diff --git a/pkg/ruleengine/v1/factory.go b/pkg/ruleengine/v1/factory.go
index ceaa1357..fcc993ab 100644
--- a/pkg/ruleengine/v1/factory.go
+++ b/pkg/ruleengine/v1/factory.go
@@ -35,6 +35,7 @@ func NewRuleCreator() *RuleCreatorImpl {
 			R1010SymlinkCreatedOverSensitiveFileRuleDescriptor,
 			R1011LdPreloadHookRuleDescriptor,
 			R1012HardlinkCreatedOverSensitiveFileRuleDescriptor,
+			R1013CryptoMiningFilesAccessRuleDescriptor,
 			R1015MaliciousPtraceUsageRuleDescriptor,
 		},
 	}
diff --git a/pkg/ruleengine/v1/r0001_unexpected_process_launched.go b/pkg/ruleengine/v1/r0001_unexpected_process_launched.go
index 44afacde..021fb2bc 100644
--- a/pkg/ruleengine/v1/r0001_unexpected_process_launched.go
+++ b/pkg/ruleengine/v1/r0001_unexpected_process_launched.go
@@ -76,6 +76,7 @@ func (rule *R0001UnexpectedProcessLaunched) generatePatchCommand(event *tracerex
 }
 
 func (rule *R0001UnexpectedProcessLaunched) ProcessEvent(eventType utils.EventType, event utils.K8sEvent, objectCache objectcache.ObjectCache) ruleengine.RuleFailure {
+
 	if eventType != utils.ExecveEventType {
 		return nil
 	}
diff --git a/pkg/ruleengine/v1/r1008_crypto_mining_domain.go b/pkg/ruleengine/v1/r1008_crypto_mining_domain.go
deleted file mode 100644
index 96cd3941..00000000
--- a/pkg/ruleengine/v1/r1008_crypto_mining_domain.go
+++ /dev/null
@@ -1,224 +0,0 @@
-package ruleengine
-
-import (
-	"fmt"
-	"slices"
-
-	"github.com/goradd/maps"
-	"github.com/kubescape/node-agent/pkg/objectcache"
-	"github.com/kubescape/node-agent/pkg/ruleengine"
-	"github.com/kubescape/node-agent/pkg/utils"
-
-	apitypes "github.com/armosec/armoapi-go/armotypes"
-	tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types"
-)
-
-const (
-	R1008ID   = "R1008"
-	R1008Name = "Crypto Mining Domain Communication"
-)
-
-var commonlyUsedCryptoMinersDomains = []string{
-	"2cryptocalc.com.",
-	"2miners.com.",
-	"antpool.com.",
-	"asia1.ethpool.org.",
-	"bohemianpool.com.",
-	"botbox.dev.",
-	"btm.antpool.com.",
-	"c3pool.com.",
-	"c4pool.org.",
-	"ca.minexmr.com.",
-	"cn.stratum.slushpool.com.",
-	"dash.antpool.com.",
-	"data.miningpoolstats.stream.",
-	"de.minexmr.com.",
-	"eth-ar.dwarfpool.com.",
-	"eth-asia.dwarfpool.com.",
-	"eth-asia1.nanopool.org.",
-	"eth-au.dwarfpool.com.",
-	"eth-au1.nanopool.org.",
-	"eth-br.dwarfpool.com.",
-	"eth-cn.dwarfpool.com.",
-	"eth-cn2.dwarfpool.com.",
-	"eth-eu.dwarfpool.com.",
-	"eth-eu1.nanopool.org.",
-	"eth-eu2.nanopool.org.",
-	"eth-hk.dwarfpool.com.",
-	"eth-jp1.nanopool.org.",
-	"eth-ru.dwarfpool.com.",
-	"eth-ru2.dwarfpool.com.",
-	"eth-sg.dwarfpool.com.",
-	"eth-us-east1.nanopool.org.",
-	"eth-us-west1.nanopool.org.",
-	"eth-us.dwarfpool.com.",
-	"eth-us2.dwarfpool.com.",
-	"eth.antpool.com.",
-	"eu.stratum.slushpool.com.",
-	"eu1.ethermine.org.",
-	"eu1.ethpool.org.",
-	"fastpool.xyz.",
-	"fr.minexmr.com.",
-	"kriptokyng.com.",
-	"mine.moneropool.com.",
-	"mine.xmrpool.net.",
-	"miningmadness.com.",
-	"monero.cedric-crispin.com.",
-	"monero.crypto-pool.fr.",
-	"monero.fairhash.org.",
-	"monero.hashvault.pro.",
-	"monero.herominers.com.",
-	"monerod.org.",
-	"monerohash.com.",
-	"moneroocean.stream.",
-	"monerop.com.",
-	"multi-pools.com.",
-	"p2pool.io.",
-	"pool.kryptex.com.",
-	"pool.minexmr.com.",
-	"pool.monero.hashvault.pro.",
-	"pool.rplant.xyz.",
-	"pool.supportxmr.com.",
-	"pool.xmr.pt.",
-	"prohashing.com.",
-	"rx.unmineable.com.",
-	"sg.minexmr.com.",
-	"sg.stratum.slushpool.com.",
-	"skypool.org.",
-	"solo-xmr.2miners.com.",
-	"ss.antpool.com.",
-	"stratum-btm.antpool.com.",
-	"stratum-dash.antpool.com.",
-	"stratum-eth.antpool.com.",
-	"stratum-ltc.antpool.com.",
-	"stratum-xmc.antpool.com.",
-	"stratum-zec.antpool.com.",
-	"stratum.antpool.com.",
-	"supportxmr.com.",
-	"trustpool.cc.",
-	"us-east.stratum.slushpool.com.",
-	"us1.ethermine.org.",
-	"us1.ethpool.org.",
-	"us2.ethermine.org.",
-	"us2.ethpool.org.",
-	"web.xmrpool.eu.",
-	"www.domajorpool.com.",
-	"www.dxpool.com.",
-	"www.mining-dutch.nl.",
-	"xmc.antpool.com.",
-	"xmr-asia1.nanopool.org.",
-	"xmr-au1.nanopool.org.",
-	"xmr-eu1.nanopool.org.",
-	"xmr-eu2.nanopool.org.",
-	"xmr-jp1.nanopool.org.",
-	"xmr-us-east1.nanopool.org.",
-	"xmr-us-west1.nanopool.org.",
-	"xmr.2miners.com.",
-	"xmr.crypto-pool.fr.",
-	"xmr.gntl.uk.",
-	"xmr.nanopool.org.",
-	"xmr.pool-pay.com.",
-	"xmr.pool.minergate.com.",
-	"xmr.solopool.org.",
-	"xmr.volt-mine.com.",
-	"xmr.zeropool.io.",
-	"zec.antpool.com.",
-	"zergpool.com.",
-	"auto.c3pool.org.",
-	"us.monero.herominers.com.",
-}
-
-var R1008CryptoMiningDomainCommunicationRuleDescriptor = ruleengine.RuleDescriptor{
-	ID:          R1008ID,
-	Name:        R1008Name,
-	Description: "Detecting Crypto miners communication by domain",
-	Tags:        []string{"network", "crypto", "miners", "malicious", "dns"},
-	Priority:    RulePriorityCritical,
-	Requirements: &RuleRequirements{
-		EventTypes: []utils.EventType{
-			utils.DnsEventType,
-		},
-	},
-	RuleCreationFunc: func() ruleengine.RuleEvaluator {
-		return CreateRuleR1008CryptoMiningDomainCommunication()
-	},
-}
-
-var _ ruleengine.RuleEvaluator = (*R1008CryptoMiningDomainCommunication)(nil)
-
-type R1008CryptoMiningDomainCommunication struct {
-	BaseRule
-	alertedDomains maps.SafeMap[string, bool]
-}
-
-func CreateRuleR1008CryptoMiningDomainCommunication() *R1008CryptoMiningDomainCommunication {
-	return &R1008CryptoMiningDomainCommunication{}
-}
-
-func (rule *R1008CryptoMiningDomainCommunication) Name() string {
-	return R1008Name
-}
-
-func (rule *R1008CryptoMiningDomainCommunication) ID() string {
-	return R1008ID
-}
-
-func (rule *R1008CryptoMiningDomainCommunication) DeleteRule() {
-}
-
-func (rule *R1008CryptoMiningDomainCommunication) ProcessEvent(eventType utils.EventType, event utils.K8sEvent, _ objectcache.ObjectCache) ruleengine.RuleFailure {
-	if eventType != utils.DnsEventType {
-		return nil
-	}
-
-	if dnsEvent, ok := event.(*tracerdnstype.Event); ok {
-		if rule.alertedDomains.Has(dnsEvent.DNSName) {
-			return nil
-		}
-
-		if slices.Contains(commonlyUsedCryptoMinersDomains, dnsEvent.DNSName) {
-			ruleFailure := GenericRuleFailure{
-				BaseRuntimeAlert: apitypes.BaseRuntimeAlert{
-					AlertName:      rule.Name(),
-					InfectedPID:    dnsEvent.Pid,
-					FixSuggestions: "If this is a legitimate action, please consider removing this workload from the binding of this rule.",
-					Severity:       R1008CryptoMiningDomainCommunicationRuleDescriptor.Priority,
-				},
-				RuntimeProcessDetails: apitypes.ProcessTree{
-					ProcessTree: apitypes.Process{
-						Comm:  dnsEvent.Comm,
-						Gid:   &dnsEvent.Gid,
-						PID:   dnsEvent.Pid,
-						Uid:   &dnsEvent.Uid,
-						Pcomm: dnsEvent.Pcomm,
-						Path:  dnsEvent.Exepath,
-						Cwd:   dnsEvent.Cwd,
-						PPID:  dnsEvent.Ppid,
-					},
-					ContainerID: dnsEvent.Runtime.ContainerID,
-				},
-				TriggerEvent: dnsEvent.Event,
-				RuleAlert: apitypes.RuleAlert{
-					RuleDescription: fmt.Sprintf("Communication with a known crypto mining domain: %s in: %s", dnsEvent.DNSName, dnsEvent.GetContainer()),
-				},
-				RuntimeAlertK8sDetails: apitypes.RuntimeAlertK8sDetails{
-					PodName:   dnsEvent.GetPod(),
-					PodLabels: dnsEvent.K8s.PodLabels,
-				},
-				RuleID: rule.ID(),
-			}
-
-			rule.alertedDomains.Set(dnsEvent.DNSName, true)
-
-			return &ruleFailure
-		}
-	}
-
-	return nil
-}
-
-func (rule *R1008CryptoMiningDomainCommunication) Requirements() ruleengine.RuleSpec {
-	return &RuleRequirements{
-		EventTypes: R1008CryptoMiningDomainCommunicationRuleDescriptor.Requirements.RequiredEventTypes(),
-	}
-}
diff --git a/pkg/ruleengine/v1/r1008_crypto_mining_domains.go b/pkg/ruleengine/v1/r1008_crypto_mining_domains.go
new file mode 100644
index 00000000..0f2bc2da
--- /dev/null
+++ b/pkg/ruleengine/v1/r1008_crypto_mining_domains.go
@@ -0,0 +1,1566 @@
+package ruleengine
+
+import (
+	"fmt"
+	"log"
+	"slices"
+
+	"github.com/goradd/maps"
+	"github.com/kubescape/node-agent/pkg/objectcache"
+	"github.com/kubescape/node-agent/pkg/ruleengine"
+	"github.com/kubescape/node-agent/pkg/utils"
+
+	apitypes "github.com/armosec/armoapi-go/armotypes"
+	tracerdnstype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/dns/types"
+)
+
+const (
+	R1008ID   = "R1008"
+	R1008Name = "Crypto Mining Domain Communication"
