{
  "name": "Infrastructure of Interest: High Confidence Detection",
  "slug": "infrastructure-of-interest-high-confidence-detection",
  "description": "These indicators of compromise (IOCs) were identified through LevelBlue Labs' proprietary collection and threat hunting processes, leveraging AI-driven heuristics to detect anomalous patterns, behavioral analysis of malicious activity, and cross-referenced intelligence from endpoint telemetry and external sources. Use this data to enhance detection rules, block malicious infrastructure, or correlate with existing incident investigations.",
  "published": "2025-08-07T05:07:55+00:00",
  "created_at": "2025-08-07T05:07:55+00:00",
  "modified_at": "2025-08-10T18:28:01+00:00",
  "created_at_opencti": "2025-08-07T05:07:55+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2025-08-07"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "www.metastar.co.uk"
      },
      {
        "id": "",
        "name": "www.rsaavedrawalker.com"
      },
      {
        "id": "",
        "name": "www.mondomusicatania.it"
      },
      {
        "id": "",
        "name": "www.adshost2.com"
      },
      {
        "id": "",
        "name": "www.2b560k.info"
      },
      {
        "id": "",
        "name": "wwwdomains.xyz"
      },
      {
        "id": "",
        "name": "www.zzdxchem.com"
      },
      {
        "id": "",
        "name": "www.zhestkoe.org"
      },
      {
        "id": "",
        "name": "www.yoskarn.cn"
      },
      {
        "id": "",
        "name": "www.zdiwond.concedes.xyz"
      },
      {
        "id": "",
        "name": "www.yakkyoku-joto.jp"
      },
      {
        "id": "",
        "name": "www.xn--kserei-mack-l8a.de"
      },
      {
        "id": "",
        "name": "www.xn--82cdbad4gb6eaas2b0ikb1bbec9cwjc6p.com"
      },
      {
        "id": "",
        "name": "www.xenos.love"
      },
      {
        "id": "",
        "name": "www.www.www.notexistsjenkins.slg.freemyip.com"
      },
      {
        "id": "",
        "name": "www.woohahaapps.com"
      },
      {
        "id": "",
        "name": "www.windowfdb.com"
      },
      {
        "id": "",
        "name": "www.shin.ge"
      },
      {
        "id": "",
        "name": "www.uspikh.com"
      },
      {
        "id": "",
        "name": "www.vpngold.ru"
      },
      {
        "id": "",
        "name": "www.vmklsfdv.duckdns.org"
      },
      {
        "id": "",
        "name": "www.uralinteh.com"
      },
      {
        "id": "",
        "name": "www.umapublications.com"
      },
      {
        "id": "",
        "name": "www.turkbilgi.info"
      },
      {
        "id": "",
        "name": "www.thailandesportclub.com"
      },
      {
        "id": "",
        "name": "www.theinnovators.zone"
      },
      {
        "id": "",
        "name": "www.thaimassage.spa"
      },
      {
        "id": "",
        "name": "www.thaisinoliterature.com"
      },
      {
        "id": "",
        "name": "www.techgeeks.org"
      },
      {
        "id": "",
        "name": "www.szucsfuvar.hu"
      },
      {
        "id": "",
        "name": "www.styleglow.com"
      },
      {
        "id": "",
        "name": "www.sunvalleyncr.in"
      },
      {
        "id": "",
        "name": "www.stroiset.ru"
      },
      {
        "id": "",
        "name": "www.stephenson-eng.com"
      },
      {
        "id": "",
        "name": "www.starcountry.net"
      },
      {
        "id": "",
        "name": "www.strah.tv"
      },
      {
        "id": "",
        "name": "www.sto1.swe.serverclues.com"
      },
      {
        "id": "",
        "name": "www.sto1.swe.callplace.net"
      },
      {
        "id": "",
        "name": "www.splystyle.com"
      },
      {
        "id": "",
        "name": "www.solutekcolombia.com"
      },
      {
        "id": "",
        "name": "www.soccercardshq.com"
      },
      {
        "id": "",
        "name": "www.sirinkalem.com"
      },
      {
        "id": "",
        "name": "www.sibalco.de"
      },
      {
        "id": "",
        "name": "www.schelmish.de"
      },
      {
        "id": "",
        "name": "www.shakeregypt.com"
      },
