#Kimsuky #DPRK🇰🇵 n-cloud[.]masterlg[.]dns[.]army nversf[.]dynv6[.]net nid-user[.]mlsch-nid[.]dynv6[.]net n-store[.]nt0s-smt[.]dns[.]army n-cloud[.]nstnvd[.]dns[.]army n-store[.]callingsin[.]dns[.]army maincheck[.]dynv6[.]net nn-corp[.]ipsmkt[.]dynv6[.]net navdock[.]dynv6[.]net nid-user[.]navdock[.]dynv6[.]net nuser-login[.]navdock[.]dynv6[.]net n-corp[.]mlsch-nid[.]dynv6[.]net nuser-login[.]mlsch-nid[.]dynv6[.]net nuser-login[.]anisds[.]dynv6[.]net anisds[.]dynv6[.]net mlsch-nid[.]dynv6[.]net n-store[.]mlsch-nid[.]dynv6[.]net n-cloud[.]anisds[.]dynv6[.]net againchecker[.]dynv6[.]net n-cloud[.]againchecker[.]dynv6[.]net nuser-login[.]askinfo[.]dynv6[.]net askinfo[.]dynv6[.]net n-store[.]askinfo[.]dynv6[.]net n-corp[.]askinfo[.]dynv6[.]net n-cloud[.]askinfo[.]dynv6[.]net nid-user[.]almsalert[.]dynv6[.]net nuser-login[.]ysadc[.]dynv6[.]net txstorage[.]dynv6[.]net mvtsl[.]dynv6[.]net ipsmkt[.]dynv6[.]net n-corp[.]ipsmkt[.]dynv6[.]net nwlogn[.]dynv6[.]net nid-user[.]taxalert[.]dynv6[.]net lgtax[.]dynv6[.]net bigdeal[.]dynv6[.]net reloguser2[.]dynv6[.]net msapw[.]dynv6[.]net nuser-login[.]nversf[.]dynv6[.]net n-corp[.]mvtsl[.]dynv6[.]net nuser-login[.]bigdeal[.]dynv6[.]net n-store[.]reloguser2[.]dynv6[.]net nid-user[.]reloguser2[.]dynv6[.]net n-corp[.]reloguser2[.]dynv6[.]net n-cloud[.]reloguser2[.]dynv6[.]net n-store[.]lgtax[.]dynv6[.]net nid-user[.]ipsgoalert[.]dynv6[.]net almsalert[.]dynv6[.]net govalert[.]dynv6[.]net nid-user[.]govalert[.]dynv6[.]net alertkr[.]dynv6[.]net n-corp[.]alertkr[.]dynv6[.]net nuser-login[.]alertkr[.]dynv6[.]net htax-alert[.]dynv6[.]net taxalert[.]dynv6[.]net accstore[.]dynv6[.]net n-corp[.]accstore[.]dynv6[.]net asntml[.]dynv6[.]net nid-user[.]asntml[.]dynv6[.]net n-cloud[.]asntml[.]dynv6[.]net nuser-login[.]asntml[.]dynv6[.]net n-store[.]store-ipscorp[.]dynv6[.]net mlsqs[.]dynv6[.]net store-ipscorp[.]dynv6[.]net hldsl[.]dynv6[.]net nmtsv[.]dynv6[.]net ipsntcorp[.]dynv6[.]net nid-user[.]ipsncorp[.]dns[.]navy n-cloud[.]tax-nav[.]dns[.]army nid-user[.]tax-nav[.]dns[.]army tax-sdoc[.]dynv6[.]net nuser-login[.]tax-sdoc[.]dynv6[.]net n-corp[.]tax-sdoc[.]dynv6[.]net tax-store[.]mydns[.]jp ntsgo-auth[.]mydns[.]jp nts-govkr[.]mydns[.]jp nid-user[.]ips-nidlogin[.]dns[.]army nidinvoice-nts[.]mydns[.]jp n-store[.]ipslogin[.]dns[.]navy nts-edocdeliver[.]mydns[.]jp nuser-login[.]nts-edocdeliver[.]mydns[.]jp ips-ecorp[.]mydns[.]jp noticekr-ips[.]dynv6[.]net n-store[.]noticekr-ips[.]dynv6[.]net n-store[.]ips-invoicestore[.]dynv6[.]net ips-invoicestore[.]dynv6[.]net nuser-login[.]ips-invoicestore[.]dynv6[.]net n-cloud[.]ipsdoc-auth[.]mydns[.]vc n-store[.]ipsdoc-auth[.]mydns[.]vc nid-user[.]ipsdoc-auth[.]mydns[.]vc n-corp[.]ipsdoc-auth[.]mydns[.]vc ipsdoc-auth[.]mydns[.]vc nuser-login[.]ipsdoc-auth[.]mydns[.]vc nid-user[.]nts-authdoc[.]mydns[.]vc nts-checkauth[.]mydns[.]vc n-store[.]nts-checkauth[.]mydns[.]vc n-corp[.]nts-checkauth[.]mydns[.]vc n-cloud[.]nts-authdoc[.]mydns[.]vc nuser-login[.]noticekr-ips[.]mydns[.]bz ips-notice[.]mydns[.]vc nid-user[.]ips-helper[.]mydns[.]vc nuser-login[.]ips-notice[.]mydns[.]vc n-corp[.]ips-notice[.]mydns[.]vc nuser-login[.]ips-helper[.]mydns[.]vc n-corp[.]ips-checkauth[.]mydns[.]vc n-corp[.]ips-helper[.]mydns[.]vc ips-helper[.]mydns[.]vc n-cloud[.]ips-helper[.]mydns[.]vc n-store[.]ips-helper[.]mydns[.]vc ipsdeliver[.]mydns[.]vc nid-user[.]ipsdeliver[.]mydns[.]vc nuser-login[.]invoicedoc-ips[.]mydns[.]vc nid-user[.]noticekr-ips[.]mydns[.]bz n-cloud[.]noticekr-ips[.]mydns[.]bz noticekr-ips[.]mydns[.]bz n-corp[.]noticekr-ips[.]mydns[.]bz n-store[.]invoicedoc-ips[.]mydns[.]vc nuser-login[.]nidinvoice-ips[.]mydns[.]vc n-corp[.]invoicedoc-ips[.]mydns[.]vc n-cloud[.]invoicedoc-ips[.]mydns[.]vc invoicedoc-ips[.]mydns[.]vc nid-user[.]invoicedoc-ips[.]mydns[.]vc n-store[.]ips-checkauth[.]mydns[.]vc nid-user[.]ips-checkauth[.]mydns[.]vc ips-checkauth[.]mydns[.]vc nuser-login[.]ips-checkauth[.]mydns[.]vc ips-helper[.]mydns[.]bz n-corp[.]ips-nidauth[.]mydns[.]vc ips-nidauth[.]mydns[.]vc n-store[.]ips-nidauth[.]mydns[.]vc nuser-login[.]ips-nidauth[.]mydns[.]vc nid-user[.]ips-nidauth[.]mydns[.]vc n-cloud[.]ips-taxkr[.]mydns[.]bz nid-user[.]nidinvoice-ips[.]mydns[.]vc n-corp[.]nidinvoice-ips[.]mydns[.]vc nidinvoice-ips[.]mydns[.]vc n-cloud[.]nidinvoice-ips[.]mydns[.]vc n-store[.]nidinvoice-ips[.]mydns[.]vc ips-taxkr[.]mydns[.]bz n-store[.]ips-taxkr[.]mydns[.]bz n-cloud[.]ips-edocdeliver[.]mydns[.]bz n-corp[.]ips-taxkr[.]mydns[.]bz nid-user[.]ips-taxkr[.]mydns[.]bz nuser-login[.]ips-edocdeliver[.]mydns[.]bz ips-edocdeliver[.]mydns[.]bz n-store[.]ips-edocdeliver[.]mydns[.]bz nid-user[.]ips-edocdeliver[.]mydns[.]bz n-corp[.]ips-edocdeliver[.]mydns[.]bz ipsdeliver[.]mydns[.]bz nidsec-notice[.]mydns[.]bz nuser-login[.]ips-helper[.]mydns[.]bz n-corp[.]ips-helpinvoice[.]mydns[.]bz ips-helpinvoice[.]mydns[.]bz nid-user[.]ips-helpinvoice[.]mydns[.]bz n-corp[.]ips-nidlg[.]mydns[.]bz ips-nidlg[.]mydns[.]bz n-corp[.]ips-authcheck[.]mydns[.]bz noticeips-nid[.]mydns[.]bz n-corp[.]noticeips-nid[.]mydns[.]bz n-cloud[.]noticeips-nid[.]mydns[.]bz nid-user[.]ips-authcheck[.]mydns[.]bz ips-authcheck[.]mydns[.]bz n-store[.]ips-authcheck[.]mydns[.]bz n-cloud[.]ips-nidlg[.]mydns[.]bz n-corp[.]ips-notice[.]mydns[.]bz ips-notice[.]mydns[.]bz nid-user[.]ips-notice[.]mydns[.]bz vpn280621771[.]softether[.]net ips-krgo[.]mydns[.]bz n-cloud[.]ips-krgo[.]mydns[.]bz 158[.]247[.]197[.]123 AS20473 The Constant Company, LLC 🇰🇷