+)
+
+var commonlyUsedCryptoMinersDomains = []string{
+	"2cryptocalc.com.",
+	"2miners.com.",
+	"antpool.com.",
+	"asia1.ethpool.org.",
+	"bohemianpool.com.",
+	"botbox.dev.",
+	"btm.antpool.com.",
+	"c3pool.com.",
+	"c4pool.org.",
+	"ca.minexmr.com.",
+	"cn.stratum.slushpool.com.",
+	"dash.antpool.com.",
+	"data.miningpoolstats.stream.",
+	"de.minexmr.com.",
+	"eth-ar.dwarfpool.com.",
+	"eth-asia.dwarfpool.com.",
+	"eth-asia1.nanopool.org.",
+	"eth-au.dwarfpool.com.",
+	"eth-au1.nanopool.org.",
+	"eth-br.dwarfpool.com.",
+	"eth-cn.dwarfpool.com.",
+	"eth-cn2.dwarfpool.com.",
+	"eth-eu.dwarfpool.com.",
+	"eth-eu1.nanopool.org.",
+	"eth-eu2.nanopool.org.",
+	"eth-hk.dwarfpool.com.",
+	"eth-jp1.nanopool.org.",
+	"eth-ru.dwarfpool.com.",
+	"eth-ru2.dwarfpool.com.",
+	"eth-sg.dwarfpool.com.",
+	"eth-us-east1.nanopool.org.",
+	"eth-us-west1.nanopool.org.",
+	"eth-us.dwarfpool.com.",
+	"eth-us2.dwarfpool.com.",
+	"eth.antpool.com.",
+	"eu.stratum.slushpool.com.",
+	"eu1.ethermine.org.",
+	"eu1.ethpool.org.",
+	"fastpool.xyz.",
+	"fr.minexmr.com.",
+	"kriptokyng.com.",
+	"mine.moneropool.com.",
+	"mine.xmrpool.net.",
+	"miningmadness.com.",
+	"monero.cedric-crispin.com.",
+	"monero.crypto-pool.fr.",
+	"monero.fairhash.org.",
+	"monero.hashvault.pro.",
+	"monero.herominers.com.",
+	"monerod.org.",
+	"monerohash.com.",
+	"moneroocean.stream.",
+	"monerop.com.",
+	"multi-pools.com.",
+	"p2pool.io.",
+	"pool.kryptex.com.",
+	"pool.minexmr.com.",
+	"pool.monero.hashvault.pro.",
+	"pool.rplant.xyz.",
+	"pool.supportxmr.com.",
+	"pool.xmr.pt.",
+	"prohashing.com.",
+	"rx.unmineable.com.",
+	"sg.minexmr.com.",
+	"sg.stratum.slushpool.com.",
+	"skypool.org.",
+	"solo-xmr.2miners.com.",
+	"ss.antpool.com.",
+	"stratum-btm.antpool.com.",
+	"stratum-dash.antpool.com.",
+	"stratum-eth.antpool.com.",
+	"stratum-ltc.antpool.com.",
+	"stratum-xmc.antpool.com.",
+	"stratum-zec.antpool.com.",
+	"stratum.antpool.com.",
+	"supportxmr.com.",
+	"trustpool.cc.",
+	"us-east.stratum.slushpool.com.",
+	"us1.ethermine.org.",
+	"us1.ethpool.org.",
+	"us2.ethermine.org.",
+	"us2.ethpool.org.",
+	"web.xmrpool.eu.",
+	"www.domajorpool.com.",
+	"www.dxpool.com.",
+	"www.mining-dutch.nl.",
+	"xmc.antpool.com.",
+	"xmr-asia1.nanopool.org.",
+	"xmr-au1.nanopool.org.",
+	"xmr-eu1.nanopool.org.",
+	"xmr-eu2.nanopool.org.",
+	"xmr-jp1.nanopool.org.",
+	"xmr-us-east1.nanopool.org.",
+	"xmr-us-west1.nanopool.org.",
+	"xmr.2miners.com.",
+	"xmr.crypto-pool.fr.",
+	"xmr.gntl.uk.",
+	"xmr.nanopool.org.",
+	"xmr.pool-pay.com.",
+	"xmr.pool.minergate.com.",
+	"xmr.solopool.org.",
+	"xmr.volt-mine.com.",
+	"xmr.zeropool.io.",
+	"zec.antpool.com.",
+	"zergpool.com.",
+
+	//new
+	"argon2d4096.mine.zergpool.com.",
+	"argon2d4096.na.mine.zpool.ca.",
+	"argon2d500.eu.mine.zpool.ca.",
+	"argon2d500.na.mine.zpool.ca.",
+	"arms01.p2poolmining.us.",
+	"arq.pool.gntl.co.uk.",
+	"arrow.dapool.io.",
+	"arrr-eu.luxor.tech.",
+	"arrr-us.luxor.tech.",
+	"arrr.luxor.tech.",
+	"arw.snowmining.com.",
+	"as1-zil.shardpool.io.",
+	"asia-ae.2miners.com.",
+	"asia-beam.2miners.com.",
+	"asia-btg.2miners.com.",
+	"asia-ckb.2miners.com.",
+	"asia-etc.2miners.com.",
+	"asia-grin.2miners.com.",
+	"asia-solo-ae.2miners.com.",
+	"asia-solo-btg.2miners.com.",
+	"asia-solo-etc.2miners.com.",
+	"asia-zec.2miners.com.",
+	"asia.aionpool.tech.",
+	"asia.bsod.pw.",
+	"asia.dbixmine.pro.",
+	"asia.equihash.mining-dutch.nl.",
+	"asia.equihub.pro.",
+	"asia.ethash-hub.miningpoolhub.com.",
+	"asia.expmine.pro.",
+	"asia.frostypool.com.",
+	"asia.groestl.mining-dutch.nl.",
+	"asia.kawpow-hub.miningpoolhub.com.",
+	"asia.keccak.mining-dutch.nl.",
+	"asia.lyra2rev2.mining-dutch.nl.",
+	"asia.mecrypto.club.",
+	"asia.myrgro.mining-dutch.nl.",
+	"asia.neoscrypt.mining-dutch.nl.",
+	"asia.qubit.mining-dutch.nl.",
+	"asia.randomx-hub.miningpoolhub.com.",
+	"asia.ravenminer.com.",
+	"asia.scrypt.mining-dutch.nl.",
+	"asia.sha256.mining-dutch.nl.",
+	"asia.siamining.com.",
+	"asia.skein.mining-dutch.nl.",
+	"asia.tribus.mining-dutch.nl.",
+	"asia.x11.mining-dutch.nl.",
+	"asia.x11gost.mining-dutch.nl.",
+	"asia.yescrypt.mining-dutch.nl.",
+	"asia.yescryptr16.mining-dutch.nl.",
+	"asia.yescryptr32.mining-dutch.nl.",
+	"asia.yespower.mining-dutch.nl.",
+	"asia.yespowerr16.mining-dutch.nl.",
+	"asia1-beam.flypool.org.",
+	"aspac-etc.hiveon.net.",
+	"aspac1-etc.hiveon.net.",
+	"aspac1-eth.hiveon.net.",
+	"astralhash.eu.mine.zpool.ca.",
+	"astralhash.na.mine.zpool.ca.",
+	"atheios.wattpool.net.",
+	"atomis.coinmine.pl.",
+	"au-01.miningrigrentals.com.",
+	"axe.antpool.com.",
+	"b4c.f2pool.com.",
+	"baikalmine.com.",
+	"bbr.luckypool.io.",
+	"bbscoin.my-mining-pool.de.",
+	"bcd.eu.mine.zpool.ca.",
+	"bcd.jp.mine.zpool.ca.",
+	"bcd.mine.blazepool.com.",
+	"bcd.na.mine.zpool.ca.",
+	"bcd.sea.mine.zpool.ca.",
+	"bch.ukrpool.com.",
+	"bch.viabtc.com.",
+	"bch.viabtc.top.",
+	"bci.suprnova.cc.",
+	"bcn.pool.minergate.com.",
+	"bcx.vvpool.com.",
+	"beam-asia.leafpool.com.",
+	"beam-eu.leafpool.com.",
+	"beam-us.leafpool.com.",
+	"beam.acepool.top.",
+	"beam.antpool.com.",
+	"beam.leafpool.com.",
+	"beam.sparkpool.com.",
+	"beam.sunpool.top.",
+	"beam.suprnova.cc.",
+	"beamv3.br.nicehash.com.",
+	"beamv3.eu.nicehash.com.",
+	"beamv3.hk.nicehash.com.",
+	"beamv3.in.nicehash.com.",
+	"beamv3.jp.nicehash.com.",
+	"beamv3.usa.nicehash.com.",
+	"bestminer.eu.",
+	"bibop.net.",
+	"binarium-v1.eu.mine.zpool.ca.",
+	"binarium-v1.jp.mine.zpool.ca.",
+	"binarium-v1.na.mine.zpool.ca.",
+	"bitcoin.viabtc.com.",
+	"bitcoin.viabtc.top.",
+	"bitcore.asia.mine.zergpool.com.",
+	"bitcore.eu.mine.zpool.ca.",
+	"bitcore.jp.mine.zpool.ca.",
+	"bitcore.mine.zergpool.com.",
+	"bitcore.na.mine.zpool.ca.",
+	"blake2b.asia.mine.zergpool.com.",
+	"blake2b.eu.mine.zpool.ca.",
+	"blake2b.mine.zergpool.com.",
+	"blake2b.na.mine.zpool.ca.",
+	"blake2s.asia.mine.zergpool.com.",
+	"blake2s.br.nicehash.com.",
+	"blake2s.eu.mine.zpool.ca.",
+	"blake2s.eu.nicehash.com.",
+	"blake2s.hk.nicehash.com.",
+	"blake2s.in.nicehash.com.",
+	"blake2s.jp.mine.zpool.ca.",
+	"blake2s.jp.nicehash.com.",
+	"blake2s.mine.blazepool.com.",
+	"blake2s.mine.zergpool.com.",
+	"blake2s.na.mine.zpool.ca.",
+	"blake2s.pool.atomminer.com.",
+	"blake2s.sea.mine.zpool.ca.",
+	"blake2s.usa.nicehash.com.",
+	"blakecoin.eu.mine.zpool.ca.",
+	"blockify.xyz.",
+	"blockmasters.co.",
+	"bmw512.asia.mine.zergpool.com.",
+	"bmw512.eu.mine.zergpool.com.",
+	"bmw512.eu.mine.zpool.ca.",
+	"bmw512.mine.zergpool.com.",
+	"bmw512.na.mine.zpool.ca.",
+	"bs.poolbinance.com.",
+	"bsod.pw.",
+	"bsv.ukrpool.com.",
+	"btc-eu.f2pool.com.",
+	"btc-eu.luxor.tech.",
+	"btc-mow.f2pool.com.",
+	"btc-us.f2pool.com.",
+	"btc-us.luxor.tech.",
+	"btc.blockwarepool.com.",
+	"btc.f2pool.com.",
+	"btc.luxor.tech.",
+	"btc.ss.poolin.com.",
+	"btc.trustpool.ru.",
+	"btc.ukrpool.com.",
+	"btc.viabtc.com.",
+	"btc.viabtc.top.",
+	"btch.cryptonote.club.",
+	"btcp.2miners.com.",
+	"btcp.suprnova.cc.",
+	"btcv.gomine.pro.",
+	"btcz.2miners.com.",
+	"btcz.altpool.pro.",
+	"btcz.suprnova.cc.",
+	"btg.2miners.com.",
+	"btg.hashcity.org.",
+	"btg.pool.gold.",
+	"btg.suprnova.cc.",
+	"bth.altpool.pro.",
+	"bze.pcmining.xyz.",
+	"c11.asia.mine.zergpool.com.",
+	"c11.eu.mine.zpool.ca.",
+	"c11.jp.mine.zpool.ca.",
+	"c11.mine.zergpool.com.",
+	"c11.na.mine.zpool.ca.",
+	"ca-qrl.miningocean.org.",
+	"ca-tor01.miningrigrentals.com.",
+	"ca-upx.miningocean.org.",
+	"ca.haven.miner.rocks.",
+	"ca.monero.herominers.com.",
+	"ca.rvn.minermore.com.",
+	"ca.stratu.ms.",
+	"ca.stratum.slushpool.com.",
+	"cash-eu.coinmine.pl.",
+	"cash.coinmine.pl.",
+	"cfx-eu.ss.poolflare.net.",
+	"cfx-eu.ss.poolflare.net.",
+	"cfx-us.ss.poolflare.net.",
+	"cfx.ss.poolflare.net.",
+	"cfx.ss.poolflare.net.",
+	"chicago01.hashvault.pro.",
+	"chukwa.cryptonote.club.",
+	"ckb.antpool.com.",
+	"ckb.f2pool.com.",
+	"ckb.sparkpool.com.",
+	"ckb.stratum.hashpool.com.",
+	"clo.2miners.com.",
+	"clopool.pro.",
+	"cluster.aionpool.tech.",
+	"cmm-eu.coinblockers.com.",
+	"cmra.miningpool.fun.",
+	"coinotron.com.",
+	"coins4u.cc.",
+	"comining.io.",
+	"conceal.miner.rocks.",
+	"coolpool.top.",
+	"cpacoin.my-mining-pool.de.",
+	"cpu-pool.com.",
+	"cpupower.asia.mine.zergpool.com.",
+	"cpupower.eu.mine.zergpool.com.",
+	"cpupower.eu.mine.zpool.ca.",
