# Copyright (c) 2014-2026 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: prospy, protospy, tospy

# Reference: https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/
# Reference: https://github.com/eset/malware-ioc/tree/master/promptspy
# Reference: https://www.virustotal.com/gui/file/11f5c91d24c9d1eee16dacacfb9160e299544c1a854af92f79daf88364cea0b6/detection
# FAVICON_HASH-HOST=1a7044ceda69381942b48eb1908119af

54.67.2.84:5500
54.67.2.84:8080
9iu74a51.com
a-chase-ar.com
a-chase-arg.com
anonovo7.com
cat-ar-no.com
cgju832a.com
cp-exc-a.com
ct-pl-ar-ex.com
dt-mg-ar.com
fondos-mg-p.com
huanahk.com
m-mgarg.com
mg-ar-a.com
mg-arg-a.com
mg-dt-fondo.com
mg-fondo-mli.com
mg-fondo-uno.com
mgardownload.com
mgnnsql.com
mil-arg.com
pl-ar-exc.com
tejfudc3.com
h5.9iu74a51.com
h5.a-chase-ar.com
h5.a-chase-arg.com
h5.dt-mg-ar.com
h5.fondos-mg-p.com
h5.m-mgarg.com
h5.mg-ar-a.com
h5.mg-arg-a.com
h5.mg-dt-fondo.com
h5.mg-fondo-mli.com
h5.mg-fondo-uno.com
h5.mil-arg.com
h5.tejfudc3.com
test123.anonovo7.com
test123.cgju832a.com
test123456.cgju832a.com

# Reference: https://www.lookout.com/threat-intelligence/article/bitter-hack-for-hire

ai-ae.io
botim-app.pro
clubline.cc
track-portal.co
treasuresland.cc
totok-pro.ae
totok-pro.ai-ae.io

# Reference: https://www.lookout.com/threat-intelligence/article/bitter-hack-for-hire

027b1003-dd24-4e93-b74b-8282ff4d6586.mn-id.cc
2.id-ar.ca
2fa-manage.me-en.cc
2fa-mange.me-en.cc
2fa-sgnl.en-ir.org
2fa-sgnl.logs.re
2fa-signal.id-en.net
349383a5-557c-43e0-a3e8-85ca92fc70d8.mailbdf-bh.net
3aac32aa-df99-47f8-90c3-697dc9d98442.me-relay.org
3e8ce93b-34eb-4d31-9243-4481ffb98cd3.en-info.live
43e92d22-0923-4424-8e4c-6f1aa0397af4.com-ae.org
4f66072b-2276-4136-acaa-a1a88e294e4f.mn-id.cc
4instalments.web-signal.org
53aef03b-0a86-4497-8c1e-23cfcd9f96e5.ar-id.co
54864-ov.en-uk.cc
58352d6a-e1a4-489f-b46e-e74535bf677c.me-relay.org
5be54f27-d133-4414-ab97-a28460472e9a.me-relay.org
60d22c9b-8946-4d84-b73c-3ff6610e49a1.me-relay.org
6441056b613c32a9.appleid-number.me-ar.io
67f34c48-a901-44f1-af9d-81c80b03b5ea.mn-id.cc
69f65276-f9bc-40d9-9b53-c3afe3abf4fb.com-info.io
734yhihudnsifsdf.acc-mn.info
7381d8b7-6549-4c38-8f8e-069e1c25a577.com-info.io
74d1f32b-1098-43c1-99ae-3d1d6e14afd7.id-me.cc
76194fdc-fde2-4128-b4e5-6e185e89d224.com-ae.org
7d89036a-0e91-426f-b629-516286d7b053.mailbdf-bh.net
8437ee10-9da5-44b0-897c-749b07c47f41.mailbdf-bh.net
84d4d991-f6cf-4225-b72a-0123fc2508f3.en-account.info
8e968722-92c0-4944-93da-58c9ad8f7eeb.com-info.io
952cd7f5-55c2-472f-bc9d-08487ef75661.random.en-account.info
963d2ae3-9d60-4704-8262-5854b6c02d29.mn-id.cc
978c6bd2-fcba-4758-917e-dc6298b61632.en-info.live
98798hnuyf8diufsd.ac-im.cc
99e27236-9c0a-4c7f-b114-f181d0c00173.com-ae.org
a.b.c.review-ar.co
a.b.review-ar.co
a.com-info.io
a.review-ar.co
a33d9f71-6bcd-41d3-9f7d-50a90628551f.id-me.cc
aa.id-us.ca
abc-newalt.ids-ar.co
abc-ninealt.id-ar.co
abc.en-uk.cc
abc1.en-uk.cc
abcde-res.id-ar.co
abcde-ress.ids-ar.co
abcdef.ress.id-ar.cc
abde-alt.id-ar.cc
ac-id.en-uk.cc
ac-im.cc
ac-us.cc
acc-hot-mail.hm-en.cc
acc-mn.info
account-live.com-ln.info
account-live.com-service.info
account-protection.accountservice.cc
account-update.ar-id.co
account-validation-required.ct.ws
account-yahoo.com-service.info
account.com-ae.org
account.me-relay.org
accountcapabilities-pa.google.svr-drive.com
accountcapabilities-pa.share.svr-drive.com
accounts-apple.ar-id.co
accounts.google.svr-drive.com
accounts.share.svr-drive.com
accountservice.cc
adm.mailbdf-bh.net
admin.ar-id.co
admin.com-ae.org
admin.en-info.live
admin.relay-ar.co
ae3eb0c0-ab31-4ea7-a29c-c5886e35721a.com-ae.org
aging.entity-me.online
al-ap-cl.en-id.cc
ale-soun.com-en-us.info
ale-soun.me-info.io
ale763873497ty73.id-me.io
aler-get.me-ar.cc
aler-new.com-cc.io
aler-new.me-ar.cc
aler762b-9873bc78.id-ar.cc
aler78-fhgue.ar-me.cc
alerjf7uh3ui8ys.serviceinfo.cc
alert-new.id-en.io
alet-new.me-en.io
alet-uebu.com-me.io
alpha-visualize.me-ar.io
alr-res.com-en.io
alt-tyu.ar-me.cc
alumni-columbia-edu-val.idate.me
android.clients.google.svr-drive.com
android.clients.share.svr-drive.com
antrxyke.en-info.live
apg-cps.en-me.cc
api.ar-id.co
api.com-ae.org
api.com-info.io
api.en-info.live
api.en-uk.cc
api.entity-me.online
api.me-relay.org
api.relay-ar.co
