# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://x.com/jaimeblascob/status/1872445912175534278
# Reference: https://x.com/jaimeblascob/status/1872460170565161108
# Reference: https://x.com/jaimeblascob/status/1872468826639798574
# Reference: https://x.com/AndreGironda/status/1872463896742871095
# Reference: https://x.com/IceSolst/status/1872701727465411037
# Reference: https://www.cyberhaven.com/engineering-blog/cyberhavens-preliminary-analysis-of-the-recent-malicious-chrome-extension
# Reference: https://secureannex.com/blog/cyberhaven-extension-compromise/
# Reference: https://www.virustotal.com/gui/ip-address/136.244.115.219/relations
# Reference: https://www.virustotal.com/gui/ip-address/149.28.124.84/relations
# Reference: https://www.virustotal.com/gui/ip-address/149.248.2.160/relations
# Reference: https://www.virustotal.com/gui/ip-address/155.138.253.165/relations

adskiper.net
aiforgemini.com
bardaiforchrome.live
blockadsonyt.vip
blockforads.com
bookmarkfc.info
castorus.info
censortracker.pro
chataiassistant.pro
chatgptextension.site
chatgptextent.pro
chatgptforsearch.com
checkpolicy.site
cyberhavenext.pro
dearflip.pro
extensionbuysell.com
extensionpolicy.net
extensionpolicyprivacy.com
forassistant.com
forbarai.com
geminiaigg.pro
geminiforads.com
goodenhancerblocker.site
gpt4summary.ink
gptdetector.live
graphqlnetwork.pro
inspirewellread.com
internetdownloadmanager.pro
internxtvpn.pro
iobit.pro
linewizeconnect.com
locallyext.ink
moonsift.store
parrottalks.info
pieadblock.pro
policyextension.info
primusext.pro
proxyswitchyomega.pro
readermodeext.info
redeem-p2p.org
savechatgpt.site
savegptforchrome.com
savegptforyou.live
savgptforchrome.pro
searchaiassitant.info
searchcopilot.co
searchgptchat.info
tinamind.info
tkpartner.pro
tkv2.pro
ultrablock.pro
uvoice.live
videodownloadhelper.pro
vidnozflex.live
vpncity.live
wakelet.ink
wayinai.live
yescaptcha.pro
youtubeadsblocker.live
ytbadblocker.com
yujaverity.info
admin-new.tkv2.pro
admin-set.tkpartner.pro
admin.tkv2.pro
api.bardaiforchrome.live
api.blockadsonyt.vip
api.bookmarkfc.info
api.censortracker.pro
api.chataiassistant.pro
api.chatgptextension.site
api.chatgptextent.pro
api.cyberhavenext.pro
api.dearflip.pro
api.geminiaigg.pro
api.goodenhancerblocker.site
api.gpt4summary.ink
api.gptdetector.live
api.graphqlnetwork.pro
api.internetdownloadmanager.pro
api.linewizeconnect.com
api.locallyext.ink
api.moonsift.store
api.parrottalks.info
api.pieadblock.pro
api.primusext.pro
api.proxyswitchyomega.pro
api.readermodeext.info
api.savechatgpt.site
api.savegptforyou.live
api.savgptforchrome.pro
api.searchaiassitant.info
api.searchcopilot.co
api.searchgptchat.info
api.tinamind.info
api.tkv2.pro
api.ultrablock.pro
api.uvoice.live
api.videodownloadhelper.pro
api.vidnozflex.live
api.vpncity.live
api.wakelet.ink
api.wayinai.live
api.yescaptcha.pro
api.youtubeadsblocker.live
api.yujaverity.info
app.checkpolicy.site
app.extensionbuysell.com
app.extensionpolicy.net
app.extensionpolicyprivacy.com
app.linewizeconnect.com
app.policyextension.info
chatgpt.forassistant.com
google.forbarai.com
search.forbarai.com

# Reference: https://x.com/IceSolst/status/1872872568085950855

qwerty.pro
x1111.pro
api.qwerty.pro
api.x1111.pro

# Reference: https://x.com/tuckner/status/1873443679513510327
# Reference: https://www.virustotal.com/gui/ip-address/148.72.132.43/relations
# Reference: https://www.virustotal.com/gui/ip-address/148.72.164.10/relations
# Reference: https://www.virustotal.com/gui/ip-address/148.72.164.11/relations
# Reference: https://www.virustotal.com/gui/ip-address/148.72.173.24/relations
# Reference: https://www.virustotal.com/gui/file/2eb1d8cb3e71c87708fc8cf2b87ed42bc29db07999fbd2404eeb7d6867116a22/detection
# Reference: https://www.virustotal.com/gui/file/7a988da1cd7cd725dad1b28dffddd2c1079159ab9c10f711712886c8e369084e/detection
# Reference: https://www.virustotal.com/gui/file/f1c87cc157c9776ef2cead30707e6f1f4909bb391f8a13a131d642a85dab68bd/detection

api.sclint.net
api.sclpfybn.com
api.tnagofsg.com
api.tnaint.net
cs.sclint.net
cs.sclpfybn.com
id.sclint.net
id.sclpfybn.com
id.tnagofsg.com
id.tnaint.net

# Reference: https://x.com/tuckner/status/1874141586642391369

forextensions.com
supportchromestore.com