#Kimsuky #DPRK🇰🇵 n-corp[.]ipsmkt[.]dynv6[.]net nwlogn[.]dynv6[.]net nid-user[.]taxalert[.]dynv6[.]net lgtax[.]dynv6[.]net bigdeal[.]dynv6[.]net reloguser2[.]dynv6[.]net msapw[.]dynv6[.]net nuser-login[.]nversf[.]dynv6[.]net n-corp[.]mvtsl[.]dynv6[.]net nuser-login[.]bigdeal[.]dynv6[.]net n-store[.]reloguser2[.]dynv6[.]net nid-user[.]reloguser2[.]dynv6[.]net n-corp[.]reloguser2[.]dynv6[.]net n-cloud[.]reloguser2[.]dynv6[.]net n-store[.]lgtax[.]dynv6[.]net nid-user[.]ipsgoalert[.]dynv6[.]net almsalert[.]dynv6[.]net govalert[.]dynv6[.]net nid-user[.]govalert[.]dynv6[.]net alertkr[.]dynv6[.]net n-corp[.]alertkr[.]dynv6[.]net nuser-login[.]alertkr[.]dynv6[.]net htax-alert[.]dynv6[.]net taxalert[.]dynv6[.]net accstore[.]dynv6[.]net n-corp[.]accstore[.]dynv6[.]net asntml[.]dynv6[.]net nid-user[.]asntml[.]dynv6[.]net n-cloud[.]asntml[.]dynv6[.]net nuser-login[.]asntml[.]dynv6[.]net n-store[.]store-ipscorp[.]dynv6[.]net mlsqs[.]dynv6[.]net store-ipscorp[.]dynv6[.]net hldsl[.]dynv6[.]net nmtsv[.]dynv6[.]net ipsntcorp[.]dynv6[.]net nid-user[.]ipsncorp[.]dns[.]navy n-cloud[.]tax-nav[.]dns[.]army nid-user[.]tax-nav[.]dns[.]army tax-sdoc[.]dynv6[.]net nuser-login[.]tax-sdoc[.]dynv6[.]net n-corp[.]tax-sdoc[.]dynv6[.]net tax-store[.]mydns[.]jp ntsgo-auth[.]mydns[.]jp nts-govkr[.]mydns[.]jp nid-user[.]ips-nidlogin[.]dns[.]army nidinvoice-nts[.]mydns[.]jp n-store[.]ipslogin[.]dns[.]navy nts-edocdeliver[.]mydns[.]jp nuser-login[.]nts-edocdeliver[.]mydns[.]jp ips-ecorp[.]mydns[.]jp noticekr-ips[.]dynv6[.]net n-store[.]noticekr-ips[.]dynv6[.]net n-store[.]ips-invoicestore[.]dynv6[.]net ips-invoicestore[.]dynv6[.]net nuser-login[.]ips-invoicestore[.]dynv6[.]net n-cloud[.]ipsdoc-auth[.]mydns[.]vc n-store[.]ipsdoc-auth[.]mydns[.]vc nid-user[.]ipsdoc-auth[.]mydns[.]vc n-corp[.]ipsdoc-auth[.]mydns[.]vc ipsdoc-auth[.]mydns[.]vc nuser-login[.]ipsdoc-auth[.]mydns[.]vc nid-user[.]nts-authdoc[.]mydns[.]vc nts-checkauth[.]mydns[.]vc n-store[.]nts-checkauth[.]mydns[.]vc n-corp[.]nts-checkauth[.]mydns[.]vc n-cloud[.]nts-authdoc[.]mydns[.]vc nuser-login[.]noticekr-ips[.]mydns[.]bz ips-notice[.]mydns[.]vc nid-user[.]ips-helper[.]mydns[.]vc nuser-login[.]ips-notice[.]mydns[.]vc n-corp[.]ips-notice[.]mydns[.]vc nuser-login[.]ips-helper[.]mydns[.]vc n-corp[.]ips-checkauth[.]mydns[.]vc n-corp[.]ips-helper[.]mydns[.]vc ips-helper[.]mydns[.]vc n-cloud[.]ips-helper[.]mydns[.]vc n-store[.]ips-helper[.]mydns[.]vc ipsdeliver[.]mydns[.]vc nid-user[.]ipsdeliver[.]mydns[.]vc nuser-login[.]invoicedoc-ips[.]mydns[.]vc nid-user[.]noticekr-ips[.]mydns[.]bz n-cloud[.]noticekr-ips[.]mydns[.]bz noticekr-ips[.]mydns[.]bz n-corp[.]noticekr-ips[.]mydns[.]bz n-store[.]invoicedoc-ips[.]mydns[.]vc nuser-login[.]nidinvoice-ips[.]mydns[.]vc n-corp[.]invoicedoc-ips[.]mydns[.]vc n-cloud[.]invoicedoc-ips[.]mydns[.]vc invoicedoc-ips[.]mydns[.]vc nid-user[.]invoicedoc-ips[.]mydns[.]vc n-store[.]ips-checkauth[.]mydns[.]vc nid-user[.]ips-checkauth[.]mydns[.]vc ips-checkauth[.]mydns[.]vc nuser-login[.]ips-checkauth[.]mydns[.]vc ips-helper[.]mydns[.]bz n-corp[.]ips-nidauth[.]mydns[.]vc ips-nidauth[.]mydns[.]vc n-store[.]ips-nidauth[.]mydns[.]vc nuser-login[.]ips-nidauth[.]mydns[.]vc nid-user[.]ips-nidauth[.]mydns[.]vc n-cloud[.]ips-taxkr[.]mydns[.]bz nid-user[.]nidinvoice-ips[.]mydns[.]vc n-corp[.]nidinvoice-ips[.]mydns[.]vc nidinvoice-ips[.]mydns[.]vc n-cloud[.]nidinvoice-ips[.]mydns[.]vc n-store[.]nidinvoice-ips[.]mydns[.]vc ips-taxkr[.]mydns[.]bz n-store[.]ips-taxkr[.]mydns[.]bz n-cloud[.]ips-edocdeliver[.]mydns[.]bz n-corp[.]ips-taxkr[.]mydns[.]bz nid-user[.]ips-taxkr[.]mydns[.]bz nuser-login[.]ips-edocdeliver[.]mydns[.]bz ips-edocdeliver[.]mydns[.]bz n-store[.]ips-edocdeliver[.]mydns[.]bz nid-user[.]ips-edocdeliver[.]mydns[.]bz n-corp[.]ips-edocdeliver[.]mydns[.]bz ipsdeliver[.]mydns[.]bz nidsec-notice[.]mydns[.]bz nuser-login[.]ips-helper[.]mydns[.]bz n-corp[.]ips-helpinvoice[.]mydns[.]bz ips-helpinvoice[.]mydns[.]bz nid-user[.]ips-helpinvoice[.]mydns[.]bz n-corp[.]ips-nidlg[.]mydns[.]bz ips-nidlg[.]mydns[.]bz n-corp[.]ips-authcheck[.]mydns[.]bz noticeips-nid[.]mydns[.]bz n-corp[.]noticeips-nid[.]mydns[.]bz n-cloud[.]noticeips-nid[.]mydns[.]bz nid-user[.]ips-authcheck[.]mydns[.]bz ips-authcheck[.]mydns[.]bz n-store[.]ips-authcheck[.]mydns[.]bz n-cloud[.]ips-nidlg[.]mydns[.]bz n-corp[.]ips-notice[.]mydns[.]bz ips-notice[.]mydns[.]bz nid-user[.]ips-notice[.]mydns[.]bz vpn280621771[.]softether[.]net ips-krgo[.]mydns[.]bz n-cloud[.]ips-krgo[.]mydns[.]bz 158[.]247[.]197[.]123 AS20473 The Constant Company, LLC 🇰🇷

Created a google keep backend clone, where users can login, register (done in part -1) . User can create , find all, find note by id, and can update notes.All the routes are protected with authCheck Middleware. Used jwt for authenticating the users.