+	"cpupower.mine.zergpool.com.",
+	"crypit.net.",
+	"cryptodredge-ax16r-oeu.bsod.pw.",
+	"cryptonightr.br.nicehash.com.",
+	"cryptonightr.eu.nicehash.com.",
+	"cryptonightr.hk.nicehash.com.",
+	"cryptonightr.in.nicehash.com.",
+	"cryptonightr.jp.nicehash.com.",
+	"cryptonightr.usa.nicehash.com.",
+	"cryptonote.club.",
+	"cryptonote.social.",
+	"ctxc.2miners.com.",
+	"cuckoo.cortexmint.com.",
+	"cuckoocycle.br.nicehash.com.",
+	"cuckoocycle.eu.nicehash.com.",
+	"cuckoocycle.hk.nicehash.com.",
+	"cuckoocycle.in.nicehash.com.",
+	"cuckoocycle.jp.nicehash.com.",
+	"cuckoocycle.usa.nicehash.com.",
+	"daggerhashimoto.br.nicehash.com.",
+	"daggerhashimoto.eu.nicehash.com.",
+	"daggerhashimoto.hk.nicehash.com.",
+	"daggerhashimoto.in.nicehash.com.",
+	"daggerhashimoto.jp.nicehash.com.",
+	"daggerhashimoto.usa.nicehash.com.",
+	"dash-asia.luxor.tech.",
+	"dash-eu.luxor.tech.",
+	"dash.coinmine.pl.",
+	"dash.f2pool.com.",
+	"dash.ss.poolin.com.",
+	"dash.suprnova.cc.",
+	"dbix-us.maxhash.org.",
+	"dbix.hashcity.org.",
+	"dcr-eu.coinmine.pl.",
+	"dcr-eu.luxor.tech.",
+	"dcr-us.coinmine.pl.",
+	"dcr-us.luxor.tech.",
+	"dcr.coinmine.pl.",
+	"de.ckpool.org.",
+	"de.equihash.pro.",
+	"de.stratu.ms.",
+	"de01.supportxmr.com.",
+	"de02.supportxmr.com.",
+	"decred.eu.mine.zpool.ca.",
+	"decred.jp.mine.zpool.ca.",
+	"decred.na.mine.zpool.ca.",
+	"dedal.eu.mine.zpool.ca.",
+	"dero.antpool.com.",
+	"dero.miner.rocks.",
+	"dero.ss.dxpool.com.",
+	"dgbo.suprnova.cc.",
+	"dgbq.suprnova.cc.",
+	"dgbs.suprnova.cc.",
+	"digihash.co.",
+	"dlinodes.com.",
+	"donate.v2.xmrig.com.",
+	"duckiepool.com.",
+	"dvt.gomine.pro.",
+	"dxpool.com.",
+	"dyn.suprnova.cc.",
+	"eaglesong.eu.nicehash.com.",
+	"eaglesong.hk.nicehash.com.",
+	"eaglesong.usa.nicehash.com.",
+	"east.us.rvn.minermore.com.",
+	"eccak.na.mine.zpool.ca.",
+	"egem-esoteria.icanmining.ru.",
+	"egem.digipools.org.",
+	"ella.2miners.com.",
+	"ella.digipools.org.",
+	"em.huobipool.com.",
+	"emc2.suprnova.cc.",
+	"equihash.asia.mine.zergpool.com.",
+	"equihash.br.nicehash.com.",
+	"equihash.eu.mine.zergpool.com.",
+	"equihash.eu.mine.zpool.ca.",
+	"equihash.eu.nicehash.com.",
+	"equihash.f2pool.com.",
+	"equihash.hk.nicehash.com.",
+	"equihash.in.nicehash.com.",
+	"equihash.jp.mine.zpool.ca.",
+	"equihash.jp.nicehash.com.",
+	"equihash.luxor.tech.",
+	"equihash.mine.zergpool.com.",
+	"equihash.mining-dutch.nl.",
+	"equihash.na.mine.zergpool.com.",
+	"equihash.na.mine.zpool.ca.",
+	"equihash.sea.mine.zpool.ca.",
+	"equihash.usa.nicehash.com.",
+	"equihash125.asia.mine.zergpool.com.",
+	"equihash125.eu.mine.zergpool.com.",
+	"equihash125.mine.zergpool.com.",
+	"equihash125.na.mine.zergpool.com.",
+	"equihash125.na.mine.zpool.ca.",
+	"equihash144.asia.mine.zergpool.com.",
+	"equihash144.eu.mine.zergpool.com.",
+	"equihash144.eu.mine.zpool.ca.",
+	"equihash144.jp.mine.zpool.ca.",
+	"equihash144.mine.zergpool.com.",
+	"equihash144.na.mine.zergpool.com.",
+	"equihash144.na.mine.zpool.ca.",
+	"equihash144.sea.mine.zpool.ca.",
+	"equihash192.asia.mine.zergpool.com.",
+	"equihash192.eu.mine.zergpool.com.",
+	"equihash192.eu.mine.zpool.ca.",
+	"equihash192.jp.mine.zpool.ca.",
+	"equihash192.mine.zergpool.com.",
+	"equihash192.na.mine.zergpool.com.",
+	"equihash192.na.mine.zpool.ca.",
+	"equihash192.sea.mine.zpool.ca.",
+	"equihash96.eu.mine.zpool.ca.",
+	"equihash96.na.mine.zpool.ca.",
+	"es.huobipool.com.",
+	"etc-eu.maxhash.org.",
+	"etc-solo.baikalmine.com.",
+	"etc-solo.wattpool.net.",
+	"etc-us.maxhash.org.",
+	"etc.altpool.pro.",
+	"etc.coolpool.top.",
+	"etc.digipools.org.",
+	"etc.ethashpool.com.",
+	"etc.ethermine.org.",
+	"etc.f2pool.com.",
+	"etc.hashcity.org.",
+	"etc.pool.minergate.com.",
+	"etc.pool.zet-tech.eu.",
+	"etc.solomine.org.",
+	"etcc.mole-pool.net.",
+	"etcturk.com.",
+	"eth-esoteria.icanmining.ru.",
+	"eth-eu.f2pool.com.",
+	"eth-eu.maxhash.org.",
+	"eth-eu.sparkpool.com.",
+	"eth-na.f2pool.com.",
+	"eth-solo.wattpool.net.",
+	"eth-us.f2pool.com.",
+	"eth-us.maxhash.org.",
+	"eth.2miners.com.",
+	"eth.altpool.pro.",
+	"eth.coinmine.pl.",
+	"eth.digipools.org.",
+	"eth.ethashpool.com.",
+	"eth.f2pool.com.",
+	"eth.hashcity.org.",
+	"eth.hiveon.net.",
+	"eth.miningfrance.io.",
+	"eth.pool.minergate.com.",
+	"eth.pool.zet-tech.eu.",
+	"eth.ss.poolin.com.",
+	"eth.ukrpool.com.",
+	"eth.viabtc.top.",
+	"ethash-eu.unmineable.com.",
+	"ethash-us.unmineable.com.",
+	"ethash.asia.mine.zergpool.com.",
+	"ethash.eu.mine.zergpool.com.",
+	"ethash.mine.zergpool.com.",
+	"ethash.na.mine.zergpool.com.",
+	"ethash.tron-mining.com.",
+	"ethash.unmineable.com.",
+	"ether1-solo.wattpool.net.",
+	"ethereum.trustpool.ru.",
+	"ethermine.org.",
+	"ethv2-eu.f2pool.com.",
+	"etnx.pool-pay.com.",
+	"etp.2miners.com.",
+	"etp.sandpool.org.",
+	"etx.coolpool.top.",
+	"eu-01.miningrigrentals.com.",
+	"eu-bch.ss.btc.com.",
+	"eu-de01.miningrigrentals.com.",
+	"eu-de02.miningrigrentals.com.",
+	"eu-etc.hiveon.net.",
+	"eu-eth.hiveon.net.",
+	"eu-mine.smartcash.cc.",
+	"eu-pool.wienchain.com.",
+	"eu-ru01.miningrigrentals.com.",
+	"eu-solo-zel.zellabs.net.",
+	"eu-west-stratum.grinmint.com.",
+	"eu-xsg.equihub.pro.",
+	"eu-zcl.equihub.pro.",
+	"eu-zel.equihub.pro.",
+	"eu-zel.zellabs.net.",
+	"eu-zer.equihub.pro.",
+	"eu-zero.equihub.pro.",
+	"eu-zil.rustpool.xyz.",
+	"eu.aionpool.tech.",
+	"eu.altpool.eu.",
+	"eu.bsod.pw.",
+	"eu.btcprivate.pro.",
+	"eu.btgpool.pro.",
+	"eu.crazypool.org.",
+	"eu.emcd.io.",
+	"eu.equihub.pro.",
+	"eu.expmine.pro.",
+	"eu.frostypool.com.",
+	"eu.luckpool.net.",
+	"eu.mecrypto.club.",
+	"eu.nimpool.io.",
+	"eu.pool.ms.",
+	"eu.poolmine.xyz.",
+	"eu.ravenminer.com.",
+	"eu.rito.minermore.com.",
+	"eu.rvn.minermore.com.",
+	"eu.rvnsolo.k1pool.com.",
+	"eu.sandbox.pool.ms.",
+	"eu.siamining.com.",
+	"eu.ss.btc.com.",
+	"eu.ss.dpool.top.",
+	"eu.stratum.slushpool.com.",
+	"eu.ubiqpool.io.",
+	"eu1-3g.whalesburg.com.",
+	"eu1-beam.flypool.org.",
+	"eu1-zil.shardpool.io.",
+	"eu1.bsod.pw.",
+	"eu1.equihub.pro.",
+	"eu1.fairpool.pro.",
+	"eu1.ltc.sigmapool.com.",
+	"eu1.mastermining.net.",
+	"eu1.whalesburg.com.",
+	"eu1.zhash.pro.",
+	"eu2-zil.rustpool.xyz.",
+	"eu2.emcd.io.",
+	"eu2.whalesburg.com.",
+	"eupool.sinovate.io.",
+	"eurocdy.pool.awmlite.com.",
+	"eurohash.eu.",
+	"europe.dgb256.online.",
+	"europe.ethash-hub.miningpoolhub.com.",
+	"europe.kawpow-hub.miningpoolhub.com.",
+	"europe.randomx-hub.miningpoolhub.com.",
+	"exp.2miners.com.",
+	"ezil.me.",
+	"f2pool.com.",
+	"fastepic.eu.",
+	"fastpool.xyz.",
+	"fed.cryptonote.club.",
+	"fr.moneroocean.stream.",
+	"frankfurt01.hashvault.pro.",
+	"freshgarlicblocks.net.",
+	"fullnode.quarkchain.io.",
+	"gap.suprnova.cc.",
+	"gate.emcd.io.",
+	"geo.pool.akroma.eu.",
+	"geo.pool.whalecoin.eu.",
+	"gomine.pro.",
+	"gpuhash.org.",
+	"gpuhot.com.",
+	"graft.ingest.cryptoknight.cc.",
+	"graft.westcoastxmr.ca.",
+	"grimm.sunpool.top.",
+	"grin-pool.org.",
+	"grin.2miners.com.",
+	"grin.antpool.com.",
+	"grin.pool.minergate.com.",
+	"grin.sparkpool.com.",
+	"grincuckatoo32.eu.nicehash.com.",
+	"grincuckatoo32.hk.nicehash.com.",
+	"grincuckatoo32.usa.nicehash.com.",
+	"groestl.asia.mine.zergpool.com.",
+	"groestl.eu.mine.zpool.ca.",
+	"groestl.jp.mine.zpool.ca.",
+	"groestl.mine.zergpool.com.",
+	"groestl.mining-dutch.nl.",
+	"groestl.na.mine.zpool.ca.",
+	"grs.suprnova.cc.",
+	"gs.poolbinance.com.",
+	"gulf.moneroocean.stream.",
+	"handshake-de.6block.com.",
+	"handshake-us.6block.com.",
+	"handshake.6block.com.",
+	"hathor.acc-pool.pw.",
+	"haven.miner.rocks.",
+	"hc.antpool.com.",
+	"hex.eu.mine.zpool.ca.",
+	"hex.jp.mine.zpool.ca.",
+	"hex.na.mine.zpool.ca.",
+	"hmq1725.asia.mine.zergpool.com.",
+	"hmq1725.eu.mine.zergpool.com.",
+	"hmq1725.eu.mine.zpool.ca.",
+	"hmq1725.jp.mine.zpool.ca.",
+	"hmq1725.mine.blazepool.com.",
+	"hmq1725.mine.zergpool.com.",
+	"hmq1725.na.mine.zpool.ca.",
+	"hmq1725.sea.mine.zpool.ca.",
+	"hns.f2pool.com.",
+	"hns.pool.blackminer.com.",
+	"hns.ss.dxpool.com.",
+	"hodl.suprnova.cc.",
+	"honeycomb.eu.mine.zpool.ca.",
+	"honeycomb.na.mine.zpool.ca.",
+	"hub.miningpoolhub.com.",
+	"hush.2miners.com.",
+	"hush.suprnova.cc.",
+	"icemining.ca.",
+	"in.stratu.ms.",
+	"infinity.ultranote.org.",
+	"italo.ingest.cryptoknight.cc.",
+	"italo.network.",
+	"jeonghash.eu.mine.zpool.ca.",
