http://208.67.104.60/api/firegate.php - rule_id: 34253
http://193.233.254.61/loghub/master - rule_id: 35736
http://hugersi.com/dl/6523.exe - rule_id: 32660
http://zzz.fhauiehgha.com/m/okka25.exe - rule_id: 34705
http://aa.imgjeoogbb.com/check/safe - rule_id: 34652
http://apps.identrust.com/roots/dstrootcax3.p7c
http://45.15.156.229/api/tracemap.php - rule_id: 33783
http://95.214.25.207:3002/file.exe - rule_id: 35494
http://77.91.68.61/rock/index.php - rule_id: 35495
http://87.121.221.58/g.exe - rule_id: 35764
http://aa.imgjeoogbb.com/check/?sid=235436&key=aa222bbd4af93809d40d678095107060 - rule_id: 34651
http://94.142.138.131/api/tracemap.php - rule_id: 28311
http://www.google.com/
http://208.67.104.60/api/tracemap.php - rule_id: 28876
http://us.imgjeoigaa.com/sts/imagc.jpg - rule_id: 33482
http://176.113.115.84:8080/4.php - rule_id: 34795
http://77.91.124.231/info/photo443.exe - rule_id: 35604
http://www.maxmind.com/geoip/v2.1/city/me
https://busell.store/setup294.exe - rule_id: 35772
https://sun6-22.userapi.com/c235131/u801981293/docs/d8/dbb1cf70537c/ppdo45ev.bmp?extra=s4BGRloP9Jc_pRtkrvkXP-4r9jS78jVWX6hAlDBT7VBgF628OG9usLqFCR47HBC2W9fJoCs8dpBpEGqeZ_BCv3cngSz0U8U5v0Pupo96rSAToyv-KTIEgOrxs5g_8ECwpRoIESvKo-9VrOPGNQ
https://api.db-ip.com/v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self
https://sun6-23.userapi.com/c240331/u801981293/docs/d56/63a241fd89b0/PMmp.bmp?extra=ybwwQvToateNnbhbPTpn2naNXHdGROhZPbZOPTKZJDA7ejA7RSrSmxTyYWTwBO5mqbyqIRBt_LejFBjykx5vVUr5PXKHCdWFF-IKoMmqe5-k2QlURyODxyzKcpm_qHi-YmwWFEFCzNBct8vfPw
https://sun6-20.userapi.com/c240331/u801981293/docs/d8/962625a8a8a6/siddharthabuddh4_2.bmp?extra=zEIiSVgA3LDzl-4JvGe88q47owcYe2PZUvlXr6jIWHoCkqqucLbMKyWSKaqZvB5Y57D2PQx7Zu-xnhbmt6_odMHzAfNlQfEKhBjHQCYSvweHNSO9BIHVjZ24_WTPpFItXUAT7w28d6IXtFWbdA
https://db-ip.com/
https://vk.com/doc801981293_667641825?hash=ZxhcGfmsXAIi8FdxRHLfAIYHfbsGlb94WndaIE8jNQk&dl=QxkhUcICyiiMQ9y9qeqW79HzwqSHabfQWvx5LA2vjXk&api=1&no_preview=1#pp
https://sun6-21.userapi.com/c909618/u801981293/docs/d37/888b67f00207/WWW1.bmp?extra=bHNcw0y8OHlEdpVt-2szl_g7lpm1DMW3Mn6LmeSYZ7ZiGKSeNbJPTc-LEYfo0yi8aV2F712vaIAYsp8sLND0T89uDX-VMtXZlqf1q6OGPZjkKXm_th29oGda7NTKhz0mGoEzgC8xsI5oDmTK_A

