# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: harly, joker # Reference: https://medium.com/csis-techblog/analysis-of-joker-a-spy-premium-subscription-bot-on-googleplay-9ad24f044451 joker2.dolphinsclean.com beatleslover.com tb-eu-jet.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1184054662003134464 # Reference: https://www.virustotal.com/gui/ip-address/52.77.93.217/relations 23w5338-z.com beatleslover.com hyy-2d2.com kaaryah.com nichfyy.com prick-6ey.com sw7p5-629.com # Reference: https://twitter.com/ReBensk/status/1217065291320045568 andu-eu.oss-eu-central-1.aliyuncs.com # Reference: https://research.checkpoint.com/2020/android-app-fraud-haken-clicker-and-joker-premium-dialer/ # Reference: https://www.virustotal.com/gui/ip-address/3.123.204.12/relations http://3.123.204.12 # Reference: https://twitter.com/ReBensk/status/1232297093802233856 happyyear.top # Reference: https://twitter.com/ReBensk/status/1246451065970712576 wsbb.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1249765927677243393 gplay.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1274316961510498306 yehua-online.oss-cn-hangzhou.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1274334502224044032 facebookdata-1301476296.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1275443534070296576 wdfoz.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1275713835090001922 rockmanpc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1276806753959763968 http://34.206.171.237 woea.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1278016062378987520 etut.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1279451409189146624 39200628.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1278711799001632769 separatesuppliers.live # Reference: https://www.virustotal.com/gui/file/275dbae90dc9d84782297858b90579a106d4752e0b6e8a7553b86d1d4d8f7f62/detection http://47.241.2.108 # Reference: https://www.virustotal.com/gui/file/4a9504de927266b9101417e2dc2acf66e2c9e5b3565f64894a6467b0ebeac58f/detection http://161.117.229.58 # Reference: https://twitter.com/bl4ckh0l3z/status/1280090346840567809 # Reference: https://www.virustotal.com/gui/file/76faf61e374b271d7a818338a4857c2400ff0a2e5864ce1a70e6df04cf8da3a0/detection # Reference: https://www.virustotal.com/gui/file/901020b4b768fd4382f9d305cce7906b33dd0ce876e28151d760b0311b5e8769/detection http://161.117.44.212 http://161.117.46.64 http://161.117.48.94 33333333333-1301476296.cos.eu-moscow.myqcloud.com facebookdata-1301476296.cos.na-ashburn.myqcloud.com # Reference: https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/ gd-1301476296.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1281909972683677696 http://161.117.83.26 hardsay.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1283788323178373120 http://47.74.179.177 # Reference: https://twitter.com/ReBensk/status/1286642164152311810 # Reference: https://www.virustotal.com/gui/file/198d887f450053630fa40ae0221c794a1ce6733385e6559dae3b9777308803b2/detection allstars.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1287414754496196610 waitalone.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1287662297465454592 # Reference: https://www.virustotal.com/gui/file/4bc4beccd01a014354c27e2388e87e67ff1d37e5c7a220650d6931ac4fc28b89/detection hardwarestandards.shop mobiledevices.icu # Reference: https://twitter.com/ReBensk/status/1288333955570302976 aisunani.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/aazim_here/status/1288440507396493313 narta.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1288701923974156288 99042.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1288790256649674752 fbgufra07.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1288790529308864512 larkbucket.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1289412525197467648 bullse.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1289831992108789761 reff2355-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/bl4ckh0l3z/status/1290214936900063232 fdsr234-1301476296.cos.eu-frankfurt.myqcloud.com gfd3424-1301476296.cos.ap-mumbai.myqcloud.com hkkg34fd-1301476296.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/bl4ckh0l3z/status/1290603888991776771 dg1042.oss-eu-central-1.aliyuncs.com mg420.oss-us-west-1.aliyuncs.com ydnxy042.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1290612822582468613 http://161.117.226.98 # Reference: https://twitter.com/ReBensk/status/1290618344853221376 http://161.117.62.127 http://47.91.99.122 http://47.91.99.17 # Reference: https://twitter.com/bl4ckh0l3z/status/1290655447645663234 gseven.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1291985135936602112 purchasingmanagers.club # Reference: https://twitter.com/bl4ckh0l3z/status/1292425701925281793 http://54.251.231.73 # Reference: https://twitter.com/bl4ckh0l3z/status/1292908632217210884 forgotten.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1297528634127851533 ruik.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1297909430663684098 http://54.254.62.156 # Reference: https://twitter.com/ReBensk/status/1298846513070829568 jk8681oy.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1298891762744909824 were4o5.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1300691596556603392 blackdragon.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1300652965854883840 n47n.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1301027283734585344 blackdragon02.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1301494248550866944 2j1i9uqw.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1301963377435181057 http://18.141.129.153 # Reference: https://twitter.com/ReBensk/status/1303917434831876097 proxy48.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1309475351572045825 # Reference: https://www.zscaler.com/blogs/security-research/joker-playing-hide-and-seek-google-play # Reference: https://otx.alienvault.com/pulse/5f6e0a6e075485dddd57a37b 2j1i9uqw.oss-eu-central-1.aliyuncs.com blackdragon.oss-ap-southeast-5.aliyuncs.com blackdragon03.oss-ap-southeast-5.aliyuncs.com fgcxweasqw.oss-eu-central-1.aliyuncs.com jk8681oy.oss-eu-central-1.aliyuncs.com laodaoo.oss-ap-southeast-5.aliyuncs.com n47n.oss-ap-southeast-5.aliyuncs.com nineth03.oss-ap-southeast-5.aliyuncs.com proxy48.oss-eu-central-1.aliyuncs.com rinimae.oss-ap-southeast-5.aliyuncs.com sahar.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1310417869184946176 successfully.link # Reference: https://twitter.com/ReBensk/status/1318048542037082114 becomplete.online # Reference: https://twitter.com/ReBensk/status/1318400566628765696 http://161.117.178.233 # Reference: https://twitter.com/ReBensk/status/1318608437056466944 http://161.117.250.158 # Reference: https://twitter.com/ReBensk/status/1318757468995018752 http://161.117.230.57 # Reference: https://twitter.com/ReBensk/status/1320593911090421760 brickmortar.life # Reference: https://twitter.com/ReBensk/status/1322789280083808263 idnyss-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1327249045513879556 watermile.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1329328104720932865 nqgvyv.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1332623673484689408 firelife.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1336482195230380032 icelife.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1336651462395490305 satellites.life # Reference: https://twitter.com/Cuser07/status/1341937502685261826 perper.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1342708478737936384 likeafish.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1343389745372491777 indo-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1344988057074683904 # Reference: https://www.virustotal.com/gui/file/781ca10557344f191f53515b2c085a1a5d8331056fa3bf47d622c41c534a13b2/detection at7kyxx4.net last2020.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1345268756470145024 http://47.241.106.26 lasomiso.oss-ap-southeast-5.aliyuncs.com znyym.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1345607922038886400 rainday.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1346343034208747521 http://54.251.231.67 # Reference: https://twitter.com/sh1shk0va/status/1347258704115200002 feeli.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1349959814814724097 jordi.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1349772427685859329 longdistance.live # Reference: https://twitter.com/ReBensk/status/1352114382151405568 # Reference: https://www.virustotal.com/gui/file/b6058b96e2acb5a3b0bcf699c5f4c4dc740f6bf65b1ceeff07c71c978327a83e/detection pandaksp.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1352232075189907460 dinners.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1353601014847348736 comforty.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1356623475075547140 dingz.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1357608935914565633 rooftop.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1357630155917729794 sunset.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1358702595057983490 founde.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1358706711473790977 # Reference: https://www.virustotal.com/gui/file/aeb60925fd4a8525f76bfce9e39d577c394d0e541bffdbce9707c78818d82f76/detection fy-2021.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359045679377575937 skullali.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359073731079852032 aliyuncls.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359070082635231233 lovingu.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359077052050141185 plantgrowthtracker.oss-cn-zhangjiakou.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1361001345663176704 sungoddess.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1363373817553293315 andyla.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1364081572584906753 warriorss.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365176741103247367 uiytjjuytr.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365177983149826048 runwa.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365182302523777032 tool-pdf.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1366311466769420292 fronta.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1366343257014165507 breezea.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1368862009710755841 chenllx-buc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1368901182358364167 linchen-bucket.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1370277229700124673 biggerone.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1373874229037342721 hwayt.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376073798768713729 dagmar.