# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.fireeye.com/blog/threat-research/2017/09/apt33-insights-into-iranian-cyber-espionage.html

boeing.servehttp.com
alsalam.ddns.net
ngaaksa.ddns.net
ngaaksa.sytes.net
vinnellarabia.myftp.org
managehelpdesk.com
microsoftupdated.com
osupd.com
mywinnetwork.ddns.net
www.chromup.com
www.securityupdated.com
googlmail.net
microsoftupdated.net
syn.broadcaster.rocks
www.googlmail.net

# Reference: https://twitter.com/ClearskySec/status/1059532789572386817
# Reference: https://twitter.com/ClearskySec/status/1059532946045050883

aramcojobs.ddns.net
dyn-corp.ddns.net
dyncorp.ddns.net
mynetwork.ddns.net
mynetwork2.ddns.net
ngaaksa.ga
sabic-co.ddns.net
saharapcc.ddns.net
sipchem.ddns.net
/aramco/