api.ydtyuehugufgeygushguysgudyhg.en-account.info
apis.google.svr-drive.com
apis.share.svr-drive.com
app-care.cc
app-info.app
app-info.me
app-signal.org-status.nl
app.ar-id.co
app.com-ae.org
app.com-info.io
app.en-info.live
app.entity-me.online
app.id-ar.org
app.ilability.net
app.mailbdf-bh.net
app.me-relay.org
app.relay-ar.co
apple-id.com.en-id.me
apple.com-ar.info
apple.com-auth.cc
apple.com-info.io
apple.com-service.info
apple.com.en-id.me
apple.en-id.me
apple.id-us.cc
appleid-apple-com.en-id.cc
appleid-apple.ar-me.cc
appleid-apple.com-ar.info
appleid-apple.com-ar.io
appleid-apple.com-auth.cc
appleid-apple.com-en.cc
appleid-apple.com-en.io
appleid-apple.com-me.io
appleid-apple.id-ar.cc
appleid-apple.id-en.io
appleid-apple.id-me.io
appleid-apple.me-ar.cc
appleid-apple.me-ar.io
appleid-apple.me-info.io
appleid-number.com-ar.io
appleid-number.com-auth.cc
appleid-number.me-ar.io
appleid-verify.ac-us.cc
appleid.apple.com.en-id.me
appleid.com-ar.info
appleid.en-uk.cc
appleids-manage.ar-id.cc
appleids-trusted-number.ar-id.cc
appleids-truted-number.org-ar.net
appleids.org-ar.net
ar-id.cc
ar-id.co
ar-info.co
ar-me.cc
ar-me.co
ar-me.io
asdf.relay-ar.co
asdfkljlkdsdd.entity-me.online
asset.ar-id.co
assets.com-info.io
assets.en-info.live
auth-manage.id-en.me
auth-ms-manage.le-ar.me
auth-rec-mng.fullrestores.re
auth-rev-wi.ar-me.cc
auth-rev.ar-info.co
auth-rev.ar-me.cc
auth-rev.en-id.cc
auth-rev.ht-id.me
auth-rev.id-en.me
auth-subb.en-id.cc
auth.connect.ar-info.co
auth.id-en.me
auth.mailbdf-bh.net
auth.rec.ar-info.co
autoconfig.com-service.info
autoconfig.host.zm-me.co
autoconfig.id-ar.me
autoconfig.lcloud.com-service.info
b.c.review-ar.co
b.review-ar.co
b0d782ca-68ae-4ea6-adea-db30255b4786.ar-id.co
b4622d8c-9d06-4fb2-b02e-af37631d5365.com-info.io
b5f0a8b5-d161-4d11-afde-f82b48bb5766.me-relay.org
backend.ar-id.co
backend.com-ae.org
backup.entity-me.online
bb.id-us.ca
bdisk.entity-me.online
beta.ar-id.co
beta.superset.me-ar.io
bf4398aa-a6c5-4a80-bfda-68132f32059d.logs.re
bh.storemydata.re
bi-ci.en-account.info
big.com-en-uk.info
blksuy8uwhbuioysd.serviceinfo.cc
blnk-num-mng.me-mng.cc
blog.com-ae.org
blog.com-info.io
bltki.en-id.cc
bmail.entity-me.online
bot.en-ir.org
broadcase.id-en.me
bvkfztg.me-relay.org
c.review-ar.co
c0ac71c4-276f-46a4-a7fe-f062c40b47e6.mn-id.cc
c7a4603c-4442-4001-967e-70797b1143e1.en-info.live
call-facetime.org-ar.net
call-ft-connect.com-us.io
call-ft-connect.en-id.net
call-ft-enc-authen.tication.net
call-ft-join-id.entity-me.online
call-ft-visual.id-ar.net
call-join-facetime.ar-id.cc
call-ms-team.storemydata.re
call-signal.id-ar.ca
call-video.com-en-uk.info
call.id-ar.net
call.signal-account.org
cc-ar.co
cdshfis57945tjfkgdfgdf.fullrestores.re
ch-th-re.en-id.cc
chec-res.me-id.cc
check-alt.com-auth.cc
check-data-av.ilability.net
checkdata.com-ae.org
checkdata.en-id.net
ci-flowise.me-ar.io
cicd.me-ar.io
cjtjkj45nkejndfk3j4lkfelfwefwef.tication.net
ck02-fb1ef20944-89b8cbf0.ar-id.co
cli38798d7983.connect-signal.org
client.com-ae.org
clients.com-ae.org
clients.google.svr-drive.com
clients.share.svr-drive.com
clients1.google.svr-drive.com
clients1.share.svr-drive.com
clients2.google.svr-drive.com
clients2.share.svr-drive.com
clients3.google.svr-drive.com
clients3.share.svr-drive.com
clients4.google.svr-drive.com
clients4.share.svr-drive.com
clients5.google.svr-drive.com
clients5.share.svr-drive.com
clients6.google.svr-drive.com
clients6.share.svr-drive.com
cloud-manage.ids-io.me
cloude-manage.ids-io.me
cntflksdlkfghdf.tication.net
co-en.app
coj599r8re8c98r9c99c9.logs.re
com-ae.org
com-ar-me.info
com-ar.info
com-ar.io
com-ar.me
com-ar.nl
com-ar.re
com-auth.cc
com-cc.io
com-en-uk.co
com-en-uk.info
com-en-us.info
com-en-us.me
com-en.cc
com-en.io
com-info.io
com-ln.info
com-me.io
com-remove.info
com-sa.co
com-service.info
com-us.io
com.en-id.me
comusted-device-apple.com-info.io
con-ft-cll.me-info.cc
con.call.id-ar.net
concejwkfih9ghksjdfsdf.datastatistics.nl
condfkdsf34ihfsdf.mfadata.cc
condjfh954thfdg.web-signal.org
confirm-id.en-uk.cc
confirm-num.id-ar.cc
confirm-num.id-me.io
confirm-number.ar-me.cc
confirm-nums.id-me.io
confirm-your-identity.ar-id.co
confirm-your-identity.en-id.net
conjhgfkjrg3jk4rgk3jfskjd.idate.me
connact-ft-cll.datamargin.org
conne.hm-en.cc
