# Title: The malicious website blocklist
# Homepage: https://github.com/iam-py-test/my_filters_001
# Expires: 1 day
# Last updated: 12/5/2024
# Version: 1252024-1
# Description: This list aims to protect against scams, phishing, malware, some stalkerware, and potentially unwanted programs (PUPs). It includes a version of vxvault.net's list, modified by me to work in adblockers.
# Special thanks to all of the people who have helped me maintain this list! Check out https://github.com/iam-py-test/my_filters_001/blob/main/CONTRIBUTORS.md
# Issues url: https://github.com/iam-py-test/my_filters_001/issues
# GitLab issues url (not checked as often): https://gitlab.com/iam-py-test/my_filters_001/-/issues
# Note: This list includes a version of VXVault.net's malware distribution url list, formatted for adblockers, which is at https://github.com/iam-py-test/vxvault_filter
# ---- Malware and Phishing ----
# A Facebook phishing website
# https://www.siteadvisor.com/sitereport.html?url=xn--faebook-64a.com
# https://www.fortiguard.com/webfilter?q=xn--faebook-64a.com
# https://virustotal.com/gui/domain/xn--faebook-64a.com/detection
# https://safeweb.norton.com/report/show?url=xn--faebook-64a.com
0.0.0.0 xn--faebook-64a.com
# https://www.joesandbox.com/analysis/422872/0/html
# https://www.siteadvisor.com/sitereport.html?url=strawberry6532210.brizy.site
# https://virustotal.com/gui/url/ac7399fe8dda64a75a77ffc107219fcd90dc9bf2af6bc0893bef5d63b348dfe2/detection
# https://virustotal.com/gui/domain/strawberry6532210.brizy.site/detection
# https://transparencyreport.google.com/safe-browsing/search?url=strawberry6532210.brizy.site
# https://www.urlvoid.com/scan/strawberry6532210.brizy.site/
# https://www.fortiguard.com/webfilter?q=strawberry6532210.brizy.site
# https://sitecheck.sucuri.net/results/strawberry6532210.brizy.site
# https://quttera.com/detailed_report/strawberry6532210.brizy.site
# https://www.google.com/s2/favicons?domain=strawberry6532210.brizy.site
0.0.0.0 strawberry6532210.brizy.site
# https://quttera.com/detailed_report/strawberry6532210.brizy.site
# https://www.siteadvisor.com/sitereport.html?url=starlangbank.com
# https://transparencyreport.google.com/safe-browsing/search?url=starlangbank.com
# https://quttera.com/detailed_report/starlangbank.com
# https://www.fortiguard.com/webfilter?q=starlangbank.com
# https://virustotal.com/gui/domain/starlangbank.com/detection
0.0.0.0 starlangbank.com
# https://www.joesandbox.com/analysis/424179/0/html
# https://virustotal.com/gui/url/7182b03efde39bf8355a8c9e3ab40e9918a799863b51ead503e212c6b56fcbae/detection
# https://virustotal.com/gui/domain/aloha-news.net/detection
# https://www.siteadvisor.com/sitereport.html?url=http%3A%2F%2Faloha-news.net
# https://safeweb.norton.com/report/show?url=http%3A%2F%2Faloha-news.net
# https://sitecheck.sucuri.net/results/aloha-news.net
# https://www.urlvoid.com/scan/aloha-news.net/
# https://www.fortiguard.com/webfilter?q=aloha-news.net
0.0.0.0 aloha-news.net
# https://cyberwarzone.com/whatsapp-phishing/
# https://www.fortiguard.com/webfilter?q=cht-whatsappz.zzux.com
# https://www.fortiguard.com/webfilter?q=zzux.com
# https://www.mywot.com/en/scorecard/zzux.com
# https://www.urlvoid.com/scan/zzux.com/
# https://sitecheck.sucuri.net/results/zzux.com
# https://transparencyreport.google.com/safe-browsing/search?url=zzux.com
# https://safeweb.norton.com/report/show?url=zzux.com
# https://virustotal.com/gui/url/993fb0a37ec2e4b3503bac3b38066dabd040f43a3f47ca99c6839df9bf5dd018/detection
# https://safeweb.norton.com/report/show?url=cht-whatsappz.zzux.com
# https://virustotal.com/gui/url/f89e84af4a187e413fd85b2cc7b604ef1b0b5b3e94c18f039ba1539d593eb898/detection
0.0.0.0 cht-whatsappz.zzux.com
# https://github.com/uBlockOrigin/uAssets/issues/8466
# https://virustotal.com/gui/ip-address/91.241.60.117/relations
# https://virustotal.com/gui/url/08e979bb4cde20ad8b711920f0fa604de67911559013f0fc60560990fbbad239/detection
# https://www.siteadvisor.com/sitereport.html?url=91.241.60.117
# https://www.reddit.com/r/mildlyinfuriating/comments/nc9zpe/got_a_paypal_or_should_i_say_paypl_phishing_email/
# https://virustotal.com/gui/url/c0e5466cd2843f75d522093d93cf949259ca618ca2f00aa4952e7700cbf59384/detection
0.0.0.0 paypl.com
# https://virustotal.com/gui/url/4531df5b01e2c58f9307fabecc9a17b03c6157bafc8e9af736b278e95c182dc5/community
0.0.0.0 payapl.com
# https://virustotal.com/gui/url/91aecb78868044183cbe47614fb43a7e5aecd4b4ae89294a215354bdda2c3602/detection
# https://www.fortiguard.com/webfilter?q=paypaI.com
# https://www.mywot.com/en/scorecard/paypaI.com
# https://safeweb.norton.com/report/show?url=paypaI.com
0.0.0.0 paypai.com
# Used to infect and redirect domains
# https://labs.sucuri.net/signatures/sitecheck/malware-rks_injection/
# https://blog.sucuri.net/2011/01/malware-update-co-cc.html
# https://www.fortiguard.com/webfilter?q=http%3A%2F%2Fgoogle-analytisc.co.cc&version=8
# https://safeweb.norton.com/report/show?url=http%3A%2F%2Fgoogle-analytisc.co.cc
# https://virustotal.com/gui/url/6cc9c5dbd531e82102590df163142db0c248de81b831372a35fb281d90a6c768/detection
# https://www.urlvoid.com/scan/google-analytisc.co.cc/
# https://www.mywot.com/en/scorecard/google-analytisc.co.cc
# https://sitecheck.sucuri.net/results/google-analytisc.co.cc
# Appears offline but per https://github.com/uBlock-LLC/uBlock/issues/1839#issuecomment-852183358 adding anyway
0.0.0.0 google-analytisc.co.cc
# https://virustotal.com/gui/url/b3565bedd215978dc3f0e60c82e20f600f4b404343d8a4c89dd336986c941c65/community
# https://www.fortiguard.com/webfilter?q=http%3A%2F%2Foiwdd.co.cc&version=8
# https://safeweb.norton.com/report/show?url=http://oiwdd.co.cc
# https://virustotal.com/gui/url/b0ccfa7eaf148df692177674f5aafeb27792399f4b03d1a75951533f6b7e7e52/detection
# https://www.urlvoid.com/scan/oiwdd.co.cc/
# https://www.mywot.com/scorecard/oiwdd.co.cc
0.0.0.0 oiwdd.co.cc
# https://www.fortiguard.com/webfilter?q=http%3A%2F%2Fpojdue.co.cc&version=8
# https://virustotal.com/gui/url/2ba73f2605b7dff79153f65cf94aee57f68e476c92234d0b4d46e29d8c4eaa12/detection
# https://virustotal.com/gui/domain/pojdue.co.cc/detection
# https://www.urlvoid.com/scan/pojdue.co.cc/
# https://www.mywot.com/scorecard/pojdue.co.cc
0.0.0.0 pojdue.co.cc
# https://labs.sucuri.net/signatures/sitecheck/malware-magento_shoplift-38-1/
# https://virustotal.com/gui/domain/mcloudjs.com/detection
# https://virustotal.com/gui/url/01a9b775e89304d7ebce8e7e5822d730b043868e09994a17786da0a71ec49691/community
# https://www.siteadvisor.com/sitereport.html?url=mcloudjs.com
# https://www.fortiguard.com/webfilter?q=mcloudjs.com
# https://www.urlvoid.com/scan/mcloudjs.com/
# https://safeweb.norton.com/report/show?url=mcloudjs.com
# https://sitecheck.sucuri.net/results/mcloudjs.com
# https://labs.sucuri.net/blacklist/info/?domain=mcloudjs.com
# https://transparencyreport.google.com/safe-browsing/search?url=mcloudjs.com
0.0.0.0 mcloudjs.com
# https://labs.sucuri.net/signatures/sitecheck/malware-redkit/
# https://virustotal.com/gui/url/26a7a5909ca372bc57d68df966fc03b887451a7cf8ae58c5cea92639b4ce2594/detection
# https://virustotal.com/gui/url/78eca70299b830e87ed8f6b3d276e231f2147d5c2817a3586b1ceb5310ea89fa/detection
# https://virustotal.com/gui/domain/wherewedev.com/detection
# https://www.fortiguard.com/webfilter?q=wherewedev.com
# https://www.urlvoid.com/scan/wherewedev.com/
# https://www.mywot.com/en/scorecard/wherewedev.com
# https://safeweb.norton.com/report/show?url=wherewedev.com
# https://sitecheck.sucuri.net/results/wherewedev.com
0.0.0.0 wherewedev.com
# https://virustotal.com/gui/url/a9e68e1b4cdd0e2f58dadf4cd5a93a9983a79b600f1423f86cc5f68b0fec729f/detection
# https://www.fortiguard.com/webfilter?q=infinitypr.in
# https://sitecheck.sucuri.net/results/infinitypr.in
0.0.0.0 infinitypr.in
# https://virustotal.com/gui/url/86e9efc17750d2885c940cf6ff08820aee1bf35f23fc0faac71a05467b13c0e3/detection
# https://www.fortiguard.com/webfilter?q=integra-lernwerkstatt.de
# https://www.mywot.com/en/scorecard/integra-lernwerkstatt.de
# https://safeweb.norton.com/report/show?url=integra-lernwerkstatt.de
# https://sitecheck.sucuri.net/results/integra-lernwerkstatt.de
# https://labs.sucuri.net/blacklist/info/?domain=integra-lernwerkstatt.de
# https://labs.sucuri.net/blacklist/details/?domain=integra-lernwerkstatt.de
0.0.0.0 integra-lernwerkstatt.de
# https://virustotal.com/gui/file/5e6c167fc70aee2438f92ac0391dcba5905d989a20134dbb4bc9c3c40f805e74/relations
# https://virustotal.com/gui/url/a0fba2a31b88b8e1d6607971bd05440ee43702327e19d93ba91c705f7189c533/detection
# https://virustotal.com/gui/domain/kjwre77638dfqwieuoi.info/detection
# https://virustotal.com/gui/url/7d1b788cd3afd004b36421ad288b17ca4f2c5ad8e37363022b4f8573c7b77e03/detection
0.0.0.0 kjwre77638dfqwieuoi.info
# https://virustotal.com/gui/domain/kukutrustnet777.info/detection
0.0.0.0 kukutrustnet777.info
# https://virustotal.com/gui/url/38e39cdaa4d595968e55e4bcaa45818c887257e81ae6020bf2cb77c34a2e55be/detection
# https://www.fortiguard.com/webfilter?q=moch.forweb.pl
# https://safeweb.norton.com/report/show?url=moch.forweb.pl
0.0.0.0 moch.forweb.pl
# https://www.joesandbox.com/analysis/431924/0/html#domains
# https://virustotal.com/gui/url/254b1fd9f7536ece07cf5a3747aa2adeccc76e61b1f4e5994c0dc683d0a6db03/detection
# https://virustotal.com/gui/url/be44f0113500882e27eb730cfdad7687fe75ad56c8e9d9b2426273a0eb13e201/detection
# https://www.siteadvisor.com/sitereport.html?url=alphastand.win
# https://www.fortiguard.com/webfilter?q=alphastand.win
# https://safeweb.norton.com/report/show?url=alphastand.win
# https://sitecheck.sucuri.net/results/alphastand.win
# https://quttera.com/detailed_report/alphastand.win
0.0.0.0 alphastand.win
# https://www.siteadvisor.com/sitereport.html?url=alphastand.trade
# https://www.fortiguard.com/webfilter?q=alphastand.trade
# https://safeweb.norton.com/report/show?url=alphastand.trade
# https://sitecheck.sucuri.net/results/alphastand.trade
# https://virustotal.com/gui/domain/alphastand.trade/detection
0.0.0.0 alphastand.trade
# https://www.joesandbox.com/analysis/413824/0/html#domains
# https://virustotal.com/gui/url/9c1f4fd3af06c7eff8fa0c96c0386acdea17225b7202b87044a5e7895d80f694/detection
# https://virustotal.com/gui/domain/saywowshow.com/detection
# https://safeweb.norton.com/report/show?url=saywowshow.com
0.0.0.0 saywowshow.com
# https://forum.mywot.com/reputation-discussions-f5/ridiculous-eth-bitcoin-giveaways-or-instant-invest-t86210.html
0.0.0.0 btc-promo.czweb.org
0.0.0.0 eth24win.co.nf
0.0.0.0 giveaway-eth-btc.webz.cz
# https://www.bleepingcomputer.com/news/security/phishing-impersonates-global-recruitment-firm-to-push-malware/
# https://twitter.com/InQuest/status/1385324245891182592
# https://virustotal.com/gui/url/81913a8a7fa758d7476a13ff03395f31f665addf973adf253c5123fbb8a4caf4/detection
# https://virustotal.com/gui/url/cd77c6e39b0ca34cb7bd0106e769f2a4a019b05f96d608582f4ad7693b604f6a/detection
# https://safeweb.norton.com/report/show?url=powerhousetoys.com
# https://www.siteadvisor.com/sitereport.html?url=https://powerhousetoys.com/opp.txt
0.0.0.0 powerhousetoys.com
# https://virustotal.com/gui/url/3961877189248724c33e9d6b0e590b9e11607d27de88cd7f130487719c2e8efd/detection
# https://www.fortiguard.com/webfilter?q=crypto-loot.com
# https://www.mywot.com/en/scorecard/crypto-loot.com
# https://safeweb.norton.com/report/show?url=crypto-loot.com
# https://quttera.com/detailed_report/crypto-loot.com
# https://sitecheck.sucuri.net/results/crypto-loot.com
0.0.0.0 crypto-loot.com
# https://www.fortiguard.com/webfilter?q=crypto-loot.org
# https://virustotal.com/gui/url/bed5db125302663b090d4dcf170873a5ff60bbe44d72e451801497751e5a78df/detection
# https://safeweb.norton.com/report/show?url=crypto-loot.org
# https://sitecheck.sucuri.net/results/crypto-loot.org
0.0.0.0 crypto-loot.org
# https://github.com/webcompat/web-bugs/issues/74703
# https://www.siteadvisor.com/sitereport.html?url=mysecrethoookup.com
# https://www.fortiguard.com/webfilter?q=mysecrethoookup.com&version=8
# https://virustotal.com/gui/url/ad652f0b682616bb75b6ab31ed6be38fddf4c46b2d2405ea738bbee1a80e85c7/detection
# https://safeweb.norton.com/report/show?url=mysecrethoookup.com
# https://sitecheck.sucuri.net/results/mysecrethoookup.com
0.0.0.0 mysecrethoookup.com
# https://virustotal.com/gui/ip-address/104.236.14.145/relations
# https://www.mywot.com/en/scorecard/blogsopt.com
# https://virustotal.com/gui/url/6d9e9d347f3578fe8fea973820a40a0ab760165e613af323b4a025dee339c73e/detection
0.0.0.0 blogsopt.com
# https://www.urlvoid.com/ip/103.224.212.247/
# https://www.urlvoid.com/scan/dacenete.com/
# https://www.mywot.com/en/scorecard/dacenete.com
# https://virustotal.com/gui/url/1edf1ec0e4f299ec94a3c4cdfc882795a0a0e77031c866f595e8354120bee802/community
# https://www.siteadvisor.com/sitereport.html?url=Dacenete.com
# https://www.fortiguard.com/webfilter?q=Dacenete.com
# https://safeweb.norton.com/report/show?url=Dacenete.com
# https://yandex.com/safety/?l10n=en&url=dacenete.com
# https://sitecheck.sucuri.net/results/Dacenete.com
0.0.0.0 dacenete.com
# https://www.siteadvisor.com/sitereport.html?url=Coolstats1.net
# https://www.urlvoid.com/scan/coolstats1.net/
# https://www.fortiguard.com/webfilter?q=Coolstats1.net
# https://www.mywot.com/en/scorecard/Coolstats1.net
# https://virustotal.com/gui/url/44e1091f194808820ef787750737232f95e7e9ecb17d1605246715645573158e/detection
# https://sitecheck.sucuri.net/results/Coolstats1.net
0.0.0.0 coolstats1.net
# https://www.siteadvisor.com/sitereport.html?url=http://ww38.coolstats1.net/?subid1=20210616-0828-13e0-974a-e3edd89fe7ec
# https://virustotal.com/gui/url/4b2c524cd265adaccc0bb0a4ec10f84cbb13f1920a9138f12cc7d87c65c5ca63/detection
0.0.0.0 ww38.coolstats1.net
# https://www.pcrisk.com/removal-guides/15423-adf-ly-ads
# https://virustotal.com/gui/url/f984d9289494b526bbac5cb57fc5b9edae210a3f980f3d784f6d1fbb80c0bcb5/detection
# https://virustotal.com/gui/url/300f1d4d3cf0782f029aec0af02817906ecc57d30a61e78b2c01c8e8b693f5d7/detection
# https://safeweb.norton.com/report/show?url=eyourcom.fun
# https://www.fortiguard.com/webfilter?q=eyourcom.fun
0.0.0.0 eyourcom.fun
0.0.0.0 xcrke.eyourcom.fun
# https://virustotal.com/gui/url/8d91b224b62e8002ab9bfa5314717fc61a2cd2c74e228f26093decdd070bfb0a/detection
# https://safeweb.norton.com/report/show?url=blastnotificationx.com
0.0.0.0 blastnotificationx.com
# https://virustotal.com/gui/url/f645599a31b833dcebbfec890361e28a5fb14ba86e6f730d74688d11cfe7f52f/details
# https://www.joesandbox.com/analysis/436433/0/html#deviceScreen
# https://www.mywot.com/scorecard/googe.com
# https://safeweb.norton.com/reviews?url=googe.com
0.0.0.0 googe.com
# https://virustotal.com/gui/url/9a34eeed10b62d3aa3698efc8a128e6e87f937982bbcd3d03e50a8ab53b27da9/community
# https://www.mywot.com/scorecard/proasdf.com
# https://safeweb.norton.com/report/show_mobile?name=proasdf.com
0.0.0.0 proasdf.com
# https://forum.mywot.com/24626-whatsmyipaddress-com
# https://virustotal.com/gui/url/c8bc45a00aeb7be3ccc68a0cf17e4a6175db761393dee57de32a49338b77ca45/detection
# https://www.fortiguard.com/webfilter?q=appple.com&version=8
0.0.0.0 appple.com
0.0.0.0 ww1.appple.com
# https://blog.sucuri.net/2021/05/woocommerce-credit-card-skimmer.html
# https://blog.sucuri.net/2018/04/malicious-activities-google-tag-manager.html
# https://blog.sucuri.net/2017/09/hacked-websites-mine-crypocurrencies.html
# https://virustotal.com/gui/ip-address/34.98.99.30/community
# https://pastebin.com/FzHDkSW7
# https://www.fortiguard.com/webfilter?q=albumzips.xyz
# https://safeweb.norton.com/report/show?url=albumzips.xyz
# https://sitecheck.sucuri.net/results/albumzips.xyz
# https://virustotal.com/gui/url/cd2a97abe31697bf1822c505ee9ad267772463230a943fe3fb680af2ba74b327/detection
0.0.0.0 ww16.albumzips.xyz
# https://sitecheck.sucuri.net/results/camillesanz.com
# https://safeweb.norton.com/report/show?url=camillesanz.com
# https://virustotal.com/gui/url/f542034f339f53a70bbb0c40a662d49cc37806bc112ef403bac8b4a5d1c02b03/detection
0.0.0.0 camillesanz.com
0.0.0.0 www.camillesanz.com
# https://labs.sucuri.net/blacklist/details/?domain=africangrey.top
# https://virustotal.com/gui/url/d3feabeb546851be8e449074eaddf2c72e687b92754693aba97f3ae27772a796/detection
# https://virustotal.com/gui/url/917d555cce2e2e6791704d64812cbb203c57201bac559478c334c74c8e392330/detection
# https://www.siteadvisor.com/sitereport.html?url=ribinski.us
# https://safeweb.norton.com/report/show?url=ribinski.us
# https://sitecheck.sucuri.net/results/ribinski.us
# https://labs.sucuri.net/blacklist/info/?domain=ribinski.us
0.0.0.0 ribinski.us
# https://twitter.com/gorhill/status/1293239879887970305
#   - via https://github.com/NanoAdblocker/NanoCore/issues/362#issuecomment-704235803
# https://virustotal.com/gui/url/085d0bd9451920bd97eb099fb14e42b8ceccadf79cdf70da0d29e31900262ce1/detection
# https://www.siteadvisor.com/sitereport.html?url=fly-analytics.com
# https://www.fortiguard.com/webfilter?q=fly-analytics.com
# https://safeweb.norton.com/report/show?url=fly-analytics.com
# https://sitecheck.sucuri.net/results/fly-analytics.com
0.0.0.0 fly-analytics.com
# https://virustotal.com/gui/user/Placebo
# https://virustotal.com/gui/file/3ff26dfe049d6ea2d608eaf0914e527a798ae018e3918b9d1f025ca47700cb6f/community
# https://virustotal.com/gui/domain/thoughtplus.in/community
# https://virustotal.com/gui/url/626f2608d12b9bddc0ac5148b653290b192b45a79db85c7243b04f5374cd3e67/detection
# https://www.siteadvisor.com/sitereport.html?url=thoughtplus.in
# https://www.fortiguard.com/webfilter?q=thoughtplus.in
# https://safeweb.norton.com/report/show?url=thoughtplus.in
# https://sitecheck.sucuri.net/results/thoughtplus.in
# https://transparencyreport.google.com/safe-browsing/search?url=thoughtplus.in
0.0.0.0 thoughtplus.in
# https://www.bleepingcomputer.com/virus-removal/remove-toksearches.xyz-search-redirect
# https://virustotal.com/gui/url/f6e174e4f27f27f27b5f8c3516fcdbea555d9128d50d6e20f6ca2ca8fbf0d37f/detection
# https://www.fortiguard.com/webfilter?q=toksearches.xyz
0.0.0.0 toksearches.xyz
# https://www.bleepingcomputer.com/virus-removal/remove-smashappsearch.com-search-redirect
# https://www.bleepingcomputer.com/virus-removal/remove-smashapps.net-search-redirect
# https://www.bleepingcomputer.com/virus-removal/remove-bipapp-chrome-extension
0.0.0.0 smashapps.net
0.0.0.0 smashappsearch.com
# https://www.bleepingcomputer.com/virus-removal/remove-please-allow-to-watch-the-video
# https://virustotal.com/gui/url/ef88006f1f5beab8ded6b8786870209c1651db831c19e4f49e5ef829c267cac1/detection
# https://www.siteadvisor.com/sitereport.html?url=new-message.live
# https://www.fortiguard.com/webfilter?q=new-message.live
# https://safeweb.norton.com/report/show?url=new-message.live
# https://sitecheck.sucuri.net/results/new-message.live
0.0.0.0 new-message.live
# https://virustotal.com/gui/url/098cc8fed90c43af3a4afb4df0d7da9c68b1b2c8a3c73fb9d4506c7f062547f1/detection
# https://virustotal.com/gui/ip-address/95.168.170.165/relations
# https://virustotal.com/gui/url/6a23b2b07941322f9ad5555d97bfd020c2681264d71b5ed6c621f0a6cad6277c/detection
# https://www.fortiguard.com/webfilter?q=private-message.live
# https://safeweb.norton.com/report/show?url=private-message.live
# https://www.mywot.com/scorecard/private-message.live
0.0.0.0 private-message.live
# https://blog.malwarebytes.com/a-week-in-security/2021/06/a-week-in-security-june-21-2021-june-27-2021/
# https://virustotal.com/gui/url/d668d18f1cd3b32eea6d717af4655a7e511d5b92403ed71a66d366a4c971c826/detection
# https://therecord.media/dirtymoe-malware-has-infected-more-than-100000-windows-systems/
# https://decoded.avast.io/martinchlumecky/dirtymoe-1/
# https://www.siteadvisor.com/sitereport.html?url=1qw.us
# https://www.fortiguard.com/webfilter?q=1qw.us
# https://safeweb.norton.com/report/show?url=1qw.us
# https://virustotal.com/gui/url/8e4d54adb8cc9b6fe443f17da6b29ef8e367ca1dacae6ac2cf9b2cc665268bde/detection
0.0.0.0 1qw.us
# https://www.siteadvisor.com/sitereport.html?url=rpc.1qw.us
# https://www.fortiguard.com/webfilter?q=rpc.1qw.us
# https://safeweb.norton.com/report/show?url=rpc.1qw.us
# https://virustotal.com/gui/domain/rpc.1qw.us/relations
# https://virustotal.com/gui/url/f21b269b690aac8338399bb40408aa8cefa3591dcc9a3f84f5a911f647c8d2f7/detection
0.0.0.0 rpc.1qw.us
# https://www.proofpoint.com/us/blog/threat-insight/purple-fox-ek-adds-exploits-cve-2020-0674-and-cve-2019-1458-its-arsenal
# https://virustotal.com/gui/url/5769102f270c1b16ebdc663ad63010d69de2d159117b3736d562dc59944fc6dc/detection
# https://virustotal.com/gui/url/35e34ac62d1ac12fe3146a8a2d6d60300f7a1b97e2922fedb91154243e950cb1/detection
# https://virustotal.com/gui/url/e88a950b22a8582a4761c8b6a26546cd7e92b3175c16bd32d1dd8f61f45a1c58/detection
# https://virustotal.com/gui/url/2bb2d79e789ba930b36960a8a0fbb008ed5cb594406e89507033832da2668870/detection
# https://virustotal.com/gui/url/326384fb6f6e393f8fde813c9cf2be668b68780c0a036d977fc6482fd6364ca1/detection
# ||raw.githack.xyz/SdTC8df7vmDNIUuV1.jpg$all
# https://www.siteadvisor.com/sitereport.html?url=raw.githack.xyz
# https://www.fortiguard.com/webfilter?q=raw.githack.xyz
# https://safeweb.norton.com/report/show?url=raw.githack.xyz
0.0.0.0 raw.githack.xyz
# https://virustotal.com/gui/user/Site.safetychecker
# https://virustotal.com/gui/url/7108cfe6953cab08696ae1f9ab2c777b749fb53e7beb5c003756ea522c880f17/detection
0.0.0.0 yotube.com
# https://redirectdetective.com
# https://virustotal.com/gui/url/82e7188109152e27f51a97c1bcb935a1cc302736ed20a41ababa6d9239c7f85d/community
# https://safeweb.norton.com/report/show?url=gloos-ves.com
0.0.0.0 gloos-ves.com
# https://virustotal.com/gui/ip-address/54.174.112.67/relations
# https://virustotal.com/gui/url/85e357a917a886c9b2791d0c08199c95cd8a50ad003340a8140c04347777ee74/detection
# https://www.fortiguard.com/webfilter?q=zeroredirect1.com
# https://www.mywot.com/en/scorecard/zeroredirect1.com
# https://safeweb.norton.com/reviews?url=zeroredirect1.com
0.0.0.0 zeroredirect1.com
# https://www.bleepingcomputer.com/virus-removal/remove-power-app-chrome-extension
# https://virustotal.com/gui/url/6dd9e3edd772497d3db7f61fa0cbd6b81b888dc1e01f95c693edfb3e696b702e/detection
# https://www.fortiguard.com/webfilter?q=searchpowerapp.com
# https://safeweb.norton.com/report/show?url=searchpowerapp.com
0.0.0.0 searchpowerapp.com
# https://virustotal.com/gui/url/4cb33835d45743431d20b4c019e09dd1861953440572bf40dd4b2745cb391082/detection
# https://www.fortiguard.com/webfilter?q=lp.searchdimension.com
# https://safeweb.norton.com/report/show?url=lp.searchdimension.com
# https://www.mywot.com/en/scorecard/lp.searchdimension.com
0.0.0.0 lp.searchdimension.com
# https://virustotal.com/gui/url/ac7e2f7f5557d6cac58a5250eedb78e5a647b5be6814d595df6b84bf9687e934/detection
# https://www.fortiguard.com/webfilter?q=searchdimension.com
# https://www.mywot.com/en/scorecard/searchdimension.com
# https://safeweb.norton.com/report/show?url=searchdimension.com
0.0.0.0 searchdimension.com
# https://blog.malwarebytes.com/exploits-and-vulnerabilities/2020/04/copycat-criminals-abuse-malwarebytes-brand-in-malvertising-campaign/
# https://virustotal.com/gui/url/8faba8050b38887c13c044743c789d9a8e1795098b2c20250bfae80f5d1d2a4f/detection
# https://www.fortiguard.com/webfilter?q=malwarebytes-free.com
# https://safeweb.norton.com/report/show?url=malwarebytes-free.com
0.0.0.0 malwarebytes-free.com
# https://forums.malwarebytes.com/topic/276364-please-help-to-remove-jingermycom/
# https://virustotal.com/gui/url/5538837550b6bf93ad0fd8be30a9061d43b8f2097dcdfb6a7d959eaebf6b92f1/detection
# https://www.fortiguard.com/webfilter?q=jingermy.com
# https://safeweb.norton.com/report/show?url=jingermy.com
0.0.0.0 jingermy.com
# https://thehackernews.com/2021/07/hackers-spread-biopass-malware-via.html
# https://virustotal.com/gui/url/97b4ed1e2788217aa186f26dbdd13a36544dde101e53ea3382e6a5aa1b9f4081/detection
# https://virustotal.com/gui/ip-address/47.57.140.149/relations
# https://virustotal.com/gui/url/0025d5ba5569ba2ecc29c39236a9b559a212e3ac7404b9af7be62e143175cf5f/detection
# https://virustotal.com/gui/url/94a7b6d048720fe4e837d6027f5019c775d20e5ea761ad03236f85070f08838a/detection
# https://virustotal.com/gui/url/ade8073339365eed03d142d5e57ec528d54294c40fdac08e71d5363d3ba634d0/detection
0.0.0.0 update.flash-installer.com
# https://virustotal.com/gui/url/98962a3086cc694e1d62667a718edd6738b233b2b348b1197c141a8ecb251336/detection
0.0.0.0 flash-installer.com
# https://virustotal.com/gui/file/4bf58623f91ff9a19c2893061a2a14660f61b2294f976a9d80ab6b3d023c9892/relations
# https://virustotal.com/gui/url/a21f89ebf6c4835a504a92359d23be518b80b9b7bd5417541087d60751d41694/detection
0.0.0.0 paymetconfirm.com
# Tech support scammers
# https://www.youtube.com/watch?v=Ooh6bV8FwTo
# https://virustotal.com/gui/url/02071a7a5b71526d41e0f4547b4912368ee6a0920e7d7aaade16fd3f5ca01a87/detection
# https://safeweb.norton.com/report/show?url=systemini-com.tk
0.0.0.0 systemini-com.tk
# https://virustotal.com/gui/url/fb85efbc7bf81b10869ddaddd9b3b9471a916b9f8d820d2ccee48712c3e58b9e/detection
# https://www.siteadvisor.com/sitereport.html?url=micropcsupport.com
0.0.0.0 micropcsupport.com
# Browser locker
# https://virustotal.com/gui/url/44f957f9350dfc3d9b8ccac23074301c3c20278a787af25a28edd8e15eacb7e1/detection
# https://github.com/DandelionSprout/adfilt/issues/228
0.0.0.0 helooworld.us
# Which redirects to 
0.0.0.0 www.helooworld.us
# https://virustotal.com/gui/file/081618f7d9c6c92271f8d6bc65c8e13f33dfe9e5022f06aaec95664ee31fead4/relations
# https://virustotal.com/gui/url/efc1177d474e3efe2e9e53fcfbb012c9ae86f64467e38824f6d974d5504647f0/detection
0.0.0.0 properlysolutionsco.com
# https://virustotal.com/gui/file/6f236e253720a0b3cf1fdafd111f99ba84e0a2b03ff8453fd747c3d9c8973403/relations
# https://virustotal.com/gui/file/13e8d4557870179e70b7d4f580c9183e9a6eead777af04fc226feb70d9ce76cb/relations
# https://virustotal.com/gui/url/e3fb5d2d13d34c94468df0ecd5825ed28861ccee9f1a1703e4b37a01af2f7caf/detection
# https://safeweb.norton.com/report/show?url=os.telechargercdn.com
# https://www.siteadvisor.com/sitereport.html?url=os.telechargercdn.com
0.0.0.0 os.telechargercdn.com
# https://github.com/DandelionSprout/adfilt/issues/244
# The original website
0.0.0.0 rblxexploits.net
0.0.0.0 www.rblxexploits.net
# Fake notifications 
0.0.0.0 usegetmarketings.com
0.0.0.0 bestappever4you.com
# This was loaded by a malware extension that was installed
0.0.0.0 thecrs.club
# https://virustotal.com/gui/file/67b1a7835687bf5851cf29539b2d0ce90ab30d373edfcf9ee54237026c67df33/relations
# https://virustotal.com/gui/url/1912779d4b9bfd7713239cf6e2ede751c40b38541404b21adb0c595b65356c75/detection
# https://www.siteadvisor.com/sitereport.html?url=uehge4g6gh.2ihsfa.com
# https://safeweb.norton.com/report/show?url=uehge4g6gh.2ihsfa.com
# https://metadefender.opswat.com/results/domain/dWVoZ2U0ZzZnaC4yaWhzZmEuY29t/overview?lang=en
0.0.0.0 uehge4g6gh.2ihsfa.com
# https://virustotal.com/gui/url/faee0c9a2d3786dda120ce8b99381878ebf05ca2b4d4a4437118ab2ca8ab49bd/detection
# https://www.siteadvisor.com/sitereport.html?url=2ihsfa.com
# https://safeweb.norton.com/report/show?url=2ihsfa.com
0.0.0.0 2ihsfa.com
# https://virustotal.com/gui/url/5cfe3add8396356f1757449074e95fab7b77aeabc405ca0fcebab5b699198d7f/detection
# https://www.siteadvisor.com/sitereport.html?url=listincode.com
# https://safeweb.norton.com/report/show?url=listincode.com
0.0.0.0 listincode.com
# https://virustotal.com/gui/url/9ac802ac997e44f7daf814ce163a17884ae59e3dd99e0c39432449af195f90b6/detection
0.0.0.0 www.listincode.com
# https://github.com/AdguardTeam/AdguardFilters/issues/88280
# https://virustotal.com/gui/url/5ac4b9c907ee714f1163331bcb9840a472f85809e9730edc03dd88e9d706bcbb/detection
# https://safeweb.norton.com/report/show?url=update-portal.com
# https://www.siteadvisor.com/sitereport.html?url=update-portal.com
0.0.0.0 update-portal.com
# https://github.com/AdguardTeam/AdguardFilters/issues/88270
# https://safeweb.norton.com/report/show?url=tw-goldenwinner-57.com
# https://virustotal.com/gui/url/ddec939917a016338c34597563962b9baa10080f62ea0320d8e4b8b21156007e/detection
0.0.0.0 tw-goldenwinner-57.com
0.0.0.0 www.tw-goldenwinner-57.com
# https://github.com/AdguardTeam/AdguardFilters/issues/80390
# https://virustotal.com/gui/url/1b63e3d8a99633582446d6c095e9350b869dc60716187f714bbdb85d9f06122f/detection
# https://safeweb.norton.com/report/show?url=artebythesea.com
0.0.0.0 artebythesea.com
# https://virustotal.com/gui/url/16534bfc6c24e0c30dbac08ea5297ae24f9f9ae90411bc3b608659e1767317a7/detection
# https://safeweb.norton.com/report/show?url=microsoftpods.com
0.0.0.0 microsoftpods.com
# https://virustotal.com/gui/url/94b361a89a5c3a43d6013fb8f971e40c9bd3493042343a0ee3626375b4552267/detection
# https://safeweb.norton.com/report/show?url=nashvillegems.com
0.0.0.0 nashvillegems.com
# https://virustotal.com/gui/url/2dbc2cf61fa22eec22629f31b731c04eeb4cdc86d589ab36c0c7719b26e60ede/detection
# https://safeweb.norton.com/report/show?url=flawlessdrinking.com
0.0.0.0 flawlessdrinking.com
# https://virustotal.com/gui/url/2a213601051b43f18c3f6b6faadf5b65b8375f5c9ffe5cb9fe2c18fe13b0bd2a/detection
# https://safeweb.norton.com/report/show?url=findmyautoparts.com
0.0.0.0 findmyautoparts.com
# https://virustotal.com/gui/url/fcd7962a77ae7836f84789452b77d293de0e1a47e91ecfe2c2508bead500197b/detection
# https://safeweb.norton.com/report/show?url=grandpaurbanfarm.net
0.0.0.0 grandpaurbanfarm.net
# https://safeweb.norton.com/report/show?url=guide4idiots.com
# https://virustotal.com/gui/url/2f9dfbbc3cde41756691a0b741eb605c7ed81d55733f912dc590808f6ec2cb5e/detection
0.0.0.0 guide4idiots.com
# https://safeweb.norton.com/report/show?url=identityofplace.com
# https://virustotal.com/gui/url/987c5c40192b3e6049a8c2523a7f4bba374db1ab7a1418f25dccdba7379674c6/detection
0.0.0.0 identityofplace.com
# https://virustotal.com/gui/url/6fb68516452024785cbdb664f5363c7e49ed6a9fd88fe0dce79a157560ec0701/detection
# https://safeweb.norton.com/report/show?url=shpwmy.com
0.0.0.0 shpwmy.com
# https://github.com/easylist/easylist/pull/6164
# https://github.com/DandelionSprout/adfilt/blob/a0f6bdcc309cab585502c76ebd70c088995a3d17/Dandelion%20Sprout's%20Anti-Malware%20List.txt#L955-L5713
# https://virustotal.com/gui/url/59077166c998073d0f809f35fb035256e8ee263f2136e783c82cd6017aad4029/detection
# https://virustotal.com/gui/ip-address/192.243.59.12/relations
# https://virustotal.com/gui/url/8041adaabbd884df4712bdfa8794bdbcf37dfaa8f06164bbe6df2ba79c2eaa72/detection
# https://www.siteadvisor.com/sitereport.html?url=dustymural.com
# https://safeweb.norton.com/report/show?url=dustymural.com
0.0.0.0 dustymural.com
# https://virustotal.com/gui/ip-address/192.243.59.13/community
# https://virustotal.com/gui/url/5eca62948cb380e8b8def8a250d91210df2c7385799fcc3b9f0b0df28b1fdd1b/community
# https://www.siteadvisor.com/sitereport.html?url=disappearanceinspiredscan.com
# https://safeweb.norton.com/report/show?url=disappearanceinspiredscan.com
0.0.0.0 disappearanceinspiredscan.com
# https://forums.malwarebytes.com/topic/277965-your-system-is-infected-with-3-viruses/
# https://github.com/DandelionSprout/adfilt/issues/262
0.0.0.0 lucdream.com
0.0.0.0 beastbuying.com
0.0.0.0 kokotrokot.com
# contains porn
0.0.0.0 pesoaniz.com
# Fake popups
0.0.0.0 rtb-8.novitrk1.com
0.0.0.0 cu27t-evo29lution.xyz
0.0.0.0 doneonline.xyz
0.0.0.0 possessedcrackinghart.com
0.0.0.0 typiccor.com
0.0.0.0 apsolutamente.com
0.0.0.0 time4news.net
0.0.0.0 secureleadsforever.com
0.0.0.0 pushmeup.art
0.0.0.0 eu.pushmeup.art
0.0.0.0 trc.artofads.co
0.0.0.0 pc-my-protection.xyz
# https://forums.malwarebytes.com/topic/278166-my-website-is-labelled-as-dangerous-by-malwarebytes/
# https://virustotal.com/gui/url/68ccee4530342ae6ea690a0ef786f040a3d9a0d1bfc08c4b857af71ac8e90954/detection
# https://virustotal.com/gui/url/14cfdccc23aac9ffaf051675efcda240f2e83a5cd34403e412f0f2959e42a536/detection
# https://www.siteadvisor.com/sitereport.html?url=serena-west.com
0.0.0.0 serena-west.com
0.0.0.0 www.serena-west.com
# https://forums.malwarebytes.com/topic/278209-removal-instructions-for-socialsearchconverter/
0.0.0.0 socialsearchconverter.com
0.0.0.0 install.socialsearchconverter.com
0.0.0.0 feed.socialsearchconverter.com
0.0.0.0 api.socialsearchconverter.com
0.0.0.0 notify-service.com
0.0.0.0 install.stream-all.com
0.0.0.0 stream-all.com
# Malware - see https://github.com/DandelionSprout/adfilt/issues/267
0.0.0.0 codedexchange.com
0.0.0.0 trkk4.com
0.0.0.0 us1.trkk4.com
# https://www.youtube.com/watch?v=xOw1vct-wHg
# https://virustotal.com/gui/url/95f8db6ff866ba200658f9c25c8a5484ca4f771ae3ac3aba8694129a7f18ec0f/detection
# Dead
0.0.0.0 hpprintersupportservice.com
0.0.0.0 how.hpprintersupportservice.com
# Not dead yet - https://github.com/uBlockOrigin/uAssets/issues/9933
0.0.0.0 1redirb.com
# https://github.com/uBlockOrigin/uAssets/issues/9933#issuecomment-913677276
0.0.0.0 greenadblocker.com
# https://github.com/blocklistproject/Lists/issues/456
# https://virustotal.com/gui/url/383e601492df662f7612beea0e02d336a3ee39e864db40d03fe72d4f3fe4c2e4/detection
0.0.0.0 discorcl.link
# https://blog.malwarebytes.com/threat-intelligence/2021/09/the-many-tentacles-of-magecart-group-8/
0.0.0.0 adaptivestyles.com
0.0.0.0 anduansury.com
0.0.0.0 bootstrapmag.com
0.0.0.0 cdncontainer.com
0.0.0.0 fileskeeper.org
0.0.0.0 foodandcot.com
0.0.0.0 freshdepor.com
0.0.0.0 hottrackcdn.com
0.0.0.0 mechat.info
0.0.0.0 paypaypay.org
0.0.0.0 gctatic.com
0.0.0.0 googletagmanages.com
0.0.0.0 gstaticx.com
0.0.0.0 googletagmaneger.com
0.0.0.0 googleusescontent.com
0.0.0.0 googlutagmanager.com
# https://github.com/AdguardTeam/AdguardFilters/issues/95582
# https://virustotal.com/gui/url/3323920fe31aaa6724441edc7bd395232194c52967480a95039fb35bcb3d7ac2
# https://virustotal.com/gui/url/93011523cfdd4defbccbe5fff351acac2bb6fdddba6420cc69d81cc9f9dd7f61
0.0.0.0 discord-give.com
0.0.0.0 www.discord-give.com
# https://virustotal.com/gui/url/145c4bdadca86dfb9560668f2cec835f75c248af41b8842687ad89dce8d2aed0
0.0.0.0 communitytradeoffer.com.ru
# https://www.siteadvisor.com/sitereport.html?url=dlscord-app.info
0.0.0.0 dlscord-app.info
# https://virustotal.com/gui/url/51da56828b0cd9d4d4514feb74038aefb01dc4188da398f1666983766914c156
0.0.0.0 steamcommnity.com.ru
# https://virustotal.com/gui/url/83ce8c920a22c9550591e52839fd540ee7a37b941e3419780b17e195fcfb9b28
# https://virustotal.com/gui/url/81880d767bab8515cf71ce37ebe7b56d8448184b96999f6cc4ce70d2b6c68949
0.0.0.0 steamdiscord.com
# https://virustotal.com/gui/url/0a8ea816672728b0e9869f65e4788471880746a65f3f8f2215789d0edfe278d3
0.0.0.0 discord-app.net
# https://virustotal.com/gui/url/0314bd2bb4874cad7a39346c83c421d87208be4bca6c0dc2f804f0a902b18cfc
0.0.0.0 steancommynitu.com
# Copied over from https://github.com/DandelionSprout/adfilt/commit/260f840b773b04d7397c6c40d86cf7e2887768d8 (credit to https://github.com/DandelionSprout)
0.0.0.0 cabura.loan
0.0.0.0 csgocup.ru
0.0.0.0 discord.foundation
0.0.0.0 discrod.ru
0.0.0.0 eslpro.ru
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-927151458
# https://virustotal.com/gui/url/a7fb846c9f8aefecbe0ffda1aecbb6a3d257f0b31a9b922aa49d494af0f0c112
0.0.0.0 findyour-realsex2.com
# https://virustotal.com/gui/url/0680f0ae763476f2aa0b844b6f64a1ca4b6c63e0c7f6880ab5f121ad406b2d2e/detection
0.0.0.0 your-dreams-girls2.com
# https://virustotal.com/gui/url/4047b3b1b6af03839835b31cffbc5d52eff7c6f01c23cf3330a1000c61b66c0f
# https://virustotal.com/gui/url/4a2cff70405ed300ad14b2294eb06c9adff5354911f70229085deecc7048637b
0.0.0.0 yourbigexplosivewin.life
# https://virustotal.com/gui/url/ff99d9ba468539c01896ef8b380819c07b8af40792d83beccea2d76064ebf781
# https://virustotal.com/gui/url/134a3e4324ca33c19c529aa554ff193a96b48ae6213323a957f5752641a8014e
0.0.0.0 bestdatinglocal1.com
# https://virustotal.com/gui/url/385edcca4e25f51083f593a4041f834fee5c903a93f5f66eab50f65df61c811c
0.0.0.0 sexcontact-store1.com
# https://virustotal.com/gui/url/7574cd8789b7ac7b78e4efe778ab6228a8b8c79301740247b5738bc62f208883
0.0.0.0 superdatenow3.com
# https://virustotal.com/gui/url/a7f1c2d1c02cc824bb93c1ba1d147d9fc1464bb3a4aeb937922d6bbdec84ffff
0.0.0.0 findlocalgirlnow.com
# https://virustotal.com/gui/url/c5126c3b175c6fa50d96443ecca99b75c881420248ec020c7cd567715839410a
# https://github.com/uBlockOrigin/uAssets/issues/10075
0.0.0.0 the-crypto-genius.net
0.0.0.0 www.the-crypto-genius.net
# Redirect
0.0.0.0 learning-base.club
# https://github.com/DandelionSprout/adfilt/issues/287#issue-1013759704
0.0.0.0 youtuba.com
0.0.0.0 polyhymnia-mar.com
0.0.0.0 virpropcnow.xyz
0.0.0.0 avprotectionoverview.com
# https://virustotal.com/gui/file/294b8db1f2702b60fb2e42fdc50c2cee6a5046112da9a5703a548a4fa50477bc/relations
# https://virustotal.com/gui/ip-address/160.202.163.100/relations
# https://virustotal.com/gui/url/3818bac5233b17d11c0744005712a5761596f33ac54c23565eb08b5496323d48
0.0.0.0 microsoftkernel.com
0.0.0.0 update.microsoftkernel.com
# https://virustotal.com/gui/url/7709e9dff92c359c920e31866268a04489a67fc2e415bbc8c20cea8604387121
0.0.0.0 hksupd.com
0.0.0.0 amazon.hksupd.com
# https://virustotal.com/gui/url/c8da0d48ea7be9444411840955f2a658c3f6fbfd3dcc87df29fe0c13a6b9b604
0.0.0.0 microsofthk.com
0.0.0.0 update.microsofthk.com
# https://virustotal.com/gui/url/956c451fe61038377026bee53c4eeff67ab3efe69f5c4c6e22b3c1dbde10ced1
# https://virustotal.com/gui/url/8c1e1a8a80c515d411b4e22d36ddb0535427c73f2b7c8b3ae7a672ad208c89b2
# https://virustotal.com/gui/url/681dfdb12bcaa2facfb6eefe51d671387f111134f1661e336d63c5e6b207aa10
0.0.0.0 bilalimtyaz.co
# https://virustotal.com/gui/url/efdaf6927a66f267f8e834a1d685e76025f3c8ad29b8d950289ceb43c18a3477
0.0.0.0 machinesalaver.net
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-938682090
0.0.0.0 eliteexteriorsystems.com
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-940500664
# redirect chain
0.0.0.0 captcha-smart.top
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-944642656
0.0.0.0 allblock.net
# https://hybrid-analysis.com/sample/691fb304c88929435950c157c1789bc7004e2163a3188cf2fff1124cfa5f00f8/60f6dbfae50e5603767b8f32
# https://virustotal.com/gui/url/b141c859a1246a250183b212cea2e6ed30d90477adc5ae8f3277516f68071396
# https://virustotal.com/gui/url/5b4dc980802a96c630e76148aab4f2cbe7a196d39ffce9a7e3c95bcdc082b64a
0.0.0.0 micuenta01.github.io
# https://virustotal.com/gui/url/64babbfb323b40df5b768265183886fbed60ea92234da1a2e4b85acfdceaf0aa
# https://virustotal.com/gui/url/4f827d8be6d25fa88c1ebe74800b6743d7e289b0f904b6f3445486b3ccac2797
0.0.0.0 tristreamstv.com
# https://blog.malwarebytes.com/threat-intelligence/2021/10/q-logger-skimmer-keeps-magecart-attacks-going/
0.0.0.0 pinokio.online
0.0.0.0 sitetraffic.site
0.0.0.0 spacecom.site
# https://github.com/uBlockOrigin/uAssets/issues/10181
0.0.0.0 nbryb.com
0.0.0.0 onemacusa.com
0.0.0.0 realnetnews.com
0.0.0.0 rogueleader.org
0.0.0.0 suggestive.com
# found when searching for "iam-py-test" on Google - starts at hxxpx[:]//google-yandex[.]info[/]iam-py-test
# https://github.com/iam-py-test/investigations/blob/main/2021/10/24/1.md
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-950351144
0.0.0.0 google-yandex.info
0.0.0.0 cloud-apps.store
# https://virustotal.com/gui/url/2e874f308e1202ce4deb4068d029675c8487bed465f3bd34aeefb4a84c6b767f
# https://virustotal.com/gui/url/859be64d71834dba1693b079ec85f77edcd06124031c65178838555fea31efd7
0.0.0.0 dliscord.com
# https://github.com/blocklistproject/Lists/issues/537
# https://github.com/blocklistproject/Lists/issues/538
0.0.0.0 gosuslugi.contact
0.0.0.0 gosulugl.ru
0.0.0.0 gosuslugee.ru
0.0.0.0 gosmslugi.ru
0.0.0.0 gosuslugji.ru
0.0.0.0 gosuslugi.agency
0.0.0.0 gosulgi.ru
0.0.0.0 gosoogi.com
0.0.0.0 gosulvgi.ru
0.0.0.0 gosusnugi.ru
0.0.0.0 gosuslugi-kultura.ru
0.0.0.0 ciel-goshugi.com
0.0.0.0 www-gos-uslugi.ru
0.0.0.0 gosusluslugi.ru
0.0.0.0 gosuslugi.xyz
0.0.0.0 gosushlugi.ru
0.0.0.0 vgosuslugi.ru
0.0.0.0 gos-uslug.ru
0.0.0.0 gosuslugigov.ru
0.0.0.0 gosuslugi.uk
# https://threatpost.com/chrome-deliver-malware-as-legit-win-10-app/175884/
# https://www.rapid7.com/blog/post/2021/10/28/sneaking-through-windows-infostealer-malware-masquerades-as-windows-application/
0.0.0.0 cleancrack.tech
0.0.0.0 s4.cleancrack.tech
0.0.0.0 clickmatters.biz
# https://forums.malwarebytes.com/topic/280266-removal-instructions-for-search-streamly/
0.0.0.0 search-streamly.com
0.0.0.0 feed.search-streamly.com
0.0.0.0 api.search-streamly.com
# https://virustotal.com/gui/file/574a56656b6cf687d912baeedeeb176f0a7e58ad15ad4ab43c3cd630d9cceab2/relations
# https://virustotal.com/gui/url/8cb8c13da88b7b50a7cae47233a3c385a0208f0dccf119044f775e0a464de3a2
0.0.0.0 telegraf.top
# https://github.com/iam-py-test/investigations/blob/main/2021/11/3/1.md#domains
0.0.0.0 youutube.com
0.0.0.0 youvetube.com
0.0.0.0 www.youvetube.com
0.0.0.0 mediadlvr.com
0.0.0.0 safejokesearch.com
0.0.0.0 www.safejokesearch.com
# https://blog.malwarebytes.com/threat-intelligence/2021/11/credit-card-skimmer-evades-virtual-machines/
# https://virustotal.com/gui/url/229181849ae5d036ff997645e9cf708d4fe96337d6e68e780777aee382fdccf1
0.0.0.0 webflows.net
0.0.0.0 web.webflows.net
0.0.0.0 librarysetr.com
0.0.0.0 js.rawgit.net
0.0.0.0 rawgit.net
0.0.0.0 iofrontcloud.com
0.0.0.0 alligaturetrack.com
0.0.0.0 getambassador.net
0.0.0.0 st.adsrvr.biz
# https://virustotal.com/gui/file/f657dd8b99b9fa047c524f055984dfb1f9886cc97c788c8ebb9e63537f327c1a/community
# https://virustotal.com/gui/file/676de5f6ff737af6e73a00caf93767cc9af16e6e6bd50016b5bd03ffa097c373/community
# https://virustotal.com/gui/ip-address/2.56.59.42/relations
0.0.0.0 cha1se.my03.com
# https://virustotal.com/gui/file/c465550320e3625e430f8745c8c8b8664a202e24dbe51ed4e5dcd0af25960420/community
# https://virustotal.com/gui/url/a2524bba49ae71297d2b408b30d058700d9c80b5b1154924cafe190ec3e605a6/detection
0.0.0.0 newrrb.bid
# https://virustotal.com/gui/file/6146dfe56dcb49e1b843624a44e204754e15625a4f94b230b59a5cafc924f618/community
0.0.0.0 bursakulis.com
# https://github.com/iam-py-test/investigations/blob/main/2021/11/24/1.md
0.0.0.0 macsoftwarez.com
0.0.0.0 namilon.xyz
# C2s
0.0.0.0 toa.mygametoa.com
0.0.0.0 mygametoa.com
# https://forums.malwarebytes.com/topic/281074-pup-mysearchengineco-firtefox/
# https://virustotal.com/gui/ip-address/172.67.222.254/relations
# https://virustotal.com/gui/url/781a2d763b034c9610ab9832bdc2692aced3d86c6b7296ea72579da7b68dc073
0.0.0.0 631e69eb.ainans.com
# https://scammer.info/t/quantum-ad-blocker-trojan/84204
0.0.0.0 quantumadblocker.com
# https://github.com/uBlockOrigin/uAssets/pull/10662
0.0.0.0 api.crm.duominuo.com
0.0.0.0 static.duominuo.com
0.0.0.0 wnl.duominuo.com
0.0.0.0 duominuo.com
# https://virustotal.com/gui/url/269d374b629d7896da1f9e7449bd5afecf6284a9a564244f96a71e5192363635
0.0.0.0 lowseelan.com
# https://virustotal.com/gui/file/50fd813cf8fe981e6aee179f8ba394e5527c5128b84c328f9f8347cd994bbc42/community
# https://virustotal.com/gui/file/2ea599605c4d65902943f12e1114a71af7a40fa7dffbf018b0ee3e7a61aaeaa3/community
# https://forums.malwarebytes.com/topic/281264-malware-bytes-scam-number-1-315-996-0560/
# https://github.com/DandelionSprout/adfilt/pull/395
# https://www.huorong.cn/info/1531309921141.html
0.0.0.0 kuaizip.com
# https://www.huorong.cn/info/1618397948649.html
# ||zhuangjizhuli.com^$all
# ||zhuangjizhuli.net^$all
# https://github.com/uBlockOrigin/uAssets/pull/9656
0.0.0.0 geekotg.com
0.0.0.0 qq789.com.cn
# https://www.huorong.cn/info/1526627586130.html
0.0.0.0 xiaobaixitong.com
# https://www.huorong.cn/info/1577158839403.html
0.0.0.0 daque.cn
# https://www.huorong.cn/info/1598957552515.html
0.0.0.0 dabaicai.com
# https://www.huorong.cn/info/1617368984641.html
0.0.0.0 qqfzn.com
# https://github.com/uBlockOrigin/uAssets/pull/10017
0.0.0.0 flash.cn
# https://virustotal.com/gui/file/1d29ecde092f21ea0dd05b9f42531be1ed2207d6ebb9b463517f4c9508ff24a7/community
0.0.0.0 fire.hypersys-server.com.ar
# https://github.com/uBlockOrigin/uAssets/pull/10774
# https://bbs.kafan.cn/thread-2222478-1-1.html
# https://bbs.kafan.cn/thread-2221903-1-1.html
# https://bbs.kafan.cn/thread-2221781-1-1.html
# https://bbs.kafan.cn/thread-2220230-1-1.html
0.0.0.0 ts-group.com
# https://bbs.kafan.cn/thread-2221419-1-1.html
0.0.0.0 2345.eyunsou.com
# https://www.huorong.cn/info/1627034201698.html
# https://bbs.kafan.cn/thread-2217785-1-1.html
0.0.0.0 win.zjwhr.top
# https://twitter.com/Cryptolaemus1/status/1468266929014157316
0.0.0.0 lartmana.com
# https://github.com/blocklistproject/Lists/issues/588
0.0.0.0 procrackerz.org
0.0.0.0 freeprosoftz.com
0.0.0.0 pccrackbox.com
0.0.0.0 365crack.com
0.0.0.0 cracklabel.com
0.0.0.0 keystool.com
0.0.0.0 pcwarezbox.com
0.0.0.0 installcracks.com
0.0.0.0 10crack.com
0.0.0.0 reallcrack.com
0.0.0.0 hit4crack.com
0.0.0.0 crackproductkey.com
0.0.0.0 profullversion.com
0.0.0.0 vcracks.com
0.0.0.0 crackswall.com
0.0.0.0 crackthere.com
0.0.0.0 crackpcsoft.net
0.0.0.0 crackserialkey.co
0.0.0.0 keygenfile.net
0.0.0.0 maliksofts.com
0.0.0.0 proappcrack.com
0.0.0.0 flstudiocrack.org
0.0.0.0 scracked.com
0.0.0.0 crackpropc.com
0.0.0.0 crackwinz.com
0.0.0.0 cyberspc.com
0.0.0.0 crackedpcs.com
0.0.0.0 ayeshapc.com
0.0.0.0 crackintopc.com
0.0.0.0 crackhomes.com
0.0.0.0 zslicensekey.com
0.0.0.0 cracksmad.com
0.0.0.0 iamactivator.com
0.0.0.0 crackproduct.com
0.0.0.0 excrack.com
0.0.0.0 mahcrack.com
0.0.0.0 get4pcs.com
0.0.0.0 genuineactivator.com
0.0.0.0 keygenwin.com
0.0.0.0 thiscrack.com
0.0.0.0 crackedroot.com
0.0.0.0 crackspro.co
0.0.0.0 topcracked.com
0.0.0.0 mycrackfree.com
0.0.0.0 crackfullpro.com
0.0.0.0 starcrack.net
0.0.0.0 procrackpc.com
0.0.0.0 crackknow.com
0.0.0.0 crackpro.org
0.0.0.0 4howcrack.com
0.0.0.0 crackshere.com
0.0.0.0 crackdj.com
0.0.0.0 cracksray.com
0.0.0.0 crackkits.com
0.0.0.0 trycracksoftware.com
0.0.0.0 fullcrackedpc.com
0.0.0.0 cracktopc.com
0.0.0.0 crackkey4u.com
0.0.0.0 rootcracks.org
0.0.0.0 idmfullcrack.info
0.0.0.0 fileserialkey.com
0.0.0.0 licensekeyup.com
0.0.0.0 thecrackbox.com
0.0.0.0 rootcracks.co
0.0.0.0 cracksway.com
0.0.0.0 clevercracks.com
0.0.0.0 shahzifpc.com
0.0.0.0 idmpatched.com
0.0.0.0 getprocrack.co
0.0.0.0 autocracking.com
0.0.0.0 productkeyfree.org
0.0.0.0 chcracked.com
0.0.0.0 cracksdat.com
0.0.0.0 patchcracks.com
0.0.0.0 activationkeys.co
0.0.0.0 serialsofts.com
0.0.0.0 piratpc.com
0.0.0.0 prosoftlink.com
0.0.0.0 cracksole.com
0.0.0.0 finalcracked.com
0.0.0.0 activatorpros.com
0.0.0.0 organiccrack.com
0.0.0.0 zscracked.com
0.0.0.0 abbaspc.org
0.0.0.0 allsoftwarekeys.com
0.0.0.0 genuineserials.com
0.0.0.0 pfcbwp.com
0.0.0.0 softwar2crack.com
0.0.0.0 xforce-cracks.com
0.0.0.0 procracks.net
0.0.0.0 productkeyforfree.com
0.0.0.0 crackgrid.com
0.0.0.0 licensekeysfree.com
0.0.0.0 goharpc.com
0.0.0.0 crackedmod.com
0.0.0.0 crackvip.com
0.0.0.0 crackedpc.org
0.0.0.0 activatorwin.com
0.0.0.0 whitecracked.com
0.0.0.0 softwarance.com
0.0.0.0 kalicrack.com
0.0.0.0 bypassapp.com
0.0.0.0 ziapc.org
0.0.0.0 zgamespc.com
0.0.0.0 cracksoon.com
0.0.0.0 boxcracked.com
0.0.0.0 procrackkey.co
0.0.0.0 activationkey.org
0.0.0.0 newproductkey.com
0.0.0.0 protoolscrack.net
0.0.0.0 download4mac.com
0.0.0.0 serialkeypatch.org
0.0.0.0 premiumsforum.com
0.0.0.0 profreefiles.com
0.0.0.0 filespremium.com
# https://github.com/uBlockOrigin/uAssets/pull/10854
# https://forums.malwarebytes.com/topic/281936-malware-campaing-distribuition-malicious-link/
0.0.0.0 10dimensions.com
# malware - https://bazaar.abuse.ch/sample/a12d74b1756d49531e21f755fef2049ab6c83626f0834cb945c781c39d40a177/
0.0.0.0 crackedable.com
# hxxpx[:]//crackpropc[.]com/winrar-crack/ - https://bazaar.abuse.ch/sample/4f4376563cfc35d3fb0b4f857674729727b5f959235fe39daa928a1d4a28649a/
0.0.0.0 wastyuioytryiuoytryiuopuytryuioewr5t678i.s3.amazonaws.com
# https://github.com/uBlockOrigin/uAssets/pull/10997
0.0.0.0 jinshanduba.org.cn
# https://bazaar.abuse.ch/sample/357226dff2f3309f8271b5a7c2cc816aa8fb779275357dce9b98b30357951210/
0.0.0.0 download-srvr.xyz
0.0.0.0 cybermicto768jubileejhsye6yt6543.s3.us-east-1.amazonaws.com
# https://bazaar.abuse.ch/sample/932fcccda7c8e576eb914b446646883cfdb439fe4c7306905ea005555be5e2bb/
0.0.0.0 hopelandishomeground1098alone43jk.s3.amazonaws.com
# https://bazaar.abuse.ch/sample/9dfd1e4d88c586107f341620c9682710a414f34e2086aab363661f8eb8031202/
0.0.0.0 gigapurbalingga.net
0.0.0.0 rigrosehostingz.xyz
# https://forums.malwarebytes.com/topic/282207-how-to-remove-pupoptionalbrowserhijack-and-pupoptionallockhomepage/
# (20/12/2022) https://github.com/AdguardTeam/AdguardFilters/issues/137498
0.0.0.0 find-it.pro
# fake Flash Player
0.0.0.0 new-meet-dating.life
0.0.0.0 wellhello.com
# https://github.com/blocklistproject/Lists/issues/600
0.0.0.0 choicemonitor.top
0.0.0.0 italtrack.checkitemtt.top
0.0.0.0 checkitemtt.top
0.0.0.0 conv-alida-recapiro-com.preview-domain.com
# https://forums.malwarebytes.com/topic/282353-peruvian-netflix-phishing/
0.0.0.0 juandfar.github.io
# https://bazaar.abuse.ch/sample/d696d27429f51199a8b88b7a332cfa2c05d6cf6a875a88046a8764a290bf588f/
0.0.0.0 slidehostdowny.xyz
# https://twitter.com/TheDFIRReport/status/1477687477821489157
0.0.0.0 rest.healthy2fit.com
0.0.0.0 api.healthy2fit.com
0.0.0.0 rest.mcghealthcare.org
0.0.0.0 rest.neckbackpainrelief.org
# https://github.com/uBlockOrigin/uAssets/issues/11157
0.0.0.0 sideload.net
0.0.0.0 stcverify.com
0.0.0.0 verify.stc.tools
0.0.0.0 1980s.click
0.0.0.0 0x41414141.net
0.0.0.0 yatsura.0x41414141.net
0.0.0.0 ultimate-eraser.com
# https://virustotal.com/gui/url/747b8465c517261eb6c5bc1a6c4fa281dc309caecf4a283f9bfb4fe2ba795bd0
0.0.0.0 mailsecure-helpdesk.azurefd.net
# https://scammer.info/t/discord-nitro-scam-23/87273
0.0.0.0 discqrdapp.com
# VirusTotal typosquatt
0.0.0.0 virusttotal.com
# https://blog.malwarebytes.com/threat-intelligence/2022/01/patchwork-apt-caught-in-its-own-web/
0.0.0.0 bgre.kozow.com
# https://blog.malwarebytes.com/web-threats/2022/01/card-skimmers-strike-sothebys-in-brightcove-supply-chain-attack/
0.0.0.0 cdn-imgcloud.com
# https://twitter.com/pr0xylife/status/1483380330652487680
0.0.0.0 plus-x.xsrv.jp
0.0.0.0 senior.tims.se
0.0.0.0 mecaglobal.com
0.0.0.0 mymicrogreen.mightcode.com
0.0.0.0 ariesnetwork.co.uk
0.0.0.0 animalkingdompro.com
0.0.0.0 bitcoin-up.fomentomunivina.cl
0.0.0.0 cr.almalunatural.com
# https://virustotal.com/gui/file/cfb15322084d6292f43038a69b0e017b809f178b7c85c310f8effdb37a3eb9a3/community
0.0.0.0 florafawnamusic.com
# https://virustotal.com/gui/file/63a46fa06e1bd31832daa958d3a706fd86fbe8f7a2897dc19e52516e4a2066d5/relations
0.0.0.0 goyaluat.vmesh.in
# https://virustotal.com/gui/file/3b0158eb80a4ce6aefbab643c3ca57253d265c8c82754c4a7e31dbd64b5aa48f/relations
0.0.0.0 actividades.laforetlanguages.com
0.0.0.0 laforetlanguages.com
# https://virustotal.com/gui/file/80b5c38471c54298259cec965619fccb435641a01ee4254a3d7c62ec47849108/relations
0.0.0.0 111439d.com
0.0.0.0 intrasvp.com
0.0.0.0 paulbau.com
0.0.0.0 peninsularbottling.com
0.0.0.0 spoilnet.com
0.0.0.0 thebeardedbrocksblends.com
0.0.0.0 wokpy.com
0.0.0.0 www.111439d.com
0.0.0.0 www.intrasvp.com
0.0.0.0 www.paulbau.com
0.0.0.0 www.peninsularbottling.com
0.0.0.0 www.spoilnet.com
0.0.0.0 www.thebeardedbrocksblends.com
0.0.0.0 www.wokpy.com
# https://www.bleepingcomputer.com/news/security/a-look-at-the-new-sugar-ransomware-demanding-low-ransoms/
# https://github.com/uBlockOrigin/uAssets/issues/11574
0.0.0.0 rutracker-org.appspot.com
# https://virustotal.com/gui/url/c25fe34c05cc8e9136027a67c277e175a5d6e35af921ee37bad98bdfeea6a2f9/community
0.0.0.0 6201375e287cc50016414168.2go.me
0.0.0.0 splendid-fallacious-anaconda.glitch.me
# https://virustotal.com/gui/file/568cfb6f770f6fbec1f18595bb78183e1fb5d2e7086f747230f2706ce29ed381/relations
0.0.0.0 www.tzkaxh.com
# https://github.com/uBlockOrigin/uAssets/pull/11744
0.0.0.0 greencracks.com
0.0.0.0 procrackerz.com
0.0.0.0 crackfix.net
0.0.0.0 zcracked.com
0.0.0.0 cracksoftware.org
0.0.0.0 downloadpc.net
0.0.0.0 pcfullcrack.org
0.0.0.0 keygenpc.com
0.0.0.0 up4pc.com
0.0.0.0 hitproversion.com
0.0.0.0 cracktube.net
0.0.0.0 yourpcnotification.com
# https://virustotal.com/gui/url/bd46572625a7d66dac92a3674fb9b8d31ef855b3229ab8ac650e8d198981ed1e/community
0.0.0.0 www.takiparkrb.site
# https://github.com/uBlockOrigin/uAssets/issues/12194
0.0.0.0 fulptube.org
# https://bazaar.abuse.ch/sample/d7308dab0110ae3bc79fd15024f5ccfcbd6e676b7c42b27a0112506e8357a6dc/ --> https://app.any.run/tasks/bc53e7a9-5fd7-4682-894d-11e48e9ea89a#
0.0.0.0 www.pccrackworld.com
0.0.0.0 pccrackworld.com
# https://virustotal.com/gui/file/f158c883db7803a14c124e29a3adb1b72cca3168d904f7cee2a6ebbbdc535ca3/relations
0.0.0.0 winfrey2024.com
0.0.0.0 www.winfrey2024.com
0.0.0.0 bisbenefits.solutions
# https://virustotal.com/gui/url/a7c6db453eaaafa9450ff12b5e85d81c8fc096912f1d9c295a908bd5c02ef3bd/community
0.0.0.0 okra-grouper-hny2.squarespace.com
# https://virustotal.com/gui/url/34512642d5d361717a97c817fbf65c008d4cc903a2c7ae641820a9d1e0fca5e0 --> https://app.any.run/tasks/5fb54e2b-1857-45ea-9656-bb4e185d47ab
0.0.0.0 pirate4.life
# https://virustotal.com/gui/file/439db5f69b49091964c335c5977bc6dbf8aa41398d0240410dfeb898add7dace/relations
0.0.0.0 891706.com
0.0.0.0 www.njgummys.com
# https://virustotal.com/gui/url/48fca83cbb6dc2f75f0e8a1546d4f396a5914502ead0060a0eefb2ed580a8c09 (seems down but no reason not to block it)
0.0.0.0 vww-robiox.com
# https://virustotal.com/gui/url/169c42480ba36ed07c5895da489593248c6da52e54a7c382748258aa798d8ee1
0.0.0.0 littleluxuriesshop.com
# https://github.com/AdguardTeam/AdguardFilters/issues/111970
0.0.0.0 a23-trk.xyz
# https://forums.malwarebytes.com/topic/285132-outgoing-trojan-2dodddnsnet/
0.0.0.0 2dod.ddns.net
# https://decoded.avast.io/janrubin/parrot-tds-takes-over-web-servers-and-threatens-millions/
0.0.0.0 clickstat360.com
0.0.0.0 statclick.net
0.0.0.0 staticvisit.net
0.0.0.0 webcachespace.net
0.0.0.0 syncadv.com
0.0.0.0 webcachestorage.com
0.0.0.0 parmsplace.com
0.0.0.0 xomosagency.com
0.0.0.0 lawrencetravelco.com
0.0.0.0 accountablitypartner.com
0.0.0.0 codingbit.co.in
0.0.0.0 fishslayerjigco.com
0.0.0.0 avanzatechnicalsolutions.com
0.0.0.0 integrativehealthpartners.com
0.0.0.0 wwpcrisis.com
0.0.0.0 markbrey.com
0.0.0.0 nuwealthmedia.com
0.0.0.0 pocketstay.com
0.0.0.0 fioressence.com
0.0.0.0 drpease.com
0.0.0.0 refinedwebs.com
0.0.0.0 spillpalletonline.com
0.0.0.0 altcoinfan.com
0.0.0.0 hill-family.us
# https://bazaar.abuse.ch/sample/b959fb160dac2a15b8e65c15e2b1738d356c03e13623588bc70aab825c57660a/
# https://app.any.run/tasks/5fcd7eda-1f8b-4e99-80f9-5429d6044d16
0.0.0.0 freeversioncrack.com
0.0.0.0 top3hostngc.xyz
# another malware website
0.0.0.0 gamesrar.co
# https://virustotal.com/gui/url/e47d6ed8866072e58d28b93dd0c7b06d148e5139c1dbe219a16ba288ba14f93c/community
0.0.0.0 nolhivaranfaruonline.com
# https://virustotal.com/gui/url/d9a2be341e814e16c837b215cac13b30add4aba14eec06f4b6d400d0a0409ce3/community
0.0.0.0 anthracnosis-jackscrew-rubine.s3.eu-central-003.backblazeb2.com
# https://www.bleepingcomputer.com/news/security/unofficial-windows-11-upgrade-installs-info-stealing-malware/ (dead but may undie)
0.0.0.0 windows11-upgrade11.com
# https://virustotal.com/gui/url/b56536f2753c28e251a16e85e960e503e1a0fa7460225daba497734b091ef3d6/community --> https://app.any.run/tasks/0d8b025d-ba39-4f88-b83d-db3274b62f49
0.0.0.0 codesbro.com
# https://forums.malwarebytes.com/topic/286125-riskware-when-doing-a-google-search/
0.0.0.0 flydogy.com
# https://bazaar.abuse.ch/sample/a5c87433df7f9a01cd7140d0882e6f227c62076b14d92f6fd9ab3e0570b596ee/
0.0.0.0 portabledownloads.com
0.0.0.0 jetiparfilezho.xyz
# https://forums.malwarebytes.com/topic/286435-malwarebytes-reporting-riskware-through-powershell-every-minute/
0.0.0.0 wmail-service.com
# https://forums.malwarebytes.com/topic/292561-website-blocked-due-to-riskware/
0.0.0.0 counter.wmail-service.com
# https://app.any.run/tasks/f0cf926b-dd19-4209-9e0c-a1ae1855a77b/
# https://app.any.run/tasks/4ff53b3b-551f-4a5f-a303-c5938d31c376
# https://forums.malwarebytes.com/topic/286715-emailed-html-file-phish-appears-is-somehow-bypassing-browserguard/
0.0.0.0 etools.page
# https://bazaar.abuse.ch/sample/07a496254e53741aa86e2292f1fce40bf04690504d8cda443d000133099ca107/
0.0.0.0 startcrack.co
0.0.0.0 slamicrep.cfd
0.0.0.0 lectedacivilia.cfd
# https://virustotal.com/gui/url/6764a8e44b5fa318bbf85df6eb6d083a20fc7090b85b0d43068b8f934ad9b2c2 --> https://virustotal.com/gui/file/10dbb4692e34a6f3ca1cf82668a87b1204aa1548c139d88240680d3b82473510
0.0.0.0 www.enjpc.com
0.0.0.0 enjpc.com
# https://virustotal.com/gui/url/ea37961ff4ba03a3f50b537668b97e7e682a4d6c2a980504ed4be8d4f593fd96 --> https://bazaar.abuse.ch/sample/727a3154e9862b477a4d556940a8fb47fb7f8dd955102ef7738bc32b587076f5/
0.0.0.0 latestsoftz.com
# https://twitter.com/ankit_anubhav/status/1531258779899047938
0.0.0.0 rick63.publicvm.com
# https://twitter.com/Artilllerie/status/1534076124829036544
0.0.0.0 bbleepingcomputer.com
0.0.0.0 bleepingc0mputer.com
0.0.0.0 bleepingccomputer.com
0.0.0.0 bleepingcimputer.com
0.0.0.0 bleepingcmoputer.com
0.0.0.0 bleepingcmputer.com
0.0.0.0 bleepingcommputer.com
0.0.0.0 bleepingcomouter.com
0.0.0.0 bleepingcompiter.com
0.0.0.0 bleepingcompouter.com
0.0.0.0 bleepingcompputer.com
0.0.0.0 bleepingcomptuer.com
0.0.0.0 bleepingcompurer.com
0.0.0.0 bleepingcomputee.com
0.0.0.0 bleepingcomputeer.com
0.0.0.0 bleepingcomputerr.com
0.0.0.0 bleepingcomputet.com
0.0.0.0 bleepingcomputor.com
0.0.0.0 bleepingcomputre.com
0.0.0.0 bleepingcomputrr.com
0.0.0.0 bleepingcomputter.com
0.0.0.0 bleepingcomputwr.com
0.0.0.0 bleepingcompuuter.com
0.0.0.0 bleepingcompuyer.com
0.0.0.0 bleepingcompyter.com
0.0.0.0 bleepingcomupter.com
0.0.0.0 bleepingconputer.com
0.0.0.0 bleepingcoomputer.com
0.0.0.0 bleepingcopmuter.com
0.0.0.0 bleepingcoputer.com
0.0.0.0 bleepingcpmputer.com
0.0.0.0 bleepingocmputer.com
0.0.0.0 bleepingvomputer.com
0.0.0.0 bleepingxomputer.com
# https://blog.malwarebytes.com/threat-intelligence/2022/06/makemoney-malvertising-campaign-adds-fake-update-template/
0.0.0.0 ankgomag.xyz
0.0.0.0 ankltrafficexit.xyz
0.0.0.0 clicksdeliveryserver.space
0.0.0.0 cryptosuite.pro
0.0.0.0 daiichisankyo-hc.live
0.0.0.0 gettime.xyz
0.0.0.0 hilllandings.xyz
0.0.0.0 jillstuart-floranotisjillstu.art
0.0.0.0 keitarotrafficdelivery.xyz
0.0.0.0 makemoneyeazzywith.me
0.0.0.0 makemoneywith.us
0.0.0.0 mizuno.casa
0.0.0.0 money365.xyz
0.0.0.0 nawa-store.com
0.0.0.0 nippon-mask.site
0.0.0.0 openphoto.xyz
0.0.0.0 selfadtracker1.online
0.0.0.0 traffic.selfadtracker1.online
0.0.0.0 zerocryptocard.shop
# https://bazaar.abuse.ch/sample/7a1ac49143e4dc8d3e7f3d033b1b382b3120bfdebfbaf3a304ab2f086456a896/
# https://bazaar.abuse.ch/sample/fc03d6fa6787c0e6fee51af9c567bc1febf642bdfd6fd91ee99348b0a2cdf947/
# ads
0.0.0.0 lulachu.com
0.0.0.0 zoomstreakstream.com
# https://twitter.com/malwrhunterteam/status/1539964420607971328
0.0.0.0 business-page-appeal-126-73125.web.app
# https://scammer.info/t/phishing-my-account-will-be-blocked/100783
# https://scammer.info/t/fake-discord-nitro-generator/99942
# https://bazaar.abuse.ch/sample/afc4c49625b8c888e7e4958ec95cf0a79baf48736d71b0cac2bb2fc5f1c99279/
0.0.0.0 importadoracandy.com
# YouTube video on a probably hacked channel --> https://bazaar.abuse.ch/sample/786947bd41f7be120bc82fd563b5658ff319bcb45f8e3a35e9e4c62a03ef103e/
# https://virustotal.com/gui/file/8014510ba4ca11285598396ec7f36058ce42b2fdd4fd80004c1f1c84933126f1/detection
0.0.0.0 sbnue.com
# https://forums.malwarebytes.com/topic/287876-im-posting-a-malware-to-ask-if-anyone-know-the-type-of-this-malware/
# https://app.any.run/tasks/85cfa904-06c4-4603-82ec-7a3db8db8df9
0.0.0.0 comfortykive.xyz
0.0.0.0 tjzaj.comfortykive.xyz
0.0.0.0 safefastfreesmart.rest
0.0.0.0 rewards-giant.uk
0.0.0.0 www.rewards-giant.uk
# (14/11/2022) https://app.any.run/tasks/508eecd4-0573-433f-9888-ea4bfe10e5d5
0.0.0.0 ewoverth.buzz
0.0.0.0 fbuww.ewoverth.buzz
0.0.0.0 cemgf.ewoverth.buzz
0.0.0.0 paylk.ewoverth.buzz
0.0.0.0 krtbw.ewoverth.buzz
0.0.0.0 lyirs.ewoverth.buzz
0.0.0.0 stijy.ewoverth.buzz
0.0.0.0 pwazc.ewoverth.buzz
0.0.0.0 uxdpj.ewoverth.buzz
0.0.0.0 jxaox.ewoverth.buzz
0.0.0.0 fqdbx.ewoverth.buzz
0.0.0.0 qakbs.ewoverth.buzz
0.0.0.0 wfarv.ewoverth.buzz
0.0.0.0 tepmv.ewoverth.buzz
0.0.0.0 ivuvh.ewoverth.buzz
0.0.0.0 rqsyl.ewoverth.buzz
0.0.0.0 hhqdq.ewoverth.buzz
0.0.0.0 eysei.ewoverth.buzz
0.0.0.0 jdmhf.ewoverth.buzz
0.0.0.0 xdgip.ewoverth.buzz
0.0.0.0 qdudm.ewoverth.buzz
0.0.0.0 xdnpv.ewoverth.buzz
0.0.0.0 ytsiw.ewoverth.buzz
0.0.0.0 aqxzv.ewoverth.buzz
0.0.0.0 akawl.ewoverth.buzz
0.0.0.0 pvrqg.ewoverth.buzz
0.0.0.0 oyffo.ewoverth.buzz
0.0.0.0 woorz.ewoverth.buzz
0.0.0.0 whqqm.ewoverth.buzz
0.0.0.0 apgib.ewoverth.buzz
0.0.0.0 bsrhu.ewoverth.buzz
0.0.0.0 lipwq.ewoverth.buzz
0.0.0.0 yzivj.ewoverth.buzz
0.0.0.0 cgwvb.ewoverth.buzz
0.0.0.0 zijim.ewoverth.buzz
0.0.0.0 fvpki.ewoverth.buzz
0.0.0.0 deqkr.ewoverth.buzz
0.0.0.0 qtngs.ewoverth.buzz
0.0.0.0 jgdvx.ewoverth.buzz
0.0.0.0 vovle.ewoverth.buzz
0.0.0.0 oqcqa.ewoverth.buzz
0.0.0.0 nruzo.ewoverth.buzz
0.0.0.0 cnwlv.ewoverth.buzz
0.0.0.0 waneo.ewoverth.buzz
0.0.0.0 fmrdm.ewoverth.buzz
0.0.0.0 pzktf.ewoverth.buzz
0.0.0.0 uivzc.ewoverth.buzz
# look-alike domains on the same IP, some with AV detections
0.0.0.0 sweredth.buzz
0.0.0.0 reamsan.buzz
0.0.0.0 ecityalittl.buzz
0.0.0.0 toftheussi.xyz
0.0.0.0 sfriend.buzz
0.0.0.0 ewallowi.buzz
# trys to install extension
0.0.0.0 antivirushub.co
# https://virustotal.com/gui/url/081c3fe5d843567d0b5a1f7b2efd6592eded82d8a6b0a4283760c53b06b9d009/community
0.0.0.0 coinbase-buysell-cryptocurrency.yolasite.com
# https://virustotal.com/gui/file/b7a7b969380d611b8f21f457e3d56b472cd4634fc11b016c0f5e70a15ddd2363/community
0.0.0.0 wearenotbbystealer.nl
# https://virustotal.com/gui/url/88c6f47ec835274fa193c5540a570dc53421fcfdc5d0408f8a8215ff9ec561bf/community
0.0.0.0 nolajaymesrealtor.com
# https://virustotal.com/gui/url/0f08c044228d8d5cf50356deeadea492d78fd691735df5438f118c52a622267b/community
0.0.0.0 planebux.xyz
# someone shared this SMS with me --> https://web.archive.org/web/20220707215749/https://twitter.com/iam_py_test/status/1545164642346930176