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376072244493873152 giantchameleon.com # Reference: https://twitter.com/ReBensk/status/1376465936299909120 banca.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376827979423047681 scanlucky.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1378587175575453703 selct.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1378996591567151107 lwildlifetrust.com # Reference: https://twitter.com/ReBensk/status/1379809108312788993 wansgo.oss-ap-southeast-5.aliyuncs.com # Reference: https://github.com/DoctorWebLtd/malware-iocs/blob/master/Android.Joker/README.adoc ad.mobnv.com api.lemonmanga.com gp.fortunnecat.com router.cutebubblegame.com welcome.baltergames.com allinonemessenger.oss-cn-shenzhen.aliyuncs.com beautypluscamera.oss-ap-northeast-1.aliyuncs.com cameramx-photovideocamera.oss-cn-wulanchabu.aliyuncs.com colorrollingicon.oss-cn-huhehaote.aliyuncs.com deepkeyboardpro.oss-cn-hongkong.aliyuncs.com funcolortoucheffects.oss-ap-southeast-2.aliyuncs.com funneymemeemoji.oss-ap-southeast-5.aliyuncs.com happycolor.oss-ap-northeast-1.aliyuncs.com happytapping.oss-cn-qingdao.aliyuncs.com new2021keyboard.oss-ap-south-1.aliyuncs.com novasdk.oss-cn-beijing.aliyuncs.com superkeyboard.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1381533326570229762 # Reference: https://www.virustotal.com/gui/file/3dfd9c6825c816fe0c995942c3c2885c5113084f199de5c1c107cf58c9f2d01b/detection dsfdbhfg-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1381531919356100609 # Reference: https://www.virustotal.com/gui/file/7f5a3921bcaf383ae8812814b1e29dad4f1baddfa0b723cc6e3bdd6c6e6a358a/detection 0402-ppd-dsb.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1382594399712911360 # Reference: https://www.virustotal.com/gui/file/c55a1f0344582b1a4f06199bf2abc2e6cb11c22b18e1c86bbef433ab4b782ef4/detection languages-mmp.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/m0br3v/status/1224286533487820800 coronavirus.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1384373907940016131 dgsxc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1385224629396987908 cvnz.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1385282363484033027 vfew.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1340647716930560000 ewr1.vultrobjects.com # Reference: https://twitter.com/ReBensk/status/1386225948001914883 cjck-image.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1386384566978371585 vbnm.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1386897035484274689 mul4.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1389887507702050817 yutey.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1389883215477809153 ww44kk-1305586011.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1392735146235760640 512-1305586011.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1394902634641780736 517-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1393133564523257858 dododododo.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1393455501514477571 321145512a513-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1393598051697131521 piapia.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395351832654794759 vvtts.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983592652623875 haiyawa.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983811637252096 suanleba.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983726660644872 gapp.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1396334176639459330 misia.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/dvjmane19/status/1396568030398746627 buckts.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1396718261807435781 sycg.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/dvjmane19/status/1398668479167823874 kullali.oss-us-east-1.aliyuncs.com wter.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399041124682006529 new-sk.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399210588429946888 517-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1399207089256296454 skullali.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399969639413686273 syracuse-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1400131768833822720 tos-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/Someguy19891/status/1400758703603683328 61toolll.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1401057812604588037 automan-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1401432186096537601 z7f5b2g-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1401521422770458626 20210419-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/Someguy19891/status/1403280211093835784 tttlll-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/dvjmane19/status/1404322779554476037 aiyama.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1405421937753432065 # Reference: https://www.virustotal.com/gui/domain/spotifly.world/detection spotifly.world # Reference: https://twitter.com/ReBensk/status/1405754983547502603 tatamm.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406241798431797249 tpfl.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406651189312180225 voicesp.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406653301978853380 tatamm.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1407936663662125056 614tls-1305586011.cos.eu-frankfurt.myqcloud.com dejunior.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1409417735889735680 tnd.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1409427649118621699 02aa-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1410479298381639682 intherain.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1411901306248253448 onemoretime.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1411916504476504066 0701baibao-1305586011.cos.ap-nanjing.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1412726140645494785 willyou.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1413071498948923399 kadmg.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1412716959754600456 http://143.198.150.254 /ob1x/8j84e/xnxo # Reference: https://twitter.com/ReBensk/status/1414446496406065156 corejj.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/magnumsnip/status/1414589863106519040 hd-background.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1415182687787094023 dkqonfacebook-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1414900521802948613 caonimasbsa-1305586011.cos.ap-singapore.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1416400454389428228 denni.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1416438873761091588 onemoretime.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1417079288197570560 mffsgfb-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1418535089277870080 # Reference: https://www.virustotal.com/gui/file/52af3165b2a222d0336a26ff7a9302b2df973d995177eeff3094bfd36e0e9d1c/detection samg.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1418533495471702019 # Reference: https://www.virustotal.com/gui/file/d31c3b1a0887e5923b65e5157318e1a8ea366881eabd02233f1037ebdcb5e7eb/detection 716ocean-1305586011.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1418099141591269379 # Reference: https://www.virustotal.com/gui/file/96a8edb1080f49cd384f2bc7f2a5ab65de08893fe7abd45bbfd3fe8f8945159c/detection usefully.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1419521390445617156 # Reference: https://www.virustotal.com/gui/file/73d09c62df86d24e19f94b6a4d00dd4f4ae6d1af978888d6955936cacbbbdfae/detection jiefx.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1419683128277405699 pointer.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1421875674839621636 # Reference: https://www.virustotal.com/gui/file/652412b8441a5c7b46a6106e8c40f7fac3fa1cc9009316ae270f9c8fbadee98f/detection ds-3006.oss-acc-allline.aliyuncs.com.gds.alibabadns.com wg9.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1422040841124683779 # Reference: https://www.virustotal.com/gui/file/5cc2dbd3fa346bca124faeee24e1072b02df993fd70a1d2973ab4da973e13759/detection weathercycl.club # Reference: https://twitter.com/ReBensk/status/1423249047360393218 # Reference: https://www.virustotal.com/gui/file/f050606805f23465d30b9b2c61c9c912b1c5006e7683d1a039af08a02a5865ef/detection covidis.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1423266441277497355 84ppsd-1305586011.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1423560450101243905 # Reference: https://www.virustotal.com/gui/file/9cb527cab9f836d6716507be12076f34e7a3260400a641c12554fd2ce5052c5a/detection bjylhf.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1424391509508431878 http://161.117.226.99 # Reference: https://twitter.com/ReBensk/status/1429116330284781574 # Reference: https://www.virustotal.com/gui/file/bb3e0a955f7eb43b04e03449b4aeb87a15935891b48ea015f738a4153cf92486/detection heartrateandmealtracker.com # Reference: https://labs.k7computing.com/index.php/joker-unleashes-itself-again-on-google-play-store/ # Reference: https://www.virustotal.com/gui/file/214135bb602b3d833d51a3a4ddcbd3aea3124caf67ad2aa0467d8b3073a24b1e/detection 1mg1816-1305586011.cos.na-ashburn.myqcloud.com fenglintechnology-app01.oss-me-east-1.aliyuncs.com grouplearn.shop implemente.life paramera.shop puerassist.club seemslologo.club vip.paramera.shop # Reference: https://twitter.com/ni_fi_70/status/1450001755065012224 diyaa.oss-ap-southeast-2.aliyuncs.com wo0.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1451079105470820358 jiaomei.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1458795768022720520 banmama.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1458803683517468678 fibvdk77pp.s3.us-east-1.amazonaws.com opyv7s6tju.s3.eu-north-1.amazonaws.com # Reference: https://twitter.com/cy60rg17/status/1459941307279831046 howmuch.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1460225316941672448 aa1026.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1460274914397720584 uyetpvn545.s3.eu-west-1.amazonaws.com # Reference: https://twitter.com/cy60rg17/status/1461376398078013440 ykzzldx.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1466078385818505226 8egbu57cwe.s3.eu-north-1.amazonaws.com # Reference: https://twitter.com/sh1shk0va/status/1468891475887157250 # Reference: https://twitter.com/midnight_comms/status/1468969195220062214 # Reference: https://www.virustotal.com/gui/file/988293d69199e6905e29256b489c9f73c0939e520f19fb23a7bd6d222f708359/detection # Reference: https://www.virustotal.com/gui/file/ef03a39a0a845b54f2a4be42d533ee92d5b309c9f81bb985ed3cce1e3733ece3/detection http://193.123.103.55 fortunnecat.com aff.fortunnecat.com v7s3q3zisk.s3.eu-west-3.amazonaws.com # Reference: https://twitter.com/midnight_comms/status/1468971453630410763 knowu.