#Kimsuky #DPRK🇰🇵 nuser-login[.]alertkr[.]dynv6[.]net htax-alert[.]dynv6[.]net taxalert[.]dynv6[.]net accstore[.]dynv6[.]net n-corp[.]accstore[.]dynv6[.]net asntml[.]dynv6[.]net nid-user[.]asntml[.]dynv6[.]net n-cloud[.]asntml[.]dynv6[.]net nuser-login[.]asntml[.]dynv6[.]net n-store[.]store-ipscorp[.]dynv6[.]net mlsqs[.]dynv6[.]net store-ipscorp[.]dynv6[.]net hldsl[.]dynv6[.]net nmtsv[.]dynv6[.]net ipsntcorp[.]dynv6[.]net nid-user[.]ipsncorp[.]dns[.]navy n-cloud[.]tax-nav[.]dns[.]army nid-user[.]tax-nav[.]dns[.]army tax-sdoc[.]dynv6[.]net nuser-login[.]tax-sdoc[.]dynv6[.]net n-corp[.]tax-sdoc[.]dynv6[.]net tax-store[.]mydns[.]jp ntsgo-auth[.]mydns[.]jp nts-govkr[.]mydns[.]jp nid-user[.]ips-nidlogin[.]dns[.]army nidinvoice-nts[.]mydns[.]jp n-store[.]ipslogin[.]dns[.]navy nts-edocdeliver[.]mydns[.]jp nuser-login[.]nts-edocdeliver[.]mydns[.]jp ips-ecorp[.]mydns[.]jp noticekr-ips[.]dynv6[.]net n-store[.]noticekr-ips[.]dynv6[.]net n-store[.]ips-invoicestore[.]dynv6[.]net ips-invoicestore[.]dynv6[.]net nuser-login[.]ips-invoicestore[.]dynv6[.]net n-cloud[.]ipsdoc-auth[.]mydns[.]vc n-store[.]ipsdoc-auth[.]mydns[.]vc nid-user[.]ipsdoc-auth[.]mydns[.]vc n-corp[.]ipsdoc-auth[.]mydns[.]vc ipsdoc-auth[.]mydns[.]vc nuser-login[.]ipsdoc-auth[.]mydns[.]vc nid-user[.]nts-authdoc[.]mydns[.]vc nts-checkauth[.]mydns[.]vc n-store[.]nts-checkauth[.]mydns[.]vc n-corp[.]nts-checkauth[.]mydns[.]vc n-cloud[.]nts-authdoc[.]mydns[.]vc nuser-login[.]noticekr-ips[.]mydns[.]bz ips-notice[.]mydns[.]vc nid-user[.]ips-helper[.]mydns[.]vc nuser-login[.]ips-notice[.]mydns[.]vc n-corp[.]ips-notice[.]mydns[.]vc nuser-login[.]ips-helper[.]mydns[.]vc n-corp[.]ips-checkauth[.]mydns[.]vc n-corp[.]ips-helper[.]mydns[.]vc ips-helper[.]mydns[.]vc n-cloud[.]ips-helper[.]mydns[.]vc n-store[.]ips-helper[.]mydns[.]vc ipsdeliver[.]mydns[.]vc nid-user[.]ipsdeliver[.]mydns[.]vc nuser-login[.]invoicedoc-ips[.]mydns[.]vc nid-user[.]noticekr-ips[.]mydns[.]bz n-cloud[.]noticekr-ips[.]mydns[.]bz noticekr-ips[.]mydns[.]bz n-corp[.]noticekr-ips[.]mydns[.]bz n-store[.]invoicedoc-ips[.]mydns[.]vc nuser-login[.]nidinvoice-ips[.]mydns[.]vc n-corp[.]invoicedoc-ips[.]mydns[.]vc n-cloud[.]invoicedoc-ips[.]mydns[.]vc invoicedoc-ips[.]mydns[.]vc nid-user[.]invoicedoc-ips[.]mydns[.]vc n-store[.]ips-checkauth[.]mydns[.]vc nid-user[.]ips-checkauth[.]mydns[.]vc ips-checkauth[.]mydns[.]vc nuser-login[.]ips-checkauth[.]mydns[.]vc ips-helper[.]mydns[.]bz n-corp[.]ips-nidauth[.]mydns[.]vc ips-nidauth[.]mydns[.]vc n-store[.]ips-nidauth[.]mydns[.]vc nuser-login[.]ips-nidauth[.]mydns[.]vc nid-user[.]ips-nidauth[.]mydns[.]vc n-cloud[.]ips-taxkr[.]mydns[.]bz nid-user[.]nidinvoice-ips[.]mydns[.]vc n-corp[.]nidinvoice-ips[.]mydns[.]vc nidinvoice-ips[.]mydns[.]vc n-cloud[.]nidinvoice-ips[.]mydns[.]vc n-store[.]nidinvoice-ips[.]mydns[.]vc ips-taxkr[.]mydns[.]bz n-store[.]ips-taxkr[.]mydns[.]bz n-cloud[.]ips-edocdeliver[.]mydns[.]bz n-corp[.]ips-taxkr[.]mydns[.]bz nid-user[.]ips-taxkr[.]mydns[.]bz nuser-login[.]ips-edocdeliver[.]mydns[.]bz ips-edocdeliver[.]mydns[.]bz n-store[.]ips-edocdeliver[.]mydns[.]bz nid-user[.]ips-edocdeliver[.]mydns[.]bz n-corp[.]ips-edocdeliver[.]mydns[.]bz ipsdeliver[.]mydns[.]bz nidsec-notice[.]mydns[.]bz nuser-login[.]ips-helper[.]mydns[.]bz n-corp[.]ips-helpinvoice[.]mydns[.]bz ips-helpinvoice[.]mydns[.]bz nid-user[.]ips-helpinvoice[.]mydns[.]bz n-corp[.]ips-nidlg[.]mydns[.]bz ips-nidlg[.]mydns[.]bz n-corp[.]ips-authcheck[.]mydns[.]bz noticeips-nid[.]mydns[.]bz n-corp[.]noticeips-nid[.]mydns[.]bz n-cloud[.]noticeips-nid[.]mydns[.]bz nid-user[.]ips-authcheck[.]mydns[.]bz ips-authcheck[.]mydns[.]bz n-store[.]ips-authcheck[.]mydns[.]bz n-cloud[.]ips-nidlg[.]mydns[.]bz n-corp[.]ips-notice[.]mydns[.]bz ips-notice[.]mydns[.]bz nid-user[.]ips-notice[.]mydns[.]bz vpn280621771[.]softether[.]net ips-krgo[.]mydns[.]bz n-cloud[.]ips-krgo[.]mydns[.]bz 158[.]247[.]197[.]123 AS20473 The Constant Company, LLC 🇰🇷

#Kimsuky #DPRK🇰🇵 5512102[.]net verify[.]supportnpdisp[.]mydns[.]bz billmatedoc[.]mydns[.]bz user[.]billmatedoc[.]mydns[.]bz n-store[.]ips-nidlog[.]mydns[.]vc n-corp[.]ips-nidlog[.]mydns[.]vc nuser-login[.]ips-mailer[.]mydns[.]vc n-store[.]ips-mailer[.]mydns[.]vc navemainse[.]mydns[.]jp lmdoc-hometax[.]mydns[.]bz n-corp[.]ips-dns[.]mydns[.]vc ips-dns[.]mydns[.]vc nid-user[.]ips-nidlog[.]mydns[.]vc n-cloud[.]ips-mailer[.]mydns[.]vc docinf[.]nphostinvoice[.]mydns[.]bz nfo[.]reviewusrblog[.]mydns[.]bz info[.]nphostinvoice[.]mydns[.]bz docinfp[.]reviewusrblog[.]mydns[.]bz nfo[.]docauthzone[.]mydns[.]bz ice[.]docauthzone[.]mydns[.]bz 58nts-govkr[.]mydns[.]vc 210[.]58nts-govkr[.]mydns[.]vc 247[.]210[.]58nts-govkr[.]mydns[.]vc 158[.]247[.]210[.]58nts-govkr[.]mydns[.]vc teddy[.]jp nwdocument-hometax[.]mydns[.]bz invoice[.]docauthzone[.]mydns[.]bz edoc[.]docauthzone[.]mydns[.]bz docinfo[.]docauthzone[.]mydns[.]bz docauthzone[.]mydns[.]bz nid-user[.]ips-notice[.]mydns[.]bz twins2000[.]net usraccesstype[.]mydns[.]bz usrauthsystem[.]mydns[.]bz usr[.]usrauthsystem[.]mydns[.]bz usr[.]usraccesstype[.]mydns[.]bz invoice[.]usrauthsystem[.]mydns[.]bz invoice[.]usraccesstype[.]mydns[.]bz info[.]usrauthsystem[.]mydns[.]bz edoc[.]usrauthsystem[.]mydns[.]bz edoc[.]usraccesstype[.]mydns[.]bz doc[.]usrauthsystem[.]mydns[.]bz xyinc[.]biz n-cloud[.]ips-dns[.]mydns[.]vc tokyoanalysis[.]com edoc[.]lnkblogaddress[.]mydns[.]bz