      {
        "id": "",
        "name": "www.sercerosnie.com.pl"
      },
      {
        "id": "",
        "name": "www.sergio.bz"
      },
      {
        "id": "",
        "name": "www.schrag-controll.ch"
      },
      {
        "id": "",
        "name": "www.secureloginpage.info"
      },
      {
        "id": "",
        "name": "www.sc-kapellen.com"
      },
      {
        "id": "",
        "name": "www.sc-hot.com"
      },
      {
        "id": "",
        "name": "www.savaswsd.duckdns.org"
      },
      {
        "id": "",
        "name": "www.sao-ee.vn"
      },
      {
        "id": "",
        "name": "www.sanwall.com.hk"
      },
      {
        "id": "",
        "name": "www.ryazan.fundament-mir.ru"
      },
      {
        "id": "",
        "name": "www.rwatasks.shop"
      },
      {
        "id": "",
        "name": "www.r1ch.net"
      },
      {
        "id": "",
        "name": "www.rhinovate.tech"
      },
      {
        "id": "",
        "name": "www.revounecses.run"
      },
      {
        "id": "",
        "name": "www.rebduspe.com"
      },
      {
        "id": "",
        "name": "www.radioforum.moscow"
      },
      {
        "id": "",
        "name": "www.r2.netgo.su"
      },
      {
        "id": "",
        "name": "www.pphost.net"
      },
      {
        "id": "",
        "name": "www.postmaster.oralul-lokef.com"
      },
      {
        "id": "",
        "name": "www.pm-ural.com"
      },
      {
        "id": "",
        "name": "www.poolside.playerclub.ro"
      },
      {
        "id": "",
        "name": "www.pizzariamassafina.com"
      },
      {
        "id": "",
        "name": "www.pixelmon.pro"
      },
      {
        "id": "",
        "name": "www.piscisinspiral.cz"
      },
      {
        "id": "",
        "name": "www.piano-sheet-music.com"
      },
      {
        "id": "",
        "name": "www.piscis.cz"
      },
      {
        "id": "",
        "name": "www.maxgamez.ru"
      },
      {
        "id": "",
        "name": "www.packagex.app"
      },
      {
        "id": "",
        "name": "www.outsourcing.solutekcolombia.com"
      },
      {
        "id": "",
        "name": "www.oegexpress.com"
      },
      {
        "id": "",
        "name": "www.odinfilm.ru"
      },
      {
        "id": "",
        "name": "www.makoto.su"
      },
      {
        "id": "",
        "name": "www.noveltech-crete.com"
      },
      {
        "id": "",
        "name": "www.nordfjell.online"
      },
      {
        "id": "",
        "name": "www.nothingbut.co.uk"
      },
      {
        "id": "",
        "name": "www.niikmoll.ru"
      },
      {
        "id": "",
        "name": "www.mvpholding.org"
      },
      {
        "id": "",
        "name": "www.myparrotfood.com"
      },
      {
        "id": "",
        "name": "www.neolutionesport.com"
      },
      {
        "id": "",
        "name": "www.incom.ca"
      },
      {
        "id": "",
        "name": "www.nameradio.ru"
      },
      {
        "id": "",
        "name": "www.negrutiu.com"
      },
      {
        "id": "",
        "name": "www.myleneamon.chpgb.netstore.freemyip.com"
      },
      {
        "id": "",
        "name": "www.mintlinux.ru"
      },
      {
        "id": "",
        "name": "www.mojnakit.si"
      },
      {
        "id": "",
        "name": "www.mispuntoscr.com"
      },
      {
        "id": "",
        "name": "www.moeildrnkb.duckdns.org"
      },
      {
        "id": "",
        "name": "www.minatproperty.id"
      },
      {
        "id": "",
        "name": "www.menzegmbh.de"
      },
      {
        "id": "",
        "name": "www.membergame.blog"
      },
      {
        "id": "",
        "name": "www.lyricmarketing.com"
      },
      {
        "id": "",
        "name": "www.lvs777.cc"
      },
      {
        "id": "",
        "name": "www.madutigabeachandresort.com"
      },
      {
        "id": "",
        "name": "www.lubexx.com.br"
      },
      {
        "id": "",
        "name": "www.love-dolls.com"
      },
      {
        "id": "",
        "name": "www.littlespepe.net"
      },
      {
        "id": "",
        "name": "www.linguaggicreativi.it"