connect-signal.en-id.cc
connect-signal.en-me.cc
connect-signal.hm-en.cc
connect-signal.id-ar.ca
connect-signal.id-en.net
connect-signal.me
connect-signal.org
connect-signal.zm-me.co
connect.ar-info.co
connect.ar-me.cc
connect.ar-me.io
connect.id-ar.cc
connect.id-me.io
connect.info.en-id.cc
connecting.ar-me.cc
connecting.ar-me.io
connecting.en-id.cc
connecting.id-ar.cc
connecting.id-me.io
cont3ui4dsjk43ggfh.ms-storedata.de
control-my-data.mation.re
control394sdsdf.datarestores.nl
controlslsdf9h9s93t54.final-restore.re
contu3r98fhdsjnksdfsdf.datamargin.org
coonect-fc-cll-rec.datamargin.org
courier-assignment.en-id.net
cpjkdafdrw.com-info.io
cpsl-p.ac-im.cc
credentials-checking.ids-io.me
crm.com-ae.org
d-df-dfd-sddgfssdf.ar-me.co
d9.datastatistics.nl
d96ff356-4b58-440d-bc5c-4105f95e37da.ilability.net
dash.com-ae.org
dash.me-relay.org
dashboard.ar-id.co
dashboard.com-ae.org
data-authn.tication.net
data-val.idate.me
datamargin.org
datarestores.nl
datastatistics.nl
dayxfgtb.logs.re
delivery-dhl.info-ar.cc
delivery-verification-authen.tication.net
demo.ar-id.co
demo.com-ae.org
demo.com-info.io
demo.en-info.live
demo.relay-ar.co
dev.com-ae.org
dev.com-info.io
dev.en-info.live
dev.entity-me.online
dev.me-relay.org
dev.regularsports.org
dev.relay-ar.co
development-flowiseai.me-ar.io
device-update.imtok.io
dfdsgsdgsfg.hm-en.cc
dfsdfsdgretgf65sdg.mn-id.cc
dgsgsd.signal-account.org
dhl-delivery-address.id-ar.net
dhl-delivery-verification.idate.me
dhl-identity-verification-authen.tication.net
dhl.org-ar.net
djhudft-wd.ar-me.cc
docs-icloudrive-file.en-me.cc
docs.ar-id.co
docs.com-ae.org
document-cloud.logs.re
dos.mn-id.cc
download.newupdate.app
download.totpro.app
download.web-signal.org
dpa.mn-id.cc
dps.mn-id.cc
drive-cloud-app.le-ar.me
drive-i-cloud-infor.mation.re
drive-i-cloud.com-ar.me
drive-icloud-val.idate.me
drive-kenza-cv-pdf.en-id.cc
drive-mofa-gov-bh.com-ar.nl
dsbjbjhb5teufyh85ybf74fbufb7tuvfbf.com-ae.org
dssdgsdfsdf.ms-mng.ac
dwwbdgjdyvt.privacy-ar.com
ebdisk.en-account.info
ebdisk.login-live.en-account.info
ebdisk.test-id.en-account.info
eblogin-live.en-account.info
ebmail.en-account.info
ebmail.login-live-online.en-account.info
ebmail.login-live.en-account.info
ebrands.com-ln.info
ecomservices.cc
egbfdg545rgdfg.en-info.live
emv1.me-ar.io
en-account.info
en-ar.co
en-ar.net
en-id.cc
en-id.me
en-id.net
en-info.co
en-info.live
en-ir.org
en-me.cc
en-uk.cc
encryption-key-plugin-signal.org-ar.me
encryption-sgnl-infor.mation.re
encryption-sgnl.ar-id.cc
encryption-sgnl.en-ir.org
encryption-sgnl.org-ar.net
encryption-signal.com-ae.org
encrytpion-sgnl.ar-id.cc
enfiaqkw.relay-ar.co
entity-me.online
eulteverify-apple.id-me.cc
eultewww.verify-apple.id-me.cc
event-nottingham.en-uk.cc
example.id-ar.ca
exmo.com-en.cc
f127d70b-1bcf-4915-9868-768000ef915d.com-ae.org
f368b859-dc30-448c-9587-44879cf4a730.com-info.io
f745f976-7714-445e-abf6-66fc1ab0a7bb.com-ae.org
fac.ac-im.cc
facetime-apple.com-service.info
facetime-apple.en-id.cc
facetime-join.me-ar.cc
facetime-num.com-cc.io
facetime-num.me-ar.cc
facetime-nums.com-cc.io
facetime-nums.me-ar.cc
facetime-web.id-en.io
facetime-web.me-en.io
facetime-webs.id-en.io
facetime-webs.me-en.io
facetime.com-en.io
facpl.ac-im.cc
ff050e03-e7c3-44f0-9366-b7b739da0d9e.com-info.io
file-check.final-restore.re
final-restore.re
fjrbelnjkgl4ntglnfk4rnlkednfoikrnfiornogb.entity-me.online
flow-alpha.en-account.info
flow.uat.en-account.info
flowise.uat.me-ar.io
flowiseai.en-account.info
ft-blk.ar-me.cc
ft-blk.me-info.io
ft-call-control.mation.re
ft-cll-2mzkaldlwpfgg.fullrestores.re
ft-cll-2wefhf34iojofj0ef98h98sd.datarestores.nl
ft-cll-idmss-rec-mng.final-restore.re
ft-cll-join.ar-id.cc
ft-cll-rec.ids-io.me
ft-cll.lang-ar.me
ft-cll.logs.re
ft-cll.me-en.cc
ft-cll.me-mng.cc
ft-fac-id.en-me.cc
ft-faw-id.en-me.cc
ft-fce-id.en-me.cc
ft-fwa-id.en-me.cc
ft-join.id-ar.me
ft-join.id-en.co
ft-joins.id-ar.me
ft-mng.mn-id.cc
ft-num-apl.com-info.io
ft-rec-id.en-me.cc
ft-rec.mn-id.cc
ft-rev-id.en-me.cc
ft-rev.acc-mn.info
ft-rev.id-ar.cc
ft-rev.id-ar.me
ft-rev.id-en.co
ft-rev.ids-ar.co
ft-rev.mn-id.cc
ft-revs.id-en.co
ft-revw.id-ar.cc
ft-revw.ids-ar.co
ft-srt-id.en-me.cc
ft-testt.id.en-me.cc
ft-wd.ar-me.cc
ft-wid.me-info.io
ftp.co-en.app
ftp.com-auth.cc
ftp.com-en.cc