+	"jp-01.miningrigrentals.com.",
+	"jp.stratum.slushpool.com.",
+	"k12.asia.mine.zergpool.com.",
+	"k12.mine.zergpool.com.",
+	"k12.na.mine.zergpool.com.",
+	"kawpow.asia.mine.zergpool.com.",
+	"kawpow.br.nicehash.com.",
+	"kawpow.eu.mine.zergpool.com.",
+	"kawpow.eu.nicehash.com.",
+	"kawpow.hk.nicehash.com.",
+	"kawpow.in.nicehash.com.",
+	"kawpow.jp.nicehash.com.",
+	"kawpow.mine.zergpool.com.",
+	"kawpow.mining-dutch.nl.",
+	"kawpow.na.mine.zergpool.com.",
+	"kawpow.usa.nicehash.com.",
+	"kda-asia.ss.poolflare.net.",
+	"kda-asia.ss.poolflare.net.",
+	"kda-eu.ss.poolflare.com.",
+	"kda-eu.ss.poolflare.net.",
+	"kda-eu2.ss.poolflare.net.",
+	"kda-us.ss.poolflare.com.",
+	"kda-us.ss.poolflare.net.",
+	"kda.f2pool.com.",
+	"kda.ss.poolflare.com.",
+	"kda.ss.poolflare.net.",
+	"kda.ss.poolflare.net.",
+	"kda.stratum.hashpool.com.",
+	"keccak.asia.mine.zergpool.com.",
+	"keccak.eu.mine.zpool.ca.",
+	"keccak.eu.nicehash.com.",
+	"keccak.hk.nicehash.com.",
+	"keccak.jp.mine.zpool.ca.",
+	"keccak.mine.zergpool.com.",
+	"keccak.mining-dutch.nl.",
+	"keccak.na.mine.zergpool.com.",
+	"keccak.na.mine.zpool.ca.",
+	"keccak.usa.nicehash.com.",
+	"keccakc.asia.mine.zergpool.com.",
+	"keccakc.eu.mine.zpool.ca.",
+	"keccakc.jp.mine.zpool.ca.",
+	"keccakc.mine.zergpool.com.",
+	"keccakc.na.mine.zpool.ca.",
+	"kingsminer.ddnsking.com.",
+	"kp.unmineable.com.",
+	"kreds.suprnova.cc.",
+	"kva.ss.dxpool.com.",
+	"kz.emcd.io.",
+	"lb.geo.egempool.eu.",
+	"lb.geo.pirlpool.eu.",
+	"lb.geo.ubiqpool.org.",
+	"lbc.luxor.tech.",
+	"lbk3.eu.mine.zpool.ca.",
+	"lbk3.jp.mine.zpool.ca.",
+	"lbk3.na.mine.zpool.ca.",
+	"lbry.asia.mine.zergpool.com.",
+	"lbry.eu.mine.zpool.ca.",
+	"lbry.eu.nicehash.com.",
+	"lbry.hk.nicehash.com.",
+	"lbry.jp.mine.zpool.ca.",
+	"lbry.mine.zergpool.com.",
+	"lbry.na.mine.zpool.ca.",
+	"lbry.suprnova.cc.",
+	"lbry.usa.nicehash.com.",
+	"lidonia.com.",
+	"litecoinpool.org.",
+	"ls.huobipool.com.",
+	"ltc-eu.f2pool.com.",
+	"ltc-us.f2pool.com.",
+	"ltc.f2pool.com.",
+	"ltc.pool.minergate.com.",
+	"ltc.ss.poolin.com.",
+	"ltc.viabtc.com.",
+	"ltc.viabtc.top.",
+	"ltz.pcmining.xyz.",
+	"lyra2rev2.mining-dutch.nl.",
+	"lyra2v2.asia.mine.zergpool.com.",
+	"lyra2v2.eu.mine.zpool.ca.",
+	"lyra2v2.jp.mine.zpool.ca.",
+	"lyra2v2.mine.blazepool.com.",
+	"lyra2v2.mine.zergpool.com.",
+	"lyra2v2.na.mine.zergpool.com.",
+	"lyra2v2.na.mine.zpool.ca.",
+	"lyra2v3.eu.mine.zpool.ca.",
+	"lyra2v3.jp.mine.zpool.ca.",
+	"lyra2v3.mine.blazepool.com.",
+	"lyra2v3.na.mine.zpool.ca.",
+	"lyra2z.asia.mine.zergpool.com.",
+	"lyra2z.eu.mine.zpool.ca.",
+	"lyra2z.jp.mine.zpool.ca.",
+	"lyra2z.mine.zergpool.com.",
+	"lyra2z.na.mine.zergpool.com.",
+	"lyra2z.na.mine.zpool.ca.",
+	"lyra2z330.asia.mine.zergpool.com.",
+	"lyra2z330.mine.zergpool.com.",
+	"lyra2z330.na.mine.zergpool.com.",
+	"m7m.asia.mine.zergpool.com.",
+	"m7m.eu.mine.zergpool.com.",
+	"m7m.eu.mine.zpool.ca.",
+	"m7m.jp.mine.zpool.ca.",
+	"m7m.mine.zergpool.com.",
+	"m7m.na.mine.zpool.ca.",
+	"m7m.sea.mine.zpool.ca.",
+	"mallob-ml.as.neuropool.net.",
+	"mallob-ml.as2.neuropool.net.",
+	"mallob-ml.au.neuropool.net.",
+	"mallob-ml.ca.neuropool.net.",
+	"mallob-ml.eu.neuropool.net.",
+	"mallob-ml.in.neuropool.net.",
+	"mallob-ml.me.neuropool.net.",
+	"mallob-ml.us.neuropool.net.",
+	"masari.miner.rocks.",
+	"mcmpool.eu.",
+	"megabtx.asia.mine.zergpool.com.",
+	"megabtx.eu.mine.zpool.ca.",
+	"megabtx.mine.zergpool.com.",
+	"megamec.asia.mine.zergpool.com.",
+	"megamec.mine.zergpool.com.",
+	"mine-beam-testnet.leafpool.com.",
+	"mine.arqma.com.",
+	"mine.bittubecash.fairpool.xyz.",
+	"mine.c3pool.com.",
+	"mine.etc.fairpool.xyz.",
+	"mine.loki.fairpool.xyz.",
+	"mine.msr.fairpool.xyz.",
+	"mine.music.mypool.online.",
+	"mine.nlpool.nl.",
+	"mine.nuko.fairpool.xyz.",
+	"mine.pgc.fairpool.xyz.",
+	"mine.realpool.eu.",
+	"mine.ryo.fairpool.xyz.",
+	"mine.swap.fairpool.xyz.",
+	"mine.thegrinpool.com.",
+	"mine.wow.fairpool.xyz.",
+	"mine.xhv.fairpool.xyz.",
+	"mine.xmrpool.net.",
+	"mine.xrn.fairpool.xyz.",
+	"mine.zano.fairpool.xyz.",
+	"mine.zergpool.com.",
+	"mine.zpool.ca.",
+	"mineit.io.",
+	"minepool.com.",
+	"miner-control.de.",
+	"miner.rocks.",
+	"minerpool.net.",
+	"minimizing.net.",
+	"mining.bittube.app.",
+	"mining.bittubeapp.com.",
+	"mining.xpoolx.com.",
+	"miningmadness.com.",
+	"miningpoolhub.com.",
+	"mix-solo.wattpool.net.",
+	"mix.minerpool.net.",
+	"mix.wattpool.net.",
+	"mn.pool-pay.com.",
+	"mng.miningpool.fun.",
+	"moac.2miners.com.",
+	"mona.suprnova.cc.",
+	"monero.herominers.com.",
+	"monerohash.com.",
+	"music.2miners.com.",
+	"mwc.2miners.com.",
+	"mwc.pacificpool.ws.",
+	"my-mining-pool.de.",
+	"myr-gr.asia.mine.zergpool.com.",
+	"myr-gr.eu.mine.zpool.ca.",
+	"myr-gr.jp.mine.zpool.ca.",
+	"myr-gr.mine.zergpool.com.",
+	"myr-gr.na.mine.zpool.ca.",
+	"myrgro.mining-dutch.nl.",
+	"na-etc.hiveon.net.",
+	"na.aionpool.tech.",
+	"na.luckpool.net.",
+	"naw-eth.hiveon.net.",
+	"nbr.pool-pay.com.",
+	"neoscrypt.asia.mine.zergpool.com.",
+	"neoscrypt.br.nicehash.com.",
+	"neoscrypt.eu.mine.zergpool.com.",
+	"neoscrypt.eu.mine.zpool.ca.",
+	"neoscrypt.eu.nicehash.com.",
+	"neoscrypt.eu1.unimining.net.",
+	"neoscrypt.hk.nicehash.com.",
+	"neoscrypt.in.nicehash.com.",
+	"neoscrypt.jp.mine.zpool.ca.",
+	"neoscrypt.jp.nicehash.com.",
+	"neoscrypt.mine.blazepool.com.",
+	"neoscrypt.mine.zergpool.com.",
+	"neoscrypt.mining-dutch.nl.",
+	"neoscrypt.na.mine.zpool.ca.",
+	"neoscrypt.sea.mine.zpool.ca.",
+	"neoscrypt.usa.nicehash.com.",
+	"nicehash.com.",
+	"nilu.minerpool.net.",
+	"nimiq-trm.icemining.ca.",
+	"nimiq.icemining.ca.",
+	"nist5.asia.mine.zergpool.com.",
+	"nist5.eu.mine.zpool.ca.",
+	"nist5.jp.mine.zpool.ca.",
+	"nist5.mine.zergpool.com.",
+	"nist5.na.mine.zpool.ca.",
+	"nl.stratu.ms.",
+	"nlpool.nl.",
+	"noncepool.com.",
+	"nuko.minerpool.net.",
+	"nuko.mofumofu.me.",
+	"odocrypt.asia.mine.zergpool.com.",
+	"odocrypt.eu.mine.zpool.ca.",
+	"odocrypt.mine.zergpool.com.",
+	"odocrypt.mine.zpool.ca.",
+	"odocrypt.mining-dutch.nl.",
+	"omb.pool-pay.com.",
+	"omegapool.cc.",
+	"p2p-spb.xyz.",
+	"p2p-usa.xyz.",
+	"padihash.eu.mine.zpool.ca.",
+	"pasl.fairpool.xyz.",
+	"pawelhash.eu.mine.zpool.ca.",
+	"perkle-pool.esprezzo.io.",
+	"pgc.minerpool.net.",
+	"pgo.m2pool.eu.",
+	"phi.asia.mine.zergpool.com.",
+	"phi.eu.mine.zpool.ca.",
+	"phi.jp.mine.zpool.ca.",
+	"phi.mine.zergpool.com.",
+	"phi.na.mine.zpool.ca.",
+	"phi2.eu.mine.zpool.ca.",
+	"phi2.jp.mine.zpool.ca.",
+	"phi2.na.mine.zpool.ca.",
+	"pirl-solo.wattpool.net.",
+	"pirl.2miners.com.",
+	"pirl.coinminer.space.",
+	"plpool.org.",
+	"polytimos.eu.mine.zpool.ca.",
+	"polytimos.jp.mine.zpool.ca.",
+	"polytimos.na.mine.zpool.ca.",
+	"pool-eu.ethosdistro.com.",
+	"pool-usa.ethosdistro.com.",
+	"pool.0cash.org.",
+	"pool.572133.club.",
+	"pool.acemining.co.",
+	"pool.bibop.net.",
+	"pool.bitcoinote.org.",
+	"pool.bloc.money.",
+	"pool.blocpal.com.",
+	"pool.bsod.pw.",
+	"pool.btcp.network.",
+	"pool.ckpool.org.",
+	"pool.dgb256.online.",
+	"pool.ehpro.ca.",
+	"pool.electroneropulse.org.",
+	"pool.erstweal.com.",
+	"pool.esn.today.",
+	"pool.ethercore.io.",
+	"pool.expanse.tech.",
+	"pool.hashvault.pro.",
+	"pool.italo.network.",
+	"pool.joys.digital.",
+	"pool.krb.fairhash.org.",
+	"pool.lanacoin.com.",
+	"pool.mangocoin.online.",
+	"pool.minerall.io.",
+	"pool.ms.",
+	"pool.nashcash.net.",
+	"pool.peopleland.net.",
+	"pool.pexaproject.com.",
+	"pool.pigeoncoin.org.",
+	"pool.pirl.network.",
+	"pool.poolen.io.",
+	"pool.qpool.net.",
+	"pool.qwertycoin.org.",
+	"pool.rwinfo.club.",
+	"pool.ryo-currency.com.",
+	"pool.sprintpay.net.",
+	"pool.supportxmr.com.",
+	"pool.swampcoin.tech.",
+	"pool.talleo.org.",
+	"pool.tube.fairhash.org.",
+	"pool.uralscoin.info.",
+	"pool.wattum.io.",
+	"pool.xmc.fairhash.org.",
+	"pool.zelerius.org.",
+	"pool.zls.fairhash.org.",
+	"power2b.asia.mine.zergpool.com.",
+	"power2b.eu.mine.zergpool.com.",
+	"power2b.eu.mine.zpool.ca.",
+	"power2b.mine.zergpool.com.",
+	"powerpool.money.",
+	"pps-etc-eu.adaminers.com.",
+	"pps-eth-eu.adaminers.com.",
+	"prohashing.com.",
+	"proxy.pool.whalesburg.com.",
+	"proxy.prohashing.com.",
+	"qkc.ontopool.com.",
+	"qrl-us.leafpool.com.",
+	"qrl.herominers.com.",
+	"qrl.miningocean.org.",
+	"quark.asia.mine.zergpool.com.",
+	"quark.eu.mine.zpool.ca.",