      },
      {
        "id": "",
        "name": "www.legalhackers.com"
      },
      {
        "id": "",
        "name": "www.kysmallbusiness.org"
      },
      {
        "id": "",
        "name": "www.koeshomokkft.hu"
      },
      {
        "id": "",
        "name": "www.krby-trebic.cz"
      },
      {
        "id": "",
        "name": "www.jhzhyl.com"
      },
      {
        "id": "",
        "name": "www.kiscolgrands.com"
      },
      {
        "id": "",
        "name": "www.kind-leakey.196-251-114-105.plesk.page"
      },
      {
        "id": "",
        "name": "www.kcs.network"
      },
      {
        "id": "",
        "name": "www.joker-betting.com"
      },
      {
        "id": "",
        "name": "www.k9300.vip"
      },
      {
        "id": "",
        "name": "www.jysinternational.com"
      },
      {
        "id": "",
        "name": "www.job-sbu.org"
      },
      {
        "id": "",
        "name": "www.jeuxviddeo.com"
      },
      {
        "id": "",
        "name": "www.jdlrelocation.com"
      },
      {
        "id": "",
        "name": "www.jdlrealtychinese.ca"
      },
      {
        "id": "",
        "name": "www.jcumslut.com"
      },
      {
        "id": "",
        "name": "www.izlebilgi.info"
      },
      {
        "id": "",
        "name": "www.itcs-pohle.de"
      },
      {
        "id": "",
        "name": "www.iquizhi.com"
      },
      {
        "id": "",
        "name": "www.hotels-valdys.fr"
      },
      {
        "id": "",
        "name": "www.internationalhealthpolicies.org"
      },
      {
        "id": "",
        "name": "www.inh2016.inhproperties.com"
      },
      {
        "id": "",
        "name": "www.group-images2.com"
      },
      {
        "id": "",
        "name": "www.ilvegames.com"
      },
      {
        "id": "",
        "name": "www.ic.tips"
      },
      {
        "id": "",
        "name": "www.hyella.com.ng"
      },
      {
        "id": "",
        "name": "www.horsttotaal.nl"
      },
      {
        "id": "",
        "name": "www.hashing.win"
      },
      {
        "id": "",
        "name": "www.hhchange.blog"
      },
      {
        "id": "",
        "name": "www.gutou.cc"
      },
      {
        "id": "",
        "name": "www.harveygoldsmith.com"
      },
      {
        "id": "",
        "name": "www.harumikifruits.com"
      },
      {
        "id": "",
        "name": "www.hanloonenergy.com"
      },
      {
        "id": "",
        "name": "www.grupoemira.com"
      },
      {
        "id": "",
        "name": "www.grupoelg.com.br"
      },
      {
        "id": "",
        "name": "www.goldmustang.ru"
      },
      {
        "id": "",
        "name": "www.goldmustang.com"
      },
      {
        "id": "",
        "name": "www.gluckesports.com"
      },
      {
        "id": "",
        "name": "www.gianqyab.www.devl-vps.duckdns.org"
      },
      {
        "id": "",
        "name": "www.glazedovergear.com"
      },
      {
        "id": "",
        "name": "www.gggis.com"
      },
      {
        "id": "",
        "name": "www.gambler-pidoras.com"
      },
      {
        "id": "",
        "name": "www.gamebetxo.com"
      },
      {
        "id": "",
        "name": "www.fytb.cc"
      },
      {
        "id": "",
        "name": "www.fundacionesperanza.org.es"
      },
      {
        "id": "",
        "name": "www.fortress-survival.com"
      },
      {
        "id": "",
        "name": "www.fondovacanzefelici.it"
      },
      {
        "id": "",
        "name": "www.fietsrepas.desli.nl"
      },
      {
        "id": "",
        "name": "www.fertilidad.pe"
      },
      {
        "id": "",
        "name": "www.facilespedizioni.com"
      },
      {
        "id": "",
        "name": "www.expresshomebuyers.com"
      },
      {
        "id": "",
        "name": "www.ev4gh.net"
      },
      {
        "id": "",
        "name": "www.fabbrihotels.com"
      },
      {
        "id": "",
        "name": "www.event-cp.com"
      },
      {
        "id": "",
        "name": "www.egotasticsports.com"
      },
      {
        "id": "",
        "name": "www.eurospace.it"
      },
      {
        "id": "",