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/midnight_comms/status/1468971551324131349 # Reference: https://www.virustotal.com/gui/file/8ee3c8007da49ace4c6070081766e8a5f91ed5c9c966dc5f65287b7c312f797f/detection http://8.214.6.79 applicanic.com keyboardstyle-181d4.firebaseio.com keyboardstyleapps.blogspot.com azh913.oss-us-east-1.aliyuncs.com ds-2008.oss-acc-allline.aliyuncs.com ds-2048.oss-acc-allline.aliyuncs.com ds-2008.oss-acc-allline.aliyuncs.com.gds.alibabadns.com ds-2048.oss-acc-allline.aliyuncs.com.gds.alibabadns.com yon.oss-ap-southeast-1.aliyuncs.com /svhyqj/mjcxzy /svhyqj /mjcxzy # Reference: https://twitter.com/midnight_comms/status/1468972508426620937 multi-languagekeyboard.blogspot.com # Reference: https://twitter.com/sh1shk0va/status/1470367449669423110 # Reference: https://twitter.com/midnight_comms/status/1470379168575541250 jao9.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1470359946705395720 # Reference: https://twitter.com/midnight_comms/status/1470377864985923586 xzh5gswh3z.s3.us-east-1.amazonaws.com # Reference: https://twitter.com/sh1shk0va/status/1471127777785098242 # Reference: https://twitter.com/midnight_comms/status/1471157786750832641 # Reference: https://twitter.com/midnight_comms/status/1471158825377939461 # Reference: https://twitter.com/midnight_comms/status/1471160285230624769 # Reference: https://twitter.com/midnight_comms/status/1471161366568259586 http://8.214.56.11 40wia6je1e.s3.eu-north-1.amazonaws.com mjhla.oss-ap-southeast-3.aliyuncs.com mqjuikvjn-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1471459460602159107 nv2.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1472124389282181121 # Reference: https://twitter.com/midnight_comms/status/1472232347139559429 mygoodidea.xyz mygoodidea.oss-me-east-1.aliyuncs.com puerassist.club # Reference: https://twitter.com/ReBensk/status/1475362049257402370 maybee.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1475456020004671489 # Reference: https://twitter.com/midnight_comms/status/1475481954506137601 qyhtofiqg9.s3.eu-west-3.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1434533331408809985 ladders.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1482421958461759488 # Reference: https://www.virustotal.com/gui/file/a9045ba7536e77151fed86ef78efd2fc66cc4298e9b3017df091273c5152b1d8/detection lettera.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1482423059374313472 # Reference: https://www.virustotal.com/gui/file/16bbf489bae2c9146d63b715a5f9ff0b24ea3b9bfe8cc93169bd59eadd3a4154/detection blissful.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1487829215001350144 # Reference: https://www.virustotal.com/gui/file/26d4754677efd689f4c5c381af8376aeb21116e70cc9c080113d720a9fcb01d2/detection # Reference: https://www.virustotal.com/gui/file/b628774940789d9fc0146acc6e2cec44a27e368917576e9924e468ef5b10c402/detection http://13.212.73.209 # Reference: https://twitter.com/ReBensk/status/1488087946767249411 a63vfd6e57.s3.ap-northeast-1.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1489869350861344771 # Reference: https://www.virustotal.com/gui/file/d863c91841dd320f1cae467773dbe8c6e9406f7220e0a8e3ceb13ea32180bb35 na7qvkzun9.s3.us-west-2.amazonaws.com fortunnecat.com aff.fortunnecat.com # Reference: https://www.virustotal.com/gui/file/f9f4d7a3197aaeb38d9cdffb000dceb2d5276bc24b166c282c9f9b39eb747f4b/detection bus1etkj8x.s3.eu-west-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/eb749ee48f6017cfe2a68b15e4a48946f9a1d186af3621b29674f6475c654884/detection uulfdjv7xv.s3.sa-east-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/e9dc5a33255ffc917bf6419fe5e45308c4c8470f0946f7b076508f7a3cd4c083/detection 25y4v8ei8i.s3.us-west-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/d863c91841dd320f1cae467773dbe8c6e9406f7220e0a8e3ceb13ea32180bb35/detection na7qvkzun9.s3.us-west-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/c4e19db3b08fcc0786f0358df52d57280851da111038572683a5b7406ff1a68c/detection pdko2zc02t.s3.ap-south-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/b880fd0a0041b929031869fc5a41f5cbead9eec373dd10071a0dd81ae748d833/detection bur95kuixl.s3.ca-central-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/a0bee30d45534437e9b7774dea5d2c183562037a0b4d681a89171bce25edbfbd/detection 83rez940qo.s3.eu-west-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/9a818238ccfad64a393f8cbb29141075147ab855a583d047218f23dd8aa14275/detection gp.fortunnecat.com # Reference: https://www.virustotal.com/gui/file/82af315ea310726110cf7bfd7a033b3f80e756115468135c8c3d1454d9f66ff6/detection http://52.91.167.192 2i2i4w68dz.s3.ca-central-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/6111f5e552d82af9b58fa1c5387fad0669afa3b2f4ea54cf0ae0303db0597515/detection 1mcousuhu6.s3.ap-northeast-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/362c01bb6cc35788f3304443431a3fc86ebb6c51a6223e9c489b92204017a90b/detection j6oup8bkwi.s3.us-east-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/231a525beb57d7d46f938f938c0b2d81d32fd663b575162972818e863b25beec/detection 5el3tv6osl.s3.us-east-1.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1490222916054622209 # Reference: https://twitter.com/LukasStefanko/status/1490355878901522443 # Reference: https://www.virustotal.com/gui/file/f2647509afb2eb23d7e369e02b47293b167c8e1fbacf2a35ed90b5f15e56023f/detection # Reference: https://www.virustotal.com/gui/file/f60d42d016b83c53d9421d635917867ba46dc50ed8f0e12766642f2c226712d7/detection utansy.com ace0104.oss-me-east-1.aliyuncs.com xn3o.oss-accelerate.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/53676ae8637f18f92daf80a7c7732a6e6cd20427f1e3581a50262e858f65f9cd/detection ferryc.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/f068a2b7590cbdbfd4eeb4921e555eb192b90f343e7165f6f7843fbade4638fe/detection wuyuz.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/db1285dc4ada3c9918851bebc15745a8789458d18be9a51e09fbfee983c358a9/detection d25tv1xepz39hi.cloudfront.net # Reference: https://www.virustotal.com/gui/file/9ab65ffc7f877e6e06f8512147c766f503a72e754a5ad9fe37cf5595c2a497c7/detection yew.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/636d093efbb6162110b7aac9ed00dd242756495378e30c913e2d9e35752b11a9/detection flumes.oss-us-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/0894c5a2244870cb33257ab13d3edb840db4e40a3a715fc815956650c86fa3af/detection year22.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/4ee832c3d6ccdd3d304d33ae53e76aded8cb2b71aaed50239bb087c8ab710742/detection compan.oss-cn-hongkong.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1493449786732646402 jiaao.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1493518607577456640 # Reference: https://www.virustotal.com/gui/file/0e15b02e99c0153f5c416dfad024386c9d34401cf6e09c96980eaeacfebb6eb0/detection central-1-ds-2077.oss-acc.aliyuncs.com praises.oss-ap-southeast-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/43593c8b035f854ac70615f3ce9a0cfa532ebb52cb6cbb5fd257180aea552c59/detection tomorrowday.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1493902980705185792 jab.oss-ap-southeast-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/95705697a546eb30e2b75e2bace549766d4d9a2744dc67cc54c3a8cf458012f1/detection avfmproject.xyz mloss.xyz s-0215-1.mloss.xyz sa-0216-2.mloss.xyz x-0215-1.mloss.xyz # Reference: https://twitter.com/ReBensk/status/1495426524068995073 # Reference: https://www.virustotal.com/gui/file/9734af7e513364aa63c6bd471f534afdc7bfa87cad5ffc6398d5895ca471fef6/detection blurs.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1496055251446734853 # Reference: https://www.virustotal.com/gui/file/a1a2c3cbc90172493471ddc234a8909ddb6e6a7639c5c74005269bdaf13d442b/detection kaqiusha.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/fc3a246cff0375b6bc1a4adfbbe3a45afb6a40557428bbc896f93c0808443ef3/detection loc-translation.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/f694dd55f69791f3305f434b310cd22c54caad7a53546ab7c331d870599fcbe1/detection res-values.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/e9b61c9b1441badb2a1e897417b99941ed1b945877b6c638ecc18a9f63056a8c/detection tumar.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/dae702107db0129a213ff2a5863bcc4cd5694dec305e0720750ecb53b5d6c192/detection pcman.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/ca6ef976bdc1d22a1cec86cbe93f7b38466bcd1a8270cee267e29cf79942ad16/detection opiu.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/acc5db0a58da1e647a2c3e1fda43b39b7de46e3e16727af957be7b03a4d7647a/detection g-imgs.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/8587a06ff15dc8094c43243d4cc917820d88417b1fd4e4564590d21ef06ef46e/detection myfonts.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/82ca0078402d4ad6e40ee2cbd69d2a8979bfeea9112a1385d446cf835f976259/detection hd-resource.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/7fb9e64819e9e5156b65021ff12b36c54230994e8f94f50ed80f1bcff66888e7/detection aa-1019.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/7f154459582e711d236a80018c7b6014312562559f8937984b6fb63d4d7e8499/detection ikux.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/749a458929fa22008648662b30818c467596335f0e69394c3121692d70e7c7a6/detection # Reference: https://www.virustotal.com/gui/file/6d0d488045ce947bd339476aa86f5877036d9c5b205dcd5421609d227ed0f34c/detection uja.happyyear.top uja.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/6f5be4dcfe3cd25683bc9547446238816c7fbf3342cdbce6aedc4036aa53d671/detection pluczld.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/5b84723d474be2747fe91ffb094ad3ed715269407514be831f43a6ca53d13fba/detection picla.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/504e0b9be33f2c5b8a8ba2b8b381bd60ba9f71a99d1155ab1c49af45771f116d/detection http://157.230.192.87 http://167.99.164.28 http://47.241.3.87 capn.oss-eu-central-1.aliyuncs.com /api/ckwkc2?icc= # Reference: https://www.virustotal.com/gui/file/390b29e2722eb8eebcd0b031ae904bc288900b5a5a8c1b1036130a0e964ed5d0/detection ironma.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/19d6e015a7797fa2610452494ce8aec802b9ff25d515863969494b7a4521f4b4/detection 1-1-0.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/136a9b01597f95bba82993f625cb541a34e26cc9ffbd1544aa3fa51dafa64838/detection aaca.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/0a8ed4a574298e3266cdb1ae1cbbf252994626284af89bf304a453f56db9704e/detection pluzz.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1496777134047567872 flew.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1496897708254109727 rator.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1497585987773296640 sharedby.blomp.com # Reference: https://twitter.com/ReBensk/status/1498890294804172803 # Reference: https://www.virustotal.com/gui/file/fa58783395698ba8717514ecf9661ff278d9be1cc13ac95b1c87bee2661a754e/detection 183.36.108.26:8081 canbye.oss-accelerate.