews.youdontcare.com
|
|
www.daughter.vizvaz.com
|
|
www.de.onmypc.info
|
|
www.details.squirly.info
|
|
www.development.shenajou.com
|
|
www.devilcase.acmetoy.com
|
|
www.disruptive.https443.net
|
|
www.dns-hinettw.25u.com
|
|
www.document.shenajou.com
|
|
www.domainnow.yourtrap.com
|
|
www.download.windowsupdate.nsatcdns.com
|
|
www.dreamsture.iego.cn
|
|
www.ea.onmypc.info
|
|
www.eddo.qpoe.com
|
|
www.ehshiroshima.mylftv.com
|
|
www.eric-averyanov.wha.la
|
|
www.eu.acmetoy.com
|
|
www.eu.wha.la
|
|
www.express.lflinkup.com
|
|
www.extraordinary.dynamic-dns.net
|
|
www.f068v.site
|
|
www.facefile.fartit.com
|
|
www.feed.jungleheart.com
|
|
www.fertile.authorizeddns.net
|
|
www.file.zzux.com
|
|
www.findme.epac.to
|
|
www.fire.mrface.com
|
|
www.firstnews.jkub.com
|
|
www.fjs.wikaba.com
|
|
www.foal.wchildress.com
|
|
www.fr.wikaba.com
|
|
www.freegamecenter.onedumb.com
|
|
www.fruit.qhigh.com
|
|
www.fuck.ikwb.com
|
|
www.fuckmm.dns-dns.com
|
|
www.fukuoka.cloud-maste.com
|
|
www.g3ypf.online
|
|
www.garlic.dyndns.pro
|
|
www.generat.almostmy.com
|
|
www.glicense.shenajou.com
|
|
www.goldtoyota.com
|
|
www.goodmusic.justdied.com
|
|
www.gooesdataios.instanthq.com
|
|
www.googlegemail.com
|
|
www.grammar.jkub.com
|
|
www.helpus.ddns.info
|
|
www.hii.qhigh.com
|
|
www.hinetonlinedns.dns05.com
|
|
www.hkdm688.com
|
|
www.home.trickip.org
|
|
www.incloud-go.com
|
|
www.innocent-isayev.sexidude.com
|
|
www.interpreter.shenajou.com
|
|
www.invoices.sexxxy.biz
|
|
www.iphone.vizvaz.com
|
|
www.ipv4.microsoftupdate.mrbasic.com
|
|
www.ipv4.windowsupdate.3-a.net
|
|
www.ipv4.windowsupdate.esmtp.biz
|
|
www.ipv4.windowsupdate.fartit.com
|
|
www.ipv4.windowsupdate.lflink.com
|
|
www.ipv4.windowsupdate.mrface.com
|
|
www.ipv4.windowsupdate.mylftv.com
|
|
www.ipv4.windowsupdate.nsatcdns.com
|
|
www.itlans.isasecret.com
|
|
www.itunesdownload.jkub.com
|
|
www.itunesdownload.vizvaz.com
|
|
www.itunesdownload.wikaba.com
|
|
www.itunesimages.itemdb.com
|
|
www.itunesimages.itsaol.com
|
|
www.itunesimages.qpoe.com
|
|
www.itunesmirror.fartit.com
|
|
www.itunesmirror.itsaol.com
|
|
www.itunesmusic.ikwb.com
|
|
www.itunesmusic.jetos.com
|
|
www.itunesmusic.jkub.com
|
|
www.itunesmusic.zzux.com
|
|
www.itunesupdate.itsaol.com
|
|
www.itunesupdates.organiccrap.com
|
|
www.jadl-or.com
|
|
www.japanenvnews.qpoe.com
|
|
www.japanteam.org
|
|
www.jd978.com
|
|
www.jimin.jimindaddy.com
|
|
www.jimin.mymom.info
|
|
www.jp.serveuser.com
|
|
www.jpnappstore.ourhobby.com
|
|
www.jpnewslogs.sendsmtp.com
|
|
www.jpnxzshopdata.authorizeddns.org
|
|
www.kawasaki.cloud-maste.com
|
|
www.kawasaki.unhamj.com
|
|
www.key.zzux.com
|
|
www.kimozone.com
|
|
www.knowledge.sellclassics.com
|
|
www.lan.dynssl.com
|
|
www.last.p6p6.net
|
|
www.latestnews.epac.to
|
|
www.latestnews.organiccrap.com
|
|
www.leedong.longmusic.com
|
|
www.leeks.mrbonus.com
|
|
www.leimeng.com.tw
|
|
www.liberty.acmetoy.com
|
|
www.license.shenajou.com
|
|
www.lion.wchildress.com
|
|
www.loveddos.com
|
|
www.macfee.mrface.com
|
|
www.macforlinux.net
|
|
www.maffc.mrface.com
|
|
www.malware.dsmtp.com
|
|
www.manager.jetos.com
|
|
www.markabcinfo.dynamicdns.me.uk
|
|
www.mason.vizvaz.com