0.0.0.0 amazon-security-info.lnk.to
# https://bazaar.abuse.ch/sample/b41a79633a38811e378ce4e3e05cbaf086791272ae55c87eafa845eb655994a9/
# https://bazaar.abuse.ch/sample/5c795e31f7130c2c15ed1fbcb300bea7266f64e10f68cfc9a2f139f2a25a9532/
0.0.0.0 crackload.net
# https://virustotal.com/gui/url/b57caaf8abc72075c0e194177af30ec2059f57ed944d23adc2e1f925bb9b4880/community
0.0.0.0 pegaz-paragliding.com
# https://virustotal.com/gui/url/a927a3bd0b3c6e016e29bf31d4d217977e2d41bb87fc555eb92f96ecab62e7f7/community
0.0.0.0 jinjarsoft.com
# https://forums.malwarebytes.com/topic/288670-im-getting-website-blocked-due-to-trojan/
0.0.0.0 clayroot2016.linkpc.net
# https://twitter.com/stephenlacy/status/1554697077430505473 shared by HoJeong Go
0.0.0.0 ovz1.j19544519.pr46m.vps.myjino.ru
# https://virustotal.com/gui/file/36d0988bbecc52a81edde05ecf40562ce878dcf4eb273691a134f825bbc16f34/detection
# https://virustotal.com/gui/file/bf7050e71da2ed976d1298a9732c78aeba04db079848da295b4ed0ec0cac4e35/community
# https://virustotal.com/gui/file/de78cb6a65184a6011d7dee1dc1e48a60d936208718448158f656919c29856e4
# https://virustotal.com/gui/file/f776b6341455d570e098f76b6ca38c4e6c47603070d367885d45619795f6fe17
0.0.0.0 robloxscript.site
# https://virustotal.com/gui/file/601e3b16384fcfc7fc27b76f9367316fa38681b402d62569b963490496f9f17f
0.0.0.0 software-universe-pro.space
# https://forums.malwarebytes.com/topic/289086-antivirus-keeps-telling-me-blocked-3523615979-and-cant-find-a-solution/
# https://forums.malwarebytes.com/topic/289935-hijackautoconfigurlprxysvrrst-backdoorfarfli-in-registre-key/
# https://bazaar.abuse.ch/sample/78bcb53e3e0bca3655038c80eb9339d94f4a52b614b2ae072c171925099bcca8/
# https://virustotal.com/gui/file/6679a9fafa55cd95f682e35649413de7d36e81d7eb77736f888d98e5ac4ccf91
# same malware?
0.0.0.0 underthfeoveu.monster
0.0.0.0 ndandinter.hair
# https://forums.malwarebytes.com/topic/289257-browser-randomly-tries-to-go-to-iluhruhruxyz/
0.0.0.0 iluhruhru.xyz
# https://virustotal.com/gui/url/277ab53e753d552ec350aa812bc94345c84346ce52ca03f89979bfbe9a1ae000/community
0.0.0.0 es-sign-caieyna-b65164.ingress-florina.ewp.live
# https://forums.malwarebytes.com/topic/289254-reoccuring-website-blocked-due-to-malwaretrojan-message/
# https://forums.malwarebytes.com/topic/289555-malwarebytes-reporting-riskware-and-trojan-through-powershell-every-second/
# https://twitter.com/MBThreatIntel/status/1567604533458780160
0.0.0.0 hgoawa.xyz
# https://virustotal.com/gui/url/d40409e8995dd91b3ab6c154cfa84a94c3a11013262825a88861d1611d9212c8/community <-- Dead
# https://virustotal.com/gui/url/52b396fc9afd28864a7c7ac91faaef4be1f001b2aa45a33ad53e0f38172fa4e3/community
0.0.0.0 tegraokulary.pl
# https://forums.malwarebytes.com/topic/289986-what-is-plusclick/
0.0.0.0 plusclick.biz
# https://virustotal.com/gui/file/fe3f662947b072546eea1183ff626e851cb99a50a406dbe28a520078f38a84df
# https://virustotal.com/gui/file/31172f3d213210267adccd9e625a15f9713006812a3e20538425fba996e8889a
# https://bazaar.abuse.ch/sample/a674c8d984fe21bdbf03a9cafabe8963f0b471155655943299ef9695b836c307/
# https://virustotal.com/gui/url/94532535b8591efdebf95cf3c463f4b6116c76a354320676d38ab1384d40d26f/community
0.0.0.0 sukudoanalytica.com
# https://twitter.com/UK_Daniel_Card/status/1573038624853082128
# https://twitter.com/MBThreatIntel/status/1571949584943054848
0.0.0.0 parrable.com
0.0.0.0 h.parrable.com
# https://twitter.com/MBThreatIntel/status/1573059941619081221
# https://web.archive.org/web/20230604181959/https://twitter.com/iam_py_test/status/1573078196010078210
# https://bazaar.abuse.ch/sample/7205488fe5a1d3d05f0734af8b156d5c1603e9334b407845eb5545950e7b9acc/ (credit to https://bazaar.abuse.ch/user/1169961/)
# https://app.any.run/tasks/ed58332c-913b-4a8e-8d17-e55c4fb40b76 (my analysis)
# https://virustotal.com/gui/url/dff608d10ce1c5d441e7d3d9e848d81302e26dcce121f984f2d1c2e341852a82/community
# https://forums.malwarebytes.com/topic/290797-drive-by-typosquat/
0.0.0.0 login.mimecast.cm
# https://web.archive.org/web/20230604182346/https://twitter.com/iam_py_test/status/1578112473768644611
# new
# https://twitter.com/GossiTheDog/status/1582690317886578688
0.0.0.0 www.garmin-download.com
0.0.0.0 garmin-download.com
# https://virustotal.com/gui/url/d56c2ac37804bb6016c6666697b34ed0e95ad1a36ca2bd8b9db78c1e13f8ae81/community
0.0.0.0 objectstorage.us-sanjose-1.oraclecloud.com
# https://virustotal.com/gui/url/cf647bc81b76bd4857b34fe9a6dbec1f695b3bb8910e8cd000fa16e48d8c0c4c/community
0.0.0.0 cgi-wscalfahostingde.bondlayer.site
0.0.0.0 i4rry-tiaaa-aaaag-aaycq-cai.ic0.app
# https://bazaar.abuse.ch/sample/9d5e04f46fc4e4340b2d4c5f2044584826e016347388ec35cc9805d36c7546f1/
# https://tria.ge/221104-xnqwhsbhfp/behavioral1
0.0.0.0 clipper.guru
# https://forums.malwarebytes.com/topic/291771-facebook-hacked-and-suspicious-link-sent-out/
0.0.0.0 monkey.redirectmaster.com
0.0.0.0 xe2w.com
# https://virustotal.com/gui/url/dd3ef709e1415894e7b12f3245e91fb3993b197b34e854a2bf58d5e4ff1a8768/community
0.0.0.0 flyrine.com
# https://virustotal.com/gui/url/6a1435a75c9199af6c37df495fb6b05965e57ada5b617e0651efa13e51ae746b/community
# https://virustotal.com/gui/url/8425e5c13e3c0ee58fc0ed21cd3695ad4ef1962a32d90f2b3d34cc280e0c248b
0.0.0.0 chungwoo.futuroinfo.co.kr
# https://github.com/AdguardTeam/AdguardFilters/issues/134355
# https://github.com/DandelionSprout/adfilt/commit/32ea69e5a7c632bc2cd739fba4ee256e8a9e8abf (all credit to https://github.com/DandelionSprout)
0.0.0.0 1000girl.com
0.0.0.0 1000islandsinfo.com
0.0.0.0 100blackmenkc.org
0.0.0.0 10co.biz
0.0.0.0 10woomul.com
0.0.0.0 141angel.com
0.0.0.0 168av.com
0.0.0.0 1800fdlowers.com
0.0.0.0 1800fl9owers.com
0.0.0.0 1800flowerx.com
0.0.0.0 1800tlowers.com
0.0.0.0 2d-plus.com
0.0.0.0 2m5f.com
0.0.0.0 30mercantil.com
0.0.0.0 3mvs.com
0.0.0.0 4hu59.com
0.0.0.0 99bricks.com
0.0.0.0 ab-automobile.de
0.0.0.0 abc13news.com
0.0.0.0 abcyamath.com
0.0.0.0 aboutarc.com
0.0.0.0 abuhamzahfx.com
0.0.0.0 abwkoeln.de
0.0.0.0 biosaude.co
0.0.0.0 accessdiscounts.com
0.0.0.0 accountingservice.com
0.0.0.0 accountionline.com
0.0.0.0 acethematch.com
0.0.0.0 additude.org
0.0.0.0 addyourlink.net
0.0.0.0 adminbookings.com
0.0.0.0 admindiploma.co.uk
0.0.0.0 admiralmarket.com
0.0.0.0 adriod.com
0.0.0.0 advancaauto.com
0.0.0.0 aegiscrew.com
0.0.0.0 aerepostal.com
0.0.0.0 aergerforum.de
0.0.0.0 aetnaretriedhealth.com
0.0.0.0 aetnastudentehalth.com
0.0.0.0 aetnasyudenthealth.com
0.0.0.0 afshagemstone.com
0.0.0.0 aging.realmadridlive.in
0.0.0.0 air-careductcleaning.com
0.0.0.0 aj3000.org
0.0.0.0 ajmsewing.co.uk
0.0.0.0 akintor.com
0.0.0.0 alabamamedicaid.org
0.0.0.0 alamoinsurancegroup.com
0.0.0.0 allsttae.com
0.0.0.0 alojamientogratuito.info
0.0.0.0 altesino.com
0.0.0.0 alumacarsuncity.com
0.0.0.0 alvincommunitycollege.com
0.0.0.0 amazonaus.com
0.0.0.0 amcestey.com
0.0.0.0 amecstry.com
0.0.0.0 americameagle.com
0.0.0.0 americanghostsandhauntings.com
0.0.0.0 americanlegion.net
0.0.0.0 americanwingsnorcross.com
0.0.0.0 amienmelody.com
0.0.0.0 ammica.com
0.0.0.0 anabolicalternative.com
0.0.0.0 anactor.net
0.0.0.0 anandasoftbd.com
0.0.0.0 anccestary.com
0.0.0.0 anchormotor.com
0.0.0.0 androiddp1.com
0.0.0.0 andyreinold.com
0.0.0.0 angrydl.com
0.0.0.0 anheiserbusch.com
0.0.0.0 animerunkkari.net
0.0.0.0 anningten.de
0.0.0.0 antennebayer.de
0.0.0.0 antiqueforhire.com
0.0.0.0 childrenwish.ca
0.0.0.0 anuex.com
0.0.0.0 anugrahjaya.com
0.0.0.0 aouttrader.com
0.0.0.0 appdeploy.de
0.0.0.0 appe.indainbank.in
0.0.0.0 applebees.cm
0.0.0.0 appleidpassword.com
0.0.0.0 appleisider.com
0.0.0.0 appolloprism.com
0.0.0.0 apppleseeds.com
0.0.0.0 appschoolgrid.co.uk
0.0.0.0 apqconstruction.com
0.0.0.0 apv-thermotech.de
0.0.0.0 arcanedevice.com
0.0.0.0 areopostel.com
0.0.0.0 ari-model.com
0.0.0.0 arielaudio.com
0.0.0.0 aristokraftcabinets.com
0.0.0.0 arizonadollandtoymuseum.com
0.0.0.0 arnoldmartinezgallery.com
0.0.0.0 artdesignweb.com
0.0.0.0 artediez.com
0.0.0.0 artofconway.com
0.0.0.0 asicsrunningshoe.com
0.0.0.0 askalligence.com
0.0.0.0 asperdental.com
0.0.0.0 aspspider.info
0.0.0.0 atlassion.net
0.0.0.0 aturealbum.com
0.0.0.0 audble.co.uk
0.0.0.0 audiopoisk.com
0.0.0.0 audioquartet.com
0.0.0.0 auitotrader.com
0.0.0.0 australien-embassy.de
0.0.0.0 autobk.com
0.0.0.0 babajfinserv.in
0.0.0.0 autopartsguru.com
0.0.0.0 autoscvout24.de
0.0.0.0 avanteboatsales.co.uk
0.0.0.0 avg.cm
0.0.0.0 avipreview.com
0.0.0.0 awardsdecals.com
0.0.0.0 awardswlwct.com
0.0.0.0 b5o.com
0.0.0.0 ba.upyim.co
0.0.0.0 baadhuset.com
0.0.0.0 babybud.de
0.0.0.0 bagandbow.com
0.0.0.0 baileycar.com
0.0.0.0 bananajacks.com
0.0.0.0 banankofamerica.com
0.0.0.0 bankencryption.com
0.0.0.0 barrellab.com
0.0.0.0 barrettsoutdoor.co.uk
0.0.0.0 basicware.com
0.0.0.0 bathandbodywash.com
0.0.0.0 bbletche.com
0.0.0.0 bcbsillinois.com
0.0.0.0 bccstx.com
0.0.0.0 bcins.com
0.0.0.0 beachsideboatrentals.com
0.0.0.0 beardmiller.com
0.0.0.0 beatthestreak.com
0.0.0.0 bedbedandbeyond.com
0.0.0.0 befancyhair.com
0.0.0.0 beilgries.de
0.0.0.0 bejaminbluemchen.de
0.0.0.0 benifits.org
0.0.0.0 bernslaihomes.co.uk
0.0.0.0 berwww.com
0.0.0.0 bestamericanstocks.com
0.0.0.0 bestcanadian.com
0.0.0.0 besthesda.net
0.0.0.0 bestwestner.com
0.0.0.0 bext.co.uk
0.0.0.0 bherb.com
0.0.0.0 bhojpurimovie.com
0.0.0.0 biblioteka-bg.com
0.0.0.0 bilabong.de
0.0.0.0 biosmoothpro.com
0.0.0.0 biovidasaude.com
0.0.0.0 birdscapes.com
0.0.0.0 bitsize.com
0.0.0.0 bittrex.cm
0.0.0.0 blackedram.com
0.0.0.0 blackmendigital.com
0.0.0.0 blauer-engel-koeln.de
0.0.0.0 blissmassagetherapy.com
0.0.0.0 blogesupri.patons.ca
0.0.0.0 blogs-pot.com
0.0.0.0 blurau.com
0.0.0.0 bmwsarasota.com
0.0.0.0 bnbcnews.com
0.0.0.0 boating-ed.com
0.0.0.0 bobberslive.com
0.0.0.0 bobybuilder.com
0.0.0.0 bokkinmg.com
0.0.0.0 bolivianland.net
0.0.0.0 boobking.cm
0.0.0.0 boohoi.com
0.0.0.0 bookfromnet.com
0.0.0.0 booking.pixelextended.me
0.0.0.0 booksandmarks.com
0.0.0.0 boostbobile.com
0.0.0.0 bootrep.com
0.0.0.0 boottownusa.com
0.0.0.0 bootyplanet.com
0.0.0.0 bossmovies.com
0.0.0.0 bostonterrierden.com
0.0.0.0 bothers.com
0.0.0.0 bottlecapgames.com
0.0.0.0 boxmoviez.com
0.0.0.0 boy-drive.net
0.0.0.0 bppkoing.com
0.0.0.0 braillealphabet.org
0.0.0.0 brainlly.com
0.0.0.0 brigdebase.com
0.0.0.0 briteledtech.com
0.0.0.0 brosdway.com
0.0.0.0 brotherprinter.com
0.0.0.0 bsswift.com
0.0.0.0 bt666.com
0.0.0.0 burnsidedigital.com
0.0.0.0 bwmbank.de
0.0.0.0 bzp.net
0.0.0.0 cabesp.com
0.0.0.0 calebpressley.com
0.0.0.0 calvertschool.com
0.0.0.0 cambridgeebook.com
0.0.0.0 cannel24.de
0.0.0.0 cantireu.ca
0.0.0.0 captialonedirect.com
0.0.0.0 carapowersports.com
0.0.0.0 carecredet.com
0.0.0.0 carnart.com
0.0.0.0 carolinatrustfederalcreditunion.com
0.0.0.0 carthorsemachinery.com
0.0.0.0 cartridgesshop.co.uk
0.0.0.0 casinovale77.com
0.0.0.0 casualxl.com
0.0.0.0 catharijnebioscoop.nl
0.0.0.0 cbej.com
0.0.0.0 cdlebjihad.com
0.0.0.0 cellutissue.com
0.0.0.0 centerblog.com
0.0.0.0 centerhillhouseboatrentalandcharter.com
0.0.0.0 cercoamicivip.com
0.0.0.0 charlestywritt.com
0.0.0.0 chartoulette.com
0.0.0.0 chasefreedomvisa.com
0.0.0.0 chasschwab.com
0.0.0.0 chathopper.com
0.0.0.0 chaumiereonline.com
0.0.0.0 cheapnikeshoes.com
0.0.0.0 chefsouls.com
0.0.0.0 chengsgardenct.com
0.0.0.0 childrencare.com
0.0.0.0 chinaautoparts.com
0.0.0.0 chlipfih.de
0.0.0.0 choctawwildlife.com
0.0.0.0 choicepriveleges.ca
0.0.0.0 choigame24h.net
0.0.0.0 christianbooksummaries.com
0.0.0.0 christiansocialnetwork.net
0.0.0.0 chuckychesse.com
0.0.0.0 cicda.com
0.0.0.0 cinemavf.org
0.0.0.0 citimortgage.cm
0.0.0.0 clarin.cm
0.0.0.0 clarires.com
0.0.0.0 claritta.net
0.0.0.0 clashofclanhacks.com
0.0.0.0 classmatess.com
0.0.0.0 clerverbot.com
0.0.0.0 clikurl.com
0.0.0.0 cloudbar.org
0.0.0.0 cloudmail.ontatio.ca
0.0.0.0 clubemusicas.com
0.0.0.0 clubterracan.net
0.0.0.0 cogeca.ca
0.0.0.0 collectioncentre.com
0.0.0.0 collegeoftheozarks.com
0.0.0.0 colonnialpenn.com
0.0.0.0 colordrives.com
0.0.0.0 columbusstoreeq.com
0.0.0.0 comcmast.net
0.0.0.0 comicstee.com
0.0.0.0 comkp.org
0.0.0.0 commomlit.com
0.0.0.0 comstaples.com
0.0.0.0 confusion.co.uk
0.0.0.0 consunercellular.com
0.0.0.0 continentalcredito.com
0.0.0.0 convertapdftoword.com
0.0.0.0 cookiecliker.com
0.0.0.0 coolgearing.com
0.0.0.0 correo.foot-news.co
0.0.0.0 costcobusinessphone.com
0.0.0.0 cottagechicbymargie.com
0.0.0.0 cottonflower.com
0.0.0.0 countrybros.com
0.0.0.0 countrylifegifts.com
0.0.0.0 courtreporting.com
0.0.0.0 covermania.com
0.0.0.0 covid-10.onario.ca
0.0.0.0 cps-pc.de
0.0.0.0 crackact.org
0.0.0.0 craigsdlist.com
0.0.0.0 crazynudistbeach.com
0.0.0.0 creativemindsacademyfl.com
0.0.0.0 credditonebank.com
0.0.0.0 cricket.info
0.0.0.0 crowddream.com
0.0.0.0 cruiseadventures.com
0.0.0.0 crystaldiskinfo.com
0.0.0.0 crystallinks.com
0.0.0.0 cstress.net
0.0.0.0 cumonlucy.co.uk
0.0.0.0 cumsex.com
0.0.0.0 cumsnap.com
0.0.0.0 cursodeunhasdecoradas.com
0.0.0.0 cvs.cm
0.0.0.0 cvshealthsurcey.com
0.0.0.0 cyberhostvpn.com
0.0.0.0 d25.net
0.0.0.0 dafearsoft.org
0.0.0.0 daftzex.com
0.0.0.0 dailynation.co.uk
0.0.0.0 dakofurniture.co.uk
0.0.0.0 damagedpictures.com
0.0.0.0 datingwall.com
0.0.0.0 davesandbusters.com
0.0.0.0 davidaustinroses.de
0.0.0.0 davidsonfirealarms.com
0.0.0.0 davinailsandspa.com
0.0.0.0 dealaday.com
0.0.0.0 debain.org
0.0.0.0 debide.com
0.0.0.0 defloreation.com
0.0.0.0 degowo.de
0.0.0.0 dekstophut.com
0.0.0.0 demo.europadonna.de
0.0.0.0 demo.halimcan.de
0.0.0.0 dentistfinder.com
0.0.0.0 desicorner.net
0.0.0.0 destokage.com
0.0.0.0 detailreviews.com
0.0.0.0 detroitk12.com
0.0.0.0 detroitlion.com
0.0.0.0 deutschewell.de
0.0.0.0 europadonna.de
0.0.0.0 gesundheitkatalog.de
0.0.0.0 hanseatischesweinkontor.de
0.0.0.0 hbo.cm
0.0.0.0 hypoverensbank.de
0.0.0.0 academicassociation.in
0.0.0.0 deviantaet.com
0.0.0.0 dgumarket.com
0.0.0.0 dhifaaf.com
0.0.0.0 dibujosdelos80.com
0.0.0.0 dicoverycove.com
0.0.0.0 dictionarg.com
0.0.0.0 dieaertze.de
0.0.0.0 diebahnd.de
0.0.0.0 diesimsens.de
0.0.0.0 digitaldigsads.com
0.0.0.0 dippegucker.de
0.0.0.0 directnergy.com
0.0.0.0 disany.com
0.0.0.0 discdb.com
0.0.0.0 disconcerting.com
0.0.0.0 discountrires.com
0.0.0.0 discunttire.com
0.0.0.0 disnneychannel.com
0.0.0.0 distorwatch.com
0.0.0.0 dixks.com
0.0.0.0 diycondensermics.com
0.0.0.0 djwacho.de
0.0.0.0 dkroger.com
0.0.0.0 dlv4.com
0.0.0.0 com-download-stat.us
0.0.0.0 docteach.org
0.0.0.0 documany.com
0.0.0.0 documentodoestudante.com
0.0.0.0 dofant.com
0.0.0.0 dolcegabanna.com
0.0.0.0 dollarentacar.com
0.0.0.0 dollygals.com
0.0.0.0 domionspizza.com
0.0.0.0 donaldrussel.com
0.0.0.0 donvenmuehle.com
0.0.0.0 dotcomdirectory.com
0.0.0.0 doversaddley.com
0.0.0.0 drbbble.com
0.0.0.0 drivenmotorsportsales.com
0.0.0.0 drocherway.com
0.0.0.0 droplox.com
0.0.0.0 droptv.com
0.0.0.0 drssbarn.com
0.0.0.0 ds4you.de
0.0.0.0 dsca85.com
0.0.0.0 dsneyland.com
0.0.0.0 ducusign.com
0.0.0.0 durgapurgovtcollege.org
0.0.0.0 dutchbilbs.com
0.0.0.0 dvrv.com
0.0.0.0 dyptiqueparis.com
0.0.0.0 dysma.de
0.0.0.0 dzlibrary.com
0.0.0.0 easternbikes.de
0.0.0.0 ebieomachines.com
0.0.0.0 ebookbinary.com
0.0.0.0 ecentennialcollege.ca
0.0.0.0 ecoediciones.com
0.0.0.0 ecoinspeed.com
0.0.0.0 ecread.com
0.0.0.0 edge.metropcs.co
0.0.0.0 educacionbc.com
0.0.0.0 eduparkpublishinghouse.com
0.0.0.0 eevb.com
0.0.0.0 efsll.com
0.0.0.0 einv.com
0.0.0.0 eknigu.org
0.0.0.0 elcactus.com
0.0.0.0 eletterhead.com
0.0.0.0 elevationsj.com
0.0.0.0 ellasontreeservice.com
0.0.0.0 ellisiland.org
0.0.0.0 elreydelfalafel.com
0.0.0.0 elwinpure.com
0.0.0.0 empak.de
0.0.0.0 emperorinfo.com
0.0.0.0 emulespana.net
0.0.0.0 enbto.com
0.0.0.0 energybrokerconsultants.com
0.0.0.0 enfmail.com
0.0.0.0 engineerbob.com
0.0.0.0 enigaluce.com
0.0.0.0 enyergy.com
0.0.0.0 eoonext.com
0.0.0.0 epicgamis.com
0.0.0.0 epph.com
0.0.0.0 eppicard.cm
0.0.0.0 erotic-flowers.com
0.0.0.0 erotic99.com
0.0.0.0 es-toyaqui.com
0.0.0.0 esmallbusinessgrants.net
0.0.0.0 esperiqn.com
0.0.0.0 esty.com
0.0.0.0 esuracnce.com
0.0.0.0 eternityflowercreations.com
0.0.0.0 ethioporn.com
0.0.0.0 ethtrada.com
0.0.0.0 etimology.com
0.0.0.0 euronets.com
0.0.0.0 events.compres.us
0.0.0.0 everdaycarry.com
0.0.0.0 evil-unveiled.com
0.0.0.0 evtools.info
0.0.0.0 exberian.com
0.0.0.0 excelmission.com
0.0.0.0 3daxis.co
0.0.0.0 exiperan.com
0.0.0.0 experianokta.com
0.0.0.0 expertworx.com
0.0.0.0 expieeian.com
0.0.0.0 explorors.com
0.0.0.0 expreien.com
0.0.0.0 exragazze.com
0.0.0.0 exrpessscripts.com
0.0.0.0 eyebuidirect.com
0.0.0.0 ezbiodiesel.com
0.0.0.0 ezgreatoffers.com
0.0.0.0 ezprogram.com
0.0.0.0 eztvseries.com
0.0.0.0 ezzpassmd.com
0.0.0.0 fabswiingers.com
0.0.0.0 faceb00k.com
0.0.0.0 facialsgalleries.com
0.0.0.0 facilisoft.com
0.0.0.0 faircompaines.com
0.0.0.0 fairplayhorse.com
0.0.0.0 fakehab.com
0.0.0.0 faketaxi.org
0.0.0.0 fashionchurchsuits.com
0.0.0.0 fashiondressstore.com
0.0.0.0 fashionsnetwork.com
0.0.0.0 fasilhd.com
0.0.0.0 fastcash500.com
0.0.0.0 fastlaneltd.com
0.0.0.0 fatbike-motor.com
0.0.0.0 fatwa1.com
0.0.0.0 faxsports.com
0.0.0.0 fcbs-inc.com
0.0.0.0 fedbizopps.org
0.0.0.0 fellfootfarm.co.uk
0.0.0.0 ferel.com
0.0.0.0 fertagus.com
0.0.0.0 ffrontgate.com
0.0.0.0 fiars.com
0.0.0.0 fightmove.co.uk
0.0.0.0 filecloud.monster
0.0.0.0 filezila.com
0.0.0.0 filmfreestream.net
0.0.0.0 filmox.org
0.0.0.0 findmymobike.com
0.0.0.0 findrc.com
0.0.0.0 finleyfurst.com
0.0.0.0 fionagary.com
0.0.0.0 fireking.us
0.0.0.0 firhouse.com
0.0.0.0 firstnationalc.com
0.0.0.0 firstthirdbank.com
0.0.0.0 fivestarautomotiverepair.com
0.0.0.0 fivethirteight.com
0.0.0.0 flagstarwholesale.com
0.0.0.0 flightconsolidator.com
0.0.0.0 flightlcub.com
0.0.0.0 flipkartjob.com
0.0.0.0 flipnormals.com
0.0.0.0 flixbruns.de
0.0.0.0 floormakers.com
0.0.0.0 florida-fishingcharters.com
0.0.0.0 flowermodels.com
0.0.0.0 flugzeugsupermarkt.de
0.0.0.0 fluxrp.com
0.0.0.0 flygpoolen.com
0.0.0.0 fmhogar.com
0.0.0.0 fmword.net
0.0.0.0 fnsbsd.com
0.0.0.0 focusbangla.com
0.0.0.0 fodocuments.info
0.0.0.0 followx.com
0.0.0.0 food-stamps-apply.com
0.0.0.0 foosewheels.com
0.0.0.0 footballflags.com
0.0.0.0 forceporn.com
0.0.0.0 foreverybella.com
0.0.0.0 forexclient.com
0.0.0.0 forexengines.com
0.0.0.0 formacioncorreos.com
0.0.0.0 formaua.com
0.0.0.0 forslaebyowner.com
0.0.0.0 forstinger.de
0.0.0.0 fotobugil.com
0.0.0.0 fotoescalera.com
0.0.0.0 fotoporst.de
0.0.0.0 foyerjeansturm.com
0.0.0.0 fraigslist.com
0.0.0.0 franciscajoias.com
0.0.0.0 franklhammondiii.com
0.0.0.0 frebmd.org.uk
0.0.0.0 freddiesfinespirits.com
0.0.0.0 free-iphone6s.com
0.0.0.0 freeconferenceline.com
0.0.0.0 freedomkia.com
0.0.0.0 freefre.com
0.0.0.0 freelanceeditors.com
0.0.0.0 freemovie.com
0.0.0.0 freemovies.net
0.0.0.0 freemoviesonline.com
0.0.0.0 freenortonsecurity.com
0.0.0.0 freeplaysex.com
0.0.0.0 freeprogz.com
0.0.0.0 freeshoutbox.com
0.0.0.0 friedmanshoes.com
0.0.0.0 friendsinfo.net
0.0.0.0 fronteerair.com
0.0.0.0 frontgatd.com
0.0.0.0 fsuwebmail.com
0.0.0.0 ftrontgate.com
0.0.0.0 fuckhoes.com
0.0.0.0 fudelidade.com
0.0.0.0 fullyloadednews.com
0.0.0.0 fumformobile.com
0.0.0.0 funkysexycool.com
0.0.0.0 furnitureking.com
0.0.0.0 furukawa-cooking.com
0.0.0.0 futaplay.com
0.0.0.0 gadisbandung.com
0.0.0.0 galerievitesse.com
0.0.0.0 gallagherstudents.com
0.0.0.0 gallerialighting.com
0.0.0.0 gameartisan.com
0.0.0.0 gamesloft.com
0.0.0.0 garden-flags.com
0.0.0.0 garndinroad.com
0.0.0.0 gastrodocs.info
0.0.0.0 gautengonline.com
0.0.0.0 gaylar.com
0.0.0.0 gbbox.com
0.0.0.0 geacorn.com
0.0.0.0 geamail.com
0.0.0.0 geapplaince.com
0.0.0.0 gedichtsbilder.de
0.0.0.0 gemini-usa.com
0.0.0.0 gemvera.com
0.0.0.0 generadordememes.com
0.0.0.0 genwigs.com
0.0.0.0 geogiaboot.com
0.0.0.0 geometro.com
0.0.0.0 geoxkorea.com
0.0.0.0 gerardfashion.com
0.0.0.0 getchaselnk.com
0.0.0.0 getjeeping.com
0.0.0.0 getmsguide.com
0.0.0.0 getmypopcornnow.com
0.0.0.0 getmytranscrpit.com
0.0.0.0 gettereward.com
0.0.0.0 ggodyear.com
0.0.0.0 ghostsearch.com
0.0.0.0 gibsonrv.net
0.0.0.0 gidonline.net
0.0.0.0 giftsforunow.com
0.0.0.0 giganits.com
0.0.0.0 giphy.cm
0.0.0.0 girls-party.com
0.0.0.0 glamrockbeauty.com
0.0.0.0 glassdoir.com
0.0.0.0 glasssoor.com
0.0.0.0 glendeedogrescue.co.uk
0.0.0.0 globalifeinc.com
0.0.0.0 glomp.com
0.0.0.0 gmauo.com
0.0.0.0 gmboree.com
0.0.0.0 gmglobalconnec.com
0.0.0.0 gmsexp.com
0.0.0.0 gnctraining.com
0.0.0.0 gnet7.com
0.0.0.0 gnpschandigarh.com
0.0.0.0 go-guy.com
0.0.0.0 gobdeals.com
0.0.0.0 goldclubslot.com
0.0.0.0 gomiyashiki-osouji.com
0.0.0.0 goodcheat.com
0.0.0.0 googglemail.com
0.0.0.0 google.ssvt.se
0.0.0.0 googlecal.com
0.0.0.0 googlefish.com
0.0.0.0 googleidle.de
0.0.0.0 goole.com.vn
0.0.0.0 goopgle.com
0.0.0.0 goracertech.com
0.0.0.0 goralpolishdeli.com
0.0.0.0 gordanfoodservice.com
0.0.0.0 got-corgis.com
0.0.0.0 gottorent.ca
0.0.0.0 graberbkinds.com
0.0.0.0 grabetblinds.com
0.0.0.0 gracehillision.com
0.0.0.0 granddentalpc.com
0.0.0.0 grassrootsmeasures.com
0.0.0.0 greandhra.com
0.0.0.0 greatbulletin.com
0.0.0.0 greatlesson.com
0.0.0.0 greatrating.com
0.0.0.0 greenvaporco.com
0.0.0.0 greyhoundbuslines.com
0.0.0.0 grillsandgreens.com
0.0.0.0 grinandbakeit.com
0.0.0.0 grupograncolombia.com
0.0.0.0 grupomnemon.com
0.0.0.0 gsmatena.com
0.0.0.0 gtuts.com
0.0.0.0 guicc.com
0.0.0.0 gulfmonster.com
0.0.0.0 hack-game.net
0.0.0.0 halilou.com
0.0.0.0 hallsdawghouse.com
0.0.0.0 halys.com
0.0.0.0 hamburgschool.org
0.0.0.0 handrbloock.com
0.0.0.0 hangkhung.com
0.0.0.0 hao1131.com
0.0.0.0 harfordlife.com
0.0.0.0 harpers-property.co.uk
0.0.0.0 hatventures.net
0.0.0.0 haveringfireplaces.co.uk
0.0.0.0 hawaiianaor.com
0.0.0.0 hboow.com
0.0.0.0 hcomicbooks.com
0.0.0.0 hd-sex-videos.com
0.0.0.0 hdmedicalexams.com
0.0.0.0 hdmovi3s.com
0.0.0.0 hdsupplsolutions.com
0.0.0.0 hdwallpaperslist.com
0.0.0.0 hdww.com
0.0.0.0 healthtechni.com
0.0.0.0 healthypetstore.net
0.0.0.0 heaphotels.com
0.0.0.0 heathyliving.com
0.0.0.0 helixcharter.com
0.0.0.0 hellsangelsusa.com
0.0.0.0 hensly.com
0.0.0.0 hermesairport.com
0.0.0.0 hewittresorce.com
0.0.0.0 highcash.org
0.0.0.0 hillcountrysanmarcos.com
0.0.0.0 hiwaytractor.com
0.0.0.0 hobbylobby.cm
0.0.0.0 hobyto.com
0.0.0.0 holidayproperty.com
0.0.0.0 holidycheck.at
0.0.0.0 hollywoodmoviez.net
0.0.0.0 homescapeonline.com
0.0.0.0 hongkongsthelens.co.uk
0.0.0.0 hoopsuite.com
0.0.0.0 hosfordbrothersconcrete.com
0.0.0.0 hot-deal.co.uk
0.0.0.0 hotelcentr.com
0.0.0.0 hotelesdoux.com
0.0.0.0 hotelsit.com
0.0.0.0 hotnewhiphoo.com
0.0.0.0 hotnsil.com
0.0.0.0 hottwitterwives.com
0.0.0.0 houseofnightseries.co.uk
0.0.0.0 howisavedthousands.com
0.0.0.0 hpinstankink.co.uk
0.0.0.0 hpsupportphonenumber.com
0.0.0.0 hqjt.com
0.0.0.0 htmail.co.uk
0.0.0.0 httpexample.com
0.0.0.0 hu0.com
0.0.0.0 humaneassocofclarkcounty.com
0.0.0.0 humouron.com
0.0.0.0 hvanah.com
0.0.0.0 hxymall.com
0.0.0.0 i80auto.com
0.0.0.0 ibuycard.com
0.0.0.0 iclovd.com
0.0.0.0 ideed.ca
0.0.0.0 identtyguard.com
0.0.0.0 idlebrsin.com
0.0.0.0 idoline.org
0.0.0.0 ifetel.com
0.0.0.0 igansupport.org
0.0.0.0 iheartmandalas.com
0.0.0.0 iidcgwalior.com
0.0.0.0 imageshake.de
0.0.0.0 importadoravehicular.com
0.0.0.0 inchirieriregimhotelier.net
0.0.0.0 indonesiaigo.com
0.0.0.0 infonavid.com
0.0.0.0 infoum.com
0.0.0.0 innotech-maschinenbau.de
0.0.0.0 inrussia.org
0.0.0.0 insectflix.com
0.0.0.0 insidewireman.com
0.0.0.0 insovenz.de
0.0.0.0 inssigniaproducts.com
0.0.0.0 instantsteetview.com
0.0.0.0 investopidia.com
0.0.0.0 inwexcel.com
0.0.0.0 iphonedevtools.com
0.0.0.0 iraresource.com
0.0.0.0 irlanguge.com
0.0.0.0 ishifusion.com
0.0.0.0 islandbluecoffee.net
0.0.0.0 islandsresturants.com
0.0.0.0 isseg.com
0.0.0.0 issstenet.com
0.0.0.0 itcompraenusa.com
0.0.0.0 iteachkinder.com
0.0.0.0 itunse.com
0.0.0.0 izak.com
0.0.0.0 jackwolfkins.de
0.0.0.0 jacobsfuneralhome.com
0.0.0.0 jailbait-gallery.net
0.0.0.0 janethepsychic.co.uk
0.0.0.0 jaspe.com
0.0.0.0 jcpenmey.com
0.0.0.0 jcpenneybenefits.com
0.0.0.0 jcpenneyey.com
0.0.0.0 jd.cm
0.0.0.0 jehblue.com
0.0.0.0 jeporady.com
0.0.0.0 jerrysappliancecenter.com
0.0.0.0 jewelpak.com
0.0.0.0 jimmygaorestaurant.com
0.0.0.0 jimmysfarmtoys.com
0.0.0.0 jira.hannoverscheallgemeinezeitung.de
0.0.0.0 jkhols.com
0.0.0.0 jlibrary.org
0.0.0.0 jmxded100.net
0.0.0.0 joannamartinewoolfolk.com
0.0.0.0 joaobidu.com
0.0.0.0 joblana.com
0.0.0.0 joovideo.us
0.0.0.0 journeykids.com
0.0.0.0 jquerylenslider.com
0.0.0.0 jspecialjapan.com
0.0.0.0 juanselaverde.com
0.0.0.0 jumpstar.com
0.0.0.0 juzzbunker.com
0.0.0.0 kascarpet.net
0.0.0.0 kayoutlets.com
0.0.0.0 kbshengyi.com
0.0.0.0 kelleyservices.com
0.0.0.0 keyrug.com
0.0.0.0 keysschools.net
0.0.0.0 keystonehoops.com
0.0.0.0 keywebtracker.com
0.0.0.0 keywordadvisetoolplus.com
0.0.0.0 kholsrebates.com
0.0.0.0 kickoff.cm
0.0.0.0 kindfirls.com
0.0.0.0 kit-co2.com
0.0.0.0 kitchenmusings.com
0.0.0.0 kiwihelme.de
0.0.0.0 klana.co.uk
0.0.0.0 klaser.com
0.0.0.0 kobemo.com
0.0.0.0 kodiakproduce.com
0.0.0.0 koklsfeedback.com
0.0.0.0 komunitaspeduliumatdalung.com
0.0.0.0 koon.net
0.0.0.0 kootra.com
0.0.0.0 kpry.com
0.0.0.0 krca.net
0.0.0.0 kusakabehifuka.com
0.0.0.0 kyxc.com
0.0.0.0 kzdress.com
0.0.0.0 laarsens-basingstoke.co.uk
0.0.0.0 laguiadelocio.com
0.0.0.0 lakecumberlandfishingguide.com
0.0.0.0 lakeserenespa.com
0.0.0.0 landgirlscookeryschool.co.uk
0.0.0.0 landhausmitpfiff.de
0.0.0.0 lankantunes.com
0.0.0.0 lapels.org
0.0.0.0 larka.de
0.0.0.0 lasierratiresutah.com
0.0.0.0 latexanzug.com
0.0.0.0 laubergeduvieuxcrozet.com
0.0.0.0 lawh.com
0.0.0.0 leakz.net
0.0.0.0 leapinginto5thgrade.com
0.0.0.0 learn.movibaz.us
0.0.0.0 learnpack.co.uk
0.0.0.0 legavy.com
0.0.0.0 legumeloyalist.com
0.0.0.0 leipomokauppa.com
0.0.0.0 lepac.com
0.0.0.0 lesbiot.com
0.0.0.0 lezgame.com
0.0.0.0 lianasims2.de
0.0.0.0 lifellinescreening.com
0.0.0.0 lightyearapp.live
0.0.0.0 likoer43.de
0.0.0.0 linkbaru.com
0.0.0.0 linkdin.ca
0.0.0.0 linuxdeal.com
0.0.0.0 liqudition.com
0.0.0.0 liscensecoach.com
0.0.0.0 livescom.com
0.0.0.0 livetvonlinefree.com
0.0.0.0 livingcomforts.com
0.0.0.0 llivet.com
0.0.0.0 loandaministration.com
0.0.0.0 login.reserveamerica.co
0.0.0.0 loitech.de
0.0.0.0 lojabau2mao.com
0.0.0.0 lojaodoreal.com
0.0.0.0 lorenagostosa.com
0.0.0.0 losingface.com
0.0.0.0 louisvuitten.com
0.0.0.0 louisvuittin.com
0.0.0.0 loveherbal.com
0.0.0.0 loverscaughtontape.com
0.0.0.0 lowcostparceldelivery.com
0.0.0.0 lowe4s.com
0.0.0.0 lpaodata.net
0.0.0.0 lunettesde.com
0.0.0.0 lutherancommunitygrace.net
0.0.0.0 luxerycard.com
0.0.0.0 lyncdiscoverinternal.ualbera.ca
0.0.0.0 lynes-shoes.com
0.0.0.0 lyodsbank.com
0.0.0.0 m2e6.com
0.0.0.0 mabcalculo.com
0.0.0.0 maderaplasticamx.com
0.0.0.0 madereriasaltillo.com
0.0.0.0 maestriasinternacionales.org
0.0.0.0 magento.expedia.cm
0.0.0.0 magento.fanmail2u.de
0.0.0.0 magento.gibco.de
0.0.0.0 magento.trannydating.nl
0.0.0.0 magoosfurniture.com
0.0.0.0 mahabaliexpress.com
0.0.0.0 makingfreinds.com
0.0.0.0 makisushi.net
0.0.0.0 malrboro.com
0.0.0.0 maluch.com
0.0.0.0 mamapho1.com
0.0.0.0 manage.polka-dot.co
0.0.0.0 mandourpharmacy.com
0.0.0.0 maneige.ca
0.0.0.0 manheimauto.com
0.0.0.0 manitobaparks.ca
0.0.0.0 mannakbbq.com
0.0.0.0 manoffashion.com
0.0.0.0 mantrafilms.com
0.0.0.0 manytears.com
0.0.0.0 manyvidd.com
0.0.0.0 marisaodonto.com
0.0.0.0 maritimeway.com
0.0.0.0 marketpalce.com
0.0.0.0 marketplace.biosaude.co
0.0.0.0 marrottvacationclub.com
0.0.0.0 maruces.com
0.0.0.0 mascy.com
0.0.0.0 mathrubhmi.com
0.0.0.0 matomefun.net
0.0.0.0 mauriciodenassau.com
0.0.0.0 maximcolombia.co
0.0.0.0 mbenzusa.com
0.0.0.0 mbwjk.de
0.0.0.0 mcatbui.net
0.0.0.0 mceyecenter.com
0.0.0.0 mcgraww-hill.com
0.0.0.0 mcjrotc.com
0.0.0.0 mckinleyspubri.com
0.0.0.0 mdtp.us
0.0.0.0 meaganslaw.com
0.0.0.0 medherb.de
0.0.0.0 medialine.org
0.0.0.0 mediasenso.com
0.0.0.0 mediationcenter.com
0.0.0.0 medicinelodgepom.com
0.0.0.0 medigov.com
0.0.0.0 medschoolhell.com
0.0.0.0 meficare.com
0.0.0.0 mega-hookup.com
0.0.0.0 megacinemaflix.com
0.0.0.0 melbourneactingstudio.com
0.0.0.0 mellatmobile.com
0.0.0.0 meloxicamsideeffects.org
0.0.0.0 metalartsinc.com
0.0.0.0 meubelmarkt.com
0.0.0.0 meuconsorciobb.com
0.0.0.0 mic-river.com
0.0.0.0 midasbuy.co
0.0.0.0 midiuser.net
0.0.0.0 mightylayoutboys.com
0.0.0.0 migranteducation.com
0.0.0.0 mijaliscomexrestaurant.com
0.0.0.0 mijntoeslagen.com
0.0.0.0 mili010.com
0.0.0.0 minecraft2.com
0.0.0.0 minicottage.com
0.0.0.0 minnesotagoldendoodles.com
0.0.0.0 missgided.com
0.0.0.0 mitkindernwachsen.de
0.0.0.0 mixreqq.com
0.0.0.0 mlgn3usa.com
0.0.0.0 mmrafricanfashions.com
0.0.0.0 mnspeoplesystem.co.uk
0.0.0.0 mobileblitz.com
0.0.0.0 mobilehacktool.com
0.0.0.0 mobilehomepartstore.com
0.0.0.0 mobilr.com
0.0.0.0 modestogold.com
0.0.0.0 modsey.com
0.0.0.0 moenygram.com
0.0.0.0 mojsng.com
0.0.0.0 mollinsburncarsales.co.uk
0.0.0.0 momentsoflife.com
0.0.0.0 momsrings.com
0.0.0.0 monasteriodepoio.com
0.0.0.0 monesupermarket.com
0.0.0.0 monyorder.com
0.0.0.0 mortgae.com
0.0.0.0 motogris.com
0.0.0.0 motorjacket.com
0.0.0.0 motorradcenter.de
0.0.0.0 motorradpartner.com
0.0.0.0 motosu.de
0.0.0.0 mountaincrestapartments.com
0.0.0.0 mountviewchandigarh.com
0.0.0.0 moviestube10.com
0.0.0.0 mp3juicess.biz
0.0.0.0 mpcclubcard.com
0.0.0.0 mrtravelers.com
0.0.0.0 msephora.com
0.0.0.0 muisjes.com
0.0.0.0 mujerlunabella.net
0.0.0.0 muktimap.co.uk
0.0.0.0 multipicatoin.com
0.0.0.0 multiquality.tech
0.0.0.0 multuimap.co.uk
0.0.0.0 mundoftp.com
0.0.0.0 musicans-place.de
0.0.0.0 musleblaze.com
0.0.0.0 mutedvods.com
0.0.0.0 blackberry.cm
0.0.0.0 carfax.cm
0.0.0.0 myaarpmwdocare.com
0.0.0.0 myancesty.com
0.0.0.0 myanthropologie.com
0.0.0.0 myapclassroom.com
0.0.0.0 mybkexpiernce.com
0.0.0.0 mybodysoul.com
0.0.0.0 mybooing.com
0.0.0.0 mycarrer.com
0.0.0.0 mycips.com
0.0.0.0 mycreditonecard.com
0.0.0.0 mydicksportinggoods.com
0.0.0.0 myebookmaster.com
0.0.0.0 myeverydayrewards.com
0.0.0.0 myfappening.org
0.0.0.0 myfinco.com
0.0.0.0 myfirstdegree.com
0.0.0.0 myftdi.com
0.0.0.0 myhbc.com
0.0.0.0 myherbelife.com
0.0.0.0 myjobsscotland.co.uk
0.0.0.0 mykohs.com
0.0.0.0 mylacountybenefit.com
0.0.0.0 myliferouch.com
0.0.0.0 mynait.ca
0.0.0.0 myoceanictwc.com
0.0.0.0 mypaneras.com
0.0.0.0 mypayback.de
0.0.0.0 myqnascloud.com
0.0.0.0 myscence.com
0.0.0.0 mysunywcc.com
0.0.0.0 mythaistlouis.com
0.0.0.0 mytruidenity.com
0.0.0.0 myvglicredential.com
0.0.0.0 myvirtualterminal.com
0.0.0.0 myvweizon.com
0.0.0.0 myxrt.com
0.0.0.0 nactar.com
0.0.0.0 nados.co.uk
0.0.0.0 nahro.com
0.0.0.0 nalcbp.com
0.0.0.0 nanacalistar.com
0.0.0.0 nanitv.com
0.0.0.0 nanoxnutriceuticals.com
0.0.0.0 naoffroad.com
0.0.0.0 napkimcuong.com
0.0.0.0 nartube.com
0.0.0.0 nationpage.com
0.0.0.0 naturebois.com
0.0.0.0 navyfereral.org
0.0.0.0 nbkonline.com
0.0.0.0 ncscu.com
0.0.0.0 neckheavy.com
0.0.0.0 nedspipeandsteel.com
0.0.0.0 nehalembay.com
0.0.0.0 nehra.org
0.0.0.0 neipets.com
0.0.0.0 neopoets.com
0.0.0.0 nesecitountrabajo.com
0.0.0.0 nesteggtrailers.com
0.0.0.0 netflflix.com
0.0.0.0 netflifx.com
0.0.0.0 networkredundancy.com
0.0.0.0 neuropsicologiacordoba.com
0.0.0.0 nevadaspca.com
0.0.0.0 newkindofmotherhood.com
0.0.0.0 nextflex.com
0.0.0.0 nflflagfootball.com
0.0.0.0 niagaragazette.com
0.0.0.0 nichewines.com
0.0.0.0 nigerialatestnews.com
0.0.0.0 nikene.com
0.0.0.0 nissenusa.com
0.0.0.0 niuqiu.com
0.0.0.0 njtutoriales.net
0.0.0.0 noborobo.com
0.0.0.0 nodesjs.org
0.0.0.0 nomorerobocalls.com
0.0.0.0 nooder.com
0.0.0.0 northpoleicecreamshop.com
0.0.0.0 norto.com
0.0.0.0 nortofn.com
0.0.0.0 norwoodcadillac.com
0.0.0.0 novadevelooment.com
0.0.0.0 novorojencek.com
0.0.0.0 carmax.cm
0.0.0.0 skyteam.cm
0.0.0.0 pcmag.cm
0.0.0.0 nexxt.cm
0.0.0.0 tillys.cm
0.0.0.0 nuken.com
0.0.0.0 nursingsa.com
0.0.0.0 nutricroq.com
0.0.0.0 nutriksystem.com
0.0.0.0 nylottery.com
0.0.0.0 nyulangoners.com
0.0.0.0 o-shohousen.com
0.0.0.0 o2tvseriea.com
0.0.0.0 obesityonline.org
0.0.0.0 obobettermann.de
0.0.0.0 oceach.org
0.0.0.0 octupus-versand.de
0.0.0.0 odincoin-ag.com
0.0.0.0 odrivers.com
# https://virustotal.com/gui/url/ca6883e44a103ed205b6225d866719bc51a9301aca937d336dc38610e46c7ea2/community
# a "Yahoo" email claiming I will be locked out if I don't "correct my email"
0.0.0.0 yahooo-mail-service.webflow.io
# https://app.any.run/tasks/1dafbc8d-84d8-4e42-a96a-fffdc9d644e7/
0.0.0.0 kmspico-official.xyz
# https://forums.malwarebytes.com/topic/292016-keep-getting-outbound-website-blocked-due-to-trojan-cant-find-threats/
0.0.0.0 humman.art
# https://www.fortinet.com/blog/threat-research/new-rapperbot-campaign-ddos-attacks
# I misspelled virtualbox's website, landed here
0.0.0.0 virutalbox.org
0.0.0.0 get.safety-search.com
0.0.0.0 safety-search.com
# https://app.any.run/tasks/2de64615-6df3-457f-bfb8-3e207b44667c
# https://forums.malwarebytes.com/topic/292218-malwarebytes-says-that-vbcexe-is-a-virus-please-help/
# https://threatfox.abuse.ch/ioc/840342/
# https://github.com/AdguardTeam/AdguardFilters/issues/134903
0.0.0.0 znakomy.club
0.0.0.0 smartlink.name
# https://app.any.run/tasks/2309c8ba-3e9f-41f2-8a5c-f15f7411ac58#
0.0.0.0 www.sadeempc.com
0.0.0.0 sadeempc.com
# https://www.youtube.com/watch?v=xwJJkvIsEJQ
0.0.0.0 torrent-protection.com
0.0.0.0 downloadfilearea.com
# https://app.any.run/tasks/e5ba6bf3-98ee-46bf-b9ee-406b1bbebe1f
0.0.0.0 u8gr576y.cfd
# https://app.any.run/tasks/89b3e663-ea70-43fe-89f0-af05c1c9af2e
# https://forums.malwarebytes.com/topic/292452-strange-malwareconnections/
0.0.0.0 ns1usaupload.myphotos.cc
# https://github.com/AdguardTeam/AdguardFilters/issues/135924
# https://github.com/DandelionSprout/adfilt/commit/31a32bcef8cfef97a6403f308d64c1991c6b4e8b
# credit to https://github.com/DandelionSprout
0.0.0.0 abazelfan.com
0.0.0.0 abburmyer.com
0.0.0.0 abyamaskor.com
0.0.0.0 acelacien.com
0.0.0.0 adsvids.com
0.0.0.0 agaenteitor.com
0.0.0.0 ajestigie.com
0.0.0.0 almareepom.com
0.0.0.0 alspearowa.com
0.0.0.0 amexcadrillon.com
0.0.0.0 amgardevoirtor.com
0.0.0.0 amoddishor.com
0.0.0.0 ardsdusknoiron.com
0.0.0.0 arrlnk.com
0.0.0.0 arswabluchan.com
0.0.0.0 arwartortleer.com
0.0.0.0 arwhismura.com
0.0.0.0 aslaironer.com
0.0.0.0 aslaprason.com
0.0.0.0 asnoibator.com
0.0.0.0 astkyureman.com
0.0.0.0 astoecia.com
0.0.0.0 atgallader.com
0.0.0.0 attrapincha.com
0.0.0.0 audmrk.com
0.0.0.0 augnolru.com
0.0.0.0 ausoafab.net
0.0.0.0 bechatotan.com
0.0.0.0 belickitungchan.com
0.0.0.0 benumelan.com
0.0.0.0 beskittyan.com
0.0.0.0 betalonflamechan.com
0.0.0.0 betimbur.com
0.0.0.0 betjoltiktor.com
0.0.0.0 betotodileon.com
0.0.0.0 bett2you.org
0.0.0.0 bigsport.today
0.0.0.0 breakingfeedz.com
0.0.0.0 businessenviron.com
0.0.0.0 byambipoman.com
0.0.0.0 cadbitff.com
0.0.0.0 chemitug.net
0.0.0.0 civadsoo.net
0.0.0.0 clicktracklink.com
0.0.0.0 comivolo.com
0.0.0.0 consoupow.com
0.0.0.0 countriesnews.com
0.0.0.0 daizoode.com
0.0.0.0 davaifoa.com
0.0.0.0 desabrator.com
0.0.0.0 dfsdkkka.com
0.0.0.0 dodurantom.com
0.0.0.0 doflygonan.com
0.0.0.0 domakuhitaor.com
0.0.0.0 dosamurottom.com
0.0.0.0 dugothitachan.com
0.0.0.0 dukirliaon.com
0.0.0.0 dulillipupan.com
0.0.0.0 duponytator.com
0.0.0.0 ewoutosh.com
0.0.0.0 eyenider.com
0.0.0.0 faestara.com
0.0.0.0 fdiirjong.com
0.0.0.0 fiinann.com
0.0.0.0 fiinnancesur.com
0.0.0.0 finance2you.org
0.0.0.0 finnnann.com
0.0.0.0 flymob.com
0.0.0.0 forlumineontor.com
0.0.0.0 forunfezanttor.com
0.0.0.0 forzigzagoonom.com
0.0.0.0 fregtrsatnt.com
0.0.0.0 funnysack.com
0.0.0.0 gdasaasnt.com
0.0.0.0 geedoovu.net
0.0.0.0 geejooji.com
0.0.0.0 getsurv2youu.com
0.0.0.0 gfsdloocn.com
0.0.0.0 ggetsurveey.com
0.0.0.0 gggtrenks.com
0.0.0.0 gillynn.com
0.0.0.0 gkjoanks.com
0.0.0.0 glersakr.com
0.0.0.0 gloaphoo.net
0.0.0.0 gloolrey.com
0.0.0.0 gloudsel.net
0.0.0.0 goomaphy.com
0.0.0.0 groguzoo.net
0.0.0.0 growebads.com
0.0.0.0 gtoonfd.com
0.0.0.0 haunigre.net
0.0.0.0 higheurest.com
0.0.0.0 hoanoola.net
0.0.0.0 hrenbjkdas.com
0.0.0.0 inabsolor.com
0.0.0.0 inboldoreer.com
0.0.0.0 incorphishor.com
0.0.0.0 inkingleran.com
0.0.0.0 inpage-push.com
0.0.0.0 interdfp.com
0.0.0.0 intorterraon.com
0.0.0.0 itemolgaer.com
0.0.0.0 itgiblean.com
0.0.0.0 itnuzleafan.com
0.0.0.0 ittorchicer.com
0.0.0.0 itzekromom.com
0.0.0.0 jeehathu.com
0.0.0.0 karsauwi.xyz
0.0.0.0 koapsuha.net
0.0.0.0 kogutcho.net
0.0.0.0 lauhoosh.net
0.0.0.0 leethalo.net
0.0.0.0 leezoama.net
0.0.0.0 loralana.com
0.0.0.0 lowdodrioon.com
0.0.0.0 lowdurantom.com
0.0.0.0 lowlatiasan.com
0.0.0.0 lowstaryur.com
0.0.0.0 mauchopt.net
0.0.0.0 meagplin.com
0.0.0.0 meet4youu.com
0.0.0.0 mekstolande.com
0.0.0.0 moakaumo.com
0.0.0.0 moksoxos.com
0.0.0.0 mygtmn.com
0.0.0.0 naisoops.net
0.0.0.0 newprofitcontrol.com
0.0.0.0 nieveni.com
0.0.0.0 oackoubs.com
0.0.0.0 oaphoace.net
0.0.0.0 offmachopor.com
0.0.0.0 omanala.com
0.0.0.0 omasatra.com
0.0.0.0 omchimcharchan.com
0.0.0.0 omnidokingon.com
0.0.0.0 onclickads.net
0.0.0.0 onclickrev.com
0.0.0.0 onclickserver.com
0.0.0.0 onelivetra.com
0.0.0.0 onwasrv.com
0.0.0.0 onxatutor.com
0.0.0.0 oodrampi.com
0.0.0.0 oopsoans.xyz
0.0.0.0 opcharizardon.com
0.0.0.0 opchikoritaan.com
0.0.0.0 opchikoritar.com
0.0.0.0 opclauncheran.com
0.0.0.0 osspalkiaom.com
0.0.0.0 ossrhydonr.com
0.0.0.0 otrwaram.com
0.0.0.0 outaipoma.com
0.0.0.0 outseylor.com
0.0.0.0 overonixa.com
0.0.0.0 overswaloton.com
0.0.0.0 overzoruaon.com
0.0.0.0 overzubatan.com
0.0.0.0 paiwhoki.com
0.0.0.0 parumal.com
0.0.0.0 pipeschannels.com
0.0.0.0 propvideo.net
0.0.0.0 psaudous.com
0.0.0.0 psoukesh.com
0.0.0.0 ptewarin.net
0.0.0.0 qarewien.com
0.0.0.0 rhendam.com
0.0.0.0 ridsilry.net
0.0.0.0 rmndme.com
0.0.0.0 rndchandelureon.com
0.0.0.0 rndmusharnar.com
0.0.0.0 roduster.com
0.0.0.0 roosteem.net
0.0.0.0 rouinfernapean.com
0.0.0.0 rtmark.net
0.0.0.0 rtrgt2.com
0.0.0.0 saimifoa.net
0.0.0.0 seevustu.xyz
0.0.0.0 serconmp.com
0.0.0.0 shoubsee.net
0.0.0.0 show-review.com
0.0.0.0 sportevents.news
0.0.0.0 staixooh.com
0.0.0.0 stastips.net
0.0.0.0 surv2you.net
0.0.0.0 survey2you.org
0.0.0.0 tauvoojo.net
0.0.0.0 teefuthe.com
0.0.0.0 thoamike.xyz
0.0.0.0 timecrom.com
0.0.0.0 toateeli.net
0.0.0.0 toglooman.com
0.0.0.0 toshelmeton.com
0.0.0.0 tosuicunea.com
0.0.0.0 totentacruelor.com
0.0.0.0 totogetica.com
0.0.0.0 touroumu.com
0.0.0.0 tovanillitechan.com
0.0.0.0 trads.io
0.0.0.0 trenhsmp.com
0.0.0.0 trewnhiok.com
0.0.0.0 ugroocuw.net
0.0.0.0 unampharostor.com
0.0.0.0 unbeedrillom.com
0.0.0.0 unexeggutorer.com
0.0.0.0 ungolbator.com
0.0.0.0 untimburra.com
0.0.0.0 uparceuson.com
0.0.0.0 uplucarioon.com
0.0.0.0 uponarticunoer.com
0.0.0.0 upregisteelon.com
0.0.0.0 urmavite.com
0.0.0.0 uwhuglup.net
0.0.0.0 vamsoupowoa.com
0.0.0.0 vethojoa.net
0.0.0.0 vuftouks.com
0.0.0.0 whaxanso.net
0.0.0.0 whizista.xyz
0.0.0.0 wumpeeps.net
0.0.0.0 wynather.com
0.0.0.0 yacurlik.com
0.0.0.0 yarlnk.com
0.0.0.0 yonabrar.com
0.0.0.0 zagtertda.com
0.0.0.0 zoawufoy.net
# https://forums.malwarebytes.com/topic/292537-phishing-x-3/ (account required, credit to https://forums.malwarebytes.com/profile/126832-bradraynor/)
0.0.0.0 13ee53.codesandbox.io
# https://forums.malwarebytes.com/topic/292570-malwarebytes-blocked-trojanexe-am-i-safe/
# https://threatfox.abuse.ch/ioc/1024382/
# https://forums.malwarebytes.com/topic/292568-ironmodalcom/
0.0.0.0 ironmodal.com
# https://app.any.run/tasks/fbb04c5d-ce57-4eaa-937b-20b014ed7c19#
0.0.0.0 rsmerchantservices.com
0.0.0.0 oolomos.com
0.0.0.0 privacy-tools-for-you-453.com
0.0.0.0 gcrpgqhhmf.com
0.0.0.0 bestsmartfind.com
# https://app.any.run/tasks/df07016b-df4a-47d2-8ef4-3764547ccb7b (website)
# https://app.any.run/tasks/30bb18a1-ea92-4208-91a1-e1b964930fa5 (file)
# https://threatfox.abuse.ch/ioc/1028938/
# this is totally not what online malware sandboxes are for, but
# https://tria.ge/221205-15q5dsfb9z/behavioral1#network
0.0.0.0 adthereis.buzz
0.0.0.0 ftrec.adthereis.buzz
# subdomains
0.0.0.0 czudf.adthereis.buzz
0.0.0.0 dlaho.adthereis.buzz
0.0.0.0 uyfox.adthereis.buzz
0.0.0.0 bukwg.adthereis.buzz
0.0.0.0 vriuj.adthereis.buzz
0.0.0.0 qcfhr.adthereis.buzz
0.0.0.0 vmvyu.adthereis.buzz
0.0.0.0 sxvne.adthereis.buzz
0.0.0.0 tzoca.adthereis.buzz
0.0.0.0 vqzao.adthereis.buzz
0.0.0.0 stypo.adthereis.buzz
0.0.0.0 rzukq.adthereis.buzz
0.0.0.0 buvaf.adthereis.buzz
0.0.0.0 kmkab.adthereis.buzz
0.0.0.0 ecgax.adthereis.buzz
0.0.0.0 tfseo.adthereis.buzz
0.0.0.0 pydqn.adthereis.buzz
0.0.0.0 jspov.adthereis.buzz
0.0.0.0 xdaxi.adthereis.buzz
0.0.0.0 cxyyv.adthereis.buzz
0.0.0.0 rzhxs.adthereis.buzz
0.0.0.0 ihclh.adthereis.buzz
0.0.0.0 mzqyv.adthereis.buzz
0.0.0.0 ovanj.adthereis.buzz
0.0.0.0 nnkjm.adthereis.buzz
0.0.0.0 zcuea.adthereis.buzz
0.0.0.0 mnqre.adthereis.buzz
0.0.0.0 vnzdj.adthereis.buzz
0.0.0.0 bxauc.adthereis.buzz
0.0.0.0 drauy.adthereis.buzz
0.0.0.0 gkgfw.adthereis.buzz
0.0.0.0 ribsl.adthereis.buzz
0.0.0.0 czhif.adthereis.buzz
0.0.0.0 cupyx.adthereis.buzz
0.0.0.0 ypnjk.adthereis.buzz
0.0.0.0 agexq.adthereis.buzz
0.0.0.0 ojhjn.adthereis.buzz
0.0.0.0 mrmgk.adthereis.buzz
0.0.0.0 hwkjq.adthereis.buzz
0.0.0.0 povvx.adthereis.buzz
0.0.0.0 pkciz.adthereis.buzz
0.0.0.0 drpgq.adthereis.buzz
0.0.0.0 inrtc.adthereis.buzz
0.0.0.0 tifrl.adthereis.buzz
0.0.0.0 lqgqc.adthereis.buzz
0.0.0.0 hlrjd.adthereis.buzz
0.0.0.0 dqnib.adthereis.buzz
0.0.0.0 ydhet.adthereis.buzz
0.0.0.0 izszd.adthereis.buzz
0.0.0.0 lshph.adthereis.buzz
0.0.0.0 cclct.adthereis.buzz
0.0.0.0 mzstz.adthereis.buzz
0.0.0.0 hzuhg.adthereis.buzz
0.0.0.0 qkefc.adthereis.buzz
0.0.0.0 furbf.adthereis.buzz
0.0.0.0 aealu.adthereis.buzz
0.0.0.0 imolc.adthereis.buzz
0.0.0.0 gjzsn.adthereis.buzz
0.0.0.0 rvoko.adthereis.buzz
0.0.0.0 jfope.adthereis.buzz
0.0.0.0 kngev.adthereis.buzz
0.0.0.0 fkpbd.adthereis.buzz
0.0.0.0 atyqv.adthereis.buzz
0.0.0.0 tfkbt.adthereis.buzz
0.0.0.0 ghevg.adthereis.buzz
0.0.0.0 mtvam.adthereis.buzz
0.0.0.0 zsa0i.adthereis.buzz
0.0.0.0 pxzib.adthereis.buzz
0.0.0.0 bbpky.adthereis.buzz
0.0.0.0 xtfaq.adthereis.buzz
0.0.0.0 ggyjx.adthereis.buzz
0.0.0.0 wqweo.adthereis.buzz
0.0.0.0 ycxds.adthereis.buzz
0.0.0.0 vpemr.adthereis.buzz
0.0.0.0 updsl.adthereis.buzz
0.0.0.0 pnwut.adthereis.buzz
0.0.0.0 svgpj.adthereis.buzz
0.0.0.0 afmqv.adthereis.buzz
0.0.0.0 fcwli.adthereis.buzz
0.0.0.0 bejnh.adthereis.buzz
0.0.0.0 uzvfz.adthereis.buzz
0.0.0.0 eapmj.adthereis.buzz
0.0.0.0 hiaxn.adthereis.buzz
0.0.0.0 nglkk.adthereis.buzz
0.0.0.0 04pl0.adthereis.buzz
0.0.0.0 xbufq.adthereis.buzz
0.0.0.0 kfchx.adthereis.buzz
0.0.0.0 eqtzo.adthereis.buzz
0.0.0.0 xkrws.adthereis.buzz
0.0.0.0 rabyl.adthereis.buzz
0.0.0.0 vrrip.adthereis.buzz
0.0.0.0 yrjrq.adthereis.buzz
0.0.0.0 oimxs.adthereis.buzz
0.0.0.0 mnlnd.adthereis.buzz
0.0.0.0 lubpm.adthereis.buzz
0.0.0.0 uvcbk.adthereis.buzz
0.0.0.0 bhqgv.adthereis.buzz
0.0.0.0 jzewf.adthereis.buzz
0.0.0.0 edbek.adthereis.buzz
0.0.0.0 bmvbj.adthereis.buzz
0.0.0.0 wmsxu.adthereis.buzz
0.0.0.0 mfxzk.adthereis.buzz
# https://scammer.info/t/i-made-a-game-can-you-test-play-discord-trojan/114861
# https://tria.ge/221208-n68plshh69/behavioral1
0.0.0.0 kqnfkpoccicxiudstqonfotuwsrhuxkwhqjjfsbjhonoubrccy.nl
# https://app.any.run/tasks/82e6d95e-3fd5-4bf6-873e-3d7379d495e3
# https://app.any.run/tasks/25665331-97a5-49a8-9381-eda377347ee5/
0.0.0.0 fitgirl-repacks-site.org
0.0.0.0 bluemediafiles.top
# https://forums.malwarebytes.com/topic/292825-outgoing-connection-blocked-due-to-trojan-vbcexe/
0.0.0.0 na.luckpool.net
# https://forums.malwarebytes.com/topic/292876-detected-trojan-windowsmicrosoftnetframeworkv4030319applaunchexe/
0.0.0.0 tininshassama.xyz
# https://forums.malwarebytes.com/topic/292840-file-detected-windowsmicrosoftnetframeworkv4030319aspnet_compileexe/
0.0.0.0 line.publicvm.com
# https://bazaar.abuse.ch/sample/a3cafe7d2d20180460c2e581b215d63519a691de2781a66349fd57ea3e5fcfdf/ (https://bazaar.abuse.ch/user/86185858/)
# https://github.com/uBlockOrigin/uAssets/issues/15990
0.0.0.0 vlcdownloads.com
# https://github.com/uBlockOrigin/uAssets/issues/16017
# https://app.any.run/tasks/5474c73a-c247-4837-bfd1-a35d08332a5a
# https://app.any.run/tasks/213d5660-7bba-4da6-b9a4-9539201b213c
0.0.0.0 t20boltmig.click
0.0.0.0 offsebike.cyou
# https://virustotal.com/gui/url/2eeeeba08305b13c205d66f7d9cd6a853bc491688d0e91c0381613066b2566a3/community
# https://virustotal.com/gui/url/f297b1523c8c0ac766edeccbc5fb099f1c7bd031c29f837a1701e0a1f71a8651/community
0.0.0.0 desinvca.ru
# https://github.com/AdguardTeam/AdguardFilters/issues/136390
0.0.0.0 glthub.org
# https://forums.malwarebytes.com/topic/293043-fake-notepad-website-with-fake-installer/ (login required)
# credit to https://forums.malwarebytes.com/profile/284536-liteiton/
0.0.0.0 nothfnw.shop
# https://github.com/uBlockOrigin/uAssets/pull/16038
0.0.0.0 microauth.ru
# https://forums.malwarebytes.com/topic/293076-google-docs-extension-malware/
0.0.0.0 goog.goodsearchez.com
0.0.0.0 goodsearchez.com
# https://forums.malwarebytes.com/topic/293086-i-keep-getting-data-crypto-mining-trojans-in-my-chrome-extensions-folder/
0.0.0.0 daggerhashimoto.eu.nicehash.com
# https://virustotal.com/gui/url/02dc78a55d22ccb88c5609813f90be62723531ba26be696df8259f9820dcae3b/community
0.0.0.0 plazaboulevard.com.br
# https://virustotal.com/gui/url/e932836ffec1abf152162b20f97292111a5d7c02cd6b3f2d91916c0821227ac2/community
0.0.0.0 authentication-vmail.us-east-1.linodeobjects.com
# https://bazaar.abuse.ch/sample/dd022ea963e777dec7fbb6c3f84893961c60a0b72fa26152416a9e75e9879c5d/
# https://virustotal.com/gui/file/9108e1d22d74bc5397b8886edc4f0a84b8906436a648ef8a86f30cf7e08978dd/detection
# https://virustotal.com/gui/file/8b526ce6c0637c72799d1f1944f5d77a821d896c2ffe01cd8c391ed37a175f76
# https://virustotal.com/gui/file/1727a5f6484628f4493ac2befaf48b47d88376128992c2787959c00b306da048/detection
# https://github.com/DandelionSprout/adfilt/discussions/163#discussioncomment-4502840 (with no adblocker, I got an ad which downloaded https://virustotal.com/gui/file/7c4c570fb381176736d956ee84c5fb01b6e4638fe122e7a2e1f7335d08edb1d6/detection)
0.0.0.0 ecomefuk.xyz
# https://app.any.run/tasks/f4e39100-c15b-4cd3-9a2c-3401df4435d4
# https://tria.ge/221227-3mk7jagg99
0.0.0.0 thyr65qw.cfd
0.0.0.0 5rd5tgh.cfd
# https://www.hybrid-analysis.com/sample/f2e12223da0ae00323260f8dadbdd1596f7ce8fcd2e2520fde0aefc6fd19a88b
# https://tria.ge/221228-3ez1qabh74/behavioral2
# https://virustotal.com/gui/file/0814d32e07768c5387774d03108ea27ff132d4aee72d3f1fc98a6d78ab74d628
0.0.0.0 wkcrack.com
0.0.0.0 neonhost.click
0.0.0.0 sigmarole.cyou
# https://threatfox.abuse.ch/ioc/847757/
# https://app.any.run/tasks/acb995d6-45ba-4680-8c39-b96b7a8574d8
# https://github.com/iam-py-test/investigations/blob/main/malware/oceanofgames.com.md
0.0.0.0 oceanofgames.com
0.0.0.0 easy-learn-tech.info
# https://virustotal.com/gui/url/c4c4913c27814d34be86ee1394ba7706190a2b9f59adade86eaa05126b3258fc/community
0.0.0.0 securewebauths.com
# https://virustotal.com/gui/url/25c1299a47deee16de446a1e984b668779afe55cd5429639a112fe8cb6509b68/community
0.0.0.0 colorflys.com
# https://app.any.run/tasks/5bdcb423-d8a6-4c4a-bee0-e4817415d96e
# https://virustotal.com/gui/file/f82251f78347ba9a0a0fe6efee7fdfb4a07ef133ec29d4fb816116b194c4f4a2/detection
# shared by https://github.com/JobcenterTycoon
0.0.0.0 funnycrack.com
# https://app.any.run/tasks/5f9ddba3-9d5d-45a6-8ab1-37eaca832b2a/
# https://tria.ge/230103-s79qhsfb2z/behavioral2
0.0.0.0 gigapurbalinggaa.com
0.0.0.0 stone10.xyz
0.0.0.0 blakbooot.click
0.0.0.0 p1nkroze.click
# https://github.com/AdguardTeam/AdguardFilters/issues/139106 (credit to DandelionSprout)
0.0.0.0 loadingnow.me
0.0.0.0 gsecurecontent.com
0.0.0.0 pressizer.net
0.0.0.0 sapino.net
# https://tria.ge/230104-qdn6lsfh34/behavioral2
# https://tria.ge/230104-qcf4lsbb81/behavioral2
# https://www.hybrid-analysis.com/sample/a2f1e5de0f6a32a2b202a973b4deebb0f3f3fd0c16001a010594ced932b17a07
# https://virustotal.com/gui/file/a2f1e5de0f6a32a2b202a973b4deebb0f3f3fd0c16001a010594ced932b17a07/detection
0.0.0.0 1weset6y.cfd
# https://threatfox.abuse.ch/ioc/1064537/
# https://threatfox.abuse.ch/ioc/1064536/
# https://threatfox.abuse.ch/ioc/1064660/
# https://forums.malwarebytes.com/topic/293448-brute-force-password-attack-on-email-server-from-ip-address-9820013539/?do=findComment&comment=1547922 (account required)
# https://www.abuseipdb.com/check/68.60.77.128 
# delist once there have been no new reports in one week. Probably pointless to list in the first place
# https://app.any.run/tasks/37850881-daef-455e-a60d-7b1a11438955 (just a 7zip download???)
0.0.0.0 fitgirlrepack.games
0.0.0.0 floppyredirect.click
0.0.0.0 losstub.icu
# https://app.any.run/tasks/bdf92208-3c4b-4673-b4f4-4d59299d1201
0.0.0.0 fitgirl-repacks.proxy2link.com
# https://app.any.run/tasks/73e0b109-7648-4d44-ac89-c2abd5c0b8f0
0.0.0.0 nortvpn-app.com
# https://github.com/hagezi/dns-blocklists/issues/166
0.0.0.0 nielviok.cf
0.0.0.0 kallarann.gq
0.0.0.0 jandin.gq
0.0.0.0 web.quoabide.top
0.0.0.0 milfme.com
0.0.0.0 web.zoneimage.site
0.0.0.0 dylacha.tk
0.0.0.0 waumari.tk
0.0.0.0 web.tumbleceq.in
0.0.0.0 web.squirmaccess.site
0.0.0.0 track.findb.news
0.0.0.0 web.zoombleat.top
0.0.0.0 web.grittyago.xyz
0.0.0.0 wineshasi.cf
0.0.0.0 web.spywax.site
0.0.0.0 xonanere.ga
0.0.0.0 karindal.ga
0.0.0.0 web.aeratevenal.site
0.0.0.0 web.cannondate.top
0.0.0.0 deugahat.gq
0.0.0.0 web.acidicadorn.top
0.0.0.0 leelabea.cf
0.0.0.0 beladra.cf
0.0.0.0 web.actgrovel.site
0.0.0.0 ysiquaarac.ga
0.0.0.0 web.grincanis.site
0.0.0.0 web.spurtparole.top
0.0.0.0 llantana.ml
0.0.0.0 web.datelovetime.xyz
0.0.0.0 lhamad.gq
0.0.0.0 web.jazztunnel.top
0.0.0.0 quinete.ga
0.0.0.0 web.blandfain.site
0.0.0.0 web.hanfallow.online
0.0.0.0 web.groupabet.site
0.0.0.0 tracking.lovematchflirt.com
0.0.0.0 tracking.latedreamdate.com
0.0.0.0 web.gristwattle.online
# https://bazaar.abuse.ch/sample/971a53dd3d17c44c1f4b21e33c0c161aed411ebb8c4d7f5a47c3cc68849340a5/
0.0.0.0 skynetx.com.br
# https://app.any.run/tasks/45e3bc2d-8e87-47b6-b233-cf8bfecbd5b7
0.0.0.0 cdt2023.ddns.net
# https://app.any.run/tasks/425c595f-3f93-4d54-abaf-29b7d8c78e1b#
# https://github.com/uBlockOrigin/uAssets/pull/16283
0.0.0.0 galeden.cn
# https://virustotal.com/gui/url/ba238fade1efae3c4a22a777ea6d8e7876911ba2762a38e9068be025dae64642/community
# https://app.any.run/tasks/fc749190-7a49-4f62-bfcb-b4262ba6fe8b (my analysis)
# https://virustotal.com/gui/url/d53cb0004ee89defa498483920b97ff3b414748e05ce7a5af65136b06b19ef6f/community
0.0.0.0 tidy-mark.com
0.0.0.0 grethychashi.pro
0.0.0.0 www.grethychashi.pro
# https://forums.malwarebytes.com/topic/293729-help-please-a-file-trojan-keeps-coming-back-when-i-reboot-my-computer/
0.0.0.0 phtgnx.top
0.0.0.0 cdn.phtgnx.top
0.0.0.0 progriu.top
0.0.0.0 cdn.progriu.top
# https://tria.ge/230114-ra56dsch4w/behavioral2
0.0.0.0 er76njy.click
0.0.0.0 vghu896yh.cfd
# https://threatfox.abuse.ch/ioc/1068340/ and https://threatfox.abuse.ch/ioc/1068341/
# https://github.com/uBlockOrigin/uAssets/issues/16339
0.0.0.0 dgemanowhot.com.ua
0.0.0.0 onandeggsiswe.com.ua
0.0.0.0 ormoredeta.xyz
# https://forums.malwarebytes.com/topic/293881-hijackautoconfigurlprxysvrrst-backdoorfarfli/
0.0.0.0 g.agametog.com
0.0.0.0 agametog.com
# https://bazaar.abuse.ch/sample/13b4cf644bcb21bc1fe99e77bc919b8114ce44e6f0cca5872b689185c57606bc/
# my analysis (all credit to whoever originally reported this)
# https://www.hybrid-analysis.com/sample/3e79dfe786d64834eca9f37d68c01d433ebbe90bb6f2ca58c0daaf9f8a85f059
# https://tria.ge/230116-1vskgaeb63/behavioral2
# https://threatfox.abuse.ch/ioc/1062895/ and https://threatfox.abuse.ch/ioc/1062522/
0.0.0.0 domifybot.com
# https://blog.sucuri.net/2023/01/finding-removing-malware-from-weebly-sites.html
0.0.0.0 circuitingratitude.com
# https://forums.malwarebytes.com/topic/294262-fake-firefox-update/ (account required)
# credit to https://forums.malwarebytes.com/profile/3800-porthos/
0.0.0.0 84df4578bffsd.info
# https://forums.malwarebytes.com/topic/294335-repeated-blocked-website-trojan-compromised-logs/
0.0.0.0 dellenshop.top
# https://forums.malwarebytes.com/topic/294253-infected-paranoid/#comments
0.0.0.0 fuzionblox.com
# https://forums.malwarebytes.com/topic/294374-might-have-a-virus/
# https://forums.malwarebytes.com/topic/294372-suspicious-file/
# https://threatfox.abuse.ch/ioc/1073271/
# (my analysis) https://app.any.run/tasks/96fff8ad-199e-4a03-aea3-410214ed18f4
# https://github.com/blocklistproject/Lists/issues/918 (all but one appear dead but added anyway)
0.0.0.0 notldoy.xyz
0.0.0.0 blendepr.org
0.0.0.0 blendevr.org
0.0.0.0 blender3d-software.net
# https://github.com/uBlockOrigin/uAssets/issues/16558
# (my analysis) https://tria.ge/230130-pl42csac69/static1
0.0.0.0 driveusercontent.us
# https://forums.malwarebytes.com/topic/294473-malware-not-detected-in-malwarebytes/ (account required)
# (my analysis) https://app.any.run/tasks/14b9da67-7f1e-49ff-b73d-26a5d263efbf/
# https://github.com/DesktopECHO/T95-H616-Malware
0.0.0.0 ycxrl.com
0.0.0.0 ycxrldow.com
0.0.0.0 cbphe.com
0.0.0.0 cbpheback.com
# https://bazaar.abuse.ch/sample/89da2eee6af1c267e164bd9b24866bcac56588fe67efaf3bdb9aa98afa8cf990/
# https://bazaar.abuse.ch/sample/7df24f04c4df829cd9e643cd9be596d0996b79d1fbb9422c75a17741f10414a4/ (all credit to abusech)
0.0.0.0 pusgpaxnddw.top
0.0.0.0 qlmhxmwlyhr.top
0.0.0.0 qmudnleqjjx.top
# https://github.com/AdguardTeam/AdguardFilters/issues/141376
0.0.0.0 watch-online.7oc5b1i3v4iu.top
0.0.0.0 7oc5b1i3v4iu.top
# from internal discussion
# https://urlhaus.abuse.ch/url/2524904/
# (my analysis) https://tria.ge/230201-nxx7hsda77/behavioral2
# https://threatfox.abuse.ch/ioc/1067729/
# https://forums.malwarebytes.com/topic/294558-google-customer-reward-program/
0.0.0.0 21bustqisw2.top
# from search results
0.0.0.0 331454283.jirikrcmar-photography.cz
0.0.0.0 jirikrcmar-photography.cz
0.0.0.0 dh4jf8fjs.affiliatemarketing.news
0.0.0.0 affiliatemarketing.news
# https://forums.malwarebytes.com/topic/294619-trojan-hijack-browser/
# https://app.any.run/tasks/9cdd662f-9642-4406-8797-03f021ce6370
# https://tria.ge/230203-pmtl1saf9t/behavioral1
0.0.0.0 ccleaner-download.xyz
0.0.0.0 service-domain.xyz
# https://twitter.com/KesaGataMe0/status/1621321884012019712 (https://github.com/AdguardTeam/AdguardFilters/commit/cc46c1f0f0c2a71e989c697fb382cdd68621d366)
0.0.0.0 www-biccamera-com.jycfmf.com
# https://virustotal.com/gui/url/7edda570d0f8fae48fac53194950c93137721d5535829d88add851c9bf42a0e2
# (my analysis) https://app.any.run/tasks/1da745f3-0a79-44b4-9490-0ce55609f1e2
# https://virustotal.com/gui/url/7aa7958a7cb1509cd70a8c935c6c3eb96c46f2fc7b05cb3862f9bd9299308627/community
# (my analysis) https://app.any.run/tasks/e795f6aa-589a-4b6f-8352-403b055bdf5d
0.0.0.0 hotmail-107217.weeblysite.com
# NSFW: https://app.any.run/tasks/84fe2ec3-067b-4095-8a4f-e74636671351
0.0.0.0 message.okaynotification.com
0.0.0.0 okaynotification.com
0.0.0.0 notice.okaynotification.com
0.0.0.0 click.okaynotification.com
0.0.0.0 update.okaynotification.com
0.0.0.0 now.okaynotification.com
0.0.0.0 readnow.okaynotification.com
# https://app.any.run/tasks/04b2bc07-923b-4890-8587-02e360d01ae0
0.0.0.0 morecash.click
0.0.0.0 gamebee.club
# https://forums.malwarebytes.com/topic/294675-mygov-scamfraudpersonal-detail-theft-alert/ (account required)
# (my analysis) https://app.any.run/tasks/463e490a-12bb-4afd-a496-f5500177b794/
0.0.0.0 quickttax.top
# https://github.com/AdguardTeam/AdguardFilters/issues/142226
# https://app.any.run/tasks/91ca9115-952b-479f-8f9d-360e096e558b
0.0.0.0 qfdsq.inghesatin.com
0.0.0.0 blockadsez.info
0.0.0.0 wickedhumankindbarrel.com
0.0.0.0 videoadblockerpro.com
0.0.0.0 watchadfree.info
0.0.0.0 stop-adblocker.info
0.0.0.0 ia9j0.top
0.0.0.0 yk946.top
0.0.0.0 ayybt.top
0.0.0.0 8b947.top
0.0.0.0 yz9iy.top
0.0.0.0 9sgqi.top
0.0.0.0 pivoms.live
0.0.0.0 ys2fr.top
0.0.0.0 9elo3.top
0.0.0.0 zjvw7.top
0.0.0.0 z4r0w.top
0.0.0.0 8yqet.top
0.0.0.0 wheeshoo.net
0.0.0.0 justquiz39.pushalert.co
0.0.0.0 easyadblocker.info
0.0.0.0 wbofc.top
0.0.0.0 x435f.top
0.0.0.0 w6got.top
0.0.0.0 xk9tx.top
0.0.0.0 wiruv.top
0.0.0.0 xpdep.top
0.0.0.0 shoesauto3.xyz
# https://forums.malwarebytes.com/topic/294740-trojans-will-not-disappear-and-mb-wont-stop-blocking-websites/
# https://threatfox.abuse.ch/ioc/1078147/
# https://www.malware-traffic-analysis.net/2023/02/03/index.html
0.0.0.0 yes2food.com
0.0.0.0 advertising-check.ru
0.0.0.0 softs-lab.ru
# https://threatfox.abuse.ch/ioc/1078856/
# https://twitter.com/1ZRR4H/status/1623067548781539339
# https://github.com/uBlockOrigin/uAssets/issues/16704
# https://app.any.run/tasks/dbfbbaca-9fd5-4466-8a29-9e0519b77589
# https://virustotal.com/gui/file/f202337f99c730eef56d3be2a7fb92d74c9b5adac799fb0564bc9264f2784f5c/relations
0.0.0.0 vserpg.ru
# https://github.com/hagezi/dns-blocklists/issues/324
0.0.0.0 teslacar.io
# https://app.any.run/tasks/bcd4633b-931e-4bfc-a874-24d04a136036
0.0.0.0 wlbss.inghesatin.com
0.0.0.0 xe5j8.inghesatin.com
0.0.0.0 ggjt8.inghesatin.com
0.0.0.0 world-games.click
0.0.0.0 bynsd.top
0.0.0.0 8eatj.top
0.0.0.0 7ya1q.top
0.0.0.0 bhnx4.top
0.0.0.0 899h3.top
# https://app.any.run/tasks/53948f39-666f-4083-aa4e-bd5f215d29e2
0.0.0.0 dykbo.inghesatin.com
0.0.0.0 cqw59.top
0.0.0.0 ajfgq.top
0.0.0.0 8lmm7.top
0.0.0.0 ifmom.top
0.0.0.0 yhvua.top
0.0.0.0 dejig.live
# https://github.com/iam-py-test/my_filters_001/issues/109
0.0.0.0 btc.latest-articles.com
0.0.0.0 en.firstgooal.com
0.0.0.0 en.rawafedpor.com
0.0.0.0 news.istisharaat.com
0.0.0.0 ust.aly2um.com
0.0.0.0 filestack.live
0.0.0.0 0-4.top
0.0.0.0 012.bond
0.0.0.0 5pm.am
0.0.0.0 77w.pw
0.0.0.0 7la.la
0.0.0.0 9ge.ge
0.0.0.0 b-d.bond
0.0.0.0 b-i-t-l-y.co
0.0.0.0 b-ly.link
0.0.0.0 b-y.by
0.0.0.0 bit-ly.is
0.0.0.0 bit-ly.mobi
0.0.0.0 bitly.best
0.0.0.0 bitly.email
0.0.0.0 bitly.gold
0.0.0.0 bitly.network
0.0.0.0 c-lick.click
0.0.0.0 c-you.cyou
0.0.0.0 cc-z.cz
0.0.0.0 co-o.co
0.0.0.0 cr-7.cc
0.0.0.0 cutlinks.biz
0.0.0.0 cutlinks.ca
0.0.0.0 cutlinks.mobi
0.0.0.0 cutlinks.org
0.0.0.0 cuturls.net
0.0.0.0 d-ev.dev
0.0.0.0 fco.to
0.0.0.0 fmo.fm
0.0.0.0 g-l.gl
0.0.0.0 g-y.gy
0.0.0.0 gob.co.il
0.0.0.0 gov-cn.cloud
0.0.0.0 gov.co.ve
0.0.0.0 h-air.hair
0.0.0.0 i-cu.icu
0.0.0.0 i-io.io
0.0.0.0 i-n-fo.info
0.0.0.0 i-s.is
0.0.0.0 icx.cx
0.0.0.0 ii-ii.ru
0.0.0.0 ilc.lc
0.0.0.0 isn.is
0.0.0.0 isx.sx
0.0.0.0 j-e.je
0.0.0.0 l-o.loan
0.0.0.0 l-ol.lol
0.0.0.0 lbz.bz
0.0.0.0 m-n.mn
0.0.0.0 mvc.vc
0.0.0.0 n-g.ng
0.0.0.0 n-z.nz
0.0.0.0 obz.bz
0.0.0.0 oo-o.co
0.0.0.0 oo.coffee
0.0.0.0 psu.su
0.0.0.0 qis.is
0.0.0.0 s-k.sk
0.0.0.0 s-b.sb
0.0.0.0 s-sh.sh
0.0.0.0 sy-s.systems
0.0.0.0 t-o.to
0.0.0.0 tiny-url.mobi
0.0.0.0 ufox.info
0.0.0.0 u-mu.mu
0.0.0.0 uxe.luxe
0.0.0.0 vms.ms
0.0.0.0 vv-vip.vip
0.0.0.0 vvg.vg
0.0.0.0 w-me.me
0.0.0.0 w-tw.tw
0.0.0.0 w-ws.ws
0.0.0.0 wac.ac
0.0.0.0 wci.ci
0.0.0.0 wst.st
0.0.0.0 xx-yz.xyz
# https://github.com/blocklistproject/Lists/issues/933
0.0.0.0 jnkms0zfueh.click
0.0.0.0 pjljo54uk.click
0.0.0.0 v1asy4ncr.click
0.0.0.0 p5tvhrlw30h.click
0.0.0.0 8narwi309.click
0.0.0.0 sbjjzdwqg41ps.click
0.0.0.0 lrhxz60alkjtik.click
0.0.0.0 tvbxrr4ym3.click
0.0.0.0 8ebtdbsjsu.click
0.0.0.0 eicxz6jfjaw.click
# https://virustotal.com/gui/url/90ec9d3b01d045ba7917ba09722d9063803cf318d08de907e77d421800ed1cc4/community
# (my analysis) https://app.any.run/tasks/f14b7082-e3b1-4a98-84fc-e3c5e3d3b35c
0.0.0.0 s44-fhvb.web.app
# https://app.any.run/tasks/77b6a223-4c81-4798-9dc0-a747de6e0f6d
0.0.0.0 crackshash.com
0.0.0.0 czgovd.com
0.0.0.0 pufgilsofp.sbs
0.0.0.0 bstnwswrld.com
0.0.0.0 news-wobuda.com
0.0.0.0 ztzguv.com
0.0.0.0 thbstvd.com
0.0.0.0 notyfrom.info
0.0.0.0 flymylife.info
0.0.0.0 ms-82.flymylife.info
0.0.0.0 ms-52.flymylife.info
0.0.0.0 54trck.xyz
0.0.0.0 cxvfh.gesgloven.com
0.0.0.0 jorjfordmust.sbs
# https://app.any.run/tasks/f03aaba8-7c21-4316-a6db-cbb9bdbb1db6
# https://app.any.run/tasks/d142bf7d-0363-4bf2-9795-66423bbc9eac
0.0.0.0 origincrack.com
0.0.0.0 uerqelim91ut.click
0.0.0.0 klwukospapf.click
0.0.0.0 9bghqk3avg2gnh.click
0.0.0.0 6t09fag307ep.click
# https://tria.ge/230216-sgsz3shg3w/behavioral2
# https://threatfox.abuse.ch/ioc/1077934/
# https://virustotal.com/gui/ip-address/77.73.134.35/relations
# https://twitter.com/TrackerC2Bot/status/1620944031030075392
# https://threatfox.abuse.ch/ioc/1077935/
# https://forums.malwarebytes.com/topic/295115-trojan-downloaders-not-detected-by-malwarebytes/ (account required)
# https://virustotal.com/gui/file/a0626a283b6e2cbcacfbcc06c21691aff5e3386d43a76909304b2b0bacf8f45a/relations
# fake tor browser - https://app.any.run/tasks/679e9afa-eb19-4414-a086-e280a779a448
# https://tria.ge/230217-xd8nksgc9x/behavioral2
0.0.0.0 ru-torproject.ru
# https://github.com/uBlockOrigin/uAssets/issues/17400
# https://github.com/uBlockOrigin/uAssets/pull/16764#issuecomment-1493992669
# https://app.any.run/tasks/15000d62-df3c-41c4-95fa-b27480049e2d#
0.0.0.0 dwnfile.fun
0.0.0.0 mpraven.org
0.0.0.0 xfiley.me
# https://github.com/uBlockOrigin/uAssets/issues/15937
# https://github.com/uBlockOrigin/uAssets/issues/15937
# https://virustotal.com/gui/url/a70d88ffc974f8d9cc5c3561938e95435d20a12a555e8c10d638d2bee5292165
0.0.0.0 install1nstall1.com
0.0.0.0 kochava.com
0.0.0.0 neptunclicks.com
0.0.0.0 arakusus.com
0.0.0.0 imgfil.com
0.0.0.0 urlcod.com
0.0.0.0 tiurll.com
0.0.0.0 neppe.studio
0.0.0.0 startex3download.com
0.0.0.0 gowtos.com
0.0.0.0 lomogd.com
0.0.0.0 nosnou.com
# https://virustotal.com/gui/url/8ffac07f327a1bc605278ac9cdbc1f6a00ae2efd9d7111ad38790e6031e74072/community
# (my analysis) https://app.any.run/tasks/69b1e739-fa82-487f-92c8-5ba368b25481
0.0.0.0 steam.steampoweredartwork.com
0.0.0.0 steampoweredartwork.com
# https://github.com/AdguardTeam/AdguardFilters/issues/142771
0.0.0.0 wgreplay.fun
# https://virustotal.com/gui/file/aaa1beed5908f05cd7e4dc405ec763deecd6177b0bf78f0faa9cd54eed14bc34/detection
0.0.0.0 mesoftwares.vip
# https://app.any.run/tasks/82180609-bf2b-4565-88cd-e3cb2c8e6456/ (someone else's anyrun, credit to them)
# https://app.any.run/tasks/1aa45c59-b90f-47a2-8fb9-7915a377055a/
# https://forums.malwarebytes.com/topic/295202-windows-powershell-keeps-popping-up-randomly-and-closing/
# https://virustotal.com/gui/file/d3c9371a1456fd7c4551e18b0c1172a597f86c97e2864bc0b1be632c48da9697/relations
0.0.0.0 ahoravideo-blog.com
0.0.0.0 ahoravideo-cdn.com
0.0.0.0 ahoravideo-endpoint.com
0.0.0.0 ahoravideo-endpoint.xyz
0.0.0.0 ahoravideo-schnellvpn.com
0.0.0.0 ahoravideo-schnellvpn.xyz
0.0.0.0 bideo-blog.com
0.0.0.0 bideo-cdn.com
0.0.0.0 bideo-chat.com
0.0.0.0 bideo-chat.xyz
0.0.0.0 bideo-endpoint.com
0.0.0.0 bideo-endpoint.xyz
0.0.0.0 bideo-schnellvpn.com
0.0.0.0 bideo-schnellvpn.xyz
0.0.0.0 fairu-blog.com
0.0.0.0 fairu-cdn.com
0.0.0.0 fairu-chat.com
0.0.0.0 fairu-chat.xyz
0.0.0.0 fairu-endpoint.com
0.0.0.0 fairu-endpoint.xyz
0.0.0.0 fairu-schnellvpn.com
0.0.0.0 fairu-schnellvpn.xyz
0.0.0.0 privatproxy-blog.xyz
0.0.0.0 privatproxy-cdn.xyz
0.0.0.0 privatproxy-chat.com
0.0.0.0 privatproxy-endpoint.xyz
0.0.0.0 privatproxy-schnellvpn.com
0.0.0.0 wmail-blog.xyz
0.0.0.0 wmail-cdn.xyz
0.0.0.0 wmail-chat.xyz
0.0.0.0 wmail-endpoint.xyz
0.0.0.0 wmail-schnellvpn.com
0.0.0.0 wmail-schnellvpn.xyz
# http://vxvault.net/ViriFiche.php?ID=44753
0.0.0.0 adobetmcdn.net
# https://forums.malwarebytes.com/topic/295239-unsure-if-anything-has-been-done/
0.0.0.0 tiktok.ti3fsaa.cloud
0.0.0.0 ti3fsaa.cloud
# https://app.any.run/tasks/fc4768ad-8cc8-4af7-bd44-d91f5d8c258e
0.0.0.0 polo.thegadgetguru.club
0.0.0.0 thegadgetguru.club
0.0.0.0 setupspeedyhighlyinfo-file.info
0.0.0.0 startd0wnload22x.com
0.0.0.0 skillfactsim.com
0.0.0.0 burningpushing.info
# https://urlscan.io/result/ff16e3ca-7cc9-48aa-9028-dae2e7769419/
0.0.0.0 catomernsuents.com
# https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/
0.0.0.0 xrepositoryx.name
0.0.0.0 erdjknfweklsgwfmewfgref.com
0.0.0.0 harrysucksdick.com
0.0.0.0 heikickgn.com
0.0.0.0 frassirishiproc.com
0.0.0.0 myrepository.name
0.0.0.0 egscorp.net
# https://forums.malwarebytes.com/topic/295534-rtp-outbound-connection-on-googlewikipedia/
0.0.0.0 eatablehelprut.com
# https://forums.malwarebytes.com/topic/295590-malwarebyes-blocks-webite/
0.0.0.0 mignished-sility.com
# https://forums.malwarebytes.com/topic/295626-hyjecrgernebultcom-malware-removal-disguised-as-mcafee/
0.0.0.0 hyjecr.gernebult.com
# https://forums.malwarebytes.com/topic/295631-blocked-website/
0.0.0.0 curvyalpaca.cc
# domains farmed from adfly
0.0.0.0 zxbfm.ooumoughtcall.com
0.0.0.0 ooumoughtcall.com
0.0.0.0 s2cp.xyz
# https://github.com/RPiList/specials/issues/948#issuecomment-1458739160
0.0.0.0 yuppdownload.com