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/837e5a044ffb2721ab07430380c4089e3a6995c9f0663c5192ae76d3a92e4ac0/detection rememb.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1500001802095190017 # Reference: https://www.virustotal.com/gui/file/eb1acafcd068747295beee5df8460f063f23a5c10ef795414408029ed2642941/detection hypno.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/5613c51caf6bece9356f238f2906c54eaff08f9ce57979b48e8a113096064a46/detection xni.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/8cd27abdeaf021e73b1c3428c4b378286875061a7429de3e9c7560882e0bf290/detection docread.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/c26f5a65d820f636c514a4b6eefc2daed98fe4e26c65f88762e099490b6aacec/detection 119.147.6.84:8081 # Reference: https://tria.ge/220316-reeh8scgdj/behavioral1 joyjo.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1505063971660857346 # Reference: https://twitter.com/ReBensk/status/1505396821316673539 # Reference: https://twitter.com/magnumsnip/status/1505814807198732293 # Reference: https://twitter.com/magnumsnip/status/1505810655538184192 # Reference: https://www.virustotal.com/gui/file/1ad01131d1c18e2d5afc81d9392e200ee19f02e4367048b10f440704962f2f0e/detection # Reference: https://www.virustotal.com/gui/file/b3d4bbba8aa5451f23f636367db4d16e00c5cc5416770fd5bde80a7fc61fe96e/detection dancing.oss-me-east-1.aliyuncs.com xjuys.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1507223904808763393 # Reference: https://www.virustotal.com/gui/file/8aa2abea2a4b0d23c8b69123860c1b35da3410bef737b50f54f59b3b9f745a07/detection machin.oss-ap-southeast-6.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1509500212540321795 # Reference: https://www.virustotal.com/gui/file/150d62510b362ce110df0324e19b6d832fc6f8129fb2b5390d3cee8d94a3d12c/detection reality.oss-ap-northeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1513927583141822465 # Reference: https://www.virustotal.com/gui/file/78b2822a2357e78f199050495de490c140c260b830332437530cae780531461c/detection newapril.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1515958514123911174 # Reference: https://twitter.com/ni_fi_70/status/1516334982549192710 whisperu.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1514994019860086784 # Reference: https://twitter.com/ni_fi_70/status/1516337687724179456 0xiaoxiao-1301476296.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1516699643404378119 # Reference: https://twitter.com/ni_fi_70/status/1516704581350305798 depths.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1519192928899551233 # Reference: https://www.virustotal.com/gui/file/ca9c1483ef75da118a2fed1243d01cb6febd9d0d9e710465bbd57db7724ff439/detection lantansuancai.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1519190384672493568 # Reference: https://www.virustotal.com/gui/file/9e225ff9f87938e872e71074eda9986ce3a776f8d62774a8874e26e86fa21698/detection rk2rop9ourkay-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ni_fi_70/status/1519667023105646592 nexto.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/dde98b8434d2dd5d19250c125372f0151b9b477bac49423bba494b803c82b614/detection neighbors.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1523942878686310400 # Reference: https://twitter.com/ni_fi_70/status/1523953881381810176 yhnvdsfexznbjha-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ni_fi_70/status/1524630481916116992 appevent.xyz re.appevent.xyz # Reference: https://twitter.com/ni_fi_70/status/1526100159754543106 gbnjbrjbfdsds-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://www.virustotal.com/gui/file/f310d6679f17eda84e5c59e6feecd5d7204d560890372cfe1eec69877896b8cc/detection ipots.oss-us-east-1.aliyuncs.com # Reference: https://tria.ge/220526-g4w5gacggl/behavioral1 laughter.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1531171340564283392 luminous.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/d4a28d852d60ac0f180a5dfcc95a544a4fa400403eb318162f69d87bd3749100/detection logapi.xyz api.logapi.xyz # Reference: https://twitter.com/ReBensk/status/1533061589942693889 # Reference: https://twitter.com/midnight_comms/status/1533064197491216384 beside.oss-eu-west-1.aliyuncs.com operatebrill-1301476296.cos.ap-mumbai.myqcloud.com sfatyzbjqkjs-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/midnight_comms/status/1533632041375305730 # Reference: https://twitter.com/midnight_comms/status/1533632548936396800 maytheday.oss-ap-southeast-2.aliyuncs.com /may19adab.nchl # Reference: https://twitter.com/sh1shk0va/status/1535267889313370112 # Reference: https://twitter.com/midnight_comms/status/1535273575342559234 givehotdog.com trustcats.com whatmypl.com dx-ads.se.us-east-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/422d3be1c543777281c9a97154afdf523230259855daf7837387e0a7db69c600/detection overhead.oss-ap-southeast-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/f24e395fe73779882f9f0a07e7ca86613bfa91493aa1e9eb6a6edd41c710bd5b/detection univer.oss-ap-northeast-2.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1537576927833346049 juneeoumaos.oss-ap-northeast-2.aliyuncs.com nojio.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/c5aac53c3206f75d0fe85e569e42a9387d7f0ff61b731f57d6b8b62a4a28ed15/detection xjuys.com /xjuys/v1 /xjuys/v2 # Reference: https://twitter.com/midnight_comms/status/1537803912844959745 # Reference: https://www.virustotal.com/gui/file/11b82c0a3a2543600c636e31290d3c724c431b4c448dd8fda2d874aea517e7d2/detection play-google-com-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/sh1shk0va/status/1537862037501509632 nnmmaacc-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1538513506999250945 # Reference: https://twitter.com/midnight_comms/status/1538552893556465664 # Reference: https://www.virustotal.com/gui/file/afeb6efad25ed7bf1bc183c19ab5b59ccf799d46e620a5d1257d32669bedff6f/detection look4.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1539863046591352832 # Reference: https://twitter.com/midnight_comms/status/1539946083412873217 # Reference: https://tria.ge/220623-hfrqhscafm base-1304593971.cos.eu-frankfurt.myqcloud.com use-1304593971.cos.na-ashburn.myqcloud.com zxporter.com /canbye/v1 /canbye/v2 # Reference: https://twitter.com/ReBensk/status/1542116060052148224 # Reference: https://twitter.com/midnight_comms/status/1542139092586094595 # Reference: https://bazaar.abuse.ch/sample/4970e21df47bfdfc6e72d35f5e5e6de03770718a1240c180a75a8a0ba14e2197/ 5qx32p3cm9.execute-api.us-west-2.amazonaws.com oilopix0v9.execute-api.us-west-2.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1542383654168453280 # Reference: https://twitter.com/ni_fi_70/status/1542389718968573952 # Reference: https://www.virustotal.com/gui/file/abfd34a999b72353d4a1042efa46a22d86daea25fc20100a2ef7e2155622602f/detection amazingufish.com birdinhous.com healthcheckerout.com cdn.healthcheckerout.com dx-ads.s3.us-east-2.amazonaws.com dx-ads.s3-website.us-east-2.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1545458409364803584 # Reference: https://twitter.com/midnight_comms/status/1545526821940183040 http://139.177.180.78 julyhcdszstsxqll.oss-ap-southeast-3.aliyuncs.com /july01bldxx.yxzrh # Reference: https://www.virustotal.com/gui/file/0f102acca99f15412465290dc395b6e61f13c46cf40f04b1b966ec4923e44e68/detection atmost.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1556554890259795969 # Reference: https://twitter.com/midnight_comms/status/1556622380742606848 # Reference: https://www.virustotal.com/gui/file/6feb6b9cd679f4aa6a1e1549b6cd302f653038beaa903ddf8b20e3e44221f4e6/detection randkey-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1556886499995422720 # Reference: https://twitter.com/ni_fi_70/status/1556905334735790080 # Reference: https://www.virustotal.com/gui/file/ee9ba77cfd3b0ba464dec5a80b42c21e25aef1bdf05791c833e8eca823af760a/detection/ cxjus.oss-accelerate.aliyuncs.com mmds.oss-us-west-1.aliyuncs.com weither.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1557627957442650117 # Reference: https://www.virustotal.com/gui/file/e5a584d21ca765521d049416e3bf226e6b4fe927eb3bbb22882b6387e19a470a/detection traverse.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1564148841816985601 # Reference: https://www.virustotal.com/gui/file/41b7dddcf43a9ab357b776c2eef9d8d3b7f44b0781d213d1e1d9ecf73ccd695e/detection # Reference: https://www.virustotal.com/gui/file/0e537c2b99cc6171b2cb0f315c75d38be8c5e1faebf999a5090bf6d1fb856401/detection # Reference: https://www.virustotal.com/gui/file/eff632c600c511ae99a78eb18e48328cfe661e9593b173cc7e74a2d6a53f064d/detection cxjus.com corners.oss-ap-southeast-1.aliyuncs.com designate.oss-eu-west-1.aliyuncs.com interested.oss-us-east-1.aliyuncs.com mffsgfb-1301476296.cos.ap-mumbai.myqcloud.com pn22i2eqrj.execute-api.us-east-2.amazonaws.com # Reference: https://twitter.com/ni_fi_70/status/1569943828835999745 # Reference: https://twitter.com/sh1shk0va/status/1570021844203507712 # Reference: https://twitter.com/sh1shk0va/status/1570708744073531392 # Reference: https://www.virustotal.com/gui/file/f7eff6d7006cc4cc19d7fe574e50fc371e98ce8bdca09f74401ea27718f39142/detection # Reference: https://www.virustotal.com/gui/file/686a6f55f1f25610253710bb154cfa1f08e84319fb8cbe12c46e5d3f93358ece/detection armblood.site twback.store ct.twback.store home.armblood.site # Reference: https://twitter.com/ni_fi_70/status/1569982924920848390 # Reference: https://www.virustotal.com/gui/file/98fc1874772bc1a4eac483b4f50b7d36900c29ca3d5711cb6a3b8462854d8f05/detection metlight.xyz cat.metlight.xyz /fp5/ds2qe # Reference: https://twitter.com/sh1shk0va/status/1575155357529346048 # Reference: https://www.virustotal.com/gui/file/56ca20b7b5a94ac723306a76714ed88fbe97fff93cc9d9e015fb41d6516c7178/detection # Reference: https://www.virustotal.com/gui/file/d93def97d593c453ec9065294b985b6ccb0e49535daa82dec415503094f277e6/detection topsavor.site sep.topsavor.site # Reference: https://twitter.com/sh1shk0va/status/1575741560959995904 # Reference: https://www.virustotal.com/gui/file/279cdccd8d1b1729628cd021d332f2a1b26abce1fb40a8a5a46b9528274411e2/detection biscuitsweb.online g.biscuitsweb.online # Reference: https://twitter.com/ReBensk/status/1577518663535427587 # Reference: https://www.virustotal.com/gui/ip-address/101.32.92.198/relations # Reference: https://www.virustotal.com/gui/file/a100248f8b0342b63639dfcb0b7761056c082968320b412d95b73a2502afa9af/detection breadhis.online cardsimple.online cheapcoffee.online fanauctions.online fanlog.online fmzcompute.online nameyourfans.online # Reference: https://www.virustotal.com/gui/file/306771642e931d8d1ea06a4caaf95514cb6e1b0dfc4a167376a744c43b4a84e9/detection blockmerge.art cdn.blockmerge.art # Reference: https://twitter.com/ni_fi_70/status/1580529676010725377 # Reference: https://www.virustotal.com/gui/file/c7a24fdf454add796a868691b99f1a4916f15a0bd0bc4bad54062dbbd3eebae9/detection oneslife.