# List of hosts used in Log4shell (CVE-2021-44228) exploitation attempts
# Joint work with @yt0ng - see https://gist.github.com/yt0ng/b933d0c8ce1076fa74bd31cbecedb884
# @craiu - github.com/craiu
pwn.af
leakix.net
interactsh.com
interact.sh
burpcollaborator.net
bingsearchlib.com
canarytokens.com
kryptoslogic-cve-2021-44228.com
http80path.kryptoslogic-cve-2021-44228.com
dnslog.cn
world443.log4j.binaryedge.io
world80.log4j.binaryedge.io
requestbin.net
rce.ee
ceye.io
log4shell.huntress.com

#C2 for cryptominers:
bernais.axfor.com

#Khonsari ransomware:
test.verble.rocks

#Hosts from yt0ng ->
dnspod.cn
requestbin.net
requestcatcher.com
y.psc4fuel.com
htbiw.com
x00.fi
d9.wf
knary.xyz
test2.ggdd.co.uk
synprobe001.leakix.net
md-l4j.s2.inty.io 
do-01.redteam.tf
w.nessus.org
w0.cx
oob.li
scanworld.net
binaryedge.io
1ma.xyz
ghhui.tk
dns.cyberwar.nl
1433.eu.org
log4j.leakix.net

# domains which could have impact when blocking / could have legitimate uses / compromised or hacked
#members.linode.com 
#ngrok.io
#econ-jobs.com