# https://github.com/AdguardTeam/AdguardFilters/issues/145513
0.0.0.0 4b34eusvcxsdublb6f.runoj.click
0.0.0.0 runoj.click
# https://github.com/AdguardTeam/AdguardFilters/issues/145513#issuecomment-1468676678
0.0.0.0 aesch-mko.com
0.0.0.0 agapios-gla.com
0.0.0.0 ahura-maz.com
0.0.0.0 altwi-cha.com
0.0.0.0 artax-evn.com
0.0.0.0 balor-ghn.com
0.0.0.0 ermin-oxj.info
0.0.0.0 gargi-xba.com
0.0.0.0 gloos-zus.info
0.0.0.0 gronw-zis.com
0.0.0.0 harib-eir.info
0.0.0.0 heily-nin.com
0.0.0.0 iorwe-qmf.com
0.0.0.0 kuno-gae.com
0.0.0.0 laurentia-kor.com
0.0.0.0 menelaus-col.com
0.0.0.0 nicomachus-mac.com
0.0.0.0 orige-duo.com
0.0.0.0 phara-gte.com
0.0.0.0 quinctus-isb.com
0.0.0.0 sindr-yet.com
0.0.0.0 redirect.newprogrammatic.click
# random malware
0.0.0.0 moresknock.click
0.0.0.0 b7iexw24.cfd
0.0.0.0 u1500oyc.cfd
0.0.0.0 nzjal5ou.cfd
0.0.0.0 krimahoriz.click
0.0.0.0 en.bestadultdatinglist-com.ru
0.0.0.0 fuckbookmobile.org
0.0.0.0 theparlornextthef.com
0.0.0.0 dtsdr.theparlornextthef.com
0.0.0.0 palons.live
0.0.0.0 alertci.click
0.0.0.0 9ijgfdc4rf56.click
0.0.0.0 nbsb7nr44.cfd
0.0.0.0 pingatinga.click
0.0.0.0 srinaboglad.click
0.0.0.0 bvnie.taitlastwebegan.com
0.0.0.0 taitlastwebegan.com
0.0.0.0 jikabotlan.click
0.0.0.0 trackyouswin.com
0.0.0.0 tgbhi8i.click
0.0.0.0 justfreesetuphere.xyz
0.0.0.0 hit5k.one
0.0.0.0 zdr566yh.click
0.0.0.0 getnomadtblog.com
0.0.0.0 urhandups.xyz
0.0.0.0 qtgsr.taitlastwebegan.com
0.0.0.0 yt93231mn.click
0.0.0.0 aswedfcv6ty.click
0.0.0.0 i3edtgyu.cfd
0.0.0.0 ko04rf8.cfd
0.0.0.0 dr6ghyu7.click
0.0.0.0 entry4hide.cyou
0.0.0.0 ovhoq.nkingwitheaam.com
0.0.0.0 nkingwitheaam.com
0.0.0.0 niceelitdating.top
0.0.0.0 b.niceelitdating.top
0.0.0.0 bigosext1s.com
# https://github.com/DandelionSprout/adfilt/issues/808
0.0.0.0 jonathanbartz.com
0.0.0.0 jp.imonitorsoft.com
0.0.0.0 junk-bros.com
0.0.0.0 kepw.org
0.0.0.0 kristinee.com
0.0.0.0 lakeside-fishandchips.com
# https://www.reddit.com/r/uBlockOrigin/comments/1212vbf/badware_risks_fake_tor_browser_site/
0.0.0.0 tor-browser-rus.ru
# https://www.reddit.com/r/uBlockOrigin/comments/1204r6t/this_should_probably_be_blocked_if_i_must_say/
0.0.0.0 adblockers.b-cdn.net
0.0.0.0 pleasetrack.com
# https://github.com/hagezi/dns-blocklists/issues/809
0.0.0.0 getsupport-lcloud.com
# https://github.com/uBlockOrigin/uAssets/pull/17424
0.0.0.0 octopus-warriors.com
# https://forums.malwarebytes.com/topic/296601-syswow64cmdexe-continous-alert-from-malwarebytes/
0.0.0.0 doorspa.shop
# malware
0.0.0.0 official-expert.org
0.0.0.0 file-uploud.site
# https://github.com/durablenapkin/scamblocklist/issues/31
0.0.0.0 balkeryswep.online
# https://github.com/durablenapkin/scamblocklist/issues/29
0.0.0.0 youtubee.com
0.0.0.0 youtunbe.com
0.0.0.0 twiiiter.com
0.0.0.0 twitterr.com
0.0.0.0 goglle.com
0.0.0.0 toyrube.com
0.0.0.0 yahhhoo.com
# https://forums.malwarebytes.com/topic/296944-malware-blocked-when-doing-a-google-search/
0.0.0.0 prodfliying.com
# https://threatfox.abuse.ch/ioc/1104536/
0.0.0.0 js.msedgeupdate.com
0.0.0.0 msedgeupdate.com
# https://app.any.run/tasks/00d5d80b-3924-4421-8780-7ba796d7b825
# https://tria.ge/230420-anfn8agb9z/behavioral1
0.0.0.0 portalproveedores.com.mx
# https://threatfox.abuse.ch/ioc/1063263/ https://threatfox.abuse.ch/ioc/1028975/
# https://github.com/durablenapkin/scamblocklist/issues/36
0.0.0.0 ledgerlivewallets.com
0.0.0.0 nanoweb3-rarityledgertech.com
0.0.0.0 ledger-liveweb3app.com
0.0.0.0 shop-nanox.com
0.0.0.0 ledgerlive.mobi
0.0.0.0 ledgerlives.live
0.0.0.0 ledgers.network
# https://blog.morphisec.com/in2al5d-p3in4er
0.0.0.0 cv-builder.site
0.0.0.0 siamaster.com.mx
0.0.0.0 chatgptex.us
# https://www.reddit.com/r/uBlockOrigin/comments/1304khl/badware_sites/
0.0.0.0 actionclassicgames.com
0.0.0.0 allin1convert.com
0.0.0.0 allinonedocs.com
0.0.0.0 anytimeastrology.com
# https://github.com/uBlockOrigin/uAssets/blob/fc2d7bd065b3e79d945fcfdc0da73ff33f6ea089/filters/badware.txt#L3038-L3044 (hopefully I understood the license right, if not, I can delete this)
0.0.0.0 myway.com
# https://forums.malwarebytes.com/topic/297334-our-company-website-shows-riskware-from-a-different-domain/
0.0.0.0 life.judyfay.com
0.0.0.0 xjquery.com
# https://virustotal.com/gui/url/f68044fcf6f1a22b4b1d06cae0dddefa4bd7282377ba16a2a6222379414a6073/community
# https://app.any.run/tasks/ea625e50-b943-4e69-ae48-03231219b07f (my analysis)
# https://www.bleepingcomputer.com/news/security/new-atomic-macos-info-stealing-malware-targets-50-crypto-wallets/
0.0.0.0 amos-malware.ru
# https://app.any.run/tasks/5fddd235-4433-4376-9a75-39a28b018f6b
0.0.0.0 realtorstrust.com
# https://app.any.run/tasks/d40fc871-4942-4acd-8d6a-d8f4baae1f32
0.0.0.0 kuyhaa-me.id
0.0.0.0 omnicad.click
0.0.0.0 oppodlfile.click
# https://github.com/durablenapkin/scamblocklist/issues/37
# (my analysis) https://app.any.run/tasks/21412739-6fc1-4a9e-9b35-ad2d8224bb46
# (my analysis) https://tria.ge/230502-nebwkaag58/behavioral1
# (my analysis) https://www.hybrid-analysis.com/sample/d293ec55b0425e8731b17b814b5d9c9abe73b9ee10f8ae808f1ec0f4a969aebe
0.0.0.0 youtubebplan.com
0.0.0.0 www.youtubebplan.com
# https://forums.malwarebytes.com/topic/297425-annoying-outbound-443-malware/
0.0.0.0 87cibrsm009t2lj.buzz
# https://forums.malwarebytes.com/topic/297570-phishing/ (account required)
0.0.0.0 0.drroham.ir
0.0.0.0 drroham.ir
# shared by ryan
0.0.0.0 updatefreecompletelytheproduct.vip
# https://github.com/hagezi/dns-blocklists/issues/1013
0.0.0.0 revanced.io
# https://www.reddit.com/r/uBlockOrigin/comments/139u3yf/malicious_domain_to_block_used_by_hacked_manga/
0.0.0.0 gdpr.web0.eu
# https://forums.malwarebytes.com/topic/297655-malware-and-popup-in-my-pc/?do=findComment&comment=1566331
0.0.0.0 threatdetect.org
# https://www.malwarebytes.com/blog/threat-intelligence/2023/05/fake-system-update-drops-new-highly-evasive-loader
0.0.0.0 qqtube.ru
0.0.0.0 xxxxxxxxxxxxxxx.ru
0.0.0.0 activehdd.ru
0.0.0.0 oled8kultra.ru
0.0.0.0 xhamster-18.ru
0.0.0.0 activessd6.ru
0.0.0.0 activedebian.ru
0.0.0.0 shluhapizdec.ru
0.0.0.0 04042023.ru
0.0.0.0 clickaineasdfer.ru
0.0.0.0 moskovpizda.ru
0.0.0.0 pochelvpizdy.ru
0.0.0.0 evatds.ru
0.0.0.0 click7adilla.ru
# https://virustotal.com/gui/file/dd45a0f40e75b051871fefd4ddb1ce6dcf130d4e172010c0753e01c1a6523666/relations
0.0.0.0 zexeq.com
0.0.0.0 colisumy.com
# https://virustotal.com/gui/url/4cbb55b62fe8bc2acdaa79d3c4fd3a6d33c0d5eed287bbe655fc117c6bdeb0a3/community
# (my analysis) https://app.any.run/tasks/2de7c1a5-bfe4-4b48-a1e5-b7d8c059cbd0
# (my analysis) https://tria.ge/230512-xhsg6agd4v/static1
0.0.0.0 0ffice-3-6-5.ltd
# https://tria.ge/230512-tj6jmadg34
# https://github.com/hagezi/dns-blocklists/issues/1039
0.0.0.0 revolut-pl-id.com
# https://github.com/durablenapkin/scamblocklist/issues/47
0.0.0.0 elontesla23.pro
0.0.0.0 join2musk.com
0.0.0.0 teslabrc.com
# https://forums.malwarebytes.com/topic/297825-not-sure-if-i-am-being-hacked/?do=findComment&comment=1567599
0.0.0.0 redirection-to-the-offer.info
# https://github.com/uBlockOrigin/uAssets/issues/18115
0.0.0.0 needyscarcasserole.com
# https://github.com/durablenapkin/scamblocklist/issues/52
0.0.0.0 baltic79.wordpress.com
0.0.0.0 visoedifica.com
0.0.0.0 balticpipe.wordpress.com
0.0.0.0 baltic-pipe-finansowy.blogspot.com
0.0.0.0 kneel-offers.com
0.0.0.0 dunkansp.info
0.0.0.0 finnews7.wordpress.com
0.0.0.0 tbg-lmtd.com
0.0.0.0 crm2.tbg-lmtd.xyz
0.0.0.0 tbg-lmtd.xyz
0.0.0.0 polish-money-matters.blogspot.com
0.0.0.0 fazpowerdenet.tumblr.com
0.0.0.0 dgbdhvqpwvplersqjytw.dunkansp.info
# (my analysis) https://tria.ge/230519-1bgzmagd36/behavioral1
# (not my analysis) https://threatfox.abuse.ch/ioc/1115696/
# https://github.com/uBlockOrigin/uAssets/issues/18141
0.0.0.0 skytils.net
0.0.0.0 skyblockmaniacs.net
0.0.0.0 fragbots.net
# https://virustotal.com/gui/url/36d76f53c996bad26ba5656fb33557814a0ddbb55f43c8836daa964d3815db9e/community
# (my analysis) https://app.any.run/tasks/76eeda9c-a72f-4743-83b3-a49f80d0a1ce
0.0.0.0 steelseries.club
# https://github.com/badmojr/1Hosts/issues/1407
0.0.0.0 easynavigation.site
# https://forums.malwarebytes.com/topic/298168-domclickextxyz
0.0.0.0 domclickext.xyz
# https://github.com/hagezi/dns-blocklists/issues/1071
0.0.0.0 hard-configurator.com
# https://github.com/uBlockOrigin/uAssets/issues/18206
0.0.0.0 fitgirl.cc
# https://github.com/uBlockOrigin/uAssets/issues/18205
0.0.0.0 fitgirlrepacksite.com
# https://tria.ge/230525-z8rpnacd92/behavioral2
# https://bazaar.abuse.ch/sample/a76c4f346a0f72cc1fcf8c471abb0ecd2e914c5863a4f4556d884212f8d3b2fb/
# spam on Malwarebytes forums (taken down)
# https://app.any.run/tasks/c084b570-6946-4878-ab48-8db1dc4ed659
# https://tria.ge/230530-m4zhgshb97/behavioral2
0.0.0.0 activatorscrack.com
0.0.0.0 ed5tfdhjy.click
0.0.0.0 mjko06yh.cfd
0.0.0.0 bh998ik.click
0.0.0.0 maper.info
# https://www.reddit.com/r/uBlockOrigin/comments/134b450/please_add_adblock_badware/
0.0.0.0 softronline.click
# https://github.com/mitchellkrogza/phishing/pull/232#issuecomment-1570214480
0.0.0.0 bibtu.com
0.0.0.0 xajibur.ru
0.0.0.0 ponafet.ru
0.0.0.0 baarspo.ru
0.0.0.0 crophysi.ru
0.0.0.0 gimoguvi.ru
# https://github.com/uBlockOrigin/uAssets/issues/18332
0.0.0.0 goglel.com
# https://virustotal.com/gui/url/0ed4615c9ee045c652ae76001f55252a665cacbea0ed623909f8a780cbfd564d/community
# my analysis: https://app.any.run/tasks/0d2fac2a-6485-4d2d-941c-782acfddd966
0.0.0.0 mreilly.s3.eu-central-003.backblazeb2.com
0.0.0.0 zen-leakey.138-68-80-63.plesk.page
# https://tria.ge/230601-z9q5hsha6v/behavioral1
0.0.0.0 softwave.cc
# https://github.com/uBlockOrigin/uAssets/issues/18353
0.0.0.0 easylist.club
0.0.0.0 ww38.easylist.club
# https://virustotal.com/gui/url/36a5536b1c4ca42b01b31bce4ec0be95192c7204cd83461c3dddff151266ba7b/community
# my analysis: https://tria.ge/230602-t1vhpach4z/behavioral1
0.0.0.0 jp6yze3jwx6462c537686e2.inetpr.ru
# https://virustotal.com/gui/url/cb86e12e4d066b4f7b497bf7c9cef0f264db0161cdd55daf91589fd10e97c659/community
# my analysis: https://urlscan.io/result/d059b7b2-f30b-4930-8afd-b0a0fddef658/
0.0.0.0 transporting-api-dlhl.crufaoci.org
# https://palant.info/2023/06/02/how-malicious-extensions-hide-running-arbitrary-code/
0.0.0.0 tryimv3srvsts.com
# https://forums.malwarebytes.com/topic/298691-my-aspnet-website-infected-with-some-wired-malware/
0.0.0.0 usaday.biz
0.0.0.0 abu.usaday.biz
0.0.0.0 us.usaday.biz
0.0.0.0 onepro.club
0.0.0.0 c822c1b63853ed273b89687ac505f9fa.onepro.club
0.0.0.0 738aa8d3bc02eb8712acd0eb2cf6dfd5.onepro.club
0.0.0.0 241fe8af1e038118cd817048a65f803e.onepro.club
0.0.0.0 ba9bf05693b9fa202d922dd43a08f281.onepro.club
# https://tria.ge/230607-m9fmkaac6w/behavioral1
0.0.0.0 rewardarium.com
# https://tria.ge/230607-m9fmkaac6w/behavioral2
0.0.0.0 acarcheartheles.com
# malware on youtube - https://bazaar.abuse.ch/sample/4d152234f168692459b482981f469e96e4f933360295cd64f5089370a4b07118/
0.0.0.0 boraflow.click
# https://tria.ge/230607-zarl1aff36/behavioral1
# more malware on YT - https://bazaar.abuse.ch/sample/bb02043cb749f91364f655b35404dc37e517d6aa7cdcbf474bee1fa6be5abe5f/
# https://tria.ge/230607-z5gqaaga69/behavioral2
# https://github.com/StevenBlack/hosts/issues/2250#issuecomment-1582846967
# my analysis: https://app.any.run/tasks/b359cc64-2f3b-44e9-8d60-ebe6f9788bf8
0.0.0.0 skinport.com.mx
# https://virustotal.com/gui/file/c1fd1add4ffabaa9e5ab244b5fa4b14aba53af379d5d59ae38f9e16e27fc1360/community (shared by JaffaCakes118)
0.0.0.0 doenerium.kqnfkpoccicxiudstqonfotuwsrhuxkwhqjjfsbjhonoubrccy.nl
# https://forums.malwarebytes.com/topic/298978-potential-threat-blocked-website-appears-malicious-scan-says-virus-free/
0.0.0.0 garuq.com
# https://bazaar.abuse.ch/sample/d41166f1c8bbd3c6bbac0f5c96c4dc867d501c3ce5aeb056686ffa28652facef/ (not my sample, credit to r3dbU7z)
# my analysis (dropped file): https://tria.ge/230611-paf56ahg4v/behavioral2
# my analysis (dropped file): https://app.any.run/tasks/e1f1f0fa-8d92-4270-b422-801cfe91d189
0.0.0.0 josemonila.ddnsfree.com
# https://github.com/StevenBlack/hosts/issues/2358
0.0.0.0 assistant-chronopost.com
# https://virustotal.com/gui/ip-address/213.226.123.202/relations
0.0.0.0 canadapost-tracking.net
# https://github.com/badmojr/1Hosts/issues/1482
0.0.0.0 aoikerala.in
# https://virustotal.com/gui/file/7840cb8d12d3a20f265802531f19e7d58928167a37a58b631fa468d78e417a14/community
# my analysis: https://app.any.run/tasks/864669a8-c96e-4971-9810-1427b4343120
0.0.0.0 promo-cccleaner.org
# https://tria.ge/230623-r72t8sfe33
# https://tria.ge/230623-25exssae3x/behavioral1
# https://app.any.run/tasks/036fbeb1-adc1-4f00-93ec-aa337f7b05dd
0.0.0.0 scholadvice.com
0.0.0.0 pejik.com
0.0.0.0 bthp.com.pk
0.0.0.0 dokumentasoluciones.com
# https://forums.malwarebytes.com/topic/299263-claims-to-be-google-bard-ai/ (account required)
# https://forums.malwarebytes.com/topic/299557-malware-sample-suspected-crypto-stealer/ (account required)
# my analysis: https://tria.ge/230629-tq712aeb59/behavioral1
0.0.0.0 infinitycrypto.app
0.0.0.0 infinitywallet-dapps.b-cdn.net
# https://github.com/uBlockOrigin/uAssets/pull/18686
0.0.0.0 roundyearfun.com
# https://github.com/uBlockOrigin/uAssets/issues/18678
0.0.0.0 nekogram.org
0.0.0.0 t188telegram.xyz
0.0.0.0 websocket40001.hgspz.com
0.0.0.0 netkefu.hgspz.com
0.0.0.0 imganalyze.hgspz.com
0.0.0.0 www.tellegrom.xyz
# https://forums.malwarebytes.com/topic/299589-suspicious-file/ (account required)
# my analysis: https://tria.ge/230630-tngfaseg9t/behavioral1
0.0.0.0 biustargamez.itch.io
# https://forums.malwarebytes.com/topic/299435-help-with-redirects-on-my-google-browser/
0.0.0.0 searchokay.com
0.0.0.0 srvtrck.com
0.0.0.0 r.srvtrck.com
# malware infection:
# Edge Extension: (Apps) - C:\Users\User2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pejhfhcoekcajgokallhmklcjkkeemgj [2023-06-24] [UpdateUrl:hxxps://extappupdate.com/crx/updates.xml] <==== ATTENTION
# Edge HKLM\...\Edge\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2022-11-27]
# CHR Extension: (Apps) - C:\Users\User2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejhfhcoekcajgokallhmklcjkkeemgj [2023-06-24] [UpdateUrl:hxxps://extappupdate.com/crx/updates.xml] <==== ATTENTION
0.0.0.0 extappupdate.com
# CHR DefaultSearchURL: Profile 1 -> hxxps://find.fnavigate-now.com/results.aspx?d=092122&n=9998&q={searchTerms}&gd=RD1002806&searchsource=58
0.0.0.0 find.fnavigate-now.com
# https://tria.ge/230707-zfx1zacf4s/behavioral1
# https://tria.ge/230709-z9e29aga59/behavioral1
# https://tria.ge/230711-xsyf6abf3y/behavioral2
# https://virustotal.com/gui/url/ff883d9b80c27b78b2b303c12d3e57d5a2664ac35ccf41fdd6bbdbfbb97b613f/community (credit to IceFlame)
# my analysis: https://app.any.run/tasks/c386fa43-f566-4df4-a7d9-61f387da92f3
0.0.0.0 southbayleadgen.com
# https://app.any.run/tasks/2e736410-ed5d-4c7e-9eb2-79ee3c578f37
0.0.0.0 ezsoftware.fun
# https://tria.ge/230710-yhtkwsec9y/behavioral2
# https://github.com/AdguardTeam/AdguardFilters/issues/155936
0.0.0.0 truanet.com
# https://www.malwarebytes.com/blog/threat-intelligence/2023/07/malicious-ad-for-usps-phishes-for-jpmorgan-chase-credentials
0.0.0.0 logictrackngs.com
0.0.0.0 super-trackings.com
0.0.0.0 web-trackings.com
0.0.0.0 tracks4me.biz
0.0.0.0 forgetrackng.com
# https://virustotal.com/gui/url/18581d709d6be180d2cd174b888202020b54b086aa1efc9365ea6ebf742d0217
# my analysis: https://app.any.run/tasks/827c21c1-e63b-4fad-9000-2955bc5b81e3
0.0.0.0 chijkkkll.pages.dev
0.0.0.0 decentrall.online
# https://tria.ge/230711-tmceyshg22/behavioral2
0.0.0.0 thepcworlds.com
0.0.0.0 tdamassoficial.com
0.0.0.0 /passwd_2023_thepcworldspublics.rar|
# https://tria.ge/230711-yl3yqsaf52/behavioral1
# https://tria.ge/230711-1gyjkaag79/behavioral1
0.0.0.0 reserchvpn.com
# https://app.any.run/tasks/5de2b47e-fc4e-489b-a6b6-04454c4b61de
# https://tria.ge/230711-1xcxssbh5z/behavioral1
0.0.0.0 razesoft.mdetecnologia.com
# infected VM
0.0.0.0 lvsgj.ourmarketingefi.info
0.0.0.0 allcommonstories.com
0.0.0.0 m.allcommonstories.com
# https://github.com/uBlockOrigin/uAssets/issues/18963
0.0.0.0 fitgirl-repack.com
# https://forums.malwarebytes.com/topic/300219-outbound-traffic-alerts-from-malwarebytes/
# not my analysis: https://app.any.run/tasks/586f952d-141e-4dae-a4c4-73523cde2f5a/
# not my analysis: https://app.any.run/tasks/523b7f48-dae3-4854-b944-1facb01f8645/
# https://forums.malwarebytes.com/topic/301834-pretty-sure-i-have-a-nasty-rat-msbuild-outgoing-being-blocked-constantly/
0.0.0.0 spexjs.com
# https://app.any.run/tasks/1aabe39d-a1f9-41e4-81b3-9e84a174ffc5
# malware download
0.0.0.0 kellmda.click
# many malware YouTube videos
# malware
0.0.0.0 lorealis.vip
# https://tria.ge/230717-phq1bscd4y/behavioral2
# https://urlhaus.abuse.ch/url/2684551/
0.0.0.0 updateadobeflash.website
# https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-wordpress-woocommerce-payments-bug/
# https://github.com/hagezi/dns-blocklists/issues/1327
0.0.0.0 bgrfmi.com
0.0.0.0 bpdnct.com
0.0.0.0 bphfmm.com
0.0.0.0 eweukr.com
0.0.0.0 gycqna.com
0.0.0.0 hcafpg.com
0.0.0.0 ingzhe.com
0.0.0.0 irtvro.com
0.0.0.0 jggjh.com
0.0.0.0 mnawew.com
0.0.0.0 nlxini.com
0.0.0.0 nvcrcf.com
0.0.0.0 qmsvnh.com
0.0.0.0 ritedn.com
0.0.0.0 rrtype.com
0.0.0.0 vgrcxa.com
0.0.0.0 vgsksc.com
0.0.0.0 whcfmp.com
0.0.0.0 xyzgnc.com
0.0.0.0 ybcgju.com
0.0.0.0 jhzhis.com
0.0.0.0 udwuyw.com
0.0.0.0 zayatr.com
# https://forums.malwarebytes.com/topic/300300-inbound-connections-attempts-sfc-found-corrupt-files-am-i-infected/
0.0.0.0 zappiehost.com
0.0.0.0 tchangway.hk
# https://virustotal.com/gui/url/044d4e3d1e58f48e42cfb936d6ce3ab244bc85b8f0b1d5a84f3916584156bbd2/community
# my analysis: https://app.any.run/tasks/9ead09a0-6f56-477b-8a27-9a85c5a803e6
0.0.0.0 bafkreibm2c232v5uuz7vkxcdkwdjye6oaoasxg5zkye7y3oyodm6olulou.ipfs.dweb.link
0.0.0.0 lkalzzop.online
# https://virustotal.com/gui/url/1696219caa54a048bb1fa0c1e95aaf80b7336ddcbdcca5a2c24ae2847a62cd03/community
# https://app.any.run/tasks/bce8c275-c977-46ee-bf0b-df5b0d9b2386
0.0.0.0 softwarextra.com
# https://tria.ge/230720-29xy6sba84/behavioral1
0.0.0.0 tds-packages-update.com
# https://virustotal.com/gui/url/b3657b1279397010fa1735997ddd8605ff2093d50147387b5bf2ef5abace0509/community
# my analysis: https://tria.ge/230720-3lb78sbb48/behavioral1
0.0.0.0 tracking-express-ups.com
# malware download: https://virustotal.com/gui/url/8d6014420a75e2f33b9a2c1c2e33984df5e6ce0a178c8275af498251f02f1500/detection
0.0.0.0 nht42we.click
0.0.0.0 3efrewss.click
# https://tria.ge/230721-y239fahc9y/behavioral2
0.0.0.0 gstatic-node.io
# https://virustotal.com/gui/url/ad56257de36b1955113d7894423cc4d5b37d07ed5ade66b1fad5e73b830b1467/detection
0.0.0.0 freesoftonic.cc
0.0.0.0 kitchx.click
0.0.0.0 ki8hy78.click
# not my analysis: https://tria.ge/230721-bh1mwaca9x/behavioral2 (credit to Neiki)
0.0.0.0 cdn-prok.site
# https://tria.ge/230719-sww1aahh3z/behavioral2
0.0.0.0 igsufb.top
# https://app.any.run/tasks/87d4e9bb-6697-4a2e-9323-fa5b403ed161/ (not my analysis)
# my analysis: https://tria.ge/230723-pzsv9aef9y/behavioral2
# not my analysis: https://tria.ge/230723-zxzacshc8y/behavioral1
# https://github.com/blocklistproject/Lists/issues/1051
0.0.0.0 posthu-parcel.com
# https://tria.ge/230724-w9z6mshb5t/behavioral1
0.0.0.0 fast.dope.autos
0.0.0.0 gesmart.site
0.0.0.0 sanseemp.com
0.0.0.0 upgrade-phone.club
# https://virustotal.com/gui/ip-address/207.154.243.69/relations
0.0.0.0 update-smart.club
0.0.0.0 cleaner-update.club
0.0.0.0 speedupdate.club
0.0.0.0 good-update.club
# https://forums.malwarebytes.com/topic/300624-trojan-scr/ (account required)
0.0.0.0 eclatearns.documentbusinesses.online
0.0.0.0 documentbusinesses.online
# https://virustotal.com/gui/url/f62b759f779f1c100fb67073edc12ccf1c955466603fbecac871e8942d1d6c04/community
# my analysis: https://app.any.run/tasks/d8e8ee8f-9132-4adf-a656-db398ff6570b/
0.0.0.0 formulagile.xyz
# https://forums.malwarebytes.com/topic/300693-fake-steam-login/ (account required)
0.0.0.0 csgofloat.br.com
# https://virustotal.com/gui/file/48987d9c89542a8cb4f8d34eb34902a4762cc8643c0e491deb6115907db4887b/detection
0.0.0.0 licensevilla.com
0.0.0.0 kemmakhao.click
# https://tria.ge/230730-23lybsbf53/behavioral2
0.0.0.0 trapmusics.xyz
0.0.0.0 hopvibestravel.co.za
# https://github.com/uBlockOrigin/uAssets/issues/19248
# https://www.reddit.com/r/uBlockOrigin/comments/15hxgnd/why_ublock_blocks_revanced/
0.0.0.0 revanced.net
# https://forums.malwarebytes.com/topic/300835-infected-android-chrome-popups-sycaratecom-and-psequeldegastecom/
0.0.0.0 psequeldegaste.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/648114
# https://tria.ge/230805-s5szzsde27/behavioral1
0.0.0.0 thehipsteragency.com
# https://github.com/uBlockOrigin/uAssets/issues/19287
0.0.0.0 keen-chaussure.fr
0.0.0.0 keen-france.fr
0.0.0.0 keenshoesfrance.com
0.0.0.0 keenfrance.fr
0.0.0.0 keen-fr.com
0.0.0.0 keen-chaussures.com
0.0.0.0 keenfrancefr.com
0.0.0.0 keenfr.com
0.0.0.0 keen-chaussures.fr
# https://github.com/hagezi/dns-blocklists/pull/1405
0.0.0.0 pnsys.info
0.0.0.0 drto.info
# https://tria.ge/230810-1l7ysshc39/behavioral1
0.0.0.0 dowloadkeepfilezzz.website
0.0.0.0 dowloadslek2.website
# https://virustotal.com/gui/url/5e2bca9dd17e62cc262c1b690311a5585dc8833be8907012560f875948cd1b56/community
# my analysis: https://tria.ge/230815-ntkr1scd9z/behavioral1
0.0.0.0 gerentesbp.live
# https://forums.malwarebytes.com/topic/301391-can-you-check-if-im-infected/
# https://forums.malwarebytes.com/topic/301390-possible-malware-ransomware-targetting-digital-ads-managers/ (account required)
# https://tria.ge/230819-mm3htaaf9x/behavioral1
# https://0xacab.org/my-privacy-dns/matrix/-/issues/651731
# https://tria.ge/230819-2dtlwaeb3w/behavioral1
0.0.0.0 ttschmidt.de
0.0.0.0 ionos.es.ttschmidt.de
0.0.0.0 mail.ionos.es.ttschmidt.de
0.0.0.0 www.mail.ionos.es.ttschmidt.de
# https://virustotal.com/gui/url/1047e6ba16911079c6d9864f20014160a6f8595fcc9bec477e969ea9aee02e75/community
# my analysis: https://tria.ge/230821-m1ph4seb6w/behavioral1
0.0.0.0 tfdee.tempurl.host
# https://github.com/hagezi/dns-blocklists/issues/1467
# https://tria.ge/230824-njm5dsdg2z/behavioral1
0.0.0.0 revanced.info
# https://virustotal.com/gui/url/9a4ac61a77f8bbf751b94f4ba1d0196cce57cf3bb5cb05fb030033ae42c7e67d/community
# my analysis: https://tria.ge/230829-mw1qksfa41/behavioral1
0.0.0.0 changzhoujijinxuexi.cn
0.0.0.0 qftwpl.icu
# https://www.bleepingcomputer.com/news/security/childrens-snack-recalled-after-its-website-caught-serving-porn/
0.0.0.0 appykidsco.com
# https://github.com/hagezi/dns-blocklists/issues/1532
0.0.0.0 corrpls-it-cl.top
# https://www.youtube.com/watch?v=DUbemJF_3zE
0.0.0.0 /wp-admin/install.exe|
# https://www.bleepingcomputer.com/news/security/evil-telegram-android-apps-on-google-play-infected-60k-with-spyware/
0.0.0.0 telegrnm.org
0.0.0.0 sg.telegrnm.org
# https://www.bleepingcomputer.com/news/security/free-download-manager-site-redirected-linux-users-to-malware-for-years/
0.0.0.0 fdmpkg.org
0.0.0.0 deb.fdmpkg.org
# from DandelionSprout
0.0.0.0 mobiilipaivitys.com
# https://github.com/hagezi/dns-blocklists/issues/1574
0.0.0.0 blogspot.edolio5.com
0.0.0.0 pdfviewer.app
0.0.0.0 efsyn.news
0.0.0.0 zougla.news
0.0.0.0 tvxs.news
0.0.0.0 lubentv.com
0.0.0.0 emvolio-gov.gr
# https://github.com/AdguardTeam/AdguardFilters/issues/161711
0.0.0.0 yourfirstfunnelchallenge.com
# https://github.com/libre-tube/LibreTube/issues/4409#issuecomment-1722268425
0.0.0.0 libretube.app
# https://virustotal.com/gui/url/51a5c613fa07f8301aa68fa16e7307dbf3bf0b0dcfa015632895d7ebf7ca36d3/community
# my analysis: https://tria.ge/230918-nj1eqagh7x/behavioral1
0.0.0.0 bookingcomdetails.blogspot.com
# from alex-302 (https://listauthorschat.slack.com/archives/C010PK1A022/p1695126381709399)
0.0.0.0 urnigarted.com
# from ryanbr (https://listauthorschat.slack.com/archives/C05G8V3NERH/p1695384508520369)
# https://infosec.exchange/@iampytest1/111110261616364360
# https://github.com/AdguardTeam/AdGuardSDNSFilter/issues/1488
#!! ||bsc-dataseed1.binance.org^
0.0.0.0 ioiubby73b1n.com
# https://github.com/hagezi/dns-blocklists/issues/1615
0.0.0.0 zlibrary-africa.se
# https://infosec.exchange/@iampytest1/111128685460057192
0.0.0.0 uspscd.com
# https://github.com/hagezi/dns-blocklists/issues/1631
0.0.0.0 nightnitroglass.com
0.0.0.0 whitelinetosplit.com
0.0.0.0 from.whitelinetosplit.com
0.0.0.0 bluesmallbutterfly.com
0.0.0.0 0.bluesmallbutterfly.com
# https://www.bleepingcomputer.com/news/security/fake-bitwarden-sites-push-new-zenrat-password-stealing-malware/
0.0.0.0 bitwariden.com
0.0.0.0 crazygameis.com
# https://github.com/hagezi/dns-blocklists/issues/1640
0.0.0.0 uskjnx.top
0.0.0.0 usplod.top
# https://github.com/DandelionSprout/adfilt/discussions/779#discussioncomment-7137675
0.0.0.0 pl.coe777.com
0.0.0.0 86pmafno21mst.com
##if ext_ublock

##endif
##if adguard
0.0.0.0 ostrowlubelski.pl
##endif
# https://virustotal.com/gui/domain/login-office365.info/community
0.0.0.0 login-office365.info
# https://virustotal.com/gui/url/69605c3cbd15c8e60dd1f96874f84ae23c73c87bcba7e2b9273e43262f38f2c9/community
# my analysis: https://tria.ge/231002-nx5xcshg8s/behavioral1
0.0.0.0 tr22k8eo3d4l9rtt7ezm.uv2y.ru
# https://web.archive.org/web/20231002133931/https://forums.malwarebytes.com/topic/302965-rtp-detection-trojan/
# https://github.com/dhowe/AdNauseam/issues/2405
# my analysis: https://tria.ge/231002-r1qtdsbf71/behavioral1
0.0.0.0 reepittens.com
# my analysis: https://tria.ge/231002-r3eh5sbf9y/behavioral1
0.0.0.0 torixibre.com
0.0.0.0 qyt8pi.torixibre.com
# my analysis: https://tria.ge/231002-r6zcqadd47/behavioral1
0.0.0.0 anybodyproper.com
0.0.0.0 violationphysics.click
# my analysis: https://tria.ge/231002-r8fndsdd57/behavioral1
0.0.0.0 buadss.com
0.0.0.0 dateadore.com
# https://github.com/hagezi/dns-blocklists/issues/1652
0.0.0.0 scribdbook.top
0.0.0.0 librilibs.com
0.0.0.0 dleggere.com
0.0.0.0 mujib-store28.blogspot.com
# my analysis: https://tria.ge/231002-w6m2xadg3s/behavioral1
0.0.0.0 xn4iqv.succyarthyry.com
# https://virustotal.com/gui/domain/succyarthyry.com/relations
0.0.0.0 kxkxgw.succyarthyry.com
0.0.0.0 581358.succyarthyry.com
0.0.0.0 2ntrfi.succyarthyry.com
0.0.0.0 fjvv2i.succyarthyry.com
0.0.0.0 hyjecr.succyarthyry.com
0.0.0.0 mkhvuv.succyarthyry.com
0.0.0.0 37yito.succyarthyry.com
0.0.0.0 0wvghk.succyarthyry.com
0.0.0.0 invv7n.succyarthyry.com
0.0.0.0 nze0xw.succyarthyry.com
0.0.0.0 ixzc4t.succyarthyry.com
0.0.0.0 bdhze4.succyarthyry.com
0.0.0.0 hzgsp3.succyarthyry.com
0.0.0.0 qwwnvw.succyarthyry.com
# https://urlhaus.abuse.ch/url/2716031/
# my analysis: https://tria.ge/231003-neebpaca39/behavioral1
0.0.0.0 meshitislaw.com
0.0.0.0 uploaddeimagens.com.br
0.0.0.0 coloradokibosafarihostel.co.tz
# https://urlhaus.abuse.ch/url/2716407/
# my analysis: https://tria.ge/231004-va4t4sdb3x/behavioral1
0.0.0.0 qpurrybeatmecamtest.ddns.net
# https://virustotal.com/gui/file/3b08d4a26c787252cf1a485ae91982e9afd5bee4324402737dcb519b68a1c224/relations
# added after email - unsure where I found this in the first place
0.0.0.0 millionjobs.works
# https://github.com/libre-tube/LibreTube/issues/4409
0.0.0.0 libretube.net
# https://securityintelligence.com/posts/x-force-uncovers-global-netscaler-gateway-credential-harvesting-campaign/
0.0.0.0 jscloud.ink
0.0.0.0 jscloud.live
0.0.0.0 jscloud.biz
0.0.0.0 jscdn.biz
0.0.0.0 cloudjs.live
# https://virustotal.com/gui/url/c7f655bd7dfc420f022a96a30214460372a6ab74d6ed24ada16809bb9bf3dfa8/community
# my analysis: https://web.archive.org/web/https://tria.ge/231008-w9akzsfb7v/behavioral1
0.0.0.0 weibo-b5game.com
# https://tria.ge/231009-m46lssed76/behavioral1 (cloudflared)
0.0.0.0 videocampaign.co
0.0.0.0 myreloads.com
0.0.0.0 viimsical.com
0.0.0.0 s.viimsical.com
0.0.0.0 /fkb225bp9b03izhmtd-qv-njq3ibclf19brrgtaixfu/?cid=
0.0.0.0 /zslvdo9tazaam8czhxdhfhsjplrrnkjz1aolilflja8/?clck=*&sid=
0.0.0.0 inroadslab.com
0.0.0.0 happeningurinepomposity.com
0.0.0.0 instantgreenapp.com
0.0.0.0 free.instantgreenapp.com
0.0.0.0 secure.instantgreenapp.com
# https://github.com/uBlockOrigin/uAssets/issues/20036
0.0.0.0 googleseo.life
0.0.0.0 a5jogo.club
0.0.0.0 v37870.com
0.0.0.0 coe777.com
# https://web.archive.org/web/20231010220704/https://tria.ge/231010-1rdl5sfg68/behavioral1
0.0.0.0 tiger.qnews.media
0.0.0.0 imbolexabc.top
0.0.0.0 s8bet.com
# https://www.fortinet.com/blog/threat-research/Iz1h9-campaign-enhances-arsenal-with-scores-of-exploits
# https://tria.ge/231014-mgpprscc8y/behavioral1
0.0.0.0 unawarelinkedlaid.com
0.0.0.0 unacceptableironicaldrone.com
0.0.0.0 suchbasementdarn.com
0.0.0.0 beakerweedjazz.com
0.0.0.0 pcsafetysurvey.com
0.0.0.0 veritiesgarlejobade.com
0.0.0.0 amazingcontent.site
0.0.0.0 loading.amazingcontent.site
0.0.0.0 6chd.loading.amazingcontent.site
0.0.0.0 cadrctlnk.com
0.0.0.0 clickmint3.online
0.0.0.0 e9a53154b4.com
0.0.0.0 50b1f7a005.e9a53154b4.com
0.0.0.0 systemsecurity.click
0.0.0.0 i39ay.top
0.0.0.0 pupur.pro
0.0.0.0 alleubreakyailb.click
0.0.0.0 karoon.xyz
0.0.0.0 eu.karoon.xyz
0.0.0.0 kident.xyz
0.0.0.0 news-sitogi.com
# https://github.com/hagezi/dns-blocklists/issues/1703
0.0.0.0 metabrastaxenis.com
0.0.0.0 ouisuamprert.com
0.0.0.0 scincormatize.com
0.0.0.0 nobistech.net
# https://github.com/hagezi/dns-blocklists/issues/1706
0.0.0.0 qlsn5.ru.com
# https://github.com/durablenapkin/scamblocklist/issues/66
0.0.0.0 arduino.uk.eu.org
# https://github.com/hagezi/dns-blocklists/issues/1708
0.0.0.0 bestcrutches.com
# https://infosec.exchange/@briankrebs/111261826129123343
# https://arstechnica.com/security/2023/10/google-hosted-malvertising-leads-to-fake-keepass-site-that-looks-genuine/
0.0.0.0 xn--eepass-vbb.info
# https://forums.malwarebytes.com/topic/303708-worried-about-drive-by-download-from-typoed-address/ (parked)
0.0.0.0 oldreddit.com
# https://virustotal.com/gui/url/7fac2ed0a0a33321bb46c53455d754d0275f23f747d437aa7fb5080dc722c59e/community
0.0.0.0 qrone1vs.top
# https://forums.malwarebytes.com/topic/303710-caspolexe-causing-website-blocked-due-to-riskware-in-malwarebytes/
0.0.0.0 iniwork.4cloud.click
# https://tria.ge/231022-r7pjxahh3w/behavioral1
0.0.0.0 idolforloves.sbs
# https://github.com/hagezi/dns-blocklists/issues/1744
# https://github.com/uBlockOrigin/uAssets/pull/20247
0.0.0.0 magiskzip.net
0.0.0.0 magiskmanagerroot.com
# https://github.com/topjohnwu/Magisk/issues/3435
0.0.0.0 magisk.download
0.0.0.0 magiskmanager.com
# something I found
0.0.0.0 magisk.info
# https://github.com/hagezi/dns-blocklists/issues/1743
0.0.0.0 securescanmtde.com
0.0.0.0 /de-avira/?uclick=*&uclickhash=
# fake
0.0.0.0 /@100-legal-free-discord-nitro-generator-no-human-verification|
# https://github.com/durablenapkin/scamblocklist/issues/68
# https://tria.ge/231023-1xm3rsaa86/behavioral1
0.0.0.0 ninzatool.pw
0.0.0.0 powerboostup.com
0.0.0.0 www.ontajdu3js.com
0.0.0.0 arty2night.com
0.0.0.0 p.arty2night.com
0.0.0.0 /click?pid=*&sub1=
0.0.0.0 quiztionnaire.biz
0.0.0.0 iphone.quiztionnaire.biz
0.0.0.0 offer-select.com
0.0.0.0 rewardflux.com
0.0.0.0 app.rewardflux.com
# https://infosec.exchange/@iampytest1/111292640449421381
# https://tria.ge/231024-3lc5jace3w/behavioral1
0.0.0.0 herew-lmq.com
0.0.0.0 findbestop.com
0.0.0.0 kenant.xyz
0.0.0.0 /74dl/7.html?cep=
0.0.0.0 thefinanceadvice.com
0.0.0.0 adblock1.com
0.0.0.0 install.adblock1.com
0.0.0.0 /3-blck-thefinadv-2clks.html?kw=
0.0.0.0 newupdatesnow.com
# https://forums.malwarebytes.com/topic/303782-new-threat-it-downloads-two-rar-files/#comment-1596622 (account required)
# https://forums.malwarebytes.com/topic/303784-malicious-script/ (account required)
# my analysis: https://tria.ge/231025-ner8jsgh51/behavioral1
0.0.0.0 dms1708.art
0.0.0.0 oliga.canadacentral.cloudapp.azure.com
# https://tria.ge/231025-nk2zyagh81/behavioral1
0.0.0.0 set4theupdatesforever.click
0.0.0.0 supportversion.set4theupdatesforever.click
0.0.0.0 goads.pro
# https://github.com/paulgb/BarbBlock/issues/41
0.0.0.0 bblck.me
# https://github.com/braveinnovators/url-blocklist/issues/3#issuecomment-1783421420
0.0.0.0 perevod-a.shop
# https://tria.ge/231027-2hkvjaae4w/behavioral1
0.0.0.0 ad-blocking24.net
0.0.0.0 dwnld-here.com
0.0.0.0 thatmonkeybites3.com
0.0.0.0 download-portal-now.com
0.0.0.0 kerant.xyz
0.0.0.0 /74ib/7.html?cep=
# https://forums.malwarebytes.com/topic/303877-trojanbitcoinminer-cant-be-removed/
# https://virustotal.com/gui/file/1045127280b64e5d8e7af1efc347089f759860222f1373349d8c4aa1449918db/relations
0.0.0.0 stratum-eu.rplant.xyz
# https://tria.ge/231102-m8cjhsch24/behavioral1
0.0.0.0 walknotice.com
0.0.0.0 thedentadsi24.com
# https://github.com/uBlockOrigin/uAssets/issues/20389
0.0.0.0 ruiukp.top
# https://virustotal.com/gui/url/6afece7c72420223ae6f1700d02c8bee4806a335d23ab120522accba5e45250d
# my analysis: https://tria.ge/231102-nctnlach68/behavioral1
0.0.0.0 synergyproz.com
0.0.0.0 apparaatbeheer-online-abnamro-icscards.codeanyapp.com
# https://bazaar.abuse.ch/sample/b842080ef401cb64de4b9c7d823ef60b0ed4f4bbd42431fbf26db940ece9f4f1/
# my analysis: https://tria.ge/231102-nggjtsch93/behavioral2
0.0.0.0 mouseoiet.fun
# https://bazaar.abuse.ch/sample/9fbd818dc28ea5561278e873bd9b6deb896d4fbaac86209903bdeaad55c6c31a/
# my analysis: https://tria.ge/231102-npbnjsda74/behavioral2
0.0.0.0 ddos.dnsnb8.net
# https://www.bitsight.com/blog/unveiling-socks5systemz-rise-new-proxy-service-privateloader-and-amadey
0.0.0.0 datasheet.fun
# https://github.com/durablenapkin/scamblocklist/issues/69
0.0.0.0 98kk89.com
0.0.0.0 42gixk.98kk89.com
0.0.0.0 9vzn29.98kk89.com
0.0.0.0 nzxsxn.98kk89.com
0.0.0.0 aaodp.com
0.0.0.0 9vyzdk8.lvditoys.com
0.0.0.0 p8ydfra.lvditoys.com
0.0.0.0 qz94.com
# https://virustotal.com/gui/url/c80163bbcc0ddd2e27263730a2a2f65ab0f0ede295d8ce0d6c4dc012ca158e44/community
# my analysis: https://tria.ge/231108-15zfrsfd77/behavioral1
0.0.0.0 arzo.ge
0.0.0.0 0nlinesigning.groupletter.io
# https://forums.malwarebytes.com/topic/304272-browser-guard-claiming-malware-on-regular-google-search-pages/
0.0.0.0 matchgoalsam.com
# https://www.malwarebytes.com/blog/threat-intelligence/2023/11/malvertiser-copies-pc-news-site-to-deliver-infostealer
# https://github.com/hagezi/dns-blocklists/issues/1823
0.0.0.0 argenferia.com
0.0.0.0 realvnc.pro
0.0.0.0 corporatecomf.online
0.0.0.0 cilrix-corp.pro
0.0.0.0 thecoopmodel.com
0.0.0.0 winscp-apps.online
0.0.0.0 wireshark-app.online
0.0.0.0 cilrix-corporate.online
0.0.0.0 workspace-app.online
0.0.0.0 11234jkhfkujhs.site
0.0.0.0 11234jkhfkujhs.top
# https://github.com/uBlockOrigin/uAssets/issues/20553
# https://tria.ge/231110-pftcnsgg26/behavioral1
0.0.0.0 donwnaloadezzal.cfd
0.0.0.0 downloadlekem.sbs
0.0.0.0 stopadblocker.pro
0.0.0.0 chaffewerbureaks.com
0.0.0.0 videoadblocker-pro.net
# https://github.com/avast/ioc/pull/56
0.0.0.0 bombay.com.ar
0.0.0.0 ultracomb.com.ar
0.0.0.0 limpiadorpucho.com.mx
0.0.0.0 coacalco.gob.mx
0.0.0.0 navarro.gob.ar
0.0.0.0 pruebasbonsai.com.ar
0.0.0.0 pnt.info.pl
0.0.0.0 ilogicinstitute.com
0.0.0.0 my.hoqer.com
0.0.0.0 chapasanpedro.com
0.0.0.0 usesoft.net
0.0.0.0 calzadosiris.com
0.0.0.0 ingenieriainsitu.com
0.0.0.0 paolomorettifurs.com
0.0.0.0 www.fefoncrecer.com
0.0.0.0 autoscuola-momo.ch
0.0.0.0 tcastro.com
0.0.0.0 www.steadyrun.com
0.0.0.0 moussedanslabouche.com
# https://tria.ge/231112-pprv7sfb9v/behavioral1
0.0.0.0 paxert.xyz
0.0.0.0 .xyz/74kq/7.html?cep=
0.0.0.0 track.local-hotsite.com
0.0.0.0 downloading-free.com
# https://github.com/hagezi/dns-blocklists/issues/1819
0.0.0.0 anacondastoresaleau.com
0.0.0.0 anacondasale.com
# https://github.com/hagezi/dns-blocklists/issues/1825
0.0.0.0 youcineapp.com
0.0.0.0 magistv.video
0.0.0.0 tele-latino.com
0.0.0.0 telelatino.app
0.0.0.0 youcineapk.org
0.0.0.0 btvapp.net
0.0.0.0 youcine.one
0.0.0.0 youcinetv.app
0.0.0.0 youcinetv.page.link
0.0.0.0 latino9.com
0.0.0.0 fadfatest.pneydn.com
0.0.0.0 pandoramain-1794008345.us-west-2.elb.amazonaws.com
0.0.0.0 romatotti520.oicp.io
0.0.0.0 pandorabackup-1322908155.us-west-2.elb.amazonaws.com
0.0.0.0 pcn.panddna.com
0.0.0.0 ok3.mflve.com
0.0.0.0 apz.bsaldo.com
0.0.0.0 abcr.ftsym1.com
0.0.0.0 fadfa.gdalieyw.com
# https://github.com/hagezi/dns-blocklists/issues/1824
0.0.0.0 more-power-tool.com
0.0.0.0 ryzen-master.com
0.0.0.0 atiflash.ru
0.0.0.0 polaris-bios-editor.ru
0.0.0.0 btc-tools.ru
0.0.0.0 techpowerup-gpu-z.com
0.0.0.0 sapphiretrixx.com
0.0.0.0 srbpolaris.ru
0.0.0.0 clockgen64.com
0.0.0.0 balena-etcher.com
0.0.0.0 nvidiainspector.ru
0.0.0.0 evga-precision.com
0.0.0.0 riva-tuner.com
0.0.0.0 nvflash.ru
0.0.0.0 atikmdagpatcher.com
0.0.0.0 overdriventool.ru
# https://virustotal.com/gui/url/caf096b6a0f7abe29ad126a21545f49418cc003c298a56ac6c967053483d2748/community
# https://tria.ge/231118-wbk9tsfb86/behavioral1
# https://virustotal.com/gui/domain/miccrossoffit.online/community
0.0.0.0 miccrossoffit.online
# https://github.com/uBlockOrigin/uAssets/issues/20760
0.0.0.0 cloudtrck.com
# https://tria.ge/231119-pvcngaag41/behavioral2
0.0.0.0 badbull.pro
# https://virustotal.com/gui/url/009ab0b4a357017cb0c3f948c04f6a79e5252f4a91511ad28f8a411ec7f4adfb/community
# my analysis: https://tria.ge/231120-pn8gkagg71/behavioral1
0.0.0.0 server31.weebly.com
# https://www.eff.org/deeplinks/2023/11/low-budget-should-not-mean-high-risk-kids-tablet-came-preloaded-sketchyware
0.0.0.0 adups.com
0.0.0.0 fota5p.adups.com
# https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/
0.0.0.0 ozaharso.ru
0.0.0.0 nubiumbi.ru
0.0.0.0 acaenaso.ru
0.0.0.0 atonpi.ru
0.0.0.0 suizibel.ru
0.0.0.0 dakareypa.ru
0.0.0.0 ahmozpi.ru
0.0.0.0 nebtoizi.ru
0.0.0.0 squeamish.ru
0.0.0.0 nahtizi.ru
0.0.0.0 crisiumbi.ru
0.0.0.0 arabianos.ru
0.0.0.0 gayado.ru
0.0.0.0 quyenzo.ru
0.0.0.0 credomched.ru
0.0.0.0 lestemps.ru
0.0.0.0 urdevont.ru
0.0.0.0 hoanzo.ru
0.0.0.0 absorbeni.ru
0.0.0.0 aethionemaso.ru
0.0.0.0 aychobanpo.ru
0.0.0.0 ayzakpo.ru
0.0.0.0 badrupi.ru
0.0.0.0 barakapi.ru
0.0.0.0 boskatrem.ru
0.0.0.0 brudimar.ru
0.0.0.0 decorous.ru
0.0.0.0 dumerilipi.ru
0.0.0.0 heartbreaking.ru
0.0.0.0 judicious.ru
0.0.0.0 karoanpa.ru
0.0.0.0 lamentable.ru
0.0.0.0 procellarumbi.ru
0.0.0.0 ragibpo.ru
0.0.0.0 raidla.ru
0.0.0.0 ramizla.ru
0.0.0.0 samiseto.ru
0.0.0.0 superficial.ru
0.0.0.0 talehgi.ru
0.0.0.0 undesirable.ru
0.0.0.0 valefgo.ru
0.0.0.0 vasifgo.ru
0.0.0.0 vilaverde.ru
0.0.0.0 vloperang.ru
0.0.0.0 zerodems.ru
0.0.0.0 geminiso.ru
0.0.0.0 sabirpo.ru
0.0.0.0 andamanos.ru
0.0.0.0 triticumos.ru
# account required: https://forums.malwarebytes.com/topic/304730-cryptocurrency-scam-12/
0.0.0.0 tesla3-model.com
# https://virustotal.com/gui/url/1af9948601134e81fabeecd7eb553524153396b6f98f26f3062ba0a2f9b3e91f/community
# https://virustotal.com/gui/url/e0bada977a3a1e2da13785d8ab03ebe2111f517aa0431e0162296a3cad739452/community
# https://virustotal.com/gui/file/e09af83cfccf4bcc8a51fda76e5fa10e9d0d838aededb6f339551f8363797dc2/community (credit to JaffaCakes118)
0.0.0.0 listpoints.online
0.0.0.0 retghrtgwtrgtg.bounceme.net
0.0.0.0 listpoints.click
0.0.0.0 datastream.myvnc.com
0.0.0.0 gservicese.com
0.0.0.0 center.onthewifi.com
# https://virustotal.com/gui/url/a2daa5d31b78d2c0c0fd62acc4eec2c8168f1314a13c4c6be8a3d6a5e3520677/community
# my analysis: https://tria.ge/231121-r47ajsfb34/behavioral1
0.0.0.0 activat-webmail-serivico.top
# https://forums.malwarebytes.com/topic/304802-malware-affecting-chrome/
0.0.0.0 abyssalforge.top
0.0.0.0 qltuh.abyssalforge.top
# https://github.com/RPiList/specials/issues/1353
0.0.0.0 khw6g09fx28k.cfd
0.0.0.0 49gw5gonj143k.click
0.0.0.0 djxd2ox30l7.click
0.0.0.0 vtreanext.click
0.0.0.0 theratgamez.com
0.0.0.0 fwkldh.click
0.0.0.0 gyhguflo.click
0.0.0.0 hfjdfurhhd.xyz
0.0.0.0 4rf5tgfdfy.click
0.0.0.0 rt54erdfgh.pro
0.0.0.0 dew3hy6.cfd
0.0.0.0 bgtrjuy6.cfd
0.0.0.0 mjiu876tyh.pro
0.0.0.0 lsdkjh.xyz
0.0.0.0 nafsdwas.click
0.0.0.0 ki987yth.pro
0.0.0.0 d589nenr.cfd
0.0.0.0 mi5cr46kg.click
0.0.0.0 9iujhfre3.cfd
0.0.0.0 asdhkl.click
0.0.0.0 se5vy6.click
0.0.0.0 9iuh5tyh.cfd
0.0.0.0 cvasdf.click
0.0.0.0 vgcj2rzjd.cfd
0.0.0.0 jgtek990e.click
0.0.0.0 nnnsjhsh.click
0.0.0.0 clabzeroby.net
0.0.0.0 cvbnrtgf8u.cfd
0.0.0.0 juy6asert67.click
0.0.0.0 jkghfdt.xyz
0.0.0.0 dfhduh.xyz
0.0.0.0 k50c8s2p7.cfd
0.0.0.0 p0jrmnpr7.cfd
0.0.0.0 jnh4afbw7.click
0.0.0.0 xzr9uauq.cfd
0.0.0.0 1lu98dcf0.cfd
0.0.0.0 bn6h9d7tr.cfd
0.0.0.0 hyt5ytr.click
0.0.0.0 t67uyhgf.co
0.0.0.0 crack4hit.com
0.0.0.0 hit4pc.click
0.0.0.0 4vz6ew1li.cfd
0.0.0.0 exs7oilq14cz6.click
0.0.0.0 3zo0grlgm.cfd
0.0.0.0 7nalhxb28rmm.cfd
0.0.0.0 hjdhhfdh.click
0.0.0.0 dk9vqq64cp14e.click
0.0.0.0 losf8uo304l.click
0.0.0.0 ntxkddng28vq7.cfd
0.0.0.0 kjr3y14yt.click
0.0.0.0 a1lky06jn.cfd
0.0.0.0 l97hha31f8h.cfd
0.0.0.0 cwz20w14xn0.click
0.0.0.0 tnzcwlf284.cfd
0.0.0.0 dialogfosti.click
0.0.0.0 myonlyland.com
0.0.0.0 kinovizbx.xyz
0.0.0.0 hw1ip330zc.click
0.0.0.0 ix1n0li6u7273.cfd
0.0.0.0 vgfrrtc.click
0.0.0.0 vablecable.click
0.0.0.0 jiuppppml.click
0.0.0.0 zvotg9ceh.cfd
0.0.0.0 huqiinxy.click
0.0.0.0 wtechfullsetup.xyz
0.0.0.0 closerscopy.net
0.0.0.0 freeinstallcpc.xyz
0.0.0.0 l1ihpb0dz521ol.cfd
0.0.0.0 nccenbkdr1063.cfd
0.0.0.0 a18n5nh14xos.click
0.0.0.0 b5mtuo30dqu.click
0.0.0.0 galvu301.click
0.0.0.0 5tbyvf27hc.cfd
0.0.0.0 gotechfiles.xyz
0.0.0.0 getintopcc.pro
0.0.0.0 poiqhawq.click
0.0.0.0 ygabgga.click
0.0.0.0 eyhdjyst.click
0.0.0.0 rosterfile4u.click
0.0.0.0 cfmarker.click
0.0.0.0 azxdr4erf.xyz
0.0.0.0 xitrbgq.click
0.0.0.0 ym2f4o2f.cfd
0.0.0.0 cfgy6tg.pro
0.0.0.0 hji98ik.click
0.0.0.0 pqlbh88z7.cfd
0.0.0.0 i3s5qfuvs.cfd
# missing from list
0.0.0.0 topkeygen.com
0.0.0.0 piratesfile.com
0.0.0.0 rootscrack.com
0.0.0.0 cracksmat.com
0.0.0.0 crackedsoft.org
0.0.0.0 crackxpoint.com
0.0.0.0 crackerzpro.org
0.0.0.0 crackfinal.com
0.0.0.0 wazusoft.com
0.0.0.0 crackzoom.com
0.0.0.0 activators4windows.com
# https://github.com/RPiList/specials/issues/1351
0.0.0.0 klassischefahrschule.com
# not my analysis: https://tria.ge/231123-1wzp6sde7z/behavioral1
0.0.0.0 marinhoassessoria.com
# https://github.com/hagezi/dns-blocklists/issues/1864
0.0.0.0 revanced.to
# https://virustotal.com/gui/url/ecf1a475d84de38187831b4fb25167812117ea7b4ab22ce46dc6d36d822004fd/community
# https://virustotal.com/gui/url/fbc0e8828a4d86410e1c3fbf698bdda7e3e3c8d0ff1785adcfec181c967426ca/community
# https://virustotal.com/gui/url/f28bcf22fbd189fd87322da0b915ce32a700ed1bccd53f1e21552c04a8c2d229/community
0.0.0.0 servegame.com
0.0.0.0 modulo.servegame.com
# https://github.com/DandelionSprout/adfilt/discussions/932#discussioncomment-7694946
0.0.0.0 easypark-id.com
0.0.0.0 easypark-no.org
# https://www.malwarebytes.com/blog/threat-intelligence/2023/11/associated-press-espn-cbs-among-top-sites-serving-fake-virus-alerts
0.0.0.0 octob.azureedge.net
0.0.0.0 lzi.azureedge.net
0.0.0.0 tinlc.azureedge.net
0.0.0.0 bm-rb.azureedge.net
0.0.0.0 foluo.azureedge.net
0.0.0.0 vpv-ger.azureedge.net
0.0.0.0 trackmaster.cc
0.0.0.0 protectsystemtools.life
0.0.0.0 securitypatch.life
0.0.0.0 real-time-system-monitoring.life
0.0.0.0 threatdetectorhub.life
0.0.0.0 threatdetectorhub.online
0.0.0.0 vulnerabilityassessments.life
0.0.0.0 strike-it-lucky.space
0.0.0.0 golden-opportunity.xyz
0.0.0.0 stroke-of-luck.xyz
0.0.0.0 blessed-with-luck.space
0.0.0.0 system-scan-tool.space
0.0.0.0 system-security-scan.buzz
0.0.0.0 system-security-scan.net
0.0.0.0 system-scan-tool.online
0.0.0.0 trk6.kokamedia.com
0.0.0.0 tracklinker.space
0.0.0.0 trackmenow.life
0.0.0.0 trackify.world
0.0.0.0 trackinghub.info
0.0.0.0 trkmyclk.xyz
0.0.0.0 trk-server.xyz
0.0.0.0 systemmeasures.life
0.0.0.0 xyzcreators.xyz
# https://github.com/AdguardTeam/AdguardFilters/issues/167470 (from ghajini)
0.0.0.0 hotkabachok.com
# https://github.com/durablenapkin/scamblocklist/issues/71
0.0.0.0 dbmobile-phototan.de
# https://virustotal.com/gui/url/69a1570512a5694049a9444ab6c0dd73432f3685894eb3d4d1e7dba7ce99766d/community
0.0.0.0 ne-correos.top
# account required: https://forums.malwarebytes.com/topic/305116-fake-software-homepage/
0.0.0.0 unikey.vn
# https://cert.gov.ua/article/6276584
# https://github.com/hagezi/dns-blocklists/issues/1893
0.0.0.0 register.akamaized.ca
# https://github.com/hagezi/dns-blocklists/issues/1899
0.0.0.0 online-cloud.info
0.0.0.0 store5.gofile.io
# https://github.com/RPiList/specials/issues/1373
0.0.0.0 tintinsolve.fun
# https://github.com/RPiList/specials/issues/1372
0.0.0.0 marricoyes.online
# https://github.com/hagezi/dns-blocklists/issues/1905
0.0.0.0 ycybdp.com
# https://forums.malwarebytes.com/topic/305420-website-blocked-due-to-malware-microsoft-windows-as-stopped-responding/
# https://threatfox.abuse.ch/ioc/1140249/
# https://github.com/hagezi/dns-blocklists/issues/1932
0.0.0.0 demoncitygame.000webhostapp.com
# https://github.com/hagezi/dns-blocklists/issues/1909
0.0.0.0 up-nowservice.com
# https://github.com/hagezi/dns-blocklists/issues/1935
0.0.0.0 ihrkontosichern.eu
# https://infosec.exchange/@iampytest1/111568435119045533
0.0.0.0 fraavy.com
# https://virustotal.com/gui/domain/base-usps.top/community
0.0.0.0 base-usps.top
# https://virustotal.com/gui/url/2670873ba07eea2c617ad3e34284bdea56730cd83ae70dd84b7c333b027f4ce7/community
# https://github.com/RPiList/specials/issues/1377
0.0.0.0 pertidose.site
# https://github.com/RPiList/specials/issues/1378
0.0.0.0 verstolini.site
# https://virustotal.com/gui/file/c9491f5eb282daf6b536f515cc9e1032af62919e727442c4e7ecbca2e9d8f8b0/community
# https://github.com/DandelionSprout/adfilt/discussions/932#discussioncomment-7872103
0.0.0.0 betzykrisesenter.no
0.0.0.0 citra2010oslo.no
0.0.0.0 digiter.no
0.0.0.0 easydisplay.no
0.0.0.0 kjaerra.no
0.0.0.0 kontrast1.no
0.0.0.0 norskmatkultur.no
0.0.0.0 norskoffroadteknikk.no
0.0.0.0 nyematoghelse.no
0.0.0.0 securmarksykkel.no
0.0.0.0 thecoolgirl.no
0.0.0.0 topshineauto.no
0.0.0.0 vossblues.no
0.0.0.0 yttersiden.no
# https://github.com/gchq/CyberChef/issues/1668
0.0.0.0 forensicswiki.xyz
# https://virustotal.com/gui/url/c367518781d3ec29f156e24ee04c24c0f54bd5c3467812f6cd56dc791f8beea8/community
0.0.0.0 thumbzoner.com
# https://tria.ge/231220-abydhaadfn/behavioral1
0.0.0.0 offalrouts.xyz
0.0.0.0 mirrorvine.store
# https://tria.ge/231220-abydhaadfn/behavioral2
0.0.0.0 pushub.net
# https://github.com/DandelionSprout/adfilt/discussions/932#discussioncomment-7873648
0.0.0.0 monetrizer.online
0.0.0.0 monetrizer.com
# https://github.com/RPiList/specials/issues/1398
0.0.0.0 deutschebank-kundendienst.comidrekt.net
0.0.0.0 comidrekt.net
# https://github.com/hagezi/dns-blocklists/issues/1977
0.0.0.0 energie-portal-24.de
# https://github.com/RPiList/specials/issues/1395
0.0.0.0 streamjumpstart.com
# https://github.com/RPiList/specials/issues/1396
0.0.0.0 thebeneclinic.com
# https://github.com/hagezi/dns-blocklists/issues/1986
0.0.0.0 energieausweis-online-erstellen.de
# https://tria.ge/231227-yrr4esfbh5/behavioral1 (cloudflared)
0.0.0.0 givelabs.monster
# https://www.bleepingcomputer.com/news/security/blockchain-devs-wallet-emptied-in-job-interview-using-npm-package/
0.0.0.0 flickthebean.onrender.com
# https://tria.ge/231228-w2dyfafadq/behavioral1
0.0.0.0 fitgirl-repacks.to
0.0.0.0 mediatrackerr.com
# https://github.com/RPiList/specials/issues/1405
0.0.0.0 casinos-austria.install-app.com
# https://tria.ge/231229-pvf1wshae9/behavioral1 (CloudFlared)
0.0.0.0 haxnode.net
0.0.0.0 cleinpuz.cfd
0.0.0.0 tech-pros.pro
# https://github.com/uBlockOrigin/uAssets/pull/21658
0.0.0.0 fitgirlrepackz.com
# https://threatfox.abuse.ch/ioc/1226308/
# https://tria.ge/231229-2sx8lscch5/behavioral2 (CloudFlared)
0.0.0.0 liwishacks.com
0.0.0.0 reviveincapablewew.pw
0.0.0.0 opposesicknessopw.pw
0.0.0.0 politefrightenpowoa.pw
0.0.0.0 chincenterblandwka.pw
# https://forums.malwarebytes.com/topic/306164-phishing-wells-fargo/ (account required)
0.0.0.0 lnformationalerts.info
# https://github.com/RPiList/specials/issues/1407
0.0.0.0 zustellungkontrolle.net
# https://github.com/RPiList/specials/issues/1411
0.0.0.0 sanityflash.mom
# https://virustotal.com/gui/url/c7677f1b43e9b266a4542936cd947e0ccc89cf59c6270aaf2baad4de47e3ae8f/community
# https://tria.ge/240106-v9k62secc5/behavioral1
# https://github.com/RPiList/specials/issues/1413
0.0.0.0 msdownloadhub.mdx-ux.com
# https://github.com/hagezi/dns-blocklists/issues/2017
# https://github.com/badmojr/1Hosts/issues/1655
# https://github.com/StevenBlack/hosts/issues/2552
0.0.0.0 duchessefit.com
# https://github.com/Dogino/Discord-Phishing-URLs/pull/25
0.0.0.0 steamcommuaity.com
# https://virustotal.com/gui/domain/booking.com-panel.com
# https://virustotal.com/gui/url/c81a065a1344395a7329764a30729280dfd01f6ccb18fedb692d1b21590e614c
0.0.0.0 com-panel.com
0.0.0.0 booking.com-panel.com
0.0.0.0 mail.com-panel.com
# https://virustotal.com/gui/ip-address/158.160.5.182/relations
0.0.0.0 account-booking-pulseapp.com
0.0.0.0 admin-login-account.com
0.0.0.0 extranet-admin.com
0.0.0.0 booking-admins.com
# https://github.com/RPiList/specials/issues/1420
0.0.0.0 galactiq.life
0.0.0.0 mediago.io
0.0.0.0 sehprotokoll.com
0.0.0.0 smartlifeguides.top
0.0.0.0 kleinezeitung.co
0.0.0.0 gesundheitleber.com
0.0.0.0 oe24.co
0.0.0.0 busterry.com
0.0.0.0 bullionbreeze.xyz
# https://github.com/avast/ioc/pull/57
# https://virustotal.com/gui/url/3828695bc16bb9d0bfab17eb5c15e5fe9e8b30bb6cb948655a6a55466b9dc187/community
0.0.0.0 telegcrmz.fit
# https://virustotal.com/gui/url/53efa35943a9b0bbcc4f966791e992052ac647a883c81a43bb86dd94bbbbd48d/community
0.0.0.0 telegcrmz.work
# https://virustotal.com/gui/url/cf88de3dc23272e078a7412c64b12e038cd8b9dc1beb07be6ac3f017919aa09b/community
0.0.0.0 telejracm.fit
# https://www.virustotal.com/gui/ip-address/103.119.3.17/relations
0.0.0.0 www.telegreem.club
0.0.0.0 telejracm.work
0.0.0.0 telejracm.club
0.0.0.0 telejrzmn.cc
0.0.0.0 teleptrm.fit
0.0.0.0 teleptrm.work
0.0.0.0 telegzzem.club
0.0.0.0 telegzzem.fit
0.0.0.0 telegzzem.work
0.0.0.0 telegrnne.work
0.0.0.0 telegrnne.fit
0.0.0.0 telegrnne.club
0.0.0.0 telegcrmz.club
0.0.0.0 telegreem.club
0.0.0.0 telegreem.work
0.0.0.0 telegreem.vip
0.0.0.0 telejrzmn.work
0.0.0.0 telejrzmn.club
0.0.0.0 telegcrenn.fit
0.0.0.0 telegcrenn.club
0.0.0.0 telegrczm.work
0.0.0.0 telegrczm.fit
0.0.0.0 teleggcam.club
0.0.0.0 teleggcam.fit
0.0.0.0 teleggcam.work
0.0.0.0 www.telegceam.club
0.0.0.0 www.teleqpcam.club
0.0.0.0 teleqrinm.cn
0.0.0.0 teleqrinm.com.cn
0.0.0.0 www.teleqpamn.work
0.0.0.0 www.teleqrinm.club
0.0.0.0 www.teleqpcam.work
0.0.0.0 teleqpcam.work
0.0.0.0 teleqpcam.club
0.0.0.0 teleqpcam.fit
0.0.0.0 teleprannn.cc
0.0.0.0 telegbrm.work
0.0.0.0 telegbrm.club
0.0.0.0 telebriun.work
0.0.0.0 teleqpcn.fit
0.0.0.0 teleqpcn.club
0.0.0.0 teleqpcn.work
0.0.0.0 teleqrenm.cc
0.0.0.0 teleqpamn.fit
0.0.0.0 teleqpamn.club
0.0.0.0 teleqpamn.work
0.0.0.0 teleqrinm.club
0.0.0.0 teleqernm.cc
0.0.0.0 www.teleprium.fit
0.0.0.0 teleprannn.vip
0.0.0.0 teleprannn.club
0.0.0.0 www.teleqernm.fit
0.0.0.0 telegceam.club
0.0.0.0 telegceam.work
0.0.0.0 teleppram.club
0.0.0.0 teleqrenm.work
0.0.0.0 teleqrenm.club
0.0.0.0 www.telegczim.work
0.0.0.0 www.telegczim.vip
0.0.0.0 telegrcmn.cc
0.0.0.0 teletrean.cc
0.0.0.0 telegruim.top
0.0.0.0 telegczim.work
0.0.0.0 telegczim.club
0.0.0.0 telegczim.vip
0.0.0.0 www.telegczm.vip
0.0.0.0 teleprium.fit
0.0.0.0 teleprium.work
0.0.0.0 teleprium.club
0.0.0.0 www.telegczm.fit
0.0.0.0 telepamn.cc
0.0.0.0 telegczm.vip
0.0.0.0 telegczm.club
0.0.0.0 telegczm.fit
0.0.0.0 tgelegrean.cc
0.0.0.0 teleqriem.vip
0.0.0.0 telegpem.club
0.0.0.0 telegirmn.vip
0.0.0.0 telebrzm.vip
0.0.0.0 teleqcmn.work
0.0.0.0 teleqcmn.fit
0.0.0.0 teleqcmn.club
0.0.0.0 teleqernm.fit
0.0.0.0 teleqernm.club
0.0.0.0 telegirmn.cn
0.0.0.0 www.telegirmn.cn
0.0.0.0 telegwam.work
0.0.0.0 www.telegwam.work
0.0.0.0 telegcmn.cc
0.0.0.0 teletrpm.club
0.0.0.0 teleprazm.club
0.0.0.0 telegirm.cc
0.0.0.0 www.telebriun.work
0.0.0.0 tglegmn.work
0.0.0.0 telegpem.fit
0.0.0.0 telegpem.work
0.0.0.0 tgelegrean.work
0.0.0.0 teletrpm.fit
# https://github.com/hagezi/dns-blocklists/issues/2041
0.0.0.0 east-trading.shop
# https://github.com/RPiList/specials/issues/1425
0.0.0.0 post4at.live
# https://github.com/Dogino/Discord-Phishing-URLs/pull/26
0.0.0.0 steamcommuniitny.club
# https://tria.ge/240120-1dgrmshdc6/behavioral2
0.0.0.0 mirfakpersei.top
0.0.0.0 alvsx.mirfakpersei.top
0.0.0.0 flameforgesmith.top
0.0.0.0 alvsx.flameforgesmith.top
0.0.0.0 cdnstatic.flameforgesmith.top
0.0.0.0 /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=*&sm=space-robot&click_id=*&sub_id=*&appspot=&d=
0.0.0.0 xhkls.flameforgesmith.top
0.0.0.0 press-here-to-continue.com
0.0.0.0 canopusacrux.top
0.0.0.0 xhkls.canopusacrux.top
# https://github.com/hagezi/dns-blocklists/issues/2077
0.0.0.0 apple-analyser.com
0.0.0.0 22.imohub.workers.dev
0.0.0.0 imohub.net
0.0.0.0 apple-health.org
# https://cyberplace.social/@GossiTheDog/111828587052755003
# https://github.com/uBlockOrigin/uAssets/issues/22200
# https://github.com/hagezi/dns-blocklists/pull/2175
0.0.0.0 privacyguides.io
0.0.0.0 poperblocker.com
# https://github.com/uBlockOrigin/uAssets/issues/22268
0.0.0.0 skinboxs.com
# https://gist.github.com/GossiTheDog/f1079fe5486b2e7ac61d2e069caa67d4
0.0.0.0 pq.hosting
# https://github.com/hagezi/dns-blocklists/issues/2133
0.0.0.0 demolishabolish.com
# https://github.com/AdguardTeam/AdguardFilters/issues/172569
0.0.0.0 acareewityjh.com
0.0.0.0 accedenonre.xyz
0.0.0.0 adeditiontowritingef.net
0.0.0.0 adiingsinspiringt.net
0.0.0.0 ajorinryesoperty.com
0.0.0.0 alsoextraorduki.info
0.0.0.0 alukizeiasnin.com
0.0.0.0 amwoukrkskillso.com
0.0.0.0 anadthefoaedf.info
0.0.0.0 ankingwithear.com
0.0.0.0 aoldosgertyong.info
0.0.0.0 ardoqxdinqucirei.info
0.0.0.0 arnofourgugtj.info
0.0.0.0 arrowabhbtalst.info
0.0.0.0 arrowtoldilim.com
0.0.0.0 artistictastesnly.info
0.0.0.0 asifiwoeryjtyj.info
0.0.0.0 asosettoourma.info
0.0.0.0 aspectsofc.hair
0.0.0.0 asqerongtheco.info
0.0.0.0 astellihandl.xyz
0.0.0.0 atabaseiwo.top
0.0.0.0 atedlittleme.xyz
0.0.0.0 ationiamcur.com
0.0.0.0 ationslieemrger.info
0.0.0.0 atthewon.buzz
0.0.0.0 aukndaspirati.com
0.0.0.0 aysesuretobea.com
0.0.0.0 biscussexbug.xyz
0.0.0.0 blicatedlittle.xyz
0.0.0.0 bnfgnbheavynuo.info
0.0.0.0 britingsynt.xyz
0.0.0.0 careewituhinlarg.com
0.0.0.0 cathyimmediates.xyz
0.0.0.0 cenceevent.club
0.0.0.0 compathered.xyz
0.0.0.0 connectedithco.com
0.0.0.0 consukultingeca.com
0.0.0.0 conversitym.com
0.0.0.0 councernedasesium.com
0.0.0.0 dblueclaockbro.info
0.0.0.0 declinerybelfa.buzz
0.0.0.0 dedalloverwithth.net
0.0.0.0 dheircrhnerdgfd.info
0.0.0.0 directuklyecon.pics
0.0.0.0 disguishedbri.com
0.0.0.0 dmanas.buzz
0.0.0.0 dollapsedshe.info
0.0.0.0 dukerationpe.com
0.0.0.0 dwouldmakefe.info
0.0.0.0 eamsauknda.com
0.0.0.0 eastfeukufunde.com
0.0.0.0 ebelfarewesbegi.com
0.0.0.0 echildren.buzz
0.0.0.0 ectresultofthep.info
0.0.0.0 edassiumw.xyz
0.0.0.0 editiontowrit.info
0.0.0.0 edrubyglo.buzz
0.0.0.0 edstevermotorie.com
0.0.0.0 edverys.buzz
0.0.0.0 eesihighlyrec.xyz
0.0.0.0 efgrghhindhimi.info
0.0.0.0 efvtgbnanddescri.info
0.0.0.0 ehappy.buzz
0.0.0.0 eighing.space
0.0.0.0 eisasbeau.buzz
0.0.0.0 eitcuyjfromthe.info
0.0.0.0 emydreamsa.com
0.0.0.0 emyresumef.hair
0.0.0.0 endream.buzz
0.0.0.0 enectedithco.com
0.0.0.0 entoftheusysian.com
0.0.0.0 entsiwoulukdli.com
0.0.0.0 epededonemil.info
0.0.0.0 eretheseantyjyt.info
0.0.0.0 erpringash.xyz
0.0.0.0 erukentaspectsof.com
0.0.0.0 ervantasrelate.info
0.0.0.0 esterdayauol.info
0.0.0.0 etingefifort.info
0.0.0.0 etingplansfo.buzz
0.0.0.0 etorealiukzem.com
0.0.0.0 etyrthonrong.info
0.0.0.0 eukworektobe.pics
0.0.0.0 evenuewasadi.xyz
0.0.0.0 everefor.buzz
0.0.0.0 evermoto.xyz
0.0.0.0 everwiththinleav.net
0.0.0.0 ewmeofmukindwo.com
0.0.0.0 ewrevenuewasad.info
0.0.0.0 exibilitukydtea.xyz
0.0.0.0 forgotteddisgui.com
0.0.0.0 fortdaukthw.hair
0.0.0.0 fukermalasas.info
0.0.0.0 getnizationedr.info
0.0.0.0 getseavailan.xyz
0.0.0.0 gettllingovert.info
0.0.0.0 goveragemlz.club
0.0.0.0 gtdjidencenha.info
0.0.0.0 gukthwaalsoex.info
0.0.0.0 hableleader.xyz
0.0.0.0 hatwasallokmv.info
0.0.0.0 heinndonfgnorh.info
0.0.0.0 heodeidsofhnm.info
0.0.0.0 hereabithec.xyz
0.0.0.0 himloabercuacroos.info
0.0.0.0 historiousmor.xyz
0.0.0.0 hoisquit.buzz
0.0.0.0 houldthinkh.buzz
0.0.0.0 humanske.space
0.0.0.0 iamcurrently.com
0.0.0.0 iasninancuka.com
0.0.0.0 ibilitukydteamw.com
0.0.0.0 ictastesnly.buzz
0.0.0.0 ifefashionismscold.com
0.0.0.0 ileesidesu.hair
0.0.0.0 ingforanopportu.com
0.0.0.0 inghesatin.com
0.0.0.0 ingspondingco.com
0.0.0.0 iolintohimselfas.info
0.0.0.0 ionakasulbackgrou.com
0.0.0.0 ionscormatio.com
0.0.0.0 iratiotyuknsye.com
0.0.0.0 ishnfguseaches.info
0.0.0.0 itearamajo.com
0.0.0.0 jhldtogerghottulering.info
0.0.0.0 jlkladirtlseivi.info
0.0.0.0 jtffjwecouldle.info
0.0.0.0 kabuukimuuki.com
0.0.0.0 kectivetraining.info
0.0.0.0 kefeagreatase.info
0.0.0.0 kelpmetoreali.com
0.0.0.0 kentinedaug.xyz
0.0.0.0 kenwellsgrpo.com
0.0.0.0 kitwkuouldhukel.xyz
0.0.0.0 kmodukuleqasfo.info
0.0.0.0 kmyunderth.com
0.0.0.0 kolpihvfongrou.info
0.0.0.0 krkskillsombin.com
0.0.0.0 ksehinkitw.hair
0.0.0.0 ktobedirectu.xyz
0.0.0.0 ktobedirectuklye.com
0.0.0.0 lattemptaqwe.club
0.0.0.0 lemopaserawecas.com
0.0.0.0 leqasforsalesrep.info
0.0.0.0 liondolularhene.info
0.0.0.0 liukzemydream.com
0.0.0.0 llsombineukdwit.com
0.0.0.0 longmansuchcesu.com
0.0.0.0 ltingecauyuksehi.com
0.0.0.0 lubinoobi.com
0.0.0.0 majorinryes.com
0.0.0.0 majorinryesopert.com
0.0.0.0 manisation.org
0.0.0.0 mcurrentlysearc.com
0.0.0.0 mediatesupervis.com
0.0.0.0 mementrandingsw.com
0.0.0.0 mentbradshed.com
0.0.0.0 mentrandingswon.com
0.0.0.0 mentseconom.xyz
0.0.0.0 miredindeed.net
0.0.0.0 mnndnnbnn.com
0.0.0.0 monopolicycr.com
0.0.0.0 mplayeranydw.net
0.0.0.0 muheodeidsoan.info
0.0.0.0 mwoukrkskills.xyz
0.0.0.0 myxomater.space
0.0.0.0 mzsdeauxdwh.info
0.0.0.0 naborutmyrq.top
0.0.0.0 nahrghhaondb.info
0.0.0.0 natallcolumnsto.info
0.0.0.0 ncelewasgildeda.net
0.0.0.0 ncukanking.com
0.0.0.0 ndeedeisasbeautiful.net
0.0.0.0 ndencesch.xyz
0.0.0.0 ndsragedwithb.info
0.0.0.0 nedtolethimbevx.com
0.0.0.0 nereherewetem.info
0.0.0.0 nerewdeerofhi.info
0.0.0.0 nergyflexibilit.pics
0.0.0.0 nerybelfaste.xyz
0.0.0.0 neukdwithmefe.com
0.0.0.0 ngswonden.xyz
0.0.0.0 nkitwkuouldhu.com
0.0.0.0 nmabigyello.xyz
0.0.0.0 nonimoomi.com
0.0.0.0 nopportunitytostar.com
0.0.0.0 normaticalaccu.com
0.0.0.0 notquiteso.buzz
0.0.0.0 nowledconsideu.com
0.0.0.0 npracticalwhic.buzz
0.0.0.0 nryesopertyv.com
0.0.0.0 ntaspectsofcukorp.com
0.0.0.0 ntheworldw.buzz
0.0.0.0 ntualkentined.xyz
0.0.0.0 nverewereal.info
0.0.0.0 oathihakennails.info
0.0.0.0 oefanyorbesttn.info
0.0.0.0 ofchildr.buzz
0.0.0.0 offerentlyport.xyz
0.0.0.0 ojapanelm.xyz
0.0.0.0 omefukmendat.xyz
0.0.0.0 onalhedgelnham.com
0.0.0.0 onopolicycr.xyz
0.0.0.0 onopolicycreat.com
0.0.0.0 onsukultingecauy.com
0.0.0.0 oratefinaukn.xyz
0.0.0.0 oratefinauknceiwo.com
0.0.0.0 ordukinarilyhu.info
0.0.0.0 osiextantlyvfhn.info
0.0.0.0 otheruigfsfohi.info
0.0.0.0 oughtanothingfruitie.net
0.0.0.0 oukfareputfeablean.com
0.0.0.0 ouldlikukemyfu.com
0.0.0.0 ovogofteonafterw.info
0.0.0.0 panyinadiingsinspi.com
0.0.0.0 placugceofres.info
0.0.0.0 playeranydwould.info
0.0.0.0 ploddingtotogcb.info
0.0.0.0 pmetorealiukze.xyz
0.0.0.0 pohsoneche.info
0.0.0.0 precially.space
0.0.0.0 pringed.space
0.0.0.0 puldhukelpmet.com
0.0.0.0 racterdeilbsweet.info
0.0.0.0 rainingukmod.info
0.0.0.0 ratiotyuknsye.pics
0.0.0.0 rbiscussexb.xyz
0.0.0.0 reckedmane.xyz
0.0.0.0 rentlysearchin.com
0.0.0.0 responsidejo.xyz
0.0.0.0 rgentssep.xyz
0.0.0.0 rgyflexibilitu.com
0.0.0.0 ricewaterhou.xyz
0.0.0.0 ritingsynther.com
0.0.0.0 rthfeoveukrnme.com
0.0.0.0 runkingoutinteah.info
0.0.0.0 ruralled.space
0.0.0.0 rurelanderpurgan.com
0.0.0.0 salesrepreswse.info
0.0.0.0 sandothesooile.info
0.0.0.0 searchforanop.com
0.0.0.0 seemyresumefo.com
0.0.0.0 seinpoundaymid.com
0.0.0.0 semblyjustingex.com
0.0.0.0 seoopersedu.xyz
0.0.0.0 shoecamedmghm.info
0.0.0.0 smetotrea.xyz
0.0.0.0 smurtyards.space
0.0.0.0 ssdwellsgrpo.info
0.0.0.0 starvardsee.xyz
0.0.0.0 stellihandles.hair
0.0.0.0 subsectivexe.xyz
0.0.0.0 sultingcoe.buzz
0.0.0.0 swordhilte.buzz
0.0.0.0 sysianedukera.com
0.0.0.0 tasesetitoefany.info
0.0.0.0 tbrohwnmyest.info
0.0.0.0 tebilaterde.xyz
0.0.0.0 tedithconsukult.com
0.0.0.0 tesupervis.hair
0.0.0.0 texcepededo.info
0.0.0.0 tfoollowingba.info
0.0.0.0 tgandmotivat.com
0.0.0.0 thaitingshos.xyz
0.0.0.0 thaoheakolons.info
0.0.0.0 thegravehthh.info
0.0.0.0 theharityhild.buzz
0.0.0.0 thrememboer.info
0.0.0.0 ticaframeofm.xyz
0.0.0.0 tionpecialukizei.com
0.0.0.0 tivatingotheremplo.com
0.0.0.0 tooaastandhei.info
0.0.0.0 toolsahoulofd.info
0.0.0.0 tostaracare.com
0.0.0.0 tsapphires.buzz
0.0.0.0 tuallyenitwasbr.com
0.0.0.0 tunitytostara.com
0.0.0.0 tureukwore.xyz
0.0.0.0 tydevelelastic.com
0.0.0.0 tyyeastfeukufund.com
0.0.0.0 uadthenborea.info
0.0.0.0 uchadmir.buzz
0.0.0.0 uewasadirectresu.info
0.0.0.0 ughtsustacheds.com
0.0.0.0 uinground.com
0.0.0.0 ukelpmetoreali.pics
0.0.0.0 ukentaspe.xyz
0.0.0.0 ukindwouldm.xyz
0.0.0.0 ukrnmentofth.com
0.0.0.0 ukseseemyres.xyz
0.0.0.0 uktureukworekto.com
0.0.0.0 ukwasanasosetet.net
0.0.0.0 ularhenewrev.info
0.0.0.0 ulyhvfadchos.info
0.0.0.0 umeformorede.xyz
0.0.0.0 upervisofosev.xyz
0.0.0.0 uwledconside.xyz
0.0.0.0 uytdwhitdoe.info
0.0.0.0 uyuksehinkitwku.com
0.0.0.0 vbriverafter.xyz
0.0.0.0 verwiththinleave.net
0.0.0.0 wasanasosett.info
0.0.0.0 wasanasset.buzz
0.0.0.0 wedonhisdhiltew.info
0.0.0.0 withmefeyauknaly.com
0.0.0.0 wukbgater.buzz
0.0.0.0 yauknalyticafra.com
0.0.0.0 yhukelpfulinot.info
0.0.0.0 yidbyhersle.xyz
0.0.0.0 yremovementxv.com
0.0.0.0 ysearchingfo.xyz
0.0.0.0 yticaframeofm.com
0.0.0.0 yvaluationiamcur.com
0.0.0.0 &lp=not_robot_
# https://cyberplace.social/@GossiTheDog/111929647559740363
# https://github.com/hagezi/dns-blocklists/pull/2175
0.0.0.0 passwordfix.blogspot.com
0.0.0.0 97tool.github.io
0.0.0.0 apkzpure.com
0.0.0.0 wattfo.com
0.0.0.0 networkpcigniter.com
0.0.0.0 cpmpri.com
0.0.0.0 karan.mobi
0.0.0.0 manizx.com
0.0.0.0 mobdrovip.com
0.0.0.0 theapkhunter.com
0.0.0.0 ehallpasses.info
# https://github.com/hagezi/dns-blocklists/pull/2173
0.0.0.0 wtmbook.com
0.0.0.0 beacons.ai
# https://github.com/hagezi/dns-blocklists/pull/2176
0.0.0.0 kmspico.io
0.0.0.0 kmspico.ws
0.0.0.0 kms-full.com
0.0.0.0 kmspico.de.download.it
0.0.0.0 kmspico.to
0.0.0.0 kmspi.co
0.0.0.0 get-kmspico.com
0.0.0.0 kmsauto.info
0.0.0.0 official-kmspico.com
0.0.0.0 dlhk.acehprov.go.id
0.0.0.0 softwared.click
0.0.0.0 kmsauto.org
0.0.0.0 kmsauto.pw
0.0.0.0 kmsavto-net.ru
0.0.0.0 kmsauto.xyz
# https://github.com/hagezi/dns-blocklists/pull/2184
0.0.0.0 safety-andro1d-n0tice.co
0.0.0.0 unhaka.com
0.0.0.0 safety-andr-sys.info
# https://github.com/hagezi/dns-blocklists/pull/2192
0.0.0.0 13001.ru
0.0.0.0 ctrl02.ru
0.0.0.0 12001.ru
0.0.0.0 supos911.org
0.0.0.0 supos123.org
# https://github.com/hagezi/dns-blocklists/pull/2213
# https://github.com/hagezi/dns-blocklists/pull/2212
0.0.0.0 dhl-de-track-ui.cc
0.0.0.0 dhl-de-track-uo.cc
0.0.0.0 dhl-de-track-uu.cc
# https://github.com/hagezi/dns-blocklists/pull/2211
0.0.0.0 eyx092.github.io
0.0.0.0 davbuckgenerator.weebly.com
0.0.0.0 gemsforfree.com
0.0.0.0 hackzone.me
# https://github.com/DandelionSprout/adfilt/commit/2b0705861bde02511e1fdd72edf470b2811ecb8c#r138964973
0.0.0.0 githubtalentcommunity.online
0.0.0.0 jobs.githubtalentcommunity.online
# https://github.com/hagezi/dns-blocklists/pull/2221
0.0.0.0 modyolo.com
0.0.0.0 googlesavedata.ru
# on url from https://github.com/easylist/easylist/issues/18489#issuecomment-1962261575, appears to be malvertising
0.0.0.0 thaudray.com
# https://github.com/xRuffKez/dns-blocklists/commit/9cf8a68e82a5fed10991a2e0a34bf84265960ce7
0.0.0.0 giveawayscord.xyz
# https://github.com/durablenapkin/scamblocklist/issues/76
0.0.0.0 fundatingquest.fun
0.0.0.0 i.fundatingquest.fun
0.0.0.0 b.fundatingquest.fun
0.0.0.0 a.fundatingquest.fun
0.0.0.0 h.fundatingquest.fun
0.0.0.0 f.fundatingquest.fun
0.0.0.0 c.fundatingquest.fun
0.0.0.0 e.fundatingquest.fun
# https://tria.ge/240224-zxewqafc9v/behavioral1
0.0.0.0 sharlalias.click
0.0.0.0 mysuperdatingforyou.life
0.0.0.0 chat-o-live.com
# https://tria.ge/240224-1ygx5sgc8v/behavioral1
0.0.0.0 rozaholshouser.cfd