|
|
www.mcafeea.cf
|
|
www.mediapath.organiccrap.com
|
|
www.meiji-ac-jp.com
|
|
www.messagea.emailfound.info
|
|
www.micoosofts.com
|
|
www.microsoft.got-game.org
|
|
www.microsoft.mrface.com
|
|
www.microsoftempowering.sendsmtp.com
|
|
www.microsoftgame.mrface.com
|
|
www.microsoftgetstarted.sexidude.com
|
|
www.microsoftimages.organiccrap.com
|
|
www.microsoftmirror.mrbasic.com
|
|
www.microsoftmusic.itemdb.com
|
|
www.microsoftmusic.mrbasic.com
|
|
www.microsoftqckmanager.pcanywhere.net
|
|
www.microsoftstore.onmypc.net
|
|
www.microsoftupdate.mrbasic.com
|
|
www.microsoftupdate.qhigh.com
|
|
www.micrsoftware.dsmtp.com
|
|
www.mircsoft.compress.to
|
|
www.mmy.ddns.us
|
|
www.mobile.2waky.com
|
|
www.mod.jetos.com
|
|
www.mofa.dynamic-dns.net
|
|
www.mofa.ns01.info
|
|
www.moonnightthse.zyns.com
|
|
www.moscowdic.trickip.org
|
|
www.moscowstdsupdate.toythieves.com
|
|
www.mseupdate.ourhobby.com
|
|
www.msg.ezua.com
|
|
www.msn.incloud-go.com
|
|
www.musicfile.ikwb.com
|
|
www.musicjj.zzux.com
|
|
www.musicsecph.squirly.info
|
|
www.mymusicbox.lflinkup.org
|
|
www.mymusicbox.vizvaz.com
|
|
www.myrestroomimage.isasecret.com
|
|
www.mytwhomeinst.sendsmtp.com
|
|
www.myurinikoreaaps.ninth.biz
|
|
www.n-fit-sub.com
|
|
www.na.americanunfinished.com
|
|
www.na.onmypc.org
|
|
www.networkjpnzee.mynetav.org
|
|
www.newcityoforward.rebatesrule.net
|
|
www.newdnssec-info.4mydomain.com
|
|
www.newsdata.jkub.com
|
|
www.newsfile.toythieves.com
|
|
www.newsroom.cleansite.info
|
|
www.nlddnsinfo.https443.org
|
|
www.nmrx.mrbonus.com
|
|
www.no.authorizeddns.org
|
|
www.nposnewsinfo.qhigh.com
|
|
www.nsa.mefound.com
|
|
www.nt.mynumber.org
|
|
www.nttdata.otzo.com
|
|
www.nuisance.serveusers.com
|
|
www.nz.compress.to
|
|
www.ol.almostmy.com
|
|
www.oldbmwy.com
|
|
www.onion.jkub.com
|
|
www.onlinednsserver.sendsmtp.com
|
|
www.oracleupdate.dns04.com
|
|
www.oyster.jkub.com
|
|
www.p6p6.net
|
|
www.packetsdsquery.dns05.com
|
|
www.paramerat.com
|
|
www.pepper.sexxxy.biz
|
|
www.phptecinfohelp.itemdb.com
|
|
www.pickled.myddns.com
|
|
www.polopurple.com
|
|
www.portal.mrface.com
|
|
www.portal.sendsmtp.com
|
|
www.portalser.dynamic-dns.net
|
|
www.praskovya-matveyeva.mefound.com
|
|
www.praskovya-ulyanova.dumb1.com
|
|
www.products.almostmy.com
|
|
www.products.cleansite.us
|
|
www.products.serveuser.com
|
|
www.purchase.lflinkup.org
|
|
www.rainbow.mypop3.org
|
|
www.re26.com
|
|
www.read.xxuz.com
|
|
www.recent.dns-stuff.com
|
|
www.recent.fartit.com
|
|
www.redflower.isasecret.com
|
|
www.referred.gr8domain.biz
|
|
www.referred.yourtrap.com
|
|
www.register.ourhobby.com
|
|
www.registration2.instanthq.com
|
|
www.registrations.4pu.com
|
|
www.registrations.organiccrap.com
|
|
www.remeberdata.iownyour.org
|
|
www.reserveds.onedumb.com
|
|
www.rethem.almostmy.com
|
|
www.rg197.win
|
|
www.sakai.unhamj.com
|
|
www.sakuranorei.com
|
|
www.sapporo.cloud-maste.com
|
|
www.sauerkraut.sellclassics.com
|
|
www.saverd.re26.com
|
|
www.sbuudd.webssl9.info
|
|
www.sdmsg.onmypc.org
|
|
www.se.toythieves.com
|
|
www.secertnews.mrbasic.com
|
|
www.secnetshit.com
|
|
www.secserverupdate.toh.info
|
|
www.senseye.ikwb.com
|
|