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1580821762228424705 homecontrol.lol static.homecontrol.lol # Reference: https://www.virustotal.com/gui/file/ec1688500c94d59afa764dcfd1690a4b2e4f4a4520bb04e5e147f8ce05158d7b/detection keyseotyn.online admin.keyseotyn.online # Reference: https://twitter.com/ni_fi_70/status/1584523910099664897 exuberant.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1584521690591399938 # Reference: https://www.virustotal.com/gui/file/1f265d8cfe52b9b746c1c7185481a95f9415f82904e7f1e510f8bb2a379d2eff/detection caoii.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1585903448872157186 # Reference: https://www.virustotal.com/gui/file/48f2d1896101de4fe55cccdd9bbb16e2cb5e58072e1a7f64202f3b8b40c9c68e/detection # Reference: https://www.virustotal.com/gui/file/7276c4dce081017423e0f1a1ff8843616f45544c8037cd634de32ace0614c2a2/detection septcieern.online app.septcieern.online # Reference: https://twitter.com/ReBensk/status/1585964132347437057 beginning.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1587815427358457859 # Reference: https://www.virustotal.com/gui/file/fdb825a739303c4d47cbd691a9481beebb41f9ca549620a000b90f33e959c32d/detection subdao.shop # Reference: https://twitter.com/sh1shk0va/status/1588471415766159360 # Reference: https://www.virustotal.com/gui/file/3e7408fdf7766f701757548c5c3b09a7b87af31a726b297577d117a1756ba1b7/detection chaneonmge.store doc.chaneonmge.store # Reference: https://twitter.com/ReBensk/status/1589292006177918976 qgpo.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1589290329949491203 muyaj.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1589534305742884864 nov2.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1589920085086347268 cashmarket.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1590643621367545859 somany.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1590636564136148992 # Reference: https://www.virustotal.com/gui/file/ff6e4ef67013f91605f1caee71120d1467a9a5069ae2b6c5fb2e825bb8ae59c5/detection ele-new.live a.ele-new.live # Reference: https://twitter.com/sh1shk0va/status/1593276944535142400 # Reference: https://www.virustotal.com/gui/file/2573f9f10be18e56e9185f6b4060cb478e95f1adfc11ad4f35fbf3d486fc62cc/detection aidclean.com app.aidclean.com # Reference: https://www.virustotal.com/gui/file/dcc0fe34445144a376dc04227221e69bf2ca75162231d7ac6c0a4aad4fc56b2b/detection prosperity.oss-ap-northeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1596020744160710658 # Reference: https://www.virustotal.com/gui/file/7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2/detection richus.top cxjus.oss-ap-southeast-1.aliyuncs.com limited.oss-ap-southeast-5.aliyuncs.com /cxjus/c1 /cxjus # Reference: https://www.virustotal.com/gui/file/d02ec5a615b75cd21011aad1eda208df42ad654c5c3e4b5f3a9fdf3de9efd1cc/detection complicated.oss-ap-southeast-7.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/edc96507180679f13a470d605929c73f0dcd9690c374f258806f53753406772b/detection tba_sync.gte666.com # Reference: https://www.virustotal.com/gui/file/b3e4b3aa06db36a8f6b09fced82ee2091873d1b79a44bbc724a194c7b86992ef/detection maxuu.oss-eu-central-1.aliyuncs.com weco.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/ip-address/43.154.2.131/relations # Reference: https://www.virustotal.com/gui/file/7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2/detection # Reference: https://www.virustotal.com/gui/file/7385e0e3d811b317ed67eefb54274b232c1f167de14c593688453b7431034a02/detection cannca.shop fbcode.co fburl.fun hkhi.nowurl homec.live hurb.fun nowurl.fun pplink.club urlfb.co urlvf.fun welco.live 25gh.homec.live 76678hg.fburl.fun a.nowurl.fun aaduik.nowurl.fun aaeop.cannca.shop aee.urlfb.co affinity.cannca.shop aiqing.welco.live all.cannca.shop allc.fburl.fun allt.cannca.shop almighty.fburl.fun apfpo.nowurl.fun auto.homec.live b.nowurl.fun bailu.fbcode.co barcode.welco.live bbasae.pplink.club bbbl.fbcode.co bbc.urlfb.co bbhno.urlfb.co bbp.fbcode.co bbs.nowurl.fun bbuble.nowurl.fun bcus.pplink.club bcvg.pplink.club bdh.pplink.club beattu.welco.live beau.welco.live beauti.welco.live beautiful.fbcode.co beauty.cannca.shop beidanci.cannca.shop beishang.nowurl.fun beizi.fburl.fun bell.nowurl.fun bfhj.urlfb.co bg.fbcode.co bgl.cannca.shop bgvrf.pplink.club bhgurjk.cannca.shop bhhfh.fbcode.co bhjvbjhu.welco.live bhnjkl.nowurl.fun bird.fbcode.co bit.welco.live biyan.urlfb.co bjgkop.urlfb.co blend.fbcode.co blg.pplink.club blog.fburl.fun blog.nowurl.fun blood.fbcode.co blt.welco.live bnd.pplink.club bngjkii.welco.live bngkl.cannca.shop bns.fbcode.co board.welco.live bopjou.homec.live bpgg.fburl.fun bpt.fbcode.co brefg.pplink.club bright.welco.live bsd.fbcode.co bsr.nowurl.fun btgdyg.fbcode.co bub.urlfb.co bubble.fbcode.co bugiuij.nowurl.fun bvdh.pplink.club bvhff.fburl.fun bvhh.welco.live bytoij.nowurl.fun caccc.fbcode.co calculator.cannca.shop cammerayu.welco.live carade.nowurl.fun cc.urlfb.co cccnjk.urlfb.co cccolsp.cannca.shop cchopl.nowurl.fun ccm.fburl.fun ccmm.fbcode.co cem.urlfb.co cfk.nowurl.fun chat.cannca.shop chat.urlfb.co chat.welco.live chatme.cannca.shop chatting.cannca.shop chatting.fbcode.co chiyao.pplink.club chjdk.pplink.club ck.fburl.fun ckyb.fbcode.co clean.cannca.shop clean.fbcode.co clool.welco.live cm.fbcode.co cm.fburl.fun codere.cannca.shop collage.cannca.shop color.homec.live color.urlfb.co color.welco.live colorss.nowurl.fun comfortabl.welco.live comfortable.fburl.fun comsmol.fbcode.co coo.welco.live cool.fbcode.co cool.fburl.fun cool.homec.live cool.pplink.club cool.welco.live coolkey.nowurl.fun coolkeyboard.cannca.shop coolr.nowurl.fun coolsms.cannca.shop coolss.fbcode.co coolsybols.welco.live cothe.welco.live cover.urlfb.co creat.urlfb.co creat.welco.live crrr.urlfb.co csgo.fbcode.co ctoo.fbcode.co ctt.nowurl.fun cttm.fbcode.co cus.cannca.shop custom.cannca.shop customiz.welco.live cute.fburl.fun cutedly.nowurl.fun cuteem.urlfb.co cutout.nowurl.fun cvbf.cannca.shop dae23grd.urlvf.fun daily.nowurl.fun daiy.fburl.fun damei.cannca.shop dawe546h.nowurl.fun ddchat.cannca.shop ddkolmm.cannca.shop default.fburl.fun deinj.fburl.fun denglu.urlfb.co derhj.fbcode.co designer.welco.live dfd5uj.welco.live dfdfsms.urlfb.co dgfhj.fbcode.co dghtg.welco.live dhn.pplink.club dhuan.fburl.fun dhy.nowurl.fun diangan.welco.live diannao.urlfb.co diary.welco.live dijiu.welco.live djfk.nowurl.fun djkf.fburl.fun dkj.fbcode.co doc.cannca.shop docu.welco.live document.urlfb.co dsa32g.urlfb.co dsddd.nowurl.fun duandian.welco.live easy.welco.live ect.fbcode.co editor.cannca.shop edrxff.urlfb.co eeditor.cannca.shop eeeruh.pplink.club eermeio.fburl.fun efklm.urlfb.co ekocnds.fbcode.co elegant.cannca.shop emmake.fburl.fun emoj.fbcode.co emoji.welco.live emojic.welco.live emojikey.nowurl.fun enhj.pplink.club enjd.nowurl.fun enjoytt.urlfb.co enm.cannca.shop enojj.welco.live enojys.cannca.shop eoilk.cannca.shop epjgl.pplink.club era.nowurl.fun erttyb.pplink.club eruil.pplink.club ervn.nowurl.fun etalk.urlfb.co etfv.fbcode.co etg.urlfb.co etyjh.nowurl.fun eub.nowurl.fun eui.fbcode.co euij.pplink.club ewbjf.pplink.club exemoji.urlfb.co eyu.fburl.fun eyud.urlfb.co face.urlfb.co facey.cannca.shop facy.cannca.shop facy.fburl.fun fake.nowurl.fun fanc.fburl.fun fashion.fbcode.co fassst.fbcode.co fast.fbcode.co fastqr.cannca.shop fasyt.welco.live fbit.nowurl.fun fdgrty.urlvf.fun fdio.pplink.club fdr7yj.urlvf.fun fdrs.fburl.fun fdsfsrtrh.hurb.fun feisty.welco.live fek.fbcode.co fense.nowurl.fun fes43hgfh.welco.live feseh.homec.live ffdgh.urlfb.co fffas.cannca.shop fffm.fburl.fun ffron.cannca.shop fg45hg.fburl.fun fgn.pplink.club fgurb.cannca.shop fhc.fbcode.co fhgu.nowurl.fun fhgy.fbcode.co fhjlgfj.cannca.shop fhjn.pplink.club fhjr.fbcode.co fieniaos.urlfb.co finding.welco.live firiu.fbcode.co fiu.fbcode.co fiu.welco.live fkjd.nowurl.fun flexible.cannca.shop flight.nowurl.fun fm.fburl.fun fmin.fburl.fun fnbhs.cannca.shop fontkey.welco.live fontsm.welco.live fpofo.nowurl.fun front.fburl.fun fsagfdt.fbcode.co fsdf.hurb.fun fsdmnhg.welco.live fteyn.pplink.club fts.fburl.fun fub.fburl.fun fudn.fburl.fun fueoi.fbcode.co fuerg.pplink.club fun.fbcode.co fun.urlfb.co func.urlfb.co funny.cannca.shop funny.nowurl.fun funny.welco.live fuuffe.nowurl.fun fuuny.cannca.shop fuuthe.fburl.fun fyevd.pplink.club fyew.pplink.club fyhdb.cannca.shop fyudb.nowurl.fun fyur.nowurl.fun gala.fbcode.co gallery.welco.live ganmao.pplink.club gbh.pplink.club gcwey.pplink.club gelia.cannca.shop gen.fburl.fun gfds35.nowurl.fun gfdyy.urlvf.fun ggdn.nowurl.fun ggfkdj.pplink.club gguio.pplink.club ghdn.pplink.club ghfbh.nowurl.fun gif.nowurl.fun gitpape.urlfb.co gkml.pplink.club glitter.fburl.fun glw.fbcode.co gmae.fbcode.co gnm.pplink.club gof.cannca.shop gold.cannca.shop gold.fburl.fun gonjm.nowurl.fun gorgeous.nowurl.fun gre.fburl.fun group.urlfb.co grr.cannca.shop grw.fburl.fun gww.urlfb.co gyjiu.welco.live haha.homec.live hahaihd.nowurl.fun haiyang.nowurl.fun handy.nowurl.fun happpp.cannca.shop hbfnjd.cannca.shop hbvds.urlfb.co hcs.nowurl.fun hd.fbcode.co hd.urlfb.co hdcam.urlfb.co hdscan.urlfb.co hdwallpaper.welco.live heartlive.welco.live hearts.welco.live heartt.cannca.shop hello.fburl.fun hellok.welco.live henkun.hurb.fun hfjs.pplink.club hgftrnjh.nowurl.fun hghhd.pplink.club hgrui.nowurl.fun hhdn.fburl.fun hhds.fburl.fun hhjn.urlfb.co hhn.fburl.fun hhnd.pplink.club hholm.fburl.fun hhuiol.pplink.club hi.fburl.fun hi.nowurl.fun hic.fbcode.co hifibe.welco.live hjn.cannca.shop hjnu.homec.live hkhi.nowurl.fun hnhd.cannca.shop hougen.fbcode.co hpt.fburl.fun hruh.fbcode.co hsg.pplink.club huacai.fbcode.co huarui.hurb.fun hushou.welco.live hvb.nowurl.fun hy.urlfb.co idh.fbcode.co idofe.nowurl.fun idoj.nowurl.fun iewu.fbcode.co ifhh.cannca.shop ifok.nowurl.fun ifyun.fburl.fun iifj.fbcode.co iifop.fburl.fun iiiufh.pplink.club iijdnj.fburl.fun iikdj.homec.live iikifol.pplink.club iildrm.nowurl.fun iiods.fbcode.co iiorinmf.pplink.club iip.urlfb.co ijhd.cannca.shop ijkj.urlfb.co ikophh.pplink.club image.fburl.fun image.welco.live imjd.cannca.shop imm.urlfb.co imnols.nowurl.fun instal.welco.live instant.fburl.fun iownv.fbcode.co iruhg.fburl.fun isg.pplink.club iuhjn.pplink.club iyh.fbcode.co jdk.nowurl.fun jdlk.cannca.shop jfiurf.nowurl.fun jfjhd.nowurl.fun jfkm.nowurl.fun jfmn.cannca.shop jfuei.nowurl.fun jh.nowurl.fun jhgvb.urlfb.co jiandao.nowurl.fun jianpan.urlfb.co jiaoshou.cannca.shop jiaotou.nowurl.fun jiaozi.hurb.fun jiayans.welco.live jiayou.welco.live jidud.nowurl.fun