lnkblogaddress[.]mydns[.]bz idas-g[.]com ncv-clinic[.]com n-corp[.]nts-ecorp[.]mydns[.]bz bok[.]mydns[.]bz store[.]bok[.]mydns[.]bz nblog-auth[.]mydns[.]bz ips-nidkr[.]mydns[.]bz n-blog[.]nblog-auth[.]mydns[.]bz nidocument-hometax[.]mydns[.]bz doc[.]nps-usrcontent[.]mydns[.]bz nps-usrcontent[.]mydns[.]bz edoc[.]nps-usrcontent[.]mydns[.]bz info[.]nps-usrcontent[.]mydns[.]bz manageblogsvc[.]mydns[.]bz userinfo[.]ntlinkprofile[.]mydns[.]bz usr[.]manageblogsvc[.]mydns[.]bz docinfo[.]manageblogsvc[.]mydns[.]bz blog[.]manageblogsvc[.]mydns[.]bz info[.]manageblogsvc[.]mydns[.]bz untistar[.]com mkdocument-hometax[.]mydns[.]bz noticeips-nid[.]mydns[.]bz mmdoc-hometax[.]mydns[.]bz info[.]ntgokorea[.]mydns[.]bz nid-user[.]ips-authcheck[.]mydns[.]bz n-store[.]ips-authcheck[.]mydns[.]bz n-corp[.]ips-authcheck[.]mydns[.]bz ips-authcheck[.]mydns[.]bz ntgokorea[.]mydns[.]bz n-corp[.]ips-nidlg[.]mydns[.]bz n-cloud[.]ips-nidlg[.]mydns[.]bz ips-nidlg[.]mydns[.]bz ips-dns[.]mydns[.]bz invoice[.]blog-usrproof[.]mydns[.]bz info[.]blog-usrproof[.]mydns[.]bz docinfo[.]blog-usrproof[.]mydns[.]bz ntercmdoc[.]mydns[.]bz ips-nidecall[.]mydns[.]vc mtdocument-hometax[.]mydns[.]bz mtdoc-hometax[.]mydns[.]bz dn[.]mtdoc-hometax[.]mydns[.]bz info[.]ntercmdoc[.]mydns[.]bz nuser-login[.]ips-nidecall[.]mydns[.]vc nid-user[.]ips-nidecall[.]mydns[.]vc n-store[.]ips-nidecall[.]mydns[.]vc bn[.]mkdocs-hometax[.]mydns[.]bz kasii[.]work n-corp[.]ips-taxmail[.]mydns[.]bz n-cloud[.]ips-taxmail[.]mydns[.]bz ips-taxmail[.]mydns[.]bz ips-ndoc[.]mydns[.]bz mydns[.]bz nuser-login[.]ips-calledoc[.]mydns[.]bz nid-user[.]ips-ndoc[.]mydns[.]bz ips-calledoc[.]mydns[.]bz caramel-latte[.]net kakao[.]com-login[.]live-on[.]net ips-krgo[.]mydns[.]bz n-cloud[.]ips-krgo[.]mydns[.]bz fuji-kouseihogo[.]net japanloli[.]tech maachang[.]com blue[.]mydns[.]jp n-store[.]ips-govkr[.]mydns[.]bz kuncho-train[.]com hirutec[.]com webtaxdocderive[.]mydns[.]vc docinfo[.]webtaxdocderive[.]mydns[.]vc mojichuoichiba[.]com evermedica02[.]jp qnk[.]jp kotatsuneko[.]jp whitetubasa[.]com hit24you-info[.]com uncoops[.]com ekdocs-hometax[.]mydns[.]bz an[.]ekdocs-hometax[.]mydns[.]bz dn[.]eodocs-hometax[.]mydns[.]bz bn[.]ekdocs-hometax[.]mydns[.]bz ewdoc-hometax[.]mydns[.]bz dn[.]ekdocs-hometax[.]mydns[.]bz dn[.]ewdoc-hometax[.]mydns[.]bz eodocs-hometax[.]mydns[.]bz eodocument-hometax[.]mydns[.]bz cn[.]eodocument-hometax[.]mydns[.]bz bn[.]eodocument-hometax[.]mydns[.]bz amakui[.]com atletico[.]tokyo yoppyi[.]net kakaocorp[.]com-login[.]live-on[.]net ips-ecall[.]mydns[.]bz nuser-info[.]ips-ecall[.]mydns[.]bz 9b-p[.]info shack[.]jp dn[.]eodocument-hometax[.]mydns[.]bz an[.]eodocument-hometax[.]mydns[.]bz xn--v92b[.]eodocument-hometax[.]mydns[.]bz _[.]com-login[.]live-on[.]net dn[.]ekdocument-hometax[.]mydns[.]bz ekdocument-hometax[.]mydns[.]bz info[.]dochostread[.]mydns[.]bz dochostread[.]mydns[.]bz eodoc-hometax[.]mydns[.]bz cn[.]eodoc-hometax[.]mydns[.]bz cn[.]oedocument-home[.]mydns[.]bz oedocument-home[.]mydns[.]bz lollipop[.]pgw[.]jp vicky[.]mydns[.]jp mail[.]shounan[.]jp geiger[.]mydns[.]jp paradise[.]mydns[.]jp project[.]mydns[.]jp takerusoftware[.]mydns[.]jp ncs[.]mydns[.]jp shira[.]su nostr[.]shira[.]su jq7atb[.]mydns[.]jp blue2age[.]com termdocdelegate[.]mydns[.]vc bons6[.]com shibutani[.]site shibutani[.]biz ysdmac[.]work aristowork[.]com hanamizuki[.]pgw[.]jp invoice[.]ninvoicemanage[.]mydns[.]vc info[.]ninvoicemanage[.]mydns[.]vc wuas[.]work kmmtm[.]net edoc[.]donateusrdoc[.]mydns[.]vc donateusrdoc[.]mydns[.]vc edoc[.]officialdoccorp[.]mydns[.]vc officialdoccorp[.]mydns[.]vc edoc[.]npinvoicelab[.]mydns[.]vc n-invoice[.]ips-gov[.]mydns[.]vc ncorp-cloud[.]ips-doc[.]mydns[.]vc ncorp-info[.]ips-store[.]mydns[.]vc ninvoicemanage[.]mydns[.]vc docinfo[.]checkforreceive[.]mydns[.]vc doc[.]npinvoicelab[.]mydns[.]vc npinvoicelab[.]mydns[.]vc doc[.]ninvoicemanage[.]mydns[.]vc checkforreceive[.]mydns[.]vc nitsuke[.]com ips-doc[.]mydns[.]vc edoc-hometax[.]mydns[.]bz nci[.]navrlogen[.]live-on[.]net kak2ao[.]com-login[.]live-on[.]net asdf[.]com-login[.]live-on[.]net kakaocrop[.]com-auth[.]server-on[.]net edocument-hometax[.]mydns[.]bz nts-eml[.]mydns[.]bz edoc-nts[.]mydns[.]bz document-hometax[.]mydns[.]bz com-login[.]live-on[.]net cn[.]edocument-hometax[.]mydns[.]bz cn[.]document-hometax[.]mydns[.]bz navercorp[.]com-auth[.]server-on[.]net outlook[.]server-on[.]net docauthlink[.]mydns[.]vc edoc[.]docauthlink[.]mydns[.]vc iiailog[.]mydns[.]bz nndiayou[.]mydns[.]bz inyouirinfo[.]mydns[.]bz inyoiurnfo[.]mydns[.]bz kakao[.]com-auth[.]server-on[.]net com-signin[.]live-on[.]net ciliuicnck[.]mydns[.]bz info[.]blogauthmanage[.]mydns[.]vc invoice[.]mdocinfo[.]mydns[.]vc cn[.]ciliuicnck[.]mydns[.]bz n-store[.]nts-ncorp[.]mydns[.]vc nid-user[.]nts-eml[.]mydns[.]vc n-store[.]nts-eml[.]mydns[.]vc nid-user[.]nts-nl[.]mydns[.]vc bok[.]mydns[.]vc nts-nl[.]mydns[.]vc ips-store[.]mydns[.]vc homecorpdep[.]mydns[.]vc ifillog[.]mydns[.]bz ligllilssyou[.]mydns[.]bz n-cloud[.]nts-kit[.]mydns[.]vc nts-kit[.]mydns[.]vc download[.]bok[.]mydns[.]vc nai[.]navoerlogin[.]keyword-on[.]net docinfo[.]nportalonline[.]mydns[.]vc jq2sai[.]mydns[.]jp usr[.]nportalonline[.]mydns[.]vc invoice[.]nportalonline[.]mydns[.]vc nportalonline[.]mydns[.]vc info[.]nportalonline[.]mydns[.]vc ips-as[.]mydns[.]bz oauth[.]contactdocid[.]server-on[.]net