ftp.en-me.cc
ftp.id-ar.co
ftp.id-ar.me
ftp.ids-ar.co
ftp.me-en.cc
ftp.privacy-ar.com
ftpd.com-sa.co
ftpdr1.com-sa.co
fullrestores.re
fzbidxatfao.privacy-ar.com
gahpkwww.join-meet.mn-id.cc
gaza-report.en-id.cc
get-alr.en-uk.cc
get-dh1.com-ln.info
get-fi1.review-ar.co
get-fil.review-ar.co
get-hot.com-ln.info
get-mywords.info-ar.cc
get-too.en-uk.cc
ggdkowww.testh.en-info.live
gmflqsssssssssverify-apple.com-info.io
google.svr-drive.com
googleapis-fonts.google.svr-drive.com
googleapis-fonts.share.svr-drive.com
gov-bh-mng-rec.le-ar.me
grafana.logs.re
gstatic-fonts.google.svr-drive.com
gstatic-fonts.share.svr-drive.com
gsyastf.ar-me.co
gtedywww.api.me-relay.org
haven.logs.re
hello.ac-us.cc
henry.scott85.mail.ru
hgjsdfsdf.com-us.io
hi.ac-us.cc
hm-en.cc
holykssm.trusted-device-apple.com-info.io
host.review-ar.co
host.zm-me.co
hostmaster.idate.me
hostmaster.logs.re
hot-acc-mail.hm-en.cc
hotel-menu.ms-mng.ac
ht-id.me
htkdfsdf.en-info.live
humatropeava.ilability.net
hydtr.org-ar.net
i-mange.me-id.cc
icaresupport-ap.en-me.cc
icloud-apple.com-info.io
icloud.com-ar.info
icloud.com-ar.me
icloud.com-service.info
icloud.com.en-id.me
icloud.en-id.me
icloud.en-me.cc
icloud.relay-ar.co
icloudrive.acc-mn.info
icloudrive.id-ar.net
id-ac.us
id-apple.com-en.io
id-appleid.com-auth.cc
id-appleid.review-ar.co
id-apples-mange.org-ar.net
id-ar.ca
id-ar.cc
id-ar.co
id-ar.me
id-ar.net
id-ar.org
id-en.co
id-en.io
id-en.me
id-en.net
id-login.review-ar.co
id-mana-ge.me-en.cc
id-manage.com-ar.re
id-manage.mn-id.cc
id-me.cc
id-me.io
id-mng-en.mfadata.cc
id-mnge.mn-id.cc
id-rec-check.ar-me.co
id-test.co-en.app
id-us.ca
id-us.cc
id-validate.me-en.cc
id.co-en.app
id.en-me.cc
id.mng.mn-id.cc
idate.me
identity-val.idate.me
identity-vel.idate.me
identity.org-ar.net
idms-ft-cll-mng.datarestores.nl
idms-manage-on.linedata.sbs
idms-mng-rec.datarestores.nl
idms-mng-rec.datastatistics.nl
idms-mng-rec.fullrestores.re
idms-rec-infor.mation.re
idms-rec.datarestores.nl
idms-sgnl-mn.datarestores.nl
ids-ac.en-uk.cc
ids-appleid.com-auth.cc
ids-ar.co
ids-io.me
ids-login.review-ar.co
iforgot-applehelp.com-ar.info
iga.gov-bh-mng-rec.le-ar.me
ilability.net
imanage-rev.acc-mn.info
imanage.com-ar.me
imanage.com-ar.nl
imanage.en-ir.org
imanage.logs.re
imange.com-ar.nl
img8732g97.connect-signal.org
imtok.io
info-ar.cc
info-team.en-id.cc
info.en-id.cc
infor.mation.re
ipnzrwww.join-call-facetime.com-ae.org
irthhm.scomusted-device-apple.com-info.io
isupport.com-ar.nl
ivqkiwebmail.mn-id.cc
ixcmym.sapple.com-info.io
j34idf.ar-id.cc
jcha.com-us.io
jd930iojfhis67349x.co-en.app
jfhwedkas.ecomservices.cc
jhgjhgjg.id-en.me
jkhjkrkwejrhjsfhkjshrtre.entity-me.online
join-call-facetime.com-ae.org
join-call-facetime.relay-ar.co
join-call-facetion-infor.mation.re
join-call-ms-team.com-ar.nl
join-call-team-meeting.com-ar.me
join-call-team-meeting.le-ar.me
join-call-zoom-meeting.le-ar.me
join-call-zoommeeting.com-ar.me
join-call.bot.en-ir.org
join-cll-bot-im.fullrestores.re
join-face-time-service.ar-me.co
join-face.ar-me.cc
join-facetime-call-authen.tication.net
join-facetime-call-infor.mation.re
join-facetime-call.le-ar.me
join-facetime.acc-mn.info
join-facetime.ar-id.cc
join-facetime.ar-me.cc
join-facetime.com-ar.re
join-facetime.com-cc.io
join-facetime.com-en-us.info
join-facetime.com-en.io
join-facetime.com-info.io
join-facetime.com-me.io
join-facetime.com-us.io
join-facetime.en-id.cc
join-facetime.en-id.net
join-facetime.en-ir.org
join-facetime.en-me.cc
join-facetime.id-ar.cc
join-facetime.id-ar.co
join-facetime.id-ar.me
join-facetime.id-ar.net
join-facetime.id-en.co
join-facetime.id-en.io
join-facetime.id-me.cc
join-facetime.ids-ar.co
join-facetime.ids-io.me
join-facetime.infor.mation.re
join-facetime.logs.re
join-facetime.me-ar.cc
join-facetime.me-en.cc
join-facetime.me-en.io
join-facetime.me-info.io
join-facetime.me-relay.org
join-facetime.mn-id.cc
join-facetime.org-ar.net
join-facetimes.me-ar.cc
join-factime.id-ar.cc
join-factime.id-me.io
join-faetime.com-us.io
join-ft.com-en.io
join-fts.com-en.io
join-meet.mn-id.cc
join-meeting-zm.mn-id.cc
join-meeting.zm-me.co
join-my-calls.en-id.cc
join-securecall-tg.app-info.me
join-signal.id-en.net
join-team-invitation-web-call.ms-storedata.de
join-teams.en-id.cc
join-teams.en-info.live
