{ "name": "Infrastructure of Interest: Medium Confidence Detection", "slug": "infrastructure-of-interest-medium-confidence-detection", "description": "These indicators of compromise (IOCs) were identified through LevelBlue Labs' proprietary collection and threat hunting processes, leveraging AI-driven heuristics to detect anomalous patterns, behavioral analysis of malicious activity, and cross-referenced intelligence from endpoint telemetry and external sources. Use this data to enhance detection rules, block malicious infrastructure, or correlate with existing incident investigations.", "published": "2025-08-07T05:39:42+00:00", "created_at": "2025-08-07T05:39:42+00:00", "modified_at": "2025-08-10T18:28:02+00:00", "created_at_opencti": "2025-08-07T05:39:42+00:00", "author": "", "confidence": null, "report_types": [], "labels": [], "tags": [ "2025-08-07" ], "related_entities": { "observables": [ { "id": "", "name": "www.bapeespana.es" }, { "id": "", "name": "www.mondomusicatania.it" }, { "id": "", "name": "www4.serv.ge" }, { "id": "", "name": "www.wxliuxue.com" }, { "id": "", "name": "www.wsiz.rzeszow.pl" }, { "id": "", "name": "www.wada.co.jp" }, { "id": "", "name": "www.theinnovators.or.kr" }, { "id": "", "name": "www.test.wsdream.ru" }, { "id": "", "name": "www.studentrate.com" }, { "id": "", "name": "www.sovaglobal.ru" }, { "id": "", "name": "www.sn.gob.mx" }, { "id": "", "name": "www.ramc.it" }, { "id": "", "name": "www.playerclub.theplayer.ro" }, { "id": "", "name": "www.payment-gatawey-top-site.ru" }, { "id": "", "name": "www.paste.ee" }, { "id": "", "name": "www.paharesticla.ro" }, { "id": "", "name": "www.notifications.playerclub.ro" }, { "id": "", "name": "www.newssummedup.com" }, { "id": "", "name": "www.myphamthanhthuy.vn" }, { "id": "", "name": "www.multim.bg" }, { "id": "", "name": "www.lostinmagic.nl" }, { "id": "", "name": "www.jobsincrete.gr" }, { "id": "", "name": "www.lifenliving.org" }, { "id": "", "name": "www.kl-fysiotherapie.nl" }, { "id": "", "name": "www.itsbact.edu.it" }, { "id": "", "name": "www.info135.com.ar" }, { "id": "", "name": "www.huyskamps.nl" }, { "id": "", "name": "www.hpihealth.se" }, { "id": "", "name": "www.hn3derp.net" }, { "id": "", "name": "www.hamiltoninhmanagement.com" }, { "id": "", "name": "www.foto-eppler.de" }, { "id": "", "name": "www.firepro.hu" }, { "id": "", "name": "www.expoguide.co.kr" }, { "id": "", "name": "www.family-nabytek.cz" }, { "id": "", "name": "www.eulamusic.com" }, { "id": "", "name": "www.esfahanrestaurant.ir" }, { "id": "", "name": "www.ecoacademy.org.ua" }, { "id": "", "name": "www.dinisohbetciyizbiz.tr.gg" }, { "id": "", "name": "www.desli.nl" }, { "id": "", "name": "www.dedenet.de" }, { "id": "", "name": "www.das-beste-buch.de" }, { "id": "", "name": "www.danasun.vn" }, { "id": "", "name": "www.cariveproductions.com" }, { "id": "", "name": "www.akquise-plus.de" }, { "id": "", "name": "www.2020.phonthan.go.th" }, { "id": "", "name": "www.ubec.edu.br" }, { "id": "", "name": "www.stage-amerique-latine.fr" }, { "id": "", "name": "www.stage-canada.fr" }, { "id": "", "name": "www.squz.net" }, { "id": "", "name": "www.sai.ourdrama.me" }, { "id": "", "name": "www.pmrsa.pl" }, { "id": "", "name": "www.kagibi.net" }, { "id": "", "name": "www.ipages.ru" }, { "id": "", "name": "www.hotel-rheinpark.de" }, { "id": "", "name": "www.blende4.at" }, { "id": "", "name": "www.bennyn.de" }, { "id": "", "name": "zqoawcughy.ws" }, { "id": "", "name": "zkmebwbypeso.ws" }, { "id": "", "name": "xznck.ph" }, { "id": "", "name": "wsgnujikaoy.ph" }, { "id": "", "name": "tkygacuqi.ph" }, { "id": "", "name": "vgulixukos.ph" }, { "id": "", "name": "ucvwuygxkkaiq.ws" }, { "id": "", "name": "smgiy.ph" }, { "id": "", "name": "taeqsctnna.ws" }, { "id": "", "name": "tesggyissaesfr.ph" }, { "id": "", "name": "qqany.ws" }, { "id": "", "name": "qkklsnuxwrse.ws" }, { "id": "", "name": "qupsopkhcirpl.ph" }, { "id": "", "name": "qfwgzogmwaqcf.ws" }, { "id": "", "name": "qjpul.ws" }, { "id": "", "name": "njgvcwx.ws" }, { "id": "", "name": "mwuawcc.ph" }, { "id": "", "name": "kgkqsmxtlae.ws" }, { "id": "", "name": "myyuwunbsghq.ws" }, { "id": "", "name": "ismkucm.ph" }, { "id": "", "name": "gqxassq.ph" }, { "id": "", "name": "etrjieglx.ph" }, { "id": "", "name": "cyber-spreading.live" }, { "id": "", "name": "aqjai.ws" }, { "id": "", "name": "ceauoqy.ws" }, { "id": "", "name": "cksuldpqq.ws" }, { "id": "", "name": "ztcnqia.biz" }, { "id": "", "name": "zworllay.ws" }, { "id": "", "name": "zorecoszy.ws" }, { "id": "", "name": "zkultllwmhz.biz" }, { "id": "", "name": "zisbpki.ws" }, { "id": "", "name": "zbrzjcrs.ws" }, { "id": "", "name": "zaahbwomt.cn" }, { "id": "", "name": "ynbzpncydbt.ws" }, { "id": "", "name": "yhafz.com" }, { "id": "", "name": "yfovzmvju.biz" }, { "id": "", "name": "xuqoz.com" }, { "id": "", "name": "xtmohlo.com" }, { "id": "", "name": "xhkbl.biz" }, { "id": "", "name": "xsfrmkoz.biz" }, { "id": "", "name": "xlfltet.com" }, { "id": "", "name": "xeslildmleu.biz" }, { "id": "", "name": "xdjapcrtv.com" }, { "id": "", "name": "xgmfbsitc.cn" }, { "id": "", "name": "wudolaaozkj.biz" }, { "id": "", "name": "woewysypsxd.ws" }, { "id": "", "name": "wheonhqx.ws" }, { "id": "", "name": "wkrnqlwi.cn" }, { "id": "", "name": "wmgvecoe.ws" }, { "id": "", "name": "wdstssmn.ws" }, { "id": "", "name": "wcxrqipqvge.biz" }, { "id": "", "name": "wdvftot.ws" }, { "id": "", "name": "vmbtjn.ws" }, { "id": "", "name": "vndmletk.ws" }, { "id": "", "name": "vswjqryotw.biz" }, { "id": "", "name": "vawri2euyycfhnztpx1gmwraz9esd.ru" }, { "id": "", "name": "vevfpyja.com" }, { "id": "", "name": "vhxktg.biz" }, { "id": "", "name": "vaenjjtq.com" }, { "id": "", "name": "uzdjfwfot.ws" }, { "id": "", "name": "uyruppfd.org" }, { "id": "", "name": "uwngbb.ws" }, { "id": "", "name": "uuezr.ws" }, { "id": "", "name": "uwaqopn.cn" }, { "id": "", "name": "uhsfb.org" }, { "id": "", "name": "urzctzp.cn" }, { "id": "", "name": "umxmz.cn" }, { "id": "", "name": "uikyksxs.com" }, { "id": "", "name": "uheqm.net" }, { "id": "", "name": "ufjofb.org" }, { "id": "", "name": "uclssixl.com" }, { "id": "", "name": "tzwih.net" }, { "id": "", "name": "twyrrmsb.ws" }, { "id": "", "name": "tskzvw1y4dmkdcshpmqn7ucgvgkpb.ss" }, { "id": "", "name": "tpofvkuc.net" }, { "id": "", "name": "tpjeaphw.cn" }, { "id": "", "name": "tllhezllhangs.net" }, { "id": "", "name": "tllhezlhangs.net" }, { "id": "", "name": "szqqoisj.cn" }, { "id": "", "name": "syszx.net" }, { "id": "", "name": "sxbqteuu.ws" }, { "id": "", "name": "swthnzzg.biz" }, { "id": "", "name": "suwdvwkfz.ws" }, { "id": "", "name": "stwig.ws" }, { "id": "", "name": "spdlelnsen.cn" }, { "id": "", "name": "ssthmvlrjs.ws" }, { "id": "", "name": "skklcphi.ws" }, { "id": "", "name": "sjuozdn.net" }, { "id": "", "name": "sennp.cc" }, { "id": "", "name": "sctwvkya.net" }, { "id": "", "name": "rzcdkax.ws" }, { "id": "", "name": "rwsjoa.com" }, { "id": "", "name": "rukjsiu.cn" }, { "id": "", "name": "rrexdx.net" }, { "id": "", "name": "rnbhft8lhxodxpbqyhj9b96grqmtf.gn" }, { "id": "", "name": "rnailrniglht.com" }, { "id": "", "name": "rlbzugci.org" }, { "id": "", "name": "rjdofjkw.ws" }, { "id": "", "name": "rdthxnk.cn" }, { "id": "", "name": "rdeeig.ws" }, { "id": "", "name": "rdbwcopgu.cn" }, { "id": "", "name": "rcqlnomn.net" }, { "id": "", "name": "rauxlqz.org" }, { "id": "", "name": "raifl.org" }, { "id": "", "name": "r5karivzobl533oxoh3pcf8hspvbp.nz" }, { "id": "", "name": "qgsozmnnkcm.biz" }, { "id": "", "name": "puthuz.net" }, { "id": "", "name": "pqapasf.com" }, { "id": "", "name": "plsvulua.com" }, { "id": "", "name": "pjkjajlqu.biz" }, { "id": "", "name": "phbvuqukh.net" }, { "id": "", "name": "pfzmdyuow.ws" }, { "id": "", "name": "pawkc.net" }, { "id": "", "name": "pahuax.ws" }, { "id": "", "name": "ozurrpaf.com" }, { "id": "", "name": "ouvtut.org" }, { "id": "", "name": "ousanl.cn" }, { "id": "", "name": "ouahxpmu.ws" }, { "id": "", "name": "ooqogooy.org" }, { "id": "", "name": "ojjqrljz.ws" }, { "id": "", "name": "omkulizn.com" }, { "id": "", "name": "okjmipav.net" }, { "id": "", "name": "ohoqssrpr.com" }, { "id": "", "name": "ogyzn.ws" }, { "id": "", "name": "nyvtkuhl.net" }, { "id": "", "name": "nuyhy.org" }, { "id": "", "name": "nvwgj.com" }, { "id": "", "name": "nuivkmfq.org" }, { "id": "", "name": "nrfrc.net" }, { "id": "", "name": "noxkk.ws" }, { "id": "", "name": "neczyefa.org" }, { "id": "", "name": "nemttff.org" }, { "id": "", "name": "negfkf.org" }, { "id": "", "name": "mykenyzj.cn" }, { "id": "", "name": "mydotcomabdrcss.com" }, { "id": "", "name": "mwuqefgma.biz" }, { "id": "", "name": "mybtimtermct.com" }, { "id": "", "name": "mpnuq8z8bm5b6ykfvvilc8kt1pp43.rs" }, { "id": "", "name": "mnfzk.cn" }, { "id": "", "name": "mlpkipee.cn" }, { "id": "", "name": "mkzbardt.net" }, { "id": "", "name": "mhpgezkcxag.cn" }, { "id": "", "name": "mhlksn.cn" }, { "id": "", "name": "mceprfzf.org" } ], "others": [ { "id": "", "name": "xn--80aqoz.xn--p1ai" }, { "id": "", "name": "updateslatestweb.website" }, { "id": "", "name": "truevisionedge.monster" }, { "id": "", "name": "tlmfpyt.srxzgupcsmni.hath.network" }, { "id": "", "name": "mail.kcs.network" }, { "id": "", "name": "gocryptoldende.digital" }, { "id": "", "name": "egx.education" }, { "id": "", "name": "AV EMPTY REPORT" } ] }, "external_refs": [ "https://otx.alienvault.com/pulse/6894583edc4b67d5c7c5cb34" ] }