--- antimalware.txt 2023-05-14 01:29:40.386370948 +0100 +++ removed-dead-domains.txt 2023-05-14 01:31:43.434657228 +0100 @@ -20,8 +20,6 @@ ||xn--faebook-64a.com^$document ! https://www.virustotal.com/gui/url/ab4e55cf3a5a2c02b2e7c956fa692f06770c81cd02a4b7741793b9c4b73e7e88/detection -! https://www.virustotal.com/gui/domain/facebok.xyz/detection -||facebok.xyz^$document ! https://www.joesandbox.com/analysis/422872/0/html ! https://www.siteadvisor.com/sitereport.html?url=strawberry6532210.brizy.site @@ -71,27 +69,13 @@ ! https://www.siteadvisor.com/sitereport.html?url=91.241.60.117 ||91.241.60.117^$all -! https://www.siteadvisor.com/sitereport.html?url=microsoft.com-repair-windows.live -! https://www.fortiguard.com/webfilter?q=microsoft.com-repair-windows.live&version=8 -! https://safeweb.norton.com/report/show_mobile?name=microsoft.com-repair-windows.live -! https://www.urlvoid.com/scan/microsoft.com-repair-windows.live/ -! https://sitecheck.sucuri.net/results/microsoft.com-repair-windows.live -! https://yandex.com/safety/?url=microsoft.com-repair-windows.live ! https://www.virustotal.com/gui/url/f616050b625e09419d8986295aab0c338f4139d3130d5c2865362fd869eeb0b8/detection ! https://www.virustotal.com/gui/url/f6d90ea65eeccc84ea6a99477811293bc0fcd4b7b845751714b69a9fe6f43a37/community -! https://www.siteadvisor.com/sitereport.html?url=com-repair-windows.live -! https://www.fortiguard.com/webfilter?q=com-repair-windows.live -! https://www.urlvoid.com/scan/com-repair-windows.live/ -! https://safeweb.norton.com/report/show?url=com-repair-windows.live -! https://sitecheck.sucuri.net/results/com-repair-windows.live -||com-repair-windows.live^$all -||microsoft.com-repair-windows.live^$all ! https://www.reddit.com/r/FreeCodeCamp/comments/6gxk09/hey_guys_i_did_some_snooping_from_a_phishing/ ! https://pastebin.com/270dCwHz ! https://www.virustotal.com/gui/url/953cfae8ac5b570128d1edbfc648d81db436355be1e614f6e96b95226964a61e/detection ! https://www.virustotal.com/gui/url/23651d7da557669781e7ae2927a20f65ac86bdf3712b407018911d974a94a68d/detection -||purchase-servicepay.com^$all ! https://www.reddit.com/r/mildlyinfuriating/comments/nc9zpe/got_a_paypal_or_should_i_say_paypl_phishing_email/ ! https://www.virustotal.com/gui/url/c0e5466cd2843f75d522093d93cf949259ca618ca2f00aa4952e7700cbf59384/detection @@ -140,26 +124,10 @@ ! https://labs.sucuri.net/blacklist/info/?domain=mcloudjs.com ! https://transparencyreport.google.com/safe-browsing/search?url=mcloudjs.com ||mcloudjs.com^$all -! https://www.siteadvisor.com/sitereport.html?url=googieapls.com ! https://www.virustotal.com/gui/url/082438d5ecfe8ccb9e087475cffd979211f3a52f0db27379e5072ce5d11597e8/detection -! https://www.virustotal.com/gui/domain/googieapls.com/detection -! https://transparencyreport.google.com/safe-browsing/search?url=googieapls.com -! https://www.fortiguard.com/webfilter?q=googieapls.com -! https://www.urlvoid.com/scan/googieapls.com/ -! https://safeweb.norton.com/report/show?url=googieapls.com -! https://sitecheck.sucuri.net/results/googieapls.com -! https://quttera.com/detailed_report/googieapls.com -||googieapls.com^$all ! https://www.virustotal.com/gui/ip-address/54.227.98.220/community ! https://www.virustotal.com/gui/url/6000a64c8a7e32d0cc6f319d9149b1eba038d6fba0139ed2c6a146db36cb8b02/detection -! https://www.virustotal.com/gui/domain/no-replay.alertreceived.com/detection ! https://www.virustotal.com/gui/url/ceb914f42f5a81bc8ea6c79b3d274f9161f252504e7603388781711cafc9e36d/detection -! https://www.siteadvisor.com/sitereport.html?url=alertreceived.com -! https://www.fortiguard.com/webfilter?q=alertreceived.com -! https://www.urlvoid.com/scan/alertreceived.com/ -! https://safeweb.norton.com/report/show?url=alertreceived.com -! https://sitecheck.sucuri.net/results/alertreceived.com -||alertreceived.com^$all ! https://labs.sucuri.net/signatures/sitecheck/malware-redkit/ ! https://www.virustotal.com/gui/url/26a7a5909ca372bc57d68df966fc03b887451a7cf8ae58c5cea92639b4ce2594/detection @@ -184,14 +152,7 @@ ! https://labs.sucuri.net/blacklist/details/?domain=integra-lernwerkstatt.de ||integra-lernwerkstatt.de^$all ! https://www.virustotal.com/gui/url/832387cfafab7a27faeac07961e56b98af8001fb702fbb9f09821d6a3213f7c8/detection -! https://www.fortiguard.com/webfilter?q=nt002.cn -! https://www.urlvoid.com/scan/nt002.cn/ -! https://www.mywot.com/en/scorecard/nt002.cn -! https://safeweb.norton.com/report/show?url=nt002.cn -! https://sitecheck.sucuri.net/results/nt002.cn -! https://yandex.com/safety/?url=nt002.cn ! 8/34 URLVoid detections 4 years ago -||nt002.cn^$all ! https://www.virustotal.com/gui/file/5e6c167fc70aee2438f92ac0391dcba5905d989a20134dbb4bc9c3c40f805e74/relations ! https://www.virustotal.com/gui/url/a0fba2a31b88b8e1d6607971bd05440ee43702327e19d93ba91c705f7189c533/detection @@ -274,23 +235,9 @@ ! If you see connections to this domain, update your computer and delete any recently downloaded files ! https://github.com/hoshsadiq/adblock-nocoin-list/issues/414 ! https://www.virustotal.com/gui/url/e913b807ae25aa1e24b4e934805d0cd81be4d5aa6c491d14a9f4dc050da20f94/detection -! https://www.siteadvisor.com/sitereport.html?url=gxbrowser.net -! https://www.fortiguard.com/webfilter?q=gxbrowser.net -! https://safeweb.norton.com/report/show?url=gxbrowser.net -! https://sitecheck.sucuri.net/results/gxbrowser.net -! https://www.urlvoid.com/scan/gxbrowser.net/ -! https://quttera.com/detailed_report/gxbrowser.net -! https://urlhaus.abuse.ch/browse.php?search=gxbrowser.net -||gxbrowser.net^$all ! https://www.joesandbox.com/analysis/431924/0/html#domains ! https://www.virustotal.com/gui/url/254b1fd9f7536ece07cf5a3747aa2adeccc76e61b1f4e5994c0dc683d0a6db03/detection -! https://www.siteadvisor.com/sitereport.html?url=alphastand.top -! https://www.fortiguard.com/webfilter?q=alphastand.top -! https://safeweb.norton.com/report/show?url=alphastand.top -! https://sitecheck.sucuri.net/results/alphastand.top -! https://www.urlvoid.com/scan/alphastand.top/ -||alphastand.top^$all ! https://www.virustotal.com/gui/url/be44f0113500882e27eb730cfdad7687fe75ad56c8e9d9b2426273a0eb13e201/detection ! https://www.siteadvisor.com/sitereport.html?url=alphastand.win ! https://www.fortiguard.com/webfilter?q=alphastand.win @@ -328,12 +275,6 @@ ! https://www.siteadvisor.com/sitereport.html?url=https://powerhousetoys.com/opp.txt ||powerhousetoys.com^$all ! https://www.virustotal.com/gui/url/3174e1565216d9399308ab280793130f961a01b40cc4c2457b231cad3207ef2c/detection -! https://safeweb.norton.com/report/show?url=thetopdomain.xyz -! https://www.siteadvisor.com/sitereport.html?url=thetopdomain.xyz -! https://www.fortiguard.com/webfilter?q=thetopdomain.xyz -! https://www.urlvoid.com/scan/thetopdomain.xyz/ -! https://sitecheck.sucuri.net/results/thetopdomain.xyz -||thetopdomain.xyz^$all ! https://twitter.com/InQuest/status/1403047978185670663 ! https://www.virustotal.com/gui/ip-address/23.95.122.53/relations @@ -414,20 +355,13 @@ ! https://cyberwarzone.com/netflix-phishing/ ! https://www.virustotal.com/gui/url/e769d129aec129469cef20339d3b9b88028959ad2eebfb76dc658023add5caad/detection -||support-netfliix.com^$all ! https://www.virustotal.com/gui/ip-address/93.157.63.125/detection ! https://www.virustotal.com/gui/url/3555785e02438130d4878766fec548c0923407df295ee66b6e4e11620944b2ba/detection -||mufgcardjp.com^$all ! Most of these domains were verified, but then my computer crashed so I was forced to copypaste them ! https://securelist.com/browser-lockers-extortion-disguised-as-a-fine/101735/ ! ICOs -||police-online.info^$all -||mvd-online-police.ga^$all -||supportpayprogramarabicssn.ga^$all ||tkkmobileinternetssnstop.ml^$all -||tkkmobileinternetssnstopopen.gq^$all -||gropirworldplssn.ga^$all ! https://securelist.com/convuster-macos-adware-in-rust/101258/ ! https://www.virustotal.com/gui/url/6d390e8cf8b1687cc768c84597848b9276a87b9f43a58658904f9d05b59c75d1/detection @@ -439,38 +373,18 @@ ! https://www.virustotal.com/gui/url/ce21cbf6e95b06e9bf7a56c9f6f144a2060567acd54fb355ab07a7823a8b4059/detection ! https://www.virustotal.com/gui/url/bcffa58ec980011a0018b9719ffa07aeeea406075c15423b6103b4c070419a09/detection -! https://www.fortiguard.com/webfilter?q=secureredirect.live -! https://safeweb.norton.com/report/show?url=secureredirect.live -! https://www.siteadvisor.com/sitereport.html?url=secureredirect.live -||secureredirect.live^$all -||chasecom.secureredirect.live^$all ! https://www.virustotal.com/gui/ip-address/146.112.61.108/relations ! https://www.virustotal.com/gui/url/41f1e06326aa712db385e4c8b16413737c18a2007f0a68f1f602706b29f27ea2/detection ! https://www.virustotal.com/gui/url/ba8c9fcfb3d0ae2d73c02652a5576fcd330c8c1ac9e668d0c01a8ea91bf17584/detection -! https://www.fortiguard.com/webfilter?q=caution-verification.com -||security.hsbc.caution-verification.com^$all -||caution-verification.com^$all ! https://www.virustotal.com/gui/url/f25e5122f4425bfc759c1400ecd02d43b9fea93284b418eb82cfd5be230aabab/detection -! https://www.fortiguard.com/webfilter?q=lloydsbank.online-login-personal-validation.com -! https://safeweb.norton.com/report/show?url=lloydsbank.online-login-personal-validation.com -||lloydsbank.online-login-personal-validation.com^$all ! https://www.virustotal.com/gui/url/af53cde1318036d3ddc8235c472f4f83459998bc5216ec73a56d96a84f897630/detection -! https://www.fortiguard.com/webfilter?q=online-login-personal-validation.com -! https://safeweb.norton.com/report/show?url=online-login-personal-validation.com -||online-login-personal-validation.com^$all ! https://www.fortiguard.com/webfilter?q=ibijbdtajblkrwhlzxrttmsmwxxikhjudpty-dot-cryptic-now-290917.ey.r.appspot.com ! https://safeweb.norton.com/report/show?url=ibijbdtajblkrwhlzxrttmsmwxxikhjudpty-dot-cryptic-now-290917.ey.r.appspot.com ! https://www.virustotal.com/gui/url/4680926546c96d50bbacf5da0bcc44d988b9a44ce2fa4633f15ce1012df39aef/detection ||ibijbdtajblkrwhlzxrttmsmwxxikhjudpty-dot-cryptic-now-290917.ey.r.appspot.com^$all ! https://www.virustotal.com/gui/url/2850c0e5cc08937a8ed7fc20f9f867013a8755ece9598335a88b98b469881014/detection -! https://www.siteadvisor.com/sitereport.html?url=ee-bill-support.com -! https://www.fortiguard.com/webfilter?q=ee-bill-support.com -! https://safeweb.norton.com/report/show?url=ee-bill-support.com -||ee-bill-support.com^$all ! https://www.virustotal.com/gui/url/84cbb9296da91c1796d4ecdaf6857bb8d216f544ce174f09dc5ad6968f6ffc92/detection ! https://www.virustotal.com/gui/url/df3b3df7c1218253c9cea23ae4aa3ca104b3104a194281270cca4b834e790467/detection -! https://safeweb.norton.com/report/show?url=amazonsecurityaccount.wanguk02.com -||amazonsecurityaccount.wanguk02.com^$all ! https://www.pcrisk.com/removal-guides/15423-adf-ly-ads ! https://www.virustotal.com/gui/url/f984d9289494b526bbac5cb57fc5b9edae210a3f980f3d784f6d1fbb80c0bcb5/detection @@ -527,11 +441,6 @@ ! https://labs.sucuri.net/blacklist/info/?domain=default7.com ||default7.com^$all ! https://www.virustotal.com/gui/url/c21021e9e85a89528039106662f8dbd300b45569aa40220bed7e838368db8109/detection -! https://www.fortiguard.com/webfilter?q=test246.com -! https://safeweb.norton.com/report/show?url=test246.com -! https://safeweb.norton.com/reviews?url=test246.com -! https://sitecheck.sucuri.net/results/test246.com -||test246.com^$all ! https://www.fortiguard.com/webfilter?q=test0.com ! https://safeweb.norton.com/report/show?url=test0.com ! https://sitecheck.sucuri.net/results/test0.com @@ -540,35 +449,15 @@ ! https://blog.sucuri.net/2020/11/css-js-steganography-in-fake-flash-player-update-malware.html ! https://www.virustotal.com/gui/url/c042a2c2ed1055cb1f34f7db356d41df148f77b8176307dc86a7d76c683abf14/detection -! https://www.siteadvisor.com/sitereport.html?url=lopiax.us -! https://www.fortiguard.com/webfilter?q=lopiax.us -! https://safeweb.norton.com/report/show?url=lopiax.us -! https://sitecheck.sucuri.net/results/lopiax.us -||lopiax.us^$all ! https://blog.malwarebytes.com/scams/2021/06/hotel-staff-bust-hermes-sms-scammer-with-suspiciously-large-number-of-cables/ ! https://blog.malwarebytes.com/scams/2021/03/royal-mail-delivery-scam-warning/ ! https://www.virustotal.com/gui/url/9f661c8200bfcc4ac5643c4c8396365dfa2e93d3a293bd5dfdd3f765b0d8e066/detection -! https://www.fortiguard.com/webfilter?q=royalmail-bill.com -! https://www.fortiguard.com/webfilter?q=Uk.royalmail-bill.com -! https://safeweb.norton.com/report/show?url=Uk.royalmail-bill.com ! https://www.virustotal.com/gui/url/069eca6eb3e5355c3aaf9fdd3c6f9bdd40b454ff87c1073ca03c9e2fb7bb5908/detection -||royalmail-bill.com^$all -||uk.royalmail-bill.com^$all ! https://twitter.com/adamziaja/status/1252234957679808513 ! https://pastebin.com/syLXAS8y ! https://www.virustotal.com/gui/url/7e4c7e29da72ce9b4da17e88b4dcb2e5b759fb360bf35eeb39c54e9a032e638f/detection -! https://www.fortiguard.com/webfilter?q=wow-robotics.xyz -! https://sitecheck.sucuri.net/results/wow-robotics.xyz -! https://www.siteadvisor.com/sitereport.html?url=wow-robotics.xyz -! https://safeweb.norton.com/report/show?url=wow-robotics.xyz -||wow-robotics.xyz^$all -||www.wow-robotics.xyz^$all -! https://www.virustotal.com/gui/domain/wow-robotics.xyz/relations -||ww7.wow-robotics.xyz^$all -||ww12.wow-robotics.xyz^$all -||comawww.wow-robotics.xyz^$all ! https://blog.sucuri.net/2021/05/woocommerce-credit-card-skimmer.html ! https://blog.sucuri.net/2018/04/malicious-activities-google-tag-manager.html @@ -586,10 +475,7 @@ ||camillesanz.com^$all ||www.camillesanz.com^$all ! https://labs.sucuri.net/blacklist/details/?domain=africangrey.top -! https://www.fortiguard.com/webfilter?q=africangirl.top -! https://safeweb.norton.com/report/show?url=africangirl.top ! https://www.virustotal.com/gui/url/d3feabeb546851be8e449074eaddf2c72e687b92754693aba97f3ae27772a796/detection -||africangirl.top^$all ! https://www.virustotal.com/gui/url/917d555cce2e2e6791704d64812cbb203c57201bac559478c334c74c8e392330/detection ! https://www.siteadvisor.com/sitereport.html?url=ribinski.us ! https://safeweb.norton.com/report/show?url=ribinski.us @@ -620,25 +506,12 @@ ||thoughtplus.in^$all ! https://blog.quttera.com/post/malware-analysis-of-the-infection-injected-via-security-vulnerability-of-tagdiv-themes-and-ultimate-member-plugins/ -! https://www.siteadvisor.com/sitereport.html?url=tuniaf.com ! https://www.virustotal.com/gui/url/3191508c3a3f2abf1e7f7ac9c1b48e5bfc0688fa07f3cfcca697c645af883222/detection -! https://www.mywot.com/en/scorecard/tuniaf.com -! https://www.fortiguard.com/webfilter?q=tuniaf.com -! https://www.mywot.com/en/scorecard/tuniaf.com -! https://safeweb.norton.com/report/show?url=tuniaf.com -! https://sitecheck.sucuri.net/results/tuniaf.com -||tuniaf.com^$all ! These should help people suffering from malware infections ! https://www.bleepingcomputer.com/virus-removal/how-to-remove-the-pblock-adware-extension ! https://www.virustotal.com/gui/url/ad399479dc38922a7494fc55b183ae9799da64e8cab1a82e563bef4e04ed4596/detection -! https://www.fortiguard.com/webfilter?q=product.directpower.download -! https://safeweb.norton.com/report/show?url=product.directpower.download -! https://sitecheck.sucuri.net/results/product.directpower.download -||product.directpower.download^$all ! https://www.virustotal.com/gui/url/109532c1222eec56a95b7f0bd1b37ed1a1e7b07c4806e614a46e720ef032622e/detection -! https://safeweb.norton.com/report/show?url=directpower.download -||directpower.download^$document ! https://www.bleepingcomputer.com/virus-removal/remove-toksearches.xyz-search-redirect ! https://www.virustotal.com/gui/url/f6e174e4f27f27f27b5f8c3516fcdbea555d9128d50d6e20f6ca2ca8fbf0d37f/detection @@ -658,12 +531,6 @@ ! https://sitecheck.sucuri.net/results/new-message.live ||new-message.live^$all ! https://www.virustotal.com/gui/url/098cc8fed90c43af3a4afb4df0d7da9c68b1b2c8a3c73fb9d4506c7f062547f1/detection -! https://www.siteadvisor.com/sitereport.html?url=click-now-on.me -! https://www.fortiguard.com/webfilter?q=click-now-on.me -! https://safeweb.norton.com/report/show?url=click-now-on.me -! https://www.mywot.com/en/scorecard/click-now-on.me -! https://sitecheck.sucuri.net/results/click-now-on.me -||click-now-on.me^$all ! https://www.virustotal.com/gui/ip-address/95.168.170.165/relations ! https://www.virustotal.com/gui/url/6a23b2b07941322f9ad5555d97bfd020c2681264d71b5ed6c621f0a6cad6277c/detection ! https://www.fortiguard.com/webfilter?q=private-message.live @@ -673,10 +540,6 @@ ! https://blog.malwarebytes.com/a-week-in-security/2021/06/a-week-in-security-june-21-2021-june-27-2021/ ! https://www.virustotal.com/gui/url/d668d18f1cd3b32eea6d717af4655a7e511d5b92403ed71a66d366a4c971c826/detection -! https://www.siteadvisor.com/sitereport.html?url=desktop-signal.digital -! https://www.fortiguard.com/webfilter?q=desktop-signal.digital -! https://safeweb.norton.com/report/show?url=desktop-signal.digital -||desktop-signal.digital^$all ! https://therecord.media/dirtymoe-malware-has-infected-more-than-100000-windows-systems/ ! https://decoded.avast.io/martinchlumecky/dirtymoe-1/ ! https://www.siteadvisor.com/sitereport.html?url=1qw.us @@ -691,16 +554,8 @@ ! https://www.virustotal.com/gui/url/f21b269b690aac8338399bb40408aa8cefa3591dcc9a3f84f5a911f647c8d2f7/detection ||rpc.1qw.us^$all ! https://www.proofpoint.com/us/blog/threat-insight/purple-fox-ek-adds-exploits-cve-2020-0674-and-cve-2019-1458-its-arsenal -! https://www.siteadvisor.com/sitereport.html?url=casestudybuddy.club -! https://www.fortiguard.com/webfilter?q=casestudybuddy.club -! https://safeweb.norton.com/report/show?url=casestudybuddy.club ! https://www.virustotal.com/gui/url/5769102f270c1b16ebdc663ad63010d69de2d159117b3736d562dc59944fc6dc/detection -||casestudybuddy.club^$all -! https://www.siteadvisor.com/sitereport.html?url=shiory.annebruce.xyz -! https://www.fortiguard.com/webfilter?q=shiory.annebruce.xyz -! https://safeweb.norton.com/report/show?url=shiory.annebruce.xyz ! https://www.virustotal.com/gui/url/35e34ac62d1ac12fe3146a8a2d6d60300f7a1b97e2922fedb91154243e950cb1/detection -||shiory.annebruce.xyz^$all ! https://www.virustotal.com/gui/url/e88a950b22a8582a4761c8b6a26546cd7e92b3175c16bd32d1dd8f61f45a1c58/detection ! https://www.virustotal.com/gui/url/2bb2d79e789ba930b36960a8a0fbb008ed5cb594406e89507033832da2668870/detection ! https://www.virustotal.com/gui/url/326384fb6f6e393f8fde813c9cf2be668b68780c0a036d977fc6482fd6364ca1/detection @@ -733,30 +588,10 @@ ! https://www.virustotal.com/gui/url/add3ef9a51ff4f933bcebde7614d1402468b3794a25e42f5a01c781998bac4d4/detection ||blitzz.best^$all ! https://www.virustotal.com/gui/url/0335a1e7078b1837a6d3ef5945ee1df89ddf62cf70ccd897fb4819b223e857a3/detection -! https://www.siteadvisor.com/sitereport.html?url=ccenter.tech -! https://www.fortiguard.com/webfilter?q=ccenter.tech -! https://safeweb.norton.com/report/show?url=ccenter.tech -||ccenter.tech^$all ! https://www.virustotal.com/gui/url/e59517dd80595a18a28902afb0b80c53f8928947c018d7c2dcf377cb89993c7c/detection -! https://www.siteadvisor.com/sitereport.html?url=cvar99.xyz -! https://www.fortiguard.com/webfilter?q=cvar99.xyz -! https://safeweb.norton.com/report/show?url=cvar99.xyz -||cvar99.xyz^$all ! https://www.virustotal.com/gui/url/9b9b5c030aeb252c8f0836cda03587bf779b554212fc66b4a54f212f262e3b1b/detection -! https://www.siteadvisor.com/sitereport.html?url=dowax.xyz -! https://www.fortiguard.com/webfilter?q=dowax.xyz -! https://safeweb.norton.com/report/show?url=dowax.xyz -||dowax.xyz^$all ! https://www.virustotal.com/gui/url/41650b0c0e3dcaf16f8073ba84c43c6b050c37fa6a240b5354e9fb2f23b39ec6/detection -! https://www.siteadvisor.com/sitereport.html?url=englishdict.xyz -! https://www.fortiguard.com/webfilter?q=englishdict.xyz -! https://safeweb.norton.com/report/show?url=englishdict.xyz -||englishdict.xyz^$all ! https://www.virustotal.com/gui/url/fc867fb68e59f6b7c5cabe16117643f8b895d20db5b4b3e69d114d67e3c0fa7e/detection -! https://www.siteadvisor.com/sitereport.html?url=english-breakfast.xyz -! https://www.fortiguard.com/webfilter?q=english-breakfast.xyz -! https://safeweb.norton.com/report/show?url=english-breakfast.xyz -||english-breakfast.xyz^$all ! https://www.virustotal.com/gui/url/8e6bbd34f515de9309e7f5ea4b3bfdd9d94ce8fb0dd91ea305b2f8abb5b03786/detection ! https://www.siteadvisor.com/sitereport.html?url=firefox-search.xyz ! https://www.fortiguard.com/webfilter?q=firefox-search.xyz @@ -783,11 +618,6 @@ ! https://github.com/hoshsadiq/adblock-nocoin-list/issues/156 ! https://www.virustotal.com/gui/url/2b097e0b8c35294d4f22e514df74b6a23f69eb59bb1cb27486d2f2e0e5f5069d/detection ! https://www.virustotal.com/gui/url/2fb97c9bb91ccad7f3dc95ce6f57be7502172d9ff5a20bd33652bf500a9d06fd/detection -! https://www.siteadvisor.com/sitereport.html?url=kippbeak.cf -! https://www.fortiguard.com/webfilter?q=kippbeak.cf -! https://safeweb.norton.com/report/show?url=kippbeak.cf -! https://sitecheck.sucuri.net/results/kippbeak.cf -||kippbeak.cf^$all ! https://forums.lanik.us/viewtopic.php?f=62&t=38675&p=121250&hilit=malware+website#p121250 ! https://blog.malwarebytes.com/cybercrime/2017/05/roughted-the-anti-ad-blocker-malvertiser/ @@ -799,9 +629,6 @@ ! https://sitecheck.sucuri.net/results/histock.info ||ww25.histock.info^$all ! https://www.virustotal.com/gui/url/f7b0aa4bc0b8b5a1c44c5b3bf18d9f32e61e37edb8fa16f3a6efda2d7a69dcb3/detection -! https://safeweb.norton.com/report/show?url=charmstroy.info -! https://sitecheck.sucuri.net/results/charmstroy.info -||charmstroy.info^$all ! https://www.virustotal.com/gui/url/c73877f794ad788117569f28fb832e10798f79d40d266c2514f118596f5430c7/detection ! https://www.siteadvisor.com/sitereport.html?url=greatwork.info ! https://www.fortiguard.com/webfilter?q=greatwork.info @@ -873,13 +700,8 @@ ||l.zeroredirect1.com^$all ! https://www.virustotal.com/gui/ip-address/54.174.112.67/relations ! https://www.virustotal.com/gui/url/3979fe45b8b11e752ccf2728af479fa88a9898abfd5928052205c14d404b2a45/detection -! https://www.fortiguard.com/webfilter?q=nuada-the.com -! https://safeweb.norton.com/report/show?url=nuada-the.com -||nuada-the.com^$all ! 