join-telegram.com-en.io
join-telegram.me-ar.cc
join-test.en-me.cc
join-the-call.en-id.cc
join-the-calls.en-id.cc
join-us.ar-me.cc
join-wa.ids-ar.co
join-wa.me-en.io
join-wd-facetime.ar-me.cc
join-zoom-meeting.com-ar.re
join-zoom-meeting.privacy-ar.com
join-zoom.ar-me.io
join-zoom.com-en-us.info
join.ar-me.cc
join.facetime.com-en.io
join.meeting.zm-me.co
jyitmsapple.com-info.io
kajkjsa.j34idf.ar-id.cc
kb.com-ae.org
kgpcaelw.relay-ar.co
kkkwazhbwmwww.ft-cll.logs.re
kswqfmry.ar-id.co
lalnrctonpao.idate.me
landings.en-info.live
lang-ar.me
lcloud.com-ar.info
lcloud.com-service.info
le-ar.me
lhyjkqcm.com-ae.org
linedata.sbs
link-device-signal.org-ar.me
link-signal-org.en-info.co
link-signal-org.en-info.live
link-signal.id-ar.ca
link-signal.id-ar.org
link-signal.id-en.net
link.app-care.cc
link.signal-account.org
llk4nrkl3rnlke3dl4jr30ij030ej0984jiedj04.ilability.net
lnkprtl.id-ar.org
loading-cll-join-ft.re-ac.cc
loading-mng-blnk.re-ac.cc
log.rev.en-id.cc
login-account.com-service.info
login-apple.com-auth.cc
login-apple.com-en-uk.info
login-apple.com-en.cc
login-apple.me-ar.io
login-apple.privacy-ar.com
login-apple.review-ar.co
login-appleid.com-auth.cc
login-cloud.com-ln.info
login-cloud.com-service.info
login-live-online.en-account.info
login-live.com-en-us.info
login-live.en-account.info
login-live.review-ar.co
login-mofa-office.id-ar.ca
login-office-auth.id-ar.ca
login-office-validate-identity.id-ar.ca
login-office.id-ar.ca
login-office.me-ar.io
login-security.en-info.live
login-yahoo.privacy-ar.com
login.accountservice.cc
logmnzth.com-info.io
logs.re
m-s-info.hm-en.cc
m.comusted-device-apple.com-info.io
m.en-id.me
m.en-info.live
m.number-appleid.com-auth.cc
m.sapple.com-info.io
m.scomusted-device-apple.com-info.io
m.sscomusted-device-apple.com-info.io
m.sssssssssverify-apple.com-info.io
m.sssssssverify-apple.com-info.io
m.ssssssverify-apple.com-info.io
m.sssssverify-apple.com-info.io
m.ssssverify-apple.com-info.io
m.ssverify-apple.com-info.io
m.sverify-apple.com-info.io
m.trusted-device-apple.com-info.io
m.verify-apple.com-info.io
mail-auth.en-ar.co
mail-bdf-bh.ids-io.me
mail-bdf-bh.owa365.cc
mail-bdf-bh.owa365.org
mail.ac-im.cc
mail.acc-mn.info
mail.accountservice.cc
mail.app-care.cc
mail.app-info.app
mail.app-info.me
mail.ar-id.cc
mail.ar-id.co
mail.ar-info.co
mail.ar-me.cc
mail.ar-me.co
mail.ar-me.io
mail.cc-ar.co
mail.co-en.app
mail.com-ae.org
mail.com-ar.info
mail.com-ar.io
mail.com-ar.me
mail.com-ar.nl
mail.com-auth.cc
mail.com-cc.io
mail.com-en-us.me
mail.com-en.cc
mail.com-en.io
mail.com-info.io
mail.com-me.io
mail.com-service.info
mail.com-us.io
mail.connect-signal.me
mail.connect-signal.org
mail.datamargin.org
mail.datarestores.nl
mail.datastatistics.nl
mail.ecomservices.cc
mail.en-account.info
mail.en-ar.co
mail.en-ar.net
mail.en-id.cc
mail.en-id.me
mail.en-id.net
mail.en-info.co
mail.en-info.live
mail.en-ir.org
mail.en-me.cc
mail.en-uk.cc
mail.entity-me.online
mail.final-restore.re
mail.fullrestores.re
mail.hm-en.cc
mail.host.zm-me.co
mail.ht-id.me
mail.id-ar.ca
mail.id-ar.cc
mail.id-ar.co
mail.id-ar.me
mail.id-ar.net
mail.id-ar.org
mail.id-en.co
mail.id-en.io
mail.id-en.net
mail.id-me.cc
mail.id-us.ca
mail.id-us.cc
mail.idate.me
mail.ids-ar.co
mail.ids-io.me
mail.ilability.net
mail.le-ar.me
mail.linedata.sbs
mail.logs.re
mail.mailbdf-bh.net
mail.mation-ae.re
mail.mation.re
mail.me-ar.cc
mail.me-ar.io
mail.me-en.cc
mail.me-en.io
mail.me-info.cc
mail.me-info.io
mail.me-mng.cc
mail.me-relay.org
mail.message-apple.com
mail.mfadata.cc
mail.mn-id.cc
mail.ms-mng.ac
mail.ms-storedata.de
mail.ms-storedata.me
mail.newsonline.ac
mail.org-ar.me
mail.org-ar.net
mail.org-status.nl
mail.owa365.cc
mail.owa365.org
mail.privacy-ar.com
mail.re-ac.cc
mail.regularsports.org
mail.relay-ar.co
mail.signal-account.org
mail.signal-chat.cc
mail.signal-help.org
mail.srv1.srv648.co-en.app
mail.storemydata.re
mail.tication.net
mail.web-signal.org
mail.zm-me.co
mailbdf-bh.net
main-auth.ms-storedata.de
maisqsssssm.sverify-apple.com-info.io
mamsdjlahdiu39r73y93y934r79r.me-en.cc
manage-delivery.en-id.cc
manage-facetimeidms.datastatistics.nl
manage-id.en-me.cc
manage-id.en-uk.cc
manage-id.me-en.cc
manage-iservices.en-ir.org
manage-mofa-govbh.le-ar.me
manage-ms.com-ar.me
manage-ms.le-ar.me