        "name": "www.essentialoilnews.com"
      },
      {
        "id": "",
        "name": "www.eltehnik.plovdiv-remonti.com"
      },
      {
        "id": "",
        "name": "www.dubaibusinessadvisors.com"
      },
      {
        "id": "",
        "name": "www.dubaj-police-ae.com"
      },
      {
        "id": "",
        "name": "www.drunkenburger.com"
      },
      {
        "id": "",
        "name": "www.dreamcreations.world"
      },
      {
        "id": "",
        "name": "www.digitaldaya.com"
      },
      {
        "id": "",
        "name": "www.devopsmnl.com"
      },
      {
        "id": "",
        "name": "www.daokers.com"
      },
      {
        "id": "",
        "name": "www.decorating.epizy.com"
      },
      {
        "id": "",
        "name": "www.dbxen.org"
      },
      {
        "id": "",
        "name": "www.cosmosdawn.net"
      },
      {
        "id": "",
        "name": "www.dashboard.ainit.net"
      },
      {
        "id": "",
        "name": "www.cygnusnorth.com"
      },
      {
        "id": "",
        "name": "www.cqqckj.cc"
      },
      {
        "id": "",
        "name": "www.couturepress.com"
      },
      {
        "id": "",
        "name": "www.cosmosdawn.com"
      },
      {
        "id": "",
        "name": "www.comtop.com"
      },
      {
        "id": "",
        "name": "www.cootel.com.kh"
      },
      {
        "id": "",
        "name": "www.coseperlacucina.com"
      },
      {
        "id": "",
        "name": "www.cnitblog.com"
      },
      {
        "id": "",
        "name": "www.civi-s.ltd"
      },
      {
        "id": "",
        "name": "www.checucino.it"
      },
      {
        "id": "",
        "name": "www.cdnstatics.net"
      },
      {
        "id": "",
        "name": "www.catbox.moe"
      },
      {
        "id": "",
        "name": "www.businessofcinema.com"
      },
      {
        "id": "",
        "name": "www.breienallerlei.nl"
      },
      {
        "id": "",
        "name": "www.bozcaadaotelleri.com"
      },
      {
        "id": "",
        "name": "www.brother.solutekcolombia.com"
      },
      {
        "id": "",
        "name": "www.bos.ru"
      },
      {
        "id": "",
        "name": "www.bookvrff.com"
      },
      {
        "id": "",
        "name": "www.blog.giv.care"
      },
      {
        "id": "",
        "name": "www.backwoon.com"
      },
      {
        "id": "",
        "name": "www.b1.org"
      },
      {
        "id": "",
        "name": "www.assuredfix.com"
      },
      {
        "id": "",
        "name": "www.auroraproduct.com"
      },
      {
        "id": "",
        "name": "www.anquanke.com"
      },
      {
        "id": "",
        "name": "www.asqh.org"
      },
      {
        "id": "",
        "name": "www.artloop.ru"
      },
      {
        "id": "",
        "name": "www.armportal.co.uk"
      },
      {
        "id": "",
        "name": "www.argal.is"
      },
      {
        "id": "",
        "name": "www.aquacover-ua.com"
      }
    ],
    "others": [
      {
        "id": "",
        "name": "techguidet.digital"
      },
      {
        "id": "",
        "name": "zonafilm.website"
      },
      {
        "id": "",
        "name": "xn--f1accvba1ao3f.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----htbcfgmbiae0a.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--c1akagerbbrlap.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--b1acdkvoa5aq1j.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--b1aarbic.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--80apbanbadpxtoey.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--80aidaaazluddnrfnq.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--80ahclcbajtrv5ae6c.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--80ai0anme.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--80ahclcbajtrv5ae6c.xn--80asehdb"
      },
      {
        "id": "",