# https://tria.ge/240224-2lmtasgh3v/behavioral1
0.0.0.0 eshaalfawson.shop
# https://tria.ge/240225-qwh3badf7t/behavioral1
0.0.0.0 kristidamon.beauty
# https://tria.ge/240227-njbflafh8z/behavioral1
0.0.0.0 bethanytunks.skin
0.0.0.0 localdatez.com
# https://tria.ge/240227-n4apssga94/behavioral1
0.0.0.0 leoniaivey.site
# https://tria.ge/240229-bc1qpahg3t/behavioral1
0.0.0.0 brooklynalam.mom
# https://tria.ge/240229-pc7e5age5x/behavioral1
0.0.0.0 alisonsweigert.mom
# https://tria.ge/240301-vmx74aaf67/behavioral1 (cloudflared)
0.0.0.0 alexiaurlanza.skin
# https://tria.ge/240402-nthmnagg5z/behavioral1
0.0.0.0 lonnabritton.skin
0.0.0.0 datingcompass.fun
0.0.0.0 a.datingcompass.fun
# fake users with profile pics stolen from porn site, payment required before contacting/replying to these users
0.0.0.0 40plusshag.com
0.0.0.0 delivery.40plusshag.com
# https://github.com/hagezi/dns-blocklists/pull/2251
0.0.0.0 foreverinprofitmaking.com
0.0.0.0 pp.45-61-158-129.cprapid.com
0.0.0.0 globalserviceslogistics.com
0.0.0.0 luxurysgift.com
0.0.0.0 athletic-harmony.com
0.0.0.0 knkpublishingsoftware.com
# spam email -> https://tria.ge/240229-psnyqahe45/behavioral1
0.0.0.0 obses-sion.info
# https://github.com/AdguardTeam/AdguardFilters/issues/173830
0.0.0.0 midsummer.pw
0.0.0.0 mb38.com
# https://github.com/braveinnovators/ukrainian-security-filter/pull/7
0.0.0.0 sportloto-1.co
0.0.0.0 retiva-bet777.com
0.0.0.0 parik24.win
0.0.0.0 oshad24.biz.ua
0.0.0.0 monoslot3.com
0.0.0.0 diamondclub.casino
# email spam
# https://tria.ge/240301-xm9x1abg6s/behavioral1
0.0.0.0 jammingdate.life
0.0.0.0 madchenradar.life
0.0.0.0 honey-love-here.com
# https://tria.ge/240302-1sdnjahg6s/behavioral1
0.0.0.0 hotmarydate.life
# https://tria.ge/240305-nezbvsec94/behavioral1
0.0.0.0 naughty-webs.life
# https://tria.ge/240305-nq59jsef93/behavioral1
0.0.0.0 hookarts.life
0.0.0.0 mx2.hookarts.life
# https://tria.ge/240305-nyp8aseh65/behavioral1
0.0.0.0 tacky-canopy.info
0.0.0.0 mail.tacky-canopy.info
# spam sending servers
# https://cyberplace.social/@GossiTheDog/112031492191698112
# https://github.com/hagezi/dns-blocklists/pull/2271
0.0.0.0 heytrhrerght.buzz
0.0.0.0 meryruytss.buzz
0.0.0.0 rus-loto.premium-gifts-2024.xyz
0.0.0.0 s7txw.removalsinrotherham.co.uk
0.0.0.0 suiueopzgd.dlnhighpressurecleaningservicesltd.co.uk
0.0.0.0 tutyutyutyu.buzz
0.0.0.0 v9xq2.shop
# https://github.com/uBlockOrigin/uAssets/issues/22757
0.0.0.0 jobs.trustaffingpartners.com
# https://github.com/hagezi/dns-blocklists/issues/2288
0.0.0.0 revancedapps.com
0.0.0.0 revancedapp.download
0.0.0.0 www.revancedapp.download
# https://github.com/uBlockOrigin/uAssets/issues/22765
0.0.0.0 free-service.hubside.fr
0.0.0.0 freezimail.hubside.fr
0.0.0.0 zimbrafreemail.hubside.fr
0.0.0.0 zimbra-inbox.hubside.fr
0.0.0.0 free-mobile241.hubside.fr
0.0.0.0 compte-free.hubside.fr
0.0.0.0 pointsfreemobile.com
0.0.0.0 espacefidelitefree.fr
0.0.0.0 free-mob2584.hubside.fr
0.0.0.0 web-free.hubside.fr
0.0.0.0 zimbra-free-com.hubside.fr
0.0.0.0 free-mobi20i2582.hubside.fr
0.0.0.0 zimbra-free-email.hubside.fr
0.0.0.0 freezimbra.hubside.fr
0.0.0.0 web0mail.hubside.fr
0.0.0.0 free-mobile0021547.hubside.fr
0.0.0.0 free-information.hubside.fr
0.0.0.0 mobiles.hubside.fr
0.0.0.0 freemailzimbra.hubside.fr
0.0.0.0 rivita3106felibgcom.hubside.fr
0.0.0.0 info-free.hubside.fr
0.0.0.0 emails-free.hubside.fr
0.0.0.0 freema.hubside.fr
0.0.0.0 free-zimbra.hubside.fr
0.0.0.0 free-mobile1540478.hubside.fr
0.0.0.0 freewebzim.hubside.fr
0.0.0.0 acceder-a-mon-free.hubside.fr
0.0.0.0 my-acount-free.hubside.fr
# my analysis: https://tria.ge/240305-2bg53abb8x/behavioral1
0.0.0.0 shopflarehub.com
# https://github.com/hagezi/dns-blocklists/issues/2293
# https://www.bleepingcomputer.com/news/security/hacked-wordpress-sites-use-visitors-browsers-to-hack-other-sites/
0.0.0.0 dynamiclink.lol
0.0.0.0 dynamic-linx.com
# https://github.com/RPiList/specials/issues/1500
0.0.0.0 casino-ice.fun
0.0.0.0 fortuneadvert.com
0.0.0.0 lalielynaualish.com
# https://github.com/hagezi/dns-blocklists/issues/2304
0.0.0.0 vast-conexxion.com
0.0.0.0 bllthbatnthes.life
0.0.0.0 kuualosd.bllthbatnthes.life
# https://tria.ge/240309-p8f8tagc55/behavioral1
0.0.0.0 arcanecheat.com
0.0.0.0 www.arcanecheat.com
# https://github.com/hagezi/dns-blocklists/issues/2313
0.0.0.0 moddetail.com
0.0.0.0 cvbuilder.staging.standout-cv.com
0.0.0.0 liveinfo.xyz
0.0.0.0 ww3.weweekly.us
0.0.0.0 timesofeuropnews.com
0.0.0.0 cards2024.org
0.0.0.0 getaccess.w3spaces.com
0.0.0.0 ourhealthy.life
0.0.0.0 klospike.online
0.0.0.0 re-captha-version-3-16.live
0.0.0.0 kimona01.com
0.0.0.0 getspins.info
0.0.0.0 storage.canalblog.com
0.0.0.0 vbbv.store
0.0.0.0 vibuxion.top
0.0.0.0 rangerbow.world
0.0.0.0 qrcodes.pro
0.0.0.0 a.re-captha-version-3-16.live
# https://github.com/hagezi/dns-blocklists/issues/2317
0.0.0.0 rewards-emirates.com
# https://blog.sucuri.net/2024/03/new-malware-campaign-found-exploiting-stored-xss-in-popup-builder-4-2-3.html
0.0.0.0 traveltraffic.cc
0.0.0.0 ttincoming.traveltraffic.cc
0.0.0.0 cloudsonicwave.com
0.0.0.0 host.cloudsonicwave.com
# https://www.virustotal.com/gui/url/f1018be1c6ed9a283196e9ecba431b24d21b74b08a005008cfc94a98cbc63cb7/community
0.0.0.0 steam-card50.com
# my analysis: https://tria.ge/240312-z5778sah9w/behavioral1
0.0.0.0 stseam.ru
0.0.0.0 www.stseam.ru
# https://github.com/durablenapkin/scamblocklist/issues/78
0.0.0.0 usspaqn.top
0.0.0.0 uspw.usspaqn.top
# https://github.com/hagezi/dns-blocklists/issues/2339
0.0.0.0 9-9-8.com
0.0.0.0 b.9-9-8.com
# https://infosec.exchange/@jeromesegura/112090382122783994
0.0.0.0 aksoaiapk.com
0.0.0.0 trelconf.com
0.0.0.0 avr-energie.com
# https://github.com/hagezi/dns-blocklists/issues/2341
# my analysis: https://tria.ge/240313-zf3apaac75/behavioral1
0.0.0.0 uk-news.pro
# https://github.com/hagezi/dns-blocklists/issues/2344
0.0.0.0 bnidigital.com
0.0.0.0 zillify.cfd
0.0.0.0 today.free.nf
0.0.0.0 nextmrolympia.com
0.0.0.0 an1.is
# https://github.com/hagezi/dns-blocklists/issues/2345
0.0.0.0 spacex-starship.org
# https://tria.ge/240315-p28dqagf5z/behavioral1
0.0.0.0 spacexgive.org
# https://tria.ge/240318-a5v58sca59/behavioral1
0.0.0.0 ccukycu-alert.online
# https://github.com/hagezi/dns-blocklists/issues/2365
0.0.0.0 new-s24.click
# https://github.com/blocklistproject/Lists/issues/1199
0.0.0.0 steamcommumtiy.com
# https://github.com/hagezi/dns-blocklists/issues/2381
0.0.0.0 wwss.pages.dev
# https://github.com/hagezi/dns-blocklists/issues/2405
0.0.0.0 usps-delivery-a.com
# https://github.com/uBlockOrigin/uAssets/issues/23084
0.0.0.0 fitgirltorrent.com
# https://github.com/durablenapkin/scamblocklist/issues/81
0.0.0.0 sxlph.site
0.0.0.0 globe.sxlph.site
# https://tria.ge/240401-nwc5ysea52/behavioral1
0.0.0.0 doge-coin24.org
# https://github.com/hagezi/dns-blocklists/issues/2425
0.0.0.0 fling-trainer.com
# https://github.com/hagezi/dns-blocklists/issues/2422
0.0.0.0 sonicglyde.com
# https://infosec.exchange/@jeromesegura/112214506870744443
# https://www.malwarebytes.com/blog/threat-intelligence/2024/04/bing-ad-for-nordvpn-leads-to-sectoprat
0.0.0.0 nordivpn.xyz
0.0.0.0 besthord-vpn.com
# https://github.com/durablenapkin/scamblocklist/issues/82
0.0.0.0 account-cfe.mx
# https://vid.puffyan.us/watch?v=h0_L4BApOdA
# my analysis: https://tria.ge/240409-2aenjsee49/behavioral1
# my analysis: https://tria.ge/240409-2bwnfsaa5z/behavioral1
0.0.0.0 gooq1e.com
0.0.0.0 ecmokdtj.com
0.0.0.0 apk.ecmokdtj.com
# https://github.com/hagezi/dns-blocklists/issues/2506
0.0.0.0 grapheneos.fr
# https://unit42.paloaltonetworks.com/cve-2024-3400/
0.0.0.0 nhdata.s3-us-west-2.amazonaws.com
0.0.0.0 srgsd1f.842b727ba4.ipv6.1433.eu.org
0.0.0.0 edcjn.57fe6f5d9d.ipv6.1433.eu.org
0.0.0.0 srgsdf.842b727ba4.ipv6.1433.eu.org
# https://github.com/jarelllama/Scam-Blocklist/issues/314
0.0.0.0 dehoe.top
# https://infosec.exchange/@jeromesegura/112294111264356672
# my analysis: https://tria.ge/240418-zee4rsfe2x/behavioral1
0.0.0.0 notilon.co
0.0.0.0 sivaspastane.com
0.0.0.0 utm-adrooz.com
0.0.0.0 startupzonechanpatia.com
# from Ryan Brown
0.0.0.0 popupblocker-download.com
0.0.0.0 popupblockernow.com
0.0.0.0 popupgoldblocker.net
0.0.0.0 popupsblocker.org
# https://github.com/hagezi/dns-blocklists/issues/2549
0.0.0.0 sadostic.pl
# https://forums.malwarebytes.com/topic/311280-hacked-by-discord-scam/
# my analysis: https://tria.ge/240425-vpgywsda35/behavioral1
# my analysis: https://www.hybrid-analysis.com/sample/15f5fd080befe91766cb1b31f3a6af15e6dfb63c80a0d00ec8b85ca0c5940504?environmentId=160
0.0.0.0 cosmicbetrayers.com
0.0.0.0 www.cosmicbetrayers.com
# https://github.com/RPiList/specials/issues/1554
0.0.0.0 myhermes-sendungs.com
# https://archive.is/EDp03
# https://tria.ge/240427-1vhehahg3x/behavioral1 (CloudFlared)
# https://www.virustotal.com/gui/file/0f810bea02ae97cb015dc0de510892f3f83a9ddc969c1f261adf8a8bd5716862
# https://bazaar.abuse.ch/sample/0f810bea02ae97cb015dc0de510892f3f83a9ddc969c1f261adf8a8bd5716862/
# https://urlhaus.abuse.ch/url/2829815/
0.0.0.0 torontohack.fun
0.0.0.0 productivelookewr.shop
0.0.0.0 tolerateilusidjukl.shop
0.0.0.0 shatterbreathepsw.shop
0.0.0.0 shortsvelventysjo.shop
0.0.0.0 incredibleextedwj.shop
0.0.0.0 alcojoldwograpciw.shop
0.0.0.0 liabilitynighstjsko.shop
0.0.0.0 demonstationfukewko.shop
# https://forums.malwarebytes.com/topic/311316-rtp-detection-outbound-connection-from-explorerexe/
# https://threatfox.abuse.ch/ioc/1263183/
0.0.0.0 greatnessappreviews.com
# https://forums.malwarebytes.com/topic/311502-windows-10-infected-with-malware-that-malwarebytes-cant-find/
0.0.0.0 percumannue.com
# https://infosec.exchange/@th3_protoCOL/112360917153667995
0.0.0.0 appauthentiflcator.digital
# TODO: Recheck (was dead when added)
0.0.0.0 authentlcatcodes.icu
# https://github.com/RPiList/specials/issues/1559
0.0.0.0 dlhpostsup.top
# https://www.virustotal.com/gui/url/52e1dc85a5cec6eb0410bfa2884ee4d55a1934dc0b451a4e29cdba26ae840b9b/community
# my analysis: https://tria.ge/240507-zpcrdsfc7w/behavioral1
0.0.0.0 mundotatuajes.info
0.0.0.0 mine.mundotatuajes.info
# https://rmceoin.github.io/malware-analysis/2024/05/07/clearfake2.html
0.0.0.0 akademipraktik.com
0.0.0.0 rtattack.baqebei1.online
0.0.0.0 valentinedaycard.com
# from D4niloMR
0.0.0.0 redecanaistv.dev
# https://github.com/StevenBlack/hosts/issues/2650
# https://tria.ge/240511-p57xcsbf55/behavioral1
0.0.0.0 urdxh.com
# https://github.com/uBlockOrigin/uAssets/issues/23655
0.0.0.0 hypernitro.ru
0.0.0.0 nitrohunt.com
# ---- Scams ----
# fails to disclose it's lack of connection to uBlock *Origin*
# https://infosec.exchange/@iampytest1/111306748409652707
0.0.0.0 ublock.org
# https://virustotal.com/gui/url/723d30dcc93ee90f8f04b5cc3c5d07492338c41f7aa62fb2723c7d8b91537338/community
# https://github.com/uBlockOrigin/uAssets/issues/5854
0.0.0.0 ublockerext.com
# This domain has been used for typosquatting, malware, phishing, and scams (redirects to other scam/malware sites as of 17/9/2021)
# curl on 9/5/2021 shows it is still online
# https://www.siteadvisor.com/sitereport.html?url=quatrefeuillepolonaise.xyz
# https://virustotal.com/gui/url/7319b37aff351dc0f0e71dba194b5f21972be9ad072b955a35d27d5af359d5fa/community
# https://virustotal.com/gui/domain/quatrefeuillepolonaise.xyz/detection
# https://safeweb.norton.com/report/show?url=quatrefeuillepolonaise.xyz
# https://www.fortiguard.com/webfilter?q=quatrefeuillepolonaise.xyz
# https://quttera.com/detailed_report/quatrefeuillepolonaise.xyz
# https://www.urlvoid.com/scan/quatrefeuillepolonaise.xyz/
# https://www.mywot.com/en/scorecard/quatrefeuillepolonaise.xyz
# https://github.com/DandelionSprout/adfilt/issues/188
0.0.0.0 quatrefeuillepolonaise.xyz
# Related to above
# https://github.com/DandelionSprout/adfilt/issues/188
# https://github.com/DandelionSprout/adfilt/commit/0af1431c8f4cf45e9c27e359edf777b0c9bfa153
0.0.0.0 extragifis.site
0.0.0.0 captcharesolving-universe.com
# https://virustotal.com/gui/ip-address/5.8.34.26/relations
# https://github.com/DandelionSprout/adfilt/issues/188
0.0.0.0 captcharesolver.com
# https://virustotal.com/gui/url/136909c39798eacfc82e58459684619a4b89de8d3dedbe5a3010c5152b670328/detection
# https://github.com/iam-py-test/Assets-001/blob/main/goglenet%20malware
0.0.0.0 cpmstatsart.com
# https://github.com/DandelionSprout/adfilt/issues/188#issuecomment-848834204
0.0.0.0 instantfwding.com
0.0.0.0 catnip.de
0.0.0.0 trafcenter.us
0.0.0.0 fwdservice.com
# https://securitytrails.com/list/ip/5.8.47.3
# https://safeweb.norton.com/report/show?url=gamesex.fun
# https://www.siteadvisor.com/sitereport.html?url=gamesex.fun
# https://virustotal.com/gui/url/7bedfdd70bd23869a3598186270bcca9e64870842fb95df46da9ed5519e0b41c/detection
0.0.0.0 gamesex.fun
# just redirects to another blocked domain
# https://github.com/DandelionSprout/adfilt/issues/188
0.0.0.0 kmip.net
0.0.0.0 iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
0.0.0.0 goldprize.xyz
# More scam stuff on 27/9/2021
0.0.0.0 smartcaptchasolve.top
0.0.0.0 cloud-repos.store
0.0.0.0 retailproductsusa.com
0.0.0.0 www.retailproductsusa.com
# Even more scams - https://github.com/DandelionSprout/adfilt/issues/188#issuecomment-931700117
0.0.0.0 findanswersnow.net
0.0.0.0 two.findanswersnow.net
0.0.0.0 diabasewoodhouse.xyz
0.0.0.0 signupandturnyourscreenoffsafepowernow.date
0.0.0.0 www.signupandturnyourscreenoffsafepowernow.date
0.0.0.0 best-prizes.life
0.0.0.0 jsontdsexit.com
0.0.0.0 therewardboost.com
0.0.0.0 t.therewardboost.com
0.0.0.0 natnlconsmrctr.com
0.0.0.0 lore.deduce.com
0.0.0.0 d2m2wsoho8qq12.cloudfront.net
0.0.0.0 jpgtrk.com
0.0.0.0 pnghst.com
# domains which gogle[.]net redirects to on 17/10/2021
0.0.0.0 positivestar.org
0.0.0.0 securysearchapp.com
0.0.0.0 www1.securysearchapp.com
0.0.0.0 mydealprotection.com
0.0.0.0 www.mydealprotection.com
# on the same IP & just by looking at them, I can tell they are not legit
0.0.0.0 intunes.com
0.0.0.0 pple.com
0.0.0.0 gimal.com
# 19/11/2022: https://sitecheck.sucuri.net/results/get-the-prize-ht3.live
0.0.0.0 get-the-prize-ht3.live
# https://github.com/uBlockOrigin/uAssets/issues/9344
# https://github.com/iam-py-test/Assets-001/tree/main/uiz.io_scam
0.0.0.0 uiz.io
# More scam domains found via redirects when clicking on the fake recaptcha
# https://virustotal.com/gui/url/73dae7d74bcdc9099a54b75b904cc45995d85534a313ad65fcc4d9e401b34607/detection
0.0.0.0 rewardsavenue.net
# https://virustotal.com/gui/url/d6745ce01da185054bd2125858e75445783976de0e5fa4a445284243830070e7/detection
0.0.0.0 rewardsgiantusa.com
# https://virustotal.com/gui/url/9edd33c7a370ba96bf3a7682193e67538984eab9d1b719c2f3042599a4d3d1d5/detection
0.0.0.0 rewardgiantztesters.com
# https://github.com/blocklistproject/Lists/issues/513
0.0.0.0 gooooooooogle.com
# https://github.com/iam-py-test/investigations/blob/main/2021/10/26/1.md#domains
0.0.0.0 p185689.mybetterdl.com
0.0.0.0 r-tb.com
0.0.0.0 feed.r-tb.com
0.0.0.0 t.r-tb.com
0.0.0.0 cdn.hoood.info
0.0.0.0 barah-flo.com
0.0.0.0 beta-one.net
0.0.0.0 ny-t.r-tb.com
0.0.0.0 pisism.com
0.0.0.0 security-scanner.xyz
# https://github.com/iam-py-test/investigations/blob/main/2021/10/26/1.md#html-captures
0.0.0.0 news-back.org
0.0.0.0 www1.news-back.org
0.0.0.0 www2.news-back.org
0.0.0.0 www3.news-back.org
0.0.0.0 www4.news-back.org
0.0.0.0 www5.news-back.org
0.0.0.0 www6.news-back.org
0.0.0.0 www7.news-back.org
0.0.0.0 www8.news-back.org
0.0.0.0 www9.news-back.org
0.0.0.0 www10.news-back.org
# https://github.com/DandelionSprout/adfilt/pull/289
0.0.0.0 gogles.com
0.0.0.0 flexroll.online
0.0.0.0 army-glo.scrollingsystem.com
# ||www.kqzyfj.com^$all
# ||kqzyfj.com^$all
# ||cj.dotomi.com^$all
0.0.0.0 mcafee12.tt.omtrdc.net
# https://virustotal.com/gui/ip-address/70.32.1.32/relations
0.0.0.0 clk.rtpdn14.com
0.0.0.0 cd.org
# https://github.com/uBlockOrigin/uAssets/issues/9848#issuecomment-907855092
# https://virustotal.com/gui/url/1671d2b14f2baed1438176929ba9908270f26e41f7b17c0ce0a85bd5e9c20f35/detection
# https://virustotal.com/gui/url/0eca172b2f35f81e0f222dbdf261a100c7897f734c7ba43920b67c4cddd6f8c9/detection
0.0.0.0 get-cracked.com
# More related domains/urls
0.0.0.0 www.mediafiire.com
0.0.0.0 mediafiire.com
0.0.0.0 d1xkyo9j4r7vnn.cloudfront.net
0.0.0.0 www.onlinepromotionsusa.com
0.0.0.0 onlinepromotionsusa.com
0.0.0.0 w.promotionsonlineusa.com
# https://github.com/uBlockOrigin/uBlock-issues/issues/1774
# https://github.com/iam-py-test/investigations/blob/main/2021/10/28/1.md
0.0.0.0 slobodapatient.me
0.0.0.0 www.slobodapatient.me
0.0.0.0 ppcnzi.xyz
0.0.0.0 www.ppcnzi.xyz
0.0.0.0 eritokyo.jp
0.0.0.0 www.cpanlyzr.co
0.0.0.0 cpanlyzr.co
0.0.0.0 rewardzoneusa.com
0.0.0.0 contact.rewardzoneusa.com
0.0.0.0 reward3spot.com
0.0.0.0 www.reward3spot.com
0.0.0.0 order-safely.com
0.0.0.0 www.order-safely.com
0.0.0.0 followlink.click
0.0.0.0 us.systemupdatecontrol.com
0.0.0.0 systemupdatecontrol.com
0.0.0.0 ryderftv.co
0.0.0.0 www.ryderftv.co
0.0.0.0 publishers.revenueuniverse.com
# https://scammer.info/t/crypto-scam/82425
0.0.0.0 gemini-horoscope-astrologer.business.site
# https://scammer.info/t/noteit-scam/82283
0.0.0.0 pautils.online
# https://scammer.info/t/usps-spam/83368
0.0.0.0 www.wutaideng.wang
# https://scammer.info/t/crypto-scam/83168
0.0.0.0 gemini-telephonecompany.business.site
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-974886953
0.0.0.0 e.datingmap.top
0.0.0.0 datingmap.top
0.0.0.0 tonightshookup.com
0.0.0.0 members.tonightshookup.com
0.0.0.0 t.tonightshookup.com
0.0.0.0 yourladiefun.life
# Scam and fake Roblox hacks
0.0.0.0 gghacks.com
# Scam websites opened - put in redirect order
0.0.0.0 www.rewardsgiantusa.com
# Asks for personal data (name,address,birthdate,gender,email), claims you will get a "reward", never provides hack
0.0.0.0 promotionsonlineusa.com
0.0.0.0 r.promotionsonlineusa.com
# More scams
0.0.0.0 displayoptoffers.com
0.0.0.0 www.displayoptoffers.com
0.0.0.0 www.yrxtrk.com
0.0.0.0 play.sweepstakesalerts.com
0.0.0.0 sweepstakesalerts.com
0.0.0.0 www.stash.com
0.0.0.0 www.qualityhealth.com
0.0.0.0 qualityhealth.com
0.0.0.0 consumerproductsusa.com
0.0.0.0 www.consumerproductsusa.com
# https://github.com/iam-py-test/investigations/blob/main/2021/11/21/1.md
# https://github.com/hagezi/dns-blocklists/issues/241
# ||yasir252.com^$all
# ||www.yasir252.com^$all
0.0.0.0 safelink.kadal.club
# https://forums.malwarebytes.com/topic/285824-malicious-disk-image-file-iso/ --> https://virustotal.com/gui/url/20ef8f13f6ed4f2ad0f25c4d98c5ba213223dd95d18ae31494b5df4305fc7a6c
0.0.0.0 iclickcdn.com
0.0.0.0 bedrapiona.com
0.0.0.0 dozubatan.com
0.0.0.0 onmarshtompor.com
0.0.0.0 chultoux.com
0.0.0.0 yonhelioliskor.com
0.0.0.0 ptauxofi.net
0.0.0.0 betshucklean.com
0.0.0.0 buncoswosh.com
0.0.0.0 b58ncoa1c07f.com
0.0.0.0 t.avroute01.com
0.0.0.0 gammamkt.com
0.0.0.0 leadgentrk.com
0.0.0.0 chirkacylal.com
# https://github.com/AdguardTeam/AdguardFilters/issues/122055
0.0.0.0 shoksips.com
# https://tria.ge/230714-tf54paga3y/behavioral1
0.0.0.0 adblock-zen-download.com
0.0.0.0 adblock-zen.com
0.0.0.0 adblockertool.com
0.0.0.0 supremeadblocker.info
# https://scammer.info/t/faremart/82671
0.0.0.0 www.faremart.com
0.0.0.0 faremart.com
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-977912975
# https://www.tv2.no/nyheter/14368524/
0.0.0.0 alexstewartinternationalltd.rw
0.0.0.0 vps.re
# https://www.youtube.com/watch?v=iQiVH533ncM
0.0.0.0 avengeradblocker.com
0.0.0.0 poweradblocker.com
# https://github.com/iam-py-test/investigations/blob/main/2021/11/25/1.md
0.0.0.0 steamkeygiveaway.net
0.0.0.0 fasterfiles.net
0.0.0.0 inteledirect.com
0.0.0.0 turapport-strience.icu
0.0.0.0 americanwinnerscircle.com
# https://github.com/uBlockOrigin/uAssets/pull/10599#issuecomment-979356358
0.0.0.0 yunosurveys.com
# https://github.com/iam-py-test/investigations/blob/main/2021/11/28/1.md
0.0.0.0 reykijnoac.com
0.0.0.0 totalnicefeed.com
0.0.0.0 omnatuor.com
# https://scammer.info/t/youtube-bot-roblox-scam-39/84530
0.0.0.0 freeco.xyz
# https://scammer.info/t/paypal-phishing-12/84592
0.0.0.0 golemgreat122.000webhostapp.com
# https://scammer.info/t/microsoft-phishing-1/84589
0.0.0.0 aceelectricalny.com
# https://scammer.info/t/discord-nitro-generator-7/84570
0.0.0.0 www.appninjas.xyz
0.0.0.0 appninjas.xyz
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-986306768
0.0.0.0 chess-progress.ru
0.0.0.0 ouhastay.net
# https://forums.malwarebytes.com/topic/281514-scam-websites/
0.0.0.0 812138.com
0.0.0.0 dk-video.xyz
0.0.0.0 dj-video.xyz
0.0.0.0 gi-video.xyz
0.0.0.0 hj-video.xyz
0.0.0.0 havmoney.xyz
# https://github.com/uBlockOrigin/uAssets/pull/10804
# https://bbs.kafan.cn/thread-2221500-1-1.html
0.0.0.0 88btbtt.com
0.0.0.0 musmentportal.com
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-988127908
# https://www.tek.no/i/lVeQAe/
# https://www.nkom.no/aktuelt/ikke-trykk-pa-lenker-i-sms--for-du-er-helt-sikker/
0.0.0.0 eccolabgroup.com
0.0.0.0 galerijajava.ba
0.0.0.0 p-stn.net
# scam dating sites
0.0.0.0 casualdating.com
0.0.0.0 iflirts.com
0.0.0.0 www.iflirts.com
# fake notification scams
0.0.0.0 ourcoolstories.com
0.0.0.0 javsidblog.com
0.0.0.0 cagothie.net
# https://github.com/iam-py-test/investigations/blob/main/2021/12/9/1.md
0.0.0.0 0s.click
0.0.0.0 0ffer.icu
0.0.0.0 0pen.online
# https://github.com/iam-py-test/investigations/blob/main/2021/12/12/1.md
0.0.0.0 onlineenglishteacher.co
0.0.0.0 www.fling.com
# either redirects to random websites or scams
0.0.0.0 lekms.com
0.0.0.0 yourcoolfeed.com
# fake MediaFire websites
0.0.0.0 songlos.com
0.0.0.0 royaltees.co
0.0.0.0 findes.co
0.0.0.0 vitafox.findes.co
0.0.0.0 monkeyselite.tonick.co
0.0.0.0 kitago.info
0.0.0.0 herezfile400.weebly.com
0.0.0.0 hereeup447.weebly.com
0.0.0.0 yaihxj.knewdayfull.top
0.0.0.0 knewdayfull.top
0.0.0.0 4lgx4.bemobtrcks.com
0.0.0.0 hugewifesilver.top
0.0.0.0 ge6s.com
0.0.0.0 sitexchange.causeart.co
0.0.0.0 yellowmother374.weebly.com
0.0.0.0 myhayward.us
0.0.0.0 tiborola.info
0.0.0.0 artbistro.us
0.0.0.0 myhypeposts.com
0.0.0.0 onlynewstoday.com
0.0.0.0 payments4u.org
0.0.0.0 freeiphone.info
0.0.0.0 flummer.geppe.us
0.0.0.0 tuckets.moanas.us
0.0.0.0 zxzfic.weebly.com
0.0.0.0 iminna.info
0.0.0.0 bloghunter.aaguatemala.org
0.0.0.0 abated-hamate.xyz
0.0.0.0 cleveradult148.weebly.com
0.0.0.0 forexever451.weebly.com
0.0.0.0 ourcoolposts.com
0.0.0.0 bitnew695.weebly.com
0.0.0.0 www.iztzo.com
0.0.0.0 iztzo.com
0.0.0.0 gomusic.info
0.0.0.0 myprotectionsurveys.com
0.0.0.0 www.myprotectionsurveys.com
0.0.0.0 ouphouch.com
# https://github.com/iam-py-test/investigations/blob/main/2021/12/14/1.md
0.0.0.0 onemacusa.net
# random .xyz domains which just don't look legit
0.0.0.0 cp2s.xyz
0.0.0.0 80302.xyz
# https://github.com/DevSpen/links/pull/3
0.0.0.0 d13nu0oomnx5ti.cloudfront.net
0.0.0.0 dgu9g3a2kzqx2.cloudfront.net
0.0.0.0 d13pxqgp3ixdbh.cloudfront.net
# https://scammer.info/t/snapchat-spam-click-link-don-t-link-investigate-please/85620
0.0.0.0 nvoddn.hotglrls.net
0.0.0.0 hotglrls.net
0.0.0.0 hushlove.com
0.0.0.0 jucydate.com
0.0.0.0 w17veh63m7o8s4ncihd1jq8i.people-wet.com
# https://scammer.info/t/stupid-ass-scammers-lol/85601 (support[@]clickgadgets[.]club)
0.0.0.0 clickgadgets.club
# scam website with only fake links
0.0.0.0 crackthisgame.com
0.0.0.0 pseepsie.com
# pretty sure this is a porn scam
0.0.0.0 carnalcams.com
0.0.0.0 www.carnalcams.com
# the register form doesn't do anything after entering data, just redirect back to the start
0.0.0.0 fbookhookups.com
0.0.0.0 fuckpal.com
# seen in scam ads
0.0.0.0 fuck-me.io
# https://scammer.info/t/youtube-comment-spam/85737
0.0.0.0 acceptww.com
0.0.0.0 0.acceptww.com
0.0.0.0 8.acceptww.com
# https://github.com/DandelionSprout/adfilt/issues/288
0.0.0.0 discordap.com
0.0.0.0 forwrdnow.com
0.0.0.0 7lyonline.com
0.0.0.0 safelyonline.net
0.0.0.0 get.safelyonline.net
0.0.0.0 browse-safe.net
0.0.0.0 get.browse-safe.net
0.0.0.0 btpnative.com
0.0.0.0 besty-deals.com
0.0.0.0 data-px.services
0.0.0.0 live.newsvot.com
0.0.0.0 adalgard-wol.com
0.0.0.0 secure-access-981cd52a6hqpm8e2.gate23.xyz
0.0.0.0 ny-feed.r-tb.com
0.0.0.0 clk.hosting-redirect.com
# https://scammer.info/t/cyberpunk-2077-fake-generator/85772
0.0.0.0 ragamer.com
# https://scammer.info/t/indian-kotak-mahindra-bank-scam/85760
0.0.0.0 raam-and-laxman98.000webhostapp.com
# https://scammer.info/t/nitro-is-handed-there-for-free-scam-7-927-324-30-54/85763
0.0.0.0 gift-discords.com
# possible Tech Support Scam
0.0.0.0 installmysecurity.com
# "press allow to continue"
0.0.0.0 shortnewsinfo.com
# https://scammer.info/t/mcafee-phish/83725
0.0.0.0 securefirst.us-east-1.linodeobjects.com
# https://github.com/uBlockOrigin/uBlock-issues/issues/1774#issuecomment-1000722777
0.0.0.0 viewty.xyz
0.0.0.0 landing.marketstm.com
# https://scammer.info/t/1-month-nitro-for-free-take-it-scam/86166
0.0.0.0 discrode-gifte.club
# https://forums.malwarebytes.com/topic/282206-scam-websites/
0.0.0.0 hu-video.xyz
0.0.0.0 bs-video.xyz
0.0.0.0 xa-video.xyz
0.0.0.0 video-cd.xyz
0.0.0.0 gm-video.xyz
0.0.0.0 iamoney.xyz
0.0.0.0 vbmoney.xyz
0.0.0.0 obmoney.xyz
0.0.0.0 kcmoney.xyz
0.0.0.0 dcmoney.xyz
0.0.0.0 lstmoney.xyz
0.0.0.0 uamoney.xyz
0.0.0.0 tbmoney.xyz
0.0.0.0 ecmoney.xyz
0.0.0.0 gcmoney.xyz
# https://forums.malwarebytes.com/topic/282206-scam-websites/?do=findComment&comment=1494794
0.0.0.0 iglookup.com
0.0.0.0 www.iglookup.com
# 'click allow to continue' scam which redirects to random subdomains when the premission is blocked. Also redirects to TotalAV at the end
0.0.0.0 8db3p.leadoesnotknowaboutkukuriko.xyz
0.0.0.0 leadoesnotknowaboutkukuriko.xyz
# fake antivirus message
0.0.0.0 mcafee5.www-safety.com
0.0.0.0 weledying-jessed.com
# https://forums.malwarebytes.com/topic/282376-website-giving-spammy-popups/
0.0.0.0 tepspr.com
0.0.0.0 rplnd10.com
# https://scammer.info/t/youtube-bot/86668
0.0.0.0 kingapp.store
0.0.0.0 downloadlocked.com
0.0.0.0 advantagecircles.com
0.0.0.0 iwin.rewardsadvisor.com
0.0.0.0 rewardsadvisor.com
# found this while looking for Memz samples - https://user-images.githubusercontent.com/84232764/149638659-8e0e9e91-8d02-4fff-bd0f-af8423550777.png (hxxps://verify-me.club/2004cbf?s1=down1)
0.0.0.0 verify-me.club
# still alive as of 11/11/2022 - https://app.any.run/tasks/f0474f51-6b14-432b-b1f0-98a1137e359c
0.0.0.0 verifyme.za.com
0.0.0.0 letmik.com
0.0.0.0 c.atandmouse.com
0.0.0.0 g.atandmouse.com
0.0.0.0 atandmouse.com
# "press allow to continue" popup ad
0.0.0.0 masstech.info
0.0.0.0 windows-secureit.com
# fake game cheat download buttons redirecting to "press allow to continue" and Norton
# also https://forums.malwarebytes.com/topic/287349-my-google-browser-could-be-infected-need-help-removing-it/
0.0.0.0 anonmods.com
# fake discord Nitro generator
0.0.0.0 us.doctorpost.net
# another fake Nitro generator
0.0.0.0 richinfo.co
0.0.0.0 contact.uplevelrewards.com
# fake download website
0.0.0.0 tonxis19.amebaownd.com
0.0.0.0 hzaowj3.berilata.ru
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1025251202
# https://github.com/uBlockOrigin/uAssets/issues/11518
0.0.0.0 libertatea.net
# fake human verification scam
# start form - reported for abuse
0.0.0.0 q.promotionsonlineusa.com
0.0.0.0 reward4spot.com
0.0.0.0 www.reward4spot.com
# fake download buttons with popups
0.0.0.0 cracked-games.org
0.0.0.0 prksism.com
# https://virustotal.com/gui/ip-address/18.210.201.44/relations
0.0.0.0 antirobotsystem.com
# fake 'no human verification' discord nitro generator
0.0.0.0 huffduffer.com
# still alive as of 11/11/2022 - https://app.any.run/tasks/c4a6e7d3-21da-4274-b262-e08dee1bb3cd
0.0.0.0 meine.belohnung24.com
0.0.0.0 ideen.belohnung24.com
0.0.0.0 iphone.belohnung24.com
# another discord Nitro scam
# "press allow to continue"
0.0.0.0 www.kuyhaa-mee.com
0.0.0.0 kuyhaa-mee.com
0.0.0.0 waystriling.com
0.0.0.0 nze0xw.waystriling.com
0.0.0.0 581358.waystriling.com
0.0.0.0 qyt8pi.waystriling.com
0.0.0.0 xiiowt.waystriling.com
0.0.0.0 www.upload-4ever.com
0.0.0.0 upload-4ever.com
0.0.0.0 worldcoolfeed.com
# Fake discord nitro (still alive as of 11/11/2022)
0.0.0.0 lucymods.com
0.0.0.0 gluegames.xyz
# another fake site
0.0.0.0 www.aldvingomes.com
0.0.0.0 aldvingomes.com
0.0.0.0 codegen.fun
# fake discord nitro
0.0.0.0 getmecodes.xyz
# https://app.any.run/tasks/73236419-3190-47fa-81f0-8a31bcf48a5b
0.0.0.0 minutewinner.com
# Yet another fake discord generator
0.0.0.0 jellycheat.com
# https://scammer.info/t/paste-your-discord-nitro-scams-here/89880/2
# https://www.reddit.com/r/computerviruses/comments/swrrx8/used_a_youtube_to_mp3_downloader_today_and_these/
0.0.0.0 unrelered.xyz
# https://web.archive.org/web/20230604183723/https://twitter.com/iam_py_test/status/1496259425493225472
# all the RARs just contained one zero-byte file, so just blocking the confirmed scam part of it (start URL hxxpx[://]bayanhuu[.]com/microsoft-office-2016-full-download[/]
0.0.0.0 habitum.xyz
0.0.0.0 news-easy.org
# https://github.com/uBlockOrigin/uAssets/issues/11157#issuecomment-1049093327
0.0.0.0 sideload.cc
# survey scams
0.0.0.0 psp-haxors.com
0.0.0.0 gripclicks.com
# https://app.any.run/tasks/a3abdf35-fa15-4115-91fb-cfc5c1e45ff4
0.0.0.0 omnioffers.com
# https://virustotal.com/gui/url/98f0186f4d20f3138a4e05f58369019cee8e88153578e3d729b716d8b57c0857/community
0.0.0.0 k6pay.top
0.0.0.0 h6pay.top
0.0.0.0 g6pay.top
0.0.0.0 n6pay.top
0.0.0.0 c6pay.top
# hxxpx[://]consortiumrecords[.]co/free-tools/download-microsoft-office-365-product-key-crack-updated/
0.0.0.0 foradream.top
0.0.0.0 h.therewardboost.com
0.0.0.0 b.therewardboost.com
0.0.0.0 i.therewardboost.com
0.0.0.0 s.therewardboost.com
0.0.0.0 c.therewardboost.com
0.0.0.0 w.therewardboost.com
0.0.0.0 z.therewardboost.com
0.0.0.0 g.therewardboost.com
0.0.0.0 o.therewardboost.com
0.0.0.0 u.therewardboost.com
0.0.0.0 v.therewardboost.com
0.0.0.0 y.therewardboost.com
0.0.0.0 m.therewardboost.com
0.0.0.0 x.therewardboost.com
0.0.0.0 d.therewardboost.com
0.0.0.0 j.therewardboost.com
0.0.0.0 p.therewardboost.com
0.0.0.0 f.therewardboost.com
0.0.0.0 a.therewardboost.com
0.0.0.0 e.therewardboost.com
0.0.0.0 r.therewardboost.com
0.0.0.0 k.therewardboost.com
0.0.0.0 n.therewardboost.com
0.0.0.0 l.therewardboost.com
0.0.0.0 q.therewardboost.com
0.0.0.0 www.therewardboost.com
# porn scam? asks for personal info and gets stuck in a loop
0.0.0.0 dream-singles.com
# even more fake "human verification"
0.0.0.0 speedboostpc.com
0.0.0.0 unlimitedtools.website
# redirects to already blocked sites
# scam browser theme
0.0.0.0 unlock3r.net
0.0.0.0 nitroboostcord.blogspot.com
# looks very shady
0.0.0.0 www.taixiu.bet
0.0.0.0 taixiu.bet
# https://github.com/AdguardTeam/AdguardFilters/issues/111843
0.0.0.0 cybop.net
# https://forums.malwarebytes.com/topic/284608-crypto-giveaway-scams/
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1060031240
0.0.0.0 webcams-chat.com
0.0.0.0 mydirtytinders.com
# yet another fake Discord Nitro Generator
0.0.0.0 www.everydaywinner.com
0.0.0.0 everydaywinner.com
0.0.0.0 generatekey.xyz
0.0.0.0 e.9nl.it
0.0.0.0 www.monumented.com
# looks like Fox News, to promote something which is probably a scam
0.0.0.0 www.livingyourbestlife.co
0.0.0.0 livingyourbestlife.co
0.0.0.0 foxnewsweatherdaily.com
# https://virustotal.com/graph/gae4b79eddfec44439142fec34bf90890609e118340984dbd855b515b1be9cfc9
# auto-redirect from hxxpx://createwithkrista[.]co/windows/winrar-for-windows-10-64-bit-free-download-with-crack/
0.0.0.0 outto.us
# hxxpx://thecornermarket[.]co/free-crack/winrar-64-bit-download-crack/?utm_referrer=https%3A%2F%2Fwww.bing.com%2F
0.0.0.0 merchd.rip
# the rest is blocked
# YAFNG (Yet another fake Nitro generator)
0.0.0.0 nitromexyz.xyz
0.0.0.0 grptrac.com
# https://app.any.run/tasks/b43b04b3-b8c1-4384-b455-961f427f5379
0.0.0.0 h.shyflirttalks.com
# Yet Another fake discord generator
0.0.0.0 gamex.codes
0.0.0.0 consumerdigitalsurvey.com
# Reddit spam --> already blocked
# Already blocked
0.0.0.0 d.promotionsonlineusa.com
# Also blocked
# https://forums.malwarebytes.com/topic/285189-scam-warnings-of-trojansviruses-via-web-browser-service-workers/
0.0.0.0 yourwebshield.com
# https://app.any.run/tasks/a8a589e0-2aee-43f5-9fbe-92dc9e4bfec4
0.0.0.0 action.miliated.xyz
0.0.0.0 undrininvereb.info
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1094359634
0.0.0.0 2horney-girls.life
0.0.0.0 localdates16s.com
0.0.0.0 popupchat-live.com
0.0.0.0 bhgfsfh.com
# a "press allow to continue" + fake McAfee
0.0.0.0 ultrafastultra.blogspot.com
0.0.0.0 tei.ai
0.0.0.0 forfrogadiertor.com
0.0.0.0 ourdailystories.com
# Fake Discord nitro generator
0.0.0.0 www.uplevelreward.com
0.0.0.0 uplevelreward.com
# https://github.com/uBlockOrigin/uAssets/pull/12699
0.0.0.0 ziltzwebsol.online
# even more fake Discord Nitro generators
# Google Group --> Discord Nitro generator
# https://github.com/AdguardTeam/AdguardFilters/issues/115955
0.0.0.0 family24rx.com
# https://github.com/AdguardTeam/AdguardFilters/issues/115960
0.0.0.0 onpharmvermen.com
# https://github.com/AdguardTeam/AdguardFilters/issues/115959
0.0.0.0 classpharmenado.com
# https://github.com/AdguardTeam/AdguardFilters/issues/115958
0.0.0.0 sale24-pills.com
# https://github.com/AdguardTeam/AdguardFilters/issues/115957
0.0.0.0 helppharmlead.com
# https://github.com/AdguardTeam/AdguardFilters/issues/115954
0.0.0.0 everypdnsharmacy.com
# https://github.com/AdguardTeam/AdguardFilters/issues/115953
0.0.0.0 happypharmproduct.com
# Fake Norton screen
0.0.0.0 gapscult.com
# a fake MediaFire domain
0.0.0.0 walkeryellow141.weebly.com
0.0.0.0 www.rewards-cards.org
0.0.0.0 www.dealskeeper.com
0.0.0.0 h.promotionsonlineusa.com
# ads on hxxp://gestyy[.]com/es8jOv
0.0.0.0 m.eegeeglou.com
# Discord Nitro generator (fake)
0.0.0.0 y.promotionsonlineusa.com
# ads on a site --> https://virustotal.com/gui/url/0871f217f945c993d8624aadd5e718e9bb740096d13fad74d58b3fc3a4fdfda0
0.0.0.0 ebaaa.xyz
0.0.0.0 uprimp.com
0.0.0.0 odaba.live
# a random popup
0.0.0.0 lifeimpressions.net
0.0.0.0 d0063d.lifeimpressions.net
0.0.0.0 100800.lifeimpressions.net
0.0.0.0 fdb51a.lifeimpressions.net
0.0.0.0 3ceeb9.lifeimpressions.net
# https://github.com/AdguardTeam/AdguardFilters/issues/121544
0.0.0.0 trafredirtds.com
# https://web.archive.org/web/20230604184126/https://twitter.com/iam_py_test/status/1538267982551347200
0.0.0.0 www.easyrobuxtoday.org
0.0.0.0 robloxhackv2111.blogspot.com
0.0.0.0 appinstallcheck.com
# weird website with some Push Allow To Continue alerts - hxxpx[://]www[.]filefixation[.]com/malwarebytes-pro-crack-serial-keygen-download.html
0.0.0.0 filefixation.com
0.0.0.0 www.filefixation.com
0.0.0.0 deal-warriors.com
# ads
0.0.0.0 ffe405491d.28b67b8230.com
0.0.0.0 german0.xyz
0.0.0.0 wnprt.club
0.0.0.0 kerbians.click
# redirects to scams
0.0.0.0 sharefast572.tumblr.com
0.0.0.0 tumblr.gotohouse.top
0.0.0.0 gotohouse.top
# redirected to scams automatically
0.0.0.0 loadingdead.netlify.app
0.0.0.0 down.myboxloadneed.top
0.0.0.0 myboxloadneed.top
# fake download to scams
0.0.0.0 alexisfernandez.doodlekit.com
0.0.0.0 doodlekit.gotorange.top
# tech support scam - https://forums.malwarebytes.com/topic/287438-excel-macro-40-abuse-protection-prevents-opening-password-protected-files/?do=findComment&comment=1519928
0.0.0.0 ewebprotection.info
# hxxps://iyoutubetomp4[.]com/en/
# https://app.any.run/tasks/8125703c-6fdb-49bc-a18c-918e64e83f4d
0.0.0.0 nedaugha.buzz
0.0.0.0 jarine.co
0.0.0.0 nedukeratio.lol
0.0.0.0 lsmnz.perfordpetre.xyz
0.0.0.0 perfordpetre.xyz
# Discord scam
# Push-Allow-To-Continue
0.0.0.0 ptaimpeerte.com
# possible tech support scam, might be dead
0.0.0.0 vyredis.bio
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1195654525
# https://github.com/DandelionSprout/adfilt/commit/5ca8e833c7817f2d5929a4adf4792fdcbb822fc0
0.0.0.0 k-yw.com
# McAfee-themed scam
0.0.0.0 d3f068fvt45f1f.cloudfront.net
0.0.0.0 eastrk-dn.com
# Fake giveaway
0.0.0.0 teenmas46.tistory.com
0.0.0.0 teenymi.tistory.com
0.0.0.0 myapplesite.us
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1209782781
# https://app.any.run/tasks/a7cc86ee-a604-4a65-968c-26c237620b2b (nsfw)
0.0.0.0 girlluscious.com
0.0.0.0 fuckbook.tv
# https://www.youtube.com/watch?v=6e7MsoThffo
0.0.0.0 loadnova898.netlify.app
0.0.0.0 tonrino.info
0.0.0.0 new.bestageoffers2022.com
0.0.0.0 d0zi.com
0.0.0.0 rewards-cards.org
0.0.0.0 x-delivery.icu
0.0.0.0 nextsoft.icu
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1218058597
0.0.0.0 a2ics.eu
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1230875702
0.0.0.0 stils-top.space
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1230939213
0.0.0.0 classicsgirl.com
# https://app.any.run/tasks/a24d7146-479f-4b90-b4d6-c9d6e73257a8
0.0.0.0 pogothere.xyz
0.0.0.0 sihighlyrecom.xyz
0.0.0.0 czxcm.sihighlyrecom.xyz
0.0.0.0 rwanf.sihighlyrecom.xyz
0.0.0.0 zosuc.sihighlyrecom.xyz
# https://forums.malwarebytes.com/topic/290022-malware-from-acaptchalesstop/ <-- No proof, but the domain name looks sus
0.0.0.0 captchaless.top
0.0.0.0 a.captchaless.top
0.0.0.0 pshmetrk.com
# https://virustotal.com/gui/url/d86dda38f96243311df2857966c047be0b4097ed4541ebe28cdc0dfc9e4ff4d2/community
# https://app.any.run/tasks/3c8b1d38-de18-488a-9e3f-62b3354c17e8
0.0.0.0 haltertrailer.info
0.0.0.0 safesecureprotect.com
0.0.0.0 trk-magnam.com
0.0.0.0 event.trk-magnam.com
0.0.0.0 push.trk-deserunt.com
0.0.0.0 subscription.trk-deserunt.com
0.0.0.0 event.trk-deserunt.com
0.0.0.0 trk-deserunt.com
0.0.0.0 core.alertsx.com
0.0.0.0 alertsx.com
# https://twitter.com/iam_py_test/status/1571997052900413440 (image is age restricted for some reason, thus can't archive)
0.0.0.0 medialysticos.live
# Porn scam
0.0.0.0 her-cupid.com
0.0.0.0 hottieswantu.com
0.0.0.0 offers.usabangpalace.com
0.0.0.0 w86a5jeili53sd6j26lv71h0.find-singles-online.com
0.0.0.0 find-singles-online.com
# https://forums.malwarebytes.com/topic/290348-fake-mcafee-site/
# credit to https://forums.malwarebytes.com/profile/62534-chas4/
0.0.0.0 install-network.com
# https://app.any.run/tasks/541d38e7-67d1-46a7-85c8-dfcba7e40761
0.0.0.0 fatededers.com
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1257870944
0.0.0.0 netbuilding.com.ar
# Push scam shared by https://github.com/Yuki2718
0.0.0.0 nextpsh.top
# Scam shared by https://github.com/piquark6046 (https://app.any.run/tasks/c30445b3-cc48-4039-9b02-26289f798b2f)
# redirects from a hacked website
0.0.0.0 rx-qualityshop.com
0.0.0.0 canadatrustmed.com
# domains used by adfly for notification spam
# https://github.com/DandelionSprout/adfilt/commit/f60df9e069b404ce56727cc1b734b89ba7241849
# https://github.com/AdguardTeam/AdguardFilters/issues/132079
0.0.0.0 davisonbarker.pro
0.0.0.0 www64.davisonbarker.pro
0.0.0.0 www31.davisonbarker.pro
0.0.0.0 www10.davisonbarker.pro
0.0.0.0 www24.davisonbarker.pro
0.0.0.0 www62.davisonbarker.pro
0.0.0.0 www87.davisonbarker.pro
0.0.0.0 www16.davisonbarker.pro
0.0.0.0 www61.davisonbarker.pro
0.0.0.0 www50.davisonbarker.pro
0.0.0.0 www77.davisonbarker.pro
0.0.0.0 www100.davisonbarker.pro
0.0.0.0 www85.davisonbarker.pro
0.0.0.0 www76.davisonbarker.pro
0.0.0.0 www39.davisonbarker.pro
0.0.0.0 www28.davisonbarker.pro
0.0.0.0 www3.davisonbarker.pro
0.0.0.0 www75.davisonbarker.pro
0.0.0.0 www78.davisonbarker.pro
0.0.0.0 www15.davisonbarker.pro
0.0.0.0 www29.davisonbarker.pro
0.0.0.0 www70.davisonbarker.pro
0.0.0.0 www21.davisonbarker.pro
0.0.0.0 www59.davisonbarker.pro
0.0.0.0 www25.davisonbarker.pro
0.0.0.0 www17.davisonbarker.pro
0.0.0.0 www74.davisonbarker.pro
0.0.0.0 www99.davisonbarker.pro
0.0.0.0 www79.davisonbarker.pro
0.0.0.0 www22.davisonbarker.pro
0.0.0.0 www94.davisonbarker.pro
0.0.0.0 www45.davisonbarker.pro
0.0.0.0 www51.davisonbarker.pro
0.0.0.0 www98.davisonbarker.pro
0.0.0.0 www35.davisonbarker.pro
0.0.0.0 www92.davisonbarker.pro
0.0.0.0 www12.davisonbarker.pro
0.0.0.0 www37.davisonbarker.pro
0.0.0.0 www33.davisonbarker.pro
0.0.0.0 www68.davisonbarker.pro
0.0.0.0 www34.davisonbarker.pro
0.0.0.0 lowrihouston.pro
0.0.0.0 www53.lowrihouston.pro
0.0.0.0 www44.lowrihouston.pro
0.0.0.0 www48.lowrihouston.pro
0.0.0.0 www91.lowrihouston.pro
0.0.0.0 www57.lowrihouston.pro
0.0.0.0 www1.lowrihouston.pro
0.0.0.0 www42.lowrihouston.pro
0.0.0.0 nathanaeldan.pro
0.0.0.0 www97.nathanaeldan.pro
0.0.0.0 www61.nathanaeldan.pro
0.0.0.0 www48.nathanaeldan.pro
0.0.0.0 www4.nathanaeldan.pro
0.0.0.0 www86.nathanaeldan.pro
0.0.0.0 www84.nathanaeldan.pro
0.0.0.0 www50.nathanaeldan.pro
0.0.0.0 www39.nathanaeldan.pro
0.0.0.0 www16.nathanaeldan.pro
0.0.0.0 www44.nathanaeldan.pro
0.0.0.0 freddyoctavio.pro
0.0.0.0 www63.freddyoctavio.pro
0.0.0.0 www70.freddyoctavio.pro
0.0.0.0 www16.freddyoctavio.pro
0.0.0.0 www36.freddyoctavio.pro
0.0.0.0 www21.freddyoctavio.pro
0.0.0.0 www68.freddyoctavio.pro
0.0.0.0 www72.freddyoctavio.pro
0.0.0.0 www86.freddyoctavio.pro
# various domains farmed from adfly
# https://app.any.run/tasks/e18002cc-5207-4834-9e67-08364efb5036
0.0.0.0 toido.arrowtoldilim.com
# https://forums.malwarebytes.com/topic/291290-infected-with-chilichicytriecom/
0.0.0.0 chilichicytrie.com
# https://app.any.run/tasks/07bb037e-3180-40cd-8f59-b7854cabd601/
0.0.0.0 gamegadget2022.blogspot.com
0.0.0.0 easymoneysurvey.space
0.0.0.0 gifttopsurvey.top
# https://app.any.run/tasks/da8a44c3-965f-4fd6-816d-b5ae16235f62
0.0.0.0 iphone14.winnenmetje.info
0.0.0.0 winnenmetje.info
# https://virustotal.com/gui/url/7b40e1b7ffc3b710640ae41c529aff18e4c8cded55391d55c34b601912c5a2a2/community
# https://app.any.run/tasks/f0a198be-f4a4-4414-94c5-21ed61ae0264
# https://app.any.run/tasks/6600c704-20f5-4643-a9b7-322673aa7eb4
0.0.0.0 www.vbucks-goo.com
0.0.0.0 vbucks-goo.com
0.0.0.0 take.yunosurveys.com
0.0.0.0 www.jpnbgn.com
0.0.0.0 1263dcb80ec5.789offers.net
0.0.0.0 789offers.net
# https://forums.malwarebytes.com/topic/291952-mb-keeps-finding-same-4-pups/#comment-1541507
0.0.0.0 a.wilycaptcha.live
0.0.0.0 wilycaptcha.live
0.0.0.0 captchasee.live
0.0.0.0 captchatotal.live
# https://app.any.run/tasks/c87a34ca-0d2f-43cb-be6d-8f48506bd723
0.0.0.0 ftuyn.ewoverth.buzz
0.0.0.0 elooksjustli.one
# https://app.any.run/tasks/6bd12a68-ef8e-4e44-9c66-9c8e82cb784c
0.0.0.0 2.napublic.com
0.0.0.0 napublic.com
0.0.0.0 haxbyq.com
0.0.0.0 authookroop.com
0.0.0.0 dlinkrdr.com
0.0.0.0 s.viichxt.com
0.0.0.0 getsecures.com
0.0.0.0 s.viiqvmfb.com
# porn-related scams
0.0.0.0 flirtclub.life
0.0.0.0 bumble-me.com
0.0.0.0 localhookup5.com
0.0.0.0 i.placefordating.live
0.0.0.0 placefordating.live
0.0.0.0 eroticmadness.com
0.0.0.0 jtdn2.datingtopgirls.com
0.0.0.0 datingtopgirls.com
0.0.0.0 join-the-dating.com
0.0.0.0 18hot.pw
# https://app.any.run/tasks/87b656b2-3fd6-4bae-9267-f918ea4189ac
0.0.0.0 dating-hotcontacts.com
# https://youtu.be/GiixWxddP_M?t=1237
0.0.0.0 caren.live
# https://scammer.info/t/discord-nitro-scam/113648
0.0.0.0 www.iphonediscord.info
0.0.0.0 iphonediscord.info
# popups from shady URL shorteners
0.0.0.0 mediasama.com
0.0.0.0 nadjustifygas.com
0.0.0.0 ufacw.com
0.0.0.0 lyconery-readset.com
0.0.0.0 fralstamp-genglyric.icu
0.0.0.0 m1dnightclubx.com
# https://app.any.run/tasks/a15bbdd6-64d6-4a49-8457-6fbef1d00872
0.0.0.0 free-fortnitevbucksgenerator.blogspot.com
0.0.0.0 belohnung24.com
0.0.0.0 techplanet1.com
# https://app.any.run/tasks/5a76864c-7436-4411-afc8-5937e8d1d147#
0.0.0.0 dwmsurhf1svv8.cloudfront.net
# https://app.any.run/tasks/f7cdecba-0b76-4a5f-9d19-c36a453130dc
# https://tria.ge/240411-xhwjtahh93/behavioral1
0.0.0.0 nationalconsumerscenter.co.uk
0.0.0.0 contact.nationalconsumerscenter.co.uk
# https://forums.malwarebytes.com/topic/292511-phishing-site-for-fake-usps-shipping-validation-information/ (account required)
# https://virustotal.com/gui/url/fdefaa6e73e722536cd080b4e820f8b69b6678d5f0c74268de126d2435369386
0.0.0.0 uspftiltedt.info
# https://www.bleepingcomputer.com/forums/t/779953/urambledcom-just-a-nuisance-or-what/
0.0.0.0 urambled.com
# https://tria.ge/221208-2zaqwsbg78/behavioral1
# I got some kind of miner/adware and an adware extension! All in one run!
0.0.0.0 manualmaestro.com
0.0.0.0 holavpninstaller.com
0.0.0.0 cdn4.holavpninstaller.com
0.0.0.0 perr.holavpninstaller.com
0.0.0.0 client.holavpninstaller.com
# https://forums.malwarebytes.com/topic/292800-posiberchoncom-%C2%A0malwarebytes-please-research-and-update-your-virus-db/
0.0.0.0 posiberchon.com
# https://app.any.run/tasks/68b82f9e-16f5-4514-8140-ac3df58a3114
0.0.0.0 fastspeed121.xyz
0.0.0.0 track.buzz-track.com
0.0.0.0 main.smile-keeper.com
# https://app.any.run/tasks/41c5f7b2-250a-4781-86be-e03e56d1a8ed
0.0.0.0 tlgrph.gotorange.top
0.0.0.0 gotorange.top
0.0.0.0 puredating.top
# (NSFW) https://app.any.run/tasks/e5a682c3-c4a3-4bb9-abd7-4f6c1cbd22f3
0.0.0.0 dating-schedule.com
0.0.0.0 onlyfucks1s.com
0.0.0.0 d.wonderfuldating.top
0.0.0.0 wonderfuldating.top
0.0.0.0 milf-book.com
0.0.0.0 www.casualdates4you.com
0.0.0.0 casualdates4you.com
# an infected VM
0.0.0.0 dreamyproducts4u.net
0.0.0.0 xorror.shop
0.0.0.0 getarrectlive.com
0.0.0.0 identitysecurecenter.online
0.0.0.0 get.securedbrowser.net
0.0.0.0 securedbrowser.net
0.0.0.0 settings.securedbrowser.net
0.0.0.0 www.securedbrowser.net
0.0.0.0 search.securedbrowser.net
0.0.0.0 kms-auto.site
0.0.0.0 phenotypeguide.com
0.0.0.0 onesocialimpactnow.com
0.0.0.0 globaledyta.com
0.0.0.0 topcontactinc.com
0.0.0.0 adsforcomputertech.com
0.0.0.0 pushuworld.com
0.0.0.0 jytibarose.xyz
# https://app.any.run/tasks/67907c11-6877-4c38-932f-2cf09ee4e434
0.0.0.0 adblock-chrome.net
# https://github.com/uBlockOrigin/uAssets/issues/16000
# https://app.any.run/tasks/195b871c-b9cd-48f8-a7c1-6a53ea943a4b
0.0.0.0 z83z9.com
0.0.0.0 toftheca.buzz
0.0.0.0 zcelv.toftheca.buzz
0.0.0.0 fvsuo.toftheca.buzz
0.0.0.0 videofon.space
0.0.0.0 videofen.space
0.0.0.0 video7top.com
0.0.0.0 click-videov.com
0.0.0.0 click-videot.com
0.0.0.0 click-videom.com
0.0.0.0 click-videok.com
0.0.0.0 click-videoc.com
0.0.0.0 video7top.site
0.0.0.0 videobtc.space
0.0.0.0 videoeth.space
0.0.0.0 videofun.space
0.0.0.0 videofan.space
0.0.0.0 videoton.space
0.0.0.0 videosol.space
0.0.0.0 ythjhk.com
# https://app.any.run/tasks/e0266815-2e00-42cb-b646-fa7dffb4a5e5
0.0.0.0 deine.belohnung24.com
0.0.0.0 spr.belohnung24.com
0.0.0.0 expensivesurvey.click
0.0.0.0 af.247games.mobi
# a "meet local girls" scam
0.0.0.0 easy-sexxx.com
# various scams from one site
0.0.0.0 recodetime.com
0.0.0.0 updateinfoacademy.com
0.0.0.0 updaterglobal.com
0.0.0.0 phooking-nearected.com
0.0.0.0 deten.live
# https://forums.malwarebytes.com/topic/293205-alexa-support-scam/
0.0.0.0 smartdotsupport.com
0.0.0.0 privacysearching.com
# probably a Tech Support scam
# discord nicro scam
0.0.0.0 discordnitrocodegeneratorfree2022nohumanverification.weebly.com
0.0.0.0 gainforfree.com
# https://virustotal.com/gui/url/65e7a48f0f2efb758087a0d99e8482a4b3245468e959633493655754fec08f48/community
# https://app.any.run/tasks/58b76078-e35e-46c8-b15e-e187ed375be6
0.0.0.0 bubuxflow.com
# https://virustotal.com/gui/url/9c7b98445c0fd303be8604f383b3c940309068ea88b37d3945f4d34bb42d6c57/community
# (nsfw) https://app.any.run/tasks/a8a191ea-0e54-439f-96fd-c04a04150b06
0.0.0.0 expresscommusa.com
0.0.0.0 flirtingworld.com
0.0.0.0 date.sofortdates69.com
0.0.0.0 sofortdates69.com
# https://forums.malwarebytes.com/topic/293293-i-clicked-on-something-and-i-got-redirected-to-malicious-website-help/
# https://forums.malwarebytes.com/topic/293294-fake-onlyfans-website/ (account required)
# https://app.any.run/tasks/cb1a672e-c3ed-455a-bc84-4b8bc060ee68
# https://www.hybrid-analysis.com/sample/c3190b42a350a79f2b97af529a8bb57f39b62c9b12367419e71a2d053fb4a5fe
0.0.0.0 sexfriendfdr.freeflirtz.com
0.0.0.0 freeflirtz.com
# https://app.any.run/tasks/6c4f152f-c5b2-43ab-9b9e-06ae1480c74d
0.0.0.0 cldoffers.net
# https://virustotal.com/gui/url/5808655d76b6ad31b7cc15fc266be2acb904ff8512fc1424103a6c54443bd272/community
# https://app.any.run/tasks/f619367b-ba77-4dbb-9046-211758a7f31a (my "analysis")
0.0.0.0 viptips4youtoday.world
# typical fake "discord nitro generator"
0.0.0.0 an1.fun
0.0.0.0 b7ax3cyzhq.com
0.0.0.0 thunderfiles.co
0.0.0.0 g.luckycashzone.com
# https://forums.malwarebytes.com/topic/293412-possible-fake-malwarebytes-number/
# https://dnstwist.it/
# https://app.any.run/tasks/015824a4-f267-48df-8dde-a7ddd78f167e
0.0.0.0 discordt.com
0.0.0.0 wildberriessgift.pw
# https://scammer.info/t/viruses-need-to-be-removed-immediately-take-emergency-measures-trojan/117241/3
0.0.0.0 install.sunlifestores.com
# https://virustotal.com/gui/url/2dabab937f09b2892f26c995365f64402574c8aa3e2f9750047131ca7a8d73d6
# https://tria.ge/230109-14rdrsbd6t/behavioral1
0.0.0.0 lootprime.com
0.0.0.0 rdr.mobiletime.net
# https://github.com/AdguardTeam/AdguardFilters/issues/139667 (credit to DandelionSprout for some of these entries)
0.0.0.0 500654179.kilpa2017.fi
0.0.0.0 yepsimmen.live
0.0.0.0 kilpa2017.fi
# resolve to 51.68.87.229
0.0.0.0 hillendan.live
0.0.0.0 intoobut.live
0.0.0.0 logomuado.live
0.0.0.0 laxthatpie.live
0.0.0.0 nebdanext.live
0.0.0.0 drewcorsit.live
0.0.0.0 weyeplost.live
0.0.0.0 loaditjew.live
0.0.0.0 rawsalwet.live
0.0.0.0 rugpinchi.live
0.0.0.0 tillwoonote.live
0.0.0.0 becashcode.live
0.0.0.0 absbeatsic.live
0.0.0.0 tooldidhurt.live
0.0.0.0 crypostmark.live
0.0.0.0 varyhurtback.live
0.0.0.0 toeastdue.live
# https://github.com/AdguardTeam/AdguardFilters/issues/139667#issuecomment-1383935774
0.0.0.0 tapwhomjay.live
# https://github.com/AdguardTeam/AdguardFilters/issues/139667#issuecomment-1387103725
# https://virustotal.com/gui/url/5c74d63d19b8ec82321d352749977e29795a9d074fcdacce3f1c822da28a3bba/detection
0.0.0.0 mindkneenay.live
# https://github.com/AdguardTeam/AdguardFilters/issues/139667#issuecomment-1398421015
# https://github.com/AdguardTeam/AdguardFilters/issues/139667#issuecomment-1399002017
# https://tria.ge/230120-1tlersbg8x/behavioral1
0.0.0.0 totalrecaptcha.top
# https://github.com/DandelionSprout/adfilt/issues/747
# https://github.com/DandelionSprout/adfilt/commit/f055f89a51e7f9b1bcc58a0013b6207f89594ebe (all credit to DandlionSprout)
0.0.0.0 2022crucialcatch.store
0.0.0.0 adidascostarica.com
0.0.0.0 adidasencostarica.com
0.0.0.0 adidasfactoryoutlet-uk.com
0.0.0.0 adidasfactoryoutletonline.com
0.0.0.0 adsoutletusa.com
0.0.0.0 adulttoysale.top
0.0.0.0 airjordanshoes.store
0.0.0.0 airjordansneakers.store
0.0.0.0 alabamacollege.store
0.0.0.0 alabamacrimsontide.store
0.0.0.0 aldo-sale.com
0.0.0.0 aldofactoryoutletcanada.com
0.0.0.0 aldoukshoes.com
0.0.0.0 allinclearance.com
0.0.0.0 aloyogaaustria.com
0.0.0.0 aloyogacz.com
0.0.0.0 altrafactoryoutletonline.com
0.0.0.0 approachmall.com
0.0.0.0 arastockistsuk.com
0.0.0.0 arizonacollege.store
0.0.0.0 arkansascollege.store
0.0.0.0 arkansasrazorbacks.store
0.0.0.0 asiacenter.sk
0.0.0.0 asicousutlet.com
0.0.0.0 asicrunningus.com
0.0.0.0 asics-outlet-greece.com
0.0.0.0 asicscolombiaoutlet.com
0.0.0.0 asicsfalabella.com
0.0.0.0 asicsoutletnl.com
0.0.0.0 asicsoutletsireland.com
0.0.0.0 asicssgonline.com
0.0.0.0 asicsskosneakers.com
0.0.0.0 astroshat.store
0.0.0.0 astrosjersey.store
0.0.0.0 astrosworldseries.store
0.0.0.0 astroswschampions.store
0.0.0.0 atl-braves.shop
0.0.0.0 atlantabraves.store
0.0.0.0 auburncollege.store
0.0.0.0 aukarenmillenbest.net
0.0.0.0 balansukcheap.com
0.0.0.0 baseballhat.store
0.0.0.0 baseballjerseys.store
0.0.0.0 basketballshoe.store
0.0.0.0 bayaayakkabi.com
0.0.0.0 baylorbears.shop
0.0.0.0 baylorbearsncaa.store
0.0.0.0 baylorcollege.store
0.0.0.0 begaborschoenensale.com
0.0.0.0 bestsclothingsale.com
0.0.0.0 billabong-turkiye.com
0.0.0.0 billabong-us.com
0.0.0.0 billabongoutletstore.com
0.0.0.0 billabongoutletuk.com
0.0.0.0 billabongromania.com
0.0.0.0 billabonguruguay.com
0.0.0.0 blundstonefactoryoutletus.com
0.0.0.0 bogsoutletie.com
0.0.0.0 bossoutletsau.com
0.0.0.0 bosssalescheap.com
0.0.0.0 bossukcheaps.com
0.0.0.0 bossusaclearan.com
0.0.0.0 bossusaoutlet.com
0.0.0.0 bossusbest.com
0.0.0.0 bossusclearan.com
0.0.0.0 bostoncollegecollege.store
0.0.0.0 bostoncollegeeagles.store
0.0.0.0 bostonjersey.store
0.0.0.0 bravesjersey.store
0.0.0.0 bravesworldseries.shop
0.0.0.0 broncosnfl.store
0.0.0.0 buccaneersjersey.store
0.0.0.0 bucsjersey.com
0.0.0.0 bucsjersey.sale
0.0.0.0 buffalopolska.net
0.0.0.0 bugattishoessaleuk.com
0.0.0.0 butypumaoutlet.com
0.0.0.0 californiasports.shop
0.0.0.0 camperportugal.com
0.0.0.0 camperskonorge.com
0.0.0.0 camperzapatochile.com
0.0.0.0 camperzapatoschile.com
0.0.0.0 canadagoosebrasil.com
0.0.0.0 cancercatch.store
0.0.0.0 carharttfactory-store.com
0.0.0.0 cariuma-australia.com
0.0.0.0 cariumafactoryoutlet.com
0.0.0.0 celticsfan.store
0.0.0.0 celticsjersey.shop
0.0.0.0 celticsjersey.store
0.0.0.0 chacofootwearusa.com
0.0.0.0 chaconewzealand.com
0.0.0.0 chacooutletswebsite.com
0.0.0.0 chacosandalsaustralia.com
0.0.0.0 chacoshoesuk.com
0.0.0.0 cheapdiesesale.com
0.0.0.0 cheappumuk.com
0.0.0.0 cheapsclothingus.com
0.0.0.0 chgaborschuhe.com
0.0.0.0 cincinnatibearcats.shop
0.0.0.0 cincinnaticollege.store
0.0.0.0 cipomagyarorszag.com
0.0.0.0 cipooutlethungary.com
0.0.0.0 cityconnect.pro
0.0.0.0 cityconnect.shop
0.0.0.0 cityconnect.store
0.0.0.0 cityconnecthat.shop
0.0.0.0 cityconnecthat.store
0.0.0.0 cityconnectjersey.store
0.0.0.0 cityconnectmlb.store
0.0.0.0 clarkcheapuk.com
0.0.0.0 clarkclearanus.com
0.0.0.0 clarkdiscountus.com
0.0.0.0 clarks-ar.com
0.0.0.0 clarks-dk.com
0.0.0.0 clarks-pe.com
0.0.0.0 clarksirelandshop.com
0.0.0.0 clarksoutlet-philippines.com
0.0.0.0 clarksoutletecuador.com
0.0.0.0 clarkssaleturkiye.com
0.0.0.0 clarksskonorge.com
0.0.0.0 clarksuy.com
0.0.0.0 clarkusoutlets.com
0.0.0.0 clarusaoutet.com
0.0.0.0 clearanclarkusa.com
0.0.0.0 clearanlacostus.com
0.0.0.0 clearanlacostusa.com
0.0.0.0 clearanskecheusa.com
0.0.0.0 clearantumius.com
0.0.0.0 clearantumus.com
0.0.0.0 clemsoncollege.store
0.0.0.0 clemsontigers.online
0.0.0.0 clemsontigers.store
0.0.0.0 clipperton.sk
0.0.0.0 coacbestusa.com
0.0.0.0 coacoutletsusa.com
0.0.0.0 coacoutletusa.com
0.0.0.0 coausaclearan.com
0.0.0.0 collegeauburntigers.store
0.0.0.0 collegebuckeyes.shop
0.0.0.0 collegefootballshop.top
0.0.0.0 collegegameshop.com
0.0.0.0 collegejayhawks.store
0.0.0.0 collegejersey.store
0.0.0.0 collegencaa.store
0.0.0.0 collegepro.store
0.0.0.0 collegespartans.com
0.0.0.0 collegewolverines.store
0.0.0.0 coloradobuffaloes.store
0.0.0.0 coloradocollege.store
0.0.0.0 columbiafactorysusa.com
0.0.0.0 columbiaoutletco.com
0.0.0.0 columbiaoutletonlines.com
0.0.0.0 columbiasalemalaysia.com
0.0.0.0 columbisportsale.com
0.0.0.0 columoutletusa.com
0.0.0.0 columsportsale.net
0.0.0.0 columsportsusa.com
0.0.0.0 converse-finland.com
0.0.0.0 converse-malaysia.com
0.0.0.0 converseirelandshop.com
0.0.0.0 converseschweizshop.com
0.0.0.0 crucialcatch.online
0.0.0.0 crucialcatch.pro
0.0.0.0 crucialcatchhoodie.store
0.0.0.0 crucialcatchpro.store
0.0.0.0 crucialcatchshop.pro
0.0.0.0 crucialcatchstore.com
0.0.0.0 dallascowboys.sale
0.0.0.0 demonia--suomi.com
0.0.0.0 demonia-boots-australia.com
0.0.0.0 demonia-boots-uk.com
0.0.0.0 diadora-schoenen.com
0.0.0.0 dieseclothingus.com
0.0.0.0 dieselsalebests.com
0.0.0.0 dieselsalesfr.net
0.0.0.0 diesusoutlet.com
0.0.0.0 discountskecheus.com
0.0.0.0 discounttumusa.com
0.0.0.0 discountumius.com
0.0.0.0 dkgaborsneakers.com
0.0.0.0 dodgershat.shop
0.0.0.0 dodgershat.store
0.0.0.0 dodgersjersey.shop
0.0.0.0 dodgersjersey.store
0.0.0.0 drcanadaoutletstore.com
0.0.0.0 dukebluedevils.store
0.0.0.0 dukecollege.store
0.0.0.0 ecco-canadasale.com
0.0.0.0 ecco-turkiye.com
0.0.0.0 eccodanmarkwebbutik.com
0.0.0.0 eccofactoryoutlets.com
0.0.0.0 eccofactoryoutletus.com
0.0.0.0 eccofactoryoutletusa.com
0.0.0.0 eccooutletukfactory.com
0.0.0.0 eccoshoesnz.com
0.0.0.0 eccoskonorge.com
0.0.0.0 eccsaleusonline.com
0.0.0.0 ellumalls.com
0.0.0.0 elluthings.com
0.0.0.0 encompassmalls.com
0.0.0.0 enucuzuggbot.com
0.0.0.0 evolutionmalls.com
0.0.0.0 exynet.sk
0.0.0.0 fanaticsretailer.store
0.0.0.0 fanaticsshop.net
0.0.0.0 fashioninmall.com
0.0.0.0 fightingirish.shop
0.0.0.0 fightingirish.store
0.0.0.0 firstcoastthings.com
0.0.0.0 fitflop-irelandstockists.com
0.0.0.0 fitflop-philippines.com
0.0.0.0 fitflop-ukoutlet.com
0.0.0.0 fitflopfactoryoutlet.com
0.0.0.0 fjallravengreece.com
0.0.0.0 fjallravenitalia.com
0.0.0.0 fjallravenoutletpolska.com
0.0.0.0 fjallravenschweiz.com
0.0.0.0 fjallraventilbud.com
0.0.0.0 floridagators.sale
0.0.0.0 floridagators.store
0.0.0.0 floridagators.xyz
0.0.0.0 floridastatecollege.store
0.0.0.0 floridastateseminoles.store
0.0.0.0 flylondonportugal.com
0.0.0.0 footballstaple.store
0.0.0.0 fredperrylojas.com
0.0.0.0 fredperrymelbourne.com
0.0.0.0 fryefactoryoutlet.com
0.0.0.0 fryeshoescanada.com
0.0.0.0 gabor-chweiz.com
0.0.0.0 gaborbelgique.com
0.0.0.0 gaborcanadasale.com
0.0.0.0 gaborfactoryoutlets.com
0.0.0.0 gaborfactorysoutlets.com
0.0.0.0 gaborireland.com
0.0.0.0 gaborirelandsale.com
0.0.0.0 gaboroutlet-online.com
0.0.0.0 gaborpolska.com
0.0.0.0 gaborsaleireland.com
0.0.0.0 gaborschuheshop.com
0.0.0.0 gaborshoeespana.com
0.0.0.0 gaborshoesespana.com
0.0.0.0 gaborshoesireland.com
0.0.0.0 gaborshoesnz.com
0.0.0.0 gaborshoesuk.com
0.0.0.0 gaborskodanmark.com
0.0.0.0 gaborskonorge.com
0.0.0.0 gaborsneakers.com
0.0.0.0 gaborsuomi.com
0.0.0.0 gaborsverige.com
0.0.0.0 gaboruksale.com
0.0.0.0 gatorscollege.store
0.0.0.0 geacahellyhansenoutlet.com
0.0.0.0 georgiabulldogs.pro
0.0.0.0 georgiabulldogs.shop
0.0.0.0 georgiabulldogs.store
0.0.0.0 georgiacollege.store
0.0.0.0 geoxaustralia.com
0.0.0.0 geoxmalaysia.com
0.0.0.0 gheteclarksromania.com
0.0.0.0 gonzagabulldogs.store
0.0.0.0 goodr-australia.com
0.0.0.0 goodr-indonesia.com
0.0.0.0 goodrphilippines.com
0.0.0.0 goodrsingapore.com
0.0.0.0 goodrsunglassesmalaysia.com
0.0.0.0 goodrsunglassessaleus.com
0.0.0.0 goodrsunglassesuk.com
0.0.0.0 groundiesshoesuk.com
0.0.0.0 gym-shark-usa.com
0.0.0.0 gymshark-canada.com
0.0.0.0 gymshark-greece.com
0.0.0.0 gymshark-ireland.com
0.0.0.0 gymshark-southafrica.com
0.0.0.0 gymsharkaustria.com
0.0.0.0 gymsharkgreeceshop.com
0.0.0.0 gymsharksaleus.com
0.0.0.0 gymsharkunitedkingdom.com
0.0.0.0 gymsharkunitedstates.com
0.0.0.0 haglofsrea.com
0.0.0.0 haglofstilbud.com
0.0.0.0 haglofsturkiye.com
0.0.0.0 haglofsusastore.com
0.0.0.0 havenshungary.com
0.0.0.0 hellyhansencanadasale.com
0.0.0.0 hhjacketsfactoryoutlet.com
0.0.0.0 hitecayakkabi.com
0.0.0.0 hitecchaussure.com
0.0.0.0 hitecscarpe.com
0.0.0.0 hitecschoenen.com
0.0.0.0 hitecskonorge.com
0.0.0.0 hitecsouthafrica.com
0.0.0.0 hockeyfightscancer.store
0.0.0.0 hokairelandsales.com
0.0.0.0 hokashoesaustralia.com
0.0.0.0 hotsaleclearance.com
0.0.0.0 houstonastros.store
0.0.0.0 houstonastrosfan.store
0.0.0.0 hoyoufat.store
0.0.0.0 hoyoufatjersey.store
0.0.0.0 hugobossclearanuk.net
0.0.0.0 hushpuppies-uk.com
0.0.0.0 hushpuppiesshoesoutlet.com
0.0.0.0 illinoiscollege.store
0.0.0.0 illinoisfightingillini.shop
0.0.0.0 illinoisfightingillini.store
0.0.0.0 iowacollege.store
0.0.0.0 iowahawkeyes.pro
0.0.0.0 iowahawkeyes.shop
0.0.0.0 iowahawkeyes.store
0.0.0.0 iowastatecollege.store
0.0.0.0 iowastatecyclones.store
0.0.0.0 jackwolfskindubai.com
0.0.0.0 japanzarclothes.com
0.0.0.0 jayhawkscollege.store
0.0.0.0 jeweloutletshopline.com
0.0.0.0 jeweloutletshoplus.com
0.0.0.0 jewelrylimitedsr.com
0.0.0.0 jordanshoe.store
0.0.0.0 jordanshoes.store
0.0.0.0 josefseibelshoesuk.com
0.0.0.0 kamikbootsukstore.com
0.0.0.0 kankenportugal.com
0.0.0.0 kansasjayhawks.shop
0.0.0.0 kansasstatecollege.store
0.0.0.0 kansasstatewildcats.store
0.0.0.0 karenmillebestus.com
0.0.0.0 karenmillensusoutlet.com
0.0.0.0 karenmillenusbest.com
0.0.0.0 karenmilleusaclearan.com
0.0.0.0 karenmilleusasale.com
0.0.0.0 karenmilleusastore.com
0.0.0.0 katespusoutlet.com
0.0.0.0 keds-schuhe.com
0.0.0.0 kedsonlineshopnl.com
0.0.0.0 keen1uae.com
0.0.0.0 keenshoesfactoryoutletsuk.com
0.0.0.0 keenuae.com
0.0.0.0 kenscottshop.com
0.0.0.0 kenscottshopify.com
0.0.0.0 kentuckywildcats.shop
0.0.0.0 kentuckywildcats.store
0.0.0.0 ksgiftshopline.com
0.0.0.0 kubasketball.shop
0.0.0.0 kurtka-hhsklep.com
0.0.0.0 lachargers.store
0.0.0.0 lacostcheapuk.com
0.0.0.0 lacostclearances.net
0.0.0.0 lacostdiscountus.com
0.0.0.0 lacosteclearanusa.com
0.0.0.0 lacosteuaeonline.com
0.0.0.0 lacostsaleusa.com
0.0.0.0 lacostusabest.com
0.0.0.0 ladodgershat.shop
0.0.0.0 ladodgersjersey.store
0.0.0.0 lasport.shop
0.0.0.0 legginsmexico.com
0.0.0.0 lojashushpuppies.com
0.0.0.0 longchamp-luxembourg.com
0.0.0.0 longchamp-southafrica.com
0.0.0.0 longchampbagsonsalecanada.com
0.0.0.0 longchampfactoryoutletuk.com
0.0.0.0 longchampoutletenligne.com
0.0.0.0 longchampoutletsydney.com
0.0.0.0 longchampparissoldes.net
0.0.0.0 longchampuaedubai.com
0.0.0.0 losangelesdodgers.store
0.0.0.0 louisvillecardinals.store
0.0.0.0 louisvillecollege.store
0.0.0.0 lowa-boots-uk.com
0.0.0.0 lowakangor.com
0.0.0.0 lowaoutlet-usa.com
0.0.0.0 lowaslovensko.com
0.0.0.0 lsucollege.store
0.0.0.0 lsutigers.store
0.0.0.0 mango-pakistan.com
0.0.0.0 marmot-australia.com
0.0.0.0 marmot-schweiz.com
0.0.0.0 marylandcollege.store
0.0.0.0 marylandterrapins.store
0.0.0.0 merrell-outletfactory.com
0.0.0.0 merrell-sg.com
0.0.0.0 merrell-shoesphilippines.com
0.0.0.0 miamicollege.store
0.0.0.0 michigancollege.store
0.0.0.0 michiganstatecollege.store
0.0.0.0 michiganstatespartans.store
0.0.0.0 minnesotacollege.store
0.0.0.0 minnesotagoldengophers.store
0.0.0.0 mississippistatebulldogs.store
0.0.0.0 mississippistatecollege.store
0.0.0.0 mixedmalls.com
0.0.0.0 mizunooutletuk.com
0.0.0.0 mlballstar.net
0.0.0.0 mlballstarshop.com
0.0.0.0 mlbastros.store
0.0.0.0 mlbastrosjersey.store
0.0.0.0 mlbbaseballhat.store
0.0.0.0 mlbbraves.pro
0.0.0.0 mlbcap.net
0.0.0.0 mlbcapshop.com
0.0.0.0 mlbcityconnect.sale
0.0.0.0 mlbcityconnect.store
0.0.0.0 mlbfansjersey.store
0.0.0.0 mlbfanstore.com
0.0.0.0 mlbhat.sale
0.0.0.0 mlbhat.store
0.0.0.0 mlbhat.top
0.0.0.0 mlbhats.sale
0.0.0.0 mlbjersey.store
0.0.0.0 mlbjerseys.online
0.0.0.0 mlbjerseysale.shop
0.0.0.0 mlbjerseyshop.net
0.0.0.0 mlbprobraves.store
0.0.0.0 mlbprojersey.com
0.0.0.0 mlbraves.store
0.0.0.0 monitormalls.com
0.0.0.0 nba75.store
0.0.0.0 nba75jerseys.store
0.0.0.0 nbaallstarfan.store
0.0.0.0 nbafanjerseys.com
0.0.0.0 nbafansjersey.com
0.0.0.0 nbajerseycheap.com
0.0.0.0 nbajerseys.top
0.0.0.0 nboutletphilippines.com
0.0.0.0 ncaaalabama.store
0.0.0.0 ncaaarizona.store
0.0.0.0 ncaaauburntigers.store
0.0.0.0 ncaabasketball.store
0.0.0.0 ncaabaylor.store
0.0.0.0 ncaabaylorbears.store
0.0.0.0 ncaabears.store
0.0.0.0 ncaabluedevils.store
0.0.0.0 ncaabruins.store
0.0.0.0 ncaabuckeyes.store
0.0.0.0 ncaaclemsontigers.store
0.0.0.0 ncaacollege.store
0.0.0.0 ncaacollegejersey.store
0.0.0.0 ncaacougars.store
0.0.0.0 ncaacrimsontide.store
0.0.0.0 ncaadiablesbleus.store
0.0.0.0 ncaaducks.store
0.0.0.0 ncaaduke.store
0.0.0.0 ncaadukebluedevils.store
0.0.0.0 ncaafanshop.com
0.0.0.0 ncaafightingirish.store
0.0.0.0 ncaafightingtigers.store
0.0.0.0 ncaafootballjersey.store
0.0.0.0 ncaageorgia.store
0.0.0.0 ncaageorgiabulldogs.store
0.0.0.0 ncaahoustoncougars.store
0.0.0.0 ncaahurricanes.store
0.0.0.0 ncaaillinois.store
0.0.0.0 ncaaiowa.store
0.0.0.0 ncaajayhawks.store
0.0.0.0 ncaajersey.com
0.0.0.0 ncaajersey.pro
0.0.0.0 ncaajersey.sale
0.0.0.0 ncaajerseycollege.store
0.0.0.0 ncaajerseyfan.store
0.0.0.0 ncaajerseypro.store
0.0.0.0 ncaajerseys.store
0.0.0.0 ncaajerseysstore.com
0.0.0.0 ncaakentuckywildcats.store
0.0.0.0 ncaalonghorns.store
0.0.0.0 ncaalsu.store
0.0.0.0 ncaamiami.store
0.0.0.0 ncaamiamihurricanes.store
0.0.0.0 ncaamichigan.store
0.0.0.0 ncaamichiganwolverines.store
0.0.0.0 ncaanorthcarolina.store
0.0.0.0 ncaanotredame.store
0.0.0.0 ncaaoklahoma.store
0.0.0.0 ncaaolemiss.store
0.0.0.0 ncaaoregon.store
0.0.0.0 ncaaoregonducks.store
0.0.0.0 ncaarazorbacks.store
0.0.0.0 ncaashopjerseys.com
0.0.0.0 ncaasooners.store
0.0.0.0 ncaatarheels.store
0.0.0.0 ncaatennessee.store
0.0.0.0 ncaauclabruins.store
0.0.0.0 ncaauk.store
0.0.0.0 ncaavols.store
0.0.0.0 ncaawildcats.store
0.0.0.0 ncaawolverines.store
0.0.0.0 ncaaworldseries.store
0.0.0.0 ncaazags.store
0.0.0.0 nebraskacollege.store
0.0.0.0 nebraskacornhuskers.store
0.0.0.0 newyorksport.store