manage.ac-im.cc
manage.ids-io.me
manage.me-en.cc
mange-icl0ud.me-relay.org
marketing.en-info.live
mation-ae.re
mation.re
mc-4kdkf3lflj34lfjlj3l4r34r.tication.net
me-ar.cc
me-ar.io
me-en.cc
me-en.io
me-id.cc
me-info.cc
me-info.io
me-mng.cc
me-relay.org
meeting.zm-me.co
members.com-ae.org
members.me-relay.org
message-apple.com
mfadata.cc
mg-tg.me-relay.org
mjkg3hurho34irh3o4iruh3oir34.lang-ar.me
mn-id.cc
mn-id.me-en.cc
mn-rcv-en.id-ar.net
mn-rv-en-infor.mation.re
mng-en.com-ar.nl
mng-id-val.me-en.cc
mng-info-doc-mf.com-ar.nl
mng-info.me-en.cc
mng-infor.mation-ae.re
mng-ma-il.owa365.cc
mng-ml-bdf-bh.ids-io.me
mng-num-blk.ar-id.cc
mng-re-conection.re-ac.cc
mng-rec-idmsgnls.final-restore.re
mng-rec-mofa-bh.final-restore.re
mng-rec-mofa-govbh.mfadata.cc
mng-rec.final-restore.re
mng-rec.fullrestores.re
mng.mn-id.cc
mngcontrol.ar-me.co
mode-rec.org-status.nl
mode-rec.web-signal.org
mofa-gov-bh.ms-storedata.de
mofa-gov-bh.storemydata.re
mpl.jcha.com-us.io
ms-call-manage.mfadata.cc
ms-mng.ac
ms-rec-mng.final-restore.re
ms-rec-ncc-gov-bh.storemydata.re
ms-rec-pmo-gov.bh.storemydata.re
ms-rec.storemydata.re
ms-storedata.de
ms-storedata.me
ms.connect.info.en-id.cc
ms.connecting.en-id.cc
msnsge.ids-io.me
msoft.ht-id.me
mta-sts.mail.idate.me
my-call-join.en-id.cc
myaccount.google.svr-drive.com
myaccount.share.svr-drive.com
myftasdffg.regularsports.org
mzkkajh4rh3if9f3j4.re-ac.cc
natim.com-ln.info
nb.com-ar.nl
new-upl.signal-chat.cc
new.com-ae.org
new.com-ar.io
new.com-auth.cc
new.com-ln.info
new.en-info.live
new.entity-me.online
new.id-ar.co
new.me-ar.io
new.me-en.cc
new.me-relay.org
new.privacy-ar.com
new1.me-ar.io
new2.me-ar.io
news-jpost-com.id-en.net
news-reuters-com.id-en.net
newsonline.ac
newupdate.app
neww.com-auth.cc
neww.com-ln.info
neww.me-ar.io
nhcpowtzdscpanel.logs.re
nhvkncpcalendars.mailbdf-bh.net
ns1.com-en.cc
ns1.me-ar.io
ns1.privacy-ar.com
ns2.com-en-us.info
ns2.com-en.cc
ns2.me-ar.io
ns2.privacy-ar.com
num-apple.info-ar.cc
num-auth-blk.me-info.cc
num-auth-wtid.me-info.cc
num-blk.me-info.io
num-blk.org-ar.net
num-rev.id-ar.cc
num-rev.id-ar.co
num-rev.id-ar.me
num-rev.id-en.co
num-rev.ids-ar.co
num-revs.id-ar.co
num-revs.id-en.co
num-revw.id-ar.cc
num-revw.ids-ar.co
num-signal-org.en-info.co
num-signal.id-ar.ca
num-wid.me-info.io
num-wrevs.id-ar.co
numb.id-ar.ca
number-appleid.co-en.app
number-appleid.com-auth.cc
number-appleid.en-uk.cc
number-appleid.me-en.cc
number-appleid.review-ar.co
number-co.ar-me.cc
number-cof.ar-me.cc
number-id.co-en.app
number-ids.co-en.app
number-login.en-uk.cc
number-review.en-uk.cc
number-signal.id-en.net
number-signin.en-uk.cc
number.com-en.io
number.com-me.io
number.id-en.io
number.me-ar.cc
numbers-appleid.com-auth.cc
numbers-appleid.en-uk.cc
numbers.com-en.io
nums-apple.info-ar.cc
nums-rev.id-ar.co
nums-rev.id-ar.me
nums-rev.id-en.co
ogs.google.svr-drive.com
ogs.share.svr-drive.com
old.com-ae.org
omwtrgap.ar-id.co
one-likeme.en-uk.cc
oportun.com-ln.info
optimizationguide-pa.google.svr-drive.com
optimizationguide-pa.share.svr-drive.com
org-ar.me
org-ar.net
org-status.nl
owa365.cc
owa365.org
page.app-care.cc
parcel-information.en-id.net
pasword-up-date-bdf-bh.storemydata.re
pdf-cloud.com-me.io
pdf-icloud.id-ar.co
pdf-sdsg8347gyeduy49yfhf6437gfyrf436.id-ar.ca
pending-office.id-ar.ca
permanent-infor.mation-ae.re
play.google.svr-drive.com
play.share.svr-drive.com
portal.ar-id.co
portal.com-ae.org
preview-visualizations.me-ar.io
privacy-ar.com
protect-bdf-bh.owa365.org
protect.accountservice.cc
qa-insight.me-ar.io
qa.en-info.live
qnpchepkxqbsfcjcpanel.ar-id.co
qq.mfadata.cc
qurcxlny.en-info.live
random.en-account.info
re-ac.cc
re-acc.cc
rec-auth.id-en.me
rec-cal-tg.app-info.me
rec-check-mng.final-restore.re
rec-check.final-restore.re
rec-id-check.ar-me.co
rec-mng-bdf-bh.storemydata.re
rec-mng-bdf-gov-bh.final-restore.re
rec-mng-idmsic.datamargin.org
rec-mng-idmss.final-restore.re
rec-mng-infor.mation-ae.re
rec-mng-mofagovbh.ms-storedata.de
rec-mng.mailbdf-bh.net
rec-mng.ms-storedata.de
rec-mng.ms-storedata.me
rec-ms-mof-gov-eg.storemydata.re
rec-val-info.lang-ar.me
rec.ar-info.co
regularsports.org
relay-ar.co
remira.com-ln.info
report-prod.me-ar.io
reportproblem.apple.com-ar.info
reportsuscripcion.apple.com-ar.info
res-all.en-me.cc