bn[.]sevilverif[.]mydns[.]bz accountndoc[.]server-on[.]net nts-nidauth[.]mydns[.]bz n-corp[.]nts-nidauth[.]mydns[.]bz n-invoice[.]ips-as[.]mydns[.]bz icoincfim[.]mydns[.]bz nbd[.]icoincfim[.]mydns[.]bz nad[.]ifcoinvfim[.]mydns[.]bz ifcoinvfim[.]mydns[.]bz cailiucnck[.]mydns[.]bz sevilverif[.]mydns[.]bz vernity[.]mydns[.]bz logllilssyou[.]mydns[.]bz dn[.]logllilssyou[.]mydns[.]bz online-kt[.]server-on[.]net cn[.]cailteve[.]mydns[.]bz urabe[.]click usrdocslink[.]server-on[.]net embloger[.]server-on[.]net myblogauth[.]mydns[.]vc navrlogen[.]live-on[.]net nbi[.]navrlogen[.]live-on[.]net ntdocid[.]server-on[.]net dn[.]incoinecfim[.]mydns[.]bz cn[.]incoinecfim[.]mydns[.]bz bn[.]incoincfim[.]mydns[.]bz cn[.]incoincfim[.]mydns[.]bz cn[.]sevilrverif[.]mydns[.]bz invoice[.]myblogauth[.]mydns[.]vc incoincfim[.]mydns[.]bz dn[.]veraity[.]mydns[.]bz dn[.]incoincfim[.]mydns[.]bz docinfo[.]myblogauth[.]mydns[.]vc info[.]myblogauth[.]mydns[.]vc kakako[.]com-login[.]live-on[.]net navercorp[.]com-signin[.]live-on[.]net sevilrverif[.]mydns[.]bz cn[.]veraity[.]mydns[.]bz caliucnck[.]mydns[.]bz an[.]veraity[.]mydns[.]bz komusou[.]com ncd[.]isyournfo[.]mydns[.]bz infellog[.]mydns[.]bz nbd[.]infellog[.]mydns[.]bz auth[.]blogrighthome[.]server-on[.]net blogrighthome[.]server-on[.]net invoice[.]mydns[.]jp nvc[.]invoice[.]mydns[.]jp nid[.]usrdocslink[.]server-on[.]net docs[.]usrdocslink[.]server-on[.]net verify[.]usrdocslink[.]server-on[.]net userdoc[.]webdoclnk[.]server-on[.]net edoc[.]webdoclnk[.]server-on[.]net nbd[.]nidayou[.]keyword-on[.]net ncd[.]nidayou[.]keyword-on[.]net ndd[.]calianck[.]keyword-on[.]net nbd[.]calianck[.]keyword-on[.]net nad[.]calianck[.]keyword-on[.]net calianck[.]keyword-on[.]net nid-user[.]ips-nid[.]mydns[.]vc nid-invoice[.]ips-nid[.]mydns[.]vc calicnck[.]mydns[.]bz invoice[.]onlinedeposits[.]mydns[.]bz ncd[.]sevirvrerif[.]keyword-on[.]net ncd[.]lognisyou[.]live-on[.]net nad[.]lognisyou[.]live-on[.]net lognisyou[.]live-on[.]net ncd[.]veraty[.]live-on[.]net nbd[.]lognisyou[.]live-on[.]net sevirvrerif[.]keyword-on[.]net veraty[.]live-on[.]net nid-check[.]nps-htax[.]live-on[.]net ndd[.]sevirvrerif[.]keyword-on[.]net nbd[.]veraty[.]live-on[.]net ndd[.]lognisyou[.]live-on[.]net nad[.]sevirvrerif[.]keyword-on[.]net nad[.]veraty[.]live-on[.]net usr[.]usermemberblog[.]mydns[.]vc invoice[.]usermemberblog[.]mydns[.]vc edoc[.]usermemberblog[.]mydns[.]vc info[.]usermemberblog[.]mydns[.]vc docinfo[.]usermemberblog[.]mydns[.]vc usermemberblog[.]mydns[.]vc binfo[.]embloger[.]server-on[.]net chkblog[.]accountrecheck[.]server-on[.]net nid[.]edoc[.]view[.]file[.]cto[.]com-mg[.]mydns[.]tw com-view[.]mydns[.]tw com-ces[.]keyword-on[.]net contactdocid[.]server-on[.]net edoc[.]contactdocid[.]server-on[.]net pretix[.]iswa2[.]mydns[.]jp pretalx[.]iswa2[.]mydns[.]jp iswa2[.]mydns[.]jp com-tree[.]mydns[.]tw police[.]com-tree[.]mydns[.]tw nid[.]police[.]com-tree[.]mydns[.]tw edoc[.]view[.]com-mtc[.]server-on[.]net nid[.]edoc[.]view[.]com-mtc[.]server-on[.]net cn[.]infclog[.]mydns[.]bz xiaoyux[.]mydns[.]jp proeblog[.]server-on[.]net kemonchu[.]com officialnblog[.]server-on[.]net user[.]officialnblog[.]server-on[.]net isyounfo[.]mydns[.]bz dn[.]nodeyou[.]mydns[.]bz cn[.]nodeyou[.]mydns[.]bz an[.]isyounfo[.]server-on[.]net an[.]isyounfo[.]mydns[.]bz nid-login[.]live-on[.]net nodeyou[.]live-on[.]net navercorp[.]nid-login[.]live-on[.]net 0algo1[.]com zx-7r[.]com verity[.]server-on[.]net com-kro[.]mydns[.]tw edoc[.]com-kro[.]mydns[.]tw file[.]edoc[.]com-kro[.]mydns[.]tw view[.]file[.]edoc[.]com-kro[.]mydns[.]tw edoc[.]view[.]file[.]edoc[.]com-kro[.]mydns[.]tw file[.]edoc[.]view[.]file[.]edoc[.]com-kro[.]mydns[.]tw view[.]file[.]edoc[.]view[.]file[.]edoc[.]com-kro[.]mydns[.]tw edoc[.]view[.]file[.]edoc[.]view[.]file[.]edoc[.]com-kro[.]mydns[.]tw nood[.]edoc[.]view[.]file[.]edoc[.]view[.]file[.]edoc[.]com-kro[.]mydns[.]tw nisshin-net[.]com cto[.]com-mg[.]mydns[.]tw yynavi[.]wjg[.]jp sakuradia[.]llc info[.]membersverify[.]server-on[.]net eriko[.]click tetsujiroh[.]com twinstarsystems[.]net blog[.]daemon[.]asia 214[.]accountrecheck[.]server-on[.]net 137[.]214[.]accountrecheck[.]server-on[.]net 102[.]137[.]214[.]accountrecheck[.]server-on[.]net 27[.]102[.]137[.]214[.]accountrecheck[.]server-on[.]net dns[.]ntt-doc[.]live-on[.]net dns-info[.]ntt-doc[.]live-on[.]net kesemory[.]com accountrecheck[.]server-on[.]net nid[.]accountrecheck[.]server-on[.]net account-v3sign[.]server-on[.]net com-mg[.]mydns[.]tw delivery[.]auction[.]server-on[.]net noteyou[.]live-on[.]net n-info[.]bill-nts[.]server-on[.]net nid[.]police[.]com-view[.]mydns[.]tw junkcaptor[.]net nld[.]edoc[.]view[.]com-ces[.]keyword-on[.]net mld[.]edoc[.]view[.]file[.]com-life[.]keyword-on[.]net nid-check[.]nts-co[.]server-on[.]net callteve[.]live-on[.]net an[.]imortinfo[.]live-on[.]net cn[.]imortinfo[.]live-on[.]net noticingyou[.]mydns[.]bz infelog[.]mydns[.]bz nlink[.]mydns[.]bz inyounfo[.]mydns[.]bz nid-check[.]ntskr[.]server-on[.]net npskr[.]server-on[.]net nid-check[.]nps-doc[.]server-on[.]net n-info[.]nps-doc[.]server-on[.]net mid[.]edoc[.]view[.]file[.]cot[.]man[.]com-war[.]daemon[.]asia dns[.]nps-doc[.]server-on[.]net cn[.]inyounfo[.]mydns[.]bz check-info[.]home-tax[.]server-on[.]net an[.]noticingyou[.]server-on[.]net an[.]inyounfo[.]mydns[.]bz com-ace[.]live-on[.]net dns[.]doc-nps[.]server-on[.]net