jiehun.fbcode.co jiemao.welco.live jigoer.pplink.club jjfki.pplink.club jjjksk.urlfb.co jjudfhl.fburl.fun jkdb.nowurl.fun jkiujyhgf.fbcode.co jklf.nowurl.fun joy.urlfb.co joysms.urlfb.co jud.pplink.club kancjd.welco.live kanj.welco.live kaoshi.welco.live kbnjg.nowurl.fun keyborad.fbcode.co kffd.fbcode.co kflk.fburl.fun kiogl.cannca.shop kisatec.welco.live kkase.fburl.fun kkdhj.fburl.fun kkflie.nowurl.fun kkmj.cannca.shop kknvdjh.cannca.shop kml.pplink.club kmvjd.nowurl.fun kongxincai.welco.live kouhong.welco.live kouzhao.pplink.club kuaile.urlfb.co kunnan.welco.live labaa.fbcode.co lalam.hkhi.nowurl.fun lalao.welco.live languagetran.welco.live lavidaa.welco.live lcm.cannca.shop lcm.nowurl.fun lct.fbcode.co ldjjl.pplink.club lek.fbcode.co lfkdj.cannca.shop lid.welco.live life.cannca.shop life.fbcode.co life.fburl.fun life.welco.live lifesms.cannca.shop lifeu.welco.live ligh.cannca.shop light.fburl.fun liifff.fburl.fun lilit.urlfb.co lilos.cannca.shop list.urlfb.co lite.fbcode.co lite.fburl.fun live.cannca.shop live.fbcode.co liveapps.cannca.shop lkj.welco.live lkldo.nowurl.fun lky.nowurl.fun llaopd.pplink.club lldks.nowurl.fun llemo.urlfb.co llfol.cannca.shop llk.fbcode.co llk.fburl.fun llpdoe.cannca.shop llpo.cannca.shop lmdn.pplink.club lmmj.fbcode.co lms.fburl.fun location.nowurl.fun log.fburl.fun love.cannca.shop love.fbcode.co love.urlfb.co love.welco.live lovvve.cannca.shop lpcai.cannca.shop lt.fbcode.co lunc.pplink.club lvluo.nowurl.fun magic.welco.live management.welco.live maoyi.welco.live mark.pplink.club mcdh.nowurl.fun mcjsw.nowurl.fun meilin.welco.live messaging.welco.live messenger.welco.live mhcj.urlfb.co mianmo.nowurl.fun mianshua.cannca.shop miaohua.welco.live miaomi.welco.live mihuan.urlfb.co mkbnmg.fburl.fun mkld.nowurl.fun ml.nowurl.fun mldke.nowurl.fun mlsk.pplink.club mmdh.nowurl.fun mmfk.fbcode.co mmjl.fburl.fun mmk.urlfb.co mmkfl.urlfb.co mmklo.nowurl.fun mmldops.cannca.shop mmncjh.fburl.fun mmnkop.cannca.shop mmnop.cannca.shop mmop.cannca.shop mmvnj.pplink.club mnvlp.cannca.shop mood.fburl.fun mood.welco.live multi.urlfb.co mvj.pplink.club nahul.cannca.shop naiba.welco.live naicha.fburl.fun namen.nowurl.fun nanshou.fburl.fun natunfinish.nowurl.fun nbgd.nowurl.fun nbjg.nowurl.fun ncbv.pplink.club nch.fbcode.co nchd.nowurl.fun ncjs.cannca.shop ndhj.fburl.fun nhds.pplink.club nice.fburl.fun njkd.nowurl.fun njvh.fbcode.co nk.pplink.club nkdj.urlfb.co nlvk.nowurl.fun nm.nowurl.fun nmdk.pplink.club nmkfk.nowurl.fun nnbmk.cannca.shop nncd.urlfb.co nnj.fbcode.co nnmcj.homec.live nnml.fbcode.co nnnw.fburl.fun nnvh.urlfb.co nnvjx.pplink.club nnzvg.pplink.club nowem.fburl.fun nsk.urlfb.co nvdh.nowurl.fun nvdj.fbcode.co nvfh.nowurl.fun nvfu.urlfb.co nvhd.nowurl.fun nvhye.cannca.shop nvkff.nowurl.fun nvm.fburl.fun nvnd.fburl.fun nyyhu.urlfb.co ocr.fburl.fun ocr.urlfb.co ocsr.fburl.fun odbvb.nowurl.fun odhn.nowurl.fun odkj.fburl.fun odlks.pplink.club odns.nowurl.fun odun.urlfb.co oefjgt.cannca.shop oen.urlfb.co oepw.fbcode.co ofh.cannca.shop ofhk.homec.live ofi.cannca.shop ofldj.cannca.shop oicel.nowurl.fun oih.pplink.club okj.nowurl.fun olkm.nowurl.fun only.cannca.shop onlywhy.nowurl.fun ood.pplink.club oodgn.cannca.shop oofh.urlfb.co oofi.nowurl.fun oofk.nowurl.fun oojfj.fbcode.co ookide.fburl.fun ookm.pplink.club ookmn.fburl.fun oolc.pplink.club oolkjd.pplink.club oons.nowurl.fun oop.urlfb.co oopfh.cannca.shop ooremn.urlfb.co oosp.pplink.club opdn.cannca.shop opeddf.nowurl.fun opfg.pplink.club opho.pplink.club opmn.fbcode.co opn.welco.live opod.fbcode.co oppg.welco.live oqeyb.welco.live orcc.cannca.shop orm.nowurl.fun orpitn.fburl.fun out.cannca.shop owg.nowurl.fun pap.urlfb.co pdf.cannca.shop pdf.fbcode.co pdf.nowurl.fun pdf.welco.live pdh.fburl.fun pdhn.cannca.shop pdhv.nowurl.fun pdi.fburl.fun pdkj.fbcode.co pdn.fbcode.co pdnw.nowurl.fun pem.fburl.fun per.fbcode.co perrr.cannca.shop person.fbcode.co pes.urlfb.co pfbh.pplink.club pfim.cannca.shop pfir.cannca.shop pfnjd.pplink.club pgth.cannca.shop phd.fbcode.co phhbeta.urlfb.co phlhjk.cannca.shop photo.cannca.shop photo.fbcode.co photo.welco.live photomaker.urlfb.co pic.nowurl.fun pkdj.cannca.shop pkf.cannca.shop pkn.fbcode.co pl.fbcode.co pl.nowurl.fun plan.fbcode.co planner.fbcode.co planner.nowurl.fun pld.nowurl.fun pldg.fburl.fun plfdhe.fburl.fun plmkf.cannca.shop pltx.cannca.shop pnvbhd.nowurl.fun poda.pplink.club podn.fbcode.co poee.fbcode.co pohjrid.urlfb.co poiuhbrf.urlfb.co pold.nowurl.fun pom.fburl.fun pop.fbcode.co poqd.nowurl.fun power.fbcode.co power.fburl.fun ppd.nowurl.fun ppdhj.nowurl.fun ppgld.nowurl.fun ppkfhy.pplink.club ppnd.nowurl.fun ppole.pplink.club ppolg.fburl.fun pppfool.cannca.shop ppploi.pplink.club pproo.welco.live ppsm.urlfb.co pptt.urlfb.co precise.cannca.shop prou.pplink.club psn.fbcode.co psychedelic.fburl.fun qepo.fburl.fun qetfgkm.fburl.fun qinya.cannca.shop qpt.nowurl.fun qqrr.cannca.shop qrread.cannca.shop qrtb.nowurl.fun qtvchfg.fbcode.co qucc.cannca.shop quck.welco.live quefa.welco.live quick.cannca.shop quick.fburl.fun quick.pplink.club quickfinding.nowurl.fun qvf.nowurl.fun qwbj.nowurl.fun qwer.nowurl.fun qwfdf.fburl.fun qybe.urlfb.co qydgb.nowurl.fun rbf.welco.live re.fburl.fun reall.nowurl.fun recover.cannca.shop recover.urlfb.co recover.welco.live reliable.nowurl.fun reminder.cannca.shop renmen.welco.live retae.welco.live rev.urlfb.co revf.urlfb.co rfy.nowurl.fun rhj.homec.live rich.cannca.shop righ.fbcode.co rjgjkl.cannca.shop rptril.cannca.shop rriujlo.urlfb.co rrkoop.fburl.fun rrm.fbcode.co rroj.urlfb.co rrokl.pplink.club rrujgl.pplink.club rtgyh.cannca.shop rth.nowurl.fun rtuyn.urlvf.fun ruruio.nowurl.fun rwtygv.pplink.club ryjnds.fburl.fun ryr.fbcode.co sanfen.cannca.shop scan.urlfb.co scan.welco.live scanner.urlfb.co scantext.welco.live sck.urlfb.co scm.nowurl.fun sdehk.cannca.shop sdg.fburl.fun secret.fburl.fun sel.urlfb.co selfie.fbcode.co selfiee.cannca.shop selfiephoto.welco.live send.urlfb.co sendlove.fbcode.co senlin.cannca.shop shanbei.nowurl.fun shangxin.pplink.club sharefinding.nowurl.fun shbc.pplink.club shengyin.urlfb.co shirly.urlfb.co shouji.urlfb.co shrar.urlfb.co shuilian.fbcode.co shuiru.cannca.shop sia.cannca.shop sidujf.nowurl.fun signal.fbcode.co siliji.nowurl.fun simhd.cannca.shop simp.cannca.shop simpl.fburl.fun simpl.welco.live simple.urlfb.co simple.welco.live simplss.nowurl.fun sitcker.fburl.fun siteck.welco.live sitecker.cannca.shop sitejjs.fbcode.co sitemo.fburl.fun sitick.urlfb.co sketch.cannca.shop sketchph.cannca.shop skp.fbcode.co skybor.fbcode.co sldk.fburl.fun sm.fbcode.co smartt.urlfb.co smile.cannca.shop smile.fbcode.co smilejj.fburl.fun smm.nowurl.fun sms.nowurl.fun smsms.cannca.shop smspro.nowurl.fun social.cannca.shop sp.fbcode.co speci.cannca.shop ss.nowurl.fun ssmclo.cannca.shop sss.fbcode.co sssmar.welco.live sticker.fburl.fun sticker.nowurl.fun stickerp.fbcode.co stickers.welco.live stickerss.welco.live studios.welco.live suan.welco.live subtitle.cannca.shop suiyu.welco.live sum.urlfb.co super.urlfb.co swee.fbcode.co sweet.fbcode.co sweetca.fbcode.co sweethd.cannca.shop swm.nowurl.fun symbols.fburl.fun talk.fbcode.co tameni.welco.live tangguo.welco.live tangzui.urlfb.co tcm.pplink.club tdh.nowurl.fun tdm.nowurl.fun tegbd.nowurl.fun tegdfh.welco.live test.fburl.fun test.pplink.club tet.fburl.fun tevf.nowurl.fun tex.fburl.fun textcamera.cannca.shop textfunny.welco.live teyhn.pplink.club them.urlfb.co theme.fbcode.co theme.urlfb.co themmm.cannca.shop thenma.cannca.shop thsweed.fburl.fun tiingo.fburl.fun time.fburl.fun tkk.fbcode.co tnk.nowurl.fun topldk.cannca.shop toubao.pplink.club trac.cannca.shop tracker.welco.live trackers.urlfb.co tran.fbcode.co tteg.nowurl.fun ttiom.fbcode.co ttmm.welco.live ttnj.fburl.fun ttopl.pplink.club ttt.fbcode.co ttuinh.pplink.club ttujg.pplink.club ttxt.nowurl.fun tuandui.fburl.fun txtmes.cannca.shop ubng.fburl.fun udij.nowurl.fun udjhnl.cannca.shop uei.nowurl.fun ufik.cannca.shop ufjbfj.welco.live ufjgkoh.fburl.fun ufjndh.nowurl.fun ufnhf.fbcode.co ugitje.cannca.shop ugldk.fburl.fun ugyrh.cannca.shop ui.pplink.club uidj.cannca.shop uieu.nowurl.fun uitgnj.cannca.shop ujh.nowurl.fun ujn.fbcode.co ujnd.pplink.club ujnhg.urlfb.co ukej.urlfb.co ultimate.urlfb.co ummko.fburl.fun unfj.cannca.shop unij.pplink.club uniqu.fburl.fun unique.cannca.shop unjg.pplink.club unker.fbcode.co unlim.welco.live unnlopl.welco.live untive.fbcode.co uolk.pplink.club uopn.cannca.shop uri.nowurl.fun urjde.homec.live uryhf.nowurl.fun uty.nowurl.fun uud.fbcode.co uuds.pplink.club uuer.fburl.fun uufijl.cannca.shop uufin.welco.live uufjk.nowurl.fun uugh.pplink.club uuhds.pplink.club uuj.cannca.shop uujk.welco.live uuklm.welco.live uund.fbcode.co uuo.pplink.club uurifd.fburl.fun uuyhu.nowurl.fun uyfy.cannca.shop uyhjnh.nowurl.fun vbdh.pplink.club vbryf.welco.live vctw.fbcode.co vdhe.fbcode.co vgv.fburl.fun vide.nowurl.fun viss.fbcode.co vitality.welco.live vivi.urlfb.co vivid.urlfb.co vjnfm.nowurl.fun vjnghjg.homec.live vmk.fburl.fun vnhd.nowurl.fun vnhjd.cannca.shop vnjf.urlfb.co vnk.fburl.fun vnmd.fburl.fun voice.fburl.fun voice.urlfb.co voicelan.cannca.shop vvanh.pplink.club vyruhn.fburl.fun wbx.nowurl.fun wefthg.urlfb.co weilai.fbcode.co wejued.welco.live weqwinh.fburl.fun wfe.fburl.fun wg.nowurl.fun wm.fburl.fun womende.nowurl.fun wqer.pplink.club wrecf.nowurl.fun wrtfv.pplink.club wtyfg.cannca.shop wuyunhj.fburl.fun wwomk.nowurl.fun xccbhtrl.fbcode.co xia.cannca.shop xian.cannca.shop xiangce.nowurl.fun xingchen.fbcode.co xuezi.welco.live xxuujn.cannca.shop yajiaoban.cannca.shop yanse.fburl.fun yanying.cannca.shop yating.nowurl.fun ydm.fbcode.co ydn.fbcode.co yeb.urlfb.co yedk.nowurl.fun yexuba.hurb.fun yfbjs.nowurl.fun yfeu.fburl.fun yfgh.cannca.shop yfhhgl.nowurl.fun yfj.pplink.club yfun.fbcode.co ygbi.fburl.fun yhgjn.hurb.fun yhnkji.nowurl.fun yifu.urlfb.co ykl.pplink.club yng.pplink.club ynh.nowurl.fun ynk.nowurl.fun ynnx.nowurl.fun yongjiu.welco.live youxiu.fburl.fun yrbc.nowurl.fun yruih.fburl.fun yrujfbj.cannca.shop ytrb.nowurl.fun yueijhcjj.fbcode.co yuen.pplink.club yufn.welco.live yujnm.cannca.shop yumeiren.welco.live yun.fburl.fun yun.pplink.club yur.fburl.fun yurb.fburl.fun yury.cannca.shop yyaogou.nowurl.fun yybfh.urlfb.co yydj.urlfb.co yydn.pplink.club yye.nowurl.fun yyfb.nowurl.fun yyhlop.pplink.club yyurh.cannca.shop zhidao.nowurl.fun zhijin.urlfb.co zhousi.urlfb.co zhuanba.cannca.shop zhuangyu.welco.live zirun.pplink.club zombie.urlfb.co zzujllop.cannca.shop # Reference: https://twitter.com/ReBensk/status/1597823519152173056 # Reference: https://twitter.com/midnight_comms/status/1598046572100845568 aoci.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1599723433696247808 metakamera.com api.metakamera.com # Reference: https://twitter.com/ReBensk/status/1601205157831712768 decepeoplesay.oss-me-east-1.aliyuncs.com /dece08yjqn.syfm # Reference: https://twitter.com/ReBensk/status/1602254672022020098 thoroughly.