        "name": "xn--80aaudvjo4a.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--80aaehi8bcdbpzdm0a2i.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--80aaoscw1ab.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn--80aaab7bjb.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn---33-5cdbkqf0ctjk2ayd5d.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----otbhkgchs.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----ctbbgfabqdde4a8byagnheg.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----7sbejxjikalciq5nrb.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----8sbgjy2acchcfp1l.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----7sbqzc8aya.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----7sbqg1a3a4dua.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----7sbdnbwaquafjmdgqp3e7b.xn--p1ai"
      },
      {
        "id": "",
        "name": "xn----7sbb6am7al2f.xn--p1ai"
      },
      {
        "id": "",
        "name": "vps-802678-mix.servidor.hosting"
      },
      {
        "id": "",
        "name": "vmfootandmatch.772424.hosting"
      },
      {
        "id": "",
        "name": "video-hub.digital"
      },
      {
        "id": "",
        "name": "udg.company"
      },
      {
        "id": "",
        "name": "tovarisch.engineer"
      },
      {
        "id": "",
        "name": "success.holdings"
      },
      {
        "id": "",
        "name": "spinloop.digital"
      },
      {
        "id": "",
        "name": "ptt.delivery"
      },
      {
        "id": "",
        "name": "primesoftware.company"
      },
      {
        "id": "",
        "name": "postgresql.download"
      },
      {
        "id": "",
        "name": "parkingpay.finance"
      },
      {
        "id": "",
        "name": "papps.company"
      },
      {
        "id": "",
        "name": "otomarket.istanbul"
      },
      {
        "id": "",
        "name": "ns2.xn--d1abai7aebhgu.xn--p1ai"
      },
      {
        "id": "",
        "name": "nonghyup.finance"
      },
      {
        "id": "",
        "name": "necroterminal.digital"
      },
      {
        "id": "",
        "name": "nazarly.digital"
      },
      {
        "id": "",
        "name": "metamorphterminal.digital"
      },
      {
        "id": "",
        "name": "lordserial.xn--6frz82g"
      },
      {
        "id": "",
        "name": "lordfilms.xn--6frz82g"
      },
      {
        "id": "",
        "name": "lordfilm.xn--6frz82g"
      },
      {
        "id": "",
        "name": "lmd.international"
      },
      {
        "id": "",
        "name": "lifekey.website"
      },
      {
        "id": "",
        "name": "kudelich.network"
      },
      {
        "id": "",
        "name": "kinotochka.xn--6frz82g"
      },
      {
        "id": "",
        "name": "ibkr.digital"
      },
      {
        "id": "",
        "name": "hugamuga.monster"
      },
      {
        "id": "",
        "name": "hopeai.digital"
      },
      {
        "id": "",
        "name": "get-apk-hub.digital"
      },
      {
        "id": "",
        "name": "eudreem.website"
      },
      {
        "id": "",
        "name": "dubrovskiterminal.digital"
      },
      {
        "id": "",
        "name": "dome.kitchen"
      },
      {
        "id": "",
        "name": "densklll.digital"
      },
      {
        "id": "",
        "name": "ctago.monster"
      },
      {
        "id": "",
        "name": "bolddreamnetwork.monster"
      },
      {
        "id": "",
        "name": "attrax.digital"
      },
      {
        "id": "",
        "name": "atena.digital"
      },
      {
        "id": "",
        "name": "_dc-mx.93c9164a4602.mashrabia.co.il"
      },
      {
        "id": "",
        "name": "_dc-mx.b8928aa34404.frontier.net.pk"
      },
      {
        "id": "",
        "name": "_dc-mx.c50e8a6db02b.mongtruyenkypc.com"
      },
      {
        "id": "",
        "name": "_.xn--90amc.xn--p1acf"
      },
      {
        "id": "",
        "name": "_dc-mx.1132cbde0502.tgcindia.com"
      },
      {
        "id": "",
        "name": "accoumace.website"
      },
      {
        "id": "",
        "name": "starfish.technology"
      },
      {
        "id": "",
        "name": "wshsoft.company"
      },
      {
        "id": "",
        "name": "AV EMPTY REPORT"
      }
    ]
  },
  "external_refs": [
    "https://otx.alienvault.com/pulse/689450cb694d3772d640ae3a"
  ]
}