edoc[.]invoicedocdeposit[.]mydns[.]bz invoicedocdeposit[.]mydns[.]bz invoice[.]docsecure[.]mydns[.]bz nid[.]invoicedeposit[.]server-on[.]net docsecure[.]mydns[.]bz nid[.]edoc[.]view[.]com-ace[.]live-on[.]net a98[.]biz dogyan[.]net bn[.]imortinfo[.]live-on[.]net dn[.]imortinfo[.]live-on[.]net imortinfo[.]live-on[.]net nekotabi-archive[.]com arrivee[.]net lunapooh[.]com nts-go[.]server-on[.]net com-swod[.]mydns[.]tw nood[.]edoc[.]view[.]file[.]com-life[.]keyword-on[.]net com-life[.]keyword-on[.]net nid[.]edoc[.]view[.]file[.]cot[.]man[.]com-swod[.]mydns[.]tw urapara[.]site vrcworldtour[.]com mood[.]edoc[.]view[.]file[.]com-life[.]keyword-on[.]net eblogauths[.]server-on[.]net confirmusrdoc[.]mydns[.]bz wwwhirax[.]net n-info[.]nts-go[.]server-on[.]net dns-info[.]ntsbiling[.]server-on[.]net check-info[.]nts-go[.]server-on[.]net ntsbiling[.]server-on[.]net htax-kr[.]server-on[.]net hometxschedule[.]mydns[.]bz aaaaa[.]mydns[.]jp man[.]com-swod[.]mydns[.]tw cot[.]man[.]com-swod[.]mydns[.]tw file[.]cot[.]man[.]com-swod[.]mydns[.]tw edoc[.]view[.]file[.]cot[.]man[.]com-swod[.]mydns[.]tw view[.]file[.]cot[.]man[.]com-swod[.]mydns[.]tw ninvoicesecure[.]mydns[.]jp authenticate[.]ntaxhomedoc[.]live-on[.]net oauth[.]nofficialinvoice[.]live-on[.]net invoicetxhome[.]server-on[.]net one[.]usrinvoice[.]mydns[.]bz usrinvoice[.]mydns[.]bz ntaxhomedoc[.]live-on[.]net nofficialinvoice[.]live-on[.]net file[.]cto[.]com-mg[.]mydns[.]tw mid[.]edoc[.]view[.]file[.]com-ox[.]mydns[.]jp cloud162[.]biz mobile[.]auction[.]server-on[.]net auction[.]server-on[.]net file[.]com-life[.]keyword-on[.]net view[.]com-ces[.]keyword-on[.]net edoc[.]view[.]com-ace[.]live-on[.]net view[.]com-ace[.]live-on[.]net edoc[.]view[.]com-ces[.]keyword-on[.]net docsvccorp[.]live-on[.]net anone[.]mydns[.]bz cn[.]anone[.]mydns[.]bz nld[.]mois[.]com-coe[.]live-on[.]net nid[.]mois[.]com-coe[.]live-on[.]net com-coe[.]live-on[.]net mois[.]com-coe[.]live-on[.]net nood[.]edoc[.]view[.]file[.]com-ox[.]mydns[.]jp google[.]userauthority[.]server-on[.]net userauthority[.]server-on[.]net pop[.]ntdoccorps[.]mydns[.]bz edoc[.]nationaltaxdoc[.]server-on[.]net edoc[.]ntdoccorps[.]mydns[.]bz verifys[.]nationaltaxdoc[.]server-on[.]net userlnk[.]nationaltaxdoc[.]server-on[.]net qwes[.]nationaltaxdoc[.]server-on[.]net usrlnk[.]nationaltaxdoc[.]server-on[.]net dn[.]seververif[.]live-on[.]net seververif[.]live-on[.]net usr[.]docsdeliver[.]mydns[.]jp docinfo[.]docsdeliver[.]mydns[.]jp infosevres[.]live-on[.]net hometxdoc[.]mydns[.]bz oauth[.]npuserdoc[.]live-on[.]net taxdepcorp[.]mydns[.]bz npuserdoc[.]live-on[.]net nationalport[.]live-on[.]net nationalsecsvc[.]mydns[.]bz yxuvvbn[.]tiang[.]server-on[.]net com-de[.]mydns[.]jp com-ever[.]wjg[.]jp kakao[.]com-info[.]server-on[.]net com-info[.]server-on[.]net an[.]verifyserve[.]live-on[.]net verifyserve[.]live-on[.]net piechama[.]jp bn[.]anone[.]live-on[.]net anone[.]live-on[.]net tiang[.]mydns[.]bz an[.]tiang[.]mydns[.]bz hashiken[.]org infolog[.]live-on[.]net clink[.]live-on[.]net an[.]infeyou[.]live-on[.]net dn[.]infolog[.]live-on[.]net an[.]infolog[.]live-on[.]net infeyou[.]live-on[.]net go-ntax[.]live-on[.]net nid-check[.]go-ntax[.]live-on[.]net mid[.]edoc[.]view[.]com-sos[.]server-on[.]net blogcorp[.]com-blog[.]0am[.]jp view[.]com-sos[.]server-on[.]net com-blog[.]0am[.]jp nid[.]blogcorp[.]com-blog[.]0am[.]jp com-sos[.]server-on[.]net edoc[.]view[.]com-sos[.]server-on[.]net usernotifications[.]server-on[.]net securevalidation[.]live-on[.]net google[.]usernotifications[.]server-on[.]net google[.]securevalidation[.]live-on[.]net hirax[.]net calleve[.]server-on[.]net dn[.]calleve[.]server-on[.]net r-pu[.]com tkt-eshop[.]com com-aura[.]dix[.]asia dragon[.]alphablend[.]org alphablend[.]org waki-jp[.]com calleve[.]live-on[.]net an[.]calleve[.]live-on[.]net gd30sec[.]com mybox[.]com-kami[.]pgw[.]jp mood[.]myboxe[.]view[.]com-kami[.]pgw[.]jp mood[.]mybox[.]com-kami[.]pgw[.]jp com-kami[.]pgw[.]jp nts-edoc[.]live-on[.]net nts-edoc[.]server-on[.]net mld[.]mybox[.]com-kami[.]pgw[.]jp cn[.]seververif[.]server-on[.]net t2m-tech[.]com mybox[.]com-cool[.]mydns[.]bz bn[.]tiang[.]server-on[.]net tiang[.]server-on[.]net qqsite[.]server-on[.]net nb[.]checkyouinfo[.]server-on[.]net mail[.]mydns[.]bz andmnsn[.]com niconet-web[.]com haruna-yuri[.]jp ponsuke-web[.]com unlink[.]server-on[.]net callnotice[.]server-on[.]net na[.]lognotice[.]server-on[.]net ne[.]checkyouinfo[.]live-on[.]net checkyouinfo[.]live-on[.]net nc[.]callnotice[.]server-on[.]net cn[.]unlink[.]server-on[.]net pgw[.]jp ohllengeapplication[.]com oyagine[.]com ginpode[.]com lognotice[.]server-on[.]net sbcservice[.]net na[.]com-claim[.]mydns[.]bz com-claim[.]mydns[.]bz satoraichi[.]net myapps[.]mydns[.]jp gmaty[.]com anchovy-s3[.]net miku[.]jp nakajima[.]live donaishitanyarobert[.]mydns[.]jp yizawa[.]net jh1hso[.]com nobuyasu[.]net osc2025-nagoya[.]com continuous-government[.]jp srgn[.]jp crunch-lab[.]net tshimizu[.]net not[.]osaka dynamicpub[.]net ntochi[.]com akira-ggwp[.]com onomimono[.]net kspw[.]info jf3goh[.]mydns[.]jp okozkai[.]net marinsnowwrx[.]net molcoco[.]com radioham[.]mydns[.]jp catzpaw[.]net aber[.]jp system-ds[.]info noz[.]nz mynethome[.]orettaworks[.]com wbird[.]net infinity[.]nagoya soyosya[.]jp mail[.]soyosya[.]jp blog[.]mmaakkyyii[.]com macavity[.]jp maruapp[.]com sakanoue[.]nu