# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-middle-east.html

0ffice36o.com

# Reference: https://github.com/ti-research-io/ti/blob/main/ioc_extender/ET_DNS_Query_for_DNSpionage.json
# Reference: https://www.virustotal.com/gui/ip-address/74.63.204.32/relations
# Reference: https://www.virustotal.com/gui/ip-address/74.63.204.99/relations

18-79-t.net
1qhd6v.xyz
4f-okdsvv.com
5-9idk-gug7-k7.com
52-ck29jr.com
5z-hyq-g.net
78p3-zgs-g-mc-u.com
8f-mxh6-hupgd-dy.com
8faf-rngtax.com
a87-sun0r1w.com
ac5e1f-fd2ph.com
acyjob.tokyo
adchum.tokyo
adzwrq.tokyo
akgxtu.tokyo
aletko.tokyo
am41-pm24ea.com
amb29l1v3re.com
ami10t-e37n.com
an87-24pen1d.com
and58-65kio.com
apply33547.com
ar5-chj-n-22d.com
as93-attack1.com
aso5fr-gre4.com
au.imonju.net
b5mjjc8s.com
baebod.tokyo
ban09-4w1as.com
batdongsan.dcsvnqvmn.com
baw2u-y6rsxf.com
bed52-town1.com
big429-7ten.com
bing0017-s4e.com
bing04-5ea1.com
bm-8qkc8w.com
bnv521-send4.com
boat-19830214yh.com
boceuz.tokyo
boundhereafter.com
bpugoc.tokyo
bqufsuqj.com
buffdrops.com
bvnc5418-4s.com
c02bf1r-kjre.com
c7ykg-0sd5w.com
cd-7rr-hgj.net
cg58-6dr4wa.com
chai58-mnew.com
check.onedrvdn.co
chi12-63in7m.com
cm.appupdatemoremagic.com
cont24-57hin.com
crimeprocession.com
crtfugrl.com
cxevgfdy.com
d-wl-kk.net
d56gr-n2syp.xyz
dalat.dalat.dulichovietnam.net
dalat.dulichovietnam.net
dan02-opl1h.com
dan07oe0ch2f.com
dan104.com
dan32-ty65d.com
dbfrqm.tokyo
deliver-avenir.com
den-85gh40ik.com
developermisguided.email
devzxm.tokyo
dgywxfhuuy.com
dhs4oms-plas.com
dice-71ieoq.com
dick06-a4e6o.com
displayexploitation.com
download.showprice.xyz
dsykub.tokyo
dwwkvf.tokyo
e9dzrisph.com
eden52-74ea.com
edjkpz.tokyo
edli501d-eaq.com
eec-channel.com
elcend.tokyo
ell90-deep1w.com
end09-r6s3x.com
end87q.com
eri05-63h4w.com
eri25-d044g.com
error.a87-sun0r1w.com
error.amb29l1v3re.com
error.bing0017-s4e.com
error.boat-19830214yh.com
error.chai58-mnew.com
error.dan07oe0ch2f.com
error.dan104.com
error.dice-71ieoq.com
error.eden52-74ea.com
error.end87q.com
error.get814sf1qz.com
error.gine08-aw1a.com
error.gp01-83-jind.com
error.gu24dyen61v.com
error.hanji1975-report.com
error.hei032-4r4f.com
error.hv-1d5f10ad.com
error.ico65-e41dy.com
error.iop045-jfh7.com
error.jet02-59udc.com
error.jin98-lme5a.com
error.jun126japan4.com
error.jun565.com
error.jun98-rep-boat.com
error.kaiketsu-250-md.com
error.ken094l-14w.com
error.kenji0903-boat.com
error.key00nine7y.com
error.key61sea03r.com
error.key73plo54s.com
error.key82ygo20w.com
error.kif25vna1ed.com
error.kin025-uma-boat.com
error.kmv50-fs2eo.com
error.knee39d.com
error.lan57j-fd4s.com
error.link053pin1e.com
error.look01-d84w.com
error.low05d14jsa.com
error.may05-11pro.com
error.men17f5h1sa.com
error.mizuki2223-report.com
error.mvp970a-e2a.com
error.n04dvf-sd1r.com
error.nec541-e41d.com
error.net081f24jm.com
error.new1f25ki2e.com
error.nin24-412wa.com
error.oim58hg2-sd.com
error.on0555-keiba.com
error.one04f2e4zy.com
error.one63-8ui1d.com
error.op-37repo39g.com
error.op-42repo74g.com
error.open21g.com
error.pay518vsa0e.com
error.pin023r-d1e.com
error.pin520-uq6l.com
error.pol35sby00ri.com
error.pr204h7wall2.com
error.pr732d1walk9.com
error.qng9-dan21r.com
error.quen58-po6w.com