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1602946863912701952 # Reference: https://www.virustotal.com/gui/file/e6efc3c44781a1f2c9e64ddf89cf63504651fa0fba7b386113d0d2651419654b/detection luha.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1603032573327859713 # Reference: https://www.virustotal.com/gui/file/909a05f9f7ac3c187afac226376ca0e85a64592dcf9d2ba2d5567ce021755732/detection appear.oss-eu-central-1.aliyuncs.com sasvn.hurb.fun # Reference: https://www.virustotal.com/gui/domain/hurb.fun/relations dps.hurb.fun fdsfsrtrh.hurb.fun fsdf.hurb.fun henkun.hurb.fun huarui.hurb.fun jiaozi.hurb.fun yexuba.hurb.fun yhgjn.hurb.fun # Reference: https://twitter.com/ReBensk/status/1604116363911385088 kbnt.oss-eu-central-1.aliyuncs.com twens.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1605467154362601472 tightly.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1605556332047699969 leixia.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1610618796078960641 # Reference: https://www.virustotal.com/gui/file/fb2700623dc78232bc96220ccacf7777c527c4915aa15af31bda3356547c95c5/detection cgfsdtdh.shop log.cgfsdtdh.shop # Reference: https://www.virustotal.com/gui/file/8346b1cb8accbb9ccf1af3e2a7e7a3b4f68323a13d5636e65dbd2cbe276eb831/detection gfduytsdf.shop log.gfduytsdf.shop # Reference: https://twitter.com/ni_fi_70/status/1610940701054746625 # Reference: https://www.virustotal.com/gui/file/3b4fe1a9366a31b151f546cd933c426f4007cb22d140757685351d5a6cc0e633/detection sightly.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1612392107850752000 # Reference: https://www.virustotal.com/gui/file/0c432397992f149521df05ff2184c3e32adabbc403e2b46d3ecf4f91d4640081/detection kobant.com magically.oss-eu-central-1.aliyuncs.com tesjkl.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/eb46541e2991a20c20fca66e51a705a309e6576296c435126ac369ba41e6bff5/detection gory.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1614596204482166787 zwcb.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1614907492936609792 # Reference: https://www.virustotal.com/gui/file/9d862dc19c0422a1a8412e742070f700b2470defcfb5b7b30518435d3fe32e5d/detection kbnt.oss-ap-southeast-1.aliyuncs.com yyfnewbeterlayut.oss-ap-southeast-7.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1614907547189923842 # Reference: https://www.virustotal.com/gui/file/38b281b6d79aadb55349c55d18a8f61c55e5daabf387f2525340ff9343926b6b/detection ds45yml.fburl.fun suspend.oss-ap-south-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1615335332232286210 # Reference: https://www.virustotal.com/gui/file/56a4cc0472791e77f0bbe6e5fd6aaf6b52b3642b43389548ef52b109c44182c9/detection venerate.oss-ap-southeast-7.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1617079861675425792 # Reference: https://www.virustotal.com/gui/file/fd86f5f736922fc0c1bf5b1e110d867e9854b70860fcee4b95bae1d470ae716a/detection specially.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1617020418984140807 # Reference: https://www.virustotal.com/gui/file/8c2e3c0c7fd591f1377e9318fbcfbcae85db4875a2f405b99da46edf9b70eefc/detection 202319.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1617820068200747008 # Reference: https://www.virustotal.com/gui/file/ef99fa80f848ceb09a60c63a1d4933a2717d500edea85acc0975577f0180556c/detection # Reference: https://www.virustotal.com/gui/file/ef99fa80f848ceb09a60c63a1d4933a2717d500edea85acc0975577f0180556c/detection acidlylink-1301476296.cos.ap-mumbai.myqcloud.com dewq23fdt.urlfb.co # Reference: https://twitter.com/ni_fi_70/status/1618195239289913344 adcbk.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1619301912381370370 # Reference: https://www.virustotal.com/gui/file/94d6c2bbfd4493a5c191c971f0555bc385116a81a5786f4c03baea5ed273c6a9/detection ya23.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1622572920173211648 # Reference:https://www.virustotal.com/gui/file/5d65476281ce15fd07117844a1b25036fe530dd9113d75a0084e6a869beccf0d/detection gvbkopdf.life fox.gvbkopdf.life # Reference: https://twitter.com/muha2xmad/status/1622695789796462608 weco.oss-eu-central-1.aliyunc.com # Reference: https://twitter.com/ni_fi_70/status/1625028460992143362 # Reference: https://www.virustotal.com/gui/file/216968101a29359e35ed52bc9c432aec3c0e142d02429720627e2a66246c2f25/detection tiwnconag.store sup.tiwnconag.store # Reference: https://twitter.com/sh1shk0va/status/1626543670743691265 cuokghfs.xyz top.cuokghfs.xyz # Reference: https://twitter.com/ni_fi_70/status/1628689466142388225 # Reference: https://www.virustotal.com/gui/file/7f02b3b80b02d90be94f4b6d031eb43557df44e4647a03ddf8b81d8dee306b9d/detection lihi2.cc enthralled.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1630136745059577856 # Reference: https://www.virustotal.com/gui/file/03b001b5405aa77b9a61e5d28c57d3b10e8649ec039d72d21a40600a56fa00dc/detection meurl.fun # Reference: https://twitter.com/ni_fi_70/status/1630453600831827969 # Reference: https://www.virustotal.com/gui/file/d8ecc9e8323d46a152db71079ba9f3a0d2c60d286225ede80a12e2bd8da32529/detection yjiao.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1630600697119928331 # Reference: https://www.virustotal.com/gui/file/8734e2533ae53516b46667a930e58df201e97ea03562b444fa50c19965cab4b9/detection opmknbf.com dop.opmknbf.com # Reference: https://twitter.com/ni_fi_70/status/1630853012770963456 # Reference: https://www.virustotal.com/gui/ip-address/43.155.93.147/relations # Reference: https://validin.com/ (# IP: 43.155.93.147 info) # Reference: https://www.virustotal.com/gui/file/e360a9925871cbcc2a9f705e1ac42118e1145e4e3e144d15effa8507baa634e9/detection # Reference: https://www.virustotal.com/gui/file/66ddcda438fdff9c4969fb57af01a828831e7b4e8824f31b87a93d82aea461a5/detection redosll.shop scdowns.shop shorlt.shop shorlturl.shop slltg.shop urlfbvf.fun urlfbvf.live urlfbvf.online 123.slltg.shop 21314.redosll.shop 2354.slltg.shop 23hi.redosll.shop 34324gd.scdowns.shop 4k.redosll.shop ak47.urlfbvf.fun amild.urlfbvf.online androis.urlfbvf.live bffa.redosll.shop bfigjtjk.slltg.shop bgf567.slltg.shop bjkfuirejk.shorlturl.shop bmcnjhu.shorlturl.shop bnrthbvc.urlfbvf.fun bogfjrioj.scdowns.shop bvjyeu.scdowns.shop byruejf.urlfbvf.online byuefbjgf.urlfbvf.live byurehj.shorlt.shop candy.redosll.shop cdfwdvg.scdowns.shop cmcmnj.urlfbvf.fun cmfjddu.shorlturl.shop cmxnjkd.shorlturl.shop cs3fddm.urlfbvf.fun cvbyurjh.scdowns.shop cvjkfjdks.urlfbvf.live cvokdlks.shorlt.shop cvuiensd.urlfbvf.live cvvdfueijk.redosll.shop cvxnmhy.shorlt.shop cvyuhrjs.urlfbvf.live cxiuijk.urlfbvf.fun cxmkdsk.scdowns.shop cxnjfhiujk.urlfbvf.live cxvjuers.urlfbvf.online d23sf.shorlt.shop d34gfty.urlfbvf.live d34u71.shorlt.shop d3fd.shorlt.shop d5tfl.slltg.shop da2.redosll.shop da23fd.urlfbvf.live da3d.urlfbvf.live da3fdf.urlfbvf.fun de324fgd.shorlturl.shop df12fs.urlfbvf.live df23rdf.urlfbvf.live df34gf.scdowns.shop df3fsd.shorlturl.shop df3r4fd.shorlt.shop df45.slltg.shop df68jlp.shorlt.shop dffyewugj.urlfbvf.live dfieomk.urlfbvf.online dfopekf.slltg.shop dfs34rg.scdowns.shop dfs455.redosll.shop dfs5gg.urlfbvf.fun dfse21dsf.urlfbvf.fun dfuejnk.urlfbvf.online dfw3.shorlt.shop dfyuewnj.shorlt.shop djfyue.slltg.shop ds2.shorlturl.shop ds23fsd.shorlturl.shop ds2ds.urlfbvf.online ds3fdg.redosll.shop ds3fdg.shorlt.shop ds45gft5.urlfbvf.fun dsa6u.shorlturl.shop dsueiwjf.urlfbvf.online dufiw.slltg.shop duiejhds.urlfbvf.fun dw3gfd.urlfbvf.fun dweudds.shorlt.shop dyuyeu.urlfbvf.fun ekfdree.shorlt.shop eopcbvhj.urlfbvf.online erew4g.urlfbvf.fun etyjdfj.urlfbvf.online etyueghjj.redosll.shop euiruiee.urlfbvf.live euiwejk.scdowns.shop euyurhj.scdowns.shop ewuwhfd.urlfbvf.online eyudhf.shorlturl.shop eyuhgd.redosll.shop f23fds34.shorlt.shop fahuo.shorlt.shop fd341es.urlfbvf.online fd34gd.urlfbvf.fun fd34gdf.shorlturl.shop fd34gf.redosll.shop fd3fd.redosll.shop fd3fhm.shorlt.shop fd4565h.redosll.shop fd4tgh.scdowns.shop fd67y7.slltg.shop fdeiujfd.redosll.shop fdf34g.urlfbvf.online fdiwuij.redosll.shop fdporek.urlfbvf.fun fds34gf.urlfbvf.live fds3yt.scdowns.shop fds45gf.urlfbvf.online fds45yut.scdowns.shop fds5yj.shorlt.shop fdt56.scdowns.shop fdth67.slltg.shop fduiends.urlfbvf.live fdwe12.urlfbvf.live fdwe2fd.urlfbvf.fun fdyeuwd.redosll.shop fdyuejnj.scdowns.shop fe2fsd.shorlt.shop fes45.urlfbvf.live fes4y56.redosll.shop fg45u7.slltg.shop fg56jyl.redosll.shop fgd45gf.shorlturl.shop fgew34ht.scdowns.shop fgiori.redosll.shop fire.urlfbvf.live firjkkk.urlfbvf.online five.slltg.shop fkfk.shorlt.shop fodpvjf.scdowns.shop fpkfiee.scdowns.shop fpofkoew.scdowns.shop fs342sdf.shorlturl.shop fs34a23r.urlfbvf.online fs34gf.scdowns.shop fs34gf.urlfbvf.online fs34gfd.redosll.shop fs34gfd.urlfbvf.live fs34gfh.urlfbvf.live fs34gfp.urlfbvf.live fs34gtf.urlfbvf.online fs34hfg.urlfbvf.online fs34i8.urlfbvf.online fs3fd.urlfbvf.fun fs3fgdg.urlfbvf.fun fs4.urlfbvf.fun fs43hfh.scdowns.shop fs6ul.urlfbvf.online fsd34gf.scdowns.shop fsd34gfd.scdowns.shop fsd34hgf.redosll.shop fsd3gd.urlfbvf.online fsd45f.redosll.shop fsd45hf.urlfbvf.live fsd45jygj.urlfbvf.online fsd4hf.urlfbvf.live fsd5h.scdowns.shop fse34gf.urlfbvf.fun fse4gf.redosll.shop fse4hg.scdowns.shop fserth.shorlturl.shop fstreth.urlfbvf.online fugirufjkd.redosll.shop fuuejee.redosll.shop fvuijek.urlfbvf.live fvygruhfj.urlfbvf.online fvyurhj.scdowns.shop fyeuhjd.scdowns.shop g7642gh.urlfbvf.fun gd3sdg.urlfbvf.fun gd4dgd.shorlturl.shop gd4gf.scdowns.shop gd56uj.shorlturl.shop gdf34gdf.shorlturl.shop gdf45hfg.shorlturl.shop gdf45y.redosll.shop gdf56.slltg.shop gdr34d.urlfbvf.live gdr5hg.urlfbvf.fun gdr6kjk.urlfbvf.fun gdrkloyu.shorlt.shop gdrtu676.urlfbvf.live gf45twht.redosll.shop gf54.slltg.shop gf56jkhuo.slltg.shop gfd4tyt.redosll.shop gfd6j.shorlturl.shop gfh5tdg.urlfbvf.fun gfporid.urlfbvf.fun ghf6.slltg.shop ghii.scdowns.shop glitter.urlfbvf.online grd5jgy.shorlturl.shop gruehj.urlfbvf.fun gt6.shorlt.shop gtf89l.shorlt.shop gtyi.shorlturl.shop gurujjj.redosll.shop gyeuhjk.urlfbvf.live gyyiygt.scdowns.shop hfeuhjk.redosll.shop hft76.urlfbvf.online hfye34gf.redosll.shop hg667.slltg.shop hgygu7.shorlt.shop hhhjdujkla.urlfbvf.online idioisun.urlfbvf.online iioruwjjw.urlfbvf.live iirueknm.urlfbvf.live io78t.urlfbvf.online jdkasuie.urlfbvf.online jhdfuhjk.shorlt.shop jnbgjkfk.urlfbvf.online jok78.shorlturl.shop jy76.slltg.shop kiolp.shorlturl.shop ksidg.scdowns.shop kuyvcg.urlfbvf.online lfid3.slltg.shop mckjfkd.scdowns.shop mel.redosll.shop morn.redosll.shop ms.redosll.shop mxjue.urlfbvf.fun new.slltg.shop newsd.scdowns.shop nl.slltg.shop odfieofj.shorlt.shop odnue.slltg.shop oedfijdf.redosll.shop oepdifsd.slltg.shop oerif.shorlt.shop oeriuyrh.slltg.shop oeuifkd.shorlturl.shop