+	"quark.eu.nicehash.com.",
+	"quark.hk.nicehash.com.",
+	"quark.jp.mine.zpool.ca.",
+	"quark.mine.zergpool.com.",
+	"quark.na.mine.zpool.ca.",
+	"quark.usa.nicehash.com.",
+	"qubit.asia.mine.zergpool.com.",
+	"qubit.br.nicehash.com.",
+	"qubit.eu.mine.zpool.ca.",
+	"qubit.eu.nicehash.com.",
+	"qubit.hk.nicehash.com.",
+	"qubit.in.nicehash.com.",
+	"qubit.jp.mine.zpool.ca.",
+	"qubit.jp.nicehash.com.",
+	"qubit.mine.zergpool.com.",
+	"qubit.mining-dutch.nl.",
+	"qubit.na.mine.zpool.ca.",
+	"qubit.usa.nicehash.com.",
+	"randomarq.asia.mine.zergpool.com.",
+	"randomarq.mine.zergpool.com.",
+	"randomsfx.asia.mine.zergpool.com.",
+	"randomsfx.eu.mine.zergpool.com.",
+	"randomsfx.mine.zergpool.com.",
+	"randomx.eu.mine.zergpool.com.",
+	"randomx.mine.zergpool.com.",
+	"randomx.na.mine.zergpool.com.",
+	"randomxmonero.br.nicehash.com.",
+	"randomxmonero.eu.nicehash.com.",
+	"randomxmonero.hk.nicehash.com.",
+	"randomxmonero.in.nicehash.com.",
+	"randomxmonero.jp.nicehash.com.",
+	"randomxmonero.usa.nicehash.com.",
+	"raven.f2pool.com.",
+	"ravencoin-us.mintpond.com.",
+	"ravencoin.flypool.org.",
+	"ravencoin.mintpond.com.",
+	"ravenminer.com.",
+	"reosc.digipools.org.",
+	"reosc.wattpool.net.",
+	"rfv2.na.mine.zpool.ca.",
+	"ric.suprnova.cc.",
+	"roi.suprnova.cc.",
+	"rto.pool-pay.com.",
+	"ru-etc.hiveon.net.",
+	"ru-eth.hiveon.net.",
+	"ru.bsod.pw.",
+	"ru.hashrent.pro.",
+	"rustpool.xyz.",
+	"rvn-us.coinblockers.com.",
+	"rvn.antpool.com.",
+	"rvn.hashcity.org.",
+	"rvn.suprnova.cc.",
+	"rx.unmineable.com.",
+	"ryo-eu.leafpool.com.",
+	"ryo.bohemianpool.com.",
+	"ryo.miner.rocks.",
+	"ryopool.cryptosewer.com.",
+	"s-eu.comining.io.",
+	"s-jp.comining.io.",
+	"s-ru.comining.io.",
+	"s-sg.comining.io.",
+	"s-us.comining.io.",
+	"s.comining.io.",
+	"sandbox.pool.ms.",
+	"sc-eu.luxor.tech.",
+	"sc-us.luxor.tech.",
+	"sc.f2pool.com.",
+	"sc.luxor.tech.",
+	"scp-eu.luxor.tech.",
+	"scp-us.luxor.tech.",
+	"scrypt-ld.eu.mine.zpool.ca.",
+	"scrypt-ld.jp.mine.zpool.ca.",
+	"scrypt-ld.na.mine.zpool.ca.",
+	"scrypt.asia.mine.zergpool.com.",
+	"scrypt.br.nicehash.com.",
+	"scrypt.eu.mine.zergpool.com.",
+	"scrypt.eu.mine.zpool.ca.",
+	"scrypt.eu.nicehash.com.",
+	"scrypt.hk.nicehash.com.",
+	"scrypt.in.nicehash.com.",
+	"scrypt.jp.mine.zpool.ca.",
+	"scrypt.jp.nicehash.com.",
+	"scrypt.mine.zergpool.com.",
+	"scrypt.mining-dutch.nl.",
+	"scrypt.na.mine.zergpool.com.",
+	"scrypt.na.mine.zpool.ca.",
+	"scrypt.sea.mine.zpool.ca.",
+	"scrypt.usa.nicehash.com.",
+	"scryptn2.eu.mine.zergpool.com.",
+	"scryptn2.mine.zergpool.com.",
+	"seu-eth.hiveon.net.",
+	"sfx.pool-pay.com.",
+	"sg-zil.rustpool.xyz.",
+	"sg.haven.miner.rocks.",
+	"sg.qrl.herominers.com.",
+	"sg.stratu.ms.",
+	"sg.stratum.slushpool.com.",
+	"sha256-ld.eu.mine.zpool.ca.",
+	"sha256-ld.jp.mine.zpool.ca.",
+	"sha256-ld.na.mine.zpool.ca.",
+	"sha256.antpool.com.",
+	"sha256.asia.mine.zergpool.com.",
+	"sha256.br.nicehash.com.",
+	"sha256.eu.mine.zpool.ca.",
+	"sha256.eu.nicehash.com.",
+	"sha256.hk.nicehash.com.",
+	"sha256.in.nicehash.com.",
+	"sha256.jp.mine.zpool.ca.",
+	"sha256.jp.nicehash.com.",
+	"sha256.mine.zergpool.com.",
+	"sha256.mining-dutch.nl.",
+	"sha256.na.mine.zergpool.com.",
+	"sha256.na.mine.zpool.ca.",
+	"sha256.poolbinance.com.",
+	"sha256.usa.nicehash.com.",
+	"sha256asicboost.br.nicehash.com.",
+	"sha256asicboost.eu.nicehash.com.",
+	"sha256asicboost.hk.nicehash.com.",
+	"sha256asicboost.in.nicehash.com.",
+	"sha256asicboost.jp.nicehash.com.",
+	"sha256asicboost.usa.nicehash.com.",
+	"sha256t.eu.mine.zpool.ca.",
+	"sha256t.jp.mine.zpool.ca.",
+	"sha256t.na.mine.zpool.ca.",
+	"sha3d.mine.zergpool.com.",
+	"sha3d.mine.zpool.ca.",
+	"sib.asia.mine.zergpool.com.",
+	"sib.eu.mine.zpool.ca.",
+	"sib.jp.mine.zpool.ca.",
+	"sib.mine.zergpool.com.",
+	"sib.na.mine.zpool.ca.",
+	"sib.suprnova.cc.",
+	"singapore01.hashvault.pro.",
+	"sipc.matpool.io.",
+	"sipc.simpool.vip.",
+	"skein.asia.mine.zergpool.com.",
+	"skein.eu.mine.zergpool.com.",
+	"skein.eu.mine.zpool.ca.",
+	"skein.jp.mine.zpool.ca.",
+	"skein.mine.zergpool.com.",
+	"skein.mine.zpool.ca.",
+	"skein.mining-dutch.nl.",
+	"skein.na.mine.zpool.ca.",
+	"skein.sea.mine.zpool.ca.",
+	"skein2.eu.mine.zpool.ca.",
+	"skein2.mine.zergpool.com.",
+	"skein2.na.mine.zpool.ca.",
+	"skunk.eu.mine.zpool.ca.",
+	"skunk.jp.mine.zpool.ca.",
+	"skunk.na.mine.zpool.ca.",
+	"solo-ae.2miners.com.",
+	"solo-beam.2miners.com.",
+	"solo-btcz.2miners.com.",
+	"solo-btg.2miners.com.",
+	"solo-clo.2miners.com.",
+	"solo-dbix.2miners.com.",
+	"solo-etc.altpool.pro.",
+	"solo-eth.2miners.com.",
+	"solo-etho.coolpool.top.",
+	"solo-etp.2miners.com.",
+	"solo-exp.2miners.com.",
+	"solo-mwc.2miners.com.",
+	"solo-nilu.mole-pool.net.",
+	"solo-pirl.2miners.com.",
+	"solo-sero.mole-pool.net.",
+	"solo-ubq.altpool.pro.",
+	"solo-xmr.2miners.com.",
+	"solo-zcl.2miners.com.",
+	"solo-zec.2miners.com.",
+	"solo-zel.2miners.com.",
+	"solo.antpool.com.",
+	"solo.ckpool.org.",
+	"solo.clopool.pro.",
+	"sonoa.asia.mine.zergpool.com.",
+	"sonoa.eu.mine.zpool.ca.",
+	"sonoa.jp.mine.zpool.ca.",
+	"sonoa.mine.zergpool.com.",
+	"sonoa.na.mine.zpool.ca.",
+	"ss.antpool.com.",
+	"ss.bfcpool.com.",
+	"stellite.ingest-asia.cryptoknight.cc.",
+	"stellite.ingest.cryptoknight.cc.",
+	"stratum-asia.rplant.xyz.",
+	"stratum-btm.antpool.com.",
+	"stratum-dash.antpool.com.",
+	"stratum-etc.antpool.com.",
+	"stratum-eu.rplant.xyz.",
+	"stratum-ltc.antpool.com.",
+	"stratum-na.rplant.xyz.",
+	"stratum-ravencoin.flypool.org.",
+	"stratum-ru.rplant.xyz.",
+	"stratum-sc.antpool.com.",
+	"stratum-xmc.antpool.com.",
+	"stratum-zec.antpool.com.",
+	"stratum.aikapool.com.",
+	"stratum.antpool.com.",
+	"stratum.bcmonster.com.",
+	"stratum.coinminerz.com.",
+	"stratum.cudopool.com.",
+	"stratum.f2pool.com.",
+	"stratum.gpuhot.com.",
+	"stratum.happypool.co.",
+	"stratum.icemining.ca.",
+	"stratum.kano.is.",
+	"stratum.mecrypto.club.",
+	"stratum.miner-world.com.",
+	"stratum.my2coins.com.",
+	"stratum.naw.warihash.com.",
+	"stratum.piratepool.io.",
+	"stratum.ravenminer.com.",
+	"stratum.sephira.co.",
+	"stratum.slushpool.com.",
+	"stratum.solomining.io.",
+	"stratum.us2mine.com.",
+	"stratum.yiimp.bobbpool.be.",
+	"stratum.youcrazy.me.",
+	"stratum.yourpool.org.",
+	"stratum.zel.cash.",
+	"stratum1.hashcryptos.com.",
+	"stratum3.hashcryptos.com.",
+	"stratum4.hashcryptos.com.",
+	"sumo.ss.dxpool.com.",
+	"supportxmr.com.",
+	"swap.gxn-miningpool.com.",
+	"swap.ingest.cryptoknight.cc.",
+	"swap.miningocean.org.",
+	"swap2.luckypool.io.",
+	"tbdice.org.",
+	"texas.us.rvn.minermore.com.",
+	"timetravel.eu.mine.zpool.ca.",
+	"timetravel.jp.mine.zpool.ca.",
+	"timetravel.na.mine.zpool.ca.",
+	"tkts.cryptonote.club.",
+	"tlo.cryptonote.club.",
+	"tneoscrypt.na.mine.zpool.ca.",
+	"tokenminingpool.com.",
+	"trexmining.com.",
+	"tribus.asia.mine.zergpool.com.",
+	"tribus.eu.mine.zpool.ca.",
+	"tribus.jp.mine.zpool.ca.",
+	"tribus.mine.blazepool.com.",
+	"tribus.mine.zergpool.com.",
+	"tribus.na.mine.zpool.ca.",
+	"trtl.pool.mine2gether.com.",
+	"tsf.europool.me.",
+	"tube.ingest.cryptoknight.cc.",
+	"tube.steadyhash.org.",
+	"tube4.luckypool.io.",
+	"tw.sparkpool.com.",
+	"ua-mining.com.",
+	"ubiq-eu.maxhash.org.",
+	"ubiq-us.maxhash.org.",
+	"ubiq.suprnova.cc.",
+	"ubiq.wattpool.net.",
+	"ubq.altpool.pro.",
+	"uk.stratu.ms.",
+	"ukpool.electroneropulse.org.",
+	"upx.miningocean.org.",
+	"upxpool.com.",
+	"us-ae.2miners.com.",
+	"us-beam.2miners.com.",
+	"us-btg.2miners.com.",
+	"us-central.2acoin.org.",
+	"us-central01.miningrigrentals.com.",
+	"us-ckb.2miners.com.",
+	"us-east-stratum.grinmint.com.",
+	"us-east.crazypool.org.",
+	"us-east.ethash-hub.miningpoolhub.com.",
+	"us-east.kawpow-hub.miningpoolhub.com.",
+	"us-east.randomx-hub.miningpoolhub.com.",
+	"us-east.siamining.com.",
+	"us-east.stratum.grin-pool.org.",
+	"us-east.stratum.slushpool.com.",
+	"us-east01.miningrigrentals.com.",
+	"us-etc.2miners.com.",
+	"us-grin.2miners.com.",
+	"us-nw01.miningrigrentals.com.",
+	"us-solo-ae.2miners.com.",
+	"us-solo-beam.2miners.com.",
+	"us-solo-btg.2miners.com.",
+	"us-solo-etc.2miners.com.",
+	"us-solo-grin.2miners.com.",
+	"us-solo-zec.2miners.com.",
+	"us-solo-zen.2miners.com.",
+	"us-west.crazypool.org.",
+	"us-west.siamining.com.",
