1 files changed, 1 insertions, 1 deletions

diff --git a/config24.01.yaml b/config24.01.yaml
index 40dccdd..9439093 100644
--- a/config24.01.yaml
+++ b/config24.01.yaml
@@ -132,7 +132,7 @@ turbovpn:
     plugin_name: turbovpn
     object_type: ip
     confidence: confirmed
-    sql: SELECT server_ip FROM {$db_name}.{$table_name} WHERE {$time_filter} AND (app_transition LIKE '%Turbo_Payload%') UNION ALL select server_ip from {$db_name}.{$table_name}　WHERE {$time_filter} AND (server_port in (66, 109, 8080, 97, 94, 92, 21, 25, 110, 119, 2000, 2001))　 AND decoded_as='BASE' and  sent_bytes<1000 AND received_bytes<1000 and sent_pkts<10 and received_pkts<10　and server_asn in ('14061', '21859', '9009', '212238', '16276', '40021', '20473', '174', '138915', '12876') group by server_ip having count(*) >=10
+    sql: SELECT server_ip FROM {$db_name}.{$table_name} WHERE {$time_filter} AND (app_transition LIKE '%Turbo_Payload%') group by server_ip UNION ALL SELECT server_ip FROM {$db_name}.{$table_name} WHERE {$time_filter} AND (server_fqdn ='www.myanmar.com') group by server_ip UNION ALL select server_ip from {$db_name}.{$table_name}　WHERE {$time_filter} AND (server_port in (66, 109, 8080, 97, 94, 92, 21, 25, 110, 119, 2000, 2001))　 AND decoded_as='BASE' and  sent_bytes<1000 AND received_bytes<1000 and sent_pkts<10 and received_pkts<10　and server_asn in ('14061', '21859', '9009', '212238', '16276', '40021', '20473', '174', '138915', '12876') group by server_ip having count(*) >=10
 
 
 geckovpn: