# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: Fabookie.ge, JazoStealer

# Reference: https://twitter.com/JAMESWT_MHT/status/1281154921811841026
# Reference: https://twitter.com/Arkbird_SOLG/status/1281269633992069121
# Reference: https://twitter.com/stamparm/status/1352551926383206400
# Reference: https://app.any.run/tasks/ca9bb8a8-7f62-4082-b246-b63decea1895/
# Reference: https://app.any.run/tasks/52c141f7-3823-43f5-ae90-896262f4483d/
# Reference: https://app.any.run/tasks/e197837b-580d-45c0-9caa-f79c6c8e8212/
# Reference: https://app.any.run/tasks/bcbe1b59-c0a2-4bab-aac1-1e94468b830b/
# Reference: https://app.any.run/tasks/85cf40f9-a5ae-4be1-8d9e-a021745ed87e/
# Reference: https://app.any.run/tasks/56691186-4155-4e8d-99b9-7ea14461ea97/
# Reference: https://www.virustotal.com/gui/file/502ce2c7e598c46b3ce22e24dbbdce07042b2d6e63f8ffc08c8940f3845b8356/detection

2ihsfa.com
wsfsd33sdfer.com
wdsfw34erf93.com
jfiuuhgg.com
jfoaigh.com

# Reference: https://www.virustotal.com/gui/file/ab1dc8ee52c03549f3e6edac87476a325da33d076cd0109b7d863418475b219b/detection

wws23dfwe.com

# Reference: https://www.virustotal.com/gui/file/9df1beaa8e4e864253fef80aa964ccf5876376116e9a62ab46e724491eb09e8a/detection

uyyge5w3ye.2ihsfa.com

# Reference: https://www.virustotal.com/gui/file/96701ee98517a4131272c84c7fc305ba4e3805e44aa763473daa65899e76c17b/detection

uehge4g6gh.2ihsfa.com

# Reference: https://www.virustotal.com/gui/domain/hfuie32.2ihsfa.com/relations

hfuie32.2ihsfa.com

# Reference: https://www.virustotal.com/gui/file/7a6c8ce1e4a64866a8e1341f135544aeb2b7ca4b27d784885dc75df7a96e56f8/detection

pirod-dcn.xyz

# Reference: https://twitter.com/Mesiagh/status/1402322843178729479

waaer435fc.com

# Reference: https://tria.ge/201201-kjhm5lgw4j/behavioral1
# Reference: https://www.virustotal.com/gui/file/fc8f0522f5dcffc6ef41ce4c075a245d3f1ee55dda8a63c647eee6fdba4da25a/detection

http://95.181.155.112

# Reference: https://www.virustotal.com/gui/file/68aab4d5d6d862bbf77cf836e80ea486a14ae11bc32cec46291a32834dd15045/detection

wdsewfsd.com

# Generic

/api/fbtime
/index.php/api/fb