error.ren-0820-nanami.com
error.rep-keibaboat20.com
error.rep-keibaboat21.com
error.report-deep-8857.com
error.report-donna-1436.com
error.report-fantastic-1996.com
error.report-hearts-1096.com
error.report-hearts-6170.com
error.report-orfevre-5721.com
error.report-ship-2012.com
error.report-silence-7463.com
error.report-vodka-8537.com
error.ring-2341rd.com
error.ring-888-uma.com
error.ripo10make28.com
error.ripo39fake47.com
error.ripo52ball21.com
error.ripo73talk95.com
error.sou17-0taik2.com
error.sou95-7taik6.com
error.tap397.com
error.ten043-ol5e.com
error.ten047fsp9r.com
error.ten0722-report.com
error.th580621-uma.com
error.tk15rep02mn.com
error.uno073-g2pq.com
error.vine57-s41l.com
error.way89king01c.com
error.wone61-s1ea.com
error.xik054-junb.com
error.xyz581dfa9po.com
error.xyz62-pih6e.com
error.yan052-r04t.com
error.yen04-yj12w.com
error.zexi7-lof2q.com
extra49908.com
face-hip.com
fal05-06bing.com
fan58-633rs.com
favorite-mycosme.com
fax021-eriq.com
fax58-ikeyui.com
fen14-25rol.com
feqldn.tokyo
fin04iu69wq.com
fine-mo54wu.com
fr-bxe-p6pe-cri.com
fxpyfm.tokyo
g0c-3w.net
g8bp6ieju.com
gam05-85t2w.com
gan027-uyi7.com
gan04r7es4b.com
gan85-96ken0.com
gang9-1r1dw.com
get814sf1qz.com
gg310-jmnw4a.com
giehxn.tokyo
gine08-aw1a.com
gp01-83-jind.com
gu24dyen61v.com
ha7d1e-e12x.com
hako-ren-sys.com
han08-65ion8.com
hanji1975-report.com
hanoi.dalat.dulichovietnam.net
harry-25.com
hbudhzjx.space
hei032-4r4f.com
hell999-d05q.com
helpful37987.com
hide25-64koi.com
hihjic.tokyo
hikaku-gps.com
hit84-62pim.com
hkzgqt.tokyo
htugcxmq.com
hug48f4-rsd.com
hv-1d5f10ad.com
hwaax47yi.com
ico65-e41dy.com
ieprqoepirhjpqwijghoph.com
igyhucqe.com
ije-bwp5b.com
in-45to24eav.com
inc12r-slr56q.com
io87-dex41e4.com
ion062-41jne.com
iop045-jfh7.com
j7bu-s8tnk.com
jascqr.tokyo
jctymc.com
jen98-265jin.com
jet02-59udc.com
jin42e-arai5.com
jin77-0432rw.com
jin98-lme5a.com
jmqchk.tokyo
js-net.tokyo
jszpjq.tokyo
judo-88-zzgu.com
jun126japan4.com
jun565.com
jun98-rep-boat.com
kaiketsu-250-md.com
keiba-report.com
keiba-report.jp
keibareport.jp
ken0438-g2jl.com
ken094l-14w.com
ken24-32yui.com
kenji0903-boat.com
key00nine7y.com
key61sea03r.com
key73plo54s.com
key82ygo20w.com
kid158-kids7.com
kif25vna1ed.com
kin025-uma-boat.com
kin87-04rs3.com
king42e-w4a1c.com
kmv50-fs2eo.com
knee39d.com
koz-fo96m.com
lan57j-fd4s.com
let15-d12t1d.com
let90-52len.com
lex08-5light.com
link053pin1e.com
linx510-04rh.com
lip03up645e.com
list.bodologetee.com
lmzayw.tokyo
look01-d84w.com
loop1-54hiu.com
low05d14jsa.com
lsbuidm.com
lwueft.tokyo
lzbzfd.tokyo
mail.keiba-report.com
mail.repo-bo-ke7.com
mail.report-uma-boat.com
matirsy.com
may05-11pro.com
meet7-55kin.com
men17f5h1sa.com
microsoft-update10v.amazonaws1.info
min2r-2ray2d.com
min40-3r4aq.com
min54-teru51s.com
mint98-825su.com
mix-opr51f7p.com
mix04-97rei.com
mix55-77ten0.com
mizuki2223-report.com
mnc-15r3sdf.com
mon98-12rui.com
mszihe.tokyo
mvp970a-e2a.com
mwsda69e5.space
n04dvf-sd1r.com
n2-jhz-zq.net
na7rei-0san3.com
nec541-e41d.com
net081f24jm.com
new1f25ki2e.com
nex047-in3e.com
ni2r0-izu2a.com
nic205e-s7w.com
nin24-412wa.com
nin58-7uy6s.com
nix04-ioke0w.com
ns1.0ffice36o.com
ns2.0ffice36o.com
ns8-02dr9.com
nude00-99poi.com
oftpjrdv.com