wrapbitcoin[.]0am[.]jp frenziedhive[.]site hgrm[.]net madanna[.]info silva-net[.]com motchy870[.]com okomeblog[.]blog web-simpro[.]com hanege[.]com falstoa[.]com kirin-san[.]net kirinsfloor[.]net suenaga[.]work yokohama-midori-boys[.]com alltsurumi[.]com 1sei[.]com newvictory[.]net takasawa[.]yokohama xn--48j330igq2b[.]com vgi[.]it[.]com yonekawa[.]net nw[.]444[.]mydns[.]jp taga[.]mydns[.]jp boota[.]mydns[.]jp qq12548[.]mydns[.]jp uchishiba001[.]0am[.]jp droneport[.]yamatsu[.]info flydrone[.]yamatsu[.]info asaka-sobunsha[.]com alpha-net[.]info terve[.]jp itoho[.]wjg[.]jp suzuri-sumi[.]online cloud-castle[.]jp myfreeya[.]net cherryserver[.]jp kenokeno[.]org mmaakkyyii[.]com seitan[.]tokyo iikagen[.]net naoto-yamaguchi[.]com 884k23[.]com chicen-mentaiko[.]com t20527[.]net cultivator[.]co[.]jp starewind[.]net maeda-kigata[.]com csl-takeda-lab[.]com rtc[.]mydns[.]jp leitz[.]jp video[.]pgw[.]jp masturbation[.]asia retrev[.]online me-ru-1106[.]com chi-aes[.]click riti0208[.]com machi-comi[.]wjg[.]jp nc[.]tane[.]mydns[.]jp fang[.]sh[.]cn alst[.]mydns[.]jp yamatsu[.]info factory[.]wjg[.]jp vmc-shonan[.]com camcam[.]work sanyo[.]us jo3ujz[.]com guraia[.]jp blue5001[.]com mochiko[.]work garlicport[.]com mdoty[.]net zfree[.]biz hakodate-ikuseien[.]net gingko[.]jp alnico-blue[.]com godaicloud[.]com blauvier[.]net k3i[.]jp mydns[.]vc w-zero3[.]wiki[.]class0[.]net takenoco[.]blog photo-station[.]jp 456986[.]net nuzarashi[.]com asaka[.]com bellwood-software[.]com ismetaoperation[.]com 0j0[.]jp mikam-stg[.]xyz kaflife[.]net linux-wordpress[.]info 24echizentakefu[.]com flame-server[.]com tomorrownetworks[.]site jimaoka[.]com rezavoircats[.]com ishidajuku[.]com neconini[.]com class0[.]net unyaa[.]net matsumoto[.]work gisshop[.]net ptr3[.]jp mikanberry[.]com add9[.]org acwwp[.]com zyandyoko[.]com ralshe[.]com bigpig[.]jp maygraphics[.]org inexio[.]info pc-sys-ad[.]com tmphero[.]net kiyonaga-ya[.]com npo-ok[.]tokyo nyaunyau[.]net sunphonix39[.]com shounan[.]jp hotspare[.]net n-laboratory[.]net j310jp[.]com c-piece[.]com gan3[.]net gaiheki-pro[.]net barguest[.]net speedcolor[.]work kosupe[.]com fujii3[.]site tos-web[.]jp tk-markets[.]cyou pyonsu2023[.]com cvs-gw[.]net mayosaba[.]net msdco[.]space ichikawa[.]org diverting-db[.]info ryusui[.]site tendersnow[.]net ygg-drasil[.]net spotpico[.]com twins-heart[.]net locking-smarting[.]jp plants-style[.]com shinya-nagashima[.]biz planet-star[.]net kogosei[.]net mast23mc[.]net villa-camera[.]com kota-inui[.]com nfo-titech[.]jp hogefuga[.]xyz kaeruken[.]com nb3[.]jp nicomin[.]com federal[.]de[.]com friend-computer[.]biz tdj[.]nara[.]jp windsurfer[.]jp matomerr[.]com windsurfin[.]jp orangetakam[.]com nullpod[.]net cleanroom[.]jp puni2complex[.]net natsu-matsure[.]xyz niur[.]net fujisawa[.]life rizm[.]dev ripplelapple[.]online nago3[.]net eoceanblue[.]com anchovy-s3[.]xyz kaizou[.]net utty[.]info fuurin[.]info ktcp[.]net digitalworld[.]link hades-physics[.]com sasaki-yoyaku[.]com otsuka-b[.]com ito[.]info kanbetu01[.]genba-monitor[.]0g0[.]jp tsuchinokometal[.]com lindenbaum[.]online nyan5[.]com umegatsubo[.]org wadaiko[.]org takamuras[.]org disn-data[.]com inocchi[.]com e-magazine[.]spaceweather[.]or[.]jp veryfree[.]click einstein-cross[.]info sdust[.]info talentfocus[.]online oipest[.]com kk-marutoyo[.]com cosmic-heart[.]com 710[.]red tsubaco[.]net sugimo[.]com kobayashi-portfolio[.]net all-studio[.]sbs shumiafu[.]com ukou-sys[.]com e1600[.]com dream-chip[.]jp cloud[.]mydns[.]bz 2019-ncov[.]jp seektone[.]com teekee[.]net severzemlya[.]com bl-ld[.]com amefur[.]dev xnanx[.]org noraneko-gundan[.]club noth[.]moe ipv4[.]mydns[.]jp zoomdevtester[.]daemon[.]asia akatsuki[.]co[.]jp ftp[.]mydns[.]vc sundoya[.]com atyontyon[.]xyz senkouhanabi[.]com myuto[.]net niseng[.]biz takamiya[.]net amelkane[.]com arciel[.]link stream-live[.]net ubilabo[.]net zeissphoto[.]org dashix[.]com solaserver[.]space 89[.]117[.]74[.]49 AS40021 Contabo Inc 🇺🇸

Day 2/14: Routing, Controllers & Middlewares Topics I covered today: > Routing > Controllers > Middlewares > Request/Response objects From chaos to structure.... 1/ What is Routing? The problem: > You have 50 different endpoints > /login, /signup, /users, /posts, etc. > How does server know which function to call? Solution: Router maps URLs to functions. Example: GET /users → getUsersFunction POST /login → loginFunction Router = traffic controller for requests. Basic Routing Flow 2/ Route Structure: Basic route: > app.get('/users', function) > app.post('/login', function) Dynamic route: > app.get('/users/:id', function) What this means: /users/42 → id = 42 /users/99 → id = 99 Colon (:) makes it dynamic. One route, handles all user IDs. 3/ Request Object (req): What you can read from incoming requests: > req.params: /users/:id → req.params.id Dynamic route data > req.query: /users?page=2 → req.query.page Filter parameters > req.body: POST data { email, password } > req.headers: Authorization token Content-Type Everything you need is in req. 4/ Response Object (res): How you send data back: > res.json(): Send JSON response Most common for APIs > res.status(): Set status code 200, 404, 500, etc. > Chaining: res.status(201).json({ success: true }) Simple, clean responses. 