ofdvjkj.shorlturl.shop oghpobcj.scdowns.shop ogreuijdk.slltg.shop osoppie.urlfbvf.live ouytu56.slltg.shop oweidkj.urlfbvf.fun pdjuewiks.urlfbvf.fun pefikds.scdowns.shop pgijkdjks.shorlt.shop pi95g.urlfbvf.online pqioenj.slltg.shop psdiokckds.urlfbvf.online psdkd.shorlt.shop pweoief.redosll.shop qbu.urlfbvf.online qeyfjd.shorlturl.shop qfynbjd.shorlt.shop qtyhcje.urlfbvf.live quhnfvg.scdowns.shop qyuewyjf.redosll.shop rew5y.urlfbvf.live ruiutunfjs.shorlt.shop sd34g.shorlt.shop sd3rsfs.urlfbvf.live sdfye.shorlturl.shop sdurei.redosll.shop sdyuews.scdowns.shop se23fd.scdowns.shop sfr34gf.shorlturl.shop shfydhj.shorlturl.shop surf.scdowns.shop syeufbhjfd.shorlturl.shop trttt.urlfbvf.online tyfdvrf.shorlturl.shop ueoidsck.urlfbvf.online uerfjnufd.shorlturl.shop uewiuj.slltg.shop uodmk.urlfbvf.fun urefjk.slltg.shop ureiuss.slltg.shop urjkfgjk.urlfbvf.live ush.shorlt.shop v8378fwgl6j3ys0yf0l.urlfbvf.online vbofdmk.redosll.shop vbuirenk.urlfbvf.live vcbhfgy.urlfbvf.fun vcd23fd.shorlturl.shop vcidojkd.shorlt.shop vcjdmk.shorlt.shop vcjhfuirek.scdowns.shop vcklsjie.urlfbvf.fun vcnbuu.shorlturl.shop vcnhsedy.urlfbvf.online vcnmhd.scdowns.shop vcnsdjhue.urlfbvf.live vcoioj.shorlturl.shop vcpisdk.urlfbvf.live vcuiejfks.shorlturl.shop vcujhkd.shorlturl.shop vcxhjdue.shorlturl.shop vcyeurhjd.urlfbvf.online vdsfefd.shorlt.shop vfgvfrt.slltg.shop vidjhekj.scdowns.shop viudjkks.shorlt.shop vmbjfure.urlfbvf.online vnbnjgur.urlfbvf.online vucijke.urlfbvf.online vyiurehjk.redosll.shop vyuehfjd.urlfbvf.online w23f.shorlt.shop w3rdr.urlfbvf.online wall.scdowns.shop we.scdowns.shop weoikfds.urlfbvf.fun wetyqhjd.urlfbvf.live wpodk.urlfbvf.fun wyeudj.shorlturl.shop xcuvijks.urlfbvf.online xiscjjdue.shorlt.shop yeufhfvnj.redosll.shop yeuhngj.redosll.shop yeuhnjfd.urlfbvf.live yeunjfd.redosll.shop yfdjfjds.slltg.shop ygbngfr.urlfbvf.live yguerbn.slltg.shop yguren.slltg.shop yrehfjd.redosll.shop yreuhjd.urlfbvf.live yruhjd.slltg.shop yuk.scdowns.shop ewr1.vultrobjects.com # Reference: https://twitter.com/ni_fi_70/status/1631229735991689218 # Reference: https://www.virustotal.com/gui/file/434f4838798080453de44526d5dcad16fef0019eddbe56f1a498390d0adad41f/detection pitch.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1632734010177724419 # Reference: https://www.virustotal.com/gui/file/8473d7885b0909152e3c21c4a1cc4209c8e2dd2e66bccc7c7b2ddb59502c4fed/detection lihi3.cc singgproletupdate.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1633375152888004608 # Reference: https://www.virustotal.com/gui/file/630432f4c7af644638ec7f4916394f08032e33368134dde88eda449557dadd07/detection maybethreislvd.oss-ap-northeast-2.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1635897600917352448 # Reference: https://www.virustotal.com/gui/file/114503f4ad18832eea40c24f4a4208f029192d4495db278bae5fe198521b2e1e/detection kuaigdfux.com fly.kuaigdfux.com # Reference: https://twitter.com/ReBensk/status/1640666662302253056 # Reference: https://www.virustotal.com/gui/ip-address/47.251.36.185/relations # Reference: https://www.virustotal.com/gui/file/505dc9df3b766ba4a5ec5339f62222f639aa75a5041049d89ec66710693174dd/detection # Reference: https://www.virustotal.com/gui/file/961975500ccb4de12ba14b7681e5140487c15b13b33274d86ca4b7f6839a20f3/detection jumphe.site k2url.top oturl.top shortur.site urlbet.site urllink.site # Reference: https://www.virustotal.com/gui/file/fca39d246e98afe37472170d87168b91fb1cec1ba7c5dba17ac5ce46e95c0fd3/detection sunucvdg.com niu.sunucvdg.com # Reference: https://twitter.com/ReBensk/status/1642388166911852544 # Reference: https://twitter.com/ReBensk/status/1642414534605373442 # Reference: https://www.virustotal.com/gui/ip-address/47.88.33.239/relations # Reference: https://www.virustotal.com/gui/file/530290f681d5f6380aed6fe8731861e26062ca041fd9a55645e38b6a7e759a80/detection # Reference: https://www.virustotal.com/gui/file/700b641373e8b31ac975d560c45860e23d695aff0dc9c8e2e81b343798e323fc/detection # Reference: https://www.virustotal.com/gui/file/530290f681d5f6380aed6fe8731861e26062ca041fd9a55645e38b6a7e759a80/detection # Reference: https://www.virustotal.com/gui/file/30e8d8a7742345a913ddb4ee6741e44624fed905b8f9aba941550074f5fa334e/detection fastlk.site kulsi.site qblink.site qburl.site ukurl.site urlnb.site usurl.site # Reference: https://twitter.com/ReBensk/status/1642847705927139328 # Reference: https://www.virustotal.com/gui/ip-address/8.211.56.129/relations # Reference: https://www.virustotal.com/gui/file/a8014973570c6b2b4383eb3a41d5624265ea1fde76596e5146d084288919d04e/detection jumpit.shop linkus.shop pllink.fun urlms.site urlns.site urlok.site # Reference: https://twitter.com/josh_penny/status/1643021976024367108 balink.site jumpme.site juurl.store linkaf.shop linkssr.fun qklink.co shortlk.site urlkame.online # Reference: https://twitter.com/ni_fi_70/status/1643512983258005504 # Reference: https://www.virustotal.com/gui/ip-address/47.245.179.63/relations linkhp.site urlbe.site urlno.site # Reference: https://www.virustotal.com/gui/file/2b344d13d20cd3e0a84079fa5bd618bdc2c207b8caa4516ffbb71581f49491f1/detection toponsu.com uhh.toponsu.com # Reference: https://www.virustotal.com/gui/file/cf5c0e628064187025b2e775f51569da4416efbfe0b4335614f902b3ee6e638b/detection dkuiobb.com suu.dkuiobb.com # Reference: https://www.virustotal.com/gui/file/01a4f41b9537d8dbc429c2f6ccb73609cf09ae488c45cf06ce9fa763af271017/detection plucky.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1644617216560705537 # Reference: https://www.virustotal.com/gui/ip-address/8.219.149.155/relations wscp.shop yesdo.shop # Reference: https://twitter.com/ReBensk/status/1645677270458310657 # Reference: https://www.virustotal.com/gui/ip-address/47.74.65.90/relations # Reference: https://www.virustotal.com/gui/file/f645f0e8c3c679244a7ca86460307eed1a681f5b1d0ba802e841a74ba36fd7f6/detection fbmark.shop ushe.life vfka.shop # Reference: https://twitter.com/ReBensk/status/1645686986991345664 # Reference: https://www.virustotal.com/gui/ip-address/3.76.148.229/relations dourl.fun dourl.site jumpke.fun jumpke.site # Reference: https://twitter.com/ReBensk/status/1645707961787101184 mystical.oss-ap-southeast-6.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1645738027057291267 # Reference: https://www.virustotal.com/gui/ip-address/47.254.252.106/relations mejump.site meurl.shop tolinks.site urljum.site # Reference: https://twitter.com/ReBensk/status/1647625898013646855 dirigible.oss-me-east-1.aliyuncs.com skyfull.oss-ap-northeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1647652895683125248 # Reference: https://www.virustotal.com/gui/ip-address/8.222.216.193/relations firelk.shop rolado.shop # Reference: https://twitter.com/ni_fi_70/status/1648942834794352642 # Reference: https://www.virustotal.com/gui/ip-address/47.74.70.114/relations # Reference: https://www.virustotal.com/gui/file/5a6ced2b3c2190370ca1920224eb5cd7b5a685d7d023e3cba43e0f5d0cc5773a/detection firega.shop linkmt.club softgb.shop urlgi.fun # Reference: https://twitter.com/sh1shk0va/status/1651479498448314368 kungdf.com log.kungdf.com # Reference: https://www.virustotal.com/gui/ip-address/8.222.230.21/relations # Reference: https://www.virustotal.com/gui/file/74b3c7810b95ce1158792260de3ca0e8114535c42dbd10fdd78d7e1d6e7caf86/detection cafrem.fun # Reference: https://twitter.com/ReBensk/status/1652581346252931072 410-ahsabd.oss-us-east-1.aliyuncs.com zr-swger.oss-eu-central-1.aliyuncs.com daves.page.link # Reference: https://twitter.com/ReBensk/status/1653422859312676864 # Reference: https://www.virustotal.com/gui/ip-address/8.222.204.85/relations # Reference: https://www.virustotal.com/gui/file/2acb58b2f28b043a5ab340447cd9250393a54ddd7f400890f54a4dab153a6584/detection # Reference: https://www.virustotal.com/gui/file/b6dd02f6e981dc7775414bc1907433dae1caa9070ff51e67385b75f9c3f092d0/detection bnmeala.fun # Reference: https://twitter.com/ReBensk/status/1653729219493638144 # Reference: https://www.virustotal.com/gui/file/acddaf54a4fd70c1997a9970bdc84590072de9f4125319bd427445aa43001fcd/detection 4re.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1653759266870947841 # Reference: https://twitter.com/Maluig1Team/status/1653770658327961600 eoks.ai # Reference: https://twitter.com/ReBensk/status/1653758211995111427 # Reference: https://twitter.com/Maluig1Team/status/1653770551931064321 # Reference: https://www.virustotal.com/gui/ip-address/8.219.201.51/relations ringax.shop # Reference: https://www.virustotal.com/gui/file/4e93584033433e80f9f725c7c1b5aec0d1d16d7788a9f1bd4db5025df88fe077/detection qiklay.top # Reference: https://twitter.com/ReBensk/status/1654763945238904834 # Reference: https://twitter.com/Maluig1Team/status/1654899167066718208 # Reference: https://www.virustotal.com/gui/file/cf4498391afb3a90c614b418675f2382e252f979ebb1627463f9d1958085ddaf/detection 2iz.cn # Reference: https://twitter.com/ReBensk/status/1654767579766849536 # Reference: https://twitter.com/Maluig1Team/status/1654899220913205249 # Reference: https://www.virustotal.com/gui/ip-address/8.222.184.93/relations # Reference: https://www.virustotal.com/gui/file/30846d77a76ab6f27de1a3335081f63c51501973a7e0fa68179174c8c4dc3711/detection xjrjsee.live # Reference: https://www.virustotal.com/gui/ip-address/47.236.28.202/relations # Reference: https://www.virustotal.com/gui/file/ec97f3ede81c7f8ac0127198985b25027765ff81ae9dede543d8931f0787d1ce/detection adjer.wang # Reference: https://twitter.com/ReBensk/status/1659123665072709632 # Reference: https://www.virustotal.com/gui/ip-address/8.219.180.197/relations # Reference: https://www.virustotal.com/gui/file/bad13604e49870880452134b0e48595add31db070fc95745ace7b1bb228daf1a/detection gwqijg.fun # Reference: https://twitter.com/ReBensk/status/1659841808917053441 # Reference: https://www.virustotal.com/gui/file/47c8aee1d37b794ea61e9b9e73ebb31c1b59994b3d3410f8dc10cfcf692f4e62/detection attentively.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1660201028631896064 # Reference: https://www.virustotal.com/gui/ip-address/8.219.182.57/relations plvfk.shop # Reference: https://twitter.com/ReBensk/status/1660207333606039553 # Reference: https://www.virustotal.com/gui/ip-address/8.222.162.47/relations asunamiya.shop # Reference: https://twitter.com/ReBensk/status/1660315641432121344 # Reference: https://www.virustotal.com/gui/ip-address/47.236.22.62/relations # Reference: https://www.virustotal.com/gui/file/1cdf0ea00ae849d948022485ee15cfeee77f8447de058d3cfce7d0310e05df8d/detection ssesayba.icu # Reference: https://twitter.com/sh1shk0va/status/1665297196277723137 # Reference: https://www.virustotal.com/gui/file/de9e93ce1905d91f3a1deab15f09e142a9449670ef102df646dbd50051898f80/detection oubfgday.com stt.oubfgday.com # APK /000166ssshH5.apk