resmhcx57.ar-me.cc
ress.id-ar.cc
resufg-reg.mn-id.cc
reutowprueptowue.tication.net
rev-auth-num.en-info.live
rev-id.en-id.cc
rev-num-apl.com-info.io
rev-number.me-id.cc
rev.en-id.cc
review-app-id.mn-id.cc
review-apple.ar-me.cc
review-apple.id-ar.cc
review-apple.id-ar.co
review-apple.id-ar.me
review-apple.id-en.co
review-apple.id-us.ca
review-apple.ids-ar.co
review-apple.info-ar.cc
review-appleid.com-ar.io
review-appleid.com-auth.cc
review-appleid.en-uk.cc
review-appleid.me-ar.io
review-appleid.me-en.cc
review-ar.co
review-id.en-uk.cc
review-ids.en-uk.cc
review.accountservice.cc
rin-ss.id-ar.ca
rin-zm.mn-id.cc
rstl.en-id.cc
rv-mn-en-infor.mation.re
rv-mn-en.logs.re
rxuoiwebmail.ar-id.co
s-portel.zm-me.co
s.com-info.io
sandbox.cicd.me-ar.io
sapple.com-info.io
sasaf.mation.re
scomusted-device-apple.com-info.io
sdfgfdg.regularsports.org
sdfgsdf.me-mng.cc
sdgsdgsgfdgsdfhdfhdfh.ht-id.me
secure-signal.com-en.io
secure-val.idate.me
secure.en-info.live
security.icloud.relay-ar.co
securitydomain-pa.google.svr-drive.com
securitydomain-pa.share.svr-drive.com
server.id-en.me
serviceinfo.cc
sg-mng-rec.datamargin.org
sgnl-2fa-authenticate.id-ar.net
sgnl-2fa-authentication.idate.me
sgnl-2fa-manage.en-id.net
sgnl-app.info
sgnl-encryption-plugin.me-id.cc
sgnl-link-device.acc-mn.info
sgnl-link-device.id-ar.net
sgnl-org.logs.re
sgnl-web.org-status.nl
sgnl.org-ar.net
sgnl.org-status.nl
share.svr-drive.com
shghgwhasd.id-ar.ca
short.en-id.cc
shrt-ap.ar-me.cc
shrtrn.ar-me.cc
shrtstulytdvs.en-info.live
shryg87uhisd.serviceinfo.cc
signal-account.org
signal-chat.cc
signal-connect.zm-me.co
signal-encryption.en-ar.net
signal-help.org
signal-link-call.id-ar.ca
signal.org-ar.me
signal.org-status.nl
signaler-pa.google.svr-drive.com
signaler-pa.share.svr-drive.com
signin-account.co-en.app
signin-account.review-ar.co
signin-ap.privacy-ar.com
signin-apple.com-en-uk.info
signin-apple.me-ar.io
signin-apple.review-ar.co
signin-appleid.com-auth.cc
signin-guardian.ar-me.cc
signin-id.co-en.app
signin-live.com-ln.info
signin-live.privacy-ar.com
signin-office.id-ar.ca
signin-yahoo.com-ln.info
sitemap.com-info.io
sitemap.en-id.me
sitemap.mn-id.cc
sitemaps.com-info.io
sitemaps.en-id.me
sitemaps.mn-id.cc
sjoin-facetime.com-info.io
sky-security.id-ar.ca
sm.comusted-device-apple.com-info.io
sm.sscomusted-device-apple.com-info.io
sm.sssssssssverify-apple.com-info.io
sm.ssssverify-apple.com-info.io
sm.ssverify-apple.com-info.io
sm.sverify-apple.com-info.io
sm.trusted-device-apple.com-info.io
sm.verify-apple.com-info.io
srv1.srv648.co-en.app
srv648.co-en.app
ssapple.com-info.io
sscomusted-device-apple.com-info.io
ssl.google.svr-drive.com
ssl.share.svr-drive.com
sslhjsssssverify-apple.com-info.io
ssm.comusted-device-apple.com-info.io
ssm.sscomusted-device-apple.com-info.io
ssm.ssssverify-apple.com-info.io
ssm.ssverify-apple.com-info.io
ssm.sverify-apple.com-info.io
ssm.trusted-device-apple.com-info.io
ssm.verify-apple.com-info.io
sssm.ssssverify-apple.com-info.io
sssm.ssverify-apple.com-info.io
sssm.sverify-apple.com-info.io
sssm.trusted-device-apple.com-info.io
sssm.verify-apple.com-info.io
ssssm.ssverify-apple.com-info.io
ssssm.sverify-apple.com-info.io
ssssm.verify-apple.com-info.io
sssssm.ssverify-apple.com-info.io
sssssm.sverify-apple.com-info.io
sssssm.verify-apple.com-info.io
ssssssm.ssverify-apple.com-info.io
ssssssm.sverify-apple.com-info.io
ssssssm.verify-apple.com-info.io
ssssssssm.verify-apple.com-info.io
sssssssssverify-apple.com-info.io
ssssssssverify-apple.com-info.io
sssssssverify-apple.com-info.io
ssssssverify-apple.com-info.io
sssssverify-apple.com-info.io
ssssverify-apple.com-info.io
sssverify-apple.com-info.io
ssverify-apple.com-info.io
st-prtl.hm-en.cc
stage.com-ae.org
staging.ar-id.co
staging.com-ae.org
staging.com-info.io
staging.en-info.live
staging.entity-me.online
staging.mailbdf-bh.net
static.newupdate.app
static.totpro.app
stg.com-ae.org
stg.en-info.live
storage-mofa-gov-bh.storemydata.re
store.newupdate.app
store.totpro.app
storemydata.re
sttrn.en-id.cc
superset-production.me-ar.io
superset.me-ar.io
superset.uat.me-ar.io
support.com-ar.me
sverify-apple.com-info.io
svr-drive.com
t-mobile.com-ae.org
t1.review-ar.co
takm.com-ln.info
tehisdjsd.ar-info.co
telegram.com-en.io
tess.me-ar.io