0.0.0.0 nfl49ers.store
0.0.0.0 nflbengals.store
0.0.0.0 nflbroncos.store
0.0.0.0 nflcancercatch.store
0.0.0.0 nflcardinals.store
0.0.0.0 nflchargers.store
0.0.0.0 nflchiefs.store
0.0.0.0 nflcrucialcatch.sale
0.0.0.0 nflcrucialcatch.store
0.0.0.0 nflcrucialcatch.top
0.0.0.0 nflcrucialcatchshop.com
0.0.0.0 nfldraft.shop
0.0.0.0 nfldrafthat.store
0.0.0.0 nfldraftshop.com
0.0.0.0 nfleagles.store
0.0.0.0 nflgamejersey.store
0.0.0.0 nflgamelimited.store
0.0.0.0 nflhelmet.store
0.0.0.0 nfljersey.fans
0.0.0.0 nfljersey.pro
0.0.0.0 nfljerseysale.shop
0.0.0.0 nflnikeshoes.com
0.0.0.0 nflnikeshoes.store
0.0.0.0 nflpackers.store
0.0.0.0 nflsaleshop.com
0.0.0.0 nflsalutetoservice.com
0.0.0.0 nflsalutetoservice.store
0.0.0.0 nflservice.store
0.0.0.0 nflshoe.store
0.0.0.0 nflshoes.pro
0.0.0.0 nflshoes.shop
0.0.0.0 nflshoes.store
0.0.0.0 nflshoesale.store
0.0.0.0 nflshopfan.com
0.0.0.0 nflsocks.com
0.0.0.0 nflstaple.store
0.0.0.0 nflstapleshop.top
0.0.0.0 nflstorefan.com
0.0.0.0 nflsts.com
0.0.0.0 nflstsjersey.com
0.0.0.0 nflstsjersey.store
0.0.0.0 nfltitans.store
0.0.0.0 nflzoompegasus.store
0.0.0.0 nhlallstar.pro
0.0.0.0 nhlauthenticpro.store
0.0.0.0 nhlfan.store
0.0.0.0 nhlfanjersey.store
0.0.0.0 nhlfansjersey.store
0.0.0.0 nhlfansjerseys.store
0.0.0.0 nhlfightscancer.store
0.0.0.0 nhlhockey.store
0.0.0.0 nhlhockeyjersey.store
0.0.0.0 nhljersey.sale
0.0.0.0 nhljersey.site
0.0.0.0 nhljersey.store
0.0.0.0 nhljersey.top
0.0.0.0 nhljerseyfan.store
0.0.0.0 nhljerseypro.store
0.0.0.0 nhljerseys.sale
0.0.0.0 nhljerseysale.shop
0.0.0.0 nhljerseysfan.store
0.0.0.0 nhljerseyshop.store
0.0.0.0 nhljerseyssale.store
0.0.0.0 nhlprojerseys.store
0.0.0.0 nhlsalejersey.store
0.0.0.0 nhlshopfan.com
0.0.0.0 nhlshopjersey.com
0.0.0.0 nhlstadiumseries.store
0.0.0.0 nhlwinterclassicjersey.store
0.0.0.0 nike--usa.com
0.0.0.0 nike-clearancestore.com
0.0.0.0 nikeairjordan.store
0.0.0.0 nikeairshoes.store
0.0.0.0 nikeshoesale.store
0.0.0.0 nikesneaker.store
0.0.0.0 ninewestpolska.com
0.0.0.0 ninewestusasale.com
0.0.0.0 nobull-brasil.com
0.0.0.0 northcarolinacollege.store
0.0.0.0 northcarolinashop.net
0.0.0.0 northcarolinatarheels.shop
0.0.0.0 northcarolinatarheels.store
0.0.0.0 northfaceoutletstoreus.com
0.0.0.0 notredamecollege.store
0.0.0.0 notredamefightingirish.store
0.0.0.0 off-whitecanada.com
0.0.0.0 off-whitecolombia.com
0.0.0.0 off-whitedanmark.com
0.0.0.0 off-whitedeutschland.com
0.0.0.0 off-whitegreece.com
0.0.0.0 off-whitehungary.com
0.0.0.0 off-whiteindonesia.com
0.0.0.0 off-whitemalaysia.com
0.0.0.0 off-whitemexico.com
0.0.0.0 off-whitenetherlands.com
0.0.0.0 off-whiteromania.com
0.0.0.0 off-whiteschweiz.com
0.0.0.0 off-whitesuomi.com
0.0.0.0 off-whitesverige.com
0.0.0.0 off-whiteturkey.com
0.0.0.0 ohiostatebuckeyes.online
0.0.0.0 ohiostatebuckeyes.store
0.0.0.0 ohiostatecollege.store
0.0.0.0 oklahomacollege.store
0.0.0.0 oklahomasooners.store
0.0.0.0 olemisscollege.store
0.0.0.0 olemissrebels.shop
0.0.0.0 olemissrebels.store
0.0.0.0 onlinejewelshopline.com
0.0.0.0 onlinejewelshoplus.com
0.0.0.0 onlinestoresshops.com
0.0.0.0 onlinevipshplus.com
0.0.0.0 oofos-ireland.com
0.0.0.0 oofosnorgeoutlet.com
0.0.0.0 oofosoutletcanada.com
0.0.0.0 oofosoutletmalaysia.com
0.0.0.0 oofosoutletonline.com
0.0.0.0 oofosshoeaustralia.com
0.0.0.0 oofosskorsveriges.com
0.0.0.0 operationmalls.com
0.0.0.0 oregoncollege.store
0.0.0.0 oregonducks.shop
0.0.0.0 oregonducks.store
0.0.0.0 osucowboys.shop
0.0.0.0 outletargentinacolumbia.com
0.0.0.0 outletchilecolumbia.com
0.0.0.0 outletgoodshopline.com
0.0.0.0 outletjewelshoplzza.com
0.0.0.0 outletjewelsvip.com
0.0.0.0 outletmerrellargentina.com
0.0.0.0 outletuksorel.com
0.0.0.0 outletvipshoplus.com
0.0.0.0 outletvipshopy.com
0.0.0.0 panelmalls.com
0.0.0.0 partnershipmalls.com
0.0.0.0 paulsmitfactoryus.net
0.0.0.0 pennstatecollege.store
0.0.0.0 pennstatenittanylions.store
0.0.0.0 philadelphiaeagles.store
0.0.0.0 piercemalls.com
0.0.0.0 pittpanthers.shop
0.0.0.0 pittsburghsteelersshop.com
0.0.0.0 planmalls.com
0.0.0.0 proficientmalls.com
0.0.0.0 psychobunnycolombia.com
0.0.0.0 puma-greece.com
0.0.0.0 puma-norge.co.no
0.0.0.0 puma-uy.com
0.0.0.0 pumachileoutlet.com
0.0.0.0 pumacostarica.net
0.0.0.0 pumaecuador.net
0.0.0.0 pumairelandsale.com
0.0.0.0 pumaoutletonlineportugal.com
0.0.0.0 pumaturkish.com
0.0.0.0 pumauruguay.com
0.0.0.0 pumoutletusa.com
0.0.0.0 pumsaleusa.com
0.0.0.0 pumusoutlet.com
0.0.0.0 purdueboilermakers.store
0.0.0.0 purduecollege.store
0.0.0.0 quicksilveruae.com
0.0.0.0 quiksilver-australia.com
0.0.0.0 quiksilver-canada.com
0.0.0.0 quiksilver-malaysia.com
0.0.0.0 quiksilver-philippines.com
0.0.0.0 quiksilver-southafrica.com
0.0.0.0 quiksilverfactoryoutlet.com
0.0.0.0 quiksilverindonesia.com
0.0.0.0 quiksilveroutletusa.com
0.0.0.0 quiksilveruksale.com
0.0.0.0 rebecamalls.com
0.0.0.0 reclassicsg.org
0.0.0.0 redwingbootsoutlets.com
0.0.0.0 reebok-chile.com
0.0.0.0 reebok-romania.com
0.0.0.0 reebokblackfridayoffers.com
0.0.0.0 reebokfactoryoutlet.com
0.0.0.0 riekeroutletca.com
0.0.0.0 riekershoessaleuk.com
0.0.0.0 rolltide.shop
0.0.0.0 romaniakanken.com
0.0.0.0 rothyusonline.shop
0.0.0.0 roxclothingusa.com
0.0.0.0 rritemalls.com
0.0.0.0 sacfjallravensoldes.com
0.0.0.0 saleushoka.com
0.0.0.0 salewaoutletschile.com
0.0.0.0 salomon--portugal.com
0.0.0.0 salomon-nederland.com
0.0.0.0 salomon-nederlands.com
0.0.0.0 salomon-norge.co.no
0.0.0.0 salomon-outletsturkiye.com
0.0.0.0 salomon-portugal.com
0.0.0.0 salomonaphilippines.com
0.0.0.0 salomonashoesnz.com
0.0.0.0 salomonbootsbrisbane.com
0.0.0.0 salomonbootsoutletusa.com
0.0.0.0 salomonespanas.com
0.0.0.0 salomonfactoryoutletmadrid.com
0.0.0.0 salomonmalaysiawebsite.com
0.0.0.0 salomonoutletgreece.com
0.0.0.0 salomonoutletnl.com
0.0.0.0 salomonoutletsfactory.com
0.0.0.0 salomonoutletstoresusa.com
0.0.0.0 salomonshoesoutletusa.com
0.0.0.0 salomonxapro3d.com
0.0.0.0 samsonclearanus.com
0.0.0.0 samsondiscountus.com
0.0.0.0 sandalitevaofferta.com
0.0.0.0 sanfrancisco49ers.store
0.0.0.0 sanuksingapore.com
0.0.0.0 sapatilhasallstarbaratas.com
0.0.0.0 sapatosclarkportugal.com
0.0.0.0 saucony-australia.com
0.0.0.0 sauconyfactoryoutletsuk.com
0.0.0.0 sauconyfactoryoutletuk.com
0.0.0.0 sauconyjazzturkey.com
0.0.0.0 sauconyoutletaustralia.com
0.0.0.0 sauconyoutletuk.com
0.0.0.0 seattlekraken.sale
0.0.0.0 sebagoshoesdubai.com
0.0.0.0 shoesnike.store
0.0.0.0 shopmksus.com
0.0.0.0 shopsmithsus.com
0.0.0.0 silentmalls.com
0.0.0.0 skecheausale.com
0.0.0.0 skecheclearanceus.com
0.0.0.0 skechers-israel.com
0.0.0.0 skechers-tenisice.com
0.0.0.0 skechersarchfitromania.com
0.0.0.0 skechersfactorysoutlet.com
0.0.0.0 skechersoutletpraha.cz
0.0.0.0 skecherstrainers-uk.com
0.0.0.0 skecherusaclearan.com
0.0.0.0 skecheukclearan.com
0.0.0.0 skecheusoutlet.com
0.0.0.0 slovenskokanken.com
0.0.0.0 sneakersnike.store
0.0.0.0 sorelfactoryoutlet.com
0.0.0.0 southcarolinacollege.store
0.0.0.0 southcarolinagamecocks.store
0.0.0.0 spartanscollege.shop
0.0.0.0 sperroutletusa.com
0.0.0.0 sperryfactoryoutlet.com
0.0.0.0 sperryonlinesatis.com
0.0.0.0 spinmalls.com
0.0.0.0 sportgear.store
0.0.0.0 spraygoutletus.com
0.0.0.0 spraygroclearanusa.com
0.0.0.0 spraygrousoutlet.com
0.0.0.0 stanfordcardinal.store
0.0.0.0 stanfordcollege.store
0.0.0.0 storeskechesale.com
0.0.0.0 suicokeshoessale.com
0.0.0.0 suicokeuk.com
0.0.0.0 superbowllvi.shop
0.0.0.0 superbowllvi.store
0.0.0.0 superbowlstore.com
0.0.0.0 swarovskichile.com
0.0.0.0 swarovskidubai.com
0.0.0.0 swarovskifactoryoutlet.com
0.0.0.0 swarovskioutletuk.com
0.0.0.0 swarovskiphilippines.com
0.0.0.0 swarovskisaleoutlet.com
0.0.0.0 tamarisfactoryoutlet.com
0.0.0.0 tamarisgreece.com
0.0.0.0 tamarisgreecer.com
0.0.0.0 tarheelscollege.store
0.0.0.0 tbeautybeauty.com
0.0.0.0 tcucollege.store
0.0.0.0 tcuhornedfrogs.store
0.0.0.0 tenisveja-portugal.com
0.0.0.0 tennesseecollege.store
0.0.0.0 tennesseevolunteers.store
0.0.0.0 teva-nederlands.com
0.0.0.0 tevacolombia.com
0.0.0.0 tevafactoryoutletuk.com
0.0.0.0 tevagreece.com
0.0.0.0 tevaromaniasandale.com
0.0.0.0 tevaturkey.com
0.0.0.0 texasamaggies.store
0.0.0.0 texasamcollege.store
0.0.0.0 texascollege.store
0.0.0.0 texaslonghorns.online
0.0.0.0 texaslonghorns.store
0.0.0.0 texastechcollege.store
0.0.0.0 texastechredraiders.store
0.0.0.0 thegirlfriendcollectiveaustralia.com
0.0.0.0 thegirlfriendcollectivenederland.com
0.0.0.0 thegirlfriendcollectiveuk.com
0.0.0.0 thorogoodfactoryoutlets.com
0.0.0.0 tiendacolumbiachile.com
0.0.0.0 tiendaunderarmourmexico.com
0.0.0.0 tocontrolbeauty.com
0.0.0.0 tombrady.store
0.0.0.0 tombradyshop.pro
0.0.0.0 tombradystore.com
0.0.0.0 tommyhilfigerperth.com
0.0.0.0 tomssingaporesale.com
0.0.0.0 tumibeststores.com
0.0.0.0 tumicheapuk.com
0.0.0.0 tumioutletclearan.com
0.0.0.0 tumusaoutlet.com
0.0.0.0 ua-australia.com
0.0.0.0 ua-canada.com
0.0.0.0 ua-chile.com
0.0.0.0 ua-greece.com
0.0.0.0 ukclarkcheap.com
0.0.0.0 ukclarkoutlets.com
0.0.0.0 ukcollege.store
0.0.0.0 ukkarenmillencheap.com
0.0.0.0 uklacostsale.com
0.0.0.0 ukskechecheap.com
0.0.0.0 uncbasketball.store
0.0.0.0 uncjersey.shop
0.0.0.0 uncjersey.store
0.0.0.0 unctarheels.shop
0.0.0.0 unctarheels.store
0.0.0.0 underarmour-costerica.com
0.0.0.0 underarmour-israel.com
0.0.0.0 underarmour-italia.com
0.0.0.0 underarmour-nl.com
0.0.0.0 underarmour-nz.com
0.0.0.0 underarmour-saudiarabia.com
0.0.0.0 underarmourhungary.com
0.0.0.0 underarmourosterreich.com
0.0.0.0 underarmouroutlet-usa.com
0.0.0.0 underarmouroutletromania.com
0.0.0.0 underarmourromania-ro.com
0.0.0.0 underarmourshortsuk.com
0.0.0.0 undergroundmalls.com
0.0.0.0 underrmourireland.com
0.0.0.0 usccollege.store
0.0.0.0 uscolumbsportswear.com
0.0.0.0 usctrojans.online
0.0.0.0 uspumsale.com
0.0.0.0 utahcollege.store
0.0.0.0 utahutes.shop
0.0.0.0 utahutes.store
0.0.0.0 veja-froutlet.com
0.0.0.0 vejafactoryoutletusa.com
0.0.0.0 vejajapanstore.com
0.0.0.0 vejaoslo.com
0.0.0.0 vejaosterreich.com
0.0.0.0 vejaromaniaoutlet.com
0.0.0.0 vejasale-ireland.com
0.0.0.0 vejasneakers-schweiz.com
0.0.0.0 vejatenisice-hr.com
0.0.0.0 vibramfive-fingers.cz
0.0.0.0 vibramsk.com
0.0.0.0 vionicshoes-southafrica.com
0.0.0.0 vionicshoessingapore.com
0.0.0.0 vionicshoesuksale.com
0.0.0.0 vipgiftshopline.com
0.0.0.0 vipgiftshoppy.com
0.0.0.0 vipgoodshoppy.com
0.0.0.0 vippgiftsonline.com
0.0.0.0 virginiatechcollege.store
0.0.0.0 virginiatechhokies.store
0.0.0.0 vlone-uk.com
0.0.0.0 wakeforestcollege.store
0.0.0.0 wakeforestdemondeacons.store
0.0.0.0 warriorsjersey.store
0.0.0.0 washingtoncollege.store
0.0.0.0 washingtonhuskies.store
0.0.0.0 wellness-gym.sk
0.0.0.0 westvirginiacollege.store
0.0.0.0 westvirginiamountaineers.store
0.0.0.0 wolverineaustralias.com
0.0.0.0 xn--conversemaazalar-shc44a.com
0.0.0.0 xn--hotiayakkab-p9a38g.com
0.0.0.0 xn--vansayakkab-9zb.com
0.0.0.0 zainofjallravenkanken.com
0.0.0.0 zalesglobaljewelry.com
0.0.0.0 zamberlanireland.com
0.0.0.0 zapatillasvejacl.com
0.0.0.0 zapatosaldochile.org
# https://forums.malwarebytes.com/topic/293979-recent-scamware-not-recognized-by-malwarebytes/
0.0.0.0 allreqdusa.com
# NSFW: https://app.any.run/tasks/dff4525c-555a-479e-83ba-c5b2f2d11ab6
0.0.0.0 baconaces.pro
0.0.0.0 eredhadbeen.xyz
0.0.0.0 twgfw.eredhadbeen.xyz
0.0.0.0 nugans.live
# NSFW: https://app.any.run/tasks/10647999-b75b-42bd-ae49-c7d596f3c797
0.0.0.0 kdakm.eredhadbeen.xyz
0.0.0.0 qualitydating.top
0.0.0.0 a.curedating.top
0.0.0.0 curedating.top
# https://virustotal.com/gui/ip-address/5.181.203.4/relations
0.0.0.0 finestdating.top
0.0.0.0 goodating.top
0.0.0.0 datingpoint.top
0.0.0.0 cutiesdating.top
0.0.0.0 vipdatingtime.top
# https://virustotal.com/gui/ip-address/195.201.253.131/relations
0.0.0.0 sensualflirts.life
0.0.0.0 yourbestpartner.life
0.0.0.0 thebestdate.life
0.0.0.0 besttightflirts.life
0.0.0.0 timetopdatings.life
0.0.0.0 realhotmeets.life
0.0.0.0 dateflirt.life
0.0.0.0 originalspartner.life
0.0.0.0 loveclick.life
0.0.0.0 goyummdating.life
0.0.0.0 bestdatingsforyou.life
0.0.0.0 findsoulmate.life
0.0.0.0 instinctdating.life
0.0.0.0 charmingdating.life
0.0.0.0 datingarea.life
0.0.0.0 delightdatings.life
0.0.0.0 delightflirt.life
0.0.0.0 delightdating.life
0.0.0.0 bestflirtzone.life
0.0.0.0 getsexy.life
0.0.0.0 lover-finder.life
0.0.0.0 findsexy.life
# (copied from DandelionSprout's list): https://github.com/DandelionSprout/adfilt/issues/748
0.0.0.0 adidas-budapest.com
0.0.0.0 adidas-deutschland.de
0.0.0.0 adidas-egypt.com
0.0.0.0 adidas-france.fr
0.0.0.0 adidas-philippines.com
0.0.0.0 adidas-sk.sk
0.0.0.0 adidasenpanama.com
0.0.0.0 adidasfactoryshop.co.za
0.0.0.0 adidasguatemala.com
0.0.0.0 adidashonduras.com
0.0.0.0 adidasksa.com
0.0.0.0 adidasmaroc.com
0.0.0.0 adidasnicaragua.com
0.0.0.0 adidasonlineoutlet.es
0.0.0.0 adidasonlineuksale.com
0.0.0.0 adidaspakistan.com
0.0.0.0 adidasshoesgreece.com
0.0.0.0 adidasslovensko.sk
0.0.0.0 adidasuaesale.com
0.0.0.0 aerosolesportugal.com
0.0.0.0 aerosolesuk.com
0.0.0.0 alexiawrites.com
0.0.0.0 allbirditalia.it
0.0.0.0 americantouristerfactoryoutlet.com
0.0.0.0 aplshoeuk.com
0.0.0.0 aplsneakerssale.com
0.0.0.0 argentina-adidas.com
0.0.0.0 asicsayakkabitr.com
0.0.0.0 asicscipohungary.com
0.0.0.0 asicsnederland.com
0.0.0.0 asicswinkelnederland.com
0.0.0.0 billabongfactoryoutlet.ca
0.0.0.0 billabongfrance.com
0.0.0.0 billabongitalia.com
0.0.0.0 billabongpolska.com
0.0.0.0 billabongportugal.com
0.0.0.0 billabonguk.com
0.0.0.0 bogsbootsireland.com
0.0.0.0 bogschile.com
0.0.0.0 botaswolverine.com.mx
0.0.0.0 brooksshoesstore.us
0.0.0.0 bundyslovakia.com
0.0.0.0 butywolverlne.com
0.0.0.0 canada-nike.com
0.0.0.0 cariuma-france.fr
0.0.0.0 cariuma-philippines.com
0.0.0.0 cariumashoesportugal.com
0.0.0.0 cariumashoessingapore.com
0.0.0.0 chaussurenobull.com
0.0.0.0 chaussuresnobull.com
0.0.0.0 conversesingaporeoutlets.com
0.0.0.0 danskonederland.com
0.0.0.0 danskosaldi.it
0.0.0.0 demoniachaussuresparis.fr
0.0.0.0 demoniashopberlin.de
0.0.0.0 demoniastopankysk.sk
0.0.0.0 diesel-helsinki.com
0.0.0.0 docmartens-canada.com
0.0.0.0 docsmartensslovensko.sk
0.0.0.0 docsmartensthailand.com
0.0.0.0 doctormartensmadrid.com
0.0.0.0 doctormartensnederland.com
0.0.0.0 doctormartensromanla.com
0.0.0.0 drmartensosterreich.com
0.0.0.0 drmdanmark.com
0.0.0.0 ecuador-adidas.com
0.0.0.0 fitflop-australiasale.com
0.0.0.0 footjoy-portugal.com
0.0.0.0 footjoybelgie.com
0.0.0.0 footjoyfinland.com
0.0.0.0 footjoyindonesia.com
0.0.0.0 footjoypakistan.com
0.0.0.0 footjoyuae.com
0.0.0.0 gym-sharkitalia.com
0.0.0.0 gym-sharkportugal.com
0.0.0.0 gymshark-hrvatska.com
0.0.0.0 gymsharkjp.com
0.0.0.0 gymsharks-hrvatska.com
0.0.0.0 heydudeshoessaleuk.com
0.0.0.0 hhworkwearcanada.com
0.0.0.0 hoka-canada.ca
0.0.0.0 hoka-slovensko.sk
0.0.0.0 hokacaonsale.ca
0.0.0.0 hokahungarywebshop.com
0.0.0.0 hokaschuhekaufen.de
0.0.0.0 hokashoescanadasale.com
0.0.0.0 hokaskoshop.com
0.0.0.0 hrvatska-adidas.com
0.0.0.0 indonesia-adidas.com
0.0.0.0 jakkeshopdanmark.com
0.0.0.0 jakkeshopnorge.com
0.0.0.0 lojasasicslisboa.com
0.0.0.0 lojashellyhansenportugal.com
0.0.0.0 ludan102.com
0.0.0.0 lululemonbarcelona.es
0.0.0.0 martenslovensko.com
0.0.0.0 martensslovensko.sk
0.0.0.0 martensxhrvatska.com
0.0.0.0 martensywarszawa.com
0.0.0.0 martenywarszawa.com
0.0.0.0 merrell-canada-clearance.com
0.0.0.0 merrellbutysklepy.pl
0.0.0.0 merrellportugalshop.com
0.0.0.0 mizuno-italia.com
0.0.0.0 mizuno-mexico.com.mx
0.0.0.0 mizuno-peru.com
0.0.0.0 mizuno-shoesaustralia.com
0.0.0.0 mizuno-thailand.com
0.0.0.0 mizunoblackfridaysale.com
0.0.0.0 mizunodeutschland.de
0.0.0.0 mizunofootballbootsuk.com
0.0.0.0 mizunoshoescanada.ca
0.0.0.0 mizunosshoesindia.com
0.0.0.0 nb-uae.com
0.0.0.0 nbalancechile.com
0.0.0.0 nike-factoryoutletstore.com
0.0.0.0 nikefactorystoreuk.com
0.0.0.0 nobullcrossfitscarpe.com
0.0.0.0 nobullproiectcanada.com
0.0.0.0 nobullswitzeriand.com
0.0.0.0 nobulltrainerphilippines.com
0.0.0.0 nobulltrainersslngapore.com
0.0.0.0 nobullxespana.com
0.0.0.0 nobvllshoesuk.com
0.0.0.0 norge-adidas.com
0.0.0.0 northfaceindiastore.com
0.0.0.0 northfaceoutletargentina.com
0.0.0.0 northfacexhungary.com
0.0.0.0 northfacezurich.com
0.0.0.0 northfacezurlch.com
0.0.0.0 northxfaceindiastore.com
0.0.0.0 osterreich-adidas.com
0.0.0.0 peru-adidas.com
0.0.0.0 portugal-adidas.com
0.0.0.0 psychobunnypolo.com
0.0.0.0 psychobunnytshirt.com
0.0.0.0 puma-turkey.com.tr
0.0.0.0 romaniagymshark.com
0.0.0.0 salomon-retailers.com
0.0.0.0 salomonchileoutlet.com
0.0.0.0 salomondeutschlandsale.de
0.0.0.0 salomonfactoryoutletza.com
0.0.0.0 salomonshoesonline.us
0.0.0.0 salomonshop.ca
0.0.0.0 salomonskioutletshop.com
0.0.0.0 salomonspeedcrossusa.com
0.0.0.0 salomonspikecrosscanada.com
0.0.0.0 salomonxt6outletusa.com
0.0.0.0 salomonxt6sale.com
0.0.0.0 sanuk-canada.com
0.0.0.0 saucony-clearancecanada.com
0.0.0.0 saucony-portugal.org
0.0.0.0 sauconycanadaonsale.com
0.0.0.0 sauconyclearance.us
0.0.0.0 sauconyfactoryoutlet.us
0.0.0.0 sauconyirelandoutlet.com
0.0.0.0 sauconymalaysiaonline.com
0.0.0.0 sauconyrunningshoes.us
0.0.0.0 sauconyshoesfactorynz.com
0.0.0.0 sauconysingaporeonline.com
0.0.0.0 sauconysneakers.us
0.0.0.0 scarpekeenitalia.com
0.0.0.0 scarpewolverine.it
0.0.0.0 shopsalomonsouthafrica.com
0.0.0.0 skechers-south-africa.co.za
0.0.0.0 skecherscanadaonline.ca
0.0.0.0 skechersoutletnz.com
0.0.0.0 sorelbootsoutlet.com
0.0.0.0 sperryonsale.com
0.0.0.0 sperryoutletfactory.com
0.0.0.0 suomi-adidas.com
0.0.0.0 tevadanmarkshop.com
0.0.0.0 tevamalaysias.com
0.0.0.0 tevamalaysiashop.com
0.0.0.0 tevanorgeshop.com
0.0.0.0 thenorthfacenzsale.com
0.0.0.0 thenorthfacexromania.com
0.0.0.0 thursdayboothungary.com
0.0.0.0 thursdayboots-ro.com
0.0.0.0 thursdaybootschweiz.com
0.0.0.0 thursdaybootsdenmark.com
0.0.0.0 thursdaybootsdeutschiand.com
0.0.0.0 thursdaybootsdeutschland.de
0.0.0.0 thursdaybootsgreek.com
0.0.0.0 thursdaybootsmalaysla.com
0.0.0.0 thursdaybootsnorway.com
0.0.0.0 thursdaybootsportugals.com
0.0.0.0 thursdaybootsrea.com
0.0.0.0 thursdaybootsturkey.com
0.0.0.0 thursdayshoesnz.com
0.0.0.0 tiendaasicsmexico.com
0.0.0.0 tiendasadidaschile.com
0.0.0.0 tiendaskecherchile.com
0.0.0.0 tiendasnorthfacemexico.com
0.0.0.0 tnfsoldes.com
0.0.0.0 uptsejacketsale.com
0.0.0.0 wolverineayakkabi.com
0.0.0.0 wolverineboty.cz
0.0.0.0 wolverinechaussure.fr
0.0.0.0 wolverinejapan.com
0.0.0.0 wolverinelaarzen.com
0.0.0.0 wolverineportugal.com
0.0.0.0 wolverineschuhe.at
0.0.0.0 wolverineschuhes.de
0.0.0.0 wolverineskonorge.com
0.0.0.0 wolverinestovler.com
0.0.0.0 wolverlnejapan.com
0.0.0.0 zapatillassalomoncolombia.com
0.0.0.0 zapatosgolffootjoy.com
0.0.0.0 zapatoswolverine.com
0.0.0.0 thenorthfacenorge.co.no
0.0.0.0 tnooutlet.com
0.0.0.0 vansnorge.co.no
0.0.0.0 hunternorge.co
0.0.0.0 hunternorge.co.no
0.0.0.0 hunternorgeno.com
0.0.0.0 hokaslippers.com
0.0.0.0 hokaskooutlet.co.no
0.0.0.0 martenssalg.com
0.0.0.0 martensnorge.co.no
0.0.0.0 hoka-sko.com
0.0.0.0 norgeskotilbud.com
0.0.0.0 hokasnorgeno.com
0.0.0.0 adidasbratislava.sk
0.0.0.0 airsuomi.com
0.0.0.0 asicswebshopshu.com
0.0.0.0 brooksrunnersireland.com
0.0.0.0 brooksrunningindia.co.in
0.0.0.0 chaussurestoms.fr
0.0.0.0 clarks-romania.com
0.0.0.0 clarksshop-hu.com
0.0.0.0 clarkswyprzedaz.com
0.0.0.0 columbiaindiasale.com
0.0.0.0 columbianzoutlet.com
0.0.0.0 crocsacheter.fr
0.0.0.0 deeruptrunner.me
0.0.0.0 desertbootshop.com
0.0.0.0 docmartensnewzealand.com
0.0.0.0 eobuvecco.sk
0.0.0.0 falconportugalshop.me
0.0.0.0 fitflopsalenederland.com
0.0.0.0 footwearnl.com
0.0.0.0 footwearsalesg.com
0.0.0.0 hunter-danmark.com
0.0.0.0 hunter-espana.com
0.0.0.0 hurricane-outlet.co
0.0.0.0 keenscarpeitalia.it
0.0.0.0 mammutsverige.com.se
0.0.0.0 mammutuksale.com
0.0.0.0 newvanshoes.co.in
0.0.0.0 nikehrvatska-hr.com
0.0.0.0 nikeportugal.pt
0.0.0.0 north-face-indirim.com
0.0.0.0 pumarea.com.se
0.0.0.0 pumatennaritale.com
0.0.0.0 rb-greece.com
0.0.0.0 rbingreece.com
0.0.0.0 rbshopgreece.com
0.0.0.0 ropapuma.com
0.0.0.0 runninginshop.com
0.0.0.0 salomonbutikdanmark.com
0.0.0.0 salomonslovensko.sk
0.0.0.0 schweizch.com
0.0.0.0 shoesstoregreece.com
0.0.0.0 sportsonlineuk.com
0.0.0.0 sportwebaruhaz.com
0.0.0.0 tiendadiadoramexico.com
0.0.0.0 tomosterreich.com
0.0.0.0 toms-budapest.com
0.0.0.0 toms-schweiz.com
0.0.0.0 tomscipo.com
0.0.0.0 tomsdeutschland.de
0.0.0.0 tomsitalia.it
0.0.0.0 tomsosterreich.at
0.0.0.0 ukhikingshop.com
0.0.0.0 vanscipok.com
0.0.0.0 vanssnorge.com
0.0.0.0 alo-yoga-turkey.com
0.0.0.0 aloyoga-chile.com
0.0.0.0 aloyogaespana.es
0.0.0.0 aloyogairelandstore.com
0.0.0.0 aloyogaturkey.com.tr
0.0.0.0 asicsisverige.com
0.0.0.0 asolobootsireland.com
0.0.0.0 asolocolombia.com
0.0.0.0 asolodeutschland.com
0.0.0.0 asolofrance.com
0.0.0.0 asoloitaliaoutlet.com
0.0.0.0 asolonederland.com
0.0.0.0 asoloportugal.com
0.0.0.0 asoloskonorge.com
0.0.0.0 asoloskor.com
0.0.0.0 betseyjohnsonitalia.com
0.0.0.0 bootspalladiumitalia.com
0.0.0.0 botasasolomexico.com
0.0.0.0 botasasolooutlet.com
0.0.0.0 boutiquehunterfrance.com
0.0.0.0 calvinkleinchileoutlet.com
0.0.0.0 calvinkleinportugalpt.com
0.0.0.0 conversecostaricaonline.com
0.0.0.0 converseuaeonlinestore.com
0.0.0.0 gantchile.com
0.0.0.0 gantcolombia.com
0.0.0.0 gantdenmark.com
0.0.0.0 gantdeutschland.com
0.0.0.0 ganthrvatska.com
0.0.0.0 gantisrael.com
0.0.0.0 gantitalia.com
0.0.0.0 gantromania.com
0.0.0.0 gantromanias.com
0.0.0.0 gantschweiz.com
0.0.0.0 gantsrbija.com
0.0.0.0 gantturkey.com
0.0.0.0 guesskobenhavn.com
0.0.0.0 guessoutletslovensko.com
0.0.0.0 guessoutletsuomi.com
0.0.0.0 guesssuomi.net
0.0.0.0 gymsharkoutlet.com.au
0.0.0.0 hoka-malaysia.com
0.0.0.0 hoka-polska.pl
0.0.0.0 hoka-spain.es
0.0.0.0 hokabaratas.com
0.0.0.0 hokaencolombia.com
0.0.0.0 hokagermany.de
0.0.0.0 hokaitaliaoutlet.it
0.0.0.0 hokaonenorge.com
0.0.0.0 hokaonlineturkiye.com
0.0.0.0 hokaportugallojas.com
0.0.0.0 hokaromania.ro
0.0.0.0 hokashopindia.net.in
0.0.0.0 hokasingapore.com
0.0.0.0 hokasklep.com
0.0.0.0 hokastoregr.com
0.0.0.0 hunter-boots-ireland.com
0.0.0.0 hunter-canada.ca
0.0.0.0 hunter-colombia.com.co
0.0.0.0 hunter-costarica.com
0.0.0.0 hunter-cz.com
0.0.0.0 hunter-greece.gr
0.0.0.0 hunter-jp.com
0.0.0.0 hunter-osterreich.at
0.0.0.0 hunter-osterreich.com
0.0.0.0 hunter-portugal.pt
0.0.0.0 hunter-romania.ro
0.0.0.0 hunter-sk.sk
0.0.0.0 hunter-slovenija.com
0.0.0.0 hunter-southafrica.com
0.0.0.0 hunter-srbija.com
0.0.0.0 hunter.com.se
0.0.0.0 hunterargentinabotas.com
0.0.0.0 hunteraustraliaau.com
0.0.0.0 hunterbelgium.com
0.0.0.0 hunterbelgiumsale.com
0.0.0.0 hunterbootchile.com
0.0.0.0 hunterboots-israel.com
0.0.0.0 hunterboots-newzealand.com
0.0.0.0 hunterbootsaus.com
0.0.0.0 hunterbootsdubai.com
0.0.0.0 hunterbootsnewzealand.co.nz
0.0.0.0 hunterbootsslovenija.com
0.0.0.0 hunterbootssouthafrica.co.za
0.0.0.0 huntercr.com
0.0.0.0 hunterfrankfurt.com
0.0.0.0 hunterhelsinki.com
0.0.0.0 hunterhrhrvatska.com
0.0.0.0 hunterhrvatskahr.com
0.0.0.0 hunteritaliaoutlet.com
0.0.0.0 hunterjapanjp.com
0.0.0.0 hunterkalosze-pl.com
0.0.0.0 hunterlaarzennederland.com
0.0.0.0 hunterluxembourg.com
0.0.0.0 huntermalaysiamy.com
0.0.0.0 huntermexicomx.com
0.0.0.0 hunterobchod.com
0.0.0.0 hunteronlineshop.de
0.0.0.0 hunteroutlet-canada.com
0.0.0.0 hunterphilippinesstore.com
0.0.0.0 hunterpolska-pl.com
0.0.0.0 hunterportugalpt.com
0.0.0.0 hunterrainbootsaustralia.com
0.0.0.0 hunterrainbootsie.com
0.0.0.0 hunterromania.net
0.0.0.0 huntershopromania.com
0.0.0.0 huntershopschweiz.com
0.0.0.0 huntersingaporesg.com
0.0.0.0 hunterskornjislovenija.com
0.0.0.0 hunterslovenija.com
0.0.0.0 huntersoldes.com
0.0.0.0 huntersrbija.org
0.0.0.0 huntersuomifi.com
0.0.0.0 hunterturkiyesatis.com
0.0.0.0 hunteruruguay.com
0.0.0.0 hunterwellies-australia.com
0.0.0.0 hunterwellies-nz.com
0.0.0.0 hunterwelliesdublin.com
0.0.0.0 hunterwellingtonsaustralia.com
0.0.0.0 hunterwinkelnederland.com
0.0.0.0 jordan-hrvatska.com
0.0.0.0 jordan-nederland.com
0.0.0.0 jordanakcio.com
0.0.0.0 jordanalesuomi.com
0.0.0.0 jordanargentinaonline.com
0.0.0.0 jordanbelgiesale.com
0.0.0.0 jordanbelgium.com
0.0.0.0 jordanberlin.de
0.0.0.0 jordanbogota.com
0.0.0.0 jordanbutysklep.pl
0.0.0.0 jordancapetown.com
0.0.0.0 jordancena.com
0.0.0.0 jordanchileoferta.com
0.0.0.0 jordaneshop.cz
0.0.0.0 jordanfiyat.com
0.0.0.0 jordanieftini.ro
0.0.0.0 jordanindirim.com
0.0.0.0 jordanjapansale.com
0.0.0.0 jordanlisboa.com
0.0.0.0 jordanljubljana.com
0.0.0.0 jordanmalaysias.com
0.0.0.0 jordanmexicomx.com
0.0.0.0 jordanoferta.ro
0.0.0.0 jordanonlinecanada.com
0.0.0.0 jordanonlinegreece.com
0.0.0.0 jordanottawa.com
0.0.0.0 jordanoutletgreece.com
0.0.0.0 jordanoutletnz.com
0.0.0.0 jordanpatike.com
0.0.0.0 jordanph.com
0.0.0.0 jordanphilippine.com
0.0.0.0 jordanportugalpt.com
0.0.0.0 jordanpromocje.pl
0.0.0.0 jordanretroschweiz.com
0.0.0.0 jordansaldi.com
0.0.0.0 jordansaleau.com
0.0.0.0 jordansaleie.com
0.0.0.0 jordansaleireland.com
0.0.0.0 jordanschuhesale.at
0.0.0.0 jordanserbia.com
0.0.0.0 jordanshopmalaysia.com
0.0.0.0 jordanskooslo.com
0.0.0.0 jordanslovenija.co
0.0.0.0 jordansneakersau.com
0.0.0.0 jordansovensko.sk
0.0.0.0 jordansuomiale.com
0.0.0.0 jordantilbud.com
0.0.0.0 jordantilbuddanmark.com
0.0.0.0 jordanuaesale.com
0.0.0.0 jordanwinkel.com
0.0.0.0 keengermany.de
0.0.0.0 keensandalertilbud.com
0.0.0.0 keenspain.es
0.0.0.0 lojasskechersportugal.com
0.0.0.0 mizuno-germany.de
0.0.0.0 mizunoencolombia.com
0.0.0.0 mizunoteniskysk.sk
0.0.0.0 moncler-israel.com
0.0.0.0 moncler-mexico.com
0.0.0.0 monclercanada.ca
0.0.0.0 monclerchile.com
0.0.0.0 monclercolombia.com
0.0.0.0 monclergreece-outlet.com
0.0.0.0 monclermalaysia.com
0.0.0.0 moncleromania.com
0.0.0.0 moncleroutletschweizs.com
0.0.0.0 monclerphilippines.com
0.0.0.0 monclersingapore.com
0.0.0.0 monclersouthafrica.co.za
0.0.0.0 monclersouthafrica.com
0.0.0.0 nikefactoryoutletau.com
0.0.0.0 nikemaroc.com
0.0.0.0 niketurkiyeshop.com
0.0.0.0 nobull-colombia.com.co
0.0.0.0 nobull-mexico.com.mx
0.0.0.0 nobullenargentina.com
0.0.0.0 nobullespanaoutlet.com
0.0.0.0 nobullro.ro
0.0.0.0 nobullsuomiale.com
0.0.0.0 palladium-chile.com
0.0.0.0 palladium-finland.com
0.0.0.0 palladium-philippines.com
0.0.0.0 palladiumaustraliaoutlet.com
0.0.0.0 palladiumbootscolombia.com
0.0.0.0 palladiumbootsnzoutlet.com
0.0.0.0 palladiumbootsromania.com
0.0.0.0 palladiumindonesia.com
0.0.0.0 palladiumnederland.com
0.0.0.0 palladiumoutletportugal.com
0.0.0.0 palladiumschuheaustria.com
0.0.0.0 palladiumschuheoutlet.de
0.0.0.0 palladiumshoesuae.com
0.0.0.0 palladiumsingaporestore.com
0.0.0.0 palladiumskobutikk.com
0.0.0.0 palladiumskodk.com
0.0.0.0 palladiumskorsverige.com
0.0.0.0 palladiumsouthafrica.co.za
0.0.0.0 quiksilver-france.fr
0.0.0.0 quiksilver-mexico.com.mx
0.0.0.0 quiksilverale.com
0.0.0.0 quiksilverangebot.com
0.0.0.0 quiksilveraustralia.com
0.0.0.0 quiksilveraustraliasale.com
0.0.0.0 quiksilverbrasillojas.com
0.0.0.0 quiksilvercanadasale.com
0.0.0.0 quiksilverchile.com
0.0.0.0 quiksilvercolombia.com
0.0.0.0 quiksilverdanmark.com
0.0.0.0 quiksilverenargentina.com
0.0.0.0 quiksilverenchile.com
0.0.0.0 quiksilverespana.com
0.0.0.0 quiksilvergreece.com
0.0.0.0 quiksilverindia.co.in
0.0.0.0 quiksilverindirim.com
0.0.0.0 quiksilverinofferta.com
0.0.0.0 quiksilveritalia.com
0.0.0.0 quiksilverlojas.com
0.0.0.0 quiksilvermalaysia.com
0.0.0.0 quiksilvermalaysiasale.com
0.0.0.0 quiksilvernederland.com
0.0.0.0 quiksilvernewzealand.com
0.0.0.0 quiksilvernorge.com
0.0.0.0 quiksilveroutletgreece.com
0.0.0.0 quiksilveroutletphilippines.com
0.0.0.0 quiksilveroutletpolska.com
0.0.0.0 quiksilveroutletsingapore.com
0.0.0.0 quiksilverphilippines.com
0.0.0.0 quiksilverportugal.com
0.0.0.0 quiksilverpraha.cz
0.0.0.0 quiksilverromania.com
0.0.0.0 quiksilverromania.ro
0.0.0.0 quiksilversaleindia.com
0.0.0.0 quiksilversalesouthafrica.co.za
0.0.0.0 quiksilversingapore.com
0.0.0.0 quiksilversklep.com
0.0.0.0 quiksilversouthafrica.com
0.0.0.0 quiksilversuomi.com
0.0.0.0 quiksilversverige.com
0.0.0.0 quiksilvertilbud.com
0.0.0.0 quiksilvervyprodej.com
0.0.0.0 quiksilverwinkel.com
0.0.0.0 salomocolombia.com
0.0.0.0 salomon-danmark.net
0.0.0.0 salomon-pt.com
0.0.0.0 salomon-spain.es
0.0.0.0 salomonencolombia.com
0.0.0.0 salomonfrancesoldes.fr
0.0.0.0 salomonhungary.net
0.0.0.0 salomonidanmark.com
0.0.0.0 salomoportugalonline.com
0.0.0.0 salomoslovenija.com
0.0.0.0 salomoslovensko.sk
0.0.0.0 saucony-dk.com
0.0.0.0 sauconygermany.de
0.0.0.0 sauconylaufschuhe.at
0.0.0.0 sauconyspain.es
0.0.0.0 sendrabootsdeutschland.com
0.0.0.0 sendrabootsireland.com
0.0.0.0 sendrabootsitalia.com
0.0.0.0 sendrafrance.com
0.0.0.0 skecherchile.com
0.0.0.0 skechers-colombia.com.co
0.0.0.0 skechers-spain.es
0.0.0.0 skechersfactoryoutletau.com
0.0.0.0 skechersmexicotienda.com
0.0.0.0 skechersshoesnzoutlet.com
0.0.0.0 teniskyvejaobuv.sk
0.0.0.0 tiendahunterchile.com
0.0.0.0 tiendahuntermadrid.com
0.0.0.0 tiendajordanargentina.com
0.0.0.0 tiendaquiksilvercolombia.com
0.0.0.0 tiendaquiksilvermexico.com
0.0.0.0 underarmourenecuador.com
0.0.0.0 vejagermany.de
0.0.0.0 vejasneakers.se
0.0.0.0 vejasneakersmexico.com.mx
0.0.0.0 moncleritalia.com
0.0.0.0 alexandermcqueenboty.cz
0.0.0.0 alexandermcqueenskor.com.se
0.0.0.0 alexandermcqueentenisce.com
0.0.0.0 alexandermcqueentenisky.sk
0.0.0.0 alexandermcqueentenls.com
0.0.0.0 axelarigato.com.se
0.0.0.0 axelarigatoboty.cz
0.0.0.0 axelarigatokobenhavn.com
0.0.0.0 axelarigatos.com.se
0.0.0.0 axelarigatosapatilhas.com
0.0.0.0 axelarigatoshoesnz.com
0.0.0.0 axelarigatoslovakia.com
0.0.0.0 axelarigatosneakersnl.com
0.0.0.0 axelarigatozagreb.com
0.0.0.0 bootsonlineindia.com
0.0.0.0 botteshunterfrance.fr
0.0.0.0 cizmeshopromania.com
0.0.0.0 demoniasjapan.com
0.0.0.0 dieseljeancolombia.com
0.0.0.0 dieseljeanscolombia.com
0.0.0.0 drmarswebshop.com
0.0.0.0 enucuzsuperdry.com
0.0.0.0 gummistiefelhunter.de
0.0.0.0 hokalopesko.com
0.0.0.0 hokanorgeno.com
0.0.0.0 hokaonelopesko.com
0.0.0.0 huntegummistiefeloutlet.com
0.0.0.0 huntegummistiefelsale.com
0.0.0.0 hunteranbootsindia.com
0.0.0.0 hunterbootcanada.com
0.0.0.0 hunterholinky.com
0.0.0.0 hunterirelandonline.com
0.0.0.0 hunterlaarzenbelgle.com
0.0.0.0 hunterlaarzendames.com
0.0.0.0 hunteronlinesverige.com
0.0.0.0 hunteroutletireland.com
0.0.0.0 hunterstovlersalg.com
0.0.0.0 hunterwelliesirelandsale.com
0.0.0.0 lacostemagyarorszag.com
0.0.0.0 marbotysleva.cz
0.0.0.0 martenbratislava.sk
0.0.0.0 martengreece.com
0.0.0.0 martenportugal.com
0.0.0.0 martensbotysleva.cz
0.0.0.0 martenshelsinki.net
0.0.0.0 martenshrvatska.co
0.0.0.0 mcqueen-philippines.com
0.0.0.0 mcqueenauckland.com
0.0.0.0 mcqueencolombia.com
0.0.0.0 mcqueenitalian.com
0.0.0.0 mcqueenmalaysiamy.com
0.0.0.0 mcqueensouthafrica.com
0.0.0.0 mcqueensouthafrlca.com
0.0.0.0 merrellespanatiendas.com
0.0.0.0 merrellshoeaustralia.com
0.0.0.0 merrellshoesoutletus.com
0.0.0.0 merrellwanderschuhe.de
0.0.0.0 merrelshoesnzsale.com
0.0.0.0 merrelshoesuksale.com
0.0.0.0 merrelturkiyetr.com
0.0.0.0 mizunonewzealandnz.com
0.0.0.0 mizunoshoesforsale.com
0.0.0.0 mizunoshoesingapore.com
0.0.0.0 nana-vypredaj.sk
0.0.0.0 nanasuomi.com
0.0.0.0 nanavypredaj.sk
0.0.0.0 nbpolskaonline.com
0.0.0.0 neweraindlacap.com
0.0.0.0 niketrindirim.com
0.0.0.0 salomomnorgeoutlet.com
0.0.0.0 salonomaustria.com
0.0.0.0 salonomireland.com
0.0.0.0 salonomitalia.com
0.0.0.0 salonomportugal.com
0.0.0.0 salonomslovensko.com
0.0.0.0 salononfranceonline.com
0.0.0.0 salononsverige.com
0.0.0.0 stivalihuntersaldi.com
0.0.0.0 superdryfactorysg.com
0.0.0.0 tenishokaoneone.com
0.0.0.0 tevasandalehrvatska.com
0.0.0.0 vans-finland.com
0.0.0.0 martensbratislava.sk
0.0.0.0 zapatillasmcqueen.com
# https://app.any.run/tasks/8ced67f6-f4e6-4fed-b634-86fd93ac4074/
0.0.0.0 darkinfotale.xyz
0.0.0.0 f.estivaltodayz.com
0.0.0.0 hollandcash.nl
0.0.0.0 exit.hollandcash.nl
0.0.0.0 clean-blocker.com
# https://github.com/DandelionSprout/adfilt/issues/752
0.0.0.0 omclyzyapf.com
0.0.0.0 godpvqnszo.com
0.0.0.0 news-mapara.com
0.0.0.0 vipdatingtoday.top
0.0.0.0 mo4ckid.click
0.0.0.0 xxxnewvideos.com
0.0.0.0 iseult-aplite.xyz
0.0.0.0 theantivirusprotection.xyz
0.0.0.0 1.news-mapara.com
0.0.0.0 battik-bowwow.xyz
0.0.0.0 2.news-mapara.com
0.0.0.0 pshsbscapr.xyz
0.0.0.0 click01.pshtrkg.com
0.0.0.0 4bd71.trknovi.com
0.0.0.0 jergocast.com
0.0.0.0 news-pelivo.com
# https://app.any.run/tasks/cc3be172-9813-4637-914b-533ac2b72299
0.0.0.0 getfreegem.com
0.0.0.0 gamingtoolz.club
# from notification scams
0.0.0.0 nahist.live
0.0.0.0 redins.live
0.0.0.0 carltus.click
0.0.0.0 www.carltus.click
0.0.0.0 renhadmasandbab.info
0.0.0.0 bestadultdatinglist-com.ru
0.0.0.0 findflirtpartner6.euroshoptrendingclub.ru
0.0.0.0 h.curedating.top
0.0.0.0 martoysure.live
0.0.0.0 goodgollygold.com
# https://virustotal.com/gui/domain/beastws.com
# (my analysis) https://app.any.run/tasks/dc144216-7c8d-4a2b-963e-24b507124e81
0.0.0.0 beastws.com
# https://github.com/no-cmyk/Search-Engine-Spam-Blocklist/issues/8
# TODO: verify these entries, hopefully there aren't any more https://github.com/hagezi/dns-blocklists/issues/987
##if false
0.0.0.0 adajobs.de
0.0.0.0 appart-vermietung.de
0.0.0.0 baderus.de
0.0.0.0 bermudez-portfolio.de
0.0.0.0 carpenteriekluc.it
0.0.0.0 charlotte-wilking.de
0.0.0.0 conradlentz.de
0.0.0.0 corexonline.de
0.0.0.0 dierhagen-ostsee.de
0.0.0.0 digitalplm.de
0.0.0.0 e-dos.pl
0.0.0.0 eltruciolo.it
0.0.0.0 essen-inline-skating.de
0.0.0.0 forstbetrieb-reichel.de
0.0.0.0 fotogruppe-iserlohn.de
0.0.0.0 fw-muensing.de
0.0.0.0 honighelmut.de
0.0.0.0 hostingnetwork24.de
0.0.0.0 hunsruecker-damwild.de
0.0.0.0 hypnose-kunz.de
0.0.0.0 ilcolibri.it
0.0.0.0 lhm-as.de
0.0.0.0 lotuslebanon.com
0.0.0.0 mainradweg-service.de
0.0.0.0 massaggisensitive.it
0.0.0.0 misericordiapompei.it
0.0.0.0 molinariprotection.it
0.0.0.0 new-work-in-mv.de
0.0.0.0 nick-duschek.de
0.0.0.0 officinavettoriale.it
0.0.0.0 schnelltests-ludwigsburg.de
0.0.0.0 snehpandya.me
0.0.0.0 spiritoemateria.it
0.0.0.0 stahl-rohr-moebel.de
0.0.0.0 tipps-staedtereisen.de
##endif
# https://app.any.run/tasks/e90c2a06-036f-4fff-a36f-dffd0d4048ab
0.0.0.0 doxspb.adajobs.de
0.0.0.0 giftaward.life
# https://github.com/badmojr/1Hosts/issues/1098
0.0.0.0 elon23.page.link
# https://github.com/AdguardTeam/AdguardFilters/issues/142492 --> https://github.com/uBlockOrigin/uAssets/commit/fca5436e3e823d73541721867f42dd0712da54a0
0.0.0.0 apkmirror.co
0.0.0.0 webogram.org
0.0.0.0 webogram.ru
0.0.0.0 xn--80affa3aj0al.xn--80asehdb
0.0.0.0 tgram.ru
0.0.0.0 telegramm.site
0.0.0.0 web-telegram.net
# other domains not in the uBo commit
0.0.0.0 atm-receipts.neocities.org
0.0.0.0 apkmirror.net
0.0.0.0 github.me
0.0.0.0 yandec.ru
0.0.0.0 yandex.co
# a test system
0.0.0.0 paleks.live
0.0.0.0 kempus.click
0.0.0.0 www.kempus.click
# https://app.any.run/tasks/3f79c271-f68d-48a8-af16-efd001ce7be3
0.0.0.0 mwgtf.hintonjour.com
0.0.0.0 oqnvm.top
0.0.0.0 edkiu.top
0.0.0.0 mvv5i.top
0.0.0.0 e8tov.top
0.0.0.0 rvueo.top
0.0.0.0 up9rt.top
0.0.0.0 rx93u.top
0.0.0.0 usfo6.top
0.0.0.0 bdlj8.top
0.0.0.0 bqcqw.top
# https://github.com/AdguardTeam/AdguardFilters/issues/143281
0.0.0.0 understatedworking.com
0.0.0.0 jatostepa.com
# https://forums.malwarebytes.com/topic/295377-false-mcaffee-warning/ (account required)
0.0.0.0 powerpcsupport.com
# https://github.com/hagezi/dns-blocklists/issues/598
0.0.0.0 t-post.com
# https://github.com/hagezi/dns-blocklists/issues/597
0.0.0.0 stallioncredit.com
# https://github.com/hagezi/dns-blocklists/issues/596
0.0.0.0 www.68437w.top
# https://github.com/hagezi/dns-blocklists/issues/595
0.0.0.0 goldtimeinvest.com
# https://github.com/hagezi/dns-blocklists/issues/594
0.0.0.0 nirvezal.com
# https://virustotal.com/gui/url/413da77a326371e24a4c334e749a54928b43ee6bcd27165167940456b9c14f52/community
0.0.0.0 eg-ame.com
# https://github.com/AdguardTeam/AdguardFilters/issues/144514
0.0.0.0 attractbonus.life
0.0.0.0 best-prize.life
0.0.0.0 bestbigbonus.life
0.0.0.0 bonusgift.life
0.0.0.0 bonusreward.life
0.0.0.0 bonusscore.life
0.0.0.0 gainquick.life
0.0.0.0 giftjackpot.life
0.0.0.0 greatbonushere.life
0.0.0.0 greatprizes.life
0.0.0.0 jackpotscore.life
0.0.0.0 jackpotwinning.life
0.0.0.0 keep-rewards.life
0.0.0.0 keepbonus.life
0.0.0.0 keepreward.life
0.0.0.0 mygreatprize.life
0.0.0.0 prizeaward.life
0.0.0.0 prizefast.life
0.0.0.0 prizegain.life
0.0.0.0 prizehere.life
0.0.0.0 prizerush.life
0.0.0.0 prizesenses.life
0.0.0.0 prizesure.life
0.0.0.0 realgift.life
0.0.0.0 rewardgains.life
0.0.0.0 scorereward.life
0.0.0.0 simpleprize.life
0.0.0.0 simplewin.life
0.0.0.0 taketheprizes.life
0.0.0.0 topbonusgain.life
0.0.0.0 win-bonus.life
0.0.0.0 win-prize-now.life
0.0.0.0 win-prize.life
0.0.0.0 win-touch.life
0.0.0.0 winbigdrip.life
0.0.0.0 wincorporate.life
0.0.0.0 winearth.life
0.0.0.0 winexpert.life
0.0.0.0 wingiftnow.life
0.0.0.0 winmore.life
0.0.0.0 winprizehere.life
0.0.0.0 winpulse.life
0.0.0.0 winregistry.life
0.0.0.0 winsimply.life
0.0.0.0 wintarget.life
# https://github.com/uBlockOrigin/uAssets/issues/17075
# my analysis: https://app.any.run/tasks/ed301c03-1105-47e5-88d1-66fded6a0a9b
0.0.0.0 myspecialdates.com
# https://www.reddit.com/r/uBlockOrigin/comments/11s92xa/badware_risks_page_request_malware/
0.0.0.0 www.addonsearch.net
# https://app.any.run/tasks/794fc4f3-e0da-49b0-b29b-304514a8bd2d
0.0.0.0 70k-free-robux-generator-no-human-verification.statuspage.io
0.0.0.0 bettertool.xyz
# elon musk crypto scam on hacked YouTube channels
# https://app.any.run/tasks/2963db56-bd87-4b82-8b24-97e6e68aef66/
0.0.0.0 x2-promo.net
# https://tria.ge/230318-twrw1ach63/behavioral1
0.0.0.0 teslasend.io
# https://forums.malwarebytes.com/topic/296022-comment-spam-from-my-site/ (account required)
# (my analysis) NSFW https://app.any.run/tasks/cd2d1278-ad10-4c38-8f49-fa34fa675820
0.0.0.0 f.vipcooldating.top
0.0.0.0 vipcooldating.top
0.0.0.0 i.vipcooldating.top
# https://github.com/durablenapkin/scamblocklist/issues/10
0.0.0.0 adzfree-watch.net
# https://github.com/AdguardTeam/AdguardFilters/commit/57f39538070d7d5e6379da4e58bd02defffa7481
0.0.0.0 ikouthaupi.com
0.0.0.0 instreamersdian.com
# https://app.any.run/tasks/31119ba0-9bf8-42e2-8e77-eec9045be865
0.0.0.0 applover.net
# https://app.any.run/tasks/89a5c643-ba0f-4bb6-b953-ef08ee0213ef
0.0.0.0 youtubgenerator.w3spaces.com
# https://app.any.run/tasks/482b8fa1-0f24-461a-a4f5-a6996c46ccdc/
0.0.0.0 rewards24.onlinewebshop.net
0.0.0.0 locked3.com
0.0.0.0 cdn.locked3.com
# https://github.com/durablenapkin/scamblocklist/issues/15
0.0.0.0 thuthuatxiaomi.com
0.0.0.0 petsimulator.live
0.0.0.0 rewardsgiantca.com
0.0.0.0 earnpets.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/90853
# (my analysis) https://app.any.run/tasks/029760ea-9972-4c3a-8a7e-cca3d7777c0f
0.0.0.0 emeraldtrking.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/90813
# (my analysis) https://app.any.run/tasks/0992866b-9af2-41ba-9b91-8fe5a2917908
0.0.0.0 bbxxvwb.tk
# https://github.com/StevenBlack/hosts/issues/2271
0.0.0.0 transive.top
0.0.0.0 warehousesale.shop
# https://app.any.run/tasks/3137c861-185d-4037-84e9-65cc0adeba15
0.0.0.0 econsultingcoem.com
0.0.0.0 bgqcb.econsultingcoem.com
0.0.0.0 j4352.top
0.0.0.0 emqu4.top
0.0.0.0 kp0z3.top
0.0.0.0 kxaie.top
# https://app.any.run/tasks/7626fdcc-20f1-4471-a011-23108f113eca
# https://app.any.run/tasks/4bc28a83-6a39-430a-a74b-246b30ab4ae4
0.0.0.0 fuwins.xyz
0.0.0.0 .xyz/1sm/9.html?*&campaign_id=
# https://virustotal.com/gui/ip-address/157.230.4.182/relations
# on the same IP, I tried a few and all of them hosted the same scam page (i.e. https://app.any.run/tasks/e9fd2b7d-d8cc-40dc-aa65-daaee7bc5558)
0.0.0.0 gedins.xyz
0.0.0.0 gemins.xyz
0.0.0.0 fofins.xyz
0.0.0.0 gekins.xyz
0.0.0.0 gegins.xyz
0.0.0.0 gecins.xyz
0.0.0.0 cebens.xyz
0.0.0.0 gifirs.xyz
0.0.0.0 cexens.xyz
0.0.0.0 buvers.xyz
0.0.0.0 lohens.xyz
0.0.0.0 lodens.xyz
0.0.0.0 luvens.xyz
0.0.0.0 busers.xyz
0.0.0.0 laxens.xyz
0.0.0.0 bumers.xyz
0.0.0.0 lazens.xyz
0.0.0.0 lufens.xyz
0.0.0.0 latens.xyz
0.0.0.0 bijers.xyz
0.0.0.0 luxens.xyz
0.0.0.0 lavens.xyz
0.0.0.0 lolens.xyz
0.0.0.0 lubens.xyz
0.0.0.0 buders.xyz
0.0.0.0 baxers.xyz
0.0.0.0 bukers.xyz
0.0.0.0 buwers.xyz
0.0.0.0 bisers.xyz
0.0.0.0 bipers.xyz
0.0.0.0 bahers.xyz
0.0.0.0 lotens.xyz
0.0.0.0 lapens.xyz
0.0.0.0 ladens.xyz
0.0.0.0 basers.xyz
0.0.0.0 bugers.xyz
0.0.0.0 loxens.xyz
0.0.0.0 lowens.xyz
0.0.0.0 baters.xyz
0.0.0.0 lafens.xyz
0.0.0.0 lutens.xyz
0.0.0.0 lasens.xyz
0.0.0.0 bupers.xyz
0.0.0.0 locens.xyz
0.0.0.0 buzers.xyz
0.0.0.0 bubers.xyz
0.0.0.0 lojens.xyz
0.0.0.0 biwers.xyz
0.0.0.0 bufers.xyz
0.0.0.0 buhers.xyz
0.0.0.0 losens.xyz
0.0.0.0 lopens.xyz
0.0.0.0 bucers.xyz
0.0.0.0 lagens.xyz
0.0.0.0 bagers.xyz
0.0.0.0 birers.xyz
0.0.0.0 lozens.xyz
0.0.0.0 lusens.xyz
0.0.0.0 biders.xyz
0.0.0.0 buters.xyz
0.0.0.0 lawens.xyz
0.0.0.0 burers.xyz
0.0.0.0 lalens.xyz
0.0.0.0 bafers.xyz
0.0.0.0 bulers.xyz
0.0.0.0 lacens.xyz
0.0.0.0 lomens.xyz
0.0.0.0 balers.xyz
0.0.0.0 luzens.xyz
0.0.0.0 lahens.xyz
0.0.0.0 bavers.xyz
0.0.0.0 lokens.xyz
0.0.0.0 baders.xyz
0.0.0.0 bawers.xyz
0.0.0.0 bihers.xyz
0.0.0.0 lulens.xyz
0.0.0.0 bacers.xyz
0.0.0.0 labens.xyz
0.0.0.0 bazers.xyz
0.0.0.0 bapers.xyz
0.0.0.0 bajers.xyz
0.0.0.0 bifers.xyz
0.0.0.0 bujers.xyz
0.0.0.0 barers.xyz
0.0.0.0 lajens.xyz
0.0.0.0 buners.xyz
0.0.0.0 babers.xyz
0.0.0.0 bigers.xyz
0.0.0.0 lobens.xyz
0.0.0.0 buxers.xyz
0.0.0.0 cevens.xyz
0.0.0.0 cetens.xyz
0.0.0.0 barins.xyz
0.0.0.0 bamins.xyz
0.0.0.0 bakins.xyz
0.0.0.0 biwins.xyz
0.0.0.0 lurens.xyz
0.0.0.0 lupens.xyz
0.0.0.0 bacins.xyz
0.0.0.0 luwens.xyz
0.0.0.0 lujens.xyz
0.0.0.0 luhens.xyz
0.0.0.0 lunens.xyz
0.0.0.0 lonens.xyz
0.0.0.0 logens.xyz
0.0.0.0 lanens.xyz
0.0.0.0 lofens.xyz
0.0.0.0 tesens.xyz
0.0.0.0 sibans.xyz
0.0.0.0 ricens.xyz
0.0.0.0 rapens.xyz
0.0.0.0 rorens.xyz
0.0.0.0 tonens.xyz
0.0.0.0 sowans.xyz
0.0.0.0 tikens.xyz
0.0.0.0 tilens.xyz
0.0.0.0 ribens.xyz
0.0.0.0 setans.xyz
0.0.0.0 rofens.xyz
0.0.0.0 simans.xyz
0.0.0.0 rarens.xyz
0.0.0.0 ronens.xyz
0.0.0.0 sefans.xyz
0.0.0.0 sonans.xyz
0.0.0.0 terens.xyz
0.0.0.0 sijans.xyz
0.0.0.0 rolens.xyz
0.0.0.0 sexans.xyz
0.0.0.0 roxens.xyz
0.0.0.0 tigens.xyz
0.0.0.0 rabens.xyz
0.0.0.0 toxens.xyz
0.0.0.0 tolens.xyz
0.0.0.0 sixans.xyz
0.0.0.0 ripens.xyz
0.0.0.0 rimens.xyz
0.0.0.0 romens.xyz
0.0.0.0 sidans.xyz
0.0.0.0 ralens.xyz
0.0.0.0 sizans.xyz
0.0.0.0 todens.xyz
0.0.0.0 sehans.xyz
0.0.0.0 rawens.xyz
0.0.0.0 tevens.xyz
0.0.0.0 rocens.xyz
0.0.0.0 tibens.xyz
0.0.0.0 sikans.xyz
0.0.0.0 rozens.xyz
0.0.0.0 rivens.xyz
0.0.0.0 tivens.xyz
0.0.0.0 rizens.xyz
0.0.0.0 tegens.xyz
0.0.0.0 sepans.xyz
0.0.0.0 rafens.xyz
0.0.0.0 rilens.xyz
0.0.0.0 ragens.xyz
0.0.0.0 sohans.xyz
0.0.0.0 tirens.xyz
0.0.0.0 rohens.xyz
0.0.0.0 tehens.xyz
0.0.0.0 rifens.xyz
0.0.0.0 selans.xyz
0.0.0.0 tixens.xyz
0.0.0.0 riwens.xyz
0.0.0.0 sirans.xyz
0.0.0.0 rakens.xyz
0.0.0.0 tofens.xyz
0.0.0.0 tipens.xyz
0.0.0.0 tepens.xyz
0.0.0.0 tocens.xyz
0.0.0.0 ratens.xyz
0.0.0.0 rihens.xyz
0.0.0.0 sorans.xyz
0.0.0.0 racens.xyz
0.0.0.0 silans.xyz
0.0.0.0 ticens.xyz
0.0.0.0 tewens.xyz
0.0.0.0 tojens.xyz
0.0.0.0 rasens.xyz
0.0.0.0 rahens.xyz
0.0.0.0 rijens.xyz
0.0.0.0 rokens.xyz
0.0.0.0 tifens.xyz
0.0.0.0 towens.xyz
0.0.0.0 tisens.xyz
0.0.0.0 raxens.xyz
0.0.0.0 serans.xyz
0.0.0.0 sihans.xyz
0.0.0.0 tizens.xyz
0.0.0.0 rikens.xyz
0.0.0.0 radens.xyz
0.0.0.0 sitans.xyz
0.0.0.0 rovens.xyz
0.0.0.0 sekans.xyz
0.0.0.0 sokans.xyz
0.0.0.0 sifans.xyz
0.0.0.0 sezans.xyz
0.0.0.0 ritens.xyz
0.0.0.0 tihens.xyz
0.0.0.0 rinens.xyz
0.0.0.0 sivans.xyz
0.0.0.0 ropens.xyz
0.0.0.0 sesans.xyz
0.0.0.0 tinens.xyz
0.0.0.0 rotens.xyz
0.0.0.0 sobans.xyz
0.0.0.0 torens.xyz
0.0.0.0 rirens.xyz
0.0.0.0 semans.xyz
0.0.0.0 temens.xyz
0.0.0.0 tovens.xyz
0.0.0.0 tebens.xyz
0.0.0.0 sigans.xyz
0.0.0.0 sisans.xyz
0.0.0.0 socans.xyz
0.0.0.0 risens.xyz
0.0.0.0 ridens.xyz
0.0.0.0 rixens.xyz
0.0.0.0 texens.xyz
0.0.0.0 sipans.xyz
0.0.0.0 siwans.xyz
0.0.0.0 tedens.xyz
0.0.0.0 rigens.xyz
0.0.0.0 tejens.xyz
0.0.0.0 senans.xyz
0.0.0.0 rowens.xyz
0.0.0.0 soxans.xyz
0.0.0.0 tecens.xyz
0.0.0.0 totens.xyz
0.0.0.0 tozens.xyz
0.0.0.0 rajens.xyz
0.0.0.0 ranens.xyz
0.0.0.0 sewans.xyz
0.0.0.0 tosens.xyz
0.0.0.0 timens.xyz
0.0.0.0 razens.xyz
0.0.0.0 somans.xyz
0.0.0.0 tezens.xyz
0.0.0.0 sogans.xyz
0.0.0.0 sozans.xyz
0.0.0.0 sicans.xyz
0.0.0.0 secans.xyz
0.0.0.0 tiwens.xyz
0.0.0.0 sinans.xyz
0.0.0.0 tohens.xyz
0.0.0.0 larens.xyz
0.0.0.0 togens.xyz
0.0.0.0 gicurs.xyz
0.0.0.0 tobens.xyz
0.0.0.0 tijens.xyz
0.0.0.0 tidens.xyz
0.0.0.0 sovans.xyz
0.0.0.0 sotans.xyz
0.0.0.0 sosans.xyz
0.0.0.0 sojans.xyz
0.0.0.0 hohers.xyz
0.0.0.0 gizurs.xyz
0.0.0.0 humers.xyz
0.0.0.0 hogers.xyz
0.0.0.0 mitans.xyz
0.0.0.0 huners.xyz
0.0.0.0 giwirs.xyz
0.0.0.0 mucans.xyz
0.0.0.0 hurers.xyz
0.0.0.0 hoders.xyz
0.0.0.0 gipirs.xyz
0.0.0.0 muxans.xyz
0.0.0.0 gipurs.xyz
0.0.0.0 movans.xyz
0.0.0.0 mubans.xyz
0.0.0.0 hicers.xyz
0.0.0.0 mixans.xyz
0.0.0.0 hipers.xyz
0.0.0.0 hibers.xyz
0.0.0.0 gibirs.xyz
0.0.0.0 huhers.xyz
0.0.0.0 monans.xyz
0.0.0.0 hisers.xyz
0.0.0.0 hozers.xyz
0.0.0.0 hujers.xyz
0.0.0.0 mizans.xyz
0.0.0.0 mopans.xyz
0.0.0.0 honers.xyz
0.0.0.0 gihurs.xyz
0.0.0.0 huders.xyz
0.0.0.0 gicirs.xyz
0.0.0.0 gikurs.xyz
0.0.0.0 molans.xyz
0.0.0.0 huters.xyz
0.0.0.0 holers.xyz
0.0.0.0 hobers.xyz
0.0.0.0 modans.xyz
0.0.0.0 gilurs.xyz
0.0.0.0 hiters.xyz
0.0.0.0 mozans.xyz
0.0.0.0 mupans.xyz
0.0.0.0 higers.xyz
0.0.0.0 hocers.xyz
0.0.0.0 mukans.xyz
0.0.0.0 musans.xyz
0.0.0.0 hizers.xyz
0.0.0.0 husers.xyz
0.0.0.0 muvans.xyz
0.0.0.0 gixurs.xyz
0.0.0.0 migans.xyz
0.0.0.0 givirs.xyz
0.0.0.0 gimurs.xyz
0.0.0.0 mufans.xyz
0.0.0.0 mipans.xyz
0.0.0.0 giwurs.xyz
0.0.0.0 ginurs.xyz
0.0.0.0 gifurs.xyz
0.0.0.0 mogans.xyz
0.0.0.0 munans.xyz
0.0.0.0 gixers.xyz
0.0.0.0 giwers.xyz
0.0.0.0 gisers.xyz
0.0.0.0 mumans.xyz
0.0.0.0 mojans.xyz
0.0.0.0 gidurs.xyz
0.0.0.0 gijers.xyz
0.0.0.0 gilers.xyz
0.0.0.0 mujans.xyz
0.0.0.0 gitirs.xyz
0.0.0.0 gifers.xyz
0.0.0.0 hijers.xyz
0.0.0.0 muwans.xyz
0.0.0.0 mohans.xyz
0.0.0.0 hiners.xyz
0.0.0.0 ginirs.xyz
0.0.0.0 moxans.xyz
0.0.0.0 hupers.xyz
0.0.0.0 huwers.xyz
0.0.0.0 gigers.xyz
0.0.0.0 gisirs.xyz
0.0.0.0 hucers.xyz
0.0.0.0 howers.xyz
0.0.0.0 hokers.xyz
0.0.0.0 gimirs.xyz
0.0.0.0 gipers.xyz
0.0.0.0 gidirs.xyz
0.0.0.0 mibans.xyz
0.0.0.0 gikirs.xyz
0.0.0.0 giners.xyz
0.0.0.0 minans.xyz
0.0.0.0 gizers.xyz
0.0.0.0 mofans.xyz
0.0.0.0 mulans.xyz
0.0.0.0 hifers.xyz
0.0.0.0 mutans.xyz
0.0.0.0 mimans.xyz
0.0.0.0 gizirs.xyz
0.0.0.0 mosans.xyz
0.0.0.0 hiwers.xyz
0.0.0.0 miwans.xyz
0.0.0.0 gihirs.xyz
0.0.0.0 mugans.xyz
0.0.0.0 muzans.xyz
0.0.0.0 gijirs.xyz
0.0.0.0 gilirs.xyz
0.0.0.0 girirs.xyz
0.0.0.0 gijurs.xyz
0.0.0.0 gimers.xyz
0.0.0.0 hirers.xyz
0.0.0.0 mudans.xyz
0.0.0.0 sopans.xyz
0.0.0.0 solans.xyz
0.0.0.0 giders.xyz
0.0.0.0 sodans.xyz
0.0.0.0 irejad.life
0.0.0.0 segans.xyz
0.0.0.0 sejans.xyz
0.0.0.0 hosers.xyz
0.0.0.0 hoxers.xyz
0.0.0.0 mijans.xyz
0.0.0.0 sebans.xyz
0.0.0.0 tetens.xyz
0.0.0.0 tekens.xyz
0.0.0.0 telens.xyz
0.0.0.0 tefens.xyz
0.0.0.0 giwens.com
0.0.0.0 sporens.com
0.0.0.0 tihens.com
0.0.0.0 tomens.xyz
0.0.0.0 givurs.xyz
0.0.0.0 giturs.xyz
0.0.0.0 bipens.xyz
0.0.0.0 bafens.xyz
0.0.0.0 bizens.xyz
0.0.0.0 biwens.xyz
0.0.0.0 hovens.xyz
0.0.0.0 huhens.xyz
0.0.0.0 guters.xyz
0.0.0.0 hucens.xyz
0.0.0.0 abirs.xyz
0.0.0.0 hakens.xyz
0.0.0.0 ahirs.xyz
0.0.0.0 bolens.xyz
0.0.0.0 botens.xyz
0.0.0.0 gojers.xyz
0.0.0.0 bagens.xyz
0.0.0.0 gozers.xyz
0.0.0.0 gulers.xyz
0.0.0.0 gujers.xyz
0.0.0.0 gomers.xyz
0.0.0.0 bahens.xyz
0.0.0.0 bixens.xyz
0.0.0.0 hirens.xyz
0.0.0.0 arirs.xyz
0.0.0.0 azirs.xyz
0.0.0.0 gohers.xyz
0.0.0.0 bapens.xyz
0.0.0.0 avors.xyz
0.0.0.0 ajirs.xyz
0.0.0.0 bisens.xyz
0.0.0.0 bopens.xyz
0.0.0.0 howens.xyz
0.0.0.0 gocers.xyz
0.0.0.0 ahors.xyz
0.0.0.0 husens.xyz
0.0.0.0 bodens.xyz
0.0.0.0 bigens.xyz
0.0.0.0 bosens.xyz
0.0.0.0 guvers.xyz
0.0.0.0 hutens.xyz
0.0.0.0 hafens.xyz
0.0.0.0 boxens.xyz
0.0.0.0 bijens.xyz
0.0.0.0 apors.xyz
0.0.0.0 axers.xyz
0.0.0.0 hoxens.xyz
0.0.0.0 babens.xyz
0.0.0.0 ajers.xyz
0.0.0.0 abers.xyz
0.0.0.0 akors.xyz
0.0.0.0 anirs.xyz
0.0.0.0 bohens.xyz
0.0.0.0 gufers.xyz
0.0.0.0 homens.xyz
0.0.0.0 awirs.xyz
0.0.0.0 huwens.xyz
0.0.0.0 bofens.xyz
0.0.0.0 adirs.xyz
0.0.0.0 anors.xyz
0.0.0.0 binens.xyz
0.0.0.0 bihens.xyz
0.0.0.0 bocens.xyz
0.0.0.0 huvens.xyz
0.0.0.0 holens.xyz
0.0.0.0 goders.xyz
0.0.0.0 hugens.xyz
0.0.0.0 awers.xyz
0.0.0.0 gugers.xyz
0.0.0.0 axors.xyz
0.0.0.0 borens.xyz
0.0.0.0 bicens.xyz
0.0.0.0 birens.xyz
0.0.0.0 higens.xyz
0.0.0.0 gurers.xyz
0.0.0.0 acors.xyz
0.0.0.0 bavens.xyz
0.0.0.0 barens.xyz
0.0.0.0 apirs.xyz
0.0.0.0 atirs.xyz
0.0.0.0 awors.xyz
0.0.0.0 guners.xyz
0.0.0.0 bibens.xyz
0.0.0.0 gumers.xyz
0.0.0.0 agirs.xyz
0.0.0.0 gupers.xyz
0.0.0.0 arors.xyz
0.0.0.0 alirs.xyz
0.0.0.0 guxers.xyz
0.0.0.0 guzers.xyz
0.0.0.0 humens.xyz
0.0.0.0 golers.xyz
0.0.0.0 hosens.xyz
0.0.0.0 hukens.xyz
0.0.0.0 bimens.xyz
0.0.0.0 hogens.xyz
0.0.0.0 goters.xyz
0.0.0.0 gokers.xyz
0.0.0.0 guwers.xyz
0.0.0.0 bamens.xyz
0.0.0.0 asirs.xyz
0.0.0.0 arers.xyz
0.0.0.0 guders.xyz
0.0.0.0 ators.xyz
0.0.0.0 bilens.xyz
0.0.0.0 asors.xyz
0.0.0.0 aders.xyz
0.0.0.0 avirs.xyz
0.0.0.0 asers.xyz
0.0.0.0 axirs.xyz
0.0.0.0 gosers.xyz
0.0.0.0 hipens.xyz
0.0.0.0 guhers.xyz
0.0.0.0 baxens.xyz
0.0.0.0 afors.xyz
0.0.0.0 bogens.xyz
0.0.0.0 gopers.xyz
0.0.0.0 bokens.xyz
0.0.0.0 goxers.xyz
0.0.0.0 huzens.xyz
0.0.0.0 gucers.xyz
0.0.0.0 akirs.xyz
0.0.0.0 amers.xyz
0.0.0.0 aters.xyz
0.0.0.0 bazens.xyz
0.0.0.0 gukers.xyz
0.0.0.0 bifens.xyz
0.0.0.0 gowers.xyz
0.0.0.0 alers.xyz
0.0.0.0 abors.xyz
0.0.0.0 gusers.xyz
0.0.0.0 gisurs.xyz
0.0.0.0 gicers.xyz
0.0.0.0 hihers.xyz
0.0.0.0 gubers.xyz
0.0.0.0 girurs.xyz
0.0.0.0 giburs.xyz
0.0.0.0 gorers.xyz
0.0.0.0 huxens.xyz
0.0.0.0 hurens.xyz
0.0.0.0 hulens.xyz
0.0.0.0 hupens.xyz
0.0.0.0 hunens.xyz
0.0.0.0 hujens.xyz
0.0.0.0 hufens.xyz
0.0.0.0 ahers.xyz
0.0.0.0 hudens.xyz
0.0.0.0 hubens.xyz
0.0.0.0 hozens.xyz
0.0.0.0 horens.xyz
0.0.0.0 bikens.xyz
0.0.0.0 hopens.xyz
0.0.0.0 honens.xyz
0.0.0.0 gawirs.xyz
0.0.0.0 gepirs.xyz
0.0.0.0 gesirs.xyz
0.0.0.0 gelirs.xyz
0.0.0.0 gazirs.xyz
0.0.0.0 disirs.xyz
0.0.0.0 gevirs.xyz
0.0.0.0 gacirs.xyz
0.0.0.0 gahirs.xyz
0.0.0.0 dovirs.xyz
0.0.0.0 dipirs.xyz
0.0.0.0 gagirs.xyz
0.0.0.0 gekirs.xyz
0.0.0.0 gajirs.xyz
0.0.0.0 dogirs.xyz
0.0.0.0 gemirs.xyz
0.0.0.0 getirs.xyz
0.0.0.0 denirs.xyz
0.0.0.0 gebirs.xyz
0.0.0.0 galirs.xyz
0.0.0.0 gatirs.xyz
0.0.0.0 gabirs.xyz
0.0.0.0 gamirs.xyz
0.0.0.0 gasirs.xyz
0.0.0.0 gonirs.xyz
0.0.0.0 garirs.xyz
0.0.0.0 gozirs.xyz
0.0.0.0 gafirs.xyz
0.0.0.0 ganirs.xyz
0.0.0.0 hawens.xyz
0.0.0.0 hibens.xyz
0.0.0.0 hocens.xyz
0.0.0.0 bajens.xyz
0.0.0.0 dozirs.xyz
0.0.0.0 doxirs.xyz
0.0.0.0 hihens.xyz
0.0.0.0 dojirs.xyz
0.0.0.0 dizirs.xyz
0.0.0.0 gowirs.xyz
0.0.0.0 hobens.xyz
0.0.0.0 hicens.xyz
0.0.0.0 dorirs.xyz
0.0.0.0 dotirs.xyz
0.0.0.0 bawens.xyz
0.0.0.0 dohirs.xyz
0.0.0.0 hilens.xyz
0.0.0.0 bacens.xyz
0.0.0.0 gecirs.xyz
0.0.0.0 himens.xyz
0.0.0.0 hikens.xyz
0.0.0.0 batens.xyz
0.0.0.0 gopirs.xyz
0.0.0.0 haxens.xyz
0.0.0.0 acirs.xyz
0.0.0.0 gehirs.xyz
0.0.0.0 bakens.xyz
0.0.0.0 hixens.xyz
0.0.0.0 hinens.xyz
0.0.0.0 hijens.xyz
0.0.0.0 dofirs.xyz
0.0.0.0 hanens.xyz
0.0.0.0 hodens.xyz
0.0.0.0 hazens.xyz
0.0.0.0 gezirs.xyz
0.0.0.0 hahens.xyz
0.0.0.0 donirs.xyz
0.0.0.0 goxirs.xyz
0.0.0.0 gobers.xyz
0.0.0.0 govirs.xyz
0.0.0.0 hofens.xyz
0.0.0.0 gosirs.xyz
0.0.0.0 dosirs.xyz
0.0.0.0 basens.xyz
0.0.0.0 gorirs.xyz
0.0.0.0 hizens.xyz
0.0.0.0 hamens.xyz
0.0.0.0 gewirs.xyz
0.0.0.0 hajens.xyz
0.0.0.0 hacens.xyz
0.0.0.0 afirs.xyz
0.0.0.0 hivens.xyz
0.0.0.0 gedirs.xyz
0.0.0.0 harens.xyz
0.0.0.0 banens.xyz
0.0.0.0 hadens.xyz
0.0.0.0 habens.xyz
0.0.0.0 hohens.xyz
0.0.0.0 hidens.xyz
0.0.0.0 hifens.xyz
0.0.0.0 afers.xyz
0.0.0.0 hiwens.xyz
0.0.0.0 gisid.live
0.0.0.0 gejirs.xyz
0.0.0.0 hokens.xyz
0.0.0.0 hojens.xyz
0.0.0.0 hisens.xyz
0.0.0.0 hatens.xyz
0.0.0.0 gotirs.xyz
0.0.0.0 badens.xyz
0.0.0.0 gerirs.xyz
0.0.0.0 hapens.xyz
0.0.0.0 hasens.xyz
0.0.0.0 dolirs.xyz
0.0.0.0 gexirs.xyz
0.0.0.0 dowirs.xyz
0.0.0.0 dokirs.xyz
0.0.0.0 dopirs.xyz
0.0.0.0 dodirs.xyz
0.0.0.0 repins.xyz
0.0.0.0 mepir.live
0.0.0.0 rajist.xyz
0.0.0.0 repis.xyz
0.0.0.0 mesir.live
0.0.0.0 ropist.xyz
0.0.0.0 rekis.xyz
0.0.0.0 rejis.xyz
0.0.0.0 tapins.xyz
0.0.0.0 mepor.live
0.0.0.0 tarins.xyz
0.0.0.0 rejins.xyz
0.0.0.0 metir.live
0.0.0.0 mefor.live
0.0.0.0 tewins.xyz
0.0.0.0 rojist.xyz
0.0.0.0 towins.xyz
0.0.0.0 rezis.xyz
0.0.0.0 meror.live
0.0.0.0 rekins.xyz
0.0.0.0 recins.xyz
0.0.0.0 mebir.live
0.0.0.0 rakist.xyz
0.0.0.0 renins.xyz
0.0.0.0 rerins.xyz
0.0.0.0 mahey.live
0.0.0.0 rewis.xyz
0.0.0.0 menor.live
0.0.0.0 radist.xyz
0.0.0.0 raxist.xyz
0.0.0.0 razist.xyz
0.0.0.0 nupges.live
0.0.0.0 rogist.xyz
0.0.0.0 retins.xyz
0.0.0.0 mexor.live
0.0.0.0 rehis.xyz
0.0.0.0 rocist.xyz
0.0.0.0 rezins.xyz
0.0.0.0 memir.live
0.0.0.0 ravist.xyz
0.0.0.0 nuhges.live
0.0.0.0 rohist.xyz
0.0.0.0 nujges.live
0.0.0.0 nuwges.live
0.0.0.0 refins.xyz
0.0.0.0 majey.live
0.0.0.0 rexins.xyz
0.0.0.0 redins.xyz
0.0.0.0 robist.xyz
0.0.0.0 relins.xyz
0.0.0.0 rugist.xyz
0.0.0.0 rewins.xyz
0.0.0.0 revins.xyz
0.0.0.0 telins.xyz
0.0.0.0 gokirs.xyz
0.0.0.0 dobirs.xyz
0.0.0.0 docirs.xyz
0.0.0.0 dicirs.xyz
0.0.0.0 demirs.xyz
0.0.0.0 rehins.xyz
0.0.0.0 togins.xyz
0.0.0.0 dexirs.xyz
0.0.0.0 dirirs.xyz
0.0.0.0 didirs.xyz
0.0.0.0 diwirs.xyz
0.0.0.0 gobirs.xyz
0.0.0.0 golirs.xyz
0.0.0.0 rusist.xyz
0.0.0.0 gadirs.xyz
0.0.0.0 gavirs.xyz
0.0.0.0 degirs.xyz
0.0.0.0 dijirs.xyz
0.0.0.0 dikirs.xyz
0.0.0.0 tevins.xyz
0.0.0.0 ditirs.xyz
0.0.0.0 rovist.xyz
0.0.0.0 romist.xyz
0.0.0.0 devirs.xyz
0.0.0.0 tojins.xyz
0.0.0.0 gapirs.xyz
0.0.0.0 ruzist.xyz
0.0.0.0 dezirs.xyz
0.0.0.0 girod.live
0.0.0.0 digirs.xyz
0.0.0.0 rudist.xyz
0.0.0.0 delirs.xyz
0.0.0.0 tonins.xyz
0.0.0.0 tofins.xyz
0.0.0.0 rupist.xyz
0.0.0.0 godirs.xyz
0.0.0.0 detirs.xyz
0.0.0.0 ruhist.xyz
0.0.0.0 gaxirs.xyz
0.0.0.0 decirs.xyz
0.0.0.0 gohirs.xyz
0.0.0.0 dilirs.xyz
0.0.0.0 rotist.xyz
0.0.0.0 gogirs.xyz
0.0.0.0 dewirs.xyz
0.0.0.0 dedirs.xyz
0.0.0.0 derirs.xyz
0.0.0.0 ruxist.xyz
0.0.0.0 defirs.xyz
0.0.0.0 dejirs.xyz
0.0.0.0 depirs.xyz
0.0.0.0 gired.live
0.0.0.0 tozins.xyz
0.0.0.0 tesins.xyz
0.0.0.0 difirs.xyz
0.0.0.0 gofirs.xyz
0.0.0.0 gakirs.xyz
0.0.0.0 dehirs.xyz
0.0.0.0 dihirs.xyz
0.0.0.0 rolist.xyz
0.0.0.0 rukist.xyz
0.0.0.0 dekirs.xyz
0.0.0.0 tovins.xyz
0.0.0.0 todins.xyz
0.0.0.0 torins.xyz
0.0.0.0 runist.xyz
0.0.0.0 ruvist.xyz
0.0.0.0 dixirs.xyz
0.0.0.0 divirs.xyz
0.0.0.0 rutist.xyz
0.0.0.0 desirs.xyz
0.0.0.0 dibirs.xyz
0.0.0.0 gomirs.xyz
0.0.0.0 gocirs.xyz
0.0.0.0 gojirs.xyz
0.0.0.0 dinirs.xyz
0.0.0.0 dimirs.xyz
0.0.0.0 regins.xyz
0.0.0.0 rebins.xyz
0.0.0.0 ruwist.xyz
0.0.0.0 debirs.xyz
0.0.0.0 totins.xyz
0.0.0.0 topins.xyz
0.0.0.0 tosins.xyz
0.0.0.0 rorist.xyz
0.0.0.0 rufist.xyz
0.0.0.0 rulist.xyz
0.0.0.0 tomins.xyz
0.0.0.0 tokins.xyz
0.0.0.0 tolins.xyz
0.0.0.0 tobins.xyz
0.0.0.0 ronist.xyz
0.0.0.0 tohins.xyz
0.0.0.0 ralist.xyz
0.0.0.0 tocins.xyz
0.0.0.0 tezins.xyz
0.0.0.0 texins.xyz
0.0.0.0 medor.live
0.0.0.0 rubist.xyz
0.0.0.0 tetins.xyz
0.0.0.0 temins.xyz
0.0.0.0 mewor.live
0.0.0.0 nudges.live
0.0.0.0 mazey.live
0.0.0.0 tefins.xyz
0.0.0.0 tacins.xyz
0.0.0.0 tavins.xyz
0.0.0.0 tejins.xyz
0.0.0.0 magey.live
0.0.0.0 tabins.xyz
0.0.0.0 tekins.xyz
0.0.0.0 mafey.live
0.0.0.0 rawist.xyz
0.0.0.0 maxey.live
0.0.0.0 tamins.xyz
0.0.0.0 roxist.xyz
0.0.0.0 ragist.xyz
0.0.0.0 rofist.xyz
0.0.0.0 tebins.xyz
0.0.0.0 makey.live
0.0.0.0 tanins.xyz
0.0.0.0 masey.live
0.0.0.0 marey.live
0.0.0.0 mevir.live
0.0.0.0 rucist.xyz
0.0.0.0 ramist.xyz
0.0.0.0 mezor.live
0.0.0.0 tenins.xyz
0.0.0.0 girid.live
0.0.0.0 tadins.xyz
0.0.0.0 terins.xyz
0.0.0.0 tawins.xyz
0.0.0.0 nutges.live
0.0.0.0 rowist.xyz
0.0.0.0 taxins.xyz
0.0.0.0 tegins.xyz
0.0.0.0 rahist.xyz
0.0.0.0 talins.xyz
0.0.0.0 tepins.xyz
0.0.0.0 rozist.xyz
0.0.0.0 tafins.xyz
0.0.0.0 melir.live
0.0.0.0 metor.live
0.0.0.0 tazins.xyz
0.0.0.0 tecins.xyz
0.0.0.0 tehins.xyz
0.0.0.0 maley.live
0.0.0.0 mapey.live
0.0.0.0 rodist.xyz
0.0.0.0 tedins.xyz
0.0.0.0 mamey.live
0.0.0.0 tasins.xyz
0.0.0.0 rafist.xyz
0.0.0.0 mezir.live
0.0.0.0 mexir.live
0.0.0.0 macey.live
0.0.0.0 mabey.live
0.0.0.0 rokist.xyz
0.0.0.0 tatins.xyz
0.0.0.0 remins.xyz
0.0.0.0 ratist.xyz
0.0.0.0 takins.xyz
0.0.0.0 tajins.xyz
0.0.0.0 nusges.live
0.0.0.0 nurges.live
0.0.0.0 ranist.xyz
0.0.0.0 tahins.xyz
0.0.0.0 tagins.xyz
0.0.0.0 nulges.live
0.0.0.0 mawey.live
0.0.0.0 mavey.live
0.0.0.0 nufges.live
0.0.0.0 maney.live
0.0.0.0 rabist.xyz
0.0.0.0 madey.live
0.0.0.0 memor.live
0.0.0.0 mekir.live
0.0.0.0 melor.live
0.0.0.0 kedel.live
0.0.0.0 gipod.live
0.0.0.0 megir.live
0.0.0.0 megor.live
0.0.0.0 mevor.live
0.0.0.0 mebor.live
0.0.0.0 mehir.live
0.0.0.0 mejir.live
0.0.0.0 medir.live
0.0.0.0 mefir.live
0.0.0.0 mewir.live
0.0.0.0 merir.live
0.0.0.0 mecor.live
0.0.0.0 menir.live
0.0.0.0 mehor.live
0.0.0.0 dixans.live
0.0.0.0 dilans.live
0.0.0.0 depans.live
0.0.0.0 demans.live
0.0.0.0 dizans.live
0.0.0.0 dekans.live
0.0.0.0 dezons.live
0.0.0.0 dezans.live
0.0.0.0 depons.live
0.0.0.0 delans.live
0.0.0.0 dihans.live
0.0.0.0 difans.live
0.0.0.0 detans.live
0.0.0.0 dejons.live
0.0.0.0 dikans.live
0.0.0.0 desans.live
0.0.0.0 diwans.live
0.0.0.0 devons.live
0.0.0.0 dibans.live
0.0.0.0 dipans.live
0.0.0.0 dehans.live
0.0.0.0 dinans.live
0.0.0.0 delons.live
0.0.0.0 dedans.live
0.0.0.0 didans.live
0.0.0.0 debans.live
0.0.0.0 derons.live
0.0.0.0 denans.live
0.0.0.0 dejans.live
0.0.0.0 divans.live
0.0.0.0 detons.live
0.0.0.0 disans.live
0.0.0.0 dekons.live
0.0.0.0 dewans.live
0.0.0.0 denons.live
0.0.0.0 dehons.live
0.0.0.0 dicans.live
0.0.0.0 degons.live
0.0.0.0 derans.live
0.0.0.0 dijans.live
0.0.0.0 dirans.live
0.0.0.0 ditans.live
0.0.0.0 desons.live
0.0.0.0 digans.live
0.0.0.0 mecir.live
0.0.0.0 dexons.live
0.0.0.0 dexans.live
0.0.0.0 devans.live
0.0.0.0 dewons.live
0.0.0.0 degans.live
0.0.0.0 defons.live
0.0.0.0 defans.live
0.0.0.0 dedons.live
0.0.0.0 decons.live
0.0.0.0 debons.live
0.0.0.0 decans.live
0.0.0.0 dakent.live
0.0.0.0 daxent.live
0.0.0.0 dapent.live
0.0.0.0 copux.live
0.0.0.0 boxis.live
0.0.0.0 coxix.live
0.0.0.0 cining.live
0.0.0.0 civens.live
0.0.0.0 cizens.live
0.0.0.0 bolis.live
0.0.0.0 bojis.live
0.0.0.0 cepans.live
0.0.0.0 cetans.live
0.0.0.0 botin.live
0.0.0.0 cagax.live
0.0.0.0 cicing.live
0.0.0.0 celans.live
0.0.0.0 cojux.live
0.0.0.0 cimens.live
0.0.0.0 cawex.live
0.0.0.0 copix.live
0.0.0.0 cowux.live
0.0.0.0 civing.live
0.0.0.0 citins.live
0.0.0.0 cefans.live
0.0.0.0 cogix.live
0.0.0.0 bosis.live
0.0.0.0 cohux.live
0.0.0.0 conix.live
0.0.0.0 cebans.live
0.0.0.0 cihins.live
0.0.0.0 cihens.live
0.0.0.0 cofux.live
0.0.0.0 cotux.live
0.0.0.0 datent.live
0.0.0.0 cekans.live
0.0.0.0 cazex.live
0.0.0.0 cozix.live
0.0.0.0 bokin.live
0.0.0.0 bowin.live
0.0.0.0 cikens.live
0.0.0.0 citeng.live
0.0.0.0 cowix.live
0.0.0.0 cokux.live
0.0.0.0 cakax.live
0.0.0.0 corux.live
0.0.0.0 bovin.live
0.0.0.0 bohis.live
0.0.0.0 cadax.live
0.0.0.0 cojix.live
0.0.0.0 cosux.live
0.0.0.0 cicens.live
0.0.0.0 cosix.live
0.0.0.0 cifens.live
0.0.0.0 botis.live
0.0.0.0 cobix.live
0.0.0.0 cibing.live
0.0.0.0 dahent.live
0.0.0.0 cazax.live
0.0.0.0 corix.live
0.0.0.0 cejans.live
0.0.0.0 cotix.live
0.0.0.0 borin.live
0.0.0.0 boxin.live
0.0.0.0 cidins.live
0.0.0.0 cipins.live
0.0.0.0 bolin.live
0.0.0.0 codux.live
0.0.0.0 cigens.live
0.0.0.0 cedans.live
0.0.0.0 ciweng.live
0.0.0.0 cixing.live
0.0.0.0 caxex.live
0.0.0.0 dadent.live
0.0.0.0 cafex.live
0.0.0.0 codix.live
0.0.0.0 colix.live
0.0.0.0 cokix.live
0.0.0.0 cogux.live
0.0.0.0 cohix.live
0.0.0.0 ciling.live
0.0.0.0 cinens.live
0.0.0.0 caxax.live
0.0.0.0 cavex.live
0.0.0.0 cawax.live
0.0.0.0 cavax.live
0.0.0.0 catex.live
0.0.0.0 covix.live
0.0.0.0 dacent.live
0.0.0.0 cehans.live
0.0.0.0 cabex.live
0.0.0.0 cezans.live
0.0.0.0 cecans.live
0.0.0.0 cerans.live
0.0.0.0 bopin.live
0.0.0.0 cevans.live
0.0.0.0 bowis.live
0.0.0.0 bocis.live
0.0.0.0 dawent.live
0.0.0.0 cibens.live
0.0.0.0 bogin.live
0.0.0.0 bokis.live
0.0.0.0 bofis.live
0.0.0.0 cilens.live
0.0.0.0 cireng.live
0.0.0.0 cirins.live
0.0.0.0 ciking.live
0.0.0.0 dasent.live
0.0.0.0 cajex.live
0.0.0.0 cexans.live
0.0.0.0 bozis.live
0.0.0.0 cegans.live
0.0.0.0 cizing.live
0.0.0.0 cisins.live
0.0.0.0 dajent.live
0.0.0.0 geront.live
0.0.0.0 gewont.live
0.0.0.0 givont.live
0.0.0.0 gizont.live
0.0.0.0 wicter.live
0.0.0.0 wedger.live
0.0.0.0 tuskel.live
0.0.0.0 tuskes.live
0.0.0.0 gijont.live
0.0.0.0 garot.live
0.0.0.0 tuskep.live
0.0.0.0 tuskeg.live
0.0.0.0 gikont.live
0.0.0.0 gorint.live
0.0.0.0 gibont.live
0.0.0.0 gowint.live
0.0.0.0 gitont.live
0.0.0.0 gigont.live
0.0.0.0 gicont.live
0.0.0.0 cewans.live
0.0.0.0 gihont.live
0.0.0.0 gesont.live
0.0.0.0 cijins.live
0.0.0.0 jedger.live
0.0.0.0 gilont.live
0.0.0.0 gexont.live
0.0.0.0 gifont.live
0.0.0.0 gedont.live
0.0.0.0 tusked.live
0.0.0.0 gisont.live
0.0.0.0 gipont.live
0.0.0.0 bogis.live
0.0.0.0 camax.live
0.0.0.0 casex.live
0.0.0.0 tusket.live
0.0.0.0 ciseng.live
0.0.0.0 cijens.live
0.0.0.0 bovis.live
0.0.0.0 dafent.live
0.0.0.0 bohin.live
0.0.0.0 dazent.live
0.0.0.0 ciwins.live
0.0.0.0 bofin.live
0.0.0.0 bodis.live
0.0.0.0 ciming.live
0.0.0.0 cenans.live
0.0.0.0 dalent.live
0.0.0.0 canax.live
0.0.0.0 bobin.live
0.0.0.0 bozin.live
0.0.0.0 bocin.live
0.0.0.0 calax.live
0.0.0.0 davent.live
0.0.0.0 casax.live
0.0.0.0 cipeng.live
0.0.0.0 capax.live
0.0.0.0 bopis.live
0.0.0.0 carax.live
0.0.0.0 cifins.live
0.0.0.0 bosin.live
0.0.0.0 cesans.live
0.0.0.0 cixens.live
0.0.0.0 cemans.live
0.0.0.0 cigins.live
0.0.0.0 cidens.live
0.0.0.0 cahax.live
0.0.0.0 cajax.live
0.0.0.0 cahex.live
0.0.0.0 cagex.live
0.0.0.0 cafax.live
0.0.0.0 cacax.live
0.0.0.0 cacex.live
0.0.0.0 cabax.live
0.0.0.0 tuskef.live
0.0.0.0 tuskeh.live
0.0.0.0 hedger.live
0.0.0.0 regems.live
0.0.0.0 gotint.live
0.0.0.0 ginont.live
0.0.0.0 gimont.live
0.0.0.0 darent.live
0.0.0.0 dabent.live
0.0.0.0 danent.live
0.0.0.0 dament.live
0.0.0.0 dagent.live
0.0.0.0 giwont.live
0.0.0.0 giront.live
0.0.0.0 tadin.live
0.0.0.0 sralk.live
0.0.0.0 slalk.live
0.0.0.0 smalk.live
0.0.0.0 tabon.live
0.0.0.0 gawont.live
0.0.0.0 gehont.live
0.0.0.0 gatot.live
0.0.0.0 gebont.live
0.0.0.0 getont.live
0.0.0.0 skalk.live
0.0.0.0 gapot.live
0.0.0.0 gecont.live
0.0.0.0 gepont.live
0.0.0.0 gevont.live
0.0.0.0 taton.live
0.0.0.0 gejont.live
0.0.0.0 tahin.live
0.0.0.0 gasont.live
0.0.0.0 sjalk.live
0.0.0.0 tacin.live
0.0.0.0 tagin.live
0.0.0.0 tazin.live
0.0.0.0 gafot.live
0.0.0.0 gadot.live
0.0.0.0 gasot.live
0.0.0.0 gawot.live
0.0.0.0 genont.live
0.0.0.0 gixont.live
0.0.0.0 gidont.live
0.0.0.0 gemont.live
0.0.0.0 gelont.live
0.0.0.0 gekont.live
0.0.0.0 gezont.live
0.0.0.0 gegont.live
0.0.0.0 gefont.live
0.0.0.0 tazon.live
0.0.0.0 tacon.live
0.0.0.0 gagot.live
0.0.0.0 gamont.live
0.0.0.0 gagont.live
0.0.0.0 droppa.live
0.0.0.0 dobbla.live
0.0.0.0 takon.live
0.0.0.0 takin.live
0.0.0.0 taxon.live
0.0.0.0 tabin.live
0.0.0.0 tajin.live
0.0.0.0 tajon.live
0.0.0.0 tahon.live
0.0.0.0 taxin.live
0.0.0.0 tafon.live
0.0.0.0 tafin.live
0.0.0.0 tadon.live
0.0.0.0 dewit.live
0.0.0.0 tawon.live
0.0.0.0 tawin.live
0.0.0.0 tavon.live
0.0.0.0 tavin.live
0.0.0.0 sozing.live
0.0.0.0 soweng.live
0.0.0.0 somong.live
0.0.0.0 soxing.live
0.0.0.0 soteng.live
0.0.0.0 soring.live
0.0.0.0 soning.live
0.0.0.0 soling.live
0.0.0.0 someng.live
0.0.0.0 soxong.live
0.0.0.0 sowing.live
0.0.0.0 sozong.live
0.0.0.0 sopeng.live
0.0.0.0 sokeng.live
0.0.0.0 soming.live
0.0.0.0 sozeng.live
0.0.0.0 soxeng.live
0.0.0.0 tatin.live
0.0.0.0 sovong.live
0.0.0.0 tarin.live
0.0.0.0 soveng.live
0.0.0.0 sojong.live
0.0.0.0 sonong.live
0.0.0.0 sogong.live
0.0.0.0 soleng.live
0.0.0.0 soreng.live
0.0.0.0 sowong.live
0.0.0.0 taron.live
0.0.0.0 tamon.live
0.0.0.0 tasin.live
0.0.0.0 soving.live
0.0.0.0 soting.live
0.0.0.0 tapon.live
0.0.0.0 tason.live
0.0.0.0 soging.live
0.0.0.0 tanon.live
0.0.0.0 talin.live
0.0.0.0 tamin.live
0.0.0.0 soking.live
0.0.0.0 sojing.live
0.0.0.0 sojeng.live
0.0.0.0 sotong.live
0.0.0.0 sohong.live
0.0.0.0 sohing.live
0.0.0.0 soheng.live
0.0.0.0 sofing.live
0.0.0.0 sofeng.live
0.0.0.0 sopong.live
0.0.0.0 soping.live
0.0.0.0 sodong.live
0.0.0.0 soding.live
0.0.0.0 gikid.live
0.0.0.0 giwod.live
0.0.0.0 gijod.live
0.0.0.0 sidid.live
0.0.0.0 sidod.live
0.0.0.0 giled.live
0.0.0.0 gined.live
0.0.0.0 sicid.live
0.0.0.0 giked.live
0.0.0.0 ginod.live
0.0.0.0 gilid.live
0.0.0.0 sigod.live
0.0.0.0 giwid.live
0.0.0.0 sibod.live
0.0.0.0 gixid.live
0.0.0.0 giped.live
0.0.0.0 gijed.live
0.0.0.0 sifod.live
0.0.0.0 ginid.live
0.0.0.0 gikod.live