+	"us-west01.miningrigrentals.com.",
+	"us-zec.2miners.com.",
+	"us-zel.zellabs.net.",
+	"us-zen.2miners.com.",
+	"us-zil.rustpool.xyz.",
+	"us.0769.it.",
+	"us.bsod.pw.",
+	"us.btgpool.pro.",
+	"us.bytecoin-pool.org.",
+	"us.emcd.io.",
+	"us.equihub.pro.",
+	"us.fastpool.xyz.",
+	"us.frostypool.com.",
+	"us.litecoinpool.org.",
+	"us.mining.bit.tube.",
+	"us.miningfield.com.",
+	"us.nimpool.io.",
+	"us.pool.ms.",
+	"us.ravenminer.com.",
+	"us.rito.minermore.com.",
+	"us.rvn.minermore.com.",
+	"us.ss.btc.com.",
+	"us.stratu.ms.",
+	"us.ubiqpool.io.",
+	"us1-beam.flypool.org.",
+	"us1-zil.shardpool.io.",
+	"us1.fairpool.pro.",
+	"us1.stratu.ms.",
+	"us1.zhash.pro.",
+	"us2-zil.rustpool.xyz.",
+	"us2.litecoinpool.org.",
+	"us2mine.com.",
+	"usa-west.dgb256.online.",
+	"uspool.electroneropulse.org.",
+	"uupool.cn.",
+	"vdl.raptorpool.org.",
+	"vegas-backup.xmrpool.net.",
+	"veil-eu.coinblockers.com.",
+	"veil-us.coinblockers.com.",
+	"veil.suprnova.cc.",
+	"vertcoin.hashalot.net.",
+	"verushash.asia.mine.zergpool.com.",
+	"verushash.eu.mine.zergpool.com.",
+	"verushash.mine.zergpool.com.",
+	"verushash.na.mine.zergpool.com.",
+	"viabtc.com.",
+	"viabtc.net.",
+	"vidulum.dapool.io.",
+	"vtc.suprnova.cc.",
+	"vvpool.com.",
+	"webmng.semipool.com.",
+	"webwxtc.semipool.com.",
+	"west.us.rvn.minermore.com.",
+	"wownero.ingest.cryptoknight.cc.",
+	"www.eelpool.com.",
+	"www.mineit.io.",
+	"x11.asia.mine.zergpool.com.",
+	"x11.br.nicehash.com.",
+	"x11.eu.mine.zergpool.com.",
+	"x11.eu.mine.zpool.ca.",
+	"x11.eu.nicehash.com.",
+	"x11.hk.nicehash.com.",
+	"x11.in.nicehash.com.",
+	"x11.jp.mine.zpool.ca.",
+	"x11.jp.nicehash.com.",
+	"x11.mine.blazepool.com.",
+	"x11.mine.zergpool.com.",
+	"x11.mine.zpool.ca.",
+	"x11.mining-dutch.nl.",
+	"x11.na.mine.zpool.ca.",
+	"x11.sea.mine.zpool.ca.",
+	"x11.usa.nicehash.com.",
+	"x11evo.eu.mine.zpool.ca.",
+	"x11evo.jp.mine.zpool.ca.",
+	"x11evo.na.mine.zpool.ca.",
+	"x11gost.mining-dutch.nl.",
+	"x13.asia.mine.zergpool.com.",
+	"x13.br.nicehash.com.",
+	"x13.eu.mine.zpool.ca.",
+	"x13.eu.nicehash.com.",
+	"x13.hk.nicehash.com.",
+	"x13.in.nicehash.com.",
+	"x13.jp.mine.zpool.ca.",
+	"x13.jp.nicehash.com.",
+	"x13.mine.zergpool.com.",
+	"x13.na.mine.zpool.ca.",
+	"x13.usa.nicehash.com.",
+	"x15.eu.mine.zpool.ca.",
+	"x15.jp.mine.zpool.ca.",
+	"x15.na.mine.zpool.ca.",
+	"x16r.asia.mine.zergpool.com.",
+	"x16r.br.nicehash.com.",
+	"x16r.eu.mine.zergpool.com.",
+	"x16r.eu.mine.zpool.ca.",
+	"x16r.eu.nicehash.com.",
+	"x16r.hk.nicehash.com.",
+	"x16r.in.nicehash.com.",
+	"x16r.jp.mine.zpool.ca.",
+	"x16r.jp.nicehash.com.",
+	"x16r.mine.blazepool.com.",
+	"x16r.mine.zergpool.com.",
+	"x16r.na.mine.zergpool.com.",
+	"x16r.na.mine.zpool.ca.",
+	"x16r.sea.mine.zpool.ca.",
+	"x16r.usa.nicehash.com.",
+	"x16rt.asia.mine.zergpool.com.",
+	"x16rt.eu.mine.zpool.ca.",
+	"x16rt.mine.zergpool.com.",
+	"x16rt.na.mine.zpool.ca.",
+	"x16rv2.asia.mine.zergpool.com.",
+	"x16rv2.br.nicehash.com.",
+	"x16rv2.eu.mine.zpool.ca.",
+	"x16rv2.eu.nicehash.com.",
+	"x16rv2.hk.nicehash.com.",
+	"x16rv2.in.nicehash.com.",
+	"x16rv2.jp.mine.zpool.ca.",
+	"x16rv2.jp.nicehash.com.",
+	"x16rv2.mine.zergpool.com.",
+	"x16rv2.na.mine.zpool.ca.",
+	"x16rv2.sea.mine.zpool.ca.",
+	"x16rv2.tron-mining.com.",
+	"x16rv2.usa.nicehash.com.",
+	"x16s.asia.mine.zergpool.com.",
+	"x16s.eu.mine.zpool.ca.",
+	"x16s.jp.mine.zpool.ca.",
+	"x16s.mine.zergpool.com.",
+	"x16s.na.mine.zpool.ca.",
+	"x16s.sea.mine.zpool.ca.",
+	"x17.asia.mine.zergpool.com.",
+	"x17.eu.mine.zpool.ca.",
+	"x17.jp.mine.zpool.ca.",
+	"x17.mine.zergpool.com.",
+	"x17.na.mine.zpool.ca.",
+	"x21s.asia.mine.zergpool.com.",
+	"x21s.eu.mine.zpool.ca.",
+	"x21s.mine.zergpool.com.",
+	"x21s.na.mine.zpool.ca.",
+	"x22i.eu.mine.zpool.ca.",
+	"x22i.jp.mine.zpool.ca.",
+	"x22i.mine.zergpool.com.",
+	"x22i.na.mine.zpool.ca.",
+	"x25x.asia.mine.zergpool.com.",
+	"x25x.eu.mine.zergpool.com.",
+	"x25x.eu.mine.zpool.ca.",
+	"x25x.mine.zergpool.com.",
+	"x25x.mine.zpool.ca.",
+	"x25x.na.mine.zpool.ca.",
+	"xao.pool.mine2gether.com.",
+	"xcash.steadyhash.org.",
+	"xd.frostypool.com.",
+	"xdna.suprnova.cc.",
+	"xeq.pool-pay.com.",
+	"xevan.asia.mine.zergpool.com.",
+	"xevan.eu.mine.zergpool.com.",
+	"xevan.eu.mine.zpool.ca.",
+	"xevan.jp.mine.zpool.ca.",
+	"xevan.mine.blazepool.com.",
+	"xevan.mine.zergpool.com.",
+	"xevan.mine.zpool.ca.",
+	"xevan.na.mine.zpool.ca.",
+	"xhvpool.dlinodes.com.",
+	"xmc.pool.minergate.com.",
+	"xmr.antpool.com.",
+	"xmr.pool.gntl.co.uk.",
+	"xmr.pool.minergate.com.",
+	"xmr.ss.dxpool.com.",
+	"xmrpool.eu.",
+	"xserty.com.",
+	"xsg.altpool.pro.",
+	"xta.pool-pay.com.",
+	"xtri.minercountry.com.",
+	"xzc.2miners.com.",
+	"yescrypt.asia.mine.zergpool.com.",
+	"yescrypt.eu.mine.zergpool.com.",
+	"yescrypt.eu.mine.zpool.ca.",
+	"yescrypt.jp.mine.zpool.ca.",
+	"yescrypt.mine.zergpool.com.",
+	"yescrypt.mine.zpool.ca.",
+	"yescrypt.mining-dutch.nl.",
+	"yescrypt.na.mine.zpool.ca.",
+	"yescrypt.sea.mine.zpool.ca.",
+	"yescryptr16.asia.mine.zergpool.com.",
+	"yescryptr16.eu.mine.zergpool.com.",
+	"yescryptr16.eu.mine.zpool.ca.",
+	"yescryptr16.jp.mine.zpool.ca.",
+	"yescryptr16.mine.zergpool.com.",
+	"yescryptr16.mine.zpool.ca.",
+	"yescryptr16.mining-dutch.nl.",
+	"yescryptr16.na.mine.zpool.ca.",
+	"yescryptr32.asia.mine.zergpool.com.",
+	"yescryptr32.eu.mine.zergpool.com.",
+	"yescryptr32.eu.mine.zpool.ca.",
+	"yescryptr32.jp.mine.zpool.ca.",
+	"yescryptr32.mine.zergpool.com.",
+	"yescryptr32.mining-dutch.nl.",
+	"yescryptr32.na.mine.zpool.ca.",
+	"yescryptr8.asia.mine.zergpool.com.",
+	"yescryptr8.eu.mine.zpool.ca.",
+	"yescryptr8.jp.mine.zpool.ca.",
+	"yescryptr8.mine.zergpool.com.",
+	"yescryptr8.na.mine.zpool.ca.",
+	"yespower.asia.mine.zergpool.com.",
+	"yespower.eu.mine.zergpool.com.",
+	"yespower.eu.mine.zpool.ca.",
+	"yespower.jp.mine.zpool.ca.",
+	"yespower.mine.zergpool.com.",
+	"yespower.mining-dutch.nl.",
+	"yespower.na.mine.zpool.ca.",
+	"yespowerr16.asia.mine.zergpool.com.",
+	"yespowerr16.eu.mine.zergpool.com.",
+	"yespowerr16.eu.mine.zpool.ca.",
+	"yespowerr16.mine.zergpool.com.",
+	"yespowerr16.mining-dutch.nl.",
+	"yiimp.ccminer.org.",
+	"yoc.2miners.com.",
+	"zano.luckypool.io.",
+	"zcl.2miners.com.",
+	"zcl.altpool.pro.",
+	"zcl.suprnova.cc.",
+	"zcoin-eu.mintpond.com.",
+	"zcoin-us.mintpond.com.",
+	"zcoin.dapool.io.",
+	"zcoin.mintpond.com.",
+	"zdash.suprnova.cc.",
+	"zec-eu.luxor.tech.",
+	"zec-us.luxor.tech.",
+	"zec.2miners.com.",
+	"zec.altpool.pro.",
+	"zec.f2pool.com.",
+	"zec.luxor.tech.",
+	"zec.ss.poolin.com.",
+	"zel-eu.coinblockers.com.",
+	"zel.2miners.com.",
+	"zelsolo-us.coinblockers.com.",
+	"zen-eu.luxor.tech.",
+	"zen-us.luxor.tech.",
+	"zen.2miners.com.",
+	"zen.luxor.tech.",
+	"zencash.f2pool.com.",
+	"zer.equihub.pro.",
+	"zergpool.com.",
+	"zero.suprnova.cc.",
+	"zeropool.io.",
+	"zhash.br.nicehash.com.",
+	"zhash.eu.nicehash.com.",
+	"zhash.hk.nicehash.com.",
+	"zhash.in.nicehash.com.",
+	"zhash.jp.nicehash.com.",
+	"zhash.usa.nicehash.com.",
+	"zil.rustpool.xyz.",
+	"zp-eu.leafpool.com.",
+	"zpool.ca.",
+	"de.monero.herominers.com.",
+	"es.monero.herominers.com.",
+	"fi.monero.herominers.com.",
+	"ru.monero.herominers.com.",
+	"ca.monero.herominers.com.",
+	"us.monero.herominers.com.",
+	"us2.monero.herominers.com.",
+	"us3.monero.herominers.com.",
+	"mx.monero.herominers.com.",
+	"br.monero.herominers.com.",
+	"kz.monero.herominers.com.",
+	"hk.monero.herominers.com.",
+	"kr.monero.herominers.com.",
+	"in.monero.herominers.com.",
+	"sg.monero.herominers.com.",
+	"tr.monero.herominers.com.",
+	"au.monero.herominers.com.",
+}
+
+var R1008CryptoMiningDomainCommunicationRuleDescriptor = RuleDescriptor{
+	ID:          R1008ID,
+	Name:        R1008Name,
+	Description: "Detecting Crypto miners communication by domain",
+	Tags:        []string{"network", "crypto", "miners", "malicious", "dns"},
+	Priority:    RulePriorityCritical,
+	Requirements: &RuleRequirements{
+		EventTypes: []utils.EventType{
+			utils.DnsEventType,
+		},
+	},
+	RuleCreationFunc: func() ruleengine.RuleEvaluator {
+		return CreateRuleR1008CryptoMiningDomainCommunication()
+	},
+}
+
+var _ ruleengine.RuleEvaluator = (*R1008CryptoMiningDomainCommunication)(nil)
+
+type R1008CryptoMiningDomainCommunication struct {
+	BaseRule
+}
+