test-acc.com-ln.info
test-id.en-account.info
test-sale.linedata.sbs
test.acc-mn.info
test.app-care.cc
test.ar-id.co
test.auth.id-en.me
test.com-ae.org
test.com-en-uk.info
test.com-en-us.me
test.com-info.io
test.en-info.live
test.en-uk.cc
test.final-restore.re
test.id-ar.ca
test.id-ar.org
test.id-en.net
test.me-relay.org
test.regularsports.org
test.review-ar.co
test.signal-help.org
test.web.app-care.cc
test.zm-me.co
test2.en-uk.cc
test4.en-uk.cc
testh.en-info.live
testid.com-service.info
testid.en-account.info
testid.new.id-ar.co
testing.accountservice.cc
testing.ar-id.co
testing.com-ae.org
testing.me-mng.cc
testingdhfhghd.accountservice.cc
testt.id-ar.ca
testweb.app-care.cc
testy.com-ae.org
tg-secure-call.app-info.me
tg.me-relay.org
tgyoewww.rev-auth-num.en-info.live
theguardian.ar-me.cc
tication.net
tkmbijoin-meet.mn-id.cc
totok-pro.app-info.app
totok-pro.app-info.me
totokpro.app-info.me
totpro.app
tracking-dhl.en-id.net
trusted-device-apple.acc-mn.info
trusted-device-apple.com-info.io
trusted-device-apple.en-id.net
trusted.app-info.app
twitch9929312.com-ln.info
tyskw-appleid.com-auth.cc
uat.en-account.info
uat.en-info.live
uat.entity-me.online
uat.me-ar.io
ufuzzssssm.verify-apple.com-info.io
uk02web-zoom.ar-me.io
uk05web-zoom.com-cc.io
uk05web-zoom.me-ar.cc
untvhjoin-call-facetime.relay-ar.co
untvhwww.join-call-facetime.relay-ar.co
update-num.id-ar.co
update-nums.id-ar.co
update-release-version-for-android.com-ar.me
us-04web-zoom.id-ar.net
us05web-join-zoom-meeting.id-ar.ca
user-verify-authen.tication.net
v1.en-info.live
v2.en-info.live
validate-authn.tication.net
validate.accountservice.cc
vbnm-altr.id-ar.me
ver-information.id-us.ca
verify-app.le-ar.me
verify-apple-account-val.idate.me
verify-apple.com-info.io
verify-apple.id-me.cc
verify-bdf.le-ar.me
verify-icloud.en-id.net
verify-id.acc-mn.info
verify-identity-apple.me-relay.org
verify-identity.me-relay.org
verify-infor.mation.re
verify-isupport.id-ar.net
verify-login.en-info.live
verify-mail-authn.tication.net
verify-mofa-gov-bh.le-ar.me
verify-rev.ms-mng.ac
vhpniqnpchepkxqbsfcjcpanel.ar-id.co
vpn.mailbdf-bh.net
vrsompac.en-info.live
w.entity-me.online
wdki.en-id.cc
web-ft.com-me.io
web-info.app-care.cc
web-sgnl.org-status.nl
web-signal.org
web-signal.org-status.nl
web-wa.me-ar.cc
web-whatsapp.com-en-uk.info
web.app-care.cc
web.en-info.live
webs-ft.com-me.io
webtest.app-care.cc
webtest.com-ae.org
webvpn.mailbdf-bh.net
wegrow.ecomservices.cc
widethh.id-en.me
widjhdoijhoisudof.serviceinfo.cc
wildcard.en-account.info
wishduv.id-en.me
wow-way.com-en-us.info
wtzdscpanel.logs.re
com-en-us.me
com-en-us.me
web-signal.org
xk.linedata.sbs
xnwhrsssssm.ssverify-apple.com-info.io
xsadasd.en-ar.co
xyz-abv.connect-signal.org
xyz-alt.id-ar.ca
xyz-alt.id-en.co
ydtyuehugufgeygushguysgudyhg.en-account.info
yhjdshisdg.en-info.live
yhtesting.accountservice.cc
yqgsfstaging.ale-soun.com-en-us.info
zhsexssssssm.ssverify-apple.com-info.io
zjzmfsssm.ssssverify-apple.com-info.io
zm-me.co
zm-web.id-ar.ca
zo-ref.mn-id.cc
zocp.zm-me.co
zoom-meet.ar-me.cc
zoom-meet.com-cc.io
zoom-meet.me-ar.cc
zoom-uk.ar-me.cc
zoom.com-info.io
zoomandfghu3grufe.id-ar.net
zpciomail.com-ae.org

# Reference: https://x.com/LukasStefanko/status/1973697698248413572
# Reference: https://www.welivesecurity.com/en/eset-research/new-spyware-campaigns-target-privacy-conscious-android-users-uae/

ai-messenger.co
app-totok.io
appupdate.ai
latestversion.ai
noblico.net
sgnlapp.info
signal.ct.ws
spiralkey.co
totok-pro.io
totokapp.info
totokupdate.ai
encryption-plug-in-signal.com-ae.net
download.appupdate.ai
mail.app-totok.io
static.appupdate.ai
store.appupdate.ai
store.latestversion.ai
update.totokapp.info

# Reference: https://x.com/volrant136/status/1973812417546367175
# Reference: https://x.com/volrant136/status/1973812523528032641
# Reference: https://x.com/volrant136/status/1973813021836464272
# Reference: https://www.virustotal.com/gui/file/9a864f104e7fabb41e65847f78f9fb2fbac0bc1196ea61cafce19334ce28cb44/detection
# Reference: https://www.virustotal.com/gui/file/2a7a3c72afcbc0d7804696e6dc96f69e775df235544d264e130976d1f95964a9/detection

relaxmode.org
signal-encryption-service.ct.ws
totok-pro.app
totok-shop.com
/signsdhfg6aug/signsdhfg6aug/
/signsdhfg6aug/