0.0.0.0 gilod.live
0.0.0.0 gixod.live
0.0.0.0 gijid.live
0.0.0.0 sibed.live
0.0.0.0 sogeng.live
0.0.0.0 sobeng.live
0.0.0.0 gized.live
0.0.0.0 gixed.live
0.0.0.0 sobong.live
0.0.0.0 soceng.live
0.0.0.0 sided.live
0.0.0.0 gizod.live
0.0.0.0 sodeng.live
0.0.0.0 soneng.live
0.0.0.0 socong.live
0.0.0.0 socing.live
0.0.0.0 sobing.live
0.0.0.0 gizid.live
0.0.0.0 giwed.live
0.0.0.0 sigid.live
0.0.0.0 givod.live
0.0.0.0 givid.live
0.0.0.0 gived.live
0.0.0.0 gitod.live
0.0.0.0 siged.live
0.0.0.0 gitid.live
0.0.0.0 gited.live
0.0.0.0 gisod.live
0.0.0.0 sipid.live
0.0.0.0 sipod.live
0.0.0.0 sifid.live
0.0.0.0 sinod.live
0.0.0.0 siped.live
0.0.0.0 sinid.live
0.0.0.0 sined.live
0.0.0.0 fehons.live
0.0.0.0 grimy.live
0.0.0.0 luxan.live
0.0.0.0 moken.live
0.0.0.0 stohal.live
0.0.0.0 pibers.live
0.0.0.0 simod.live
0.0.0.0 saris.live
0.0.0.0 sawes.live
0.0.0.0 sahus.live
0.0.0.0 sapis.live
0.0.0.0 sagis.live
0.0.0.0 sares.live
0.0.0.0 sames.live
0.0.0.0 sates.live
0.0.0.0 sanus.live
0.0.0.0 safis.live
0.0.0.0 sades.live
0.0.0.0 sanis.live
0.0.0.0 saxus.live
0.0.0.0 sahes.live
0.0.0.0 sases.live
0.0.0.0 safes.live
0.0.0.0 sacus.live
0.0.0.0 sadus.live
0.0.0.0 savus.live
0.0.0.0 samus.live
0.0.0.0 sazis.live
0.0.0.0 savis.live
0.0.0.0 sahis.live
0.0.0.0 sasis.live
0.0.0.0 saves.live
0.0.0.0 sacis.live
0.0.0.0 sapus.live
0.0.0.0 sasus.live
0.0.0.0 sajes.live
0.0.0.0 sajis.live
0.0.0.0 sanes.live
0.0.0.0 sadis.live
0.0.0.0 saxis.live
0.0.0.0 saxes.live
0.0.0.0 samis.live
0.0.0.0 sagus.live
0.0.0.0 sawus.live
0.0.0.0 safus.live
0.0.0.0 sabus.live
0.0.0.0 sapes.live
0.0.0.0 sazes.live
0.0.0.0 salis.live
0.0.0.0 simid.live
0.0.0.0 silid.live
0.0.0.0 saces.live
0.0.0.0 siced.live
0.0.0.0 sijod.live
0.0.0.0 sihed.live
0.0.0.0 sakus.live
0.0.0.0 sikid.live
0.0.0.0 sijed.live
0.0.0.0 sihid.live
0.0.0.0 siked.live
0.0.0.0 sicod.live
0.0.0.0 sijid.live
0.0.0.0 simed.live
0.0.0.0 sihod.live
0.0.0.0 silod.live
0.0.0.0 afeta.live
0.0.0.0 sikod.live
0.0.0.0 siled.live
0.0.0.0 sabis.live
0.0.0.0 sakis.live
0.0.0.0 sibid.live
0.0.0.0 nised.live
0.0.0.0 sabes.live
0.0.0.0 pekog.live
0.0.0.0 gaxeh.live
0.0.0.0 gateh.live
0.0.0.0 sawis.live
0.0.0.0 renak.live
0.0.0.0 perog.live
0.0.0.0 tolfe.live
0.0.0.0 tolki.live
0.0.0.0 tolve.live
0.0.0.0 tolmi.live
0.0.0.0 tolne.live
0.0.0.0 tolze.live
0.0.0.0 tolbe.live
0.0.0.0 tolhi.live
0.0.0.0 tolji.live
0.0.0.0 tolsi.live
0.0.0.0 tolpe.live
0.0.0.0 tolti.live
0.0.0.0 tolri.live
0.0.0.0 tolte.live
0.0.0.0 tolwi.live
0.0.0.0 tolvi.live
0.0.0.0 tolde.live
0.0.0.0 tolse.live
0.0.0.0 tolzi.live
0.0.0.0 tolpi.live
0.0.0.0 tolni.live
0.0.0.0 tolke.live
0.0.0.0 tolme.live
0.0.0.0 tolre.live
0.0.0.0 tolje.live
0.0.0.0 tolhe.live
0.0.0.0 tolwe.live
0.0.0.0 tolgi.live
0.0.0.0 sazus.live
0.0.0.0 tolge.live
0.0.0.0 tolce.live
0.0.0.0 tolfi.live
0.0.0.0 toldi.live
0.0.0.0 tolci.live
0.0.0.0 sajus.live
0.0.0.0 tolbi.live
0.0.0.0 rekak.live
0.0.0.0 relak.live
0.0.0.0 rehak.live
0.0.0.0 rewag.live
0.0.0.0 renag.live
0.0.0.0 rerad.live
0.0.0.0 rerak.live
0.0.0.0 retak.live
0.0.0.0 resak.live
0.0.0.0 remad.live
0.0.0.0 rewad.live
0.0.0.0 repag.live
0.0.0.0 resad.live
0.0.0.0 rebak.live
0.0.0.0 rekag.live
0.0.0.0 revag.live
0.0.0.0 relag.live
0.0.0.0 repad.live
0.0.0.0 redak.live
0.0.0.0 rerag.live
0.0.0.0 rehad.live
0.0.0.0 redad.live
0.0.0.0 regak.live
0.0.0.0 rekad.live
0.0.0.0 relad.live
0.0.0.0 rebad.live
0.0.0.0 repak.live
0.0.0.0 retag.live
0.0.0.0 resag.live
0.0.0.0 revak.live
0.0.0.0 rejak.live
0.0.0.0 rejag.live
0.0.0.0 renad.live
0.0.0.0 rejad.live
0.0.0.0 pekot.live
0.0.0.0 revad.live
0.0.0.0 gareh.live
0.0.0.0 petog.live
0.0.0.0 pemot.live
0.0.0.0 pevog.live
0.0.0.0 pehot.live
0.0.0.0 gawet.live
0.0.0.0 pelog.live
0.0.0.0 pedot.live
0.0.0.0 pepog.live
0.0.0.0 penog.live
0.0.0.0 galeh.live
0.0.0.0 gaset.live
0.0.0.0 pelot.live
0.0.0.0 gaket.live
0.0.0.0 petot.live
0.0.0.0 pepot.live
0.0.0.0 pezot.live
0.0.0.0 pedog.live
0.0.0.0 pexog.live
0.0.0.0 regag.live
0.0.0.0 rehag.live
0.0.0.0 regad.live
0.0.0.0 pegog.live
0.0.0.0 gazet.live
0.0.0.0 pegot.live
0.0.0.0 refak.live
0.0.0.0 refag.live
0.0.0.0 astel.live
0.0.0.0 refad.live
0.0.0.0 recak.live
0.0.0.0 recag.live
0.0.0.0 pefog.live
0.0.0.0 pefot.live
0.0.0.0 gazeh.live
0.0.0.0 recad.live
0.0.0.0 gaxet.live
0.0.0.0 polik.live
0.0.0.0 pohik.live
0.0.0.0 powik.live
0.0.0.0 pofim.live
0.0.0.0 pomim.live
0.0.0.0 pofik.live
0.0.0.0 pogim.live
0.0.0.0 poxik.live
0.0.0.0 porir.live
0.0.0.0 posik.live
0.0.0.0 pocik.live
0.0.0.0 pomik.live
0.0.0.0 pogir.live
0.0.0.0 powir.live
0.0.0.0 podik.live
0.0.0.0 popim.live
0.0.0.0 ponir.live
0.0.0.0 pobir.live
0.0.0.0 posir.live
0.0.0.0 poxir.live
0.0.0.0 povim.live
0.0.0.0 poxim.live
0.0.0.0 ponik.live
0.0.0.0 pobim.live
0.0.0.0 potim.live
0.0.0.0 pojik.live
0.0.0.0 powim.live
0.0.0.0 pozir.live
0.0.0.0 pohir.live
0.0.0.0 povik.live
0.0.0.0 podir.live
0.0.0.0 posim.live
0.0.0.0 popir.live
0.0.0.0 pozim.live
0.0.0.0 popik.live
0.0.0.0 ponim.live
0.0.0.0 potir.live
0.0.0.0 pozik.live
0.0.0.0 porim.live
0.0.0.0 porik.live
0.0.0.0 polim.live
0.0.0.0 pohim.live
0.0.0.0 gaweh.live
0.0.0.0 pomir.live
0.0.0.0 pogik.live
0.0.0.0 pofir.live
0.0.0.0 gavet.live
0.0.0.0 pecot.live
0.0.0.0 polir.live
0.0.0.0 gaveh.live
0.0.0.0 podim.live
0.0.0.0 pocir.live
0.0.0.0 pocim.live
0.0.0.0 pokir.live
0.0.0.0 pecog.live
0.0.0.0 pebot.live
0.0.0.0 pojim.live
0.0.0.0 pehog.live
0.0.0.0 gatet.live
0.0.0.0 pebog.live
0.0.0.0 gaseh.live
0.0.0.0 pokim.live
0.0.0.0 pokik.live
0.0.0.0 pobik.live
0.0.0.0 pojir.live
0.0.0.0 pezog.live
0.0.0.0 pexot.live
0.0.0.0 pewot.live
0.0.0.0 pewog.live
0.0.0.0 pevot.live
0.0.0.0 becog.live
0.0.0.0 pesot.live
0.0.0.0 pejog.live
0.0.0.0 gapet.live
0.0.0.0 penot.live
0.0.0.0 pesog.live
0.0.0.0 gapeh.live
0.0.0.0 pejot.live
0.0.0.0 ganet.live
0.0.0.0 pemog.live
0.0.0.0 ganeh.live
0.0.0.0 dahig.live
0.0.0.0 gameh.live
0.0.0.0 galet.live
0.0.0.0 gakeh.live
0.0.0.0 gajeh.live
0.0.0.0 gahet.live
0.0.0.0 gafeh.live
0.0.0.0 dazig.live
0.0.0.0 dabig.live
0.0.0.0 gaget.live
0.0.0.0 gageh.live
0.0.0.0 gadeh.live
0.0.0.0 mowist.live
0.0.0.0 gaceh.live
0.0.0.0 gadet.live
0.0.0.0 gaheh.live
0.0.0.0 gafet.live
0.0.0.0 gacet.live
0.0.0.0 dabin.live
0.0.0.0 gabeh.live
0.0.0.0 grotus.live
0.0.0.0 dadin.live
0.0.0.0 dasig.live
0.0.0.0 nejirs.live
0.0.0.0 dajig.live
0.0.0.0 nenirs.live
0.0.0.0 momist.live
0.0.0.0 mokist.live
0.0.0.0 nesirs.live
0.0.0.0 dasin.live
0.0.0.0 mopist.live
0.0.0.0 movist.live
0.0.0.0 molest.live
0.0.0.0 moxist.live
0.0.0.0 netis.live
0.0.0.0 danig.live
0.0.0.0 momest.live
0.0.0.0 dadig.live
0.0.0.0 motest.live
0.0.0.0 nesis.live
0.0.0.0 dapig.live
0.0.0.0 mowest.live
0.0.0.0 nedis.live
0.0.0.0 molist.live
0.0.0.0 davig.live
0.0.0.0 damig.live
0.0.0.0 dahin.live
0.0.0.0 nekis.live
0.0.0.0 motist.live
0.0.0.0 morist.live
0.0.0.0 danin.live
0.0.0.0 dalig.live
0.0.0.0 daxin.live
0.0.0.0 nelirs.live
0.0.0.0 nepirs.live
0.0.0.0 mopest.live
0.0.0.0 dagig.live
0.0.0.0 mokest.live
0.0.0.0 nebis.live
0.0.0.0 monest.live
0.0.0.0 dazin.live
0.0.0.0 dawin.live
0.0.0.0 dafin.live
0.0.0.0 monist.live
0.0.0.0 dakig.live
0.0.0.0 daxig.live
0.0.0.0 morest.live
0.0.0.0 movest.live
0.0.0.0 nemirs.live
0.0.0.0 netirs.live
0.0.0.0 nejis.live
0.0.0.0 mozest.live
0.0.0.0 dagin.live
0.0.0.0 dafig.live
0.0.0.0 dacin.live
0.0.0.0 datig.live
0.0.0.0 mosist.live
0.0.0.0 negirs.live
0.0.0.0 dapin.live
0.0.0.0 moxest.live
0.0.0.0 nehis.live
0.0.0.0 nemis.live
0.0.0.0 mosest.live
0.0.0.0 negis.live
0.0.0.0 nekirs.live
0.0.0.0 nerirs.live
0.0.0.0 nenis.live
0.0.0.0 darig.live
0.0.0.0 nehirs.live
0.0.0.0 necis.live
0.0.0.0 nedirs.live
0.0.0.0 nefirs.live
0.0.0.0 nefis.live
0.0.0.0 mozist.live
0.0.0.0 necirs.live
0.0.0.0 nebirs.live
0.0.0.0 kodit.live
0.0.0.0 kosit.live
0.0.0.0 kolet.live
0.0.0.0 kopet.live
0.0.0.0 kofet.live
0.0.0.0 kolit.live
0.0.0.0 koret.live
0.0.0.0 kocet.live
0.0.0.0 kodet.live
0.0.0.0 konet.live
0.0.0.0 kovet.live
0.0.0.0 kotit.live
0.0.0.0 kofit.live
0.0.0.0 kokit.live
0.0.0.0 komet.live
0.0.0.0 koket.live
0.0.0.0 kovit.live
0.0.0.0 kobit.live
0.0.0.0 koget.live
0.0.0.0 korit.live
0.0.0.0 kojet.live
0.0.0.0 kotet.live
0.0.0.0 kohit.live
0.0.0.0 kowet.live
0.0.0.0 koset.live
0.0.0.0 kopit.live
0.0.0.0 kogit.live
0.0.0.0 kohet.live
0.0.0.0 konit.live
0.0.0.0 kowit.live
0.0.0.0 kojit.live
0.0.0.0 kocit.live
0.0.0.0 bovid.live
0.0.0.0 bocid.live
0.0.0.0 bojid.live
0.0.0.0 bopid.live
0.0.0.0 bokid.live
0.0.0.0 bonid.live
0.0.0.0 bosid.live
0.0.0.0 bohid.live
0.0.0.0 boxid.live
0.0.0.0 bowid.live
0.0.0.0 bofid.live
0.0.0.0 bodid.live
0.0.0.0 borid.live
0.0.0.0 bozid.live
0.0.0.0 bogid.live
0.0.0.0 bobid.live
0.0.0.0 sojid.live
0.0.0.0 socid.live
0.0.0.0 rofid.live
0.0.0.0 sobid.live
0.0.0.0 sofid.live
0.0.0.0 sohed.live
0.0.0.0 sopid.live
0.0.0.0 sobed.live
0.0.0.0 soded.live
0.0.0.0 rozed.live
0.0.0.0 roved.live
0.0.0.0 soced.live
0.0.0.0 rotid.live
0.0.0.0 rolid.live
0.0.0.0 sonid.live
0.0.0.0 sofed.live
0.0.0.0 sogid.live
0.0.0.0 roxed.live
0.0.0.0 ronid.live
0.0.0.0 sojed.live
0.0.0.0 soled.live
0.0.0.0 rozid.live
0.0.0.0 sohid.live
0.0.0.0 rowid.live
0.0.0.0 sosid.live
0.0.0.0 ropid.live
0.0.0.0 rosed.live
0.0.0.0 rojed.live
0.0.0.0 sokid.live
0.0.0.0 soked.live
0.0.0.0 sosed.live
0.0.0.0 rowed.live
0.0.0.0 somed.live
0.0.0.0 soped.live
0.0.0.0 roxid.live
0.0.0.0 rovid.live
0.0.0.0 roled.live
0.0.0.0 roped.live
0.0.0.0 roted.live
0.0.0.0 roked.live
0.0.0.0 rosid.live
0.0.0.0 rorid.live
0.0.0.0 rodid.live
0.0.0.0 roged.live
0.0.0.0 sodid.live
0.0.0.0 rohid.live
0.0.0.0 rored.live
0.0.0.0 roded.live
0.0.0.0 rofed.live
0.0.0.0 robid.live
0.0.0.0 bolid.live
0.0.0.0 rohed.live
0.0.0.0 rogid.live
0.0.0.0 rocid.live
0.0.0.0 roced.live
0.0.0.0 soged.live
0.0.0.0 soned.live
0.0.0.0 roned.live
0.0.0.0 robed.live
0.0.0.0 tijens.live
0.0.0.0 tisens.live
0.0.0.0 tikers.live
0.0.0.0 tigens.live
0.0.0.0 tilens.live
0.0.0.0 tijers.live
0.0.0.0 tiwens.live
0.0.0.0 timens.live
0.0.0.0 ticens.live
0.0.0.0 tipens.live
0.0.0.0 tifens.live
0.0.0.0 tirers.live
0.0.0.0 tihens.live
0.0.0.0 tivers.live
0.0.0.0 tibers.live
0.0.0.0 tiwers.live
0.0.0.0 tizens.live
0.0.0.0 tiners.live
0.0.0.0 tifers.live
0.0.0.0 tipers.live
0.0.0.0 tidens.live
0.0.0.0 tivens.live
0.0.0.0 tixers.live
0.0.0.0 tizers.live
0.0.0.0 tinens.live
0.0.0.0 titers.live
0.0.0.0 tirens.live
0.0.0.0 tisers.live
0.0.0.0 tixens.live
0.0.0.0 titens.live
0.0.0.0 tilers.live
0.0.0.0 tikens.live
0.0.0.0 asmer.live
0.0.0.0 tihers.live
0.0.0.0 papons.live
0.0.0.0 padons.live
0.0.0.0 roxels.live
0.0.0.0 rohels.live
0.0.0.0 rogels.live
0.0.0.0 rozeks.live
0.0.0.0 pamons.live
0.0.0.0 kered.live
0.0.0.0 roreks.live
0.0.0.0 pawons.live
0.0.0.0 pagons.live
0.0.0.0 rodels.live
0.0.0.0 kewel.live
0.0.0.0 rofeks.live
0.0.0.0 kerel.live
0.0.0.0 rojels.live
0.0.0.0 keled.live
0.0.0.0 kemed.live
0.0.0.0 keped.live
0.0.0.0 kexel.live
0.0.0.0 paxons.live
0.0.0.0 kehel.live
0.0.0.0 kemel.live
0.0.0.0 panons.live
0.0.0.0 pacons.live
0.0.0.0 kefel.live
0.0.0.0 kezed.live
0.0.0.0 rodeks.live
0.0.0.0 ketel.live
0.0.0.0 kefed.live
0.0.0.0 rozels.live
0.0.0.0 ronels.live
0.0.0.0 kened.live
0.0.0.0 rocels.live
0.0.0.0 pajons.live
0.0.0.0 kesed.live
0.0.0.0 keved.live
0.0.0.0 roheks.live
0.0.0.0 kekel.live
0.0.0.0 pabons.live
0.0.0.0 keded.live
0.0.0.0 kesel.live
0.0.0.0 pavons.live
0.0.0.0 rorels.live
0.0.0.0 kexed.live
0.0.0.0 roxeks.live
0.0.0.0 kejed.live
0.0.0.0 roteks.live
0.0.0.0 robels.live
0.0.0.0 kenel.live
0.0.0.0 rowels.live
0.0.0.0 kebed.live
0.0.0.0 rotels.live
0.0.0.0 rogeks.live
0.0.0.0 keked.live
0.0.0.0 kecel.live
0.0.0.0 ropels.live
0.0.0.0 rovels.live
0.0.0.0 kelel.live
0.0.0.0 keted.live
0.0.0.0 rolels.live
0.0.0.0 roseks.live
0.0.0.0 roweks.live
0.0.0.0 rofels.live
0.0.0.0 roceks.live
0.0.0.0 keged.live
0.0.0.0 romels.live
0.0.0.0 kewed.live
0.0.0.0 kevel.live
0.0.0.0 kepel.live
0.0.0.0 roveks.live
0.0.0.0 ropeks.live
0.0.0.0 pahons.live
0.0.0.0 kejel.live
0.0.0.0 pafons.live
0.0.0.0 kehed.live
0.0.0.0 ticers.live
0.0.0.0 tibens.live
0.0.0.0 rosels.live
0.0.0.0 pihers.live
0.0.0.0 rokels.live
0.0.0.0 tiders.live
0.0.0.0 romeks.live
0.0.0.0 roneks.live
0.0.0.0 roleks.live
0.0.0.0 pipens.live
0.0.0.0 pazons.live
0.0.0.0 rojeks.live
0.0.0.0 rokeks.live
0.0.0.0 kezel.live
0.0.0.0 krafig.live
0.0.0.0 kratig.live
0.0.0.0 krahig.live
0.0.0.0 krarig.live
0.0.0.0 kravig.live
0.0.0.0 krajig.live
0.0.0.0 krasig.live
0.0.0.0 kralig.live
0.0.0.0 kranig.live
0.0.0.0 krakig.live
0.0.0.0 krapig.live
0.0.0.0 krawig.live
0.0.0.0 kraxig.live
0.0.0.0 krazig.live
0.0.0.0 kramig.live
0.0.0.0 kragig.live
0.0.0.0 kradig.live
0.0.0.0 kracig.live
0.0.0.0 parons.live
0.0.0.0 krabig.live
0.0.0.0 ganist.live
0.0.0.0 folit.live
0.0.0.0 kiset.online
0.0.0.0 krafit.live
0.0.0.0 krajis.live
0.0.0.0 krapis.live
0.0.0.0 krasit.live
0.0.0.0 kranir.live
0.0.0.0 krawit.live
0.0.0.0 kramir.live
0.0.0.0 krawis.live
0.0.0.0 krarir.live
0.0.0.0 kradir.live
0.0.0.0 kramis.live
0.0.0.0 kraxis.live
0.0.0.0 krafis.live
0.0.0.0 kralir.live
0.0.0.0 kracir.live
0.0.0.0 kratir.live
0.0.0.0 krahir.live
0.0.0.0 kragir.live
0.0.0.0 krakit.live
0.0.0.0 krakis.live
0.0.0.0 krapit.live
0.0.0.0 kradit.live
0.0.0.0 krasis.live
0.0.0.0 kratis.live
0.0.0.0 kraxit.live
0.0.0.0 krawir.live
0.0.0.0 krazit.live
0.0.0.0 krazis.live
0.0.0.0 kravir.live
0.0.0.0 kradis.live
0.0.0.0 krajir.live
0.0.0.0 kranis.live
0.0.0.0 krasir.live
0.0.0.0 krarit.live
0.0.0.0 kratit.live
0.0.0.0 krazir.live
0.0.0.0 krafir.live
0.0.0.0 kracit.live
0.0.0.0 kracis.live
0.0.0.0 krakir.live
0.0.0.0 kraris.live
0.0.0.0 krabir.live
0.0.0.0 kraxir.live
0.0.0.0 kragis.live
0.0.0.0 krabis.live
0.0.0.0 krapir.live
0.0.0.0 kralis.live
0.0.0.0 kragit.live
0.0.0.0 patert.live
0.0.0.0 pamest.live
0.0.0.0 pajest.live
0.0.0.0 pagest.live
0.0.0.0 pasert.live
0.0.0.0 pakert.live
0.0.0.0 pahest.live
0.0.0.0 pagert.live
0.0.0.0 paxert.live
0.0.0.0 pacert.live
0.0.0.0 pakest.live
0.0.0.0 pamert.live
0.0.0.0 pajert.live
0.0.0.0 panert.live
0.0.0.0 pazert.live
0.0.0.0 pafert.live
0.0.0.0 parest.live
0.0.0.0 pahert.live
0.0.0.0 pavest.live
0.0.0.0 palert.live
0.0.0.0 pawert.live
0.0.0.0 papest.live
0.0.0.0 parert.live
0.0.0.0 pawest.live
0.0.0.0 paxest.live
0.0.0.0 pabert.live
0.0.0.0 padest.live
0.0.0.0 padert.live
0.0.0.0 pasest.live
0.0.0.0 patest.live
0.0.0.0 pavert.live
0.0.0.0 papert.live
0.0.0.0 pafest.live
0.0.0.0 kralit.live
0.0.0.0 mepis.live
0.0.0.0 krahis.live
0.0.0.0 darok.live
0.0.0.0 pimers.live
0.0.0.0 pazest.live
0.0.0.0 panest.live
0.0.0.0 palest.live
0.0.0.0 kewex.live
0.0.0.0 kexlex.live
0.0.0.0 kerex.live
0.0.0.0 ketlex.live
0.0.0.0 kepex.live
0.0.0.0 kerlex.live
0.0.0.0 kewlex.live
0.0.0.0 kebex.live
0.0.0.0 keblex.live
0.0.0.0 keklex.live
0.0.0.0 kenlex.live
0.0.0.0 kehex.live
0.0.0.0 keglex.live
0.0.0.0 kenex.live
0.0.0.0 ketex.live
0.0.0.0 kemex.live
0.0.0.0 kelex.live
0.0.0.0 kezlex.live
0.0.0.0 kefex.live
0.0.0.0 kemlex.live
0.0.0.0 kejex.live
0.0.0.0 kedlex.live
0.0.0.0 kexex.live
0.0.0.0 kevex.live
0.0.0.0 kevlex.live
0.0.0.0 keslex.live
0.0.0.0 keclex.live
0.0.0.0 kezex.live
0.0.0.0 keplex.live
0.0.0.0 pacest.live
0.0.0.0 pabest.live
0.0.0.0 jakin.live
0.0.0.0 tawigs.live
0.0.0.0 hunir.live
0.0.0.0 hulir.live
0.0.0.0 humir.live
0.0.0.0 hutir.live
0.0.0.0 huvir.live
0.0.0.0 hucer.live
0.0.0.0 huger.live
0.0.0.0 huper.live
0.0.0.0 hugir.live
0.0.0.0 huder.live
0.0.0.0 husir.live
0.0.0.0 huzir.live
0.0.0.0 huxir.live
0.0.0.0 huxer.live
0.0.0.0 hukir.live
0.0.0.0 hurer.live
0.0.0.0 hufir.live
0.0.0.0 hubir.live
0.0.0.0 huwer.live
0.0.0.0 huser.live
0.0.0.0 hupir.live
0.0.0.0 huwir.live
0.0.0.0 hurir.live
0.0.0.0 huker.live
0.0.0.0 huver.live
0.0.0.0 huter.live
0.0.0.0 huzer.live
0.0.0.0 kecex.live
0.0.0.0 huler.live
0.0.0.0 hudir.live
0.0.0.0 hucir.live
0.0.0.0 pifers.live
0.0.0.0 keflex.live
0.0.0.0 pijers.live
0.0.0.0 kedex.live
0.0.0.0 hujer.live
0.0.0.0 harex.live
0.0.0.0 kehlex.live
0.0.0.0 huner.live
0.0.0.0 hufer.live
0.0.0.0 kekex.live
0.0.0.0 drinen.live
0.0.0.0 kejlex.live
0.0.0.0 kegex.live
0.0.0.0 pewins.live
0.0.0.0 hujir.live
0.0.0.0 huhir.live
0.0.0.0 kozirs.live
0.0.0.0 kopiks.live
0.0.0.0 kohirs.live
0.0.0.0 kotiks.live
0.0.0.0 koliks.live
0.0.0.0 kowiks.live
0.0.0.0 kobirs.live
0.0.0.0 koriks.live
0.0.0.0 koxiks.live
0.0.0.0 kofiks.live
0.0.0.0 kotirs.live
0.0.0.0 kociks.live
0.0.0.0 kovirs.live
0.0.0.0 kosiks.live
0.0.0.0 kohiks.live
0.0.0.0 kowirs.live
0.0.0.0 korirs.live
0.0.0.0 kofirs.live
0.0.0.0 komirs.live
0.0.0.0 kosirs.live
0.0.0.0 konirs.live
0.0.0.0 kolirs.live
0.0.0.0 koziks.live
0.0.0.0 koxirs.live
0.0.0.0 koviks.live
0.0.0.0 kojirs.live
0.0.0.0 kokiks.live
0.0.0.0 kopirs.live
0.0.0.0 koniks.live
0.0.0.0 kogiks.live
0.0.0.0 kocirs.live
0.0.0.0 huher.live
0.0.0.0 driwer.live
0.0.0.0 molirs.live
0.0.0.0 pihens.live
0.0.0.0 kojiks.live
0.0.0.0 driber.live
0.0.0.0 driken.live
0.0.0.0 drigen.live
0.0.0.0 drizen.live
0.0.0.0 drixer.live
0.0.0.0 driler.live
0.0.0.0 drixen.live
0.0.0.0 driper.live
0.0.0.0 drisen.live
0.0.0.0 drifer.live
0.0.0.0 driger.live
0.0.0.0 dripen.live
0.0.0.0 driher.live
0.0.0.0 dricer.live
0.0.0.0 drihen.live
0.0.0.0 drider.live
0.0.0.0 driben.live
0.0.0.0 drimen.live
0.0.0.0 driden.live
0.0.0.0 drifen.live
0.0.0.0 driker.live
0.0.0.0 drimer.live
0.0.0.0 driner.live
0.0.0.0 drijer.live
0.0.0.0 driwen.live
0.0.0.0 drilen.live
0.0.0.0 drijen.live
0.0.0.0 drizer.live
0.0.0.0 driter.live
0.0.0.0 driren.live
0.0.0.0 driten.live
0.0.0.0 kokirs.live
0.0.0.0 kogirs.live
0.0.0.0 kodirs.live
0.0.0.0 pigers.live
0.0.0.0 kodiks.live
0.0.0.0 driser.live
0.0.0.0 kobiks.live
0.0.0.0 dricen.live
0.0.0.0 gifems.live
0.0.0.0 kewosi.live
0.0.0.0 intes.live
0.0.0.0 sejaks.live
0.0.0.0 pigens.live
0.0.0.0 stolal.live
0.0.0.0 antis.live
0.0.0.0 tavips.live
0.0.0.0 foxin.live
0.0.0.0 cerom.live
0.0.0.0 pikers.live
0.0.0.0 hasix.live
0.0.0.0 hamex.live
0.0.0.0 pilens.live
0.0.0.0 stofal.live
0.0.0.0 hapix.live
0.0.0.0 gusuf.online
0.0.0.0 hewet.live
0.0.0.0 kalip.live
0.0.0.0 floci.live
0.0.0.0 futil.live
0.0.0.0 agur.live
0.0.0.0 dohin.live
0.0.0.0 dogin.live
0.0.0.0 donin.live
0.0.0.0 dorin.live
0.0.0.0 dojen.live
0.0.0.0 doten.live
0.0.0.0 dosen.live
0.0.0.0 dopen.live
0.0.0.0 domen.live
0.0.0.0 dokin.live
0.0.0.0 doken.live
0.0.0.0 dodin.live
0.0.0.0 donen.live
0.0.0.0 doben.live
0.0.0.0 doden.live
0.0.0.0 dowin.live
0.0.0.0 doxin.live
0.0.0.0 dowen.live
0.0.0.0 dohen.live
0.0.0.0 dopin.live
0.0.0.0 dozin.live
0.0.0.0 doxen.live
0.0.0.0 dofen.live
0.0.0.0 dojin.live
0.0.0.0 docen.live
0.0.0.0 doren.live
0.0.0.0 pifens.live
0.0.0.0 drirer.live
0.0.0.0 dobin.live
0.0.0.0 hapex.live
0.0.0.0 dovin.live
0.0.0.0 luzar.live
0.0.0.0 tazins.live
0.0.0.0 doven.live
0.0.0.0 hanix.live
0.0.0.0 pidens.live
0.0.0.0 dotin.live
0.0.0.0 hanex.live
0.0.0.0 pijens.live
0.0.0.0 pakins.live
0.0.0.0 pinens.live
0.0.0.0 palins.live
0.0.0.0 pamims.live
0.0.0.0 pakims.live
0.0.0.0 moler.live
0.0.0.0 palims.live
0.0.0.0 pamins.live
0.0.0.0 pahins.live
0.0.0.0 pahims.live
0.0.0.0 mofer.live
0.0.0.0 pajins.live
0.0.0.0 pajims.live
0.0.0.0 momer.live
0.0.0.0 hohirs.live
0.0.0.0 hokims.live
0.0.0.0 hokins.live
0.0.0.0 hojirs.live
0.0.0.0 hojims.live
0.0.0.0 hokirs.live
0.0.0.0 hojins.live
0.0.0.0 hohins.live
0.0.0.0 tawirs.live
0.0.0.0 taxirs.live
0.0.0.0 tawins.live
0.0.0.0 taxins.live
0.0.0.0 picers.live
0.0.0.0 ladert.live
0.0.0.0 latert.live
0.0.0.0 lakert.live
0.0.0.0 lapert.live
0.0.0.0 lagest.live
0.0.0.0 ladest.live
0.0.0.0 lawert.live
0.0.0.0 lafert.live
0.0.0.0 laxert.live
0.0.0.0 lasert.live
0.0.0.0 lalest.live
0.0.0.0 lazert.live
0.0.0.0 labest.live
0.0.0.0 lahest.live
0.0.0.0 lacest.live
0.0.0.0 lavert.live
0.0.0.0 lajert.live
0.0.0.0 lanest.live
0.0.0.0 lamert.live
0.0.0.0 labert.live
0.0.0.0 lawest.live
0.0.0.0 lakest.live
0.0.0.0 laxest.live
0.0.0.0 lavest.live
0.0.0.0 lagert.live
0.0.0.0 lacert.live
0.0.0.0 lapest.live
0.0.0.0 lazest.live
0.0.0.0 lanert.live
0.0.0.0 lajest.live
0.0.0.0 lalert.live
0.0.0.0 larert.live
0.0.0.0 hamix.live
0.0.0.0 tarins.live
0.0.0.0 halex.live
0.0.0.0 havix.live
0.0.0.0 tavirs.live
0.0.0.0 lasest.live
0.0.0.0 pibens.live
0.0.0.0 havex.live
0.0.0.0 hatix.live
0.0.0.0 molen.live
0.0.0.0 larest.live
0.0.0.0 tavins.live
0.0.0.0 rokens.live
0.0.0.0 foleg.live
0.0.0.0 fobed.live
0.0.0.0 foded.live
0.0.0.0 fojeg.live
0.0.0.0 fojed.live
0.0.0.0 fomeg.live
0.0.0.0 foced.live
0.0.0.0 fogeg.live
0.0.0.0 foled.live
0.0.0.0 fodeg.live
0.0.0.0 foped.live
0.0.0.0 foged.live
0.0.0.0 fohed.live
0.0.0.0 fomer.live
0.0.0.0 fored.live
0.0.0.0 fofed.live
0.0.0.0 fozek.live
0.0.0.0 foned.live
0.0.0.0 foneg.live
0.0.0.0 fosed.live
0.0.0.0 fobeg.live
0.0.0.0 fopeg.live
0.0.0.0 foheg.live
0.0.0.0 fokeg.live
0.0.0.0 foreg.live
0.0.0.0 foceg.live
0.0.0.0 foked.live
0.0.0.0 fomed.live
0.0.0.0 fofeg.live
0.0.0.0 hatex.live
0.0.0.0 tawips.live
0.0.0.0 tatins.live
0.0.0.0 lamest.live
0.0.0.0 doloy.live
0.0.0.0 25defect.mansurdo.ru
0.0.0.0 stomal.live
0.0.0.0 tasins.live
0.0.0.0 tasirs.live
0.0.0.0 lahert.live
0.0.0.0 fanir.live
0.0.0.0 foseg.live
0.0.0.0 harix.live
0.0.0.0 tatips.live
0.0.0.0 tazips.live
0.0.0.0 bbbb.ulitron.ru
0.0.0.0 97deposit.mexv.ru
0.0.0.0 3delivered.mexv.ru
0.0.0.0 8descendant.erinaceuso.ru
0.0.0.0 enforce.interdependent23.vipertos.ru
0.0.0.0 perceive81.molotiras.ru
0.0.0.0 judgement71.nightmit.ru
0.0.0.0 73descendant.erinaceuso.ru
0.0.0.0 debts71.semashi.ru
0.0.0.0 mewed.ulitron.ru
0.0.0.0 alley.sorting88.cavalierso.ru
# https://github.com/durablenapkin/scamblocklist/issues/18
0.0.0.0 q3i5q2r6.stackpathcdn.com
# https://github.com/uBlockOrigin/uAssets/pull/17530
0.0.0.0 rblx.land
# https://forums.malwarebytes.com/topic/296891-malwarebytes-fake-website-scam-website/#comment-1563262 (account required)
0.0.0.0 webstore.getsecuredsetup.com
0.0.0.0 www.webstore.getsecuredsetup.com
# https://github.com/uBlockOrigin/uAssets/issues/17602
0.0.0.0 allprizesforme.com
# https://github.com/durablenapkin/scamblocklist/issues/28
0.0.0.0 muskai.net
0.0.0.0 tslawill.com
0.0.0.0 xrp-give.pro
# https://github.com/durablenapkin/scamblocklist/issues/32
0.0.0.0 spacexmusk.io
# https://www.reddit.com/r/uBlockOrigin/comments/12r255v/gamingnewsanalystcom_badware/
# https://github.com/uBlockOrigin/uAssets/pull/17655
0.0.0.0 gamingnewsanalyst.com
0.0.0.0 gamingdebates.com
# https://www.reddit.com/r/uBlockOrigin/comments/12q5o60/repost_fake_dating_site_badware/
0.0.0.0 flirt4free.com
0.0.0.0 entrance.flirt4free.com
# https://www.reddit.com/r/uBlockOrigin/comments/12pues7/fake_123movies_site_leading_to_redirect/
0.0.0.0 123moviesgo.ga
# https://github.com/durablenapkin/scamblocklist/issues/35
0.0.0.0 tslaget.live
0.0.0.0 musk-aigpt.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/121793
0.0.0.0 cjtrade4.xyz
0.0.0.0 .xyz/gift_iphone_x/?
# https://0xacab.org/my-privacy-dns/matrix/-/issues/121792
0.0.0.0 rplnd60.com
0.0.0.0 news-pewuce.com
0.0.0.0 djpjwf.com
# from notifications (sandbox: )
0.0.0.0 totalprotection-2023.store
0.0.0.0 closingday2.xyz
0.0.0.0 s.viifogyp.com
0.0.0.0 viifogyp.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/121816
0.0.0.0 tradersuper4.xyz
# nitro scam 
0.0.0.0 tronite.xyz
0.0.0.0 locked4.com
0.0.0.0 www.locked4.com
# https://www.reddit.com/r/uBlockOrigin/comments/12wqrv5/steamunlockednet_badware/ <-- have not verified sites to be malware! These are just domains ads in my analysis
# https://app.any.run/tasks/9ed7df61-f0a9-49cc-91bc-a3fcc2c59ae1/
0.0.0.0 antivirusgaming.com
0.0.0.0 aluationiamcur.com
0.0.0.0 xrlbq.aluationiamcur.com
0.0.0.0 awesome-blocker.com
# https://app.any.run/tasks/c9657f58-f49e-4e9e-80bf-9704f0eaa32a (NSFW)
0.0.0.0 gbcok.aluationiamcur.com
0.0.0.0 www6.renhadmasandbab.info
0.0.0.0 mobilesecuremail.com
# https://github.com/durablenapkin/scamblocklist/issues/38
0.0.0.0 miningpror.top
0.0.0.0 paypartc.top
0.0.0.0 bitcllpay.top
0.0.0.0 tdsintegrations11.online
0.0.0.0 crypto030.online
# NSFW: https://app.any.run/tasks/a1a425ca-7b5d-4774-95bf-c11f8f25685a
0.0.0.0 uuksehinkitwkuo.com
0.0.0.0 wzzzs.uuksehinkitwkuo.com
# https://app.any.run/tasks/d576fecb-3250-4a18-82de-eba82ac7ba6d
0.0.0.0 click2code.xyz
# https://github.com/durablenapkin/scamblocklist/issues/40
0.0.0.0 dischargebackhanded.com
0.0.0.0 zech-company.com
0.0.0.0 govmedcareers.com
0.0.0.0 talentmaster.bio
0.0.0.0 radiatorcrate.com
0.0.0.0 theniemannbest.com
0.0.0.0 jellyfishstat.live
# https://github.com/durablenapkin/scamblocklist/issues/42
0.0.0.0 intgblockchain.online
# https://github.com/uBlockOrigin/uAssets/issues/17947
0.0.0.0 pccdirect.site
# youtube typosquatt I found
0.0.0.0 you8tube.com
0.0.0.0 getluckyprize2023.com
0.0.0.0 /17138/iphone14.html?
# https://app.any.run/tasks/494077d1-478b-47e0-871c-b22788a455b6
0.0.0.0 pingleflavor.xyz
0.0.0.0 funprizeali.site
# other notification spam
0.0.0.0 datenow.losbestbsdating2023.com
0.0.0.0 losbestbsdating2023.com
# discord nitro scam 
0.0.0.0 techsoftglobals.com
# https://github.com/durablenapkin/scamblocklist/issues/43
0.0.0.0 555sq.com.cn
0.0.0.0 prorify.de
0.0.0.0 milgenial.uy
0.0.0.0 swuso.com
0.0.0.0 cebubestbuy.com
0.0.0.0 buyyeezy2023.com
0.0.0.0 casavec.com
0.0.0.0 kingcampoutdoors.co.jp
0.0.0.0 imlb2c.com
0.0.0.0 wareeb.pk
0.0.0.0 loepwatch.com
0.0.0.0 fiewatch.com
0.0.0.0 felara.com.do
0.0.0.0 posehee.com
0.0.0.0 beautyt.shop
0.0.0.0 lomoor.com
0.0.0.0 morlyes.com
0.0.0.0 ajcenteruss.com
0.0.0.0 bitiiy.com
0.0.0.0 storagestory.com
0.0.0.0 ihuers.com
0.0.0.0 bloomessentialsbrand.com
0.0.0.0 quitasueno.com
0.0.0.0 lifestyletrading.co.za
0.0.0.0 yyderfreap.shop
0.0.0.0 audiosg.com.sg
0.0.0.0 fujibikes.com
0.0.0.0 walmartchina.top
0.0.0.0 geldencosmeticos.com
0.0.0.0 sellfox.com
0.0.0.0 parklaneupholstemk.com
0.0.0.0 iteeus.com
0.0.0.0 monark-store.com
0.0.0.0 shapeden.com
0.0.0.0 andamente.pt
0.0.0.0 staging.zendrop.com
0.0.0.0 courier-tracking.com
0.0.0.0 yofi-yofi.com
0.0.0.0 stellara.de
0.0.0.0 innomediacreate.com
0.0.0.0 sehaleservices.com
0.0.0.0 magnite.shop
0.0.0.0 decompraschile.com
0.0.0.0 salimusic.com
0.0.0.0 open-cbd.de
0.0.0.0 onrunningshop.com
0.0.0.0 bygigi.mx
0.0.0.0 vkeys.online
0.0.0.0 teevpower.com
0.0.0.0 caraci.it
0.0.0.0 easyshopper.org
0.0.0.0 oncloudrun.shop
0.0.0.0 shopperexpress.shop
0.0.0.0 aoocib.com
0.0.0.0 7s4c.top
0.0.0.0 chandeco.com
0.0.0.0 networksfishing.com
0.0.0.0 millabay.com
0.0.0.0 mila-vica.de
0.0.0.0 ballsbags.com
0.0.0.0 vinisay.com
0.0.0.0 tinkleo.com
0.0.0.0 draxu.com
0.0.0.0 headsets4business.co.uk
0.0.0.0 kielorelief.io
0.0.0.0 olaoffer.shop
0.0.0.0 nosdaarte.com
0.0.0.0 pairmate.se
0.0.0.0 babybeddingdesign.com
0.0.0.0 coco-vip-shop.com
0.0.0.0 xunlei.it
0.0.0.0 botsuanah.com
0.0.0.0 lojaacasa.com.br
0.0.0.0 dashracegear.net
0.0.0.0 youthfy.shop
0.0.0.0 smartokids.com
0.0.0.0 pipopi.com
0.0.0.0 k-tozluxury.shop
0.0.0.0 zuozuoshoe.shop
0.0.0.0 vip-yuki-shop.com
0.0.0.0 c-tozluxury.shop
0.0.0.0 lasercutjewelry.net
0.0.0.0 sleepyfull.com
0.0.0.0 expofstore.com
0.0.0.0 watchmark.shop
0.0.0.0 carsaratek.com
0.0.0.0 xajzfwgs.com
0.0.0.0 uange.shop
0.0.0.0 imagemotorcycles.co.nz
0.0.0.0 twinsbio.com
0.0.0.0 snapchaty.com
0.0.0.0 tomfordgo.com
0.0.0.0 worthas.shop
0.0.0.0 microgull.com
# https://github.com/hagezi/dns-blocklists/issues/1025
0.0.0.0 msmcompare.com
# https://github.com/durablenapkin/scamblocklist/issues/45
0.0.0.0 teslatucker.com
# https://www.reddit.com/r/uBlockOrigin/comments/13e53jy/badware_movie_sites/
# https://github.com/uBlockOrigin/uAssets/issues/18333
0.0.0.0 filmshngjbzix.blogspot.com
0.0.0.0 mopiez.com
# NSFW: https://tria.ge/230511-1g9xlada3x/behavioral1
0.0.0.0 lynku.mingotime.com
0.0.0.0 secret-list.yasdoodl.com
0.0.0.0 smcdsecure.com
# https://github.com/durablenapkin/scamblocklist/issues/46
0.0.0.0 teslalive23.pro
0.0.0.0 muskbtc.io
# https://github.com/hagezi/dns-blocklists/issues/1053
0.0.0.0 i-grade.online
# https://github.com/durablenapkin/scamblocklist/issues/49
0.0.0.0 successglossary.com
0.0.0.0 mybestautologin567.com
0.0.0.0 microngroup.pro
# https://github.com/durablenapkin/scamblocklist/issues/50
0.0.0.0 abncbp.com
# spam
0.0.0.0 hotgirlsj8k8.com
0.0.0.0 locasualx.com
0.0.0.0 web.locasualx.com
0.0.0.0 datingcentral.top
0.0.0.0 i.datingcentral.top
# https://0xacab.org/my-privacy-dns/matrix/-/issues/418503
0.0.0.0 tushura.life
0.0.0.0 0a317d9d6b.79c4215c89.com
# https://tria.ge/230520-nthbwseg41/behavioral1
0.0.0.0 ugpe.krokwbok.pl
0.0.0.0 tabloidquantitycosts.com
0.0.0.0 newsfrcity.azurewebsites.net
# https://forums.malwarebytes.com/topic/298178-google-security-alert-google-cloud-hacked-viruses-found-3-etc/
0.0.0.0 undectia.com
# account required: https://forums.malwarebytes.com/topic/298281-genshin-impact-scam-websites-to-avoid/
# my analysis: https://tria.ge/230524-wfaznadg93/behavioral1
0.0.0.0 hoyolab.help
0.0.0.0 hoylab.firebaseapp.com
0.0.0.0 visitor-country.info
0.0.0.0 go.letmimy.com
# https://github.com/hagezi/dns-blocklists/issues/1075
0.0.0.0 factorysale2023.com
0.0.0.0 onlinestores.factorysale2023.com
0.0.0.0 si.factorysale2023.com
0.0.0.0 augusthenri.be
# https://github.com/durablenapkin/scamblocklist/issues/54
0.0.0.0 haceroberomaste.com
0.0.0.0 nze0xw.haceroberomaste.com
# https://github.com/hagezi/dns-blocklists/issues/1079
# my analysis: https://app.any.run/tasks/4d88f2f5-5446-4980-8bc9-15e520e96651
# my analysis: https://app.any.run/tasks/060171c5-6a0f-41db-ba01-27bd8c61e326
0.0.0.0 onlyfanstake.pro
0.0.0.0 filedenzu.com
# https://tria.ge/230524-m6b5zacg3y/behavioral2
# https://github.com/hagezi/dns-blocklists/issues/1089
0.0.0.0 elonmix.org
0.0.0.0 musklink.org
0.0.0.0 muskbot.io
# https://github.com/badmojr/1Hosts/issues/1429
0.0.0.0 thelabourforce.com
0.0.0.0 v5o.disktopic.com
# https://www.reddit.com/r/uBlockOrigin/comments/13ub824/trojan_scam_ads_to_block/
# my analysis: https://app.any.run/tasks/e3720726-f650-434c-b34c-68ce718977ff
0.0.0.0 goo.googoodee.com
0.0.0.0 vipsupport.festivalmarqueecompany.cyou
0.0.0.0 festivalmarqueecompany.cyou
# https://app.any.run/tasks/ed28f343-c1f8-48c2-acea-3088eae6fc0b
0.0.0.0 gz1nzy3x-d147-v9.saithinaya.best
# https://app.any.run/tasks/c66b7f3b-9400-4cdf-8a94-0c834c13cb3c
0.0.0.0 a6j355tu-d148-v9.wrathgrove.best
# nsfw: https://app.any.run/tasks/4fd09c13-0e01-4f6a-9d0b-627e24d86293
0.0.0.0 yaglkpxae-d148-api-v1.silverscar.shop
# https://app.any.run/tasks/f1c3cc87-16d7-4c79-9b10-7163b398c2f9/
0.0.0.0 fbhack.blaow.pro
# https://app.any.run/tasks/484b97da-3dff-466a-99c7-c1a7fe4ac385
0.0.0.0 fbshredder.com
0.0.0.0 softwaredlfast.top
0.0.0.0 softwarebaze.top
0.0.0.0 rapidfilesbase.top
# https://tria.ge/230530-3b6zvscd5x/behavioral1
0.0.0.0 fastfilesdls.top
# https://app.any.run/tasks/e9aa7e83-283f-4ef3-bb6f-cd98d7df2e1e
0.0.0.0 hypercracker.com
# https://github.com/hagezi/dns-blocklists/issues/1098
0.0.0.0 jakedstake.com
0.0.0.0 improtants.space
# https://0xacab.org/my-privacy-dns/matrix/-/issues/551938
# my analysis: https://tria.ge/230531-2tegwsbh3v/behavioral1
0.0.0.0 azmovies.io
0.0.0.0 pdtrax.g2afse.com
0.0.0.0 tr.trackingit.site
0.0.0.0 trackingit.site
# https://github.com/uBlockOrigin/uAssets/issues/18366
# my analysis: https://app.any.run/tasks/cf36d3ac-bedd-4cb9-bc9f-ac389b769d20
0.0.0.0 globaladblocker.info
# my analysis: https://app.any.run/tasks/7696196c-7c36-4dcc-aace-cb09f14b6685
0.0.0.0 ourcommonwords.com
0.0.0.0 supapush.net
# https://github.com/uBlockOrigin/uAssets/issues/18375
# nsfw: https://app.any.run/tasks/e3da5e5e-8b6d-4a7f-8165-6439ff68d940
0.0.0.0 www.fulltimesecurityguard.com
0.0.0.0 fulltimesecurityguard.com
0.0.0.0 tepirg.xyz
# https://github.com/uBlockOrigin/uAssets/issues/18380
0.0.0.0 lgpc.bestextensionegde.com
0.0.0.0 bestextensionegde.com
# nsfw: https://app.any.run/tasks/49927d07-3f8e-4115-a6e3-476e6aec62c0
0.0.0.0 onevenadvnow.com
0.0.0.0 nodritsissub.com
# https://github.com/uBlockOrigin/uAssets/pull/18388
0.0.0.0 roundyearfun.org
0.0.0.0 anyplacehere.me
0.0.0.0 funaroundy.click
# https://0xacab.org/my-privacy-dns/matrix/-/issues/594269
# my analysis: https://tria.ge/230604-x8gtcadd85/behavioral1
0.0.0.0 darkskin.world
# https://tria.ge/230605-nfg4zagb63/behavioral2
0.0.0.0 errors.pro
0.0.0.0 donwloadkeepet.buzz
0.0.0.0 stucktimeoutvexed.com
0.0.0.0 sembilme.com
# https://forums.malwarebytes.com/topic/298628-specific-adwarephishing-attack-whats-the-source/
0.0.0.0 axufcs.space
# https://github.com/hagezi/dns-blocklists/issues/718
0.0.0.0 leverage-btc.com
# https://www.malwarebytes.com/blog/threat-intelligence/2023/06/thousands-of-malicious-google-cloud-run-instances-deployed-to-scam-facebook-users
0.0.0.0 trendingentertainers.com
0.0.0.0 trendingfilmreviews.com
0.0.0.0 trendingshowbiz.com
0.0.0.0 trendingtvshows.com
0.0.0.0 usunveiled.net
0.0.0.0 viralcelebrityzone.com
0.0.0.0 viralfamezone.com
0.0.0.0 virallaughtrack.com
0.0.0.0 viralstargossip.com
0.0.0.0 viralfunnylaugh.com
# https://www.youtube.com/watch?v=3Vy2l1kv7Cc
0.0.0.0 sirisangabofoundation.org
# https://github.com/DandelionSprout/adfilt/discussions/779#discussioncomment-6141190
0.0.0.0 sexus.ml
0.0.0.0 c.dateperfectly.top
0.0.0.0 dateperfectly.top
# https://github.com/uBlockOrigin/uAssets/issues/18452
0.0.0.0 geminifond.com
# https://virustotal.com/gui/url/7df0f1873fb746b2eb98a9fc8245000222a31db82506d9988adc83f145c80b3a
# my analysis: https://app.any.run/tasks/eb63e697-9df1-425a-814d-5e23858c146f
0.0.0.0 gvcyk.mobiledir.us
0.0.0.0 umbrellacorporation.id
0.0.0.0 push-gabjbib-9138.boustahe.com
0.0.0.0 memesfunny.org
0.0.0.0 dudialgator.com
0.0.0.0 coustaushaw.com
# https://dnstwist.it/ for slack.com
# https://app.any.run/tasks/14cafa37-652e-47dc-b08f-39843f7ef022
0.0.0.0 slackk.com
0.0.0.0 galotop1.com
# https://github.com/uBlockOrigin/uAssets/issues/18527
0.0.0.0 together.com
0.0.0.0 maturedating.com
# https://github.com/uBlockOrigin/uAssets/issues/18537
# https://tria.ge/230617-ar39pahb3w/behavioral2
0.0.0.0 whaujimisurvey.top
0.0.0.0 eehuzaih.com
# https://tria.ge/230617-ar39pahb3w/behavioral3
0.0.0.0 toodownload.com
0.0.0.0 subscribe-notifications.com
0.0.0.0 user0.subscribe-notifications.com
0.0.0.0 user1.subscribe-notifications.com
# clicked on an ad: https://tria.ge/230617-m6144abb3z/behavioral2
0.0.0.0 yourstented.azurewebsites.net
# https://github.com/hagezi/dns-blocklists/issues/1193
0.0.0.0 coinaps.com
# https://www.bleepingcomputer.com/forums/t/786537/mcafee-popup/
0.0.0.0 www.mistiotia.com
# https://virustotal.com/gui/url/73d9ff9f34da3e716e5b549746d789655bb42bfaadbdeaf13d70cae63768f8cb/community
# my analysis: https://app.any.run/tasks/f5abc08a-802f-4560-9ae2-ee107fee1a2b
0.0.0.0 winkcap.net
# https://tria.ge/230624-phdd8scc7t/behavioral1
0.0.0.0 discordnitro.live
0.0.0.0 www.discordnitro.live
0.0.0.0 rapidownload.online
0.0.0.0 qoaaa.com
0.0.0.0 d.rapidownload.online
# https://tria.ge/230624-pw6ypsbc94/behavioral1
0.0.0.0 freevbucks2022.online
0.0.0.0 letmimy.com
# https://tria.ge/230624-p3xcvabd24/behavioral2
# https://www.hybrid-analysis.com/sample/9cdcea08ed2d28f0618a032fdcac2a0f070020035d54d0e63ae3b90ba9a8cfa3
# unrelated malware ads on the download link
# https://app.any.run/tasks/426cbd81-f441-436c-b227-15224316ce4b
0.0.0.0 ereallywasnoth.com
0.0.0.0 czpcc.nereherewetem.info
# https://tria.ge/230624-pzryysbc98/behavioral1
0.0.0.0 free.premiumworldapp.com
0.0.0.0 chromnius.com
0.0.0.0 www.chromnius.com
# https://github.com/DandelionSprout/adfilt/discussions/779#discussioncomment-6298369
0.0.0.0 anglebank.space
# https://tria.ge/230701-q2qdksgh48/behavioral1
0.0.0.0 crummygoddess.com
# https://github.com/uBlockOrigin/uAssets/pull/18736
0.0.0.0 funtwitter.games
0.0.0.0 twitter-circle.com
# https://github.com/uBlockOrigin/uAssets/issues/18664
0.0.0.0 family-simulators.io
0.0.0.0 familyfornicate.com
# https://github.com/blocklistproject/Lists/issues/1015
0.0.0.0 bigosext9s.com
# musk-themed crypto scam
0.0.0.0 muskday.org
# popups
0.0.0.0 xmegaxvideox.com
0.0.0.0 neeglashsurvey.top
# https://github.com/MetaMask/eth-phishing-detect/pull/12959
0.0.0.0 l0ktf.com
0.0.0.0 babydegods.com
# https://github.com/hagezi/dns-blocklists/issues/1244
0.0.0.0 soaplooparrowstereo.click
# https://github.com/MetaMask/eth-phishing-detect/pull/12960
0.0.0.0 apecoin.group
0.0.0.0 app.uniswap.cam
0.0.0.0 bbhjb.com
0.0.0.0 blur-nft.xyz
0.0.0.0 bridge-claim.xyz
0.0.0.0 claim-booster.xyz
0.0.0.0 claim-pepe-airdrop.xyz
0.0.0.0 claimairdrop.online
0.0.0.0 crypto-claims.io
0.0.0.0 dev851.d3710yoqrad6y3.amplifyapp.com
0.0.0.0 email-metamask.com
0.0.0.0 enter-uniswap.net
0.0.0.0 get-uniswap.org
0.0.0.0 join-whatisthissorcery.com
0.0.0.0 lensprotocols-claim.com
0.0.0.0 live-update-security.com
0.0.0.0 loyaldrops.life
0.0.0.0 metamaskdrop.fun
0.0.0.0 metamasks.best
0.0.0.0 newsletter-metamask.com
0.0.0.0 nft-free.store
0.0.0.0 notify-metamask.com
0.0.0.0 psydex.gl
0.0.0.0 register-ether.com
0.0.0.0 whitelist-ether.site
# https://github.com/MetaMask/eth-phishing-detect/pull/12983
0.0.0.0 rabbit.claims
# https://github.com/hagezi/dns-blocklists/issues/1255
0.0.0.0 beze.co
0.0.0.0 laro.co
0.0.0.0 haso.co
0.0.0.0 fessy.co
0.0.0.0 zatte.co
0.0.0.0 lanno.co
0.0.0.0 detty.co
0.0.0.0 durro.co
# https://tria.ge/230708-zw13kaab69/behavioral2
0.0.0.0 rightsapphiresand.info
0.0.0.0 aonforhaving.info
0.0.0.0 download7locked.com
0.0.0.0 install-check.com
0.0.0.0 zz6av.top
0.0.0.0 ptrmx.top
0.0.0.0 p5s12.top
0.0.0.0 pnw9r.top
# stuff from a VM
0.0.0.0 kn3vp.top
0.0.0.0 eyq2w.top
0.0.0.0 edsn6.top
0.0.0.0 c8pjg.top
0.0.0.0 kwptr.top
0.0.0.0 ese04.top
0.0.0.0 uldmakefeagre.com
0.0.0.0 ourmarketingefi.info
0.0.0.0 goph.club
0.0.0.0 ebutiseemedlikea.com.ua
0.0.0.0 alargeredrubygsw.info
# https://app.any.run/tasks/561c592f-07c8-4954-95c7-1201da83e2f5
0.0.0.0 dacins.xyz
# https://github.com/hagezi/dns-blocklists/issues/1266
0.0.0.0 zat.io
# https://github.com/durablenapkin/scamblocklist/issues/57
0.0.0.0 navi0.com
0.0.0.0 navi1.com
0.0.0.0 navi2.com
0.0.0.0 navi3.com
0.0.0.0 navi4.com
0.0.0.0 navi5.com
0.0.0.0 navi6.com
0.0.0.0 navi7.com
0.0.0.0 navi8.com
0.0.0.0 navi9.com
0.0.0.0 navi10.com
0.0.0.0 navi11.com
0.0.0.0 navi12.com
0.0.0.0 navi13.com
0.0.0.0 navi14.com
0.0.0.0 navi15.com
0.0.0.0 navi16.com
0.0.0.0 navi17.com
0.0.0.0 navi18.com
0.0.0.0 navi19.com
0.0.0.0 navi20.com
0.0.0.0 navi21.com
0.0.0.0 navi22.com
0.0.0.0 navi23.com
0.0.0.0 navi24.com
0.0.0.0 navi25.com
0.0.0.0 navi26.com
0.0.0.0 navi27.com
0.0.0.0 navi28.com
0.0.0.0 navi29.com
0.0.0.0 navi30.com
0.0.0.0 navi31.com
0.0.0.0 navi32.com
0.0.0.0 navi33.com
0.0.0.0 navi34.com
0.0.0.0 navi35.com
0.0.0.0 navi36.com
0.0.0.0 navi37.com
0.0.0.0 navi38.com
0.0.0.0 navi39.com
0.0.0.0 navi40.com
0.0.0.0 navi41.com
0.0.0.0 navi42.com
0.0.0.0 navi43.com
0.0.0.0 navi44.com
0.0.0.0 navi45.com
0.0.0.0 navi46.com
0.0.0.0 navi47.com
0.0.0.0 navi48.com
0.0.0.0 navi49.com
0.0.0.0 navi50.com
0.0.0.0 navi51.com
0.0.0.0 navi52.com
0.0.0.0 navi53.com
0.0.0.0 navi54.com
0.0.0.0 navi55.com
0.0.0.0 navi56.com
0.0.0.0 navi57.com
0.0.0.0 navi58.com
0.0.0.0 navi59.com
0.0.0.0 navi60.com
0.0.0.0 navi61.com
0.0.0.0 navi62.com
0.0.0.0 navi63.com
0.0.0.0 navi64.com
0.0.0.0 navi65.com
0.0.0.0 navi66.com
0.0.0.0 navi67.com
0.0.0.0 navi68.com
0.0.0.0 navi69.com
0.0.0.0 navi70.com
0.0.0.0 navi71.com
0.0.0.0 navi72.com
0.0.0.0 navi73.com
0.0.0.0 navi74.com
0.0.0.0 navi75.com
0.0.0.0 navi76.com
0.0.0.0 navi77.com
0.0.0.0 navi78.com
0.0.0.0 navi79.com
0.0.0.0 navi80.com
0.0.0.0 navi81.com
0.0.0.0 navi82.com
0.0.0.0 navi83.com
0.0.0.0 navi84.com
0.0.0.0 navi85.com
0.0.0.0 navi86.com
0.0.0.0 navi87.com
0.0.0.0 navi88.com
0.0.0.0 navi89.com
0.0.0.0 navi90.com
0.0.0.0 navi91.com
0.0.0.0 navi92.com
0.0.0.0 navi93.com
0.0.0.0 navi94.com
0.0.0.0 navi95.com
0.0.0.0 navi96.com
0.0.0.0 navi97.com
0.0.0.0 navi98.com
0.0.0.0 navi99.com
0.0.0.0 navi100.com
0.0.0.0 faze0.com
0.0.0.0 faze1.com
0.0.0.0 faze2.com
0.0.0.0 faze3.com
0.0.0.0 faze4.com
0.0.0.0 faze5.com
0.0.0.0 faze6.com
0.0.0.0 faze7.com
0.0.0.0 faze8.com
0.0.0.0 faze9.com
0.0.0.0 faze10.com
0.0.0.0 faze11.com
0.0.0.0 faze12.com
0.0.0.0 faze13.com
0.0.0.0 faze14.com
0.0.0.0 faze15.com
0.0.0.0 faze16.com
0.0.0.0 faze17.com
0.0.0.0 faze18.com
0.0.0.0 faze19.com
0.0.0.0 faze20.com
0.0.0.0 faze21.com
0.0.0.0 faze22.com
0.0.0.0 faze23.com
0.0.0.0 faze24.com
0.0.0.0 faze25.com
0.0.0.0 faze26.com
0.0.0.0 faze27.com
0.0.0.0 faze28.com
0.0.0.0 faze29.com
0.0.0.0 faze30.com
0.0.0.0 faze31.com
0.0.0.0 faze32.com
0.0.0.0 faze33.com
0.0.0.0 faze34.com
0.0.0.0 faze35.com
0.0.0.0 faze36.com
0.0.0.0 faze37.com
0.0.0.0 faze38.com
0.0.0.0 faze39.com
0.0.0.0 faze40.com
0.0.0.0 faze41.com
0.0.0.0 faze42.com
0.0.0.0 faze43.com
0.0.0.0 faze44.com
0.0.0.0 faze45.com
0.0.0.0 faze46.com
0.0.0.0 faze47.com
0.0.0.0 faze48.com
0.0.0.0 faze49.com
0.0.0.0 faze50.com
0.0.0.0 faze51.com
0.0.0.0 faze52.com
0.0.0.0 faze53.com
0.0.0.0 faze54.com
0.0.0.0 faze55.com
0.0.0.0 faze56.com
0.0.0.0 faze57.com
0.0.0.0 faze58.com
0.0.0.0 faze59.com
0.0.0.0 faze60.com
0.0.0.0 faze61.com
0.0.0.0 faze62.com
0.0.0.0 faze63.com
0.0.0.0 faze64.com
0.0.0.0 faze65.com
0.0.0.0 faze66.com
0.0.0.0 faze67.com
0.0.0.0 faze68.com
0.0.0.0 faze69.com
0.0.0.0 faze70.com
0.0.0.0 faze71.com
0.0.0.0 faze72.com
0.0.0.0 faze73.com
0.0.0.0 faze74.com
0.0.0.0 faze75.com
0.0.0.0 faze76.com
0.0.0.0 faze77.com
0.0.0.0 faze78.com
0.0.0.0 faze79.com
0.0.0.0 faze80.com
0.0.0.0 faze81.com
0.0.0.0 faze82.com
0.0.0.0 faze83.com
0.0.0.0 faze84.com
0.0.0.0 faze85.com
0.0.0.0 faze86.com
0.0.0.0 faze87.com
0.0.0.0 faze88.com
0.0.0.0 faze89.com
0.0.0.0 faze90.com
0.0.0.0 faze91.com
0.0.0.0 faze92.com
0.0.0.0 faze93.com
0.0.0.0 faze94.com
0.0.0.0 faze95.com
0.0.0.0 faze96.com
0.0.0.0 faze97.com
0.0.0.0 faze98.com
0.0.0.0 faze99.com
0.0.0.0 faze100.com
0.0.0.0 navi0.ru
0.0.0.0 navi1.ru
0.0.0.0 navi2.ru
0.0.0.0 navi3.ru
0.0.0.0 navi4.ru
0.0.0.0 navi5.ru
0.0.0.0 navi6.ru
0.0.0.0 navi7.ru
0.0.0.0 navi8.ru
0.0.0.0 navi9.ru
0.0.0.0 navi10.ru
0.0.0.0 navi11.ru
0.0.0.0 navi12.ru
0.0.0.0 navi13.ru
0.0.0.0 navi14.ru
0.0.0.0 navi15.ru
0.0.0.0 navi16.ru
0.0.0.0 navi17.ru
0.0.0.0 navi18.ru
0.0.0.0 navi19.ru
0.0.0.0 navi20.ru
0.0.0.0 navi21.ru
0.0.0.0 navi22.ru
0.0.0.0 navi23.ru
0.0.0.0 navi24.ru
0.0.0.0 navi25.ru
0.0.0.0 navi26.ru
0.0.0.0 navi27.ru
0.0.0.0 navi28.ru
0.0.0.0 navi29.ru
0.0.0.0 navi30.ru
0.0.0.0 navi31.ru
0.0.0.0 navi32.ru
0.0.0.0 navi33.ru
0.0.0.0 navi34.ru
0.0.0.0 navi35.ru
0.0.0.0 navi36.ru
0.0.0.0 navi37.ru
0.0.0.0 navi38.ru
0.0.0.0 navi39.ru
0.0.0.0 navi40.ru
0.0.0.0 navi41.ru
0.0.0.0 navi42.ru
0.0.0.0 navi43.ru
0.0.0.0 navi44.ru
0.0.0.0 navi45.ru
0.0.0.0 navi46.ru
0.0.0.0 navi47.ru
0.0.0.0 navi48.ru
0.0.0.0 navi49.ru
0.0.0.0 navi50.ru
0.0.0.0 navi51.ru
0.0.0.0 navi52.ru
0.0.0.0 navi53.ru
0.0.0.0 navi54.ru
0.0.0.0 navi55.ru
0.0.0.0 navi56.ru
0.0.0.0 navi57.ru
0.0.0.0 navi58.ru
0.0.0.0 navi59.ru
0.0.0.0 navi60.ru
0.0.0.0 navi61.ru
0.0.0.0 navi62.ru
0.0.0.0 navi63.ru
0.0.0.0 navi64.ru
0.0.0.0 navi65.ru
0.0.0.0 navi66.ru
0.0.0.0 navi67.ru
0.0.0.0 navi68.ru
0.0.0.0 navi69.ru
0.0.0.0 navi70.ru
0.0.0.0 navi71.ru
0.0.0.0 navi72.ru
0.0.0.0 navi73.ru
0.0.0.0 navi74.ru
0.0.0.0 navi75.ru
0.0.0.0 navi76.ru
0.0.0.0 navi77.ru
0.0.0.0 navi78.ru
0.0.0.0 navi79.ru
0.0.0.0 navi80.ru
0.0.0.0 navi81.ru
0.0.0.0 navi82.ru
0.0.0.0 navi83.ru
0.0.0.0 navi84.ru
0.0.0.0 navi85.ru
0.0.0.0 navi86.ru
0.0.0.0 navi87.ru
0.0.0.0 navi88.ru
0.0.0.0 navi89.ru
0.0.0.0 navi90.ru
0.0.0.0 navi91.ru
0.0.0.0 navi92.ru
0.0.0.0 navi93.ru
0.0.0.0 navi94.ru
0.0.0.0 navi95.ru
0.0.0.0 navi96.ru
0.0.0.0 navi97.ru
0.0.0.0 navi98.ru
0.0.0.0 navi99.ru
0.0.0.0 navi100.ru
0.0.0.0 nip0.com
0.0.0.0 nip1.com
0.0.0.0 nip2.com
0.0.0.0 nip3.com
0.0.0.0 nip4.com
0.0.0.0 nip5.com
0.0.0.0 nip6.com
0.0.0.0 nip7.com
0.0.0.0 nip8.com
0.0.0.0 nip9.com
0.0.0.0 nip10.com
0.0.0.0 nip11.com
0.0.0.0 nip12.com
0.0.0.0 nip13.com
0.0.0.0 nip14.com
0.0.0.0 nip15.com
0.0.0.0 nip16.com
0.0.0.0 nip17.com
0.0.0.0 nip18.com
0.0.0.0 nip19.com
0.0.0.0 nip20.com
0.0.0.0 nip21.com
0.0.0.0 nip22.com
0.0.0.0 nip23.com
0.0.0.0 nip24.com
0.0.0.0 nip25.com
0.0.0.0 nip26.com
0.0.0.0 nip27.com
0.0.0.0 nip28.com
0.0.0.0 nip29.com
0.0.0.0 nip30.com
0.0.0.0 nip31.com
0.0.0.0 nip32.com
0.0.0.0 nip33.com
0.0.0.0 nip34.com
0.0.0.0 nip35.com
0.0.0.0 nip36.com
0.0.0.0 nip37.com
0.0.0.0 nip38.com
0.0.0.0 nip39.com
0.0.0.0 nip40.com
0.0.0.0 nip41.com
0.0.0.0 nip42.com
0.0.0.0 nip43.com
0.0.0.0 nip44.com
0.0.0.0 nip45.com
0.0.0.0 nip46.com
0.0.0.0 nip47.com
0.0.0.0 nip48.com
0.0.0.0 nip49.com
0.0.0.0 nip50.com
0.0.0.0 nip51.com
0.0.0.0 nip52.com
0.0.0.0 nip53.com
0.0.0.0 nip54.com
0.0.0.0 nip55.com
0.0.0.0 nip56.com
0.0.0.0 nip57.com
0.0.0.0 nip58.com
0.0.0.0 nip59.com
0.0.0.0 nip60.com
0.0.0.0 nip61.com
0.0.0.0 nip62.com
0.0.0.0 nip63.com
0.0.0.0 nip64.com
0.0.0.0 nip65.com
0.0.0.0 nip66.com
0.0.0.0 nip67.com
0.0.0.0 nip68.com
0.0.0.0 nip69.com
0.0.0.0 nip70.com
0.0.0.0 nip71.com
0.0.0.0 nip72.com
0.0.0.0 nip73.com
0.0.0.0 nip74.com
0.0.0.0 nip75.com
0.0.0.0 nip76.com
0.0.0.0 nip77.com
0.0.0.0 nip78.com
0.0.0.0 nip79.com
0.0.0.0 nip80.com
0.0.0.0 nip81.com
0.0.0.0 nip82.com
0.0.0.0 nip83.com
0.0.0.0 nip84.com
0.0.0.0 nip85.com
0.0.0.0 nip86.com
0.0.0.0 nip87.com
0.0.0.0 nip88.com
0.0.0.0 nip89.com
0.0.0.0 nip90.com
0.0.0.0 nip91.com
0.0.0.0 nip92.com
0.0.0.0 nip93.com
0.0.0.0 nip94.com
0.0.0.0 nip95.com
0.0.0.0 nip96.com
0.0.0.0 nip97.com
0.0.0.0 nip98.com
0.0.0.0 nip99.com
0.0.0.0 nip100.com
# https://github.com/hagezi/dns-blocklists/issues/1310
0.0.0.0 bcb.game
# scam? notification spam & weird pharmaceutical ads
0.0.0.0 us-trendingtoday.com
# https://tria.ge/230718-vydmtscf83/behavioral1
0.0.0.0 truebuyerreview.com
0.0.0.0 areyourealhuman.com
0.0.0.0 cdn.areyourealhuman.com
# not my analysis: https://app.any.run/tasks/5bc3d455-486d-4d74-9cae-557eeaf69f27/
# my analysis: https://app.any.run/tasks/fc24d271-a114-4c43-b99b-8bf8e9f6c704
0.0.0.0 eu.gtrxlnd7.com
0.0.0.0 gtrxlnd7.com
# https://github.com/durablenapkin/scamblocklist/issues/58
# https://github.com/hagezi/dns-blocklists/issues/1330
0.0.0.0 hotdebrid.com
0.0.0.0 debridlink.com
0.0.0.0 maxdebrid.com
# https://github.com/hagezi/dns-blocklists/issues/409
0.0.0.0 anydebrid.com
# https://tria.ge/230720-3qya9sbh2t/behavioral2
0.0.0.0 performintenselydevelopedinfo-product.info
# https://tria.ge/230721-yjxzpsgg84/behavioral1
0.0.0.0 qk0im.top
# https://github.com/durablenapkin/scamblocklist/issues/59
# https://github.com/hagezi/dns-blocklists/issues/1335
0.0.0.0 primeleech.com
0.0.0.0 www.primeleech.com
# https://app.any.run/tasks/cc0dd977-97e3-4b4a-833b-dfc4d5f0be55/
0.0.0.0 ak.deephicy.net
0.0.0.0 qr-captcha.com
0.0.0.0 haffnetworkmm.com
0.0.0.0 cdn4.haffnetworkmm.com
0.0.0.0 im2easy.site
0.0.0.0 downlon.com
# https://tria.ge/230724-z8hfzsha64/behavioral1
0.0.0.0 zubajuroo.com
0.0.0.0 singlewomenmeet.com
0.0.0.0 only2date.online
0.0.0.0 amnotification.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646177
0.0.0.0 desbiens123.net
0.0.0.0 sex-dating.qbig.site
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646175
0.0.0.0 anesthesia2000.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646174
0.0.0.0 balladoron.life
0.0.0.0 avprotect.store
0.0.0.0 www.pioxe.live
0.0.0.0 pioxe.live
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646168
0.0.0.0 86ff56b6d5.com
0.0.0.0 030e9b0efb.47aead8f05.com
0.0.0.0 47aead8f05.com
0.0.0.0 systemoon.co.in
0.0.0.0 moontrck.xyz
# https://0xacab.org/my-privacy-dns/matrix/-/issues/644873
0.0.0.0 donemileliondol.info
# https://0xacab.org/my-privacy-dns/matrix/-/issues/644871
0.0.0.0 inarilyhukel.info
# https://forums.malwarebytes.com/topic/300664-malwarebytes-premium-subscription-fails-to-detect-infection/
0.0.0.0 prizehub.top
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646602
0.0.0.0 antiques-spb.ru
# https://tria.ge/230729-a8fjysba31/behavioral1
0.0.0.0 vcyx4.top
0.0.0.0 hfe0t.top
0.0.0.0 ambrs.online
0.0.0.0 www.ambrs.online
# infected system
0.0.0.0 jokekroako.com
0.0.0.0 gokend.xyz
0.0.0.0 push-ebfhafd-7996.boustahe.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646845
0.0.0.0 pacosystem.es
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646600
0.0.0.0 74les.ru
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646179
0.0.0.0 zaffirosas.it
# https://0xacab.org/my-privacy-dns/matrix/-/issues/646173
0.0.0.0 alimentasegovia.es
# https://github.com/durablenapkin/scamblocklist/issues/60
0.0.0.0 upstrick.com
# fake robux generator
0.0.0.0 waratlas.org
0.0.0.0 cpabuild.com
# https://tria.ge/230731-x1nlxsae69/behavioral2
# https://0xacab.org/my-privacy-dns/matrix/-/issues/647492
0.0.0.0 krasnaya-talka-sanatoriy-gelendzhik.ru
0.0.0.0 p9a3g5g2.stackpathcdn.com
# https://tria.ge/230731-w9769aad25/behavioral2
0.0.0.0 fixextremelyoriginalinfo-product.info
0.0.0.0 dfxtg.top
0.0.0.0 d7s62.top
0.0.0.0 dlvur.top
0.0.0.0 dcnhx.top
0.0.0.0 ops7s.top
# https://tria.ge/230731-w9769aad25/behavioral1
0.0.0.0 downloadelz.website
0.0.0.0 downloadelz.buzz
# https://tria.ge/230731-3n8n8abh28/behavioral2
0.0.0.0 downloadfilekee.lol
# anonfiles ads
0.0.0.0 browser-app.co
0.0.0.0 golend.xyz
# https://0xacab.org/my-privacy-dns/matrix/-/issues/647478
0.0.0.0 seduction-simple.fr
# https://0xacab.org/my-privacy-dns/matrix/-/issues/649522
# https://tria.ge/230802-vtcjzaga38/behavioral1
0.0.0.0 farmrrlendsee.ru
0.0.0.0 mokha.top
0.0.0.0 voecf.top
0.0.0.0 a7afn.top
0.0.0.0 zn4hk.top
0.0.0.0 t0hgf.top
0.0.0.0 kuq2s.top
0.0.0.0 o8he3.top
# https://0xacab.org/my-privacy-dns/matrix/-/issues/649521
# https://tria.ge/230802-v5brtahd4w/behavioral1
0.0.0.0 expressionsvegetales.fr
0.0.0.0 kfl86.top
0.0.0.0 aroyf.top
0.0.0.0 aord3.top
# https://www.bleepingcomputer.com/news/security/fake-flipperzero-sites-promise-free-devices-after-completing-offer/
0.0.0.0 flipperzero.at
0.0.0.0 trkrspace.com
# anonfiles ads
0.0.0.0 kncecafvdeuk.info
0.0.0.0 karbe.live
0.0.0.0 downloadpeso.space
0.0.0.0 rewovucikaf.shop
0.0.0.0 outhjkm.ezasutuduwife.online
0.0.0.0 wtfgep.xyz
# https://forums.malwarebytes.com/topic/300873-i-keep-getting-pop-ups-from-eudmailcom/
0.0.0.0 eudmail.com
# crypto scams
0.0.0.0 musk-x.org
0.0.0.0 give2x.net
# https://tria.ge/230804-15hs1sfh6t/behavioral1
0.0.0.0 2xtesla.net
# https://0xacab.org/my-privacy-dns/matrix/-/issues/649649
# https://tria.ge/230805-rb1bjaee3x/behavioral1
0.0.0.0 master2gppp-assas.fr
0.0.0.0 12f01e3591.com
0.0.0.0 1472f9a583.12f01e3591.com
0.0.0.0 thewinjackpot.life
0.0.0.0 us.secureonlineinternet.com
0.0.0.0 secureonlineinternet.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/649556
# https://tria.ge/230805-rk4qbadb96/behavioral1
0.0.0.0 gavihuginn.best
0.0.0.0 dtc5a.top
0.0.0.0 8a4uj.top
0.0.0.0 lytf0.top
0.0.0.0 w2kp0.top
0.0.0.0 7xxqg.top
0.0.0.0 e7vld.top
0.0.0.0 82vor.top
0.0.0.0 j42za.top
0.0.0.0 w3cxi.top
0.0.0.0 imgot.info
# https://0xacab.org/my-privacy-dns/matrix/-/issues/649306
# https://tria.ge/230805-s3g5psdd99/behavioral1
0.0.0.0 eternitonline.it
# https://github.com/uBlockOrigin/uAssets/issues/19271
# https://tria.ge/230805-1pnz4agc7w/behavioral1
0.0.0.0 wbilvnmool.com
0.0.0.0 metriumoldeb.com
0.0.0.0 www.metriumoldeb.com
0.0.0.0 hyjecr.metriumoldeb.com
0.0.0.0 fjvv2i.metriumoldeb.com
0.0.0.0 581358.metriumoldeb.com
0.0.0.0 theod-omq.com
0.0.0.0 goatmod.xyz
0.0.0.0 mkhvuv.metriumoldeb.com
# https://tria.ge/231022-p48ghaab87/behavioral1
0.0.0.0 qyt8pi.metriumoldeb.com
0.0.0.0 vjr2ws.metriumoldeb.com
0.0.0.0 propolixte.com
0.0.0.0 quinc-rdk.com
0.0.0.0 burbolore.xyz
0.0.0.0 /nlp/index.php?clickid=*&t1=*&t2=*&t3=*&t4=*&t5=propolixte,propolixte.com,propolis&url_bnm_redirect=
0.0.0.0 /click.php?lp=data_upd&site_id=1293|

0.0.0.0 12ezo5v60.com
0.0.0.0 2ntrfi.metriumoldeb.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/649771
# https://tria.ge/230806-v2fatsbc57/behavioral1
0.0.0.0 sex-girls.khayyamfestival.com
# https://github.com/easylist/easylist/pull/16955
# https://tria.ge/230806-xd58fsdc4t/behavioral1
0.0.0.0 lands.ninja
0.0.0.0 6.lands.ninja
0.0.0.0 19.lands.ninja
# https://web.archive.org/web/20230806191228/https://spamlogger.com/t/congrats-claim-your-500-walmart-gift-card/295
# https://tria.ge/230806-xteenscb23/behavioral1
0.0.0.0 usadailysweepswinners.com
# https://github.com/durablenapkin/scamblocklist/issues/61
# https://github.com/hagezi/dns-blocklists/issues/1390
0.0.0.0 okdebrid.com
0.0.0.0 youdebrid.com
# https://github.com/uBlockOrigin/uAssets/issues/19316
# https://tria.ge/230810-zq62maag9y/behavioral1
0.0.0.0 graduatedgroan.com
0.0.0.0 oudguide.com
0.0.0.0 uidhealth.com
0.0.0.0 repairmostspeedyinfo-product.info
# https://tria.ge/230810-zzlr2sah5y/behavioral1
0.0.0.0 popgoldblocker.info
0.0.0.0 adblockology.net
0.0.0.0 download-adblock-zen.com
0.0.0.0 blockadsology.net
# https://github.com/hagezi/dns-blocklists/issues/1411
0.0.0.0 lido-pass.org
# https://web.archive.org/web/20230813181452/https://www.bleepingcomputer.com/news/security/uk-gov-keeps-repeating-its-voter-registration-website-is-not-a-scam/
0.0.0.0 householdresponses.com
# https://infosec.exchange/@briankrebs/110889813735728083
0.0.0.0 equity-invest.ch
0.0.0.0 diligere.co.uk
# https://github.com/MetaMask/eth-phishing-detect/pull/13289
0.0.0.0 optimismtokens-drop.com
0.0.0.0 optimisim.io
# https://tria.ge/230815-nlmlmsad73/behavioral1
0.0.0.0 arkhaminteiligence.com
# https://github.com/MetaMask/eth-phishing-detect/pull/13300
# https://github.com/MetaMask/eth-phishing-detect/issues/13297
# https://tria.ge/230815-2pl16sdg78/behavioral1
0.0.0.0 ceramic.gift
# https://github.com/hagezi/dns-blocklists/issues/1440
# https://tria.ge/230817-nq2alaha63/behavioral1
0.0.0.0 seasonsofficial.com
# https://tria.ge/230817-127yqsdh56/behavioral1
0.0.0.0 investmusk.org
# https://github.com/uBlockOrigin/uAssets/issues/19400
# https://tria.ge/230819-nzqkfshe69/behavioral1
0.0.0.0 adblocko-supremo.info
0.0.0.0 video-adblocker.pro
# https://github.com/hagezi/dns-blocklists/issues/1452
0.0.0.0 huuskmesser.de
0.0.0.0 huusk-original.com
# https://www.malwarebytes.com/blog/threat-intelligence/2023/08/wooflocker2
0.0.0.0 api.cloudcachestels.com
0.0.0.0 api.cloudseedzedo.com
0.0.0.0 api.imagecloudsedo.com
0.0.0.0 appcloudzedo.com
0.0.0.0 cdn.contentob.com
0.0.0.0 cdncontentstorage.com
0.0.0.0 cdnpictureasset.com
0.0.0.0 cloudcusersyn.com
0.0.0.0 cloudgertopage.com
0.0.0.0 cloudlogobox.com
0.0.0.0 csscloudstorage.com
0.0.0.0 datacloudasset.com
0.0.0.0 logosvault.com
0.0.0.0 miniassetcloud.com
0.0.0.0 furakelw.com
0.0.0.0 gopilofan.com
0.0.0.0 zemolist.com
0.0.0.0 besoliza.com
0.0.0.0 vedopixt.com
0.0.0.0 defolis.com
0.0.0.0 somawan.com
0.0.0.0 vulidoc.com
0.0.0.0 barustan.com
0.0.0.0 semilupa.com
0.0.0.0 bopiland.com
0.0.0.0 somalics.com
0.0.0.0 sebasong.com
0.0.0.0 molesanu.com
0.0.0.0 xepilondi.com
0.0.0.0 malubana.com
0.0.0.0 beeronas.com
0.0.0.0 lobosixt.com
0.0.0.0 gomoyad.com
# https://github.com/hagezi/dns-blocklists/issues/1458
0.0.0.0 software19797.blogspot.com
# https://github.com/hagezi/dns-blocklists/issues/1457
0.0.0.0 cutty.app
# https://github.com/hagezi/dns-blocklists/issues/1455
0.0.0.0 wintexfashions.com
# https://github.com/AdguardTeam/AdguardFilters/issues/159825
0.0.0.0 i7kctkutdv2c.top
0.0.0.0 confirm.i7kctkutdv2c.top
# https://github.com/AdguardTeam/AdguardFilters/issues/159825#issuecomment-1688865198 (credit to dandelionsprout)
0.0.0.0 ://confirm.*.top^
0.0.0.0 topmoneysurvey.com
0.0.0.0 better-than-tinder.com
0.0.0.0 auvx0i9jzsmi.top
0.0.0.0 awarded-best-vpn.com
0.0.0.0 b4o464st12fk.top
0.0.0.0 b53guzrig84y.top
0.0.0.0 b5vrahtel7sz.top
0.0.0.0 b6xw28ref78r.top
0.0.0.0 best-finance-now.com
0.0.0.0 best-global-apps.com
0.0.0.0 best-hornygirls.com
0.0.0.0 best-official-app.com
0.0.0.0 best-smart-utility.com
0.0.0.0 big-players-club.com
0.0.0.0 big-prizes-site.com
0.0.0.0 big-winnings-spot.com
0.0.0.0 bj99j2au62mm.top
0.0.0.0 btz6uvyfth1d.top
0.0.0.0 bustygirls-online.com
0.0.0.0 by3rw1xh7j6c.top
0.0.0.0 c1r084b6amzz.top
0.0.0.0 c4avwh304gt4.top
0.0.0.0 c6q95rn6j9un.top
0.0.0.0 c8edreiad0nz.top
0.0.0.0 c9nd4gwexaqc.top
0.0.0.0 campwredir.com
0.0.0.0 cehv8gvifhdr.com
0.0.0.0 check-you-device.com
0.0.0.0 chikasinapp.com
0.0.0.0 chualtc2ooie.top
0.0.0.0 cleanpwredir.com
0.0.0.0 cq33llquanhe.top
0.0.0.0 cqm8eg25pw9a.top
0.0.0.0 crazy-win-casino.com
0.0.0.0 cute-wet-babes.com
0.0.0.0 protect-your-phone.com
0.0.0.0 cz66d6c46u7r.top
0.0.0.0 d18u76n9gm98.top
0.0.0.0 d3qav78466c8.top
0.0.0.0 d635s2tbrx2h.top
0.0.0.0 datingpwredir.com
0.0.0.0 dfalfqeqgg22.top
0.0.0.0 dfva60q60acj.top
0.0.0.0 djav8bsp6w6t.top
0.0.0.0 dojyosxipcl9.top
0.0.0.0 dqtt6bkligui.top
0.0.0.0 dreamy-flirt.com
0.0.0.0 ds7w28f1zprz.top
0.0.0.0 dseqcfjne407.top
0.0.0.0 dulxwhqlq2de.top
0.0.0.0 e0pxjz8hh09v.top
0.0.0.0 e3ddj615svxo.top
0.0.0.0 e998mnvdywj6.top
0.0.0.0 e9dzfcnhd11g.top
0.0.0.0 easy-sex-dates.com
0.0.0.0 elq4xg6r2l3w.top
0.0.0.0 erxhbjelx5wv.top
0.0.0.0 eyd4fuc314z7.top
0.0.0.0 f0h509sczmhx.top
0.0.0.0 f1y4q5hm61tv.top
0.0.0.0 f3jxoio03eoe.top
0.0.0.0 f3tc0tyv7ci6.top
0.0.0.0 f90ggj5hvn2r.top
0.0.0.0 fa82zddqmzm2.top
0.0.0.0 fast-growing-app.com
0.0.0.0 fdlqehgguzrd.top
0.0.0.0 fi1qdfk30jwj.top
0.0.0.0 findyourlovesurvey.com
0.0.0.0 fjszwbb85d5o.top
0.0.0.0 fjvlj6v0au7i.top
0.0.0.0 fn0l242jyxkc.top
0.0.0.0 fnhkkel7y3og.top
0.0.0.0 fpz5zj8fn7zv.top
0.0.0.0 free-gifts-onweb.com
0.0.0.0 freebies-take.com
0.0.0.0 fs47vp8old0i.top
0.0.0.0 your-lucky-day.com
0.0.0.0 fuynmttcsohb.top
0.0.0.0 fxu8v4c6mq80.top
0.0.0.0 g2orkb3o40am.top
0.0.0.0 g3k7k37yxjn9.top
0.0.0.0 g534zx7dcasn.top
0.0.0.0 g61daidk439w.top
0.0.0.0 g6xj5yz5wmqv.top
0.0.0.0 g88nlluqxm2m.top
0.0.0.0 g8ik1wf8hi07.top
0.0.0.0 gambpwredir.com
0.0.0.0 gbfnq4g9fhu2.top
0.0.0.0 ggs24fwvaukc.top
0.0.0.0 girls-wants-you.com
0.0.0.0 giveaway-site.com
0.0.0.0 global-app-center.com
0.0.0.0 global-casino-gaming.com
0.0.0.0 gn72tksywb76.top
0.0.0.0 grab-your-money.com
0.0.0.0 gvsi0omsal46.top
0.0.0.0 h1almpsi2013.top
0.0.0.0 h5fxr7ftv7pf.top
0.0.0.0 hadglb7m3jcd.top
0.0.0.0 hd-video-app.com
0.0.0.0 hgbus5retewp.top
0.0.0.0 high-safety-vpn.com
0.0.0.0 hnlw731jqnxp.top
0.0.0.0 horny-neighbour.com
0.0.0.0 hornygirls-onsite.com
0.0.0.0 hornygirlsinapp.com
0.0.0.0 jump-path1.com
0.0.0.0 jump-path2.com
0.0.0.0 redirect-path1.com
0.0.0.0 redirect-path2.com
0.0.0.0 your-online-casino.com
0.0.0.0 hot-girls-around.com
0.0.0.0 hot-pretty-chiks.com
0.0.0.0 hotgirls-around.com
0.0.0.0 how2-become-rich.com
0.0.0.0 hrb30t7c8e0a.top
0.0.0.0 i1q5vfi8w133.top
0.0.0.0 ia2vhygm6fhd.top
0.0.0.0 ifnerenuy32r.top
0.0.0.0 ihvnba9vmh8o.top
0.0.0.0 ii11bbtdf6x0.top
0.0.0.0 ijvicnl9bpru.top
0.0.0.0 indiastream-online.com
0.0.0.0 io49xk3p5p03.top
0.0.0.0 ioxpykszrnda.top
0.0.0.0 irke75qsfkkz.top
0.0.0.0 izk4e35wv8dk.top
0.0.0.0 j1i9weeo2iuo.top
0.0.0.0 j5kokm8bugi1.top
0.0.0.0 javo66gjugr3.top
0.0.0.0 jjsv5goj592a.top
0.0.0.0 jkphv2jsv3ae.top
0.0.0.0 jktcxsfocwm3.top
0.0.0.0 jqyaoe9exubp.top
0.0.0.0 jrl1mj4ab9fm.top
0.0.0.0 js75z0ed6w9t.top
0.0.0.0 juicy-girls-online.com
0.0.0.0 k16af481n0r5.top
0.0.0.0 k3q8yr6p2dvw.top
0.0.0.0 k3r2gowkwuec.top
0.0.0.0 k50pc890tcit.top
0.0.0.0 k7urx21wxrmc.top
0.0.0.0 k8osvhfhm1i7.top
0.0.0.0 kjkiw78ywhvd.top
0.0.0.0 kp75aqithfwt.top
0.0.0.0 kpsvaqnplbq6.top
0.0.0.0 ksr85kcp76k7.top
0.0.0.0 kv5w1ykfk7pm.top
0.0.0.0 kzo6gw8lrw5h.top
0.0.0.0 l0wtzhzx78mw.top
0.0.0.0 l3u51wrm0wkp.top
0.0.0.0 l531z4rzynwq.top
0.0.0.0 l5972t2ufg6l.top
0.0.0.0 l5ibnmd3hris.top
0.0.0.0 l6gh6kg5ykj6.top
0.0.0.0 lch05jsym6a3.top
0.0.0.0 ler2czkh3sv6.top
0.0.0.0 loadingscripts.com
0.0.0.0 love-connectors.com
0.0.0.0 love-territory.com
0.0.0.0 m5zv7tqw0zc7.top
0.0.0.0 maa4ypb079ac.top
0.0.0.0 wheel-of-luck.com
0.0.0.0 mfy486imctot.top
0.0.0.0 mighuuh535pb.top
0.0.0.0 millionaires-secret-site.com
0.0.0.0 mobile-safe-app.com
0.0.0.0 moi1qwhcp7ns.top
0.0.0.0 most-advanced-vpn.com
0.0.0.0 mt2dpmyjzblr.top
0.0.0.0 mu7cmiqx2j20.top
0.0.0.0 my-casino-now.com
0.0.0.0 myma26oprpyz.top
0.0.0.0 mzgc65xkzojz.top
0.0.0.0 na7gykiq187e.top
0.0.0.0 ndj2qgw4afca.top
0.0.0.0 nfwak0enmo0z.top
0.0.0.0 nice-babes-nearby.com
0.0.0.0 nif9frxst27s.top
0.0.0.0 nkfglk0y6r97.top
0.0.0.0 nktlucgpgr7k.top
0.0.0.0 nmfc4k7q4xd2.top
0.0.0.0 nor-pw1.com
0.0.0.0 nor-pw10.com
0.0.0.0 nor-pw11main.com
0.0.0.0 nor-pw12.com
0.0.0.0 nor-pw13.com
0.0.0.0 nor-pw14.com
0.0.0.0 nor-pw15.com
0.0.0.0 nor-pw2.com
0.0.0.0 nor-pw3main.com
0.0.0.0 nor-pw4ad.com
0.0.0.0 nor-pw5.com
0.0.0.0 nor-pw6.com
0.0.0.0 nor-pw7.com
0.0.0.0 nor-pw8.com
0.0.0.0 nor-pw9.com
0.0.0.0 nqezbpv8tzda.top
0.0.0.0 techbytemedia.com
0.0.0.0 ntkb6sddoue1.top
0.0.0.0 nul0szte3l2n.top
0.0.0.0 nvl9nerngpj1.top
0.0.0.0 nz7mhg8micbu.top
0.0.0.0 nz7tn4n5e5vi.top
0.0.0.0 o0m4rp8sjb0g.top
0.0.0.0 o0nerfcw0vsd.top
0.0.0.0 o3kjm9z8g11w.top
0.0.0.0 o3oy5wfla2ez.top
0.0.0.0 o863tmto6ocp.com
0.0.0.0 oc4sjn8ziyt3.top
0.0.0.0 official-video-app.com
0.0.0.0 oj0in172pri5.com
0.0.0.0 online-survey-service.com
0.0.0.0 only-sexy-girls.com
0.0.0.0 oob31oj5tzxz.top
0.0.0.0 oq1lbcapx74f.top
0.0.0.0 oq3vmyauvr0s.top
0.0.0.0 ovajdavqp5px.top
0.0.0.0 ozz7d9lh1n0s.top
0.0.0.0 p2p9zptnpwsq.top
0.0.0.0 p2r2usll1jrq.top
0.0.0.0 p7cd8i0oi8yw.top
0.0.0.0 pd96ptzsjeiv.top
0.0.0.0 perfectbabe4you.com
0.0.0.0 phyn4fpu3sy2.com
0.0.0.0 piit9web0uza.top
0.0.0.0 pjtilt02qs44.top
0.0.0.0 pkm3d2b07do0.top
0.0.0.0 pp0f5ahdp0ao.top
0.0.0.0 pretty-girls-nearby.com
0.0.0.0 privacy-focused-vpn.com
0.0.0.0 prize-collecting-site.com
0.0.0.0 pw-content.com
0.0.0.0 pw-download.com
0.0.0.0 pw-red-ad.com
0.0.0.0 pw-red-main.com
0.0.0.0 pw-red-test.com
0.0.0.0 pw-show-ad.com
0.0.0.0 pw-show-main.com
0.0.0.0 pw-show-test.com
0.0.0.0 pw1waj4wyf35.top
0.0.0.0 pwredir-1.com
0.0.0.0 pwredir-2.com
0.0.0.0 pwredir-3.com
0.0.0.0 pwredir-4.com
0.0.0.0 pwredir-5.com
0.0.0.0 q1icwkripe66.top
0.0.0.0 q3qez4o6axco.top
0.0.0.0 q4rz1bidmknx.top
0.0.0.0 q77r1hu4ybbm.top
0.0.0.0 qmwzaj6opdwn.top
0.0.0.0 qql0iokfr3ha.top
0.0.0.0 qr68f2t20df4.top
0.0.0.0 qvu377cbhhgu.top
0.0.0.0 qxaq9fds4onc.top
0.0.0.0 qxmlg5slb5kl.top
0.0.0.0 qxw6m8aewx0t.top
0.0.0.0 qztkmf1wdo9o.top
0.0.0.0 r3i0a261odm9.top
0.0.0.0 r7ofjdfw6jlk.top
0.0.0.0 ra35m91dc5t6.top
0.0.0.0 rbq9xbepwikk.top
0.0.0.0 rduo2c5e0wbk.top
0.0.0.0 real-hot-profiles.com
0.0.0.0 real-hotbabes.com
0.0.0.0 redir-pw1.com
0.0.0.0 redir-pw10.com
0.0.0.0 redir-pw11.com
0.0.0.0 redir-pw12.com
0.0.0.0 redir-pw13.com
0.0.0.0 redir-pw14.com
0.0.0.0 redir-pw15.com
0.0.0.0 redir-pw2.com
0.0.0.0 redir-pw3main.com
0.0.0.0 redir-pw4ad.com
0.0.0.0 redir-pw5.com
0.0.0.0 redir-pw6.com
0.0.0.0 redir-pw7.com
0.0.0.0 redir-pw8.com
0.0.0.0 redir-pw9.com
0.0.0.0 rich-people-club.com
0.0.0.0 rjlzoo56cbe3.top
0.0.0.0 rl4unur8zam4.top
0.0.0.0 rl8m72ekh2gw.top
0.0.0.0 rpl4c8gqjjvo.top
0.0.0.0 rqe3sng1a868.top
0.0.0.0 rrusb9gs6glf.top
0.0.0.0 rtf3tgamk80d.top
0.0.0.0 ruvwsy8huein.top
0.0.0.0 s2lxwwc6of80.top
0.0.0.0 s45g8tyen11f.top
0.0.0.0 s6kdj237hbeq.top
0.0.0.0 s6n946mpdglq.top
0.0.0.0 sc9fa36nemke.top
0.0.0.0 scf2wlakwrx4.top
0.0.0.0 search-top-videos.com
0.0.0.0 secret-casino-site.com
0.0.0.0 secured-browsing-app.com
0.0.0.0 secured-connect-app.com
0.0.0.0 shoppwredir.com
0.0.0.0 sid53j82a1az.top
0.0.0.0 sivt0uo3es6m.top
0.0.0.0 siwuowtsokbp.top
0.0.0.0 sk2wb60ksmby.top
0.0.0.0 smso3ojywl3d.top
0.0.0.0 som9lrmw0unu.top
0.0.0.0 stay-secured-online.com
0.0.0.0 stay-virus-free.com
0.0.0.0 strip-hotbabes.com
0.0.0.0 super-protection-app.com
0.0.0.0 sv3kausmasgz.top
0.0.0.0 sweet-alone-girls.com
0.0.0.0 t0anbvx61s12.top
0.0.0.0 t2eke74qawse.top
0.0.0.0 t35d60ot6oi7.top
0.0.0.0 tdtcrzpnp309.top
0.0.0.0 testpwredir.com
0.0.0.0 thdg8po3j9gu.top
0.0.0.0 three-hundred-bucks.com
0.0.0.0 tjpihtcs4oo4.top
0.0.0.0 tm44074rzbu9.top
0.0.0.0 tn1kzdbvbqxq.top
0.0.0.0 top-awarded-app.com
0.0.0.0 top-betting-now.com
0.0.0.0 top-cleaner-app.com
0.0.0.0 top-gambling-spot.com
0.0.0.0 top-mobile-scanner.com
0.0.0.0 top-safest-vpn.com
0.0.0.0 top-secure-app.com
0.0.0.0 top-store-app.com
0.0.0.0 top-trend-app.com
0.0.0.0 top-video-content.com
0.0.0.0 top-wealth-secrets.com
0.0.0.0 top-web-secure.com
0.0.0.0 topwebportals.com
0.0.0.0 tsl8sy9ptu2i.top
0.0.0.0 tuyzyhchca01.top
0.0.0.0 tvbj45bi37ef.top
0.0.0.0 tvcrqp3zqfkn.top
0.0.0.0 u01s8m85xab9.top
0.0.0.0 u284afs2eylf.top
0.0.0.0 u2s71o09ajg2.top
0.0.0.0 u59dbzvklesf.top
0.0.0.0 u9cd76h74g34.top
0.0.0.0 uiffp09naazq.top
0.0.0.0 um0qh3tdiosr.top
0.0.0.0 updar0twsq6q.top
0.0.0.0 ur9vc9turqw8.top