og-hgh-gx0.net
oihpyq.tokyo
oim58hg2-sd.com
ojrxef.tokyo
on0555-keiba.com
ond04-632hit.com
one04f2e4zy.com
one63-8ui1d.com
oo78-rx78gun.com
op-07repo63g.com
op-15repo02g.com
op-37repo39g.com
op-42repo74g.com
op28-land7ae.com
open21g.com
opposemuffin.email
oqyfxl.tokyo
p-ur1-2z.net
pan478rdt1s.com
parent35991.tokyo
pay518vsa0e.com
pd3-4q21a.com
pfwjjs.tokyo
picsec.tokyo
pim109-s2r4.com
pin023r-d1e.com
pin059-pet12.com
pin520-uq6l.com
pink79-plq4r.com
pistolmarshal.com
pocket-80are.com
point56-s42.com
pol35sby00ri.com
portstake.com
pr204h7wall2.com
pr732d1walk9.com
purposes10859.tokyo
pwdgkmaohakaiunpaokndsjgiuqh.com
qa5f1r1ws-ir.com
qan05-ion70.com
qehf15fr-f0w.com
qng9-dan21r.com
qsjdfopiahfptjaprjypqh.com
quen58-po6w.com
quiz03-875in.com
quiz59dyu-4gr.com
qutonium.com
qvzhyv.tokyo
qw25-hill37s.com
qxvwrsn.tokyo
r3udxa-b26e.xyz
r56w7-r24iq.xyz
rae8od.xyz
rap95-uc1-gu.com
rate-system.com
rei03-kin14w.com
rei42-9getlu.com
reid1r-b45e.com
ren-0820-nanami.com
rep28pin62q.com
repo-bo-ke7.com
report-deep-8857.com
report-donna-1436.com
report-fantastic-1996.com
report-gold-1997.com
report-groove-5739.com
report-hearts-1096.com
report-hearts-6170.com
report-lord-4126.com
report-northern-0219.com
report-orfevre-5721.com
report-ship-2012.com
report-silence-7463.com
report-silk-9247.com
report-uma-boat.com
report-vega-0907.com
report-vodka-8537.com
report84yen.com
report98han.com
rewuiren.com
rine4-52arq.com
ring-2341rd.com
ring-888-uma.com
ripo10make28.com
ripo39fake47.com
ripo52ball21.com
ripo73talk95.com
rit521-f4rs.com
rmsayxh.tokyo
rui94-23s1f.com
rwd52-d14g1w.com
ryiunuh.com
s10jr-h4yopa.com
sain007-sd1.com
san-1r24eday.com
sen98-r41ew.com
sgngnshdf1nbd.com
si4-2ico0wa.com
sin685-min4e.com
six666-45en.com
sky258-d4ts1.com
slmcda.tokyo
sou17-0taik2.com
sou95-7taik6.com
springstriker.com
spyy2xbxj5s8fhr.xyz
ssnftc.tokyo
stop04-o6eg.com
support.gdrvcheck.co
swcgztsjyy.com
tap397.com
tel085-652ck.com
tel25-plq1h.com
tel78-0dt4a.com
ten043-ol5e.com
ten047fsp9r.com
ten0722-report.com
ten10-min4ws.com
ten10-one1aa.com
ten52-d584t.com
teru777-boat.com
th580621-uma.com
thpflk.tokyo
tk15rep02mn.com
tk37repo-kk.com
trading16694.com
ts-47-r9-rgy-m6rzi.com
tsnjrm.tokyo
tu-2-i.net
twjvnekr.com
uc120-gunf91.com
ugrbnfhj.com
uk.imonju.net
uma-kouta0624.com
und05-rep79u.com
uno073-g2pq.com
uorloy.tokyo
uq005-15eg5o.com
uq25-d4r3eg.com
us-cpqr0w.com
us.imonju.net
vai58-9lan0r.com
vamsfogokusendnaoserjhgaosdfvh.com
van29-fe4ac.com
van51e.com
vfjupg.tokyo
vin20-d1r7aq.com
vine57-s41l.com
vio521-f4wes.com
vix98-74ope.com
vmt8bmkxj4dpd.life
voidplask.com
vpn065-yu4w.com
vyen58c386kg1.life
w5fg1-mweplq.com
wa28t-yell7u.com
walk36p-w8a.com
wang10-po5r.com
wang58d-r4s.com
way89king01c.com
web.adobephotostage.com
wg7q-utyfp.biz
winserverform.com
wolaoy.tokyo
wone61-s1ea.com
x58-nmrte25s.com
xen41-6day0e.com
xik054-junb.com
xin04f-re5s.com
xqkyegvb.com
xukmmx.tokyo
xyz581dfa9po.com
xyz62-pih6e.com
y-sx1-dl.net
yan052-r04t.com
yell-11ey01o.com
yen04-yj12w.com
yen05-04s1rq.com
yen87-opkid.com
yourls.kari-domain.com
z777-rend0y.com
z87-kami08po.com
zdf5f2r-ir8l.com
zen29-have5s.com
zen41-65yus.com
zet92-63r4s.com
zexi21f-gt5h.com
zexi7-lof2q.com
zzon185-4sd.com