www.senseye.mrbonus.com
|
|
www.septdlluckysystem.jungleheart.com
|
|
www.seraphim-yurieva.justdied.com
|
|
www.serv.justdied.com
|
|
www.server1.proxydns.com
|
|
www.seyesb.acmetoy.com
|
|
www.showy.almostmy.com
|
|
www.shugiin.jkub.com
|
|
www.sindeali.com
|
|
www.singed.otzo.com
|
|
www.sojourner.mypicture.info
|
|
www.sstday.jkub.com
|
|
www.support1.mrface.com
|
|
www.supportus.mefound.com
|
|
www.svc.dynssl.com
|
|
www.sweetheart.sexxxy.biz
|
|
www.synssl.dnset.com
|
|
www.tamraj.fartit.com
|
|
www.telegraph.mefound.com
|
|
www.tendonsof.com
|
|
www.tfa.longmusic.com
|
|
www.thunder.wikaba.com
|
|
www.ticket.instanthq.com
|
|
www.ticket.serveuser.com
|
|
www.tisupdateinfo.faqserv.com
|
|
www.tokyofile.2waky.com
|
|
www.transfer.mrbasic.com
|
|
www.twgovernmentinfo.acmetoy.com
|
|
www.twmusic.proxydns.com
|
|
www.twsslpopservupro.dynssl.com
|
|
www.twx.mynumber.org
|
|
www.unhamj.com
|
|
www.usa.itsaol.com
|
|
www.usa.japanteam.org
|
|
www.usffunicef.com
|
|
www.ut-portal-u-tokyo-ac-jp.tyoto-go-jp.com
|
|
www.v4.windowsupdate.mrface.com
|
|
www.v4.windowsupdate.nsatcdns.com
|
|
www.visualstudio.authorizeddns.net
|
|
www.vmmini.com
|
|
www.wchildress.com
|
|
www.webdirectnews.dynamicdns.biz
|
|
www.webmailentry.jetos.com
|
|
www.websqlnewsmanager.ninth.biz
|
|
www.well.mrbasic.com
|
|
www.windowsimages.qhigh.com
|
|
www.windowsupdate.acmetoy.com
|
|
www.windowsupdate.authorizeddns.net
|
|
www.windowsupdate.authorizeddns.org
|
|
www.windowsupdate.dnset.com
|
|
www.windowsupdate.ezua.com
|
|
www.windowsupdate.fartit.com
|
|
www.windowsupdate.gettrials.com
|
|
www.windowsupdate.instanthq.com
|
|
www.windowsupdate.itsaol.com
|
|
www.windowsupdate.jungleheart.com
|
|
www.windowsupdate.lflink.com
|
|
www.windowsupdate.mrface.com
|
|
www.windowsupdate.mylftv.com
|
|
www.windowsupdate.nsatcdns.com
|
|
www.windowsupdate.organiccrap.com
|
|
www.windowsupdate.rebatesrule.net
|
|
www.windowsupdate.sellclassics.com
|
|
www.windowsupdate.serveusers.com
|
|
www.windowsupdate.x24hr.com
|
|
www.wordpress.zzux.com
|
|
www.yacooll.com
|
|
www.yahoo.incloud-go.com
|
|
www.yahooip.net
|
|
www.yahooprotect.com
|
|
www.yahooprotect.net
|
|
www.yandexr.sellclassics.com
|
|
www.yeahyeahyeahs.3322.org
|
|
www.yokohamajpinstaz.mrbonus.com
|
|
www.zaigawebinfo.rebatesrule.net
|
|
www.zebra.incloud-go.com
|
|
www2.qpoe.com
|
|
www2.zyns.com
|
|
www2.zzux.com
|
|
x7.usyahooapis.com
|
|
xc.chromeenter.com
|
|
xi.dyndns.pro
|
|
xi.sexxxy.biz
|
|
xread10821.9966.org
|
|
xt.dnset.com
|
|
xyrn998754.2288.org
|
|
yahoo.incloud-go.com
|
|
yallago.cu.cc
|
|
yandexr.sellclassics.com
|
|
yeahyeahyeahs.3322.org
|
|
yeap1.jumpingcrab.com
|
|
yfrfyhf.youdontcare.com
|
|
yo.acmetoy.com
|
|
yugoogless.3322.org
|
|
yunwu1.xicp.net
|
|
yz.chromeenter.com
|
|
za.myftp.info
|
|
zabbix.servercontrols.pw
|
|
zaigawebinfo.rebatesrule.net
|
|
zebra.bdoncloud.com
|
|
zebra.incloud-go.com
|
|
zebra.unhamj.com
|
|
zebra.usffunicef.com
|
|
zebra.wthelpdesk.com
|
|
zero.pcanywhere.net
|
|
zg.ns02.biz
|
|
zone.demoones.com
|
|
|
|
# Turla Kazuar C2s https://www.epicturla.com/blog/sysinturla
|
|
echange-afrique-insa.fr
|
|
aviatnetworks.com
|
|
afci-newsoft.fr
|
|
|
|
# Last Line |