+func CreateRuleR1008CryptoMiningDomainCommunication() *R1008CryptoMiningDomainCommunication {
+	return &R1008CryptoMiningDomainCommunication{}
+}
+
+func (rule *R1008CryptoMiningDomainCommunication) Name() string {
+	return R1008Name
+}
+
+func (rule *R1008CryptoMiningDomainCommunication) ID() string {
+	return R1008ID
+}
+
+func (rule *R1008CryptoMiningDomainCommunication) DeleteRule() {
+}
+
+func (rule *R1008CryptoMiningDomainCommunication) ProcessEvent(eventType utils.EventType, event interface{}, _ objectcache.ObjectCache) ruleengine.RuleFailure {
+
+	if eventType != utils.DnsEventType {
+		return nil
+	}
+
+	if dnsEvent, ok := event.(*tracerdnstype.Event); ok {
+		log.Printf("******************** Get DNS event: %s\n", dnsEvent.DNSName)
+		if slices.Contains(commonlyUsedCryptoMinersDomains, dnsEvent.DNSName) {
+			ruleFailure := GenericRuleFailure{
+				BaseRuntimeAlert: apitypes.BaseRuntimeAlert{
+					AlertName:      rule.Name(),
+					InfectedPID:    dnsEvent.Pid,
+					FixSuggestions: "If this is a legitimate action, please consider removing this workload from the binding of this rule.",
+					Severity:       R1008CryptoMiningDomainCommunicationRuleDescriptor.Priority,
+				},
+				RuntimeProcessDetails: apitypes.ProcessTree{
+					ProcessTree: apitypes.Process{
+						Comm: dnsEvent.Comm,
+						Gid:  &dnsEvent.Gid,
+						PID:  dnsEvent.Pid,
+						Uid:  &dnsEvent.Uid,
+					},
+					ContainerID: dnsEvent.Runtime.ContainerID,
+				},
+				TriggerEvent: dnsEvent.Event,
+				RuleAlert: apitypes.RuleAlert{
+					RuleDescription: fmt.Sprintf("Communication with a known crypto mining domain: %s in: %s", dnsEvent.DNSName, dnsEvent.GetContainer()),
+				},
+				RuntimeAlertK8sDetails: apitypes.RuntimeAlertK8sDetails{
+					PodName: dnsEvent.GetPod(),
+				},
+				RuleID: rule.ID(),
+			}
+
+			return &ruleFailure
+		}
+	}
+
+	return nil
+}
+
+func (rule *R1008CryptoMiningDomainCommunication) Requirements() ruleengine.RuleSpec {
+	return &RuleRequirements{
+		EventTypes: R1008CryptoMiningDomainCommunicationRuleDescriptor.Requirements.RequiredEventTypes(),
+	}
+}
diff --git a/pkg/ruleengine/v1/r1008_crypto_mining_domain_test.go b/pkg/ruleengine/v1/r1008_crypto_mining_domains_test.go
similarity index 100%
rename from pkg/ruleengine/v1/r1008_crypto_mining_domain_test.go
rename to pkg/ruleengine/v1/r1008_crypto_mining_domains_test.go
diff --git a/pkg/ruleengine/v1/r1013_crypto_mining_files.go b/pkg/ruleengine/v1/r1013_crypto_mining_files.go
new file mode 100644
index 00000000..9b4444b7
--- /dev/null
+++ b/pkg/ruleengine/v1/r1013_crypto_mining_files.go
@@ -0,0 +1,317 @@
+package ruleengine
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/kubescape/node-agent/pkg/objectcache"
+	"github.com/kubescape/node-agent/pkg/ruleengine"
+	"github.com/kubescape/node-agent/pkg/utils"
+
+	apitypes "github.com/armosec/armoapi-go/armotypes"
+	traceropentype "github.com/inspektor-gadget/inspektor-gadget/pkg/gadgets/trace/open/types"
+
+	"github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1"
+)
+
+const (
+	R1013ID   = "R1013"
+	R1013Name = "Crypto Mining files access"
+)
+
+// CryptoMiningFilesAccessPathsPrefixs is a list because of symlinks.
+var CryptoMiningFilesAccessPathsPrefix = []string{
+	"/sys/devices/system/cpu/cpu1/cache/index1/shared_cpu_map",
+	"/sys/devices/system/cpu/cpu0/cache/index1/level",
+	"/sys/devices/system/cpu/cpu0/topology/core_cpus",
+	"/sys/devices/system/cpu/cpu1/cache/index0/size",
+	"/sys/devices/system/cpu/cpu3/cache/index2/number_of_sets",
+	"/sys/devices/system/cpu/cpu0/cache/index2/physical_line_partition",
+	"/sys/devices/system/cpu/cpu1/cache/index3/size",
+	"/sys/devices/system/node/node0/hugepages",
+	"/sys/devices/system/cpu/cpu2/topology/core_id",
+	"/sys/devices/system/cpu/cpu0/cache/index2/shared_cpu_map",
+	"/dev/null",
+	"/proc/1/fd",
+	"/sys/devices/system/cpu/cpu3/cache/index3/shared_cpu_map",
+	"/sys/devices/virtual/dmi/id/board_name",
+	"/sys/devices/system/cpu/cpu0/cache/index0/id",
+	"/sys/devices/virtual/dmi/id/chassis_serial",
+	"/sys/devices/system/cpu/cpu1/topology/core_cpus",
+	"/sys/devices/system/cpu/cpu1/topology/cluster_cpus",
+	"/sys/devices/system/cpu/cpu0/cache/index3/physical_line_partition",
+	"/sys/devices/system/cpu/cpu1/cache/index1/level",
+	"/sys/devices/system/node/node0/cpumap",
+	"/sys/devices/system/cpu/cpu2/cache/index3/id",
+	"/sys/devices/system/cpu/cpu2/topology/cluster_cpus",
+	"/sys/devices/system/cpu/cpu0/cache/index1/id",
+	"/sys/devices/virtual/dmi/id/product_serial",
+	"/sys/devices/system/cpu/cpu0/cache/index0/number_of_sets",
+	"/sys/devices/system/cpu/cpu0/cache/index2/level",
+	"/sys/devices/system/cpu/cpu2/cache/index0/level",
+	"/sys/devices/system/cpu/cpu0/topology/package_cpus",
+	"/sys/devices/system/cpu/cpu2/cache/index0/coherency_line_size",
+	"/sys/devices/system/cpu/cpu2/cache/index3/shared_cpu_map",
+	"/sys/devices/system/cpu/cpu3/topology/die_cpus",
+	"/sys/devices/system/cpu/cpu0/cache/index3/number_of_sets",
+	"/sys/devices/system/cpu/cpu1/cache/index0/id",
+	"/sys/devices/system/cpu/cpu2/cache/index2/number_of_sets",
+	"/sys/kernel/mm/hugepages",
+	"/sys/devices/system/cpu/cpu0/cache/index1/shared_cpu_map",
+	"/sys/devices/system/cpu/cpu1/cache/index3/level",
+	"/sys/devices/system/cpu/cpu0/cache/index3/type",
+	"/etc/resolv.conf",
+	"/sys/devices/system/cpu/cpu1/cache/index0/coherency_line_size",
+	"/sys/devices/system/cpu/cpu3/cache/index0/coherency_line_size",
+	"/sys/devices/system/cpu/cpu0/cache/index2/size",
+	"/sys/devices/system/cpu/cpu1/cache/index1/id",
+	"/sys/devices/virtual/dmi/id/board_vendor",
+	"/usr/lib/x86_64-linux-gnu/libc.so.6",
+	"/sys/devices/system/cpu/cpu1/topology/package_cpus",
+	"/sys/devices/system/cpu/cpu1/cache/index1/type",
+	"/sys/fs/cgroup/cpuset.cpus.effective",
+	"/sys/devices/system/cpu/cpu1/topology/die_cpus",
+	"/sys/devices/system/cpu/cpu1/topology/core_id",
+	"/sys/devices/system/cpu/cpu0/cache/index3/level",
+	"/sys/devices/system/cpu/cpu2/cache/index3/coherency_line_size",
+	"/sys/devices/virtual/dmi/id/product_version",
+	"/sys/devices/system/cpu/cpu1/cache/index0/number_of_sets",
+	"/sys/devices/system/cpu/cpu3/cache/index3/id",
+	"/sys/devices/system/cpu/cpu3/cache/index2/size",
+	"/sys/devices/system/cpu/cpu0/topology/cluster_cpus",
+	"/sys/devices/system/cpu/cpu0/cache/index2/coherency_line_size",
+	"/sys/devices/system/cpu/cpu1/cache/index2/shared_cpu_map",
+	"/sys/devices/virtual/dmi/id/bios_vendor",
+	"/sys/devices/system/cpu/cpu3/topology/core_cpus",
+	"/sys/devices/system/cpu/cpu2/cache/index0/shared_cpu_map",
+	"/sys/devices/system/cpu/cpu3/cache/index3/type",
+	"/sys/devices/system/cpu/cpu2/topology/package_cpus",
+	"/sys/devices/virtual/dmi/id/bios_version",
+	"/sys/devices/system/cpu/cpu0/cache/index2/id",
+	"/sys/devices/system/cpu/cpu1/cache/index3/id",
+	"/sys/devices/system/cpu/cpu3/cache/index3/size",
+	"/sys/devices/system/cpu/cpu3/cache/index3/number_of_sets",
+	"/sys/devices/system/cpu/cpu3/topology/physical_package_id",
+	"/sys/devices/system/cpu/cpu1/cache/index0/shared_cpu_map",
+	"/sys/devices/virtual/dmi/id/chassis_type",
+	"/sys/devices/virtual/dmi/id/chassis_asset_tag",
+	"/sys/devices/system/cpu/cpu0/topology/die_cpus",
+	"/sys/devices/system/cpu/cpu3/cache/index1/shared_cpu_map",
+	"/sys/devices/system/cpu/cpu3/topology/core_id",
+	"/sys/devices/system/cpu/cpu3/cache/index3/level",
+	"/sys/devices/system/cpu/cpu0/cache/index0/physical_line_partition",
+	"/sys/devices/system/cpu/possible",
+	"/sys/devices/system/cpu/cpu2/cache/index2/shared_cpu_map",
+	"/sys/devices/virtual/dmi/id/product_name",
+	"/sys/devices/system/cpu/cpu0/cache/index2/type",
+	"/sys/devices/system/cpu/cpu0/cache/index0/size",
+	"/sys/devices/system/cpu/cpu2/cache/index0/number_of_sets",
+	"/sys/devices/virtual/dmi/id/board_version",
+	"/sys/devices/system/cpu/cpu0/cache/index0/type",
+	"/sys/devices/virtual/dmi/id/board_serial",
+	"/sys/devices/system/node/node0/hugepages/hugepages-2048kB/free_hugepages",
+	"/sys/devices/system/cpu/cpu3/cache/index2/type",
+	"/sys/devices/system/cpu/cpu1/cache/index3/physical_line_partition",
+	"/sys/devices/system/cpu/cpu3/cache/index3/physical_line_partition",
+	"/sys/devices/system/cpu/cpu2/cache/index2/coherency_line_size",