0.0.0.0 urzv6ih2xswt.top
0.0.0.0 users-choice-app.com
0.0.0.0 utipwredir.com
0.0.0.0 uvvpn5h92x2t.top
0.0.0.0 uz8avf38y2zw.top
0.0.0.0 v22nxrdx9ocd.top
0.0.0.0 v3ubcy23nuym.top
0.0.0.0 v5herke93uu7.top
0.0.0.0 v5wvs843f2pt.top
0.0.0.0 ves0kz2gk9b8.top
0.0.0.0 video-streaming-app.com
0.0.0.0 vlw86oaf5962.top
0.0.0.0 vpbxq51rppi1.top
0.0.0.0 vpeybsuirx7z.top
0.0.0.0 vpn-risk-free.com
0.0.0.0 vppwredir.com
0.0.0.0 vwpfcn5yhlsb.top
0.0.0.0 vz6miiowvo2t.top
0.0.0.0 w01cpyjvdzmt.top
0.0.0.0 w0y16anfv1jz.top
0.0.0.0 w1e39n8e20dw.top
0.0.0.0 w1r493omajx4.top
0.0.0.0 w2bij7b58m50.top
0.0.0.0 w2emkqnl3ss9.top
0.0.0.0 w6rpcnmyqcti.top
0.0.0.0 w78uqmbdgdkt.top
0.0.0.0 wbbc2emhybvk.top
0.0.0.0 web-protected-app.com
0.0.0.0 weizu3h4dvb9.top
0.0.0.0 wfkcsq63ivcm.top
0.0.0.0 win-big-here.com
0.0.0.0 winwin-raffle.com
0.0.0.0 your-finance-now.com
0.0.0.0 your-survey-services.com
# https://github.com/durablenapkin/scamblocklist/issues/63
0.0.0.0 summersale.online
# https://github.com/hagezi/dns-blocklists/issues/1469
0.0.0.0 crackedkey.org
# https://github.com/hagezi/dns-blocklists/issues/1470
0.0.0.0 mixcrack.net
# https://github.com/hagezi/dns-blocklists/issues/1471
0.0.0.0 kingsoftz.com
# https://github.com/hagezi/dns-blocklists/issues/1476
0.0.0.0 msm-coop.co.uk
# https://forums.malwarebytes.com/topic/301587-adware-not-recognized-or-deleted/
0.0.0.0 presonsinatize.com
# https://tria.ge/230828-zyzbraga22/behavioral1
0.0.0.0 push-ebfhafd-6311.boustahe.com
0.0.0.0 nomadsfit.com
0.0.0.0 mackledcity.com
0.0.0.0 onebiensillc.com
0.0.0.0 wejds.co.in
0.0.0.0 1c6d7sl37a5xsd90.wejds.co.in
0.0.0.0 1c358sl37a69r073.wejds.co.in
0.0.0.0 apedodo8.fun
0.0.0.0 derytc.click
0.0.0.0 /light/av/nrtn03/index.php?lpkey=
# https://tria.ge/230913-mb6fbsdh42/behavioral1
0.0.0.0 65432qn1mftejdb6.wejds.co.in
0.0.0.0 0f4a1qn1m3znt18d.wejds.co.in
# subdomains: https://virustotal.com/gui/domain/wejds.co.in/relations
0.0.0.0 cc7ccqn52c82t729.wejds.co.in
0.0.0.0 0478dqncifndu16f.wejds.co.in
0.0.0.0 d1140e8j6g6e8491.wejds.co.in
0.0.0.0 ca767e8159zho44f.wejds.co.in
0.0.0.0 ba209g6a8sysc965.wejds.co.in
0.0.0.0 b5761e8ho9zuq301.wejds.co.in
0.0.0.0 dcc42duzwg617bc1.wejds.co.in
0.0.0.0 62ca0e8xsgxfy621.wejds.co.in
0.0.0.0 9c65ee8q5u3tl707.wejds.co.in
0.0.0.0 03546g63vib7s1f8.wejds.co.in
0.0.0.0 eb3fdg6qe1zx9e5d.wejds.co.in
0.0.0.0 85799g65mm7qe22f.wejds.co.in
0.0.0.0 becdbdup2a44k5b8.wejds.co.in
0.0.0.0 09e7bdud5hqj24d8.wejds.co.in
0.0.0.0 433badu9rb415cfc.wejds.co.in
0.0.0.0 9b853dugmfy6j373.wejds.co.in
0.0.0.0 517dcx91nrnbzcbc.wejds.co.in
0.0.0.0 689basl7swffye9d.wejds.co.in
0.0.0.0 663169zdum7wf642.wejds.co.in
0.0.0.0 9977b9zsc8ra63d2.wejds.co.in
0.0.0.0 33ead9zu3gx8r71f.wejds.co.in
0.0.0.0 a1d189zqdtla3965.wejds.co.in
0.0.0.0 4066f15e87vpm4d2.wejds.co.in
0.0.0.0 a7fd8j2ikhooc399.wejds.co.in
0.0.0.0 53a45j21zgxbge68.wejds.co.in
0.0.0.0 eaaf2j2fnp2ira2b.wejds.co.in
0.0.0.0 0af0cj217a9fnb0b.wejds.co.in
0.0.0.0 daa5doctlcint073.wejds.co.in
0.0.0.0 3fb3coc4kci3zf4e.wejds.co.in
0.0.0.0 d5a1foca4qn8p231.wejds.co.in
0.0.0.0 6ae094pc8pmho817.wejds.co.in
0.0.0.0 fce824pydg5e8ae5.wejds.co.in
0.0.0.0 03b5f4pnt2tdua14.wejds.co.in
0.0.0.0 f72a04pu3a3us28d.wejds.co.in
0.0.0.0 3e20f4p2tftfy00a.wejds.co.in
0.0.0.0 9eb7cwhg69rsy719.wejds.co.in
0.0.0.0 f9a9cwh374k525bf.wejds.co.in
0.0.0.0 b5eaewhuotwqn39b.wejds.co.in
0.0.0.0 5e309whbz3vvc67c.wejds.co.in
0.0.0.0 babetluo4p8w7e5.wejds.co.in
0.0.0.0 30babktqdghj2cb3.wejds.co.in
0.0.0.0 06709ktcihe1n8da.wejds.co.in
0.0.0.0 c017ekt16g6x9c93.wejds.co.in
0.0.0.0 3b2a3ktgxtla029d.wejds.co.in
0.0.0.0 0f5e3kta6a03744c.wejds.co.in
0.0.0.0 e999bfya5ft7ve4e.wejds.co.in
0.0.0.0 74b7fxrhopmb4852.wejds.co.in
0.0.0.0 45da6ibib4me2698.wejds.co.in
0.0.0.0 5956dm7uquovc6ee.wejds.co.in
0.0.0.0 772c2ibc8a1ghf87.wejds.co.in
0.0.0.0 6753fiboja8uo167.wejds.co.in
0.0.0.0 0b31f3vft15us8a7.wejds.co.in
0.0.0.0 816fe3vy9sy4k2d6.wejds.co.in
0.0.0.0 64511uooca2tlb01.wejds.co.in
0.0.0.0 fda36uoqq9la4935.wejds.co.in
0.0.0.0 63df6uoe8g5b4f8e.wejds.co.in
0.0.0.0 e995fuo8pqebzcaf.wejds.co.in
0.0.0.0 d3708uousscgmb53.wejds.co.in
0.0.0.0 c67a6fv7sqn1n05f.wejds.co.in
0.0.0.0 1ce9dfvbgfnm734d.wejds.co.in
0.0.0.0 40974fv9ra0m7caa.wejds.co.in
0.0.0.0 518b5fva1m7sl3cc.wejds.co.in
0.0.0.0 fe850fvgxj6uq8cb.wejds.co.in
0.0.0.0 71703ik1mdva837c.wejds.co.in
0.0.0.0 4583eik1mxo17240.wejds.co.in
0.0.0.0 75644ik6jxoq57f3.wejds.co.in
0.0.0.0 2b533iklp8ptl1fc.wejds.co.in
0.0.0.0 ce518rn3vntg5b06.wejds.co.in
0.0.0.0 1d8f7rna3a615187.wejds.co.in
0.0.0.0 efe2a37e837kt1cb.wejds.co.in
0.0.0.0 0b97f37dve8ike1b.wejds.co.in
0.0.0.0 12d7137ira6oc683.wejds.co.in
0.0.0.0 5f351372tojus567.wejds.co.in
0.0.0.0 f863d46myh9u34a7.wejds.co.in
0.0.0.0 66afbx9ocsysy988.wejds.co.in
0.0.0.0 e932asy1za5527af.wejds.co.in
0.0.0.0 2ad3dx9us16a74ff.wejds.co.in
0.0.0.0 ae3baejg6qn46094.wejds.co.in
0.0.0.0 8aa48sy7vlp1me37.wejds.co.in
0.0.0.0 50ceaeja1a3a394d.wejds.co.in
0.0.0.0 ae8d1c8myxrqe931.wejds.co.in
0.0.0.0 c7524tla1ghej592.wejds.co.in
0.0.0.0 9b089c88rqej619d.wejds.co.in
0.0.0.0 4f07ftlqqbzib86f.wejds.co.in
0.0.0.0 9a0d1tl4kfvuq471.wejds.co.in
0.0.0.0 c3060p2g6a58w074.wejds.co.in
0.0.0.0 d2d79p29zk2usc88.wejds.co.in
0.0.0.0 c8ddap2b7uq4p35e.wejds.co.in
0.0.0.0 2174746467vb7e0a.wejds.co.in
0.0.0.0 996bc465m16my3f9.wejds.co.in
0.0.0.0 97e2d46a1myuo949.wejds.co.in
0.0.0.0 e3cca1m4pb4ft86b.wejds.co.in
0.0.0.0 5f3f81mx9pmdva73.wejds.co.in
0.0.0.0 da6d21mej46fv638.wejds.co.in
0.0.0.0 d9b191mfta5occec.wejds.co.in
0.0.0.0 37f031mlp3zik447.wejds.co.in
# https://tria.ge/230830-l7yjxseb6z/behavioral1
0.0.0.0 push-ebfhafd-5643.boustahe.com
0.0.0.0 succyarthyry.com
0.0.0.0 foldedabstinenceconsole.com
0.0.0.0 unkinerecle.com
0.0.0.0 shwomettleye.com
0.0.0.0 unbalterce.com
0.0.0.0 gougenoticei.com
0.0.0.0 sys.donecperficiam.net
0.0.0.0 ww3.keytrack.site
0.0.0.0 nomadsbrand.com
# https://tria.ge/230831-zcwzhaad59/behavioral1
0.0.0.0 system-notify.app
0.0.0.0 aroidssolutions.com
0.0.0.0 thearoids.com
0.0.0.0 paladiact.com
0.0.0.0 onebiensicenter.com
0.0.0.0 pupspu.com
0.0.0.0 cramlexad.com
0.0.0.0 aug3120.rednewly.com
0.0.0.0 browsekeeper.com
# https://github.com/hagezi/dns-blocklists/issues/1512
0.0.0.0 daftar-binomo.website
0.0.0.0 online-binomo.com
0.0.0.0 binomo-id.pro
0.0.0.0 binomoindonesia.com
0.0.0.0 www.binomoweb.org
0.0.0.0 www.binomo.vip
0.0.0.0 binomoweblogin.com
0.0.0.0 binomo2022.net
0.0.0.0 www.binom0-web.com
0.0.0.0 binomorupiah-id.com
0.0.0.0 binomo.broker
0.0.0.0 binomo-brokers.com
# https://github.com/durablenapkin/scamblocklist/issues/64
0.0.0.0 coinreq.com
# https://tria.ge/230909-m91mqsaf82/behavioral1
0.0.0.0 uplevelrewards.com
0.0.0.0 www.uplevelrewards.com
0.0.0.0 liveappsearch.com
0.0.0.0 www.liveappsearch.com
0.0.0.0 oasoomsa.top
0.0.0.0 wholedailyjournal.com
0.0.0.0 fubsoupt.top
0.0.0.0 adblocked-supreme.net
# https://forums.malwarebytes.com/topic/302090-virus-found-malware/
0.0.0.0 guartian.co.in
# https://tria.ge/230909-tghd1scd3y/behavioral1
0.0.0.0 5hgawd5145.monster
0.0.0.0 another-seem.monster
0.0.0.0 ptbqre.com
0.0.0.0 datinghere-top.life
0.0.0.0 h.datingcentral.top
0.0.0.0 cuddleyadmire.com
0.0.0.0 mcaverify.click
0.0.0.0 www.mcaverify.click
# https://github.com/StevenBlack/hosts/issues/2436
0.0.0.0 w61.1piecemanga.com
0.0.0.0 fbet.com
0.0.0.0 onwardrespirationcommandment.com
# my analysis: https://tria.ge/230910-pysh4ahb47/behavioral1
# my analysis: https://tria.ge/230910-py86vahb49/behavioral1
0.0.0.0 stemboastfulrattle.com
0.0.0.0 odesbest.com
0.0.0.0 loadoverlylatestinfo-program.info
# https://github.com/AdguardTeam/AdguardFilters/issues/161349
# https://tria.ge/230913-mb6fbsdh42/behavioral1
0.0.0.0 /light/qfhupj/index.php?lpkey=
0.0.0.0 rtmladweb.com
0.0.0.0 best-pc-protect.xyz
# https://tria.ge/230914-mn75paeb34/behavioral1
0.0.0.0 odessystems.com
0.0.0.0 saniceproxic.com
0.0.0.0 derryneeptedle.com
# https://web.archive.org/web/20230918040019/https://www.bleepingcomputer.com/news/security/tiktok-flooded-by-elon-musk-cryptocurrency-giveaway-scams/
0.0.0.0 bitoxies.com
0.0.0.0 moonexio.com
0.0.0.0 altgetxio.com
0.0.0.0 cratopex.com
# https://tria.ge/231002-nhasnsbb63
0.0.0.0 allsidesguide.com
0.0.0.0 realxavounow.com
0.0.0.0 sulkvulnerableexpecting.com
0.0.0.0 reenethoname.com
0.0.0.0 rhoramegarate.com
0.0.0.0 secondquaver.com
0.0.0.0 gentlynudegranny.com
0.0.0.0 ramlexdigital.com
# https://github.com/hagezi/dns-blocklists/issues/1658
# my analysis: https://tria.ge/231004-p3e4kabg8t/behavioral1
0.0.0.0 z-lib.is
# https://www.reddit.com/r/zlibrary/comments/16xtm67/if_you_cannot_download_any_books_then_youre_on/
0.0.0.0 zlib.is
0.0.0.0 zlib.to
0.0.0.0 zlibrary.to
0.0.0.0 zlibrary.is
0.0.0.0 z-lib.to
0.0.0.0 z-lib.io
# https://github.com/hagezi/dns-blocklists/issues/1662
0.0.0.0 bridgelinering.com
0.0.0.0 show.bridgelinering.com
0.0.0.0 go.bridgelinering.com
0.0.0.0 daynitroglass.com
# https://tria.ge/231005-2c2abshf76/behavioral1
0.0.0.0 2ntrfi.torixibre.com
0.0.0.0 invv7n.torixibre.com
0.0.0.0 /av_sw.js?uid=*-*-*-*-*&sid=*-*-*-*-*&sd=*==
0.0.0.0 /click.php?key=*&zone_id=

0.0.0.0 /landers/mcafee_mac_os_scanner_multilang/alert.png|
# https://tria.ge/231005-2pvy3sff9v/behavioral1
0.0.0.0 keyimaginarycomprise.com
0.0.0.0 loadoriginalintenselyinfo-program.info
# https://github.com/hagezi/dns-blocklists/issues/1724
0.0.0.0 healy.world
0.0.0.0 healyworld.net
0.0.0.0 healy.shop
# https://tria.ge/231021-mvvg6sff95/behavioral1
0.0.0.0 getforupgradeandstabilizefree.click
0.0.0.0 setupnow.getforupgradeandstabilizefree.click
0.0.0.0 downloads-101.com
0.0.0.0 mafens.xyz
0.0.0.0 .xyz/74ko/7.html?cep=
0.0.0.0 .xyz/74ko/files/images/action_3.gif|
# https://infosec.exchange/@iampytest1/111270258079028453
0.0.0.0 metachartview.com
0.0.0.0 metatradebox.net
# https://github.com/hagezi/dns-blocklists/issues/1760
0.0.0.0 adidassuomi-fi.com
0.0.0.0 alohasfinland.com
0.0.0.0 alohas-suomi.com
0.0.0.0 alohassuomi.com
0.0.0.0 altrafi.com
0.0.0.0 altrafinland.com
0.0.0.0 altrahelsinki.com
0.0.0.0 altrasuomi.com
0.0.0.0 altrasuomifi.com
0.0.0.0 altrasuomioutlet.com
0.0.0.0 altrasuomishop.com
0.0.0.0 arcteryxfi.com
0.0.0.0 arcteryxfinland.com
0.0.0.0 arcteryxoutletsuomi.com
0.0.0.0 arcteryxsuomiale.com
0.0.0.0 asicsale.com
0.0.0.0 asicsfi.com
0.0.0.0 asics-finland.com
0.0.0.0 asicsfinlandoutlets.com
0.0.0.0 asicsfi-suomi.com
0.0.0.0 asicshelsinki.com
0.0.0.0 asicshelsinki.net
0.0.0.0 asicsoutlet-suomi.com
0.0.0.0 asicsoutletsuomi.com
0.0.0.0 asics-suomi.com
0.0.0.0 asicssuomi.com
0.0.0.0 asicssuomioutlet.com
0.0.0.0 balmain-suomi.com
0.0.0.0 balmainsuomi.com
0.0.0.0 balmainsuomishop.com
0.0.0.0 canada-gymshark.com
0.0.0.0 carhartt-suomi.com
0.0.0.0 carharttsuomi.com
0.0.0.0 caterpillarfi.com
0.0.0.0 caterpillar-finland.com
0.0.0.0 caterpillarinsuomi.com
0.0.0.0 caterpillar-suomi.com
0.0.0.0 caterpillarsuomi.com
0.0.0.0 caterpillarsuomifi.com
0.0.0.0 championhelsinki.com
0.0.0.0 champion-suomi.com
0.0.0.0 championsuomi.com
0.0.0.0 columbiakengatsuomi.com
0.0.0.0 columbia-suomi.com
0.0.0.0 columbiasuomi-fi.com
0.0.0.0 columbiasuomifi.com
0.0.0.0 columbiasuomioutlet.com
0.0.0.0 columbiasuomis.com
0.0.0.0 comfitunderwear-suomi.com
0.0.0.0 converseale.com
0.0.0.0 conversealesuomi.com
0.0.0.0 conversefi.com
0.0.0.0 conversehelsinki.com
0.0.0.0 converseinsuomi.com
0.0.0.0 converseoutlethelsinki.com
0.0.0.0 converseoutlet-suomi.com
0.0.0.0 converseoutletsuomi.com
0.0.0.0 converse-suomi.com
0.0.0.0 conversesuomi.com
0.0.0.0 conversesuomi.net
0.0.0.0 conversesuomioutlet.com
0.0.0.0 conversexsuomi.com
0.0.0.0 crossfitsuomi.co
0.0.0.0 crossfitsuomi.com
0.0.0.0 demonia-finland.com
0.0.0.0 demoniafinland.com
0.0.0.0 demoniasuomi.com
0.0.0.0 demoniasuomi.net
0.0.0.0 demoniasuomioutlet.com
0.0.0.0 desigual-suomi.com
0.0.0.0 desigualsuomi.com
0.0.0.0 desigualsuomi.net
0.0.0.0 dopeoutletsuomi.com
0.0.0.0 dopesnow-finland.com
0.0.0.0 dopesnowfinland.com
0.0.0.0 dopesnow-suomi.com
0.0.0.0 dopesnowsuomi.com
0.0.0.0 dopesnowsuomi-fi.com
0.0.0.0 dope-suomi.com
0.0.0.0 dopesuomi.com
0.0.0.0 dopesuomi-fi.com
0.0.0.0 dopetakki.com
0.0.0.0 dopetakki-suomi.com
0.0.0.0 dopetakkisuomi.com
0.0.0.0 dubarrysuomi.com
0.0.0.0 eccooutlet-suomi.com
0.0.0.0 eccooutletsuomi.com
0.0.0.0 eccooutletsuomis.com
0.0.0.0 ecco-suomi.com
0.0.0.0 eccosuomi.com
0.0.0.0 eccosuomi.net
0.0.0.0 eccosuomioutlet.com
0.0.0.0 fjallravenoutletsuomi.com
0.0.0.0 fjallraven-suomi.com
0.0.0.0 fjallravensuomi.com
0.0.0.0 footjoy-finland.com
0.0.0.0 footjoyssuomi.com
0.0.0.0 footjoy-suomi.com
0.0.0.0 footjoysuomi.com
0.0.0.0 freedommoses-suomi.com
0.0.0.0 freedommosessuomi.com
0.0.0.0 gforefinland.com
0.0.0.0 gfore-suomi.com
0.0.0.0 gforesuomi.com
0.0.0.0 gforesuomi.net
0.0.0.0 groundies-finland.com
0.0.0.0 groundiesfinland.com
0.0.0.0 groundiesinsuomi.com
0.0.0.0 groundiesoutletsuomi.com
0.0.0.0 groundiessuomioutlet.com
0.0.0.0 gym-shark.co.za
0.0.0.0 gymshark.com.hr
0.0.0.0 gymsharkale.com
0.0.0.0 gymsharkalesuomi.com
0.0.0.0 gymsharkar.com
0.0.0.0 gymsharkauckland.com
0.0.0.0 gymsharkaustralia-au.com
0.0.0.0 gymsharkaustraliastores.com
0.0.0.0 gymsharkbutikkoslo.com
0.0.0.0 gym-shark-canada.com
0.0.0.0 gymsharkcanadafactoryoutlet.com
0.0.0.0 gymsharkcanadastore.com
0.0.0.0 gymsharkcolombia-co.com
0.0.0.0 gymsharkcz.cz
0.0.0.0 gymsharkczsale.com
0.0.0.0 gymshark-cz-shop.com
0.0.0.0 gymsharkczshop.cz
0.0.0.0 gym-shark-danmark.com
0.0.0.0 gymsharkdanmark.com
0.0.0.0 gymsharkdublin.com
0.0.0.0 gym-shark-egypt.com
0.0.0.0 gymsharkeufinland.com
0.0.0.0 gymshark-fi.com
0.0.0.0 gymsharkfi.com
0.0.0.0 gymshark-finland.com
0.0.0.0 gymsharkfinland.com
0.0.0.0 gym-sharkgreece.com
0.0.0.0 gym-shark-hungary.com
0.0.0.0 gymsharkhungarystore.com
0.0.0.0 gymsharkieonline.com
0.0.0.0 gym-shark-india.com
0.0.0.0 gymsharkindiashops.com
0.0.0.0 gymsharkinsingapore.com
0.0.0.0 gymsharkinsouthafrica.co.za
0.0.0.0 gymsharkinus.com
0.0.0.0 gym-shark-italia.com
0.0.0.0 gymshark-italia.com
0.0.0.0 gym-sharkmexico.com.mx
0.0.0.0 gymsharkmexicostore.com
0.0.0.0 gymsharkmexicotiendas.com.mx
0.0.0.0 gymshark-no.com
0.0.0.0 gym-sharknorge.com
0.0.0.0 gymsharknzsale.com
0.0.0.0 gymsharkostereichs.com
0.0.0.0 gymshark-osterreich.at
0.0.0.0 gymsharkosterreichshop.com
0.0.0.0 gymsharkoutletsuomi.com
0.0.0.0 gymsharkoutletwebsite.com
0.0.0.0 gymsharkperu.com
0.0.0.0 gym-shark-philippines.com
0.0.0.0 gymsharkportugalstore.com
0.0.0.0 gymsharkpt.com
0.0.0.0 gym-shark-romania.com
0.0.0.0 gymsharksbelgie.com
0.0.0.0 gymsharksbudapest.com
0.0.0.0 gym-shark-schweiz.com
0.0.0.0 gymsharkshop.cz
0.0.0.0 gym-sharksingapore.com
0.0.0.0 gymsharksingaporeshop.com
0.0.0.0 gymshark-sk.sk
0.0.0.0 gymsharkslovenijaeu.com
0.0.0.0 gymsharkslovensko.sk
0.0.0.0 gymsharksnorge.com
0.0.0.0 gymsharksouthafrica.com
0.0.0.0 gymsharkspainstore.com
0.0.0.0 gymsharkssuomi.com
0.0.0.0 gymsharkssverige.com
0.0.0.0 gymsharkstore.com.au
0.0.0.0 gymsharkstoreindia.com
0.0.0.0 gymsharkstorenyc.com
0.0.0.0 gym-shark-suomi.com
0.0.0.0 gym-sharksuomi.com
0.0.0.0 gymshark-suomi.com
0.0.0.0 gymsharksuomi.com
0.0.0.0 gymshark-suomiale.com
0.0.0.0 gymsharksuomiale.com
0.0.0.0 gymshark-suomi-fi.com
0.0.0.0 gymsharksuomi-fi.com
0.0.0.0 gymsharksuomifi.com
0.0.0.0 gymsharksuomioutlet.com
0.0.0.0 gymsharksuomishop.com
0.0.0.0 gymshark-sweden.com.se
0.0.0.0 gym-shark-turkiye.com
0.0.0.0 gymshark-turkiye-tayt.com
0.0.0.0 gym-sharkuaestore.com
0.0.0.0 gymshark-uk.com
0.0.0.0 gymsharkukoutlet.com
0.0.0.0 gymshark-uk-sale.com
0.0.0.0 gymsharkwinkel.com
0.0.0.0 gymsharkzagreb.com
0.0.0.0 gymsharkzurich.com
0.0.0.0 haglofsoutlethelsinki.com
0.0.0.0 haglofsoutletsuomi.com
0.0.0.0 haglofssuomifi.com
0.0.0.0 hanwag-suomi.com
0.0.0.0 hanwagsuomi.com
0.0.0.0 hanwagsuomi.net
0.0.0.0 hellyhansen-fi.com
0.0.0.0 hellyhansenfinland.com
0.0.0.0 hellyhansenoutletsuomi.com
0.0.0.0 hellyhansen-suomi.com
0.0.0.0 hellyhansensuomi.com
0.0.0.0 hellyhansensuomi.net
0.0.0.0 hokaale.com
0.0.0.0 hoka-finland.com
0.0.0.0 hokasuomi.com
0.0.0.0 hokasuomifi.com
0.0.0.0 icebugfinland.com
0.0.0.0 icebugfioutlet.com
0.0.0.0 icebugsfioutlet.com
0.0.0.0 icebugsuomi.com
0.0.0.0 icebugsuomi.net
0.0.0.0 ilsejacobsen-suomi.com
0.0.0.0 ilsejacobsensuomi.com
0.0.0.0 inov-8-suomi.com
0.0.0.0 inov-8suomi.com
0.0.0.0 jomafinland.com
0.0.0.0 joma-suomi.com
0.0.0.0 jomasuomi.com
0.0.0.0 kamikfinland.com
0.0.0.0 kamik-suomi.com
0.0.0.0 kamiksuomi.com
0.0.0.0 kamiksuomi.net
0.0.0.0 kappafi.com
0.0.0.0 kappa-suomi.com
0.0.0.0 kappasuomi.com
0.0.0.0 karhulenkkaritale.com
0.0.0.0 karhulenkkarithelsinki.com
0.0.0.0 kedsoutletsuomi.com
0.0.0.0 keds-suomi.com
0.0.0.0 kedssuomi.com
0.0.0.0 kedssuomishop.com
0.0.0.0 kickersfinland.com
0.0.0.0 kickers-suomi.com
0.0.0.0 kickerssuomi.com
0.0.0.0 legoale.com
0.0.0.0 legosuomi.com
0.0.0.0 loake-suomi.com
0.0.0.0 loakesuomi.com
0.0.0.0 loakesuomioutlet.com
0.0.0.0 lojagymsharkportugal.com
0.0.0.0 lornajane-suomi.com
0.0.0.0 lornajanesuomi.com
0.0.0.0 lornajanesuomi.net
0.0.0.0 louboutin-finland.com
0.0.0.0 louboutin-suomi.com
0.0.0.0 mizunofi.com
0.0.0.0 mizuno-finland.com
0.0.0.0 mizunofinland.com
0.0.0.0 mizunossuomi.com
0.0.0.0 mizuno-suomi.com
0.0.0.0 mizuno-suomis.com
0.0.0.0 mizunosuomishop.com
0.0.0.0 moonbootfi.com
0.0.0.0 moonbootfinland.com
0.0.0.0 moonboothelsinki.com
0.0.0.0 moonbootssuomi.com
0.0.0.0 moonboot-suomi.com
0.0.0.0 moonbootsuomi.com
0.0.0.0 moonbootsuomi.net
0.0.0.0 muckbootale.com
0.0.0.0 muckbootinsuomi.com
0.0.0.0 muckboots-suomi.com
0.0.0.0 muckbootssuomi.com
0.0.0.0 muckboot-suomi.com
0.0.0.0 muckbootsuomi.com
0.0.0.0 nautica-suomi.com
0.0.0.0 nauticasuomi.com
0.0.0.0 nikealesuomi.com
0.0.0.0 nikefinland.com
0.0.0.0 nikeinsuomi.com
0.0.0.0 nikeoutletsuomi.com
0.0.0.0 nikesuomi.com
0.0.0.0 nikesuomi.net
0.0.0.0 nikesuomi-fi.com
0.0.0.0 nikesuomioutlet.com
0.0.0.0 nikesuomishop.com
0.0.0.0 olukaifi.com
0.0.0.0 olukai-suomi.com
0.0.0.0 olukaisuomi.com
0.0.0.0 osirisfi.com
0.0.0.0 osirissuomi.com
0.0.0.0 ospreyfinland.com
0.0.0.0 osprey-suomi.com
0.0.0.0 ospreysuomi.com
0.0.0.0 ospreysuomi.net
0.0.0.0 outletadidas.com
0.0.0.0 outletadidasfi.com
0.0.0.0 outletarcteryx.com
0.0.0.0 outletcarhartt.com
0.0.0.0 outletconverse.com
0.0.0.0 outletdopesnow.com
0.0.0.0 outlethellyhansen.com
0.0.0.0 outletjoma.com
0.0.0.0 outletlego.com
0.0.0.0 outletmizuno.com
0.0.0.0 outletmuckboot.com
0.0.0.0 outletosprey.com
0.0.0.0 outletregatta.com
0.0.0.0 outletsalomon.com
0.0.0.0 outletveja.com
0.0.0.0 outletversace.com
0.0.0.0 palladiumfi.com
0.0.0.0 palladiumfinland.com
0.0.0.0 palladiumhelsinki.com
0.0.0.0 palladiumoutletsuomi.com
0.0.0.0 palladium-suomi.com
0.0.0.0 palladiumsuomi.com
0.0.0.0 palladiumsuomishop.com
0.0.0.0 persol-suomi.com
0.0.0.0 pleaserssuomi.com
0.0.0.0 pleasersuomi.com
0.0.0.0 puma-fi.com
0.0.0.0 pumafi.com
0.0.0.0 puma-finland.com
0.0.0.0 pumafinland.com
0.0.0.0 pumafi-suomi.com
0.0.0.0 pumainsuomi.com
0.0.0.0 pumaoutlet-suomi.com
0.0.0.0 puma-suomi.com
0.0.0.0 pumasuomi.com
0.0.0.0 pumasuomi.net
0.0.0.0 pumasuomiale.com
0.0.0.0 pumasuomioutlet.com
0.0.0.0 pumasuomis.com
0.0.0.0 redwing-suomi.com
0.0.0.0 redwingsuomi.com
0.0.0.0 regatta-suomi.com
0.0.0.0 regattasuomi.com
0.0.0.0 restockssuomi.com
0.0.0.0 rvca-suomi.com
0.0.0.0 rvcasuomi.com
0.0.0.0 salmingale.com
0.0.0.0 salmingsuomi.com
0.0.0.0 salomonalesuomi.com
0.0.0.0 salomon-finland.com
0.0.0.0 salomonfinland.com
0.0.0.0 salomonhelsinki.com
0.0.0.0 salomonoutletfi.com
0.0.0.0 salomonoutlethelsinki.com
0.0.0.0 salomonssuomi.com
0.0.0.0 salomon--suomi.com
0.0.0.0 salomon-suomi.com
0.0.0.0 salomonsuomi.com
0.0.0.0 salomon-suomiale.com
0.0.0.0 salomonsuomi-fi.com
0.0.0.0 salomonsuomihuijaus.com
0.0.0.0 salomonsuomioutlet.com
0.0.0.0 salomonsuomishop.com
0.0.0.0 samsonite-suomi.com
0.0.0.0 samsonitesuomi.com
0.0.0.0 samsonitesuomi.net
0.0.0.0 sanukale.com
0.0.0.0 sanukfinland.com
0.0.0.0 sanuk-suomi.com
0.0.0.0 sanuksuomi.com
0.0.0.0 sanuksuomi.net
0.0.0.0 sendra-suomi.com
0.0.0.0 sendrasuomi.com
0.0.0.0 sendrasuomi.net
0.0.0.0 sendrasuomioutlet.com
0.0.0.0 sendrasuomis.com
0.0.0.0 skimsale.com
0.0.0.0 skims-suomi.com
0.0.0.0 skimssuomi.com
0.0.0.0 skimssuomi.net
0.0.0.0 skimssuomiale.com
0.0.0.0 supergafi.com
0.0.0.0 superga-finland.com
0.0.0.0 superga-suomi.com
0.0.0.0 supergasuomi.com
0.0.0.0 tedbakerale.com
0.0.0.0 tedbakerfinland.com
0.0.0.0 tedbakeroutletsuomi.com
0.0.0.0 tedbaker-suomi.com
0.0.0.0 tedbakersuomi.net
0.0.0.0 tevafi.com
0.0.0.0 teva-finland.com
0.0.0.0 tevafinland.com
0.0.0.0 tevahelsinki.com
0.0.0.0 tevaoutletsuomi.com
0.0.0.0 tevassuomi.com
0.0.0.0 tevasuomi.com
0.0.0.0 timberlandfi.com
0.0.0.0 timberland-finland.com
0.0.0.0 timberlandfi-suomi.com
0.0.0.0 timberlandhelsinki.com
0.0.0.0 timberlandoutletfi.com
0.0.0.0 timberlandoutlethelsinki.com
0.0.0.0 timberland--suomi.com
0.0.0.0 timberland-suomi.com
0.0.0.0 timberlandsuomi.com
0.0.0.0 timberlandsuomi.net
0.0.0.0 timberlandsuomifi.com
0.0.0.0 timberlandxsuomi.com
0.0.0.0 timbsuomi.com
0.0.0.0 uniqloale.com
0.0.0.0 uniqlo-finland.com
0.0.0.0 uniqlofinland.com
0.0.0.0 uniqlohelsinki.com
0.0.0.0 uniqlo-suomi.com
0.0.0.0 uniqlosuomi.com
0.0.0.0 uniqlosuomi.net
0.0.0.0 uniqlosuomioutlet.com
0.0.0.0 vansale.net
0.0.0.0 vansfi.com
0.0.0.0 vansfioutlet.com
0.0.0.0 vanshelsinki.net
0.0.0.0 vansoutlet-suomi.com
0.0.0.0 vansssuomi.com
0.0.0.0 vanssuomi.net
0.0.0.0 vanssuomioutlet.com
0.0.0.0 veja-fi.com
0.0.0.0 veja-finland.com
0.0.0.0 vejafioutlet.com
0.0.0.0 vejahelsinki.com
0.0.0.0 vejassuomi.com
0.0.0.0 vejasuomi.net
0.0.0.0 veja-suomiale.com
0.0.0.0 vejasuomioutlet.com
0.0.0.0 versaceinsuomi.com
0.0.0.0 versacesuomi.net
0.0.0.0 vessiale.com
0.0.0.0 vessi-suomi.com
0.0.0.0 vessisuomi.com
0.0.0.0 vitaelight-suomi.com
0.0.0.0 vivobarefootale.com
0.0.0.0 vivobarefootalesuomi.com
0.0.0.0 vivobarefoot-fi.com
0.0.0.0 vivobarefootfi.com
0.0.0.0 vivobarefoot-finland.com
0.0.0.0 vivobarefoot-suomi.com
0.0.0.0 vivobarefootsuomi.com
0.0.0.0 vivobarefootsuomiale.com
0.0.0.0 xn--gymshark-espaa-2nb.com.es
0.0.0.0 xn--gymsharkespaaoutlet-63b.com
0.0.0.0 xn--gymsharkespaa-tkb.com
0.0.0.0 xn--gymsharksterreich-6zb.com
0.0.0.0 youngla-suomi.com
0.0.0.0 younglasuomi.com
0.0.0.0 younglasuomi.net
# https://lumendatabase.org/notices/34749939
0.0.0.0 gymsharkuswebsite.com
0.0.0.0 www.gymsharkuswebsite.com
0.0.0.0 gymsharkindiashop.com
0.0.0.0 www.gymsharkindiashop.com
0.0.0.0 gymsharkleggings-philippines.com
0.0.0.0 www.gymsharkleggings-philippines.com
0.0.0.0 gymsharkvenezuela.com
0.0.0.0 www.gymsharkvenezuela.com
# https://github.com/hagezi/dns-blocklists/issues/1803
0.0.0.0 atsholz.com
# https://www.bleepingcomputer.com/news/security/fraudsters-make-50-000-a-day-by-spoofing-crypto-researchers/
0.0.0.0 revoketokens.io
0.0.0.0 revokea.sh
# https://www.bleepingcomputer.com/news/security/bloomberg-crypto-x-account-snafu-leads-to-discord-phishing-attack/
0.0.0.0 altdentifiers.com
# https://web.archive.org/web/20231120125914/https://www.bleepingcomputer.com/news/security/russian-hackers-use-ngrok-feature-and-winrar-exploit-to-attack-embassies/
# https://tria.ge/231120-qafp3aga52/behavioral1
# https://infosec.exchange/@iampytest1/111443079100649886
0.0.0.0 cyber-wizard.com
0.0.0.0 iboltcyberhacker.wixsite.com
# https://github.com/durablenapkin/scamblocklist/issues/70
0.0.0.0 equiwarmpro.co
0.0.0.0 try.equiwarmpro.co
0.0.0.0 ekommmedia.com
0.0.0.0 try.ekommmedia.com
# https://github.com/hagezi/dns-blocklists/issues/1866
0.0.0.0 travix-works.com
0.0.0.0 www.travix-works.com
# https://infosec.exchange/@iampytest1/111490361011885326
0.0.0.0 xairdrop.biz
# porn scam
0.0.0.0 directchats.site
0.0.0.0 rose.directchats.site
0.0.0.0 ariana.directchats.site
0.0.0.0 liliana.directchats.site
0.0.0.0 sienna.directchats.site
0.0.0.0 margaret.directchats.site
0.0.0.0 adalynn.directchats.site
0.0.0.0 elliana.directchats.site
0.0.0.0 eliza.directchats.site
0.0.0.0 alina.directchats.site
0.0.0.0 raelynn.directchats.site
0.0.0.0 brielle.directchats.site
0.0.0.0 hadley.directchats.site
0.0.0.0 maria.directchats.site
0.0.0.0 madeline.directchats.site
0.0.0.0 lyla.directchats.site
0.0.0.0 everleigh.directchats.site
0.0.0.0 eden.directchats.site
0.0.0.0 mackenzie.directchats.site
0.0.0.0 sage.directchats.site
0.0.0.0 ximena.directchats.site
0.0.0.0 lydia.directchats.site
0.0.0.0 mlie.directchats.site
0.0.0.0 daisy.directchats.site
0.0.0.0 piper.directchats.site
0.0.0.0 sarah.directchats.site
0.0.0.0 gabriella.directchats.site
0.0.0.0 serenity.directchats.site
0.0.0.0 charlie.directchats.site
0.0.0.0 vivian.directchats.site
# https://github.com/RPiList/specials/issues/1369
0.0.0.0 qdyqdym.shop
0.0.0.0 buy.qdyqdym.shop
# https://github.com/RPiList/specials/issues/1399
0.0.0.0 schnellmpu.com
# https://github.com/RPiList/specials/issues/1400
0.0.0.0 america4internationalstudents.com
# https://github.com/RPiList/specials/issues/1404
0.0.0.0 bonprix-sale.shop
# https://github.com/durablenapkin/scamblocklist/issues/73
0.0.0.0 bite-life.com
# scam
# https://forums.malwarebytes.com/topic/306200-fake-fakebook-t-shirt-scam/ (account required)
0.0.0.0 newdesing.guru
# possible scam (fake age verification)
0.0.0.0 pregnantsimulator.com
0.0.0.0 adultonlineplay.com
# https://github.com/Dogino/Discord-Phishing-URLs/issues/24
0.0.0.0 cryptoslugs-hubs.com
0.0.0.0 verify.cryptoslugs-hubs.com
# https://virustotal.com/gui/url/dc11c48005d4e6e10f3cee13a731a131887b99ced613abd81900a2530689b94d/community
# my analysis: https://tria.ge/240106-xd1yqsdfdq/behavioral1
0.0.0.0 fazeskins.ru
# https://github.com/hagezi/dns-blocklists/issues/2019
0.0.0.0 realboos.online
# https://github.com/RPiList/specials/issues/1422
0.0.0.0 jaynapatel.co.uk
0.0.0.0 nelyc5h5x.jaynapatel.co.uk
# https://github.com/gchq/CyberChef/issues/1639#issuecomment-1893099540
0.0.0.0 technocraterecovery.site
# https://github.com/hagezi/dns-blocklists/issues/2049
0.0.0.0 adidasbrasil.net
0.0.0.0 adidascolombia.net
0.0.0.0 adidasfotballsko.com
0.0.0.0 adidashrvatskas.com
0.0.0.0 adidashungaryhu.com
0.0.0.0 adidasihungary.com
0.0.0.0 adidasjapan.net
0.0.0.0 adidasoutletfrance.com
0.0.0.0 adidasoutletslovenija.com
0.0.0.0 adidasperu.com
0.0.0.0 adidasschoenen.com
0.0.0.0 adidasslovenijaonline.com
0.0.0.0 adidasslovenijaoutlet.com
0.0.0.0 adidassrbijaeshop.com
0.0.0.0 adidassrbijashop.com
0.0.0.0 adidasuae.net
0.0.0.0 adidaszagreb.com
0.0.0.0 aerosolesshoesoutlets.com
0.0.0.0 airjordanbelgique.net
0.0.0.0 airjordanberlin.de
0.0.0.0 airjordanfemme.fr
0.0.0.0 airjordangreece.net
0.0.0.0 airjordanmagasinsuisse.com
0.0.0.0 airjordanromania.net
0.0.0.0 airjordanuruguay.com
0.0.0.0 aldobolsasmexico.com
0.0.0.0 aldocanada.net
0.0.0.0 aldomontreal.com
0.0.0.0 aldonetherlands.com
0.0.0.0 aldosapatos.com
0.0.0.0 aldosouthafrica.com
0.0.0.0 aldozapatos.com
0.0.0.0 alessandrozavettijas.com
0.0.0.0 alessandrozavettiromania.com
0.0.0.0 alessandrozavettiuk.com
0.0.0.0 alessandrozavettiweste.de
0.0.0.0 allbirdsmadrid.com
0.0.0.0 allsaintshungary.com
0.0.0.0 allsaintsonlineuae.com
0.0.0.0 allsaintsportugal.net
0.0.0.0 allsaintsslovenija.com
0.0.0.0 aloyogaaustralia.net
0.0.0.0 aloyogabrasil.com
0.0.0.0 aloyogapraha.cz
0.0.0.0 aloyogasale.net
0.0.0.0 aloyogasuomi.net
0.0.0.0 alphalete-suomi.com
0.0.0.0 alphaletesuomi.com
0.0.0.0 altra.ae
0.0.0.0 altrabelgie.com
0.0.0.0 altradanmarkshop.com
0.0.0.0 altraroadshoesnz.com
0.0.0.0 altraruningpolska.com
0.0.0.0 altrarunnerjapan.com
0.0.0.0 altrashoesdk.com
0.0.0.0 altrasverigeshop.com
0.0.0.0 americantouristerpolska.pl
0.0.0.0 americantouristersuomi.com
0.0.0.0 annafieldshop.fr
0.0.0.0 arcterryxoutletuk.com
0.0.0.0 arcterxysuomi.com
0.0.0.0 asicskuwaitsale.com
0.0.0.0 asicsoutletwien.at
0.0.0.0 asicssuomisneakers.com
0.0.0.0 asicswarsaw.pl
0.0.0.0 asicswarszawaoutlet.pl
0.0.0.0 asolocipele.com
0.0.0.0 asolosko.com
0.0.0.0 asportuguesaslatvija.com
0.0.0.0 autrybelgique.net
0.0.0.0 autryboty.cz
0.0.0.0 autryjapan.net
0.0.0.0 autrymexico.net
0.0.0.0 autrynz.com
0.0.0.0 autryoutlet.com
0.0.0.0 autryshoes.pl
0.0.0.0 autryshoesjapan.com
0.0.0.0 autrystore.net
0.0.0.0 autryuae.net
0.0.0.0 autryvienna.at
0.0.0.0 axelarigatojapan.net
0.0.0.0 axelarigatomilano.it
0.0.0.0 axelarigatooslo.com
0.0.0.0 axelarigatotenisice.com
0.0.0.0 aybl.pl
0.0.0.0 ayblsuomi.com
0.0.0.0 baffinstiefel.com
0.0.0.0 balancecentrum.eu
0.0.0.0 balenciagaireland.com
0.0.0.0 balenciagasuomi.com
0.0.0.0 balmainhrvatskashop.com
0.0.0.0 bapebelgium.com
0.0.0.0 bapeberlin.de
0.0.0.0 bapecanadasale.com
0.0.0.0 bapedanmark.net
0.0.0.0 bapeeesti.com
0.0.0.0 bapeisrael.com
0.0.0.0 bapejapanonline.com
0.0.0.0 bapelietuva.com
0.0.0.0 bapenederland.net
0.0.0.0 bapenorgeoutlet.com
0.0.0.0 bapeparisshop.fr
0.0.0.0 bapeportugal.net
0.0.0.0 bapesklepwarszawa.pl
0.0.0.0 bapesuisse.com
0.0.0.0 bapewien.at
0.0.0.0 barbourfinland.com
0.0.0.0 barbourkurtka.com
0.0.0.0 barbourpolska.com
0.0.0.0 barbourpolska.net
0.0.0.0 bearpawbrazil.com
0.0.0.0 bearpawbuty.com
0.0.0.0 belenkafi.com
0.0.0.0 billabong-argentina.com
0.0.0.0 billabongcanada.net
0.0.0.0 billabongportugal.net
0.0.0.0 billabongromania.net
0.0.0.0 billabongwarszawa.pl
0.0.0.0 bocancilowa.com
0.0.0.0 botascolumbia.com
0.0.0.0 botasdemonia.com
0.0.0.0 botashunterargentina.com
0.0.0.0 botashuntermexico.com
0.0.0.0 botashuntermujer.com
0.0.0.0 botaspajar.com
0.0.0.0 bothunterturkiye.com
0.0.0.0 bottegavenetasuomi.com
0.0.0.0 botyadidas.cz
0.0.0.0 botybearpaw.com
0.0.0.0 botycaterpillar.cz
0.0.0.0 brooksfinland.com
0.0.0.0 brooksoutletpolska.com
0.0.0.0 brooksrunningindonesia.com
0.0.0.0 brooksshoesuk.com
0.0.0.0 brooksshoeuk.com
0.0.0.0 brookssuomi-fi.com
0.0.0.0 brookssuomioutlet.com
0.0.0.0 brookswyprzedaz.pl
0.0.0.0 buenobratislava.sk
0.0.0.0 buenoshoesuk.com
0.0.0.0 bugattifashionro.com
0.0.0.0 butydanner-polska.com
0.0.0.0 butykeenoutlet.pl
0.0.0.0 butyveja.pl
0.0.0.0 buyshoesmalaysiaonline.com
0.0.0.0 buyshoesonlinemalaysia.com
0.0.0.0 carharttbratislava.sk
0.0.0.0 carharttchile.net
0.0.0.0 carharttdanmark.com
0.0.0.0 carhartthungary.com
0.0.0.0 carharttlatvia.com
0.0.0.0 carharttparis.fr
0.0.0.0 carharttpolska.com
0.0.0.0 carharttpraha.cz
0.0.0.0 carharttsrbija.com
0.0.0.0 carharttsuisse.com
0.0.0.0 carharttuae.net
0.0.0.0 cartier-malaysia.com
0.0.0.0 castanerromania.com
0.0.0.0 caterpillarbootscanada.net
0.0.0.0 caterpillarchaussure.net
0.0.0.0 caterpillarnorge.org
0.0.0.0 caterpillarshoesuk.com
0.0.0.0 cerabone.cz
0.0.0.0 championargentina.net
0.0.0.0 championbelgique.com
0.0.0.0 championberlin.de
0.0.0.0 championbulgaria.com
0.0.0.0 championclchile.com
0.0.0.0 championcolombia.net
0.0.0.0 championdanmark.com
0.0.0.0 championeesti.com
0.0.0.0 championgreece.net
0.0.0.0 championisrael.net
0.0.0.0 championjapan.net
0.0.0.0 championkuwait.net
0.0.0.0 championmexico.net
0.0.0.0 championoutletstore.sk
0.0.0.0 champion-polska.pl
0.0.0.0 championroma.it
0.0.0.0 championslovenija.com
0.0.0.0 championuae.net
0.0.0.0 championuksale.com
0.0.0.0 championuruguay.com
0.0.0.0 championwarszawa.pl
0.0.0.0 chaussuresmusto.com
0.0.0.0 cizmesorel.com
0.0.0.0 clarksargentina.net
0.0.0.0 clarksbuty.pl
0.0.0.0 clarksmontreal.net
0.0.0.0 clarksportugal.net
0.0.0.0 clarksscarpe.it
0.0.0.0 clarksshoesaustralia.net
0.0.0.0 clarksshoesnz.net
0.0.0.0 coccinellepolska.com
0.0.0.0 colehaanbrasilsale.com
0.0.0.0 colehaangreece.com
0.0.0.0 columbiacolombiatiendas.com
0.0.0.0 columbiafootweargreece.com
0.0.0.0 columbiagreeceonline.com
0.0.0.0 columbianetherlands.com
0.0.0.0 columbiapolskaoutlet.com
0.0.0.0 columbiashoesmalaysia.com
0.0.0.0 columbiashoesph.com
0.0.0.0 columbiashopnederland.com
0.0.0.0 columbiasnetherlands.com
0.0.0.0 columbiaspolskasklep.com
0.0.0.0 columbiassuomioutlet.com
0.0.0.0 converseallstarisrael.com
0.0.0.0 converseberlin.de
0.0.0.0 conversebrasil.com
0.0.0.0 converse-chile.cl
0.0.0.0 conversechile.net
0.0.0.0 converseinespana.com
0.0.0.0 converseisrael.com
0.0.0.0 conversekuwait.com
0.0.0.0 converselietuva.com
0.0.0.0 converse-luxembourg.com
0.0.0.0 conversephilippines.com
0.0.0.0 conversepromocja.com
0.0.0.0 converseromestore.it
0.0.0.0 converseshoesmalaysia.com
0.0.0.0 conversesklep.com
0.0.0.0 conversesrbija.com
0.0.0.0 conversestoreperu.com
0.0.0.0 converseuk.com
0.0.0.0 conversezurich.net
0.0.0.0 convresefi.com
0.0.0.0 convresesuomi.com
0.0.0.0 cosabellanederland.com
0.0.0.0 crocskaufenwien.at
0.0.0.0 crocslietuva.com
0.0.0.0 crocsuruguay.net
0.0.0.0 crocswarszawa.pl
0.0.0.0 cycasturkey.com
0.0.0.0 dannerbootsaustralia.net
0.0.0.0 dannerbootsfrance.net
0.0.0.0 dannerbootsromania.com
0.0.0.0 dannersko.net
0.0.0.0 dannerwandelschoen.com
0.0.0.0 dc-shoesperu.com
0.0.0.0 demoniaboots.it
0.0.0.0 demoniabootscanada.com
0.0.0.0 demoniabootsireland.com
0.0.0.0 demoniabudapest.com
0.0.0.0 demoniajapan.com
0.0.0.0 demoniapolska.com
0.0.0.0 demoniaportugal.com
0.0.0.0 demoniaromania.com
0.0.0.0 demoniashoesnorge.com
0.0.0.0 demoniastiefel.de
0.0.0.0 demoniegreeceoutlet.com
0.0.0.0 demoniepolska.com
0.0.0.0 docsmartensfactoryoutlet.com
0.0.0.0 docsmartenspoland.pl
0.0.0.0 dopeargentina.net
0.0.0.0 dopebelgie.com
0.0.0.0 dopechile.com
0.0.0.0 dopedanmark.com
0.0.0.0 dopeeesti.com
0.0.0.0 dopejackeschweiz.com
0.0.0.0 dopelaskettelutakki.com
0.0.0.0 dopenorge.com
0.0.0.0 dopeportugal.net
0.0.0.0 doperomania.com
0.0.0.0 dopeskikleding.com
0.0.0.0 dopesnowboard.fr
0.0.0.0 dopesnownederland.com
0.0.0.0 dopesnowromania.com
0.0.0.0 dopesnowtakki.com
0.0.0.0 dopetakit.com
0.0.0.0 drmartensbatai.com
0.0.0.0 drmartensbot.com
0.0.0.0 drmartensbotas.com
0.0.0.0 drmartensbotasmexico.com
0.0.0.0 drmartensboty.cz
0.0.0.0 drmartensdamen.de
0.0.0.0 drmartensdonna.com
0.0.0.0 drmartensdublin.com
0.0.0.0 drmartenshomme.fr
0.0.0.0 drmartensjapan.net
0.0.0.0 drmartenssalg.com
0.0.0.0 drmartensshoesuk.com
0.0.0.0 drmartensskroutz.com
0.0.0.0 eastpaklietuva.com
0.0.0.0 eccohrvatskaoutlet.com
0.0.0.0 eccomontreal.com
0.0.0.0 eccooutletsklep.pl
0.0.0.0 eccooutletssuomi.com
0.0.0.0 eccorusland.com
0.0.0.0 eccoshoessaleaustralia.com
0.0.0.0 emuaustraliaromania.com
0.0.0.0 etniesshoesireland.com
0.0.0.0 extreehome.com
0.0.0.0 femistoriessuomi.com
0.0.0.0 fila-finland.com
0.0.0.0 fitflopparis.net
0.0.0.0 fitflopromania.com
0.0.0.0 footjoyapparelnz.com
0.0.0.0 footjoycanada.net
0.0.0.0 footjoygolfshoe-india.com
0.0.0.0 footjoygolfshoes-india.com
0.0.0.0 footjoygolfshoesuk.com
0.0.0.0 footjoyjapan.net
0.0.0.0 footjoyoutletmexico.com
0.0.0.0 footjoyshoesaustralia.com
0.0.0.0 footjoyshoessouthafrica.com
0.0.0.0 footjoysko.com
0.0.0.0 fossilirelandsale.com
0.0.0.0 fotbalovyfestival.cz
0.0.0.0 gapsuomi.com
0.0.0.0 geoxargentina.net
0.0.0.0 geoxbelgique.com
0.0.0.0 geoxczpraha.cz
0.0.0.0 geoxgreece.net
0.0.0.0 geox-ireland.com
0.0.0.0 geoxisrael.com
0.0.0.0 geoxkuwait.com
0.0.0.0 geoxlatvija.com
0.0.0.0 geoxmexico.com
0.0.0.0 geoxnederland.net
0.0.0.0 geoxnorge.net
0.0.0.0 geoxportugaloutlet.com
0.0.0.0 geoxschweiz.com
0.0.0.0 geox-shoes-india.com
0.0.0.0 geoxsouthafrica.com
0.0.0.0 geoxsrbija.com
0.0.0.0 geoxsuomi.com
0.0.0.0 geoxuk.com
0.0.0.0 geoxuruguay.com
0.0.0.0 ghdhaircanada.ca
0.0.0.0 gola-portugal.com
0.0.0.0 goldengoose-italia.com
0.0.0.0 groundiescanada.net
0.0.0.0 groundiesgreeceoutlet.com
0.0.0.0 groundiesgreeces.com
0.0.0.0 groundiesitalia.top
0.0.0.0 groundiesoutletchile.com
0.0.0.0 groundiesoutletportugal.com
0.0.0.0 groundiesportugal.top
0.0.0.0 groundiesscarpeitalia.it
0.0.0.0 groundiesschoenennederland.com
0.0.0.0 groundiestroutlet.com
0.0.0.0 groundieswyprzedaz.pl
0.0.0.0 guessfinland.com
0.0.0.0 gymshark-polska.pl
0.0.0.0 gymsharkrea.com
0.0.0.0 gymsharksaledk.com
0.0.0.0 gymsharksklep.pl
0.0.0.0 gymsharksoldes.net
0.0.0.0 gymsharkstorejapan.net
0.0.0.0 gymsharksverigesale.com
0.0.0.0 gymsharksweden.com
0.0.0.0 hackettsrbija.com
0.0.0.0 haflingerslipperswebsite.com
0.0.0.0 hanwagoutletstore.com
0.0.0.0 hanwagshoesoutlet.com
0.0.0.0 hellyhansenargentina.net
0.0.0.0 hellyhansenaustralia.net
0.0.0.0 hellyhansenbratislava.sk
0.0.0.0 hellyhansencanada.com
0.0.0.0 hellyhansenchile.com
0.0.0.0 hellyhansencolombia.com
0.0.0.0 hellyhanseneesti.com
0.0.0.0 hellyhansengreece.com
0.0.0.0 hellyhansenhrvatska.net
0.0.0.0 hellyhansenhungary.com
0.0.0.0 hellyhansenireland.com
0.0.0.0 hellyhansenjapan.com
0.0.0.0 hellyhansenkuwait.com
0.0.0.0 hellyhansenlatvija.com
0.0.0.0 hellyhansenmexico.com
0.0.0.0 hellyhansennederland.com
0.0.0.0 hellyhansennorge.net
0.0.0.0 hellyhansenoutletgreece.com
0.0.0.0 hellyhansenparis.net
0.0.0.0 hellyhansenpraha.cz
0.0.0.0 hellyhansenromania.net
0.0.0.0 hellyhansenschweiz.com
0.0.0.0 hellyhansensrbija.com
0.0.0.0 hellyhansenuk.com
0.0.0.0 hellyhansenuruguay.com
0.0.0.0 hellyhansenwarszawa.pl
0.0.0.0 herschelireland.com
0.0.0.0 heydudeforsale.com
0.0.0.0 hm-portugal.com
0.0.0.0 hoka-denmark.com
0.0.0.0 hoka-magyarorszag.com
0.0.0.0 hokanorgebutikk.com
0.0.0.0 hokaoneonehrvatska.com
0.0.0.0 hokaonept.com
0.0.0.0 hokaoutletparis.com
0.0.0.0 hokarunnershungary.com
0.0.0.0 hokascarpe-italia.com
0.0.0.0 hoka-schweiz.com
0.0.0.0 hoka-soldes.fr
0.0.0.0 hokastoreportugal.com
0.0.0.0 hummelchile.com
0.0.0.0 hunterbootscanada.com
0.0.0.0 hunterbootsdublin.com
0.0.0.0 hunterbootsjapan.com
0.0.0.0 hunterbootsnz.com
0.0.0.0 hunterbootsschweiz.net
0.0.0.0 hunterfinland.com
0.0.0.0 huntergumbootsaustralia.com
0.0.0.0 huntergummistiefeldamen.de
0.0.0.0 hunterkaloszeoutlets.pl
0.0.0.0 hunteroutletsuomi.com
0.0.0.0 hunterregenlaarzen.com
0.0.0.0 hushpuppiesfinland.com
0.0.0.0 inov8boty.cz
0.0.0.0 ipanemauae.com
0.0.0.0 johannisstein.eu
0.0.0.0 johnstonmurphyaustraliau.com
0.0.0.0 jomacdmx.com
0.0.0.0 jomajp.com
0.0.0.0 jomasportcostarica.com
0.0.0.0 jomavenezuela.com
0.0.0.0 jordansboty.cz
0.0.0.0 josefseibelsuomi.com
0.0.0.0 joyaperuventa.com
0.0.0.0 joyaromania.com
0.0.0.0 joyaschoenen.com
0.0.0.0 joyaschuhedeutschland.com
0.0.0.0 joyashoeskuwait.com
0.0.0.0 joyaskonorge.com
0.0.0.0 joyaskorstockholm.com
0.0.0.0 jsbackpackcanada.com
0.0.0.0 kaloszehunter.com
0.0.0.0 kappazurich.com
0.0.0.0 karenmillenslovensko.sk
0.0.0.0 karhuskor.com
0.0.0.0 karhusneakersnorge.net
0.0.0.0 karrimormexico.com
0.0.0.0 kedsberlin.de
0.0.0.0 kedscanada.net
0.0.0.0 kedsoutletpolska.com
0.0.0.0 kedspt.com
0.0.0.0 kedssklep.pl
0.0.0.0 kenzoindonesia.com
0.0.0.0 kickers-hungary.com
0.0.0.0 kiplingfrance.com
0.0.0.0 kipling-polska.com
0.0.0.0 kiplingspain.com
0.0.0.0 kiplingsuomi.com
0.0.0.0 kurtkadope.com
0.0.0.0 lasportivabootsnz.com
0.0.0.0 lasportivaclimbingshoescanada.com
0.0.0.0 lasportivaklatresko.com
0.0.0.0 lasportivamontreal.com
0.0.0.0 lasportivanederland.com
0.0.0.0 lasportivaportugal.com
0.0.0.0 lasportivaschuheschweiz.com
0.0.0.0 lasportivatenisice.com
0.0.0.0 lasportivawanderschuhe.de
0.0.0.0 lecoqsportifparis.fr
0.0.0.0 leggingsnvgtnitaly.com
0.0.0.0 legginsygymsharkpolska.com
0.0.0.0 lems-greece.com
0.0.0.0 liujoukshop.com
0.0.0.0 loakedanmarkshop.com
0.0.0.0 lojacolumbiaportugal.com
0.0.0.0 longchampbucharest.com
0.0.0.0 lornajaneaustralia.com
0.0.0.0 lottoargentina.net
0.0.0.0 lottoaustralia.org
0.0.0.0 lottobelgium.net
0.0.0.0 lottoboty.cz
0.0.0.0 lottobulgaria.org
0.0.0.0 lottocolombia.net
0.0.0.0 lottodanmark.net
0.0.0.0 lottoeesti.org
0.0.0.0 lottofrankfurt.de
0.0.0.0 lottogreece.org
0.0.0.0 lottohrvatska.org
0.0.0.0 lottohungary.org
0.0.0.0 lottoireland.net
0.0.0.0 lottokuwait.org
0.0.0.0 lottolithuania.org
0.0.0.0 lottomexico.org
0.0.0.0 lottonorway.net
0.0.0.0 lottoparis.net
0.0.0.0 lottoportugal.net
0.0.0.0 lottoschweiz.com
0.0.0.0 lottoserbia.org
0.0.0.0 lottoslovakia.sk
0.0.0.0 lottosouthafrica.net
0.0.0.0 lottosuomi.net
0.0.0.0 lottotokyo.org
0.0.0.0 lottoturkey.org
0.0.0.0 lottouruguay.net
0.0.0.0 lottowarszawa.pl
0.0.0.0 louboutin-polska.com
0.0.0.0 lowaapavi.com
0.0.0.0 lowabakancs.net
0.0.0.0 lowabatai.com
0.0.0.0 lowabootsaustralia.net
0.0.0.0 lowabootsmexico.com
0.0.0.0 lowabotas.com
0.0.0.0 lowaisrael.net
0.0.0.0 lowamilitarybootsuk.com
0.0.0.0 lowa-philippines.com
0.0.0.0 lowaschoenen-nl.com
0.0.0.0 lowasuomi.com
0.0.0.0 lowausastore.com
0.0.0.0 lowawandelschoenen.com
0.0.0.0 lowawinterstiefel.de
0.0.0.0 lululemonamsterdam.net
0.0.0.0 lululemoneu.cz
0.0.0.0 lululemonjapan.ru
0.0.0.0 lululemonmontreal.com
0.0.0.0 lululemonoutletcolombia.net
0.0.0.0 lululemonportugal.net
0.0.0.0 lululemonsale.de
0.0.0.0 mackagebelgique.net
0.0.0.0 mackagedenmark.com
0.0.0.0 mackagefemmeparis.com
0.0.0.0 mackageireland.com
0.0.0.0 mackagejacketcanada.com
0.0.0.0 mackageschweiz.com
0.0.0.0 magasinhokabelgique.com
0.0.0.0 marcjacobs-france.fr
0.0.0.0 marc-jacobssuomi.com
0.0.0.0 meindlschuhedeutschland.com
0.0.0.0 mephistoonsale.com
0.0.0.0 merrellbarbati.com
0.0.0.0 merrellbutysklep.com
0.0.0.0 merrelloutletfactoryuk.com
0.0.0.0 merrellsandaalit.com
0.0.0.0 merrellsklepy.pl
0.0.0.0 michaelkorsargentina.net
0.0.0.0 michaelkorsberlin.de
0.0.0.0 michaelkorsgreece.net
0.0.0.0 michaelkorslatvia.com
0.0.0.0 michaelkorssrbija.net
0.0.0.0 michaelkorssuisse.net
0.0.0.0 michaelkorsuruguay.net
0.0.0.0 michaelkorsvienna.at
0.0.0.0 michaelkorswarszawa.pl
0.0.0.0 mizuno-hungary.com
0.0.0.0 mizunonorway.com
0.0.0.0 mizunoonsaleuk.com
0.0.0.0 mizunosaleportugal.com
0.0.0.0 mizunosnorge.com
0.0.0.0 mizuno-sweden.com
0.0.0.0 mlbhungary.com
0.0.0.0 mlbshopschweiz.com
0.0.0.0 mollybootmexico.com
0.0.0.0 moonbootargentina.com
0.0.0.0 moonbootaustralia.net
0.0.0.0 moonbootbelgique.com
0.0.0.0 moonbootbratislava.sk
0.0.0.0 moonbootbulgaria.com
0.0.0.0 moonbootireland.net
0.0.0.0 moonbootisrael.net
0.0.0.0 moonbootjapan.net
0.0.0.0 moonbootlatvia.com
0.0.0.0 moonbootlietuva.com
0.0.0.0 moonbootnorge.net
0.0.0.0 moonboot-polska.com
0.0.0.0 moonbootportugal.net
0.0.0.0 moonbootroma.it
0.0.0.0 moonbootsgreece.net
0.0.0.0 moonbootslovenija.net
0.0.0.0 moonbootsouthafrica.net
0.0.0.0 moonbootsperu.com
0.0.0.0 moonbootuae.net
0.0.0.0 moonbootukstore.com
0.0.0.0 muckbootdanmark.com
0.0.0.0 muckboots-cz.com
0.0.0.0 muckbootscz.com
0.0.0.0 muckbootsgreece.com
0.0.0.0 muckbootsmagyarorszagon.com
0.0.0.0 muckbootsnl.com
0.0.0.0 muckbootsnorge.com
0.0.0.0 muckbootsosterreich.at
0.0.0.0 muckbootsoutletstore.de
0.0.0.0 muckbootspolska.com
0.0.0.0 muckbootsportugal.com
0.0.0.0 muckbootsromania.com
0.0.0.0 muckbootsschweiz.com
0.0.0.0 muckbootssouthafrica.com
0.0.0.0 muckbootssverige.com
0.0.0.0 nadejbaletu.sk
0.0.0.0 nativeshoesfrance.com
0.0.0.0 nauticanederland.com
0.0.0.0 nauticapolska.com
0.0.0.0 nauticaromania.com
0.0.0.0 nauticaukwebsite.com
0.0.0.0 newbalanceonline.pl
0.0.0.0 new-lookireland.com
0.0.0.0 newlooksuomi.com
0.0.0.0 nfiserova.cz
0.0.0.0 nikeaustralia.net
0.0.0.0 nikeayakkabiindirim.com
0.0.0.0 nikegreece.net
0.0.0.0 nikenorgesalg.com
0.0.0.0 nikeoutletspain.com
0.0.0.0 nike-philippines.com
0.0.0.0 nike-polska.pl
0.0.0.0 nike-portugal.com
0.0.0.0 nikeshoeoutlets.gr
0.0.0.0 nikeslovenija.net
0.0.0.0 nikesouthafricasale.co.za
0.0.0.0 niketrturkiye.com
0.0.0.0 nine-west.pl
0.0.0.0 nobullbelgie.net
0.0.0.0 nobullcanadasale.com
0.0.0.0 nobullcrossfitoutlet.net
0.0.0.0 nobulldeutschland.de
0.0.0.0 nobullgreece.net
0.0.0.0 nobullprojectireland.net
0.0.0.0 nobullprojectmexico.com
0.0.0.0 nobullshoponline.sk
0.0.0.0 nobullskonorge.com
0.0.0.0 nobullsrbija.com
0.0.0.0 no-bulluk.com
0.0.0.0 norronabunda.sk
0.0.0.0 obuvlasportiva.sk
0.0.0.0 ohpollyportugal.com
0.0.0.0 oliverpeoplesschweiz.com
0.0.0.0 olukaibe.com
0.0.0.0 olukaidk.com
0.0.0.0 olukai-france.fr
0.0.0.0 olukai-greece.com
0.0.0.0 olukainorway.com
0.0.0.0 olukaisaleclearance.com
0.0.0.0 onitsukatiger-ireland.com
0.0.0.0 oofossingaporestore.com
0.0.0.0 osirisfootwearmexico.com
0.0.0.0 osirisuk.com
0.0.0.0 palladiumargentina.com
0.0.0.0 palladiumbootsargentina.com
0.0.0.0 palladiumbootspolska.pl
0.0.0.0 palladium-denmark.com
0.0.0.0 palladiumfi.me
0.0.0.0 palladium-hrvatska.com
0.0.0.0 palladiumpolskaoutlet.com
0.0.0.0 panamajack-france.fr
0.0.0.0 panamajackonline.sk
0.0.0.0 panamajackoutlet.pl
0.0.0.0 panamajackparis.com
0.0.0.0 panamajackschweiz.ch
0.0.0.0 panamajackschweiz.net
0.0.0.0 panamajackslovenija.com
0.0.0.0 pandorajapan.net
0.0.0.0 pandorakorut.com
0.0.0.0 pandoraoslo.com
0.0.0.0 pandoraportugal.com
0.0.0.0 pandoraringsuk.com
0.0.0.0 parajumpersjackede.de
0.0.0.0 parfois-chile.com
0.0.0.0 parfoiscz.cz
0.0.0.0 parfoisdublin.com
0.0.0.0 parfoisosterreich.at
0.0.0.0 parfois-sverige.com
0.0.0.0 patagoniapolskasklep.pl
0.0.0.0 perfectmomentromania.com
0.0.0.0 pitviperbril.com
0.0.0.0 pitviperbriller.com
0.0.0.0 pitviperfrance.net
0.0.0.0 pitvipergafas.com
0.0.0.0 pitviperjapan.com
0.0.0.0 pitviperlunette.fr
0.0.0.0 pitviperocchiali.it
0.0.0.0 pitviperoculos.com
0.0.0.0 pitvipersunglassesnz.com
0.0.0.0 pleaserchaussure.com
0.0.0.0 pleaserchaussures.com
0.0.0.0 pleaserheelscanada.com
0.0.0.0 pleaserschweiz.com
0.0.0.0 portugalgroundies.com
0.0.0.0 procuradoresnavas.com
0.0.0.0 pumaoutletpolska.com
0.0.0.0 puma-polska.com
0.0.0.0 quaygreece.net
0.0.0.0 quayocchiali.it
0.0.0.0 quayonline.net
0.0.0.0 quayoutlet.com
0.0.0.0 quayparis.com
0.0.0.0 quayphilippines.com
0.0.0.0 quaysouthafrica.net
0.0.0.0 quaysstore.com
0.0.0.0 quaysuomeksi.com
0.0.0.0 rabclothingsouthafrica.net
0.0.0.0 rabdanmark.net
0.0.0.0 rabhungary.com
0.0.0.0 rabonline.net
0.0.0.0 rabparis.fr
0.0.0.0 rabromania.net
0.0.0.0 rabsrbija.net
0.0.0.0 raybanmalaysiastore.com
0.0.0.0 raybanslovensko.sk
0.0.0.0 redwingoslo.com
0.0.0.0 reebokaustralia.com
0.0.0.0 reebokuswebsite.com
0.0.0.0 reef-danmark.com
0.0.0.0 reef-polska.com
0.0.0.0 reef-portugal.com
0.0.0.0 regattafrance.com
0.0.0.0 regattapolska.com
0.0.0.0 rockportbootsireland.com
0.0.0.0 rockportjapan.com
0.0.0.0 rockportmontreal.com
0.0.0.0 rockportnz.com
0.0.0.0 rockportontario.com
0.0.0.0 rockportoutletortugal.com
0.0.0.0 rockportsaleuk.com
0.0.0.0 rockportschoenen.com
0.0.0.0 rockportshoesmexico.com
0.0.0.0 rockporttr.com
0.0.0.0 rockportzapatos.com
0.0.0.0 rothys-suomi.com
0.0.0.0 roxy-japan.com
0.0.0.0 russellandbromleynorge.net
0.0.0.0 russellandbromleyromania.net
0.0.0.0 russellandbromleywien.at
0.0.0.0 russellbromleyoutlet.net
0.0.0.0 russellnbromleycanada.com
0.0.0.0 rvcajapan.net
0.0.0.0 ryderwear-finland.com
0.0.0.0 ryderwearjapan.com
0.0.0.0 ryderwearjapann.com
0.0.0.0 ryderwear-polska.com
0.0.0.0 ryderwear-suomi.com
0.0.0.0 safenordicsolutions.com
0.0.0.0 saintjamesireland.com
0.0.0.0 salmingchile.com
0.0.0.0 salmingcolombia.com
0.0.0.0 salmingportugalpt.com
0.0.0.0 salmingslovenija.com
0.0.0.0 salomomsuomioutlet.com
0.0.0.0 salomonbuty.com
0.0.0.0 salomonenucuz.com
0.0.0.0 salomonfinlandoutlet.com
0.0.0.0 salomongermany.de
0.0.0.0 salomonmalaysiaonlineshop.com
0.0.0.0 salomonoutlet.it
0.0.0.0 salomonportugal.com
0.0.0.0 salomonpraha.com
0.0.0.0 salomonshoes.co.za
0.0.0.0 salomonshoesbulgaria.com
0.0.0.0 salomonshopgreece.com
0.0.0.0 salomonslovensko.me
0.0.0.0 salomonstoreuae.com
0.0.0.0 salomonvandreskotilbud.com
0.0.0.0 sanitamalaysia.com
0.0.0.0 sanitasverige.com
0.0.0.0 sanukchiletiendas.com
0.0.0.0 sanukdublin.com
0.0.0.0 sanukflipflops.de
0.0.0.0 sanuknederlandnl.com
0.0.0.0 sanuknz.com
0.0.0.0 sanuk-philippines.com
0.0.0.0 sanukromaniaro.com
0.0.0.0 sanuksalecanada.com
0.0.0.0 sanuksandalssingapore.com
0.0.0.0 sanukschoenen.com
0.0.0.0 sanukshoesschweiz.com
0.0.0.0 sanukzapatoscolombia.com
0.0.0.0 scarpejoya.com
0.0.0.0 scarpelowa.it
0.0.0.0 scarpesanuk.it
0.0.0.0 scotchandsodaromania.com
0.0.0.0 scotch-sodaromania.com
0.0.0.0 sebagoantwerpen.com
0.0.0.0 sebagobruxelles.com
0.0.0.0 sebagodeckshoesireland.com
0.0.0.0 sebagodockside.fr
0.0.0.0 sebagojapan.net
0.0.0.0 sebagosaat.com
0.0.0.0 sebagoschoenen.com
0.0.0.0 sebagoshoesgreece.com
0.0.0.0 sebagozapatos.com
0.0.0.0 shoesmalaysiastores.com
0.0.0.0 shoessalesmalaysia.com
0.0.0.0 skechersfactory.com
0.0.0.0 skechersinphilippines.com
0.0.0.0 skechersmilano.com
0.0.0.0 skechersoutletsverige.com
0.0.0.0 skechersparissale.com
0.0.0.0 skechersschuhe.com
0.0.0.0 skechersturkiyeoutlet.com.tr
0.0.0.0 skechersuruguayoutlet.com
0.0.0.0 skijakke.com
0.0.0.0 skijasbelgie.com
0.0.0.0 skimscz.cz
0.0.0.0 skimsgreece.com
0.0.0.0 skims-polska.pl
0.0.0.0 skimspolska.pl
0.0.0.0 skimsromania.com
0.0.0.0 skimsshoponline.com
0.0.0.0 sklepconversepolska.com
0.0.0.0 sklepyadidaspolska.com
0.0.0.0 sloggipolska.pl
0.0.0.0 snowromania.com
0.0.0.0 solovairargentina.com
0.0.0.0 solovairbelgique.com
0.0.0.0 solovairbelgium.net
0.0.0.0 solovairbrasil.com
0.0.0.0 solovaircanada.net
0.0.0.0 solovairchile.net
0.0.0.0 solovairgreece.net
0.0.0.0 solovairhrvatska.net
0.0.0.0 solovairpraha.cz
0.0.0.0 solovairschweiz.net
0.0.0.0 solovairshop.com
0.0.0.0 solovairslovenija.net
0.0.0.0 solovairsuomi.net
0.0.0.0 sorelaustraliashops.com
0.0.0.0 sorelbootsuk.com
0.0.0.0 sorelchaussures.com
0.0.0.0 sorel-dk.com
0.0.0.0 sorelportugal.com
0.0.0.0 sorelschoenen.com
0.0.0.0 sorelschweiz.com
0.0.0.0 sperryfactoryoutlets.com
0.0.0.0 sperryshoesaustralia.com
0.0.0.0 stevamaddenpl.com
0.0.0.0 stevamaddenpolska.com
0.0.0.0 stockxbelgique.com
0.0.0.0 stockxbelgium.com
0.0.0.0 stockxlatvia.com
0.0.0.0 stockxsouthafrica.com
0.0.0.0 stockxsuisse.com
0.0.0.0 stoneislandeesti.ru
0.0.0.0 stoneislandjapan.com
0.0.0.0 stoneislandlietuva.com
0.0.0.0 stoneislandparis.ru
0.0.0.0 stoneislandsouthafrica.ru
0.0.0.0 stoneislandsuisse.com
0.0.0.0 stoneislandsuomi.org
0.0.0.0 stussygreece.com
0.0.0.0 stussy-italia.com
0.0.0.0 suprainsuomi.com
0.0.0.0 suprashoescanada.com
0.0.0.0 tamarisdanmark.com
0.0.0.0 tamarissdanmark.com
0.0.0.0 tedbakereesti.com
0.0.0.0 tedbakerireland.net
0.0.0.0 tenisiconverseromania.com
0.0.0.0 tenisiconverseromania.ro
0.0.0.0 teniskyunderarmour.sk
0.0.0.0 teva-ar.com
0.0.0.0 teva-be.com
0.0.0.0 teva-colombia.com
0.0.0.0 teva-cz.com
0.0.0.0 tevaforhandler.com
0.0.0.0 tevahr.com
0.0.0.0 tevaoutletchile.com
0.0.0.0 teva-polska.com
0.0.0.0 tevasandalesrbija.com
0.0.0.0 tevaskor.com
0.0.0.0 tevaszandalbudapest.com
0.0.0.0 teva-turkey.com
0.0.0.0 thursdaycanada.com
0.0.0.0 thursdaynorge.com
0.0.0.0 thursdayuk.com
0.0.0.0 tiendahokaonemexico.com
0.0.0.0 tiendasairjordanmexico.com
0.0.0.0 tiffanysuomi.com
0.0.0.0 tiffanyturkiye.com.tr
0.0.0.0 timberlandmontreal.net
0.0.0.0 timberlandpolska.pl
0.0.0.0 timberlandtopanky.sk
0.0.0.0 tomfordsuomi.com
0.0.0.0 tommyhilfigerbunda.sk
0.0.0.0 tommyhilfigerdeutschland.de
0.0.0.0 tommyhilfigerdublin.com
0.0.0.0 tommyhilfigerjakke.com
0.0.0.0 tommyhilfigerjakne.com
0.0.0.0 tommyhilfigeronlinecanada.com
0.0.0.0 tommyhilfigeroutletargentina.com
0.0.0.0 tommyhilfigeroutletnz.com
0.0.0.0 tommyhilfigeroutletportugal.com
0.0.0.0 tommyhilfigerpatike.com
0.0.0.0 tommyhilfigerquebec.net
0.0.0.0 tommyhilfigersko.com
0.0.0.0 tomsjapan.net
0.0.0.0 tomsjapanoutlet.com
0.0.0.0 tomsschuhedamen.de
0.0.0.0 tomsshoesdubai.com
0.0.0.0 tomsskotilbud.com
0.0.0.0 tonybianconz.com
0.0.0.0 toryburchoutletespana.com
0.0.0.0 uggssklep.pl
0.0.0.0 umbropolska.pl
0.0.0.0 underarmouradidasi.com
0.0.0.0 underarmourchaussures.net
0.0.0.0 underarmourjas.com
0.0.0.0 underarmouroslo.com
0.0.0.0 underarmourschuhe.at
0.0.0.0 underarmourskor.se
0.0.0.0 underarmourskroutz.com
0.0.0.0 underarmourtrainersuk.com
0.0.0.0 undervon.com
0.0.0.0 uniqlopolska.pl
0.0.0.0 valentinocanada.com
0.0.0.0 vansalte.it
0.0.0.0 vanscolombia.net
0.0.0.0 vansdames.com
0.0.0.0 vansforsaleuk.net
0.0.0.0 vansindonesiastore.com
0.0.0.0 vansschoenenbelgie.com
0.0.0.0 vansshoesksa.com
0.0.0.0 vanssko.com
0.0.0.0 vansskoletaske.com
0.0.0.0 vanstenisice.com
0.0.0.0 veja.com.gr
0.0.0.0 vejaadidasi.com
0.0.0.0 vejaathensgreece.net
0.0.0.0 vejabelgium.com
0.0.0.0 vejabrasil.net
0.0.0.0 vejanorge.com
0.0.0.0 vejanz.com
0.0.0.0 vejaoutlet.net
0.0.0.0 vejapraha.cz
0.0.0.0 vejasfranceoutlet.com
0.0.0.0 vejashoes.cz
0.0.0.0 vejashoesuk.com
0.0.0.0 vejasko.org
0.0.0.0 vejaslovenia.com
0.0.0.0 vejatenis.com
0.0.0.0 vejazapatoscolombia.net
0.0.0.0 verabradleypolska.com
0.0.0.0 vessibelgium.com
0.0.0.0 vessibelglum.com
0.0.0.0 vessiitalia.com
0.0.0.0 vessijapan.net
0.0.0.0 vessischoenen.com
0.0.0.0 vessishoes.fr
0.0.0.0 vibram-es.com
0.0.0.0 vibrammagyarorszag.com
0.0.0.0 vibramnederland.me
0.0.0.0 vibramparis.com
0.0.0.0 vibramsalenz.com
0.0.0.0 vibramukstore.com
0.0.0.0 vibramvypredaj.sk
0.0.0.0 viking-cnc.com
0.0.0.0 viking-solutions.com
0.0.0.0 vineyardvines.pl
0.0.0.0 vineyardvinessuomi.com
0.0.0.0 vionicmexico.com
0.0.0.0 vionicshoesportugal.com
0.0.0.0 vioniczapatos.com
0.0.0.0 vivaiabuty.pl
0.0.0.0 vivobarefootbrasil.net
0.0.0.0 vivobarefootbrussel.com
0.0.0.0 vivobarefootchileoutlet.net
0.0.0.0 vivobarefooteesti.com
0.0.0.0 vivobarefoothrvatska.net
0.0.0.0 vivobarefoot-hu.com
0.0.0.0 vivobarefootjapan.net
0.0.0.0 vivobarefootkengat.com
0.0.0.0 vivobarefootkokotaulukko.com
0.0.0.0 vivobarefootkuwait.com
0.0.0.0 vivobarefoot-romania.ro
0.0.0.0 vivobarefootslovenia.com
0.0.0.0 vivobarefoot-slovenija.com
0.0.0.0 vivobarefootsrbija.net
0.0.0.0 vivobarefootsuisse.com
0.0.0.0 vivobarefootusretailers.com
0.0.0.0 vivobarefoot-za.com
0.0.0.0 vivoshoessouthafrica.com
0.0.0.0 wolverinefactoryoutlet.com
0.0.0.0 wolverinefactoryoutlets.com
0.0.0.0 xerobarefoot.sk
0.0.0.0 xerofootwearuk.com
0.0.0.0 xerojapan.net
0.0.0.0 xeroshoesaustralia.com
0.0.0.0 xeroshoesnz.com
0.0.0.0 xeroskor.com
0.0.0.0 xn--adidasayakkab-gbc.net
0.0.0.0 xn--aloyogamnchen-3ob.de
0.0.0.0 xn--asolokengt-y5a.com
0.0.0.0 xn--axelarigatokbenhavn-67b.com
0.0.0.0 xn--bapeespaa-s6a.com
0.0.0.0 xn--billabongtrkiye-8vb.com
0.0.0.0 xn--carharttespaa-tkb.com
0.0.0.0 xn--castaerespaa-ehbg.com
0.0.0.0 xn--clarksespaa-beb.com
0.0.0.0 xn--clarkszrich-zhb.com
0.0.0.0 xn--conversebelgi-gib.com
0.0.0.0 xn--dannerespaa-beb.com
0.0.0.0 xn--dannerstvler-2jb.com
0.0.0.0 xn--dopeespaa-s6a.com
0.0.0.0 xn--dopetrkiye-eeb.com
0.0.0.0 xn--drmartensstvler-gub.com
0.0.0.0 xn--footjoygolfkengt-9nb.com
0.0.0.0 xn--gillmarinetrkiye-tzb.com
0.0.0.0 xn--hellyhansenbelgi-prb.com
0.0.0.0 xn--hellyhansenespaa-lub.com
0.0.0.0 xn--hellyhansenper-yrb.com
0.0.0.0 xn--hellyhansentrkiye-e3b.com
0.0.0.0 xn--huntergummistvler-d1b.com
0.0.0.0 xn--hunterstvler-2jb.com
0.0.0.0 xn--joyaespaa-s6a.com
0.0.0.0 xn--neweraapka-j9b.com
0.0.0.0 xn--norronatrkiye-3ob.com
0.0.0.0 xn--skimstrkiye-yhb.com
0.0.0.0 xn--solovairmxico-jhb.com
0.0.0.0 xn--sorelcip-8sb.com
0.0.0.0 xn--tomscip-8mb.com
0.0.0.0 xn--underarmourayakkab-v0c.com
0.0.0.0 xn--vejazrich-u9a.com
0.0.0.0 xn--vessiespaa-19a.com
0.0.0.0 yeezybelgique.com
0.0.0.0 yeezyberlin.de
0.0.0.0 yeezyireland.com
0.0.0.0 yeezyisrael.com
0.0.0.0 yeezyuksale.com
0.0.0.0 yeti-southafrica.co.za
0.0.0.0 youngla-danmark.com
0.0.0.0 youngla-polska.pl
0.0.0.0 yslpolska.pl
0.0.0.0 zapatillasunderarmourchile.com
0.0.0.0 zapatossanuk.com
0.0.0.0 zavettiireland.com
# https://github.com/durablenapkin/scamblocklist/issues/74
0.0.0.0 link-etsy.com
0.0.0.0 etsy-verifed-shop.com
# https://github.com/hagezi/dns-blocklists/issues/2081
0.0.0.0 do0cd.com
0.0.0.0 doosd.pro
0.0.0.0 d0ood.com
0.0.0.0 doode.pro
# SMS phishing message
# cloudflared: https://tria.ge/240127-rgd1gsdgb8/behavioral1
0.0.0.0 bbbvnvn.com
0.0.0.0 usps.bbbvnvn.com
0.0.0.0 kai12102.top
# https://www.virustotal.com/gui/ip-address/47.251.77.252/relations
0.0.0.0 bbbnvnv.com
0.0.0.0 usps.bbbnvnv.com
0.0.0.0 bbblmlm.com
0.0.0.0 usps.bbblmlm.com
0.0.0.0 bbbkdt.com
0.0.0.0 usps.bbbkdt.com
0.0.0.0 bbbhaod.com
0.0.0.0 usps.bbbhaod.com
0.0.0.0 bbbnbnb.com
0.0.0.0 usps.hkjtion.com
0.0.0.0 usps.hjktion.com
0.0.0.0 bbbiiuu.com
0.0.0.0 usps.bbbiiuu.com
0.0.0.0 bbbvbvb.com
0.0.0.0 usps.bbbvbvb.com
0.0.0.0 usps.bbbnbnb.com
0.0.0.0 usps.bbbuuui.com
0.0.0.0 bbbuuui.com
0.0.0.0 bbbdjsgd.com
0.0.0.0 usps.bbbdjsgd.com
0.0.0.0 bbbdjdhes.com
0.0.0.0 usps.bbbdjdhes.com
0.0.0.0 bbbiuiu.com
0.0.0.0 usps.bbbiuiu.com
0.0.0.0 usps.zzzopjl.com
0.0.0.0 bbbouou.com
0.0.0.0 usps.bbbouou.com
0.0.0.0 zzzopjl.com
0.0.0.0 bbbiudhs.com
0.0.0.0 usps.bbbiudhs.com
# https://github.com/hagezi/dns-blocklists/issues/2178
0.0.0.0 guidesite.info
0.0.0.0 ustrack.online
# https://github.com/hagezi/dns-blocklists/pull/2182
0.0.0.0 cashjuice.com
0.0.0.0 esigningapp.com
0.0.0.0 fastloanassist.com
0.0.0.0 myrequestresults.com
0.0.0.0 myresources-join.resourcesify.com
0.0.0.0 taxreturnoptions.com
0.0.0.0 247lendinggroup.com
0.0.0.0 theconsumerhq.com
0.0.0.0 banktoday.de
0.0.0.0 secureexpressrequest.com
0.0.0.0 cashusa.com
0.0.0.0 choicecreditrepair.life
0.0.0.0 swagbucks.com
0.0.0.0 americanunsecured.com
0.0.0.0 grantsreach.com
# https://github.com/hagezi/dns-blocklists/issues/2228
0.0.0.0 z-lib.id
# https://github.com/RPiList/specials/issues/1492
0.0.0.0 okun.shop
0.0.0.0 meiguo66.okun.shop
0.0.0.0 de.okun.shop
# https://www.reddit.com/r/Scams/comments/1bfbq5e/emf_neutralizer_is_this_actually_a_thing/
# https://yewtu.be/watch?v=EgvdvfOvdJs
# https://yewtu.be/watch?v=VmFzPALkFyo
# https://www.bbc.com/news/technology-55613452
# https://www.usatoday.com/story/news/factcheck/2020/07/12/fact-check-anti-radiation-shields-do-not-protect-against-emf-emission/5349018002/
0.0.0.0 energydots.com
# https://github.com/durablenapkin/scamblocklist/issues/80
0.0.0.0 produktretter.com
0.0.0.0 produktretter.org
0.0.0.0 gratis-eltern-produkttests.com
0.0.0.0 produkttest-anmeldung.com
0.0.0.0 maforia-anmeldung.com
0.0.0.0 produkttester-anmeldung.com
0.0.0.0 produkttester-werden.org
0.0.0.0 ruecksendungen-gratis.com
# https://github.com/RPiList/specials/issues/1515
# https://tria.ge/240320-23k12aef2v/behavioral1
0.0.0.0 iioddoy.shop
0.0.0.0 shop.iioddoy.shop
0.0.0.0 baodan.xyz
0.0.0.0 img.baodan.xyz
# https://tria.ge/240320-3qqanaec82/behavioral1
0.0.0.0 ixlcrg.shop
0.0.0.0 shop.ixlcrg.shop
0.0.0.0 gagabao216.com
0.0.0.0 img.gagabao216.com
# https://tria.ge/240321-aqql7sfb49/behavioral1
0.0.0.0 ffuoouw.shop
0.0.0.0 shop.ffuoouw.shop
# https://tria.ge/240321-a55dxagg71/behavioral1
0.0.0.0 nnsnnqn.shop
0.0.0.0 shop.nnsnnqn.shop
# https://tria.ge/240321-babc1sgh7v/behavioral1
0.0.0.0 rrmuumm.shop
0.0.0.0 shop.rrmuumm.shop
# https://github.com/jarelllama/Scam-Blocklist/issues/265
0.0.0.0 luizeva.com
0.0.0.0 earnglobal.co
0.0.0.0 prostargift.com
0.0.0.0 quirkleaf.com
# https://github.com/jarelllama/Scam-Blocklist/issues/264
0.0.0.0 hft-fyfc.com
0.0.0.0 askotrade.net
0.0.0.0 binozy.com
0.0.0.0 monarchlibertygroup.cc
0.0.0.0 polybox.finance
0.0.0.0 sanexer.com
# https://infosec.exchange/@iampytest1/112203822803380750
0.0.0.0 toughknifes.com
0.0.0.0 darntoughfactory.shop
0.0.0.0 darnroughonline.top
0.0.0.0 darntoughonline.shop
0.0.0.0 darntoughonline-us.top
0.0.0.0 darntoughsales.shop
0.0.0.0 us-darntoughonline.top
0.0.0.0 vipbargainhub.com
0.0.0.0 vpdamai.com
# https://github.com/jarelllama/Scam-Blocklist/issues/277
# https://dfpi.ca.gov/2024/03/25/fraudulent-bank-website-scam/
0.0.0.0 beachcitiescommercialbank.com
# my analysis: https://tria.ge/240404-xlg6laga74/behavioral1
# https://infosec.exchange/@iampytest1/112214528899229692
0.0.0.0 americasfirstnationalbank.com
0.0.0.0 beachcitiescommercialbank.com.americasfirstnationalbank.com
0.0.0.0 www.beachcitiescommercialbank.com.americasfirstnationalbank.com
# https://tria.ge/240408-bf8kpscb83/behavioral1
0.0.0.0 spacex-invest.org
# https://github.com/jarelllama/Scam-Blocklist/issues/289
0.0.0.0 xcorepips.com
# https://tria.ge/240410-31s5ashh6w/behavioral1
0.0.0.0 x2-invest.com
# https://github.com/RPiList/specials/issues/1532
# https://tria.ge/240411-nps8laaf48/behavioral1
0.0.0.0 websharetday.online
# https://tria.ge/240411-xhwjtahh93/behavioral1
0.0.0.0 gettechreward.com
# https://tria.ge/240411-1dm9esde97/behavioral1
0.0.0.0 leanbiome-discount.store
# https://tria.ge/240411-1jkqgsdh25/behavioral1
0.0.0.0 gamersahead.com
# https://tria.ge/240412-3g67tagc44/behavioral1
0.0.0.0 daniellacribbs.lol
0.0.0.0 c.datingcompass.fun
# https://tria.ge/240412-3jmwysgc75/behavioral1
0.0.0.0 fatimaforaker.skin
0.0.0.0 i.datingcompass.fun
# https://tria.ge/240412-3nkbmagd63/behavioral1
0.0.0.0 oletaburford.buzz
0.0.0.0 hngfck.com
0.0.0.0 g.datingcompass.fun
# https://tria.ge/240413-apvvjagg78/behavioral1
0.0.0.0 mailtknnews.com
0.0.0.0 t.mailtknnews.com
0.0.0.0 russiagirlsonline.com
0.0.0.0 www.russiagirlsonline.com
0.0.0.0 charmdate.com
0.0.0.0 www.charmdate.com
# https://github.com/hagezi/dns-blocklists/issues/2512
0.0.0.0 slowmitter.top
0.0.0.0 d.slowmitter.top
0.0.0.0 singingfiles.com
# https://github.com/jarelllama/Scam-Blocklist/issues/334
0.0.0.0 gym-sharkfinland.com
# https://github.com/hagezi/dns-blocklists/issues/2607
0.0.0.0 93mobiles.com
# spam email
# https://tria.ge/240511-qjc1jacc79/behavioral1
0.0.0.0 serenespring.info
0.0.0.0 mta1.serenespring.info
0.0.0.0 naughtymatchvo1.com
0.0.0.0 onlyfwb.com
0.0.0.0 email.mg.onlyfwb.com
# ---- PUPs ----
# https://virustotal.com/gui/url/c7e3137c4baaad64dcbbafd1938f581f264944fa1e2c1aa1ebcff77ed2959082/links
# https://safeweb.norton.com/report/show?url=https://www.totalav.com/ultra-deal?exit
# https://virustotal.com/gui/url/a15311f27a16908dfa87b8ce6cf0302d8c8260f32ce7171845fc73bd4d9769d2/detection
# https://virustotal.com/gui/url/dbc664226fd57c865f66bbaeae0d7270904c4ad735d0eb0ead4511e817392943/detection
# https://virustotal.com/gui/domain/www.totalav.com/detection
# https://quttera.com/detailed_report/totalav.com
# https://virustotal.com/gui/domain/totalav.com/community
# https://github.com/VernonStow/Filterlist/issues/3
# https://discussions.apple.com/thread/8226797
# https://malwaretips.com/threads/total-av-is-it-a-scam.80362/
# https://github.com/uBlockOrigin/uAssets/issues/9355
# https://github.com/notracking/hosts-blocklists/issues/756#issuecomment-1172973042
# https://tria.ge/230720-3qya9sbh2t/behavioral2
# https://app.any.run/tasks/cc0dd977-97e3-4b4a-833b-dfc4d5f0be55/
# https://tria.ge/230724-z8hfzsha64/behavioral1
# https://www.youtube.com/watch?v=PcS3EozgyhI
# *many* deceptive ads
0.0.0.0 totalav.com
0.0.0.0 www.totalav.com
# https://virustotal.com/gui/file/7a75c2c9695157772541cd426d057ff382d011a2791bcc3e511d94592ab0dbb7/relations
0.0.0.0 api.totalav.com
# Subdomains
0.0.0.0 secure.totalav.com
0.0.0.0 url.totalav.com
0.0.0.0 support.totalav.com
0.0.0.0 blog.totalav.com
0.0.0.0 track.totalav.com
0.0.0.0 ajax.totalav.com
0.0.0.0 affiliate.totalav.com
0.0.0.0 livechat.totalav.com
0.0.0.0 advertisers.totalav.com
0.0.0.0 affiliates.totalav.com
0.0.0.0 my.totalav.com
0.0.0.0 assets.totalav.com
0.0.0.0 identity.totalav.com
0.0.0.0 login.totalav.com
0.0.0.0 download.totalav.com
0.0.0.0 static.totalav.com
0.0.0.0 adblock.totalav.com
0.0.0.0 sso.totalav.com
0.0.0.0 webshield.totalav.com
0.0.0.0 resources.totalav.com
0.0.0.0 signup.totalav.com
0.0.0.0 link.totalav.com
0.0.0.0 chat.totalav.com
0.0.0.0 click.totalav.com
0.0.0.0 stats.totalav.com
0.0.0.0 search.totalav.com
0.0.0.0 aff.totalav.com
0.0.0.0 news.totalav.com
0.0.0.0 blockpage.totalav.com
0.0.0.0 ext.totalav.com
0.0.0.0 smtpmail.totalav.com
0.0.0.0 articles.totalav.com
0.0.0.0 data.totalav.com
0.0.0.0 pda.totalav.com
0.0.0.0 firmy.totalav.com
0.0.0.0 portal.totalav.com
0.0.0.0 educa.totalav.com
0.0.0.0 cp.totalav.com
0.0.0.0 images.totalav.com
0.0.0.0 p.totalav.com
0.0.0.0 gallery.totalav.com
0.0.0.0 webshop.totalav.com
0.0.0.0 new.totalav.com
0.0.0.0 sklep.totalav.com
0.0.0.0 manitoba.totalav.com
0.0.0.0 wiki.totalav.com
0.0.0.0 pei.totalav.com
0.0.0.0 dl.totalav.com
0.0.0.0 bbs.totalav.com
0.0.0.0 schools.totalav.com
0.0.0.0 ts.totalav.com
0.0.0.0 hosting.totalav.com
0.0.0.0 test.totalav.com
0.0.0.0 live.totalav.com
0.0.0.0 eng.totalav.com
0.0.0.0 forums.totalav.com
0.0.0.0 lnx.totalav.com
0.0.0.0 lib.totalav.com
0.0.0.0 galeria.totalav.com
0.0.0.0 cloud.totalav.com
0.0.0.0 appauth.totalav.com
0.0.0.0 ww.totalav.com
0.0.0.0 email.totalav.com
0.0.0.0 u002fwww.totalav.com
0.0.0.0 shield.totalav.com
0.0.0.0 comassets.totalav.com
0.0.0.0 ru.totalav.com
0.0.0.0 l.totalav.com
0.0.0.0 lyncext.totalav.com
0.0.0.0 liaoning.totalav.com
0.0.0.0 www2.totalav.com
0.0.0.0 www1.totalav.com
0.0.0.0 imap2.totalav.com
0.0.0.0 internet.totalav.com
0.0.0.0 smtps.totalav.com
0.0.0.0 a.totalav.com
0.0.0.0 gin.totalav.com
0.0.0.0 supprt.totalav.com
0.0.0.0 mailout.totalav.com
0.0.0.0 imap1.totalav.com
0.0.0.0 mta1.totalav.com
0.0.0.0 eml.totalav.com
0.0.0.0 help.totalav.com
0.0.0.0 phishtest.totalav.com
0.0.0.0 math.totalav.com
# other related
0.0.0.0 totalwebshield.com
0.0.0.0 download.totalwebshield.com
# This is owned by Protected[.]net, who also is responsible for the TotalAV scam. Can not get an exe as it requires me to pay first...