5/ What are Controllers? The problem: All logic in route files = messy Hard to test Code repeats Solution: > Separate logic into controllers. > Clean routes, organized code. Controller Example: > Route file: router.get('/users/:id', getUser) router.post('/users', createUser) > Controller file: export const getUser = (req, res) => { const userId = req.params.id // fetch from DB res.json({ userId }) } Routes = map Controllers = logic Separation makes code maintainable. 7/ What are Middlewares? Middleware = function that runs BEFORE your controller. Used for: > Logging requests > Checking authentication > Validating data > Parsing body Structure: (req, res, next) => { // do something next() // pass to next function } Think: Security checkpoint before entering the building. > Each middleware does ONE job > Controller only handles core logic 8/ Middleware Example: > Logger middleware: const logger = (req, res, next) => { console.log(`${req.method} ${req.url}`) next() } Using it: app.use(logger) // applies to all routes Now every request gets logged automatically. No need to repeat console.log everywhere. 9/ Middleware Flow: If any middleware calls next() → continues If any middleware sends response → stops 10/ Types of Middleware: > Built-in: express.json() > Custom: Your own logging, validation > Global: app.use(middleware) > Route-specific: router.get('/admin', authCheck, handler) > Error-handling: (err, req, res, next) => {...} Choose based on need.

Nieoczywista podatność w interface administracyjnym urządzeń Palo Alto. Możliwość ominięcia uwierzytelnienia. ✅ Analiza przyda się też adminom / programistom. Więc czytaj dalej ;) ✅ Na początek: nrządzenie ma skonfigurowany Nginx na froncie (w szczególności podejmuje on decyzję, które żądanie uwierzytelnić, a które nie), oraz serwer webowy Apache w backendzie (tutaj działa aplikacja) ✅ Na starcie ustawiany jest nagłówek X-pan-AuthCheck 'on'; Tj. wszystko musi być uwierzytelnione. So far, so good ;) To lecimy do samego ataku. Dlaczego żądaniem poniżej można ⚔️ ominąć uwierzytelnienie⚔️ ? /unauth/../php/ztp_gate.php/PAN_help/x.css ❌ Mamy tutaj tzw. podwójne kodowanie HTTP (% to znak %, . to kropka) ❌ Nginx po otrzymaniu takiego żądania dekoduje je (jednorazowo), mamy więc: /unauth/../php/ztp_gate.php/PAN_help/x.css ❌ Teraz działa reguła w Nginx: if ($uri ~ ^\/unauth\/. $) { set $panAuthCheck 'off';} Czyli dla tego żądania ustawiany jest nagłówek X-pan-AuthCheck 'off' 💛 Zwróć uwagę na to, że ten warunek (if) nie zadziałałby, gdyby w ataku było: /unauth/../ lub /unauth/../ W obu tych przypadkach Nginx wykonałby normalizację ścieżki URI - czyli mielibyśmy żądanie do /php/ztp_gate.php/PAN_help/x.css (które nie złapałoby się na if-a). ❌ Następnie całość (oryginalny URI) jest wysyłana do serwera webowego Apache w backendzie, który wykonuje dla odmiany podwójne dekodowanie i mamy żądanie do: /php/ztp_gate.php/PAN_help/x.css które traktowane jest jak żądanie do /php/ztp_gate.php z jakimiś tam dodatkowymi parametrami ;) Taki ciekawy lekko ukryty ficzer PHP / Apache. Ważne, Nginx ustawił wcześniej nagłówek X-pan-AuthCheck 'off' - więc serwer backendowy nie realizuje już uwierzytelnienia. Co było celem atakującego.

טוב הבטחתי יצאה חולשה במוצר אבטחה של palo alto שנמצא בהרבה חברות גדולות וקטנות, בהינתן גישה למוצר מהאינטרנט (המון), אם אתמצת, פשוט מוסיפים לבקשת http "X-PAN-AUTHCHECK: off" ("מיוחד-פאלואלטו-בדיקת_התחברות : כבוי" ) ואפשר להריץ מה שרוצים בהרשאות מנהל או כל יוזר אחר, ללא התחברות

Wiecie jak można było się dostać bez znajomości hasła do zaawansowanego firewalla / VPNa od Palo Alto? W taki oto banalny sposób: ❌ W żądaniu HTTP do panelu administracyjnego użyć po prostu nagłówka X-PAN-AUTHCHECK: off Tak, po prostu wystarczyło wskazać, że dane żądanie ma nie mieć sprawdzonego uwierzytelnienia, i tyle... (!!!) CVE-2024-0012 ❌ W urządzeniu była i druga podatność, umożliwiająca prostym wstrzyknięciem na wykonanie dowolnego polecenia (command injection, jako root). CVE-2024-9474 To proste wstrzyknięcie wyglądało mniej więcej taktak: POST /php/utils/createRemoteAppwebSession.php HTTP/1.1 X-PAN-AUTHCHECK: off Content-Length: 107 user=`tutaj polecenie do wykonania jako root` ❌ Podatność była / jest aktywnie exploitowana ❌ Dziura występowała w systemach PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, PAN-OS 11.2 i została niedawno załatana ✅ Łatajcie swoje urządzenia ✅ Nie udostępniajcie panelów administracyjnych urządzeń sieciowych do Internetu (nawet jeśli są chronione silnym hasłem czy 2FA) ✅❌ Czasem powyższa rekomendacja nic nie daje, bo luki znajdują się w mechanizmach SSLVPN, które muszą być często udostępnione do całego internetu labs.watchtowr.com/pots-and-…

Congratulations to Team - Lemme Code for securing the third position at #hackkrmu2! Their project AuthCheck impressed the judges and showcased their exceptional skills in coding and problem-solving. Well done team! #hackkrmu2 #hackkrmu2023 #winners

찾았따......................... authCheck 를 get 으로 해야 하는데 post 로 해서였어 ......... 눈물나 흑

Cloud Commander v4.7.1 fix: smalltalk: prompt input focus, console-io: authCheck github.com/coderaiser/cloudc… #cloudcmd #javascript #nodejs

Cloud Commander v4.7.0: improved security of config and console with authCheck github.com/coderaiser/cloudc… #javascript #nodejs #cloudcmd

Cloud Commander v4.7.0: improved security of config and console with authCheck github.com/coderaiser/cloudc… #javascript #nodejs #cloudcmd