+	"/sys/devices/system/cpu/cpu2/cache/index2/id",
+	"/sys/devices/system/cpu/cpu3/topology/package_cpus",
+	"/sys/devices/system/cpu/cpu3/cache/index1/id",
+	"/sys/devices/system/cpu/cpu0/cache/index3/size",
+	"/sys/devices/system/cpu/cpu1/cache/index2/physical_line_partition",
+	"/sys/devices/system/cpu/cpu3/cache/index2/physical_line_partition",
+	"/sys/devices/system/cpu/cpu2/cache/index3/level",
+	"/sys/devices/system/cpu/cpu1/topology/physical_package_id",
+	"/sys/devices/system/cpu/cpu1/cache/index2/number_of_sets",
+	"/sys/devices/system/cpu/cpu2/cache/index3/physical_line_partition",
+	"/sys/devices/system/cpu/cpu2/cache/index1/type",
+	"/sys/devices/system/cpu/cpu3/cache/index0/type",
+	"/sys/devices/system/node/node0/hugepages/hugepages-1048576kB/nr_hugepages",
+	"/sys/devices/system/cpu/cpu3/cache/index0/id",
+	"/proc/meminfo",
+	"/proc/1/cpuset",
+	"/sys/devices/system/cpu/online",
+	"/sys/devices/system/cpu/cpu2/topology/physical_package_id",
+	"/sys/devices/virtual/dmi/id/chassis_vendor",
+	"/sys/devices/system/cpu/cpu0/topology/core_id",
+	"/sys/devices/system/cpu/cpu2/cache/index2/physical_line_partition",
+	"/sys/devices/system/cpu/cpu1/cache/index3/shared_cpu_map",
+	"/etc/ld.so.cache",
+	"/sys/devices/system/cpu/cpu3/cache/index0/size",
+	"/sys/devices/system/cpu/cpu0/cache/index3/coherency_line_size",
+	"/usr/lib/x86_64-linux-gnu/libm.so.6",
+	"/sys/devices/system/cpu/cpu3/cache/index1/type",
+	"/sys/devices/system/cpu/cpu2/cache/index0/type",
+	"/sys/devices/system/cpu/cpu3/cache/index2/coherency_line_size",
+	"/sys/devices/system/cpu/cpu1/cache/index2/coherency_line_size",
+	"/sys/devices/system/cpu/cpu2/cache/index1/level",
+	"/proc/1/mounts",
+	"/etc/nsswitch.conf",
+	"/sys/devices/system/cpu/cpu0/topology/physical_package_id",
+	"/sys/devices/system/cpu/cpu2/topology/die_cpus",
+	"/sys/devices/system/cpu/cpu2/cache/index0/size",
+	"/sys/devices/system/cpu/cpu2/cache/index2/type",
+	"/proc/sys/vm/nr_hugepages",
+	"/sys/devices/system/cpu/cpu1/cache/index2/size",
+	"/sys/devices/system/cpu/cpu0/cache/index0/shared_cpu_map",
+	"/proc/cpuinfo",
+	"/sys/devices/system/cpu/cpu3/cache/index2/level",
+	"/sys/devices/virtual/dmi/id/chassis_version",
+	"/sys/devices/virtual/dmi/id/product_uuid",
+	"/sys/devices/system/cpu/cpu1/cache/index0/level",
+	"/sys/devices/system/cpu/cpu1/cache/index3/type",
+	"/sys/devices/system/cpu/cpu3/cache/index2/shared_cpu_map",
+	"/sys/devices/system/cpu/cpu2/cache/index1/shared_cpu_map",
+	"/sys/devices/system/cpu/cpu3/cache/index2/id",
+	"/sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages",
+	"/sys/devices/system/cpu/cpu0/cache/index2/number_of_sets",
+	"/sys/devices/system/cpu/cpu0/cache/index0/level",
+	"/sys/devices/system/cpu/cpu2/cache/index1/id",
+	"/sys/devices/system/cpu/cpu2/cache/index3/number_of_sets",
+	"/sys/devices/virtual/dmi/id/sys_vendor",
+	"/sys/devices/system/cpu/cpu2/cache/index2/level",
+	"/sys/devices/system/cpu/cpu3/topology/cluster_cpus",
+	"/sys/devices/system/cpu/cpu0/cache/index3/shared_cpu_map",
+	"/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages",
+	"/sys/devices/system/cpu/cpu0/cache/index0/coherency_line_size",
+	"/sys/devices/system/cpu/cpu0/cache/index1/type",
+	"/sys/devices/system/cpu/cpu0/cache/index3/id",
+	"/sys/devices/system/cpu/cpu3/cache/index1/level",
+	"/sys/bus/dax/devices",
+	"/sys/devices/system/cpu/cpu2/cache/index0/id",
+	"/sys/devices/system/cpu/cpu2/cache/index3/size",
+	"/sys/devices/system/node/online",
+	"/sys/devices/system/cpu/cpu3/cache/index0/number_of_sets",
+	"/sys/devices/virtual/dmi/id/board_asset_tag",
+	"/sys/devices/system/cpu/cpu2/topology/core_cpus",
+	"/etc/hosts",
+	"/sys/devices/system/cpu/cpu3/cache/index0/physical_line_partition",
+	"/sys/devices/system/cpu/cpu2/cache/index2/size",
+	"/sys/devices/system/cpu/cpu3/cache/index0/level",
+	"/sys/devices/virtual/dmi/id",
+	"/sys/devices/system/cpu/cpu1/cache/index0/physical_line_partition",
+	"/sys/devices/system/cpu/cpu1/cache/index3/coherency_line_size",
+	"/sys/devices/system/cpu/cpu1/cache/index2/type",
+	"/sys/fs/cgroup/cpuset.mems.effective",
+	"/etc/host.conf",
+	"/sys/devices/system/cpu/cpu3/cache/index3/coherency_line_size",
+	"/sys/devices/system/cpu",
+	"/sys/fs/cgroup/cgroup.controllers",
+	"/sys/devices/system/cpu/cpu1/cache/index2/level",
+	"/sys/devices/system/cpu/cpu2/cache/index3/type",
+	"/sys/devices/system/cpu/cpu2/cache/index0/physical_line_partition",
+	"/sys/devices/system/node/node0/meminfo",
+	"/sys/devices/system/cpu/cpu1/cache/index2/id",
+	"/sys/devices/system/cpu/cpu3/cache/index0/shared_cpu_map",
+	"/sys/devices/system/cpu/cpu1/cache/index0/type",
+	"/sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages",
+	"/sys/devices/virtual/dmi/id/bios_date",
+	"/sys/devices/system/cpu/cpu1/cache/index3/number_of_sets",
+	"/sys/devices/system/cpu",
+}
+
+var R1013CryptoMiningFilesAccessRuleDescriptor = RuleDescriptor{
+	ID:          R1013ID,
+	Name:        R1013Name,
+	Description: "Detecting Crypto miners communication by files access",
+	Tags:        []string{"crypto", "miners", "malicious", "whitelisted"},
+	Priority:    RulePriorityHigh,
+	Requirements: &RuleRequirements{
+		EventTypes: []utils.EventType{
+			utils.OpenEventType,
+		},
+	},
+	RuleCreationFunc: func() ruleengine.RuleEvaluator {
+		return CreateRuleR1013CryptoMiningFilesAccess()
+	},
+}
+var _ ruleengine.RuleEvaluator = (*R1013CryptoMiningFilesAccess)(nil)
+
+type R1013CryptoMiningFilesAccess struct {
+	BaseRule
+}
+
+func CreateRuleR1013CryptoMiningFilesAccess() *R1013CryptoMiningFilesAccess {
+	return &R1013CryptoMiningFilesAccess{}
+}
+func (rule *R1013CryptoMiningFilesAccess) Name() string {
+	return R1013Name
+}
+
+func (rule *R1013CryptoMiningFilesAccess) ID() string {
+	return R1013ID
+}
+
+func (rule *R1013CryptoMiningFilesAccess) DeleteRule() {
+}
+
+func (rule *R1013CryptoMiningFilesAccess) generatePatchCommand(event *traceropentype.Event, ap *v1beta1.ApplicationProfile) string {
+	flagList := "["
+	for _, arg := range event.Flags {
+		flagList += "\"" + arg + "\","
+	}
+	// remove the last comma
+	if len(flagList) > 1 {
+		flagList = flagList[:len(flagList)-1]
+	}
+	baseTemplate := "kubectl patch applicationprofile %s --namespace %s --type merge -p '{\"spec\": {\"containers\": [{\"name\": \"%s\", \"opens\": [{\"path\": \"%s\", \"flags\": %s}]}]}}'"
+	return fmt.Sprintf(baseTemplate, ap.GetName(), ap.GetNamespace(),
+		event.GetContainer(), event.FullPath, flagList)
+}
+
+func (rule *R1013CryptoMiningFilesAccess) ProcessEvent(eventType utils.EventType, event interface{}, objCache objectcache.ObjectCache) ruleengine.RuleFailure {
+	if eventType != utils.OpenEventType {
+		return nil
+	}
+
+	openEvent, ok := event.(*traceropentype.Event)
+	if !ok {
+		return nil
+	}
+
+	shouldCheckEvent := false
+	for _, prefix := range CryptoMiningFilesAccessPathsPrefix {
+		if strings.HasPrefix(openEvent.FullPath, prefix) {
+			shouldCheckEvent = true
+			break
+		}
+	}
+
+	if !shouldCheckEvent {
+		return nil
+	}
+
+	ruleFailure := GenericRuleFailure{
+		BaseRuntimeAlert: apitypes.BaseRuntimeAlert{
+			AlertName:      rule.Name(),
+			InfectedPID:    openEvent.Pid,
+			FixSuggestions: fmt.Sprintf("If this is a legitimate action, please consider removing this workload from the binding of this rule."),
+			Severity:       R1013CryptoMiningFilesAccessRuleDescriptor.Priority,
+		},
+		RuntimeProcessDetails: apitypes.ProcessTree{
+			ProcessTree: apitypes.Process{
+				Comm: openEvent.Comm,
+				Gid:  &openEvent.Gid,
+				PID:  openEvent.Pid,
+				Uid:  &openEvent.Uid,
+			},
+			ContainerID: openEvent.Runtime.ContainerID,
+		},
+		TriggerEvent: openEvent.Event,
+		RuleAlert: apitypes.RuleAlert{
+			RuleDescription: fmt.Sprintf("Unexpected access to crypto mining-related file: %s with flags: %s in: %s", openEvent.FullPath, strings.Join(openEvent.Flags, ","), openEvent.GetContainer()),
+		},
+		RuntimeAlertK8sDetails: apitypes.RuntimeAlertK8sDetails{
+			PodName: openEvent.GetPod(),
+		},
+		RuleID: rule.ID(),
+	}
+
+	return &ruleFailure
+}
+
+func (rule *R1013CryptoMiningFilesAccess) Requirements() ruleengine.RuleSpec {
+	return &RuleRequirements{
+		EventTypes: R1013CryptoMiningFilesAccessRuleDescriptor.Requirements.RequiredEventTypes(),
+	}
+}