0.0.0.0 scanguard.com
0.0.0.0 www.scanguard.com
0.0.0.0 my.scanguard.com
0.0.0.0 secure.scanguard.com
0.0.0.0 download.scanguard.com
# An alias for TotalAV
# https://safeweb.norton.com/report/show?url=pcprotect.com
# https://virustotal.com/gui/url/523e692076d4eff5dba80a52bca9c01aa77b4e1dac6598aa78574cab1297497a/community
# https://www.mywot.com/scorecard/pcprotect.com
0.0.0.0 pcprotect.com
0.0.0.0 www.pcprotect.com
0.0.0.0 secure.pcprotect.com
# The company behind the TotalAV scam & pcprotect[.]com
# https://www.facebook.com/protectednet - they basically admitted to it. See https://www.facebook.com/protectednet/photos/a.685704165203904/1199676053806710/?type=3&theater
# Lesson to scammers: Don't post golf balls with the name of the scam product to facebook...
0.0.0.0 protected.net
0.0.0.0 definition.protected.net
0.0.0.0 install.protected.net
0.0.0.0 ssprotectltd.com
0.0.0.0 www.ssprotectltd.com
# scammers - now hiring
0.0.0.0 protected-net.breezy.hr
# A scam adblocker (use uBlock Origin, AdGuard, or even AdBlock Plus. They are all better then TotalAdBlock)
# VirusTotal scan of Android version: https://virustotal.com/gui/file/24ce64dfa6937c5ede674b2ba33d6818bfa9f8bb4d36ff8da9aff39e05b8e41c/detection
# https://apps.apple.com/app/totaladblock/id1564900435 (only two reviews?)
# https://tria.ge/231024-3lc5jace3w/behavioral1
# https://infosec.exchange/@iampytest1/111292640449421381
# https://tria.ge/231025-nk2zyagh81/behavioral1
# scam ads, as per ryanbr of EasyList 
0.0.0.0 totaladblock.com
0.0.0.0 www.totaladblock.com
0.0.0.0 download.totaladblock.com
0.0.0.0 blockpage.totaladblock.com
0.0.0.0 stats.totaladblock.com
0.0.0.0 affiliates.totaladblock.com
0.0.0.0 affiliate.totaladblock.com
0.0.0.0 url.totaladblock.com
0.0.0.0 api.totaladblock.com
0.0.0.0 signup.totaladblock.com
0.0.0.0 track.totaladblock.com
0.0.0.0 my.totaladblock.com
0.0.0.0 support.totaladblock.com
0.0.0.0 login.totaladblock.com
# https://infosec.exchange/@iampytest1/111565168288360998
0.0.0.0 totadblock.com
# https://app.any.run/tasks/eb07059f-c987-4366-9fed-8abfff016173
0.0.0.0 totaladblock.protected.net
0.0.0.0 extension.protected.net
0.0.0.0 totaladblocker.xyz
0.0.0.0 www.totaladblocker.xyz
# https://virustotal.com/gui/ip-address/34.117.171.15/relations
0.0.0.0 totalwebshield.xyz
0.0.0.0 www.totalwebshield.xyz
0.0.0.0 secure.totalwebshield.xyz
0.0.0.0 login.totalwebshield.xyz
0.0.0.0 download.totalwebshield.xyz
# as per https://github.com/iam-py-test/my_filters_001/issues/105, I have unblocked the main website but still block the registry cleaner, driver updater, etc
0.0.0.0 winzipregistryoptimizer.com
0.0.0.0 download.winzipregistryoptimizer.com
# WinZip ads
# https://virustotal.com/gui/url/cad59b610a95e69019638d171c2df89adb7eac183968e102e37396b806fa57bd/community
0.0.0.0 winzipdriverupdater.com
0.0.0.0 slowness.winzipdriverupdater.com
# https://virustotal.com/gui/url/e5e8624a07064fc3a296dcab3b0b578ac0ed6d841094489e8bec989653deb93c/detection
# https://virustotal.com/gui/ip-address/3.222.136.53/relations
0.0.0.0 winzipultimatepccare.com
0.0.0.0 www.winzipultimatepccare.com
0.0.0.0 winzipdisktools.com
0.0.0.0 winzipsystemtools.com
# It is a very bad sign when Windows Defender blocks a file, and it is not a false positive
# https://virustotal.com/gui/url/b27f7a631ee2bcf759ab82fa976980c2704c787ecd21abc8b591b7fc93d96ee1/detection
# https://github.com/iam-py-test/Assets-001/tree/main/PUPs/SpeedCat
# Installer
# https://virustotal.com/gui/file/3f4c860c2689984f7edab62d5a5459840dc9515ec2c7a94b6fea6878481a3992/detection
# https://www.hybrid-analysis.com/sample/3f4c860c2689984f7edab62d5a5459840dc9515ec2c7a94b6fea6878481a3992
# https://www.hybrid-analysis.com/sample/3f4c860c2689984f7edab62d5a5459840dc9515ec2c7a94b6fea6878481a3992/60f6d24211dc4473a31cd34a
# Other files and the app
# https://virustotal.com/gui/file/792bb2a2bd9f148d0b7dca1a98b4a310a30490c6523fc53a1f1e535e53d62389/detection
# https://virustotal.com/gui/file/57c40a9d2e592d968daa0f092abfa7abe2b41c47eb718adb770bd6930ec0dba4/detection
# https://virustotal.com/gui/file/f395839a00762a5e0428cb2cf596d80c56ba2be78cc3e6a3c89afb5c1f904db9/detection
# https://virustotal.com/gui/file/ff652f10ac6dbf8d4965f6624339c67e02715cf499ad8b26c1a683bd503e4136/detection
# https://quttera.com/detailed_report/pcspeedcat.com
0.0.0.0 pcspeedcat.com
# https://virustotal.com/gui/domain/pcspeedcat.com/relations
0.0.0.0 cdn.pcspeedcat.com
0.0.0.0 vold.pcspeedcat.com
0.0.0.0 www.pcspeedcat.com
0.0.0.0 dev.pcspeedcat.com
0.0.0.0 access.pcspeedcat.com
0.0.0.0 vold-cdn.pcspeedcat.com
0.0.0.0 envoy.pcspeedcat.com
0.0.0.0 www-click-cf.pcspeedcat.com
# Found in the shady Bing ads when searching for ADWCleaner
# Before downloading, ADWCleaner detected no adware. After downloading, ADWCleaner detected adware, which included the program. Program claims that buying the paid version (and entering private data) will fix issues with a clean VM. 
# This also adds unneeded start up tasks (why would it need start up tasks?). In total, Malwarebytes detected 99 threats.
# https://virustotal.com/gui/url/681984dd59e84ade5ad3c7b93842dd3b8b759992e7a5f5a1a2aa8dd04f4c823e/community
0.0.0.0 mycleanpc.com
# I saw the www in the results
0.0.0.0 www.mycleanpc.com
# Found using VirusTotal
0.0.0.0 reviews.mycleanpc.com
0.0.0.0 m.mycleanpc.com
0.0.0.0 shop.mycleanpc.com
0.0.0.0 web.mycleanpc.com
0.0.0.0 blog.mycleanpc.com
0.0.0.0 app.mycleanpc.com
0.0.0.0 get.mycleanpc.com
0.0.0.0 dev-www.mycleanpc.com
# related domains owned by the company used for paying - obtained when talking to the scammer
0.0.0.0 ustechsupport.com
0.0.0.0 www.ustechsupport.com
0.0.0.0 mycleanid.com
0.0.0.0 www.mycleanid.com
0.0.0.0 iolostore.com
0.0.0.0 www.iolostore.com
# the main website for the company
0.0.0.0 realdefen.se
# other 'products' which all appear to be PUPs
0.0.0.0 getmydrivers.com
0.0.0.0 www.getmydrivers.com
0.0.0.0 app.getmydrivers.com
0.0.0.0 dev-www.getmydrivers.com
0.0.0.0 qa-www.getmydrivers.com
0.0.0.0 stopzilla.com
0.0.0.0 cyberdefender.com
0.0.0.0 www.cyberdefender.com
0.0.0.0 virusfix.com
0.0.0.0 www.virusfix.com
# Owned by them (they admit it)
# 4/12/2022: https://app.any.run/tasks/82c340da-6ab4-4398-86bd-2bd368c018ce
0.0.0.0 iolo.com
0.0.0.0 www.iolo.com
0.0.0.0 secure1.iolo.com
# https://github.com/DandelionSprout/adfilt/compare/c3d04d61c9...4a2d9d2efa
# link on https://www.windowsdispatch.com/fix-system-restore-0x81000203-error-code/
# https://virustotal.com/gui/url/41ada9c74d64537274173ea01f61fae7c7bdce2d660b64abb11546563fc6bf10/community
# The installer
# https://virustotal.com/gui/file/5d99408fc2f7bc85f2c4bc6dcd762008bfecd5c8dcaaacf9c9bdc2914ddd22b1/detection
# Files related to the PUP program
# https://virustotal.com/gui/file/fcf484d1009b4136c8655d32484babb0a284cbcb112ced7647194aea9e7688df/detection
# https://virustotal.com/gui/file/67252e30a59ddc58c273555bfd306343ec61e3f198a1c2d3eb30d8a93ec4fffa/detection
# https://virustotal.com/gui/file/5ef7eedfa7f283f180c1de80803e8d5c81fee09750ca044f018a098a94ad85c1/detection
# Malwarebytes detection - https://blog.malwarebytes.com/detections/pup-optional-restoro/
# Screenshots from anaysis - https://github.com/iam-py-test/Assets-001/tree/main/PUPs/Restoro (VM Env: Windows 10, Windows Defender on)
0.0.0.0 restoro.com
0.0.0.0 www.restoro.com
# https://virustotal.com/gui/file/f019dab3172f6ce7808d45a5b5dea92354352e302219c02a84a280978f6eb166/community
# https://www.bleepingcomputer.com/virus-removal/page/2/
# https://virustotal.com/gui/url/1a381bcdd30c4fafbe50baa12a0446c18b875e2221330ffe2adec106f14904f4/community
# https://virustotal.com/gui/file/50abca232390db8eb28a17b9fa5386631857c7c14d1b43d0adcdaf90178a4f7c/community
# https://www.mywot.com/scorecard/iobit.com
# https://forums.malwarebytes.com/topic/29681-iobit-steals-malwarebytes-intellectual-property/page/5/#elControls_152972_menu
# https://virustotal.com/gui/url/1a381bcdd30c4fafbe50baa12a0446c18b875e2221330ffe2adec106f14904f4/community
# https://github.com/hagezi/dns-blocklists/issues/1794
0.0.0.0 iobit.com
# Subdomains
0.0.0.0 cdn.iobit.com
0.0.0.0 stats.iobit.com
0.0.0.0 estore.iobit.com
0.0.0.0 update.iobit.com
0.0.0.0 jp.iobit.com
0.0.0.0 store.iobit.com
0.0.0.0 download.iobit.com
0.0.0.0 www.iobit.com
0.0.0.0 clouddownload.iobit.com
0.0.0.0 ru.iobit.com
0.0.0.0 search.iobit.com
0.0.0.0 purchase.iobit.com
0.0.0.0 cloud.iobit.com
0.0.0.0 interface.iobit.com
0.0.0.0 shop.iobit.com
0.0.0.0 mobile.iobit.com
0.0.0.0 m.iobit.com
0.0.0.0 startup.iobit.com
0.0.0.0 survey.iobit.com
0.0.0.0 checkout.iobit.com
0.0.0.0 sdupdate.iobit.com
0.0.0.0 giveaway.iobit.com
0.0.0.0 uninstall.iobit.com
0.0.0.0 de.iobit.com
0.0.0.0 codes.iobit.com
0.0.0.0 recorder.iobit.com
0.0.0.0 ascstats.iobit.com
# download redirects to iobit
0.0.0.0 windowserrorfixer.com
0.0.0.0 www.windowserrorfixer.com
# itop vpn seems to be made by iobit and comes with bundled installs
0.0.0.0 itopvpn.com
0.0.0.0 update.itopvpn.com
0.0.0.0 api.itopvpn.com
0.0.0.0 stats.itopvpn.com
# https://tria.ge/231105-nq2lcsee2v/behavioral1
0.0.0.0 itopupdate.com
0.0.0.0 update.itopupdate.com
0.0.0.0 stats.itopupdate.com
# https://tria.ge/240511-bb4qysca5x/behavioral2
0.0.0.0 downloaditop.com
0.0.0.0 update.downloaditop.com
# https://virustotal.com/gui/file/4efd1bc1bdc12da1bbdc597cf3f37f0c65e582f42e353cf781ac1fe422dfa68c/detection
# https://virustotal.com/gui/file/69d9d162a040888164707b7e44f4709059ad45296a832c077c0dc91afed89c05/detection
# https://virustotal.com/gui/file/fd9dbb971a9995f6d146237933fbe27f18217d3cacbb6da121de4cc9590030be/relations
# https://github.com/iam-py-test/Assets-001/tree/main/PUPs/Restoro
# https://virustotal.com/gui/url/16766e8681f0bf474ec3238d4b6d7f33047f5f368abef0aac13001d2be0a757d/detection
# https://blog.malwarebytes.com/detections/pup-optional-reimage/
# https://virustotal.com/gui/url/16766e8681f0bf474ec3238d4b6d7f33047f5f368abef0aac13001d2be0a757d/detection
0.0.0.0 reimageplus.com
0.0.0.0 cdnrep.reimageplus.com
# More reimage - new name, new SHA256, new domain?
# https://virustotal.com/gui/url/3493793318d49332b789aba96de7937c468c5f6a20d6fdbf8da87832183c5d07/detection
# https://github.com/iam-py-test/Assets-001/tree/main/PUPs/Restoro_2
# https://virustotal.com/gui/file/fd9dbb971a9995f6d146237933fbe27f18217d3cacbb6da121de4cc9590030be/relations
0.0.0.0 reimage.org
0.0.0.0 www.reimage.org
# Nobody names their legit domain after malware and then is detected on VirusTotal
# https://virustotal.com/gui/url/deef544081c813ee971cfa78d8145e5a050ea5eccc3d5718b033d00b64c5f9f4/detection
0.0.0.0 reimage.com
# https://virustotal.com/gui/file/af7b36c0f9f48f35315877e3cd5efb83c1a122a043ea9228db7da9c1c3c3120b/community
# https://github.com/iam-py-test/Assets-001/blob/main/PUPs/MediaGet/mediaget_detections.jpeg
0.0.0.0 mediaget.com
# found by @DandelionSprout in https://github.com/DandelionSprout/adfilt/issues/253
0.0.0.0 media-get.com
0.0.0.0 media-get.ru
0.0.0.0 mediagetplus.com
0.0.0.0 mgmgmg.com
# https://virustotal.com/gui/file/05f052c64d192cf69a462a5ec16dda0d43ca5d0245900c9fcb9201685a2e7748/detection
# https://virustotal.com/gui/url/f938821627f117b561598186343cf47ce5f75b89b8d149a3efe885f9eba51942/community
# https://virustotal.com/gui/file/a367e0562e612bc66729f3a4676bad849e5c3c32fad8223b5ea991e11604f5fe/details
# ADWCleaner detects malware after execution. File opens webpage with generic 'your system has issues' message
0.0.0.0 driveragent.com
# https://www.joesandbox.com/analysis/237782/0/html#domains
0.0.0.0 secure.driveragent.com
0.0.0.0 driveragent-web-126513135.us-east-1.elb.amazonaws.com
# https://virustotal.com/gui/file/61ddc79c421d13052f0acdb838d1a68d98c5e4eda0058f018f72a65474135d08/detection
# https://github.com/DandelionSprout/adfilt/issues/254
# https://blog.malwarebytes.com/detections/onesafe-software-com/
0.0.0.0 onesafesoftware.com
0.0.0.0 vpn.onesafesoftware.com
0.0.0.0 blog.onesafesoftware.com
0.0.0.0 drivers.onesafesoftware.com
0.0.0.0 updates.onesafesoftware.com
0.0.0.0 support.onesafesoftware.com
0.0.0.0 cdn.onesafesoftware.com
0.0.0.0 subscriptions.onesafesoftware.com
0.0.0.0 notifications.onesafesoftware.com
0.0.0.0 stats.onesafesoftware.com
0.0.0.0 www.onesafesoftware.com
# https://virustotal.com/gui/file/a6e89d2bb1c2da1d852fb8e248f39cf7b3d4b0ea05a8d8f343d1b8e74d271d43/relations
0.0.0.0 driversupport.com
0.0.0.0 front.driversupport.com
0.0.0.0 secure.driversupport.com
0.0.0.0 aloha.driversupport.com
# "SolveIQ"?
0.0.0.0 apps.solveiq.com
0.0.0.0 preview.solveiq.com
0.0.0.0 auth.solveiq.com
# Taken from DandelionSprout's Anti-malware list - which is at https://github.com/DandelionSprout/adfilt/blob/master/Dandelion%20Sprout's%20Anti-Malware%20List.txt and which is maintained by https://github.com/DandelionSprout -  and verified
0.0.0.0 driver-soft.com
# https://github.com/blocklistproject/Lists/issues/497
0.0.0.0 pcspeedup.en.softonic.com
0.0.0.0 tweakbit.com
0.0.0.0 static.tweakbit.com
0.0.0.0 www.tweakbit.com
0.0.0.0 debuglogs.tweakbit.com
0.0.0.0 update.tweakbit.com
0.0.0.0 dynamicdownloads.tweakbit.com
0.0.0.0 downloads.tweakbit.com
0.0.0.0 store.tweakbit.com
0.0.0.0 cdn.tweakbit.com
0.0.0.0 aff.tweakbit.com
0.0.0.0 mail.tweakbit.com
# Original inspection
# disable uBlock Origin and go to https://www.google.com/search?q=clean+up+computer+to+run+faster&source=hp&ei=Y4KzYIrUL-rP0PEPqM2liAc&iflsig=AINFCbYAAAAAYLOQcwKl4vglkAEcsALPhO6XEyguHxPP&oq=clean+up+comp&gs_lcp=Cgdnd3Mtd2l6EAEYATICCAAyAggAMgIIADICCAAyBQgAEMkDMgIIADICCAAyAggAMgIIADICCAA6DgguELEDEMcBEKMCEJMCOgsILhCxAxDHARCjAjoFCAAQsQM6CAgAELEDEIMBOggILhDHARCjAjoOCC4QsQMQgwEQxwEQrwE6CAgAEOoCEI8BOggILhCxAxCDAToICC4QxwEQrwE6BQguELEDOggILhCxAxCTAjoICAAQsQMQyQM6BQgAEJIDOgsILhDHARCjAhCTAjoCCC46BQguEJMCUOUoWKCDAWDakwFoAnAAeACAAYoDiAGaFJIBCDAuMTQuMC4xmAEAoAEBqgEHZ3dzLXdperABCg&sclient=gws-wiz
# https://virustotal.com/gui/url/2f44cf878800c082d5fefb8326cf384fe12393ecfcca05e64903c5888f4c762c/detection
# https://virustotal.com/gui/url/c6290089eb08d05375650bfb7778713e1e9443ac1d8d180df44bd8ddd49124f9/detection
# https://virustotal.com/gui/domain/www.pchelpsoft.com/relations
# https://www.mywot.com/scorecard/pchelpsoft.com
# https://safeweb.norton.com/report/show_mobile?name=https://www.pchelpsoft.com/pc-cleaner/lp1-ms-us/?tracking=PH_EN_PP_GO_SE_PCC_US&keyword=speed%20up%20my%20pc&campaignID=ADWORDS&gclid=EAIaIQobChMIsOqVwrTx8AIV9xmtBh17swHGEAAYASAAEgLr1fD_BwE
# https://virustotal.com/gui/url/3cfe4ec34704092b5ad0c03b1f9566b538c11e3e0434a73991cdc2694db26582/detection
# https://www.urlvoid.com/scan/pchelpsoft.com/
# https://sitecheck.sucuri.net/results/pchelpsoft.com
# https://www.fortiguard.com/webfilter?q=pchelpsoft.com
# Inspection on 23/7/2021
# https://virustotal.com/gui/url/3cfe4ec34704092b5ad0c03b1f9566b538c11e3e0434a73991cdc2694db26582/detection
# https://safeweb.norton.com/reviews?url=pchelpsoft.com
# https://www.mywot.com/en/scorecard/pchelpsoft.com
# Setup file (installer) - https://virustotal.com/gui/file/7ab506784dcc49c916cdff2076132dafc881ac268e54aba39d6af2ca6ce0c775/details
# Related files
# https://virustotal.com/gui/file/04ef20ed8a783aaa91082865ed99c079cf2bf9f67908d536fdb9e227b19401f0/detection
# https://virustotal.com/gui/file/192dc080f0c52222e03c074e3a38a8b3cc5b31605457fd6acd447bf7488a89d8/relations
# https://virustotal.com/gui/file/40157e1981b97206658667927fbdc484c7e9615591884cfed2d6cadc9e3f1b4c/detection
# A 'driver updater' it wanted me to install - https://virustotal.com/gui/file/965bf402594ee539ce61d2a593c421b1c7ed6e1969369ae4a7866c17b2281a3c/detection
# https://forums.malwarebytes.com/topic/200216-removal-instructions-for-pccleaner/
# Screenshots - https://github.com/iam-py-test/Assets-001/tree/main/PUPs/PCHelpSoft
# 19/9/2022: https://app.any.run/tasks/3c8b1d38-de18-488a-9e3f-62b3354c17e8
# 6/11/2022: https://app.any.run/tasks/da8a44c3-965f-4fd6-816d-b5ae16235f62 (https://virustotal.com/gui/file/5475c9cff70482b8b5bf2c31395f9463261313991b41743686e4c8c43e53df0b/detection)
0.0.0.0 pchelpsoft.com
0.0.0.0 www.pchelpsoft.com
0.0.0.0 cloud.pchelpsoft.com
0.0.0.0 cda.pchelpsoft.com
0.0.0.0 cdn.pchelpsoft.com
0.0.0.0 webtools.pchelpsoft.com
0.0.0.0 pchelpsoft.net
0.0.0.0 www.pchelpsoft.net
# https://virustotal.com/gui/url/27307acb5b127114423ed0d7c63aaed0013d1833f56c158a3b049f8d1c98dcbc/detection
# Download button redirects to advancedsystemrepair.com
0.0.0.0 pccleaner.com
# The PUP from this website looks like a past one; maybe a variant or another download location
# https://github.com/iam-py-test/Assets-001/tree/main/PUPs/PCCleaner_1
0.0.0.0 advancedsystemrepair.com
0.0.0.0 support.advancedsystemrepair.com
0.0.0.0 secure.advancedsystemrepair.com
0.0.0.0 lp.advancedsystemrepair.com
0.0.0.0 track.advancedsystemrepair.com
0.0.0.0 www.advancedsystemrepair.com
0.0.0.0 checkout.advancedsystemrepair.com
# Found this PUP on someone else's computer, so I decided to figure more about it. It does look very old; even the UI sometimes looks like Windows 7 despite the VM running 10
# The (working) installer (from Softonic) - https://virustotal.com/gui/file/863adfe03c1ea35c424817274eabe4eef02fe4a2d6428f8718e61655fb8bc49c/detection
# The program (according to Malwarebytes's IOC report) - https://virustotal.com/gui/file/2aad06624e9b698ec0dc0276b433c606a4858d6585028cd658ae7c697358ffec/detection
# https://blog.malwarebytes.com/detections/pup-optional-slimcleanerplus/
# All the domains seem to be related to this PUP
# https://virustotal.com/gui/url/f7be15d28340acb7db31f63a62a26bad1253824f2424117a816203950e86fd22/community
0.0.0.0 slimware.com
# https://virustotal.com/gui/url/440e39a20d7e01064269dadfc38eafd80c8534f7391f2c1ef7ac41c10d9c4e20/detection
0.0.0.0 slimcleaner.com
0.0.0.0 www.slimcleaner.com
# https://virustotal.com/gui/url/946a5c2295cfef547f162350af93257df55d6b2103a0ce2e84b241cf727a81f6/detection
0.0.0.0 slimwareutilities.com
# The executable from the website (https://virustotal.com/gui/file/d9103347f6043f0266a6480b6c794a4ee9f07800db43b6301920fe97587066d2/detection) seemed broken, but this one (maybe an older/newer mirror) works
0.0.0.0 slimcleaner-plus.en.softonic.com
# Other TLDs
0.0.0.0 slimcleaner-plus.softonic.com.tr
0.0.0.0 slimcleaner-plus.softonic.vn
# https://github.com/iam-py-test/investigations/blob/main/2021/11/5/1.md
0.0.0.0 windowserrorhelp.com
0.0.0.0 certified.windowserrorhelp.com
# Spyhunter is far from legit - and this company sues almost anyone (i.e. Bleeping Computer - https://blog.malwarebytes.com/security-world/2016/02/bleepingcomputer-defends-freedom-of-speech/, Malwarebytes - https://press.malwarebytes.com/2021/09/29/malwarebytes-wins-dismissal-of-enigma-lawsuit-in-final-ruling/) 
# https://www.mywot.com/en/scorecard/enigmasoftware.com
# https://github.com/gorhill/uBlock/wiki/Software-known-to-have-uninstalled-uBlock-Origin
# https://en.wikipedia.org/wiki/SpyHunter_(software)
0.0.0.0 enigmasoftware.com
0.0.0.0 www.enigmasoftware.com
0.0.0.0 installer.enigmasoftware.com
0.0.0.0 download.enigmasoftware.com
0.0.0.0 dl.enigmasoftware.com
0.0.0.0 instcfg.enigmasoftware.com
0.0.0.0 tt.web.enigmasoftware.com
0.0.0.0 myaccount.enigmasoftware.com
0.0.0.0 purchase.enigmasoftware.com
0.0.0.0 spyhunter.enigmasoftware.com
0.0.0.0 spyhunter-update.enigmasoftware.com
0.0.0.0 download2.enigmasoftware.com
0.0.0.0 spyhunter.com
0.0.0.0 www.spyhunter.com
0.0.0.0 spyhunter-download-v2.b-cdn.net
# https://tria.ge/230810-2gkhdahd53/behavioral1
0.0.0.0 enigmasoft.net
0.0.0.0 rh.downloads.enigmasoft.net
# https://github.com/iam-py-test/my_filters_001/issues/84
0.0.0.0 mackeeper.com
# https://virustotal.com/gui/file/088cbcec6b80eba99eb691968e0f972935aae301e9cb6d1c6133699530dd5621/community
0.0.0.0 secure-browser.io
# locks your screen and just creates a link to their website on your desktop. Malware?
0.0.0.0 zipfileslikeapro.net
0.0.0.0 use.zipfileslikeapro.net
0.0.0.0 www.zipfileslikeapro.net
0.0.0.0 goto.searchproonline.com
0.0.0.0 searchproonline.com
# https://github.com/uBlockOrigin/uAssets/issues/11176
0.0.0.0 nearbyme.io
0.0.0.0 m.nearbyme.io
# https://web.archive.org/web/20230604193437/https://twitter.com/iam_py_test/status/1488163521540075524
0.0.0.0 outbyte.com
0.0.0.0 testedforyou.net
# from an infected VM
0.0.0.0 lp.pcsystemfix.com
0.0.0.0 pcsystemfix.com
0.0.0.0 download.pcsystemfix.com
# article on perflib errors
0.0.0.0 xoomber.com
# https://forums.malwarebytes.com/topic/283588-mb-cant-find-malware/
# https://forums.malwarebytes.com/topic/293374-aasearchtoolshub/
0.0.0.0 searchtoolshub.com
0.0.0.0 find.searchtoolshub.com
# Some scam redirects brought me here (https://web.archive.org/web/20230604193632/https://twitter.com/iam_py_test/status/1497351777754050562 - https://virustotal.com/gui/file/2e68dbec330d7ebe567dcbb67a1dffe83f6f0c278664b60f3edeee684edfe7ff/relations)
0.0.0.0 drivermax.com
# adware downloader - https://app.any.run/tasks/d1918395-7080-4292-9a71-1059bc7a90cf
0.0.0.0 certatd.ru
# Bundled installer & PUP
0.0.0.0 sysdriverupdater.com
0.0.0.0 www.sysdriverupdater.com
# This is just Advanced System Repair Pro
0.0.0.0 regcure.com
0.0.0.0 www.regcure.com
# https://blog.malwarebytes.com/threat-analysis/2022/06/forced-chrome-extensions-keep-reappearing/
0.0.0.0 activesearchbar.me
0.0.0.0 customsearchbar.me
0.0.0.0 securedatacorner.com
0.0.0.0 wincloudservice.com
# https://forums.malwarebytes.com/topic/286395-microsoft-edge-custom-search-bar-extension-redirects-to-rbfastsearchme/
0.0.0.0 rb.fastsearch.me
# https://forums.malwarebytes.com/topic/287338-browser-hi-jacker-royb2fastsearchme/
0.0.0.0 royb2.fastsearch.me
# adware
0.0.0.0 pdfconverterpower.net
0.0.0.0 downpdfpwr.com
0.0.0.0 searchpoweronline.com
0.0.0.0 goto.searchpoweronline.com
0.0.0.0 www.searchpoweronline.com
# https://forums.malwarebytes.com/topic/295131-pdfpower-pdfshark-pdfsuperhero-pdftodocpro-pdfmagic/#comment-1556224
0.0.0.0 gifsearchutils.com
0.0.0.0 start.gifsearchutils.com
0.0.0.0 pdfsharkapp.com
0.0.0.0 start.pdfsharkapp.com
0.0.0.0 searchmagiconline.com
0.0.0.0 start.searchmagiconline.com
0.0.0.0 pdfsuperhero.com
0.0.0.0 stats.pdfsuperhero.com
0.0.0.0 bl.searchpoweronline.com
# https://forums.malwarebytes.com/topic/289030-mbam-browser-guard-identifying-malware-but-mbam-not-removing-malware/
0.0.0.0 mysearchengine.co
# https://github.com/AdguardTeam/AdguardFilters/issues/128029
0.0.0.0 freddostagione.com
0.0.0.0 search.freddostagione.com
0.0.0.0 search.motherpipe.net
0.0.0.0 humanverified.net
0.0.0.0 video-ad-skipper.com
0.0.0.0 search.becovi.com
0.0.0.0 luminosoocchio.com
0.0.0.0 quick-speedtest.com
0.0.0.0 husmicto.com
0.0.0.0 splendidus.net
0.0.0.0 optimusquaero.com
0.0.0.0 potenzamano.com
0.0.0.0 tutatagliente.com
0.0.0.0 megliolavoro.com
0.0.0.0 osservareimmaginare.com
0.0.0.0 desideriosoldi.com
0.0.0.0 sottilesezione.com
0.0.0.0 alcunirisposta.com
0.0.0.0 www.humanverified.net
0.0.0.0 search.potestainsula.com
0.0.0.0 search.husmicto.com
0.0.0.0 search.splendidus.net
0.0.0.0 search.optimusquaero.com
0.0.0.0 search.potenzamano.com
0.0.0.0 search.tutatagliente.com
0.0.0.0 search.megliolavoro.com
0.0.0.0 search.luminosoocchio.com
0.0.0.0 search.osservareimmaginare.com
0.0.0.0 search.avantiwendo.com
0.0.0.0 search.desideriosoldi.com
0.0.0.0 search.sottilesezione.com
0.0.0.0 search.alcunirisposta.com
0.0.0.0 search.thecanem.net
# https://github.com/AdguardTeam/AdguardFilters/issues/132840
0.0.0.0 adblocker-app.info
# https://blog.malwarebytes.com/detections/pup-optional-bytefence/
# https://virustotal.com/gui/file/21dfa4ed47de7007c0fb6eadb3f94d2e847b3f4e301767d2320623f02f0926ba
# https://virustotal.com/gui/file/d41405553da0287be81722125b35405ad90923e7aa0631b5e5c6ab80358355ca
# https://safeweb.norton.com/reviews?url=bytefence.com
# https://www.mywot.com/scorecard/bytefence.com
0.0.0.0 bytefence.com
# https://www.youtube.com/watch?v=2tW_PDVfT-E
# https://virustotal.com/gui/file/1c45ac42e4486ae5114cf287626ffb02eb03675f667d076d5c8f886ee0016d26/detection
# https://github.com/iam-py-test/Assets-001/tree/main/PUPs/Auslogics_PUP_regclean
# https://virustotal.com/gui/file/a54dffea1703732c3daf043462c289f4c9fc57fb27e1e9cc099b0cc03835940e/detection
# https://forums.malwarebytes.com/topic/199170-false-positive-with-auslogics-boostspeed/#elControls_1116195_menu
0.0.0.0 auslogics.com
0.0.0.0 www.auslogics.com
# https://virustotal.com/gui/file/1d26c8e2760b9d95e344dc93e4516c88c23bae5af1e888b2769186520f53021d/detection
# https://virustotal.com/gui/url/c9d507f4fe1720bb0b70a799abfd548f315694f59eebea676204da1cbaee4b4f/detection
# https://virustotal.com/gui/file/bba00552bb0a562a00aa70c8425e48bb1b407a72f84df6c8f69f0bf44fabf310/detection
# https://virustotal.com/gui/file/0dcf7e52492de09df39f7b1f7996d61033c6f61b43d38990f43b45dd530dcdb9/relations
# https://www.hybrid-analysis.com/sample/1d26c8e2760b9d95e344dc93e4516c88c23bae5af1e888b2769186520f53021d
# https://www.hybrid-analysis.com/sample/1d26c8e2760b9d95e344dc93e4516c88c23bae5af1e888b2769186520f53021d/60a4789f1522974edf38bd58
# https://www.hybrid-analysis.com/sample/bba00552bb0a562a00aa70c8425e48bb1b407a72f84df6c8f69f0bf44fabf310
# https://github.com/iam-py-test/Assets-001/tree/main/PUPs/ashampoo
0.0.0.0 ashampoo.com
# https://virustotal.com/gui/url/9979729afeff4472121a6faa8d4a4b7c885a5f391b082d50585bf16929597d4e/community --> https://virustotal.com/gui/file/c9bb2af73703f81a31ae5a3dedbf6eebf404256b679303111c1dedf0e24879db/community
# https://app.any.run/tasks/d2533d89-8e5e-4fc6-b110-bafc153c3636 (my analysis)
# walliant: https://www.youtube.com/watch?v=91w4rzBTP5o
0.0.0.0 riversnails.club
0.0.0.0 walliant.com
# clone of another screenlocker adware
0.0.0.0 gifsmakerpro.com
0.0.0.0 www.gifsmakerpro.com
# https://forums.malwarebytes.com/topic/293346-malwarebytes-not-detecting-virus-highjacking-my-search-engine-in-chrome/
# https://www.bleepingcomputer.com/forums/t/788099/howdy-yall-i-could-use-some-help-antivirus-and-self-hacking/
0.0.0.0 mobilisearch.com
0.0.0.0 mobility-search.com
# another clone of ziprar thing (Adware.SearchLightPro)
0.0.0.0 imagelighteditor.com
0.0.0.0 www.imagelighteditor.com
0.0.0.0 downloadimglight.com
0.0.0.0 searchlightpro.com
0.0.0.0 start.searchlightpro.com
0.0.0.0 dsc.searchlightpro.com
# https://forums.malwarebytes.com/topic/283015-pupoptionalwinsweeper
# https://forums.malwarebytes.com/topic/300427-unable-to-start-in-a-normal-mod-of-windows/?do=findComment&comment=1579090
0.0.0.0 solvusoft.com
0.0.0.0 www.solvusoft.com
# random ad
0.0.0.0 totalsystemcare.com
0.0.0.0 www.totalsystemcare.com
0.0.0.0 safebytes.com
0.0.0.0 driverassist.com
# browsing YouTube without an adblocker
0.0.0.0 customsearchtool.com
0.0.0.0 home.customsearchtool.com
0.0.0.0 config.customsearchtool.com
0.0.0.0 hp.customsearchtool.com
0.0.0.0 imp.customsearchtool.com
# https://forums.malwarebytes.com/topic/293616-google-doc-fake-extension-not-detected/ (account required)
0.0.0.0 gosearches.gg
# https://forums.malwarebytes.com/topic/293620-adwcleaner-wont-run/
0.0.0.0 search-fine.com
# https://github.com/uBlockOrigin/uAssets/issues/16582 (without an adblocker)
0.0.0.0 easyprint.app
0.0.0.0 cdn.easyprint-cdn.app
# https://virustotal.com/gui/url/c7cdd1eaf651fbf4446d189d91b52b0c6a5811fb70db18b3eec1fa575057163a/detection
0.0.0.0 freshysearch.com
0.0.0.0 cdn.freshysearch.com
# doesn't seem to do much, but clearly not legit
0.0.0.0 tor-browser.app
# two search engine hijackers
# https://virustotal.com/gui/url/1ca49bde04ac00c79b259a4a02b041d91c512ca55a6d0e839f69010d0bc32061/detection
0.0.0.0 pdftab.com
0.0.0.0 cdn.pdftab.com
0.0.0.0 findmanualsnow.com
# ran across this while looking for DDNS services
0.0.0.0 ww1.pwnz.org
0.0.0.0 thesafersearch.com
0.0.0.0 get.thesafersearch.com
# The makers of such wonderful programs like "Driver Genius 22" and "PC Cleaner"
0.0.0.0 avanquest.com
0.0.0.0 www.avanquest.com
0.0.0.0 webtools.avanquest.com
# 'Wave browser' which is just a scummy version of Chrome
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-968062965
0.0.0.0 wavebrowser.co
0.0.0.0 download.wavebrowser.co
0.0.0.0 wavebrowser.com
0.0.0.0 dl.gowavebrowser.com
0.0.0.0 gowavebrowser.com
# DLL Helper
# https://virustotal.com/gui/file/675a72bb2b3ea39beafc73e8faf31b85b58b0dcc169b10649d5f49341936a379
0.0.0.0 dll-helper.en.softonic.com
# search engine hijacker
0.0.0.0 manualsdirectory.org
0.0.0.0 tab.freshymanuals-site.com
0.0.0.0 search.freshy.com
# https://github.com/uBlockOrigin/uAssets/issues/17568
0.0.0.0 wigglewurm.com
0.0.0.0 n.wigglewurm.com
# an infected VM --> this extension hijacks the search engine
0.0.0.0 getsecurify.com
0.0.0.0 www8.getsecurify.com
0.0.0.0 mysecurify.com
0.0.0.0 search.mysecurify.com
0.0.0.0 ext.mysecurify.com
# an infected VM --> this extension hijacks the search engine claiming it protects your searchs
0.0.0.0 privacykeeperapp.com
0.0.0.0 get.privacykeeperapp.com
0.0.0.0 privacykeepersearch.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/121797
0.0.0.0 speak-text-tab.com
0.0.0.0 search.speak-text-tab.com
# https://github.com/uBlockOrigin/uAssets/issues/17880
0.0.0.0 office.org
# https://github.com/uBlockOrigin/uAssets/issues/17960
0.0.0.0 templatesearch.org
# https://www.bleepingcomputer.com/forums/t/785431/26-pup-found-today-what-to-do/
0.0.0.0 securybrowse.com
0.0.0.0 search.securybrowse.com
0.0.0.0 ext.securybrowse.com
# https://github.com/uBlockOrigin/uAssets/issues/18103
# (my analysis) https://app.any.run/tasks/4a29352e-fc49-4c59-bb96-0acda5544d53
0.0.0.0 gamefabrique.com
# https://tria.ge/230518-m51f6sae43/behavioral2
# https://forums.malwarebytes.com/topic/298186-accidentally-visited-potential-maliciousmalware-website/
# (my analysis) https://tria.ge/230523-zqkhmahd85/behavioral2
0.0.0.0 doodrdash.com
0.0.0.0 thale-ete.com
0.0.0.0 fivetrafficroads.com
0.0.0.0 dkjfhuyd.fivetrafficroads.com
0.0.0.0 weather-in.xyz
0.0.0.0 trk.weather-in.xyz
0.0.0.0 search.weather-in.xyz
# linkverse PUP
0.0.0.0 linkvertise.download
# https://github.com/StevenBlack/hosts/issues/2339
0.0.0.0 serasearchtop.com
# https://tria.ge/230601-z9q5hsha6v/behavioral1
0.0.0.0 safeplexsearch.com
# internal 
0.0.0.0 fontdeterminer.com
# https://tria.ge/230705-n3traaca92/behavioral1
0.0.0.0 ofoseveralyea.info
0.0.0.0 ratefinaukncei.info
# adware
0.0.0.0 pdfsuperhero.azureedge.net
0.0.0.0 pdfconverty.com
# chromium based adware
0.0.0.0 gettoptemplates.com
0.0.0.0 downloadonelaunchnow.com
# https://tria.ge/230805-1lv91agc6x/behavioral1
0.0.0.0 getconvertmyfile.com
# https://0xacab.org/my-privacy-dns/matrix/-/issues/649666
# https://tria.ge/230805-rgmydsee8s/behavioral1
0.0.0.0 websearchextension.info
0.0.0.0 containers.websearchextension.info
0.0.0.0 cloudfront.websearchextension.info
0.0.0.0 websearchextension-api.info
0.0.0.0 api.websearchextension-api.info
# https://github.com/StevenBlack/hosts/issues/2403
0.0.0.0 madqudden.com
# https://github.com/StevenBlack/hosts/issues/2408
0.0.0.0 santknow.com
# https://forums.malwarebytes.com/topic/301185-i-ran-galacticshooterexe/#comment-1583465
0.0.0.0 segoonow.com
# https://forums.malwarebytes.com/topic/301473-pupoptionalcoduit/
0.0.0.0 conduit.com
0.0.0.0 search.conduit.com
# https://github.com/hagezi/dns-blocklists/discussions/1515
0.0.0.0 techadsology.com
# sells driver updater snake oil
0.0.0.0 drivereasy.com
# https://forums.malwarebytes.com/topic/303209-need-help-with-removing-trojan-virusvirtool32/?do=findComment&comment=1594712
0.0.0.0 trovi.com
0.0.0.0 www.trovi.com
# https://github.com/iam-py-test/my_filters_001/issues/119
# https://forums.malwarebytes.com/topic/303863-cryptpkocryptpko1-and-cryptsigcryptsig1-in-registry-and-cant-delete/
0.0.0.0 sensorstechforum.com
# https://tria.ge/231028-pvxzeabb9z/behavioral1s
0.0.0.0 donwnaloadeluzal.cfd
0.0.0.0 /11/?*&lpkey=*&filename=click%20to%20view%20the%20file%20links|
0.0.0.0 ivedmanyyea.org
0.0.0.0 townrusisedprivat.info
# snake oil, bundles software
# https://yewtu.be/watch?v=bIpYJoE7CxA
# https://spyware.neocities.org/articles/ccleaner
0.0.0.0 ccleaner.com
# https://nitter.net/gorhill/status/1352651716265713665
# https://palant.info/2020/10/28/what-would-you-risk-for-free-honey/
# https://infosec.exchange/@iampytest1/111069238525172731
0.0.0.0 joinhoney.com
# https://tria.ge/230821-2bt5maad51/behavioral1
# https://web.archive.org/web/20231120191617/https://forums.malwarebytes.com/topic/304687-pupoptionalfortect/
# https://infosec.exchange/@iampytest1/110736203666880292
0.0.0.0 fortect.com
0.0.0.0 cloud.fortect.com
# https://tria.ge/231121-x5hw8sgc87/behavioral1
0.0.0.0 quickdriverupdater.com
0.0.0.0 www.quickdriverupdater.com
0.0.0.0 webcf.quickdriverupdater.com
0.0.0.0 cf.quickdriverupdater.com
0.0.0.0 qip.quickdriverupdater.com
0.0.0.0 qdu.quickdriverupdater.com
0.0.0.0 dpsro.com
0.0.0.0 www.dpsro.com
# https://github.com/collinbarrett/FilterLists/issues/3794
0.0.0.0 rakuten.ca
0.0.0.0 ebates.com
0.0.0.0 www.ebates.com
# https://github.com/uBlockOrigin/uAssets/pull/17981
0.0.0.0 aadvantageeshopping.com
# https://github.com/iam-py-test/my_filters_001/issues/119
# https://tria.ge/230817-a16feaee47/behavioral1
0.0.0.0 combocleaner.com
0.0.0.0 www.combocleaner.com
# tricks users into installing an allowlist - unknown source
0.0.0.0 work-ink.github.io
# https://www.reddit.com/r/uBlockOrigin/comments/143k8lm/
0.0.0.0 topcashback.co.uk
0.0.0.0 topcashback.com
# "free registry cleaner"
# https://forums.malwarebytes.com/topic/306163-silentcryptominer-removal-help-needed/
0.0.0.0 mysearchdial.com
# origin unknown (forgot to add a comment here)
# TODO: reverify
0.0.0.0 driveridentifier.com
# driverpack
0.0.0.0 driverpack.io
0.0.0.0 driverpack.tilda.ws
0.0.0.0 dwrapper-prod.herokuapp.com
# https://virustotal.com/gui/url/48a9e88e0b6cf59fac14588d252d9bb6b936ec2fd847e832d17fdb76322b35d3/detection
# https://virustotal.com/gui/file/e66db6f687eacf9852542ab583f4d77191965f3a8d6c2e726f4e6b8b83b4f390/detection
# https://virustotal.com/gui/file/93f1afd730eb30421d8e7cae9fc79cbee918c4b0a75d68bf64d34d2cc99d29f0/detection
# To remove, run ADWCleaner (https://malwarebytes.com/adwcleaner) and follow instructions.
0.0.0.0 speedupmypcfree.com
# https://virustotal.com/gui/domain/speedupmypcfree.com/relations
0.0.0.0 www.speedupmypcfree.com
# https://windowsreport.com/extend-windows-laptop-battery-life/
# https://www.hybrid-analysis.com/sample/0dd66edadbe93df04f6759e5549d3e76b5bfcb292ba6f6a6139903dd705ced6a
# Tested on VM: Removed by ADWCleaner
# Switched to document as per https://github.com/uBlockOrigin/uAssets/issues/9974
0.0.0.0 driverfix.com
0.0.0.0 www.driverfix.com
# https://tria.ge/240427-2e441aac8x/behavioral1
0.0.0.0 pdfpilotapp.com
0.0.0.0 application.pdfpilotapp.com
0.0.0.0 por.pdfpilotapp.com
# https://yewtu.be/watch?v=m9d-fXl3Z8k
# my analysis: https://tria.ge/240505-t81dxafb3s/behavioral1 (cloudflared)
0.0.0.0 restorex360.com
0.0.0.0 www.restorex360.com
# ---- Spam ----
# https://forums.malwarebytes.com/topic/281397-how-to-update-my-adwcleaner/
0.0.0.0 24hourhtmlcafe.com
# https://forums.malwarebytes.com/topic/281787-how-many-types-of-malware-are-there/ (https://web.archive.org/web/20211214132150/https://forums.malwarebytes.com/topic/281787-how-many-types-of-malware-are-there/) -> hxxpx[:]//ilovealgarve[.]net[/]web-football-no-agents[/])
0.0.0.0 ilovealgarve.net
# https://web.archive.org/web/20211222121009/https://forums.malwarebytes.com/topic/282084-keeping-laptop-safe/ -> hxxpx[:]//nbgpapartmani[.]com[/]register-web-ball-ufadeal[/]
0.0.0.0 nbgpapartmani.com
# https://forums.malwarebytes.com/topic/282082-hi-working-a-spreadsheet-more-than-8-years-history-mb-crashed-it/ (https://web.archive.org/web/20211222121637/https://forums.malwarebytes.com/topic/282082-hi-working-a-spreadsheet-more-than-8-years-history-mb-crashed-it/) -> hxxpx[:]//superagentconcierge[.]com[/]casino-ebet-entrance[/]
0.0.0.0 superagentconcierge.com
# https://forums.malwarebytes.com/topic/283348-update-ios-15/ (https://web.archive.org/web/20220202172538/https:/forums.malwarebytes.com/topic/283348-update-ios-15/)
0.0.0.0 binaryreviewsrace.com
# https://forums.malwarebytes.com/topic/283347-update-ios-15/ (https://web.archive.org/web/20220202172612/https:/forums.malwarebytes.com/topic/283347-update-ios-15/)
0.0.0.0 stormlordpublishing.com
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1029244954
0.0.0.0 quickdates1.com
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1120210042
0.0.0.0 fuckbookmobile.com
0.0.0.0 www.fuckbookmobile.com
# https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1179770663
# https://web.archive.org/web/20221007114132/https://forums.malwarebytes.com/topic/290873-whats-the-hottest-temperature-in-your-city/
0.0.0.0 rathbunlakeassoc.com
0.0.0.0 ufadeal.info
# https://web.archive.org/web/20221206113456/https://forums.malwarebytes.com/topic/292706-top-cell-phone-apps-and-games-for-your-iphoneo-verjaardagsherinnering-nu/
# https://forums.malwarebytes.com/topic/292707-spam-post-on-this-forum/ (account required)
0.0.0.0 mhapks.com
# GH spam, i.e. https://github.com/tesla-android/issue-tracker/discussions/162#discussioncomment-4551799
0.0.0.0 4.fo
0.0.0.0 mylocaldates1s.com
0.0.0.0 in.sv
0.0.0.0 trk-click.pshtrk.com
# https://github.com/DandelionSprout/adfilt/commit/e83dc45b60a61c6097b8c40605855a80e3282901
0.0.0.0 link.sv
# https://virustotal.com/gui/url/6bbc5fc50b84711644db9739cab16fbdd5659b3d6b82dbde0a3a82427e6f03b9/community
0.0.0.0 to.sv
0.0.0.0 go.sv
# https://virustotal.com/gui/url/1f273d4cd56060082b8a598514f975bf4592a5f6be5f77e05f7c453266edaaad/community
0.0.0.0 scuekpza.ws
# https://forums.malwarebytes.com/topic/273013-android-unknown-chrome-hijacker/page/3/#comment-1553668
0.0.0.0 thedrivingtutors.com
# tons of sites with keyword spam who link to each other
0.0.0.0 sjs.sold.yachts
0.0.0.0 i.pauj0foas709824.shop
0.0.0.0 er.jrwgjwrgu1243thfd.shop
0.0.0.0 kt.rakwbiznesie.pl
0.0.0.0 dnar.newsnewsyes.yachts
0.0.0.0 rrwaee.dbbdh.top
0.0.0.0 gvcnm.newsnewsfor.shop
0.0.0.0 ts475173759.mm.bing.net
0.0.0.0 qwj.krowkavet.pl
0.0.0.0 r.util.yachts
0.0.0.0 ispc.chungcumoi.top
0.0.0.0 qmzux.usesgasek.top
0.0.0.0 yfvqf.changwonanma.top
0.0.0.0 le.krowkavet.pl
0.0.0.0 vxh.news1.vn.ua
0.0.0.0 dhqn.podrozegruzja.pl
0.0.0.0 hlcix.uiwangculzang.top
0.0.0.0 slxoy.baloon.yachts
0.0.0.0 b.gulospspo.top
0.0.0.0 uor.kabuyutannusantara.top
0.0.0.0 xudkkk.chungcumatphohn.top
0.0.0.0 r.greckieskarby.pl
0.0.0.0 sbqxqm.quite.yachts
0.0.0.0 ewe.kouzinti.shop
0.0.0.0 z.paseqx.top
0.0.0.0 nue.kevinashen.top
0.0.0.0 kbako.slowowarszawy.pl
0.0.0.0 ikdfpc.kevinashen.top
0.0.0.0 ikde.kabuyutannusantara.top
0.0.0.0 mbv.new-host.shop
0.0.0.0 vvf.dsgjhdsf98dsfdfs.shop
0.0.0.0 afatfg.sukuncl.top
0.0.0.0 tcln.util.yachts
0.0.0.0 gcz.regeokna.pl
0.0.0.0 hiepqu.wulktir.pl
0.0.0.0 yub.danielkordos.pl
0.0.0.0 wbhji.planetacripto.top
0.0.0.0 wq.chungcumatphohn.top
0.0.0.0 upuymn.semihangingdumptrucktractoroiltankaoheng.top
0.0.0.0 xkltl.jaminjos.shop
0.0.0.0 jgo.softwarepublicoregionalbeta.net
0.0.0.0 hmc.gulospspo.top
0.0.0.0 x.blackoakgallery.pl
0.0.0.0 xeezv.xuzhouzhuangxiu.top
# similar
0.0.0.0 fwiu.kohaito.shop
0.0.0.0 iwmfo.simpletalent.pl
0.0.0.0 kxirue.teplotrassa.yachts
0.0.0.0 wmwei.kukallooy.yachts
0.0.0.0 mv.grizli.yachts
0.0.0.0 eybg.bhpprotech.pl
0.0.0.0 ktehf.out.yachts
0.0.0.0 pkxj.dbbdh.top
0.0.0.0 clo.grizli.yachts
0.0.0.0 bkxhb.xiaochong2021.top
0.0.0.0 jyvg.news1.vinnica.ua
0.0.0.0 hb.slowowarszawy.pl
0.0.0.0 sao.24hfastplumbingservice.cyou
0.0.0.0 vleuet.ptnfd2020.pl
0.0.0.0 tbs.s88s.top
0.0.0.0 qua.narlofkrc.top
0.0.0.0 sqfjpd.colko.skin
0.0.0.0 tglt.adamoption.top
0.0.0.0 hsecx.branchmodern.news
0.0.0.0 wypai.alanwin.top
0.0.0.0 v.kabuyutannusantara.top
0.0.0.0 bl.jaminjos.shop
0.0.0.0 pmwvr.kosinka.yachts
0.0.0.0 wuxjqu.nasanet.top
0.0.0.0 qyt.dotoplo.pl
0.0.0.0 xnex.newsnewsyes.yachts
0.0.0.0 hq.nhabatang.top
0.0.0.0 eiiiy.fuflo.yachts
0.0.0.0 geraldineblog.top
0.0.0.0 cpp.babnews.cfd
0.0.0.0 hkx.new-host.shop
0.0.0.0 r.regeokna.pl
0.0.0.0 xogbx.zoxkk.top
0.0.0.0 kan.sdgoiyhds87.shop
0.0.0.0 xiaochong2021.top
# even more
0.0.0.0 planetacripto.top
0.0.0.0 yxsax.planetacripto.top
0.0.0.0 wrx.rakwbiznesie.pl
0.0.0.0 yf.news-ok.shop
0.0.0.0 fqzp.carolawolbrom.pl
0.0.0.0 qx.gzjxyy.top
0.0.0.0 m.dbbdh.top
0.0.0.0 vrqhdu.chungcumatphohn.top
# additional ones
0.0.0.0 wxere.grupabukko.pl
0.0.0.0 appwfr.rauscher-elektro.de
0.0.0.0 scxbumk.jj-tauben.de
0.0.0.0 jfanubw.david-laeuft.de
0.0.0.0 nxhbcfpy.hundebedarf-boettcher.de
0.0.0.0 guohnor.gorlice2022.pl
0.0.0.0 duxuu.hundebedarf-boettcher.de
0.0.0.0 mxzem.david-laeuft.de
0.0.0.0 qbfhcwvg.multig.pl
0.0.0.0 vcdvxl.multig.pl
0.0.0.0 spnb.david-laeuft.de
0.0.0.0 zqkgit.hundebedarf-boettcher.de
# https://forums.malwarebytes.com/topic/286891-my-android-phone-was-connected-to-pc-with-charge-only-when-pc-was-hacked/#comment-1555237 (deleted)
0.0.0.0 anonigstalk.com
0.0.0.0 bingenerator.one
# https://forums.malwarebytes.com/topic/295956-from-another-malwarebytes-forum-spammer/ (account required)
0.0.0.0 discord.onl
# https://github.com/hagezi/dns-blocklists/issues/804
0.0.0.0 venezuelabaseballjerseys.com
0.0.0.0 italyworldbaseballclassic.com
0.0.0.0 storeoregononline.com
0.0.0.0 tlstoreonline.com
0.0.0.0 storecollegeonline.com
0.0.0.0 shoptcuhornedonline.com
0.0.0.0 shopsyracuseonline.com
# https://github.com/hagezi/dns-blocklists/issues/1169
0.0.0.0 boooodas.com
0.0.0.0 m-contact.site
0.0.0.0 fuckmebaby.click
0.0.0.0 vipdeit.com
# comment spam - endless cloudflare redirects
0.0.0.0 getcutt.fun
# https://infosec.exchange/@iampytest1/111485217708664748
0.0.0.0 free-amore.online
0.0.0.0 t.affoth2.com
0.0.0.0 newfast.pics
# https://infosec.exchange/@iampytest1/111669699558836859
0.0.0.0 newdate32.site
# https://infosec.exchange/@iampytest1/111669799133185795
0.0.0.0 gimail.su
0.0.0.0 qimail.su
# cryptocurrency recovery scammers
0.0.0.0 cybergeniehackpro.xyz
0.0.0.0 cyberservices.com
# X/Twitter spammer
# https://infosec.exchange/@briankrebs/111947916198756986
0.0.0.0 forestver.se
# https://github.com/Mastodon-DE/blocklists/issues/17
0.0.0.0 tambayan.us
# https://www.bleepingcomputer.com/news/security/news-farm-impersonates-60-plus-major-outlets-bbc-cnn-cnbc-guardian/
0.0.0.0 australiannewstoday.com
0.0.0.0 bbcnewstoday.com
0.0.0.0 bloombergnewstoday.com
0.0.0.0 bostonnewstoday.com
0.0.0.0 britishnewstoday.com
0.0.0.0 canadiannewstoday.com
0.0.0.0 chinaworldnewstoday.com
0.0.0.0 chroniclenewstoday.com
0.0.0.0 cnbcnewstoday.com
0.0.0.0 cnnworldtoday.com
0.0.0.0 crunchbasenewstoday.com
0.0.0.0 dailyexpressnewstoday.com
0.0.0.0 dailyheraldnewstoday.com
0.0.0.0 dailymirrornewstoday.com
0.0.0.0 dailystarnewstoday.com
0.0.0.0 dailytelegraphnewstoday.com
0.0.0.0 dutchnewstoday.com
0.0.0.0 dwnewstoday.com
0.0.0.0 europeannewstoday.com
0.0.0.0 forbesnewstoday.com
0.0.0.0 frenchnewstoday.com
0.0.0.0 germaynewstoday.com
0.0.0.0 guardiannewstoday.com
0.0.0.0 headlinesworldnews.com
0.0.0.0 huffingtonposttoday.com
0.0.0.0 irishnewstoday.com
0.0.0.0 italiannewstoday.com
0.0.0.0 livemintnewstoday.com
0.0.0.0 maltanewstime.com
0.0.0.0 mirrornewstoday.com
0.0.0.0 nationalposttoday.com
0.0.0.0 neatherlandnewstoday.com
0.0.0.0 neweuropetoday.com
0.0.0.0 norwaynewstoday.com
0.0.0.0 oxfordnewstoday.com
0.0.0.0 portugalnewstoday.com
0.0.0.0 postgazettenewstoday.com
0.0.0.0 republicofchinatoday.com
0.0.0.0 reuterstoday.com
0.0.0.0 russiannewstoday.com
0.0.0.0 scotlandnewstoday.com
0.0.0.0 spanenewstoday.com
0.0.0.0 switzerlandnewstoday.com
0.0.0.0 thedailymailnewstoday.com
0.0.0.0 thedailytelegraphnewstoday.com
0.0.0.0 theexpressnewstoday.com
0.0.0.0 theheraldnewstoday.com
0.0.0.0 theindependentnewstoday.com
0.0.0.0 theirishtimesnewstoday.com
0.0.0.0 theirishtimestoday.com
0.0.0.0 themetronewstoday.com
0.0.0.0 themirrornewstoday.com
0.0.0.0 thequintnewstoday.com
0.0.0.0 thestarnewstoday.com
0.0.0.0 thesunnewstoday.com
0.0.0.0 thetelegraphnewstoday.com
0.0.0.0 timesofnetherland.com
0.0.0.0 timesofspanish.com
0.0.0.0 topeuropenews.com
0.0.0.0 topworldnewstoday.com
0.0.0.0 turkeynewstoday.com
0.0.0.0 walesnewstoday.com
0.0.0.0 washingtonposttoday.com
0.0.0.0 washingtontimesnewstoday.com
0.0.0.0 www.australiannewstoday.com
0.0.0.0 www.bbcnewstoday.com
0.0.0.0 www.bloombergnewstoday.com
0.0.0.0 www.bostonnewstoday.com
0.0.0.0 www.britishnewstoday.com
0.0.0.0 www.canadiannewstoday.com
0.0.0.0 www.chinaworldnewstoday.com
0.0.0.0 www.chroniclenewstoday.com
0.0.0.0 www.cnbcnewstoday.com
0.0.0.0 www.cnnworldtoday.com
0.0.0.0 www.crunchbasenewstoday.com
0.0.0.0 www.dailyexpressnewstoday.com
0.0.0.0 www.dailyheraldnewstoday.com
0.0.0.0 www.dailymirrornewstoday.com
0.0.0.0 www.dailystarnewstoday.com
0.0.0.0 www.dailytelegraphnewstoday.com
0.0.0.0 www.dutchnewstoday.com
0.0.0.0 www.dwnewstoday.com
0.0.0.0 www.europeannewstoday.com
0.0.0.0 www.forbesnewstoday.com
0.0.0.0 www.frenchnewstoday.com
0.0.0.0 www.germaynewstoday.com
0.0.0.0 www.guardiannewstoday.com
0.0.0.0 www.headlinesworldnews.com
0.0.0.0 www.huffingtonposttoday.com
0.0.0.0 www.irishnewstoday.com
0.0.0.0 www.italiannewstoday.com
0.0.0.0 www.livemintnewstoday.com
0.0.0.0 www.maltanewstime.com
0.0.0.0 www.mirrornewstoday.com
0.0.0.0 www.nationalposttoday.com
0.0.0.0 www.neatherlandnewstoday.com
0.0.0.0 www.neweuropetoday.com
0.0.0.0 www.norwaynewstoday.com
0.0.0.0 www.oxfordnewstoday.com
0.0.0.0 www.portugalnewstoday.com
0.0.0.0 www.postgazettenewstoday.com
0.0.0.0 www.republicofchinatoday.com
0.0.0.0 www.reuterstoday.com
0.0.0.0 www.russiannewstoday.com
0.0.0.0 www.scotlandnewstoday.com
0.0.0.0 www.spanenewstoday.com
0.0.0.0 www.switzerlandnewstoday.com
0.0.0.0 www.thedailymailnewstoday.com
0.0.0.0 www.thedailytelegraphnewstoday.com
0.0.0.0 www.theexpressnewstoday.com
0.0.0.0 www.theheraldnewstoday.com
0.0.0.0 www.theindependentnewstoday.com
0.0.0.0 www.theirishtimesnewstoday.com
0.0.0.0 www.theirishtimestoday.com
0.0.0.0 www.themetronewstoday.com
0.0.0.0 www.themirrornewstoday.com
0.0.0.0 www.thequintnewstoday.com
0.0.0.0 www.thestarnewstoday.com
0.0.0.0 www.thesunnewstoday.com
0.0.0.0 www.thetelegraphnewstoday.com
0.0.0.0 www.timesofnetherland.com
0.0.0.0 www.timesofspanish.com
0.0.0.0 www.topeuropenews.com
0.0.0.0 www.topworldnewstoday.com
0.0.0.0 www.turkeynewstoday.com
0.0.0.0 www.walesnewstoday.com
0.0.0.0 www.washingtonposttoday.com
0.0.0.0 www.washingtontimesnewstoday.com
# ---- Resource Abuse ----
# slows browser/device to a crawl, contains no real content, and uses (attempts) to trap the user - https://github.com/uBlockOrigin/uAssets/issues/7449
0.0.0.0 csgo.xyz
# https://github.com/hagezi/dns-blocklists/issues/1990
# https://infosec.exchange/@iampytest1/111666367575936830 (thanks to ajayyy)
0.0.0.0 brightdata.com
0.0.0.0 brightdata.de
0.0.0.0 bright-sdk.com
0.0.0.0 clientsdk.bright-sdk.com
0.0.0.0 perr.bright-sdk.com
# ---- Stalkerware ----
# copied from https://github.com/AssoEchap/stalkerware-indicators/blob/adae94598f8d628a4af90f9bf323553d3ec683a4/ioc.yaml#L1-L273 - https://github.com/AssoEchap/stalkerware-indicators#license (modified to be in uBo format, removed a few domains)
0.0.0.0 phonespying.com
0.0.0.0 app.phonespying.com
0.0.0.0 copy9.com
0.0.0.0 fonetracker.com
0.0.0.0 thetruthspy.com
0.0.0.0 icloudappe.com
0.0.0.0 spyzee.com
0.0.0.0 media-sync-a.copy9.com
0.0.0.0 media-sync-a.fonetracker.com
0.0.0.0 media-sync-a.thetruthspy.com
0.0.0.0 media-sync-a743.thetruthspy.com
0.0.0.0 media-sync-a748.thetruthspy.com
0.0.0.0 media-sync-a7xx.thetruthspy.com
0.0.0.0 media-sync-a825.thetruthspy.com
0.0.0.0 media-sync-a830.thetruthspy.com
0.0.0.0 media-sync-a835.thetruthspy.com
0.0.0.0 media-sync-a895.thetruthspy.com
0.0.0.0 media-sync-a8xx.thetruthspy.com
0.0.0.0 media-sync-a910.thetruthspy.com
0.0.0.0 media-sync-a915.thetruthspy.com
0.0.0.0 media-sync-a920.thetruthspy.com
0.0.0.0 media-sync-a925.thetruthspy.com
0.0.0.0 media-sync-a930.thetruthspy.com
0.0.0.0 media-sync-a935.thetruthspy.com
0.0.0.0 media-sync-a940.thetruthspy.com
0.0.0.0 media-sync-a941.thetruthspy.com
0.0.0.0 media-sync-a942.thetruthspy.com
0.0.0.0 media.thetruthspy.com
0.0.0.0 my.copy9.com
0.0.0.0 my.ispyoo.com
0.0.0.0 my.thetruthspy.com
0.0.0.0 my.thespyapp.com
0.0.0.0 phonetracking.net
0.0.0.0 protocol-a.copy9.com
0.0.0.0 protocol-a.fonetracker.com
0.0.0.0 protocol-a.ispyoo.com
0.0.0.0 protocol-a.mxspy.com
0.0.0.0 protocol-a.thetruthspy.com
0.0.0.0 protocol-a621.copy9.com
0.0.0.0 protocol-a696.copy9.com
0.0.0.0 protocol-a710.copy9.com
0.0.0.0 protocol-a743.thetruthspy.com
0.0.0.0 protocol-a745.thetruthspy.com
0.0.0.0 protocol-a748.thetruthspy.com
0.0.0.0 protocol-a780.copy9.com
0.0.0.0 protocol-a780.mxspy.com
0.0.0.0 protocol-a785.copy9.com
0.0.0.0 protocol-a811.mxspy.com
0.0.0.0 protocol-a910.thetruthspy.com
0.0.0.0 protocol-a915.thetruthspy.com
0.0.0.0 protocol-a920.thetruthspy.com
0.0.0.0 protocol-a925.thetruthspy.com
0.0.0.0 protocol-a930.thetruthspy.com
0.0.0.0 protocol-a935.thetruthspy.com
0.0.0.0 protocol-a940.thetruthspy.com
0.0.0.0 protocol-a941.thetruthspy.com
0.0.0.0 protocol-a942.thetruthspy.com
0.0.0.0 protocol-monitor.thetruthspy.com
0.0.0.0 protocol-viewer-a.copy9.com
0.0.0.0 protocol.copy9.com
0.0.0.0 protocol.ispyoo.com
0.0.0.0 protocol.thetruthspy.com
0.0.0.0 secondclone-2d312.firebaseio.com
0.0.0.0 setupmail-a.icloudappe.com
0.0.0.0 setupmail-a724.icloudappe.com
0.0.0.0 setupmail-a743.icloudappe.com
0.0.0.0 setupmail-a745.icloudappe.com
0.0.0.0 setupmail-a748.icloudappe.com
0.0.0.0 setupmail-a910.icloudappe.com
0.0.0.0 setupmail-a915.icloudappe.com
0.0.0.0 setupmail-a920.icloudappe.com
0.0.0.0 setupmail.icloudappe.com
0.0.0.0 sync-a.copy9.com
0.0.0.0 sync-a.mxspy.com
0.0.0.0 sync-a.thetruthspy.com
0.0.0.0 sync-a7xx.thetruthspy.com
0.0.0.0 sync-a8xx.thetruthspy.com
0.0.0.0 sync-a925.thetruthspy.com
0.0.0.0 sync-a930.thetruthspy.com
0.0.0.0 sync-a935.thetruthspy.com
0.0.0.0 sync-a940.thetruthspy.com
0.0.0.0 sync-a941.thetruthspy.com
0.0.0.0 sync-a942.thetruthspy.com
# https://github.com/AssoEchap/stalkerware-indicators/blob/9f656217ab46b2043612808940f4387b651000a9/ioc.yaml#L3937 - under https://github.com/AssoEchap/stalkerware-indicators#license
# my analysis: https://app.any.run/tasks/57cdb248-461e-4dc5-b6b2-2235eec1e098/
# my analysis: https://virustotal.com/gui/file/5809066a109718683fa1ffe3abcd0e6c9bd5f613279e081e31bc17e628d9bfba/detection
# my analysis: https://tria.ge/230505-27f8mshd2v/behavioral1
0.0.0.0 myspyapps.com
0.0.0.0 my-spy-a9c92.firebaseio.com
# Andrews, Jean. CompTIA A+ Guide to Information Technology Technical Support. Available from: Yuzu Reader, (11th Edition). Cengage Learning US, 2022.
# confirmed
0.0.0.0 flexispy.com
# https://lgbtqia.space/@alice/112017041119045914
0.0.0.0 clevguard.com
0.0.0.0 www.clevguard.com
0.0.0.0 images.clevguard.com
0.0.0.0 panel.clevguard.com
0.0.0.0 public.clevguard.com
0.0.0.0 account.clevguard.com
# possible fake page, unclear if related
0.0.0.0 clevguard.org
0.0.0.0 www.clevguard.org
0.0.0.0 images.clevguard.org
# "Remotely Monitor Kid's Device and Activity" - textbook stalkerware
0.0.0.0 imyfone.com
# ---- Include other lists ----
# include rules for just uBlock Origin and AdGuard, and the VXVault list
##include special_lists/anti-malware-ubo-extension.txt
# END