db-ip.com(172.67.75.166)
fastpool.xyz(213.91.128.133) - mailcious
vanaheim.cn(193.168.3.113) - mailcious
ipinfo.io(34.117.59.81)
sun6-23.userapi.com(95.142.206.3)
worldwithweb.com(217.21.84.245)
iplogger.org(148.251.234.83) - mailcious
aa.imgjeoogbb.com(154.221.26.108) - mailcious
sun6-20.userapi.com(95.142.206.0) - mailcious
api.db-ip.com(104.26.5.15)
sun6-21.userapi.com(95.142.206.1) - mailcious
busell.store(172.67.159.178) - malware
us.imgjeoigaa.com(103.100.211.218) - mailcious
zzz.fhauiehgha.com(156.236.72.121) - mailcious
www.google.com(142.250.207.100)
api.myip.com(172.67.75.163)
hugersi.com(91.215.85.147) - malware
sun6-22.userapi.com(95.142.206.2)
www.maxmind.com(104.17.214.67)
vk.com(93.186.225.194) - mailcious
iplis.ru(148.251.234.93) - mailcious
148.251.234.93 - mailcious
95.142.206.0 - mailcious
154.221.26.108 - mailcious
209.250.248.11 - mailcious
104.21.9.89 - malware
104.17.215.67
91.215.85.147 - malware
62.122.184.92 - mailcious
208.67.104.60 - mailcious
95.214.25.207 - malware
217.21.84.245
87.121.221.58 - malware
172.67.75.166
80.66.75.4 - mailcious
193.233.254.61 - mailcious
142.250.66.36
194.26.135.162 - mailcious
87.240.132.67 - mailcious
34.117.59.81
176.113.115.84 - mailcious
176.113.115.85 - mailcious
193.168.3.113
148.251.234.83
176.113.115.135 - mailcious
176.113.115.136 - mailcious
94.142.138.131 - mailcious
176.123.9.142 - mailcious
77.91.124.231 - malware
185.225.73.32
104.17.214.67
77.91.68.61 - malware
156.236.72.121 - mailcious
45.15.156.229 - mailcious
104.26.9.59
104.26.4.15
95.142.206.3
163.123.143.4 - mailcious
95.142.206.1 - mailcious
45.143.201.238 - mailcious
77.91.124.54
121.254.136.27
95.142.206.2
62.122.184.58
103.100.211.218 - malware
213.91.128.133 - mailcious

http://208.67.104.60/api/firegate.php
http://193.233.254.61/loghub/master
http://hugersi.com/dl/6523.exe
http://zzz.fhauiehgha.com/m/okka25.exe
http://aa.imgjeoogbb.com/check/safe
http://45.15.156.229/api/tracemap.php
http://95.214.25.207:3002/file.exe
http://77.91.68.61/rock/index.php
http://87.121.221.58/g.exe
http://aa.imgjeoogbb.com/check/
http://94.142.138.131/api/tracemap.php
http://208.67.104.60/api/tracemap.php
http://us.imgjeoigaa.com/sts/imagc.jpg
http://176.113.115.84:8080/4.php
http://77.91.124.231/info/photo443.exe
https://busell.store/setup294.exe

https://transcendgroup.co/ss.png

transcendgroup.co(200.225.42.150)
200.225.42.150

https://ikukucloud.us/restAPI/putty.exe

ikukucloud.us(83.69.248.68)
83.69.248.68

http://185.204.109.88/de253061326598d0/mozglue.dll
http://185.204.109.88/de253061326598d0/freebl3.dll
http://185.204.109.88/de253061326598d0/nss3.dll
http://185.204.109.88/de253061326598d0/msvcp140.dll
http://185.204.109.88/de253061326598d0/softokn3.dll
http://185.204.109.88/de253061326598d0/vcruntime140.dll
http://185.204.109.88/0f718f036de6b7e0.php
http://185.204.109.88/de253061326598d0/sqlite3.dll

185.204.109.88

https://newidea-marketing.com/rma.txt

newidea-marketing.com(162.0.232.208)
162.0.232.208 - phishing

api.telegram.org(149.154.167.220)
149.154.167.220