31/1/2023: https://www.virustotal.com/gui/url/12bcc81f9b37207bbdf0bb8bc5a5c5c9e1202cc5cdc90b3916484623127d0671/community ! (my analysis) NSFW: https://app.any.run/tasks/591ba0ed-d373-46b3-950a-2b3d0a364064 -||vzvnjw.delicatedates.net^$all -||delicatedates.net^$document ! https://duckduckgo.com/?q=url+shortener+free&ia=web ! https://www.virustotal.com/gui/url/5dddae1ba462c1db7091185cca5d502681f2e97524278a86a297a14ee878bebc/detection @@ -888,10 +710,6 @@ ! https://safeweb.norton.com/report/show?url=https%3A%2F%2Ff.ls%2F ||f.ls^$all ! https://www.virustotal.com/gui/url/1da28265a996329b5bfce00b2aae8222d55db3f2ed81dccd789ebdeddd2dfc7d/detection -! https://www.fortiguard.com/webfilter?q=hiokurl.com -! https://safeweb.norton.com/report/show?url=hiokurl.com -! https://sitereport.netcraft.com/?url=https://hiokurl.com/ -||hiokurl.com^$all ! https://www.virustotal.com/gui/url/d4bd72283480a00bdabbcc5f35234506988584de62ec047f4ce14059811b160f/detection ! https://www.mywot.com/scorecard/itsssl.com ! https://safeweb.norton.com/report/show?url=itsssl.com @@ -922,10 +740,6 @@ ||79.134.225.18^$all ! https://www.virustotal.com/gui/ip-address/79.134.225.18/relations ! https://www.virustotal.com/gui/url/6c92f5a89b5307a36688b9e4eda3da98c75ca2ee5b67a278c3b00bc95d4de15b/detection -! https://www.siteadvisor.com/sitereport.html?url=judge777.ddns.net -! https://www.fortiguard.com/webfilter?q=judge777.ddns.net -! https://safeweb.norton.com/report/show?url=judge777.ddns.net -||judge777.ddns.net^$all ! https://www.bleepingcomputer.com/virus-removal/remove-power-app-chrome-extension ! https://www.virustotal.com/gui/url/6dd9e3edd772497d3db7f61fa0cbd6b81b888dc1e01f95c693edfb3e696b702e/detection @@ -971,15 +785,9 @@ ! https://us-cert.cisa.gov/ncas/alerts/aa21-148a ! https://www.virustotal.com/gui/url/6042880d2adcad721d166f7bdac731bd1f953884cc94c72cf084456a1a040d88/detection ! https://www.virustotal.com/gui/url/af657a732699aa8b956f760806722522eed6a384fe93f64fdf3e29defd458502/detection -||dataplane.theyardservice.com^$all ||cdn.theyardservice.com^$all -||static.theyardservice.com^$all ! https://www.virustotal.com/gui/url/bb7652b7686cd4c9ac1448a86ea65e3451b3b74ae8184a389cb1761aabd79771/detection ! https://www.joesandbox.com/analysis/441367/0/html -! https://www.siteadvisor.com/sitereport.html?url=worldhomeoutlet.com -! https://www.fortiguard.com/webfilter?q=worldhomeoutlet.com -! https://safeweb.norton.com/report/show?url=worldhomeoutlet.com -||worldhomeoutlet.com^$all ! https://www.virustotal.com/gui/ip-address/192.99.221.77/detection ! https://www.virustotal.com/gui/url/5d424847f1cdd6349105005a336a107aca8f11fd32cecf41bc9bd8f78dc1e3bb/detection ! https://www.siteadvisor.com/sitereport.html?url=192.99.221.77 @@ -1003,63 +811,24 @@ ||185.243.214.107^$all ! https://www.virustotal.com/gui/file/2b214bddaab130c274de6204af6dba5aeec7433da99aa950022fa306421a6d32/relations ! https://www.virustotal.com/gui/url/55ece17a8cc64a501795d24f1a7a309fda60be834370e8fdd50701dcf9582ca1/detection -! https://sitecheck.sucuri.net/results/epoolsoft.com -! https://www.fortiguard.com/webfilter?q=epoolsoft.com -! https://safeweb.norton.com/report/show?url=epoolsoft.com -||epoolsoft.com^$all ! https://www.virustotal.com/gui/url/e02a4395d80bfbad41e06c0a1700ecf960f894037a68ba0d15ec80631ed697f4/detection -||www.epoolsoft.com^$all ! https://www.virustotal.com/gui/file/0a0c225f0e5ee941a79f2b7701f1285e4975a2859eb4d025d96d9e366e81abb9/community ! https://www.joesandbox.com/analysis/393833/0/html#deviceScreen ! https://www.virustotal.com/gui/url/ae5a16e96446efbd95af18cfa127779137b32587752172c98c86d19eba2974ed/detection -! https://www.siteadvisor.com/sitereport.html?url=baroquetees.com -! https://www.fortiguard.com/webfilter?q=baroquetees.com -! https://safeweb.norton.com/report/show?url=baroquetees.com -||baroquetees.com^$all -! https://www.virustotal.com/gui/domain/baroquetees.com/relations ! https://www.virustotal.com/gui/url/f1599e930e3da28e26fd5e26b89099eabd5bc708c30a47e84b8fc5fe2cbbf0e2/detection -||www.baroquetees.com^$all ! https://www.virustotal.com/gui/domain/softpussyx.us/relations ! https://www.virustotal.com/gui/ip-address/162.0.209.79/relations ! https://www.virustotal.com/gui/url/342c830002dc55939bf4ea95f1344222d248d077678da0875cb847af1fe7b9c8/detection -! https://www.siteadvisor.com/sitereport.html?url=hs-device-alerts.com -! https://www.fortiguard.com/webfilter?q=hs-device-alerts.com -! https://safeweb.norton.com/report/show?url=hs-device-alerts.com -||hs-device-alerts.com^$all -! https://www.virustotal.com/gui/domain/hs-device-alerts.com/relations -||www.hs-device-alerts.com^$all ! https://www.virustotal.com/gui/url/486e02872948b4d18c14384d7f5fdaae50707975625db26f17cfae7475945f37/detection -! https://www.siteadvisor.com/sitereport.html?url=online-banking-support-login.com -! https://www.fortiguard.com/webfilter?q=online-banking-support-login.com -! https://safeweb.norton.com/report/show?url=online-banking-support-login.com -! https://transparencyreport.google.com/safe-browsing/search?url=online-banking-support-login.com ! https://report.netcraft.com/submission/33GfNjGY7TOhkJmC5VZ5OkAOJHcRz5IJ -||online-banking-support-login.com^$all -! https://www.virustotal.com/gui/domain/online-banking-support-login.com/relations ! https://www.virustotal.com/gui/url/18544ab527a827c405b06dd2470eb4122b14924c4cd21ba6a191c178912290f3/detection -||www.online-banking-support-login.com^$all ! https://www.virustotal.com/gui/url/ac2e0ddf46bcbcb9b8d6051c5221bc9dca994b90cfd773c9edeb5a58469d6a6f/detection -! https://www.siteadvisor.com/sitereport.html?url=myhermes-missed-parcel.co.uk -! https://www.fortiguard.com/webfilter?q=myhermes-missed-parcel.co.uk -! https://safeweb.norton.com/report/show?url=myhermes-missed-parcel.co.uk -||myhermes-missed-parcel.co.uk^$all -||www.myhermes-missed-parcel.co.uk^$all ! https://www.virustotal.com/gui/url/bb22b73d6ae8d7688193e17b92aa0d5b05e3e6e321eeefa7f6d561b50375cf93/detection -! https://www.siteadvisor.com/sitereport.html?url=confirm-device-onlinesupport.co.uk -! https://www.fortiguard.com/webfilter?q=confirm-device-onlinesupport.co.uk -||confirm-device-onlinesupport.co.uk^$all ! https://www.virustotal.com/gui/url/2d4ece17204745fc52f9b9d8641854b4222882960577dc5d1d606d097d9c60e2/detection -! https://www.fortiguard.com/webfilter?q=alert-info.me -! https://safeweb.norton.com/report/show?url=alert-info.me -||alert-info.me^$document ! https://www.youtube.com/watch?v=J_bHM1NkoHs ! https://www.virustotal.com/gui/url/97f147e5e83ba58c300c4d559e429f45752965a364c88bc8c080dd81db1f5188/detection -! https://www.fortiguard.com/webfilter?q=paubit.com -! https://www.mywot.com/en/scorecard/paubit.com -! https://safeweb.norton.com/report/show?url=paubit.com -||paubit.com^$document ! https://forums.malwarebytes.com/topic/276364-please-help-to-remove-jingermycom/ ! https://www.virustotal.com/gui/url/5538837550b6bf93ad0fd8be30a9061d43b8f2097dcdfb6a7d959eaebf6b92f1/detection @@ -1097,74 +866,19 @@ ||pcclcc.knorish.com^$all ! Pretends to be a OneDrive sign in ! https://www.virustotal.com/gui/url/6564216874ea790aa743fcaae6da965d7d29900e4eae051f973888f1cd24169c/detection -||onedrive.interestmy.tech^$all ! Domains found by @DandelionSprout ! https://github.com/DandelionSprout/adfilt/issues/224 -||bawarnituruni.com^$all -||bonstrumen.me^$all -||cendokonlupo.com^$all -||dumantrem.com^$all -||faratresmugil.com^$all -||flomongteren.com^$all -||gedinetuwus.com^$all -||ikitrenesturi.com^$all -||interestmy.tech^$all -||jelmakunfun.com^$all -||jimukgremen.com^$all -||juwarnatumb.com^$all -||kabihintujun.com^$all -||kerinenmuluk.com^$all -||kijamblondo.com^$all -||kilatyunes.com^$all -||kompuyinok.com^$all -||kontrene.com^$all -||kulakantumur.com^$all -||kulinocompany.com^$all -||lekartrenes.com^$all -||logotiips.com^$all -||loprentalyunu.com^$all -||manaweruhe.com^$all -||manufakyutun.com^$all -||opratunijawer.com^$all -||pandawateplok.com^$all -||plontokan.com^$all -||remuniyambis.com^$all -||retromycomps.com^$all -||satrunekulo.com^$all -||smlvturenms.me^$all -||terapklentune.com^$all -||turahbuycomp.com^$all -||turijoglod.com^$all -||tyunipolar.com^$all -||yambrokno.com^$all -||yummycompt.com^$all -||baystlotor.com^$all -||kulinomobon.com^$all -||lateralliffee.com^$all -||makleryuki.com^$all -||okleremen.com^$all -||pinee1.com^$all -||untilkawan.com^$all ||69.49.231.244^$document ! https://github.com/TheAntiSocialEngineer/AntiSocial-BlockList-UK-Community/commit/9cd756bac651f66e5f3c63cf7ceea703db968997 ! https://www.virustotal.com/gui/url/ee0706bc3eef3eaf9d6d7d2155100d8d051dfdb61588afcd7f5f74c313ce4a21/detection -! https://safeweb.norton.com/report/show?url=packageredirect-myhermes.com -! https://www.siteadvisor.com/sitereport.html?url=packageredirect-myhermes.com -! https://www.fortiguard.com/webfilter?q=packageredirect-myhermes.com -||packageredirect-myhermes.com^$all ! https://www.virustotal.com/gui/user/VMRay/comments ! https://www.virustotal.com/gui/file/41b25eac5234d09d70dbcd3830a098c1b25828cfb70990e2938ebf99d31f796f/relations ! https://www.virustotal.com/gui/file/e5a2f1f92189919272d6a14bbd16934ee66464a6cb90f30f00abaf0a204e4307/relations ! https://www.virustotal.com/gui/url/e942c0dcfd4c35ead2b75de05dd80928d4189118a0fe001b685d9cca62e28a1d/detection -! https://safeweb.norton.com/report/show?url=name-usa.info -||name-usa.info^$all ! https://www.virustotal.com/gui/url/2c44be10bb8d858bf74b57a285f21a213dfe3b0fd17b395ccc776ee751f54f28/detection -||s.lletlee.com^$all ! https://www.virustotal.com/gui/url/16cce3ab323b58c6783f7c6eee8416c5a35f3322114a4c517076fa7ab3496685/detection -! https://www.siteadvisor.com/sitereport.html?url=lletlee.com -||lletlee.com^$all ! https://www.virustotal.com/gui/ip-address/136.144.41.201/detection ! https://www.virustotal.com/gui/url/09b318a17f3ba7a4729b2bcd0b8ba02b8003693e7051097797fbc52194925e76/detection ! https://safeweb.norton.com/report/show?url=136.144.41.201 @@ -1179,24 +893,9 @@ ! https://thehackernews.com/2021/07/hackers-spread-biopass-malware-via.html ! https://www.virustotal.com/gui/url/97b4ed1e2788217aa186f26dbdd13a36544dde101e53ea3382e6a5aa1b9f4081/detection -||0x3s.com^$all -! https://www.virustotal.com/gui/domain/0x3s.com/relations -||p.0x3s.com^$all -||d.0x3s.com^$all -||smtp.0x3s.com^$all -||ftp.0x3s.com^$all -||biaozhunyoujiangeshi.0x3s.com^$all -||da.0x3s.com^$all -||r.0x3s.com^$all -||e.0x3s.com^$all -||c.0x3s.com^$all -||www.0x3s.com^$all -! https://www.virustotal.com/gui/domain/0x3s.com/relations ! https://www.virustotal.com/gui/ip-address/47.57.140.149/relations ! https://www.virustotal.com/gui/url/0025d5ba5569ba2ecc29c39236a9b559a212e3ac7404b9af7be62e143175cf5f/detection -||update.flash-installers.com^$all ! https://www.virustotal.com/gui/url/94a7b6d048720fe4e837d6027f5019c775d20e5ea761ad03236f85070f08838a/detection -||flash-installers.com^$all ! https://www.virustotal.com/gui/url/ade8073339365eed03d142d5e57ec528d54294c40fdac08e71d5363d3ba634d0/detection ||update.flash-installer.com^$all ! https://www.virustotal.com/gui/url/98962a3086cc694e1d62667a718edd6738b233b2b348b1197c141a8ecb251336/detection @@ -1226,8 +925,6 @@ ! https://www.virustotal.com/gui/file/84904a91de28f8aff1863d9831dddea0110e94761287579926e843b1b4046608/relations ! https://www.virustotal.com/gui/file/062f2b4bd4a156914319ca2dc069e37920a5abde742103a41736ceaf56b6fcc7/relations ! https://www.virustotal.com/gui/url/d856e86a99691541893c6f94fa8c9d775d845e24ee4f83d010219168c65fab53/detection -! https://siteadvisor.com/sitereport.html?url=by.dirfgame.com -||by.dirfgame.com^$all ! https://www.virustotal.com/gui/url/05d2b17b5cd77143d45fd292ad7fd3f1b3830d3298ee047fac4b4f9a9968c657/detection ! https://www.virustotal.com/gui/ip-address/185.117.90.215/relations ! https://safeweb.norton.com/report/show?url=185.117.90.215 @@ -1281,10 +978,6 @@ ! https://www.joesandbox.com/analysis/453639/0/html#domains ! https://www.virustotal.com/gui/url/46e095c35d83e2dd0b98df4b5844d3d87948de0c930a618600121020a514c801/detection -! https://www.siteadvisor.com/sitereport.html?url=telete.in -! https://safeweb.norton.com/report/show?url=telete.in -||telete.in^$all -||www.telete.in^$all ! https://www.virustotal.com/gui/file/17a4af006da6a025094e31bfdee13e3b2123a746d97c8c4958570f1fb9e79e3c/relations ! https://www.virustotal.com/gui/url/f20f83d77c11b8ccda12dc3e08b034104af3417cac8e31b1d8b78f492deed25d/detection @@ -1330,7 +1023,6 @@ ! https://www.virustotal.com/gui/url/efc1177d474e3efe2e9e53fcfbb012c9ae86f64467e38824f6d974d5504647f0/detection ||properlysolutionsco.com^$all ! https://www.virustotal.com/gui/url/6b2338518e68612db03784b14220013e5de2062f6bd6aa4fb7f38fe94dab2b4f/detection -||waunake.com^$all ! https://www.virustotal.com/gui/url/cfb47cf40734458f67af9647269065856b3995bc990197c74bb015673c864213/detection ! https://www.virustotal.com/gui/url/270da35e4e24cdca72d7391886bdb7eae2d0758923b397f09558ea42402465a3/detection @@ -1557,8 +1249,6 @@ ||youneerdmo.top^$all ||image-find.com^$all ! Why do I need a rickroll injector to download an image? This domain is also rated CAUTION by Norton... -||home.prank-image-replace.com^$all -||prank-image-replace.com^$all ! Fake notifications ||usegetmarketings.com^$all ||bestappever4you.com^$all @@ -1771,9 +1461,6 @@ ! Typosquatting ! https://www.virustotal.com/gui/url/7192e189a778151b8b2ac216542c1dd4c842cc5dded479941cfecfc940e44cc8/detection -! https://safeweb.norton.com/report/show?url=discordapp.cam -! https://www.siteadvisor.com/sitereport.html?url=discordapp.cam -||discordapp.cam^$all ! https://www.virustotal.com/gui/file/eaffdf51b17ef1b7b7bf01ab6e8c2dce61a3dbd875b368e06a6d3b95e100c6f1/relations ! https://www.virustotal.com/gui/ip-address/37.34.176.37/relations @@ -1907,16 +1594,11 @@ ! https://blog.malwarebytes.com/threat-intelligence/2021/08/new-variant-of-konni-malware-used-in-campaign-targetting-russia/ ! https://www.virustotal.com/gui/url/cabda0b842c71975636fa9771fb2c1e8c1cbea3f563ccb3e7b2f7aa97ef35d5c/detection -! https://www.siteadvisor.com/sitereport.html?url=takemetoyouheart.c1.biz -! https://safeweb.norton.com/report/show?url=takemetoyouheart.c1.biz -||takemetoyouheart.c1.biz^$all ! https://www.virustotal.com/gui/url/62c816717ba7b01990587fe85d35757e1114e1903ef53a09fb30a17ba9a2c6ca/detection ! https://www.siteadvisor.com/sitereport.html?url=taketodjnfnei898.ueuo.com ! https://safeweb.norton.com/report/show?url=taketodjnfnei898.ueuo.com ||taketodjnfnei898.ueuo.com^$all ! https://www.virustotal.com/gui/url/d22f08c107fce668a5124821e8016116aa5f760a935279b1fa72f6c0bdcf7fec/detection -! https://safeweb.norton.com/report/show?url=taketodjnfnei898.c1.biz -||taketodjnfnei898.c1.biz^$all ! https://www.virustotal.com/gui/url/a67a153fa6085488b963ffca30885ee674df394e81a97da29a13262587eafa03/detection ! https://safeweb.norton.com/report/show?url=romanovawillkillyou.c1.biz ! https://www.siteadvisor.com/sitereport.html?url=romanovawillkillyou.c1.biz @@ -2033,7 +1715,6 @@ ||multiadblock.com^$all ||rsafrwd.com^$all ||adverdirect.com^$all -||euphe-gun.com^$all ||bestwinexperience.com^$all ||triumphantplace.com^$all ||traffic-go.com^$all @@ -2052,11 +1733,6 @@ ! vxvault.net/ViriFiche.php?ID=44012 ! https://www.virustotal.com/gui/url/b918c2e51aa20c5ae35cb609e5a3c94f10fb0d38451510c7d91dee150965e6da/detection ! https://www.virustotal.com/gui/url/bccda7a30dbe5315b5e8477875c648394b52aff7c4df888e3c6260731b04e6af/detection -! https://www.siteadvisor.com/sitereport.html?url=ubsco.uk -! https://safeweb.norton.com/report/show?url=ubsco.uk -||ubsco.uk^$all -||com.ubsco.uk^$all -||www.ubsco.uk^$all ! https://www.virustotal.com/gui/file/62b896e96dcf04ac6f6953b1ecea555b4ac4ac0f2c0fe484b27c54650d71c8db/relations ! https://www.virustotal.com/gui/url/4d38b0c851670a331c9580352c4eb50d55c49c2711bfa34e91537eb95ee29c5b/detection @@ -2138,7 +1814,6 @@ ||apsolutamente.com^$all ||time4news.net^$all ||secureleadsforever.com^$all -||antivirus.renewal-software-update.com^$all ||pushmeup.art^$all ||eu.pushmeup.art^$all ||trc.artofads.co^$all @@ -2233,7 +1908,6 @@ ||hpprintersupportservice.com^$all ||how.hpprintersupportservice.com^$all ! Not dead yet - https://github.com/uBlockOrigin/uAssets/issues/9933 -||navman-gpsupdate.online^$all ||1redirb.com^$all ! https://github.com/uBlockOrigin/uAssets/issues/9933#issuecomment-913677276 ||greenadblocker.com^$all @@ -2347,13 +2021,11 @@ ! https://www.virustotal.com/gui/url/3946eec45e9748c4fd6f3719a5ed1da0ffa2ef3849c33d30d09f075da450c111/detection ||anduansury.com^$all ! https://www.virustotal.com/gui/url/23f5ab0e022c0809f116f569e65d8282bbd6ce6154b82e3ec3611fb23159d2c2/detection -||ankese.com^$all ! https://www.virustotal.com/gui/url/294e3ed4ac955a08ee94ea29db0aa951a1c26596a33b8b134168e0ca5e9b468d/detection ||bootstrapmag.com^$all ! https://www.virustotal.com/gui/url/d1c684e861d500e9a4906444714b83de95432d240998d04d16efde7ba80d1521/detection ||cdncontainer.com^$all ! https://www.virustotal.com/gui/url/b152f0840b773944f8d10649478a5e0b900731b65b666d8c581231d2654f37b6/detection -||cdnforplugins.com^$all ! https://www.virustotal.com/gui/url/f14e0141dec9d7c6b2939994de7081e9ef03001e9eb6c91f40457c7b746876b0/detection ||fileskeeper.org^$all ! https://www.virustotal.com/gui/url/00de113cc0bea8bb5578d87eac425d4d8f71bc5c31626b8eb887a86b67dfbf21/detection @@ -2371,113 +2043,65 @@ ! https://www.virustotal.com/gui/url/8b1bb2aa6c7ef4bee926d80b14c1c99f2febd7e5934b6cbb473f4f2b444ef3b4/detection ||scriptdesire.com^$all ! https://www.virustotal.com/gui/url/ba10ead0d37648fd38b3e366092f61efc462ae29ea78083096d440222715a80f/detection -||speedtransaction.com^$all ! https://www.virustotal.com/gui/url/2f13a1f4566290252fa85d94a253450d68bdab55a083dc0481299624de2ef73d/detection -||spotforassets.com^$all ! https://www.virustotal.com/gui/url/bb71a2ac6c579e62cb347912b77a3a30afe194e88ae22316fc85d2d97290f8a1/detection ||stairany.com^$all ! https://www.virustotal.com/gui/url/d21b0a44b181ea1af33964ee18027810afc0492f2b5f505727cf065bedebd74e/detection -||swappastore.com^$all ! https://www.virustotal.com/gui/url/53242dabbd11c63cdcf563da593b1cddd08e7670dc00c489af37809f1010b13a/detection -||theresevit.com^$all ! https://www.virustotal.com/gui/url/bc297e7f7204db51aaca536d51001b459d378fb7af1f336417e199374192bb2c/detection -||underscorefw.com^$all ! https://www.virustotal.com/gui/url/905eff316d9e0296e41a93115777152e8ad266865a73f2bb76fb45c3384b1ee3/detection -||v2-zopim.com^$all ! https://www.virustotal.com/gui/url/9d4c1c222a329bf7844aab12cb06b5af233d590483102ff93d81aa8431abf5d0/detection ||verywellfitnesse.com^$all ! https://www.virustotal.com/gui/url/ff76a8094f3aba79b59966749d6673a0b9cb85c582814244320fff05357e0334/detection -||w3schooli.com^$all ! https://www.virustotal.com/gui/url/b44775de81e9c97e08ca8d6636217944c26e1315ae81de627909035ec1dea31e/detection ||webadstracker.com^$all ! https://www.virustotal.com/gui/url/7b99f29ee9883131be40f8171609fbb34149cb8478cef1eca15cb7ba7e75dcb6/detection -||webscriptcdn.com^$all ! https://www.virustotal.com/gui/url/bf8ab182ae67200ea5af21c2e651183aa429263071c39e9b8ce7d6de77fc786f/detection -||winqsupply.com^$all ! https://www.virustotal.com/gui/url/878a96cd3ac82336deafffaa0eed37b328f2d6e9bfce20212c0be6236450092f/detection -||wordpress-scripts.com^$all ! https://www.virustotal.com/gui/url/8f2416a4c90c791fdfb99741d25f1f38d3f3712598e1848cc4319fddaacc775d/detection -||zoplm.com^$all ! https://www.virustotal.com/gui/url/c8c43c71728fd48329562a3bf20a68b96dc641e45ff9469d28a2b3fbeef633f6/detection -||adwords-track.com^$all ! https://www.virustotal.com/gui/url/a9575c1df3dd1e98bb8e643b7c0f0a970e055950d53df87a4421fd3f7d846ef6/detection -||adwords-track.top^$all ! https://www.virustotal.com/gui/url/d9e2568a8b6a18b2bf0a6d47c5200b57f62ab5033c85843ebb70a385cf8c75eb/detection -||carders.best^$all ! https://www.virustotal.com/gui/url/0b039602394e771af6323451ae5d3e88dfd0e63906eda39416c7dd1ba33124c0/detection -||cdn-secure.net^$all ! https://www.virustotal.com/gui/url/f95a1345061e81292a47c177e9aaf8af0b51ce6d82b2ea40cc324623ee203d43/detection -||clickinks-api.com^$all ! https://www.virustotal.com/gui/url/7a308c86e497076a50c8f353e5d2a104724dfb36a6b439a98358bf4edf4833fb/detection -||drhorveys.com^$all ! https://www.virustotal.com/gui/url/db9df4312b48c2be39d221a5930744465cf7512cd991ff6f695328fbebbe4c09/detection -||drnarveys.com^$all ! https://www.virustotal.com/gui/url/f404ec1c44eb659e8f06c4306e8e09f4d37b0913bee4ef6bb0151a21a0d33093/detection -||faviconx.com^$all ! https://www.virustotal.com/gui/url/3d93f9133a3fb1849c98f2ead58ce481de7cf0c44c248e155291722934cb9c2b/detection -||font-staticx.com^$all ! https://www.virustotal.com/gui/url/542e6fc839c26a790786a211801ad0d3143ab31c00915c0268330c79cf15b79b/detection -||fonts-googleapi.com^$all ! https://www.virustotal.com/gui/url/025ffe441f66e1972b6087088a159a487e549c0159f2dff6a85b05646b0eea2f/detection -||fontsctatic.com^$all ! https://www.virustotal.com/gui/url/9383a03c04ae3ac308ccd4e5e91ec8d83937b8794ddd42916137dd4c6c3b811d/detection -||fontsctaticx.com^$all ! https://www.virustotal.com/gui/url/72ae17db6d0779a2da12f211bc4d1f9bba0a74cc0f7d2fed1430742f7e06f59f/detection -||fontsgoooglestatic.com^$all ! https://www.virustotal.com/gui/url/6f362a27f6dab71a6f642a1a1977a91d7828051391ad24aa94e8d071c746c4ff/detection -||fontstaticx.com^$all ! https://www.virustotal.com/gui/url/0dc14d709f65a39862293619b4960152b7c9f780af06120cb93fd47f641f2880/detection -||fontstatics.com^$all ! https://www.virustotal.com/gui/url/fb556aea3842a6cda3eb95e53a1a20b2d38ed75aadd6cd70bcf2d86fed8d6222/detection -||frontstatics.com^$all ! https://www.virustotal.com/gui/url/c33de2f2d87159af84e1b99f2511c6edff096300499bcdbc8464d1d34b3866a5/detection -||g-staticx.com^$all ! https://www.virustotal.com/gui/url/0af25fcc819bda5e177b5920e83de7803fda5bbd42bc47ead8eb27a6c70910a6/detection -||ga-track.com^$all ! https://www.virustotal.com/gui/url/818307dc1655ea9be3ab64fc225512af34740206d14dc918d4726204798317fd/detection ||gctatic.com^$all ! https://www.virustotal.com/gui/url/31c6d53dfc491391f27ba77dfaa2f13fe2165b4a99f8a155d9044724677d4a80/detection -||gctatics.com^$all ! https://www.virustotal.com/gui/url/97dd15f688d6562742882a3b590876fdb66c41185a72a953468b8a70b84d3032/detection -||google-tagmanager.com^$all ! https://www.virustotal.com/gui/url/ad648a05cecd440278b30e81f20490c1353c7dff646c0e84c7afb431d4f3631d/detection -||googleatagmanager.com^$all ! https://www.virustotal.com/gui/url/afc9b9a20d19c9b8919ce192a45adcf120973a7f0c120debb10c788faeab7906/detection -||googlestag.com^$all ! https://www.virustotal.com/gui/url/207ce8793a591db4259b11450c2a69d94774d75a035cb1272442e3c11cd3b7f3/detection -||googlestaticx.com^$all ! https://www.virustotal.com/gui/url/fea4740608070496e9f0783ea612d410300a96ea9c332072a451e773f7ba10d9/detection -||googlestatix.com^$all ! https://www.virustotal.com/gui/url/d93cf430da35ed153ed39af82d7db3b5c20c28ddd1bfdbacb926bea8459f4a17/detection -||googletagmahager.com^$all ! https://www.virustotal.com/gui/url/dc224282fa8f1a4ee1f3f27cb99072f48e27810472385c402599973e93011e7e/detection -||googletagmamager.com^$all ! https://www.virustotal.com/gui/url/f54c89f54c19f0e7c3e461fd2020e0cc7faa973b2311833681e1bb8170115018/detection -||googletagmanagen.com^$all ! https://www.virustotal.com/gui/url/4c98e91d5885770fc997531fd7960e884935bff8d7eb61b59c0dbbe3d544e864/detection ||googletagmanages.com^$all ! https://www.virustotal.com/gui/url/56d1f827ee0481025f6afaffb6ecc2e1acf06c1ab30d40f9863cc679e9e7e50d/detection -||googletagnamager.com^$all ! https://www.virustotal.com/gui/url/d0f3beccece1a7982123232f558cbee1d2f0e6143c43128e08206cdd692b38b6/detection -||googletaqmanager.com^$all ! https://www.virustotal.com/gui/url/395f6f3c7ae32a12d1ca1efa9aa7c4bc2cbf8d7fe2f062eb34647ab1a4e21d36/detection -||googletaqmanaqer.com^$all ! https://www.virustotal.com/gui/url/a689445532312190b1b61bf08c4fb65a193262dd74555cca389364688315635a/detection ||gstaticx.com^$all ! https://www.virustotal.com/gui/url/9ed68f799d614dd1586a8dc075e74b44f881f43c75cd1826f80edae0936bce0d/detection -||gstaticxs.com^$all ! https://www.virustotal.com/gui/url/3067c0c0cb6f8b0ba7196afe3b5cdd761cd1a00780de7802e98ab145875e6fdf/detection -||hs-scrlpts.com^$all ! https://www.virustotal.com/gui/url/280b38a0719b139e13757f200040f3bb4889358ea57b0aaeb740b4a44a2054b7/detection -||jquery-statistika.info^$all ! https://www.virustotal.com/gui/url/0c580403f7f5fee7e61e272de583ebc13c462b886db2a0af858be1693581c261/detection -||jquery.su^$all ! https://www.virustotal.com/gui/url/c217d2536fca71dee04d63aa2977424eb4bd41bfdf6d42e3107aaf1b7ff0b55c/detection -||scaraabresearch.com^$all ! https://www.virustotal.com/gui/url/4afa69e2ba418cf00b9a1077b7ba068698bb1728c9051e85d6f37926fc29fc8f/detection -||staticzd-assets.com^$all ! https://www.virustotal.com/gui/url/bba90dce422fa955d826082203f6b135e76dd2cdb07b934c103f7415574eedb0/detection -||v2zopim.com^$all ! https://www.virustotal.com/gui/url/febbe9594d25c0d1b81b4db59816a08c5021eb4eab5a803ef061149a0e93d861/detection ||validcvv.ru^$all ! https://www.virustotal.com/gui/url/b4b681701df04dfdeab6b95689e7df45efb1ceca7e2f3305a476f0999f3c4f08/detection @@ -2491,130 +2115,9 @@ ! https://www.virustotal.com/gui/url/ad663f4eaf473695742bb36f91047a7cc2fdf78040d321da4707f8f4af7994bc/detection ||194.87.144.10^$all ! Typosquat -||googheusercontent.com^$document -||googlatagmanager.com^$document -||googlausercontent.com^$document -||google5sercontent.com^$document -||googleafalytics.com^$document -||googleanadytics.com^$document -||googleanahytics.com^$document -||googleanal9tics.com^$document -||googleanalxtics.com^$document -||googleanaly4ics.com^$document -||googleanalydics.com^$document -||googleanalypics.com^$document -||googleanalytacs.com^$document -||googleanalytias.com^$document -||googleanalytibs.com^$document -||googleanalyticc.com^$document -||googleanalyticr.com^$document -||googleanalyticw.com^$document -||googleanalytigs.com^$document -||googleanalytiks.com^$document -||googleanalytkcs.com^$document -||googleanalytmcs.com^$document -||googleanalytycs.com^$document -||googleanalyuics.com^$document -||googleanalyvics.com^$document -||googleanamytics.com^$document -||googleananytics.com^$document -||googleanclytics.com^$document -||googleanelytics.com^$document -||googleanilytics.com^$document -||googleanqlytics.com^$document -||googleaoalytics.com^$document -||googlecnalytics.com^$document -||googledagmanager.com^$document -||googleenalytics.com^$document -||googleesercontent.com^$document -||googleinalytics.com^$document -||googlepagmanager.com^$document -||googleqnalytics.com^$document -||googleqsercontent.com^$document -||googletacmanager.com^$document -||googletaemanager.com^$document -||googletag-anager.com^$document -||googletageanager.com^$document -||googletagianager.com^$document -||googletaglanager.com^$document -||googletagmafager.com^$document -||googletagmajager.com^$document -||googletagmalager.com^$document -||googletagmanacer.com^$document -||googletagmanaeer.com^$document -||googletagmanafer.com^$document -||googletagmanagar.com^$document -||googletagmanagdr.com^$document -||googletagmanage2.com^$document -||googletagmanageb.com^$document -||googletagmanagep.com^$document -||googletagmanagev.com^$document -||googletagmanagez.com^$document -||googletagmanaggr.com^$document -||googletagmanagmr.com^$document -||googletagmanagur.com^$document -||googletagmanaoer.com^$document -||googletagmanawer.com^$document -||googletagmancger.com^$document ||googletagmaneger.com^$document -||googletagmaniger.com^$document -||googletagmanqger.com^$document -||googletagmaoager.com^$document -||googletagmcnager.com^$document -||googletagminager.com^$document -||googletagmqnager.com^$document -||googletagoanager.com^$document -||googletaomanager.com^$document -||googletawmanager.com^$document -||googletcgmanager.com^$document -||googletigmanager.com^$document -||googletqgmanager.com^$document -||googletsercontent.com^$document -||googleu3ercontent.com^$document -||googleuagmanager.com^$document -||googleucercontent.com^$document -||googleuqercontent.com^$document -||googleurercontent.com^$document -||googleusarcontent.com^$document -||googleusdrcontent.com^$document -||googleuse2content.com^$document -||googleusebcontent.com^$document -||googleusepcontent.com^$document -||googleuseraontent.com^$document -||googleuserbontent.com^$document -||googleusercgntent.com^$document -||googleuserckntent.com^$document -||googleusercmntent.com^$document -||googleusercnntent.com^$document -||googleusercoftent.com^$document -||googleusercojtent.com^$document -||googleusercoltent.com^$document -||googleusercon4ent.com^$document -||googleusercondent.com^$document -||googleuserconpent.com^$document -||googleusercontant.com^$document -||googleusercontdnt.com^$document -||googleuserconteft.com^$document -||googleusercontejt.com^$document -||googleusercontelt.com^$document -||googleuserconten4.com^$document -||googleusercontend.com^$document -||googleusercontenp.com^$document -||googleusercontenu.com^$document -||googleusercontenv.com^$document -||googleuserconteot.com^$document -||googleusercontgnt.com^$document -||googleusercontmnt.com^$document -||googleusercontunt.com^$document -||googleuserconuent.com^$document ||googleusescontent.com^$document -||googleusgrcontent.com^$document -||googleusmrcontent.com^$document -||googlevagmanager.com^$document -||googlganalytics.com^$document -||googluanalytics.com^$document ||googlutagmanager.com^$document -||googmeanalytics.com^$document ! https://www.virustotal.com/gui/file/17b08e4418f813543e91ad18ae2e50ecfe40692d9b5dec854e94ec0abbc92b11/relations ! https://www.virustotal.com/gui/url/b811ee21aa14f8f63e8911bfa608e81f4cb8125c8bac847b8e4eae3da81b362b/detection @@ -2624,9 +2127,6 @@ ! https://www.virustotal.com/gui/url/2245c69a63d9303e4967c776393b92132c38437d6f7dd501bef681c796c5a835/detection ! https://www.virustotal.com/gui/url/91fc2b7b96fee98beaebda6a48e0b54881c81f42901ed2b1d64977a759512b71/detection -! https://www.siteadvisor.com/sitereport.html?url=vonlineshop.ir -! https://safeweb.norton.com/report/mobile?name=vonlineshop.ir -||vonlineshop.ir^$all ! https://www.virustotal.com/gui/file/543694f8b09a565a88932457d40d16cd85ac3f0b7be9ad322ef9486144379449/relations ! https://www.virustotal.com/gui/url/c26a3e1752e06b6d7fd5317ffaa118163d5f9198c49fbba033d542f26a397e30/detection @@ -2653,27 +2153,21 @@ ! https://www.siteadvisor.com/sitereport.html?url=103.167.90.59 ||103.167.90.59^$all ! https://www.virustotal.com/gui/url/83f953236ca2db72e6b1f29124eabb108531164a886e2f4b4a4392e5fa6a31d7/detection -! https://safeweb.norton.com/report/show?url=checkvim.com -! https://www.siteadvisor.com/sitereport.html?url=checkvim.com -||checkvim.com^$all ! https://urlhaus.abuse.ch/url/1625361/ ! https://www.virustotal.com/gui/url/9ad021dd4ce4c664275b0323ef1bebb083c7ec0b58e628a106243f533538f481/detection ! https://www.virustotal.com/gui/url/542708d203696c61a73a8f5fc63c61ec7a9bd2a35181947227355f7061ba2a46/detection -||rusyacastajanslari.bykmedya.com^$all ! https://www.virustotal.com/gui/file/49113451c4baac2ee6b97486bd1f57dcf68891d55ff4782daa4d578e23e78d7c/relations ! https://www.virustotal.com/gui/url/3c8a2e8d244d06ec62b070ee4886fa9011161d3c79793cadbc824644cdb53a41/detection ||194.145.227.161^$all ! https://www.virustotal.com/gui/url/770c2701451a00d72aa5a1424e50b632309921ca9f187c1ff661be65969e18df/detection -||wushupalace.top^$all ! https://www.virustotal.com/gui/url/4c5a0fc42b8374b889bde94b8189a8be9f8c7fd5bfd1107e5588410e2359a53d/detection ! https://www.virustotal.com/gui/url/50d8e148f03ea0b5e78df4443de8fee256d2d3437520d7eda0c133fd7d368aea/detection ||45.137.190.31^$all ! https://www.virustotal.com/gui/url/4004f0b5afacdd462f4612ef453a3226dcc9cfe59f17c6a397ad499951d2cc69/detection -||ierinapu.xyz^$all ! https://www.virustotal.com/gui/file/f5af3aadb754d10407bf013ceea95d75742db4cea8e9539db369df14577c18e1/community ! https://www.virustotal.com/gui/url/2ad4a25fd971359e6754edc69fc4093d0352aacb1d2bf4a26ac401ed39f44ddf/detection @@ -2699,8 +2193,6 @@ ||45.33.2.79^$all ! https://www.virustotal.com/gui/url/3a5e3ba3e48338af279942f6002ec38048f98453c59a2296f413526a4472ddbb/detection ! https://www.virustotal.com/gui/url/338b050c7a6b9d69f5b174c246ac2d126f853efd1a61f3f8ce6813e90ca840aa/detection -||abrosnm3.com^$all -||www.abrosnm3.com^$all ! https://www.virustotal.com/gui/file/6bbec289761e29f2118ce99e40cd65abb5428d53806158c5898c5db5f252af96/community ! https://www.virustotal.com/gui/url/98a0ce8f7e37e92a734ffbbcdb5f277301d0c4331c1beb8fb21ff879e30a7c8d/detection @@ -2712,9 +2204,7 @@ ! https://www.virustotal.com/gui/url/5650885e7203c1359a7ad957620b63a81c513cead87ef081447d663788c3ca17/detection ||45.15.170.102^$all ! https://www.virustotal.com/gui/url/5fb2767626e0ec1f3f13581aeb0e8f7e42e4ad6e277325b63a7ebc23711d6166/detection -||bin.rippr.cc^$all ! https://www.virustotal.com/gui/url/7723856ebbd6e156a0d652aded8df06261a290b1484ee078768c0f64a46a4445/detection -||rippr.cc^$all ! https://www.virustotal.com/gui/file/da75c85fe037f9ff9ebbbd0b37dd2ff154f5e70a0dc6870286e0d3df6b8f246f/community ! https://www.virustotal.com/gui/url/2d1ab3d658bc793eeb760125c15fb3792cd38bec0299e790f57cb1710336cfd5/detection @@ -2735,8 +2225,6 @@ ! https://www.virustotal.com/gui/url/09007cfca4455f32bd57fdd3c1541f20a3b9bd9cd95252bb7bd9e26fb5f4135c/detection ||139.99.135.131^$all ! Domains that resolve to this ip -||bitwarden.otenki.dev^$document -||bitwarden.eyepv6.net^$document ! https://www.virustotal.com/gui/file/7b603dd82cb87eca59e93b2cd9c0eb8e613339097b23ac07daa9220a2eb4a7b4/community ! https://www.virustotal.com/gui/url/fb8f88ffe062f936433c934de18d7c411ab997eb5142e0458b217c9136a0a968/detection @@ -2748,7 +2236,6 @@ ! https://www.virustotal.com/gui/url/240e84686f645820b6b5bdfbf391bd8a5a4371e347a02ac2d6297d9905d83787/detection ||194.145.227.159^$all ! https://www.virustotal.com/gui/url/6680fe346732105a635a0c1ad47eda07bb9fa0c430d6b69b73dd49d2e9edd52b/detection -||lae53dd5.justinstalledpanel.com^$all ! https://www.virustotal.com/gui/url/5961dc4e337c4aa48f2ed2945730bbb40590f9f1291a7ad65446208025153eab/detection ||justinstalledpanel.com^$all @@ -2760,7 +2247,6 @@ ! https://www.virustotal.com/gui/ip-address/35.194.188.37/relations ! https://www.virustotal.com/gui/url/ffcb5058b7baf1b9b74b5910eb1c0c00ab7ca3a34e67f241511489bb7a1745ec/detection ! https://www.virustotal.com/gui/url/7063630fcc39e93d2ce281a3622fa31a7384c69c7d1b88681d6cc8080b8f85ba/detection -||nemscnc.ddns.net^$all ! https://www.virustotal.com/gui/file/d4a432f1248930343a999a11dbcf5c7790f7c0d4856200aba7d20f956455fa2e/relations ! https://www.virustotal.com/gui/url/31f594b44559268c110733c6a8eee6349b6da8d6c72808c7b1530418d53dcc85/detection @@ -2769,15 +2255,11 @@ ! https://www.virustotal.com/gui/file/368afeda7af69f329e896dc86e9e4187a59d2007e0e4b47af30a1c117da0d792/community ! https://www.virustotal.com/gui/url/39f51c240675face23daa0fdd02c8a16f7367d599956ca56dd78994d916ab084/detection ! https://www.virustotal.com/gui/url/edd4db01297824cdd3d9762e6c5814217762733e43806910c500cec8bb9a33dc/detection -||hydro-ca.link^$all ! https://www.virustotal.com/gui/url/dfc627dd9e15042b54b52256b5c097419d3d7a9e88b1ada7e336e71a1f3918cc/detection ! https://www.virustotal.com/gui/url/786ac72a5a21d9e776f4a433628c4fe4a1b883d7b2dfd5dec70f4cc9df57d92e/detection -||covid19-ca.link^$all ! https://www.virustotal.com/gui/file/368afeda7af69f329e896dc86e9e4187a59d2007e0e4b47af30a1c117da0d792/relations ! https://www.virustotal.com/gui/url/de8b6da81885ece3cadcc234a81fcaddaa6e4b4d186e232b215cb9e6baf34bef/detection -||sock.godforgiveuss.live^$all ! https://www.virustotal.com/gui/url/f1e54c24e1d0a6804e1a61fe846536525413103b88f3ce319eec6359c12dcfde/detection -||godforgiveuss.live^$all ! https://www.virustotal.com/gui/file/c0e40a12643436cb413235e385a6a90deeb6cc13b24458368fd7facb20ac0c81/community ! https://www.virustotal.com/gui/url/2bd4684b3018b632e9b81b8804abcdc81adf4fd2f09cf9c241db3c7407a0114b/detection @@ -2787,9 +2269,7 @@ ! https://www.virustotal.com/gui/file/9f154115fa8045aa05f15f7cd1de9623ebe32e8ea400279ecb5dfa3596952e3b/community ! https://www.joesandbox.com/analysis/485747/0/html#domains ! https://www.virustotal.com/gui/url/208a2c80c056202dc8b684a4770251259c52c602a886fa241dd606809587832a/detection -||fernandomayol.com^$all ! https://www.virustotal.com/gui/url/99b6358982cd5d772cb7b3a70cbd9f1ff6d731f5e58ed9c4d90580013b420769/detection -||varmisende.com^$all ! https://www.virustotal.com/gui/file/cf2520dcf0df45be39612ab801dd1bb9923c83b21fc781be782e89e3a48e27a5/community ! https://www.virustotal.com/gui/url/56fbafd52dab63df12ac360b1eb506fa17bace95d07aae5fd2ee9f4f89e778cc/detection @@ -2816,9 +2296,6 @@ ! https://www.ipvoid.com/ip-blacklist-check/ ||192.3.194.242^$all ! https://www.virustotal.com/gui/url/f383435c4ebc276a916fcc84b8bf9c8f96ef7469918f8cf404f6199afe99e7dd -! https://safeweb.norton.com/report/show?url=fakasafs23asd-adj.ydns.eu -! https://www.siteadvisor.com/sitereport.html?url=fakasafs23asd-adj.ydns.eu -||fakasafs23asd-adj.ydns.eu^$all ! https://safeweb.norton.com/report/show?url=w0hsyejhnbcvzaxi8euyr6tgeya5vml09jysgav27.ydns.eu ! https://www.siteadvisor.com/sitereport.html?url=w0hsyejhnbcvzaxi8euyr6tgeya5vml09jysgav27.ydns.eu ! https://www.virustotal.com/gui/url/0c324af104bb3ea37074bc44245d2667f0b7bde55bcd80baf6623e8c8a4365be @@ -2828,13 +2305,9 @@ ! https://www.virustotal.com/gui/url/9faee609262eb05e277affe242c05d6de476c98f50351a70bf270762aa7a59a1 ||avira-antivirus.ydns.eu^$all ! https://www.virustotal.com/gui/url/e5e1be7f0c795bd33613627bad331ab08561db2b149f084f3d864d5e1c11d6bf -! https://safeweb.norton.com/report/show?url=k2ygoods.ydns.eu -! https://www.siteadvisor.com/sitereport.html?url=k2ygoods.ydns.eu -||k2ygoods.ydns.eu^$all ! https://www.virustotal.com/gui/url/c4d679b0bf890df973383c9feafa2cdec8e9fcf7c0843683ab7e196dab9640bb ||lefteriskkokkiskikinew.ydns.eu^$all ! https://www.virustotal.com/gui/url/15a4d61ed39673084eb60449fd1763732f81193d9303c2ba4b5785f37a0bb5af -||kelasdbadlkafg-uhuy28.ydns.eu^$all ! https://www.virustotal.com/gui/url/544ea0a11142e35cc324a55590ee72b0cf47ff8a1ef121171da063f4acbadad2 ||nan.ydns.eu^$all ! https://www.virustotal.com/gui/url/e013e4826117fafad60ad880bb6f35a15670c2b83d505410b88cac9583e49467 @@ -2850,12 +2323,10 @@ ! https://www.virustotal.com/gui/file/358f2a778fa197fc3b032f0b85542b882f681e38c4156881874d66fc2bf2bcb0/relations ! https://www.virustotal.com/gui/url/dcff4e6feaebcafa1154a883ed9e1f99a9c34366a38857824f90794a66c3fffd -||fantecheo.tk^$all ! https://www.virustotal.com/gui/file/229a81a3b6e087abf33c1efc636c1d53f16edcc38d85a4b770eea39b89450bdf/community ! https://www.virustotal.com/gui/url/2dd1e17f56770c371eccbd9249b6ea24a19f6db0bf7a3f68390d82d5493ac764 ! https://www.virustotal.com/gui/url/17480555897004a56e48ee43332b40d248dcf212eeb040657e4820d26b10611b -||lg-tv.tk^$all ! https://www.virustotal.com/gui/file/4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7/community ! https://www.virustotal.com/gui/url/f3a89082bcd805a128c00fad66bc504738a215d67431f16a8387e158f09d9d45 @@ -2892,11 +2363,8 @@ ! https://isc.sans.edu/forums/diary/Hancitor+campaign+abusing+Microsofts+OneDrive/27838/ ! https://www.virustotal.com/gui/url/e63cf4d17b2716b95d041eb34ee11a979a9f8005112eddd221d3ce5c3d43c1c3 -||woureves.ru^$all ! https://www.virustotal.com/gui/url/ddc1000d6d3f312b010272f412c0f550a507b94406bbbdc8d288d3889e97b4fb -||scorlduce.ru^$all ! https://www.virustotal.com/gui/url/a1bbf36ec20a1662d79dde4adaf0ac4315ae836c1b3e8cbcda34061ec5772e96 -||belloweek.ru^$all ! https://www.virustotal.com/gui/url/f7d235c94eda440c1335577df536eebb972c0ce28b8a690067277cd2dfc767f1 ||149.248.34.65^$all ! https://www.virustotal.com/gui/url/eb4bea99390d6174b9cf2efae95bdc22537b6a4cec73fbb4c58dda98b5f1778d @@ -2906,12 +2374,10 @@ ! https://www.virustotal.com/gui/file/ed6ecb1de00df221e31b189bd85fd9dfb1f264021efbb0d83018a2247e294d87/relations ! https://www.virustotal.com/gui/ip-address/103.155.92.211/relations ! https://www.virustotal.com/gui/url/bbefad46389e25cdf31e4aebcebb13dbe77d5fe45f9dd14e9755f2dd601653df -||aznbilling3829.com^$all ! https://www.virustotal.com/gui/file/5bb7ab8d474109d82d8dfa3aae223df280517fe425a54d33d16ef5d00d49fcc1/community ! https://www.virustotal.com/gui/url/52028461d168b1a88b59e92ac8f040bf3e1e3dec3376d43b80cff0278f26f039 ! https://www.virustotal.com/gui/url/06f20ca243d075ae997b8635caa6deda3d29a5177c56e068020fb7c902d5dc6b -||installcb.ru^$all ! https://github.com/brave/brave-browser/issues/10470 ! https://www.virustotal.com/gui/url/8506229caba5b07f8bde7815d0135660479284a48bbbae7b97d7047693dc60c4/detection @@ -2927,19 +2393,14 @@ ! https://www.virustotal.com/gui/file/d838cfaf7b197d6c3379e2c5daf269cc422a09df556de6ca08fe174b4906b3b6/relations ! https://www.virustotal.com/gui/url/21dec0d2c9ef69e6d000ce22057a7dffae415d345f4e4175ec37bbd715471443 -||staticimg.youtuuee.com^$all ! https://www.virustotal.com/gui/url/0f07c02840b99373669f948b57b8caac5a01012afae2b9c0f5e7fa50758eb14f -||youtuuee.com^$all ! https://www.virustotal.com/gui/file/295dd067b7f19b756d75984c9534758cb8fcb8b0b4b0bcc148633cd5d089b4e0/relations ! https://www.virustotal.com/gui/url/a648e9208b432873fe74e73f01c310f484efc996ad6bcf547aae3930ecd54f86 -||dependstar.bar^$all ! https://www.virustotal.com/gui/file/dd769290ce8c125926aa85f310f4d56a0ebe7c01c0bf95238744d36e3ed0d95d/relations ! https://www.virustotal.com/gui/url/01aadf0975deb47a2c37dcd42d788cb7dce3b9468676bf3cb796a25ba5cf568c/detection -||ireiureoi0dwoi.com^$all ! https://www.virustotal.com/gui/url/f8734d7fd2a2b5c62ca36c7ea0dec1c4c58d06df088f46646a80b94b8b9ff7d9?nocache=1 -||www.ireiureoi0dwoi.com^$all ! https://www.virustotal.com/gui/file/b9ffae5037308a99ca3d3aecc696089829efe8d1e442b91c9f14b39e17318f35/community ! https://www.joesandbox.com/analysis/489369/0/html#domains @@ -2949,11 +2410,8 @@ ! https://www.virustotal.com/gui/file/bf72cee251615ca0af6b861fd4abf781b007249d3b0bc8612bcb37bac0d427f5/relations ! https://www.virustotal.com/gui/url/c987fe2e41bf2e3f4902ebe366e26a3b91fadc301891ca5113fef3d42c89d85d -||freshjuss.com^$all ! https://www.virustotal.com/gui/url/6a04408bd9434747ed3d80ac80363ba0973da6793d6b360b4f9483785abda879 -||sunnsongs.com^$all ! https://www.virustotal.com/gui/url/e60dc17a5db9bc36e65c5f3d563f9551097211bad8c8ae985ad943f04de2eaa3 -||tech-unions.com^$all ! https://www.trendmicro.com/en_us/research/21/i/cryptominer-z0miner-uses-newly-discovered-vulnerability-cve-2021.html ! https://www.virustotal.com/gui/url/19a7942479111194f955ba52b30d5fa422ae99ae57a306199def24833ed9750f @@ -2992,7 +2450,6 @@ ! https://www.virustotal.com/gui/url/51da56828b0cd9d4d4514feb74038aefb01dc4188da398f1666983766914c156?nocache=1 ||steamcommnity.com.ru^$all ! https://www.virustotal.com/gui/url/83ce8c920a22c9550591e52839fd540ee7a37b941e3419780b17e195fcfb9b28?nocache=1 -||steamdlscord.com^$all ! https://www.virustotal.com/gui/url/81880d767bab8515cf71ce37ebe7b56d8448184b96999f6cc4ce70d2b6c68949 ||steamdiscord.com^$all ! https://www.virustotal.com/gui/url/0a8ea816672728b0e9869f65e4788471880746a65f3f8f2215789d0edfe278d3 @@ -3022,7 +2479,6 @@ ! https://www.virustotal.com/gui/url/4a2cff70405ed300ad14b2294eb06c9adff5354911f70229085deecc7048637b ||yourbigexplosivewin.life^$all ! https://www.virustotal.com/gui/url/ff99d9ba468539c01896ef8b380819c07b8af40792d83beccea2d76064ebf781?nocache=1 -||yourbest-dating33.life^$all ! https://www.virustotal.com/gui/url/134a3e4324ca33c19c529aa554ff193a96b48ae6213323a957f5752641a8014e ||bestdatinglocal1.com^$all ! https://www.virustotal.com/gui/url/385edcca4e25f51083f593a4041f834fee5c903a93f5f66eab50f65df61c811c @@ -3032,7 +2488,6 @@ ! https://www.virustotal.com/gui/url/a7f1c2d1c02cc824bb93c1ba1d147d9fc1464bb3a4aeb937922d6bbdec84ffff?nocache=1 ||findlocalgirlnow.com^$all ! https://www.virustotal.com/gui/url/c5126c3b175c6fa50d96443ecca99b75c881420248ec020c7cd567715839410a -||vip-lady-dreams.com^$all ! https://github.com/uBlockOrigin/uAssets/issues/10075 ||the-crypto-genius.net^$all ||www.the-crypto-genius.net^$all @@ -3041,12 +2496,7 @@ ! https://www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/#Indicators%20of%20Compromise ! https://www.virustotal.com/gui/url/ba74801a83395bf008a256d5aca561801147e526b8c48cb282ecdd80bd96bea6?nocache=1 -||credits.offices-analytics.com^$all ! https://www.virustotal.com/gui/url/b048f040c5eefaf71f54c4bf7080251213237efeb6c715d832804fba146af9fe?nocache=1 -! https://safeweb.norton.com/report/show?url=offices-analytics.com -! https://www.siteadvisor.com/sitereport.html?url=offices-analytics.com -||offices-analytics.com^$all -||soffice.offices-analytics.com^$all ! https://safeweb.norton.com/report/show?url=45.192.178.206 ! https://www.siteadvisor.com/sitereport.html?url=45.192.178.206 ! https://www.virustotal.com/gui/url/581dea1d4c2a4f52d39edf1b25b780e45e2cbad3a5d233883e96063949f840ab?nocache=1 @@ -3064,9 +2514,7 @@ ! https://www.virustotal.com/gui/file/711620f91b4409e11e714ff6ac3979168d52a5ee895e2fe7b84f78f83fdd43d0/relations ! https://www.virustotal.com/gui/url/35ed5852d27c5fa5ffddfce2f18cbb90326bcf424caa26bae3e39f6d32dad4b9?nocache=1 -||safialinks.com^$all ! https://www.virustotal.com/gui/url/9df82ea3e35554ead64340457ded7711981030775cb2c9148c0825216903c396?nocache=1 -||best-link-app.com^$document ! https://www.virustotal.com/gui/url/e5e656f97a5b6d10b597f044e9c5138da7c78bc8b5039671bcdefc0a03c4066b?nocache=1 ||connectini.net^$all ! https://www.virustotal.com/gui/url/163b04d23a3d0c2088a3d410495ba198d031b0690f38cae8bb5f57b096ca0685 @@ -3081,17 +2529,11 @@ ! https://www.virustotal.com/gui/file/79dc17855e41c95a144280cff99422932721209dd97cd28dcd985746e339397c/relations ! https://www.virustotal.com/gui/url/b1343d5895137c740eb5d3c7ff54a8c581bafdf9fa9a825a828bf154fb48ac15 -||umayaniela6.top^$all ! https://www.virustotal.com/gui/url/088c15e76cdf82fd6bc0e126277a81eb2bced818efc5601f5603c872dcad398b -||kimballiett2.top^$all ! https://www.virustotal.com/gui/url/bbc218634d97a3e4ceb733c2c86d5bc0f891cc71bd2cc1db3b8e48cc27f8d5a6 -||xadriettany3.top^$all ! https://www.virustotal.com/gui/url/ed8727d53a3f207de5f60ed17d3651eccce46fb4b21bcae25fcba1a503114822 -||jebeccallis4.top^$all ! https://www.virustotal.com/gui/url/664405743b165905efc46ec3e31756a393ccb78e6b5785e58648f89d523e704d -||naghenrietti1.top^$all ! https://www.virustotal.com/gui/url/f469f3826024bb2ff2077fe4a60b335009e1d4fd77f17e652939f68c651c73ed -||privacy-toolz-for-you-403.top^$all ! https://www.virustotal.com/gui/file/a4c3d60102ff72d89963df742fd50a4b7dc32a23ea3cf7a78dd3a4685397d270/community ! https://www.virustotal.com/gui/url/e7fc198fae69309fe7039577cf72e9a86715c9feb4629497256ba7b559d9fe56?nocache=1 @@ -3101,40 +2543,25 @@ ! https://github.com/DandelionSprout/adfilt/issues/287#issue-1013759704 ||youtuba.com^$all ||polyhymnia-mar.com^$document -||trktrk.club^$document ||virpropcnow.xyz^$all -||betacdn.xyz^$document ||avprotectionoverview.com^$document -||www.avprotectionoverview.com^$document ! https://www.virustotal.com/gui/file/2cdac05088d51a5ebb646fbba3c305ec14c950dc1ce3b3d51da5aa6584774429/relations ! https://www.virustotal.com/gui/url/f5d971136a1bdee73ef5c26273b1821a8b23cb7e2d1c4e81e8299aa7506846c7 -||znpst.top^$all ! https://www.virustotal.com/gui/url/ce978db4fa1566a3c37eee7b591a7065185486e2ace9c1a70447b7f39bba36cf?nocache=1 ! https://www.siteadvisor.com/sitereport.html?url=186.74.208.84 ! https://safeweb.norton.com/report/show?url=186.74.208.84 ||186.74.208.84^$all ! https://www.virustotal.com/gui/ip-address/186.74.208.84/relations ! https://www.virustotal.com/gui/url/f065d589990d04aec1d4f6b19b8c9d663206f79119154e9999e13cce992d7f31 -! https://www.siteadvisor.com/sitereport.html?url=revgmkegctflpes.ru -! https://safeweb.norton.com/report/show?url=revgmkegctflpes.ru -||revgmkegctflpes.ru^$all -! https://www.siteadvisor.com/sitereport.html?url=vtlvoysmqolcjxh.ru -! https://safeweb.norton.com/report/show?url=vtlvoysmqolcjxh.ru ! https://www.virustotal.com/gui/url/0e638edf895771adede653e1ba39a733e90b7b746546c1d0fad9d228042411b8?nocache=1 -||vtlvoysmqolcjxh.ru^$all ! https://www.virustotal.com/gui/url/c6a6b915883afdcdb0e0fd1a163961d4d21b5bbb9cd4b60f7152e3bb045b0334 -! https://www.siteadvisor.com/sitereport.html?url=idndimconxwlxaw.ru -! https://safeweb.norton.com/report/show?url=idndimconxwlxaw.ru -||idndimconxwlxaw.ru^$all ! https://www.virustotal.com/gui/url/8c394741286dd2b8ddc88592bef230075eca394f25684ae8a3faae1ce4ad251f?nocache=1 ! https://safeweb.norton.com/report/show?url=gmpeople.com ||gmpeople.com^$document ! https://www.virustotal.com/gui/file/fab15b7f61f816cf3128cc02c96d98d3385533087bc5afe3cd3799e7e034ce7f/relations ! https://www.virustotal.com/gui/url/6803550abaac24624762c5ee233c4787f642bd8ee8eb36cd4f868507f55dfcec -! https://safeweb.norton.com/report/show?url=fiskahlilian16.top -||fiskahlilian16.top^$all ! https://www.virustotal.com/gui/url/f7dfb550983e3512c09a40b41d50e4293ed4a65f87fbb39a9e2cdf9e8b711547 ! https://safeweb.norton.com/report/show?url=193.56.146.41 ! https://www.siteadvisor.com/sitereport.html?url=193.56.146.41 @@ -3147,9 +2574,6 @@ ! https://www.virustotal.com/gui/file/d4bcfc7eac31ab3310de4fe8feb66dc6e1d9555493722b50c6fab5d03c4f290d/relations ! https://www.virustotal.com/gui/url/3a606b479b0214bb3e7d9aa217a93fde5dca721b3c130566dc864f472ebdd46c?nocache=1 -! https://safeweb.norton.com/report/show?url=gcl-page.biz -! https://www.siteadvisor.com/sitereport.html?url=gcl-page.biz -||gcl-page.biz^$all ! https://www.virustotal.com/gui/file/4e56f35781fc7279ed306516e2cfd700e32daa86e2f11bdcfc6e8a62a487820c/relations ! https://www.virustotal.com/gui/url/dcc9d8d8de866bf04bc7d2b1f96882943af22cdc830a668a5e08037b55888000?nocache=1 @@ -3159,10 +2583,7 @@ ! https://www.virustotal.com/gui/file/0e8cfcf628f5194908892cbd2cadc68e685bef5101a6230d0d71110c88d4a9ac/relations ! https://www.virustotal.com/gui/url/a31a199e46cae063faa7f9f9e2592274b6dbbe078bd1704cd007c4c0b33cd159 -||hsiens.xyz^$all -! https://www.virustotal.com/gui/domain/hsiens.xyz/relations ! https://www.virustotal.com/gui/url/4a394ed1aff6e7694503408ee75ffbb201e29ac5ab04cbfca7f4e1b99f92d59f -||remotenetwork.xyz^$all ! https://www.virustotal.com/gui/file/98d9321dd873a34005bc3dfbf6c22de4f45fb2e979035c8a134001bc3b85e3d3/community ! https://www.virustotal.com/gui/url/0e921cd3130f8f73eab014d8028c31595307e795afd46d93f5aa52b1eff28bde?nocache=1 @@ -3170,11 +2591,8 @@ ||5.181.80.16^$all ! https://www.virustotal.com/gui/ip-address/5.181.80.16/relations ! https://www.virustotal.com/gui/url/bbae4ee1a3a3463171e1b31ca0312049b77b69009670bc2a652b96ae686af8e5?nocache=1 -||secure-recovery03.ddns.net^$all ! https://www.virustotal.com/gui/url/52655c6393b71c512d25ec9d50a6081210c2d076b5337851e41daf8c3bd8c691?nocache=1 -||secure-recovery02.ddns.net^$all ! https://www.virustotal.com/gui/url/0b6553e55a733643cac74afe65d3a94b3bf0f693a092d5299540a0d8de572032?nocache=1 -||secure02p-login.ddns.net^$all ! https://www.virustotal.com/gui/file/e7c7c7d017cc78e06708a646479e5130bde12fe63370fc104763c3e993593a45/community ! https://www.virustotal.com/gui/url/e8064c8f3b3a02087ff40b36445f87628368643901e47bbc3b371738b44b6328?nocache=1 @@ -3184,54 +2602,36 @@ ! https://www.virustotal.com/gui/file/04bc8fb0c217312979a1217434a83d5db80400108ace1beb802cb564d5424a81/community ! https://www.virustotal.com/gui/url/4ef11e71a899cff7fd0da643e8f4cecd795c45993b4f0e61b107fa9b2a7d036c?nocache=1 ! https://www.virustotal.com/gui/url/bc88104fdb5b2d5dc147b01ae3297de84cb06b723ff5082742b78fbffbfffb4d?nocache=1 -||no-vac.ru^$all ! https://www.virustotal.com/gui/file/fd4d8a70a36460fb62abfbb47681b531b2b085456583e84918c2c3ab8603c6a7/community ! https://www.virustotal.com/gui/url/c0c2010b4a8a44569685ffd48d1b4f8b15b61e14c47407ba5bce88aaf033bd7a?nocache=1 ! https://www.virustotal.com/gui/url/09d3907db18aa0e8b00e03815ee716fbbbfc24742c0c86a6937c9fa9012607c3?nocache=1 -||screenshoter.site^$all ! https://www.virustotal.com/gui/file/21f3ee4c865d930b2c8e194a01d4eb00563752e7e04cd380996a19b969d510a1/community ! https://www.virustotal.com/gui/url/3bbc9fc1eaec39b9c3b3de277b6e7217e10dc12d361f6f247e21aa3762091d65 ! https://www.virustotal.com/gui/url/f4dec34344ec5d8998b8a41521c1b78574859da5cb7764dccc289180f89dacc1?nocache=1 -||ck87769.tmweb.ru^$all ! Other subdomains of the same hosting provider ! https://www.virustotal.com/gui/url/31bdab820b394e3e93f7d22bb91ebb765886d91461997eeb009eedb95e8c57f9 -||cx97551.tmweb.ru^$all ! https://www.virustotal.com/gui/url/7a58869e4f342c33f79bb0f714fe7ed2de4bd329fe89b8e91bd3c0ccfc9bc64f -||ck33675.tmweb.ru^$all ! https://www.virustotal.com/gui/url/c300737ec442c6d7efbc1ace76316b33b9c135a2b8d6143a83a7b022f0086759 ||cp45362.tmweb.ru^$all ! https://www.virustotal.com/gui/url/cb7d93e3637997e9fcc6606994d30ab07636e020f88a3b163dfffd499e98cabb -||ce04337.tmweb.ru^$all ! https://www.virustotal.com/gui/url/258253e4fe630a53eb5cd3eb9b3709ddde430cb8179a1fadeb6719437ce828c8 -||cb64150.tmweb.ru^$all ! https://www.virustotal.com/gui/url/a58517846c0e060cd76d2834e69440a05ba6b6b96b75ab51c1d237f0eb6f2f60?nocache=1 -||ch31757.tmweb.ru^$all ! https://www.virustotal.com/gui/url/ed4cd95ea990528be8fd26517661ec6ed7ed96fdafaaa249271a4a56294da491 -||cr65212.tmweb.ru^$all ! https://www.virustotal.com/gui/url/bd390340baef52741ba921a7afdef46023d122e74ff007e04133b5417d457270 -||cd97574.tmweb.ru^$all ! https://www.virustotal.com/gui/url/8f2114831f1286ce197982abdb2da720fce7389619ef8bcc01426b584f633560 -||ck67220.tmweb.ru^$all ! https://www.virustotal.com/gui/url/0ca2cfe7ca2d38645828cc6c347e52b369454416a5163c0ce583e8102f5fd922 ||ci69056.tmweb.ru^$all ! https://www.virustotal.com/gui/url/c35d74af6b1fc7a34b881678125413a70f5a386726246250f28cbad0e1b1b270?nocache=1 ||co89927.tmweb.ru^$all ! https://www.virustotal.com/gui/url/e883cff914f661cdbe26f542159d2793567b0c713ce6497f1b8465cd8e4a7658/detection -||cc07188.tmweb.ru^$all ! https://www.virustotal.com/gui/url/8b284c4cd9fb3b3c1fb620952b6e2c1097d485feee151aa561dc4746de604f47 -||cc90414.tmweb.ru^$all ! https://www.virustotal.com/gui/url/fa8e0395cfa0a0d6f2c2b035943662534431b410ce7c37a3ba6753dfd3896f63 -||cm87258.tmweb.ru^$all ! https://www.virustotal.com/gui/url/79fa6b8a78bdabafec9fc5c81121be14b721b408b5f1ec7ecbc330aaeefcdb7f -||cj12178.tmweb.ru^$all ! https://www.virustotal.com/gui/url/33a4a7ff0fd896977f9f9f292c94e151701daa0b035dea5e78e3632b7568b32b -||cn07057.tmweb.ru^$all ! https://www.virustotal.com/gui/url/2b346d37ac9ea3c081fe3dba16629672bbd1881c2b3562883e1d464020e308a2 -||cx94670.tmweb.ru^$all ! https://www.virustotal.com/gui/url/aa5f4bc156a1ee1f0f0e4931869fab148b934858b644de457fe9406685b2234d -||ct36568.tmweb.ru^$all ! https://safeweb.norton.com/report/show_mobile?name=cnw-offers.live ! https://www.virustotal.com/gui/url/2ba31261ba9e47d8fed7672e7dc6e93daba6c9b312aed3acbfd9b7e52c893fd4?nocache=1 @@ -3251,7 +2651,6 @@ ! https://www.virustotal.com/gui/file/57315cddae2c029d8b29557c7f2cd049a5a96dfc2134da57ab6bc0ac84997e5f/relations ! https://www.virustotal.com/gui/url/4de94f3252e57342a6d457da9d614d1a9163047f4b5ad82d6345512e140dcf96 -||qrextechnologies.com^$all ! https://www.virustotal.com/gui/file/5cf788e38508a9f9dbce08142591763ff947fc590ae2fe162a5f2f1849b2c695/community ! https://www.virustotal.com/gui/url/34ca9c40f7903c046ecd75b8a09ef35b8b656e90a760ec1b8ff27f72053dfe55 @@ -3259,11 +2658,9 @@ ||89.223.70.202^$all ! https://github.com/uBlockOrigin/uAssets/pull/10142 -||skyblockmods.com^$document ! https://www.virustotal.com/gui/file/30ac6a662fbc040f84b7cc5b940768a1ea01ed3bd8bf257c27573ba343069ecb/community ! https://www.virustotal.com/gui/url/1055992de540e1c10c0acabff8c8d1384a1af951cc0687d96accefe5e051d507?nocache=1 -||privacy-toolz-for-you-3000.top^$all ! https://www.virustotal.com/gui/file/78f490e503c86eaaff5760197b9ff5308ed6e03161af13194a6c1e0cd95422de/community ! https://www.virustotal.com/gui/url/99d19655ee6442f8e9ba53bda64a2bf9a7179112e3979b22a91e7bcc3fcf41f7 @@ -3271,13 +2668,9 @@ ||23.94.26.138^$all ! https://www.virustotal.com/gui/ip-address/23.94.26.138/relations ! https://www.virustotal.com/gui/url/1a40cdf06751e1059cb93468639753d245b4c8b8dbc5401e5652ab146b738057?nocache=1 -||amazon.co.jp.csphp.shop^$all ! https://www.virustotal.com/gui/url/8a1c1dc11bea3c96ed1685368b431afe7e541aeeffd09494261293f21f113404?nocache=1 -||amazon.co.jp.ispco.shop^$all ! https://www.virustotal.com/gui/url/fc2d3355d386d3eae4f313b174c23bd0b0f35599cf222e94e034a66857ea5464?nocache=1 -||maoenzamco-jp.shop^$all ! https://www.virustotal.com/gui/url/c58a2554592c21450744a41ee03fc196b098ca609bf2cac6e8b2798eccd7a80d?nocache=1 -||maoenzamco-jp.xyz^$all ! https://www.virustotal.com/gui/file/7ef56a82a83ab840c3dc7a517e67cf2875c76263e81dad66698de25e7a1e865e/community ! https://www.virustotal.com/gui/url/570a9fdbd5145712d82a43e08d5c1ce6c17f394e85d9c39295e780fb969a593a @@ -3305,10 +2698,8 @@ ! https://www.virustotal.com/gui/url/956c451fe61038377026bee53c4eeff67ab3efe69f5c4c6e22b3c1dbde10ced1?nocache=1 ! https://www.virustotal.com/gui/url/8c1e1a8a80c515d411b4e22d36ddb0535427c73f2b7c8b3ae7a672ad208c89b2?nocache=1 -||aquashi.bilalimtyaz.co^$all ! https://www.virustotal.com/gui/url/681dfdb12bcaa2facfb6eefe51d671387f111134f1661e336d63c5e6b207aa10?nocache=1 ||bilalimtyaz.co^$document -||www.bilalimtyaz.co^$document ! https://www.virustotal.com/gui/url/efdaf6927a66f267f8e834a1d685e76025f3c8ad29b8d950289ceb43c18a3477 ||machinesalaver.net^$all @@ -3326,13 +2717,11 @@ ! https://www.virustotal.com/gui/file/da8e8a3674bb74752cc61703310b75756db86196f957dcbb1efb64dec6f45280/community ! https://www.virustotal.com/gui/url/448da47e3e945d8ff23f94c90b37767c8901803ee7ce24cc0145f10a3f6ebc2f -||teletop.top^$all ! https://urlhaus.abuse.ch/url/1661195/ ! https://www.virustotal.com/gui/file/a8e1e13995a1af35365965d172b801e128f52da0afc6a6a6fc7180210614c2fc/community ! https://www.virustotal.com/gui/url/2c062edfe4bc49c0e194c953c511efbeeeb1e894394922f685ec9dc16acd5001 ! https://www.virustotal.com/gui/url/a119a996204d12ffa0314429dbece549931f3bf0135bca6a258cfef3c56658ff?nocache=1 -||dc-repository.com^$all ! https://www.virustotal.com/gui/ip-address/172.64.80.1/relations ! https://www.virustotal.com/gui/url/ebcf1fd2f7371d21cdcc9f3ccee579ed86f8afcdeafd1605337edd9263d84525 ||6c4db3c7.voag.cn^$all @@ -3348,26 +2737,14 @@ ||8fde7a98.voag.cn^$all ||f7e5f8c8.voag.cn^$all ! https://www.virustotal.com/gui/url/1d6d895e31ee0309478435925e1fc0e46ac8e0f3b559b7e4a8e399a356590e00?nocache=1 -||221dce23.tlkdfkfkf3jlsd.org.cn^$all ! https://www.virustotal.com/gui/url/0667143920224986a70d91f82898402058d4ad3fb3a68696b4e27e8b40c0f9c0?nocache=1 -||tlkdfkfkf3jlsd.org.cn^$all ! https://www.virustotal.com/gui/url/643c8146935a0fdfff56258dd2728fe932a045c62fe7cde7b0891245ecd0a7e5 -||60ed7e0c.xjeasthope.cn^$all -||xjeasthope.cn^$all ! https://www.virustotal.com/gui/url/7a00203cc28e3b8f3a97e7f48c8180549b3e5e8b96c5fe1527127b1451a06853?nocache=1 -! https://safeweb.norton.com/report/show?url=web-microsoftonline.com -! https://www.siteadvisor.com/sitereport.html?url=web-microsoftonline.com -! https://sitecheck.sucuri.net/results/web-microsoftonline.com ! https://hybrid-analysis.com/sample/e454f5042ad548a813a0c1b6632b598402a217a1461bd7440f0e429eacccc72b -||web-microsoftonline.com^$all ! https://www.virustotal.com/gui/url/52ce844b63b58e884bcef53d1ae4c70ddf9188869c736d6077fe3a4a4670c30f?nocache=1 -||mail-owa-login-outlook.web-microsoftonline.com^$all ! https://www.virustotal.com/gui/url/df1a3b48d866b6a20e3e63a851b4c71fd613b81e22a4bbdfe41e1c3546017204?nocache=1 -||7c4e6f1e.designqueen.cn^$all ! https://www.virustotal.com/gui/url/ea7706ee9a7caa025cdce0328ead4efd53b6329cdeb5a7664532878994061a6b?nocache=1 -||designqueen.cn^$all ! https://www.virustotal.com/gui/url/abbdf776c0429d77396488a3de15eb54028477dccbd13faf405686bb6b0339aa?nocache=1 -||resgateaqui.io^$all ! https://www.virustotal.com/gui/url/c6e4e51aaafda4a149819ff6a28a2b73f3c11e844b456e0da5fbd169f5c1c88c?nocache=1 ! https://safeweb.norton.com/report/show?url=octarine.cc ! https://www.siteadvisor.com/sitereport.html?url=octarine.cc @@ -3375,9 +2752,7 @@ ! https://www.virustotal.com/gui/url/354b22add703bce89084132b7cc6abd16caac0d35098577bf06b4103afbd8ef3?nocache=1 ||ws.octarine.cc^$all ! https://www.virustotal.com/gui/url/63cc40f11fe21e1f077686a0c5b7a0cb7b18602a8f835f5c29c3ea40ecfedac2?nocache=1 -||guidereviews.bar^$all ! https://www.virustotal.com/gui/url/b5885857aceb9e5b077828d683d6484cb243ae95f4fdd79b4eac27bd7a212d31 -||onet-chelm.xyz^$all ! https://www.virustotal.com/gui/url/b864e3e2e32b719ae3ba41ca16752fb765ac20c2e77eda8e1123168ef1270465?nocache=1 ||jom.diregame.live^$all @@ -3391,7 +2766,6 @@ ! https://github.com/uBlockOrigin/uAssets/pull/10163 ! https://www.virustotal.com/gui/file/5a0cf59fd7743ab14b9a66b5b1e07c52858109cab2ab7b2c68c940cd0a4fa5b1/detection ! https://hybrid-analysis.com/sample/5a0cf59fd7743ab14b9a66b5b1e07c52858109cab2ab7b2c68c940cd0a4fa5b1 -||hypixel.run^$all ! https://www.virustotal.com/gui/url/b2936e74f35940d2f09cabf4e089a0d655e62a5fc08ad32e1fae79a62683683f?nocache=1 ||saimission.org^$all @@ -3409,7 +2783,6 @@ ||newxporn-getxi7.duckdns.org^$all ! https://www.virustotal.com/gui/url/40b5bc0be82da405df9850f26ad80f1bd1a72b60a36f30de9918a2ecbfe602c5?nocache=1 -||pancinhabrasil.duckdns.org^$all ! https://www.virustotal.com/gui/url/67311437a681e827d4159aa5c022388c45a2097d777992de386616c9d4dc2694 ||pemersatubangsa18.duckdns.org^$all @@ -3419,13 +2792,11 @@ ! https://www.virustotal.com/gui/file/22dcea7dc8afc3f7cf77555d885e606260b782de2ad4faa7797e35ed23fcc428/relations ! https://www.virustotal.com/gui/url/69adfadca578dec1ae7e3007de381bc076ecbe6bcb6e95e4361ea40204a9adc3?nocache=1 -||smtp.hermanosflerro.com^$all ! https://www.virustotal.com/gui/file/ac5a95221b895545eb04cfea29693288d7b432ad313f6bfc9db2ddf86f085a63/community ! https://www.virustotal.com/gui/url/d5b4a8add4c074afa6887f2cacda6d07aabfc25b53728001e8de1fb85f32582e?nocache=1 ! https://www.virustotal.com/gui/url/70e9fc15c4913c13f47ce4e085a7625dc4d712770cd49cd5c86a30ca169aee29?nocache=1 ||205.185.126.200^$all -||medpro-131.getfoxyproxy.org^$document ! https://www.virustotal.com/gui/url/febe7565c3ff6ba247da14f06b3ca155d1c77ac3c20e93bf196fbc8c7b943331?nocache=1 ||605b10322b729.site123.me^$all @@ -3552,20 +2923,16 @@ ||216.21.13.15^$all ! domains which resolve to this ip ||nctylivpwhpby.com^$all -||phhitgjxsit.com^$all ! copied over from URLHaus ! https://www.virustotal.com/gui/url/17dc2fd952fa93eb7454c0b4c28c64449cfa304698cdb548ca3eeb8bbff74ac5 -||thehotelshowdev.bitkit.dk^$all ! related ! https://www.virustotal.com/gui/url/f1eea95b1481268d62d7364db652c7270ba97eefab0baf95900fe7a41f762c56?nocache=1 ||big5constructnigeria-staging.bitkit.dk^$all ! https://www.virustotal.com/gui/url/b8204dccdc491d684fa368f4d6e86c8c534d4850b6e3d4b84fc0c3258e620f6a?nocache=1 -||big5-nigeria.bitkit.dk^$all ! https://www.virustotal.com/gui/url/3845cb00bad4746c089783fd17e726b591247bbc8b1d673c48c1aeb1af1cc8b7?nocache=1 ||www.big5constructnigeria-staging.bitkit.dk^$all ! https://www.virustotal.com/gui/url/0a0ed26862fa61faae7e9f4fe22522e3a395a817f7b1f23d121d3bd7d97af5f5?nocache=1 -||bromic-staging.bitkit.dk^$all ! https://github.com/uBlockOrigin/uAssets/pull/10169 - possibly hacked ||gesas.it^$document @@ -3578,13 +2945,9 @@ ! https://www.virustotal.com/gui/url/a69553e45990e6d08196d8fd4bed972e758e185649c16bc5738fa57dc4059e1a ! https://www.virustotal.com/gui/url/c06d6fc6ac0fb7515881596dcb257b0a16edcfbc06ea8e0027becdc50a4c6ced -||sms-usps.com^$all -||e.sms-usps.com^$all ! https://www.virustotal.com/gui/ip-address/94.20.59.243/relations ! https://www.virustotal.com/gui/url/26be2b650afc3fe06f0c08633e766468f9327aea8512c07e655a7c79fdc62b16?nocache=1 -||secure.portal-usps.com-delivery-shipment.faqshipmentforms.com^$all ! https://www.virustotal.com/gui/url/ffdbd6e5d385554aaad76b50001face0b4e1dbd665d3436d74c9c81c3335829a?nocache=1 -||faqshipmentforms.com^$all ! https://www.virustotal.com/gui/url/10e53037916cb82151c0cb7a630c45231c91a9242afc3d2acba6f11cbd8b22d2?nocache=1 ! https://www.virustotal.com/gui/ip-address/194.187.98.215/relations @@ -3602,22 +2965,10 @@ ||20.69.160.69^$all ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-940500664 -||aselink.guru^$all ! redirect chain -||sentencesavedress.top^$document -||yhzfyy.sentencesavedress.top^$all -||smevhi.sentencesavedress.top^$all -||apk-top.cloud^$document ||captcha-smart.top^$all ! https://safeweb.norton.com/report/show?url=pushbizapi.com -||wcvydp.sentencesavedress.top^$all ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-944619528 -||streamamongcotton.top^$all -||coxtuh.streamamongcotton.top^$all -||termquotientbeen.top^$all -||hlkyji.termquotientbeen.top^$all -||gwbiyl.termquotientbeen.top^$all -||pecgsm.termquotientbeen.top^$all ! http://vxvault.net/ViriFiche.php?ID=44061 ! https://www.virustotal.com/gui/ip-address/162.0.228.116/relations @@ -3652,7 +3003,6 @@ ! https://www.virustotal.com/gui/url/14f96ec63d4d6fedab8fa5cc851dde8bb0fbd8f6f3135bd615ae2a2307909820 ! https://www.virustotal.com/gui/url/7e01ac924967f2f68b859c97707c72b3a2c7f0bf24e8edb656cb850b8a925f3a?nocache=1 ||85.239.33.9^$all -||leak.serveftp.com^$all ! https://www.virustotal.com/gui/file/8a39f18caa77d52e80bec05f584ec50e733a3be1e33551d8902e95b9b0bfe6c0/community ! https://www.virustotal.com/gui/url/2f314d9d54c50bfa06cde62d4d33bf733c3b6ce7595c3f2074aa796cc56b1eec?nocache=1 @@ -3664,12 +3014,8 @@ ! https://www.virustotal.com/gui/url/d6a3d432703f24b239425d6ef45b90f0890f2d2f575ac275f7bd0a46e7f37cb3?nocache=1 ||45.148.120.171^$all -! https://safeweb.norton.com/report/show?url=office365.us.admin-mcas-gov.ms ! https://www.virustotal.com/gui/url/a4f1b7c097442f3aa404dd04ed5635b32462231fed4dadf2f751d3785aa45412 -||office365.us.admin-mcas-gov.ms^$all ! https://www.virustotal.com/gui/url/afd3b55acc8456bd313ee79d5a4afe552c27ae228e480b84f23484b3d0cee8b1?nocache=1 -||admin-mcas-gov.ms^$all -||com.admin-mcas-gov.ms^$all ! https://urlhaus.abuse.ch/url/1684798/ ! https://www.virustotal.com/gui/url/6696b04b4423dca4bce15e4cd8e95d8ffa7c0bd6006c82294c6874a4988672e9?nocache=1 @@ -3686,7 +3032,6 @@ ! https://www.virustotal.com/gui/url/5011653a6058ffd2e70982f0791cae5a6af725a9e86e1cce31f3b3f3d710cf63?nocache=1 ||212.192.241.126^$all ||secure03log.dynamic-dns.net^$all -||secure-autho7.x24hr.com^$all ||secure09gcf.ddns.net^$all ! https://urlhaus.abuse.ch/url/1679960/ @@ -3701,11 +3046,8 @@ ! https://www.virustotal.com/gui/url/8ab7fd033fa78b557c5651378c38d55b9f17e1deedc25ace256a381c5cf708be?nocache=1 ||kohjguj.ydns.eu^$all ! https://www.virustotal.com/gui/url/5d9f6f4b76a4dfce952e33c42b715bee464f252f28400de529be4dbcd8bc8a09 -||fanminta-idkadj023-1.ydns.eu^$all ! https://www.virustotal.com/gui/url/b79146d6867ccdccd03fe8773c6bed0722d22878a723560684834a1b57dbb30d?nocache=1 -||namniomowaer-ko2.ydns.eu^$all ! https://www.virustotal.com/gui/url/19800af912bfe8a7c3e21af62dfdbfdbeb6d15679689b264390db9eb5e7aff61 -||nakdjak232-adjka02.ydns.eu^$all ||wywtrwbnmhtytrebsgwtfcvzcxgjhyegvbcnmgte.ydns.eu^$all ! https://www.virustotal.com/gui/file/12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef/community @@ -3719,26 +3061,12 @@ ! https://github.com/mitchellkrogza/phishing/pull/87 ! https://www.virustotal.com/gui/ip-address/20.106.143.112/relations ! https://www.virustotal.com/gui/url/8cefce438cb87cc2005741e39dd6dd6c42b24f3558e874f7fc78a81ce2e6a0d6 -||supporteamcenter.ml^$all ! https://www.virustotal.com/gui/url/b55e7caf0c3eb128ec44c7c528f1f7f63d209ba5c5deaa31c4e1454592f9a5ee -||accounthelpmedia.com^$all ! https://www.virustotal.com/gui/url/7bd652f2338d6040c33569d3064ef57693684548831868db12d15b019b2908fe?nocache=1 -||tiktokverifysbadge.ml^$all ! https://www.virustotal.com/gui/url/473b27bb990289bcd530fd8034e21290a4660baab8634c90a8023026b9334bf6?nocache=1 -! https://safeweb.norton.com/report/show?url=coprytighthelpservicee.ml -! https://www.siteadvisor.com/sitereport.html?url=coprytighthelpservicee.ml -||coprytighthelpservicee.ml^$all ! https://www.virustotal.com/gui/url/2fc8eead5c798ba6b3e808bd53694a5374e0f3696c0730a9d5c72ee6e8907ee8?nocache=1 -||copyrghthelpmedia.ml^$all ! https://www.virustotal.com/gui/url/4f649d037dba81685361c482e684b1e4ff78c5d9dc3c55fb5f01da049c69adbd -! https://safeweb.norton.com/report/show?url=confirmforcopytghir.ml -! https://www.siteadvisor.com/sitereport.html?url=confirmforcopytghir.ml -||confirmforcopytghir.ml^$all ! copied directly from the 'files' tab -||licencefeedback.com^$all -||media-line-feedbacks.com^$all -||medialive-contact.com^$all -||hellyaaa.com^$all ! http://vxvault.net/ViriFiche.php?ID=44070 ! https://www.virustotal.com/gui/url/bf6d865eba3f7423017fad5f4e22e06693b2e7a5665eb428f8483207f41567f9 @@ -3789,11 +3117,9 @@ ||spacecom.site^$all ! https://twitter.com/soranker0/status/1449491402409185283 -||disordgift.codes^$all ! https://www.virustotal.com/gui/url/0766604b5f6e96930bd704fa007c07984b5e2c726633727176c8190f641e1050/community ! verified using VM -||bassmatters.xyz^$all ! https://www.virustotal.com/gui/url/2d5f25a5a72003888f05cbbd8bb0b14e9e81c53193314dd83b6415b68a20ca70?nocache=1 ! https://www.virustotal.com/gui/url/43f91dd76b8f8216917b6ae9083136d68926c203274f85457384c97dfc0548ba?nocache=1 @@ -3810,25 +3136,19 @@ ||114.239.16.227^$all ! https://twitter.com/JimBrowning11/status/1449864787953868805 -||primark-entry.com^$document ! https://www.virustotal.com/gui/file/a24784cc4bd53f7d3ca9700802dd60d01bf245128e95800ccd60841f1e1075f4/community ! https://www.virustotal.com/gui/url/bf84d1d244fe0a0d411228d638bb7f6a3375dd19e6669990742c5a624a0bfc1b ! https://www.virustotal.com/gui/url/158dc023198fd5d8e79f945d1d0870f0671a51b120605f7aab26b224e0d417a0?nocache=1 -||tynwyl15.top^$all ! https://www.virustotal.com/gui/file/a56535178bb2c4e9fdaf4c5c6d26d58224b9bfac8b0c4be2b035b778e6ef6d9f/community ! https://www.joesandbox.com/analysis/507864/0/html#domains ! https://www.virustotal.com/gui/url/0dc6b3a097d135dbbd708be923fb7427a9c15ab16009f13b5905b811aeea9704/detection/u-0dc6b3a097d135dbbd708be923fb7427a9c15ab16009f13b5905b811aeea9704-1634881745 -||wowsugarbabe.top^$all ! https://www.virustotal.com/gui/ip-address/78.155.222.151/relations ! https://www.virustotal.com/gui/url/17695b568788594c391b2e9f4c5ba1ae25865ca5ae26fa4435d02431f490d427 -||greenfreedom.top^$all ! https://www.virustotal.com/gui/url/71d5f737637145ae7ec15c1e52e28be336b31a737c6f2452408a805024fccc54?nocache=1 -||avito-kasso.ru^$all ! https://github.com/uBlockOrigin/uAssets/issues/10171 -||discordrgift.com^$all ! https://github.com/uBlockOrigin/uAssets/issues/10181 ||nbryb.com^$all @@ -3854,17 +3174,12 @@ ! https://www.virustotal.com/gui/file/d88640b60a99a39f22a11731d0fc886fd2c9fdfb094f42886e6ba419025e69ec/community ! https://www.virustotal.com/gui/url/abc5fea5e762b77da6a300237c5e8fc355f939b0150bde4c8b7c396f7469216d ! https://www.virustotal.com/gui/url/ecd58f7b49ef63c477bd358521b5ca0516e5c1dcf024e0b42d307445e05e87ad?nocache=1 -||triathlethe.ug^$all ||185.215.113.77^$all -||courtneyjones.ac.ug^$all -||jamshed.pk^$all ! copied from https://github.com/Spam404/lists which was maintained by https://spam404.com, but which appears dead ! LICENSE: https://github.com/Spam404/lists/blob/master/LICENSE.md/LICENSE.md ! modifications made: selected alive scam domains, added the domains which they redirect to ! if I have misunderstood the license conditions, please contact me via GitHub and I can remove this content -||localchick-here.com^$all -||fckme8.com^$all ||rarshare.com^$all ||www0019876.com^$all ||megapolis-hack.com^$all @@ -3888,8 +3203,6 @@ ! the password for the RAR file is 111 - the exe inside: https://www.virustotal.com/gui/file/0218dd62759681af9aa77bfbd8f43af8de695b7426bb74aecdcd9f25ee53f3da ! https://www.virustotal.com/gui/url/ba49ec05e194d21d7f903067ca99fb28ad8fe586b2fc17dbc8482d1b96b1c6f9?nocache=1 ! https://hybrid-analysis.com/sample/0218dd62759681af9aa77bfbd8f43af8de695b7426bb74aecdcd9f25ee53f3da -||free-softs.net^$all -||www.free-softs.net^$all ! https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/ ! https://www.virustotal.com/gui/url/f3137ce6af12221e3c89953f2365c963032695bc2187b5e0007748068397f90b?nocache=1 @@ -3904,11 +3217,9 @@ ! https://www.virustotal.com/gui/url/e59ad4ec1667e5893f6ab673b3ba1459a4eb8296650ae210bd6d66501d78d339 ||ywbgrcrupasdiqxknwgceatlnbvmezti.com^$all ! https://www.virustotal.com/gui/url/dccf23cd90d0048b3ad9267199ea4b22d19016825b29f63309524805cde54ef3?nocache=1 -||hm2.yrnykx.com^$all ! https://www.virustotal.com/gui/url/c3adbd339810edafebf8ccc5819a06e0c8d1fb1c0156d816e481ba0be4c4920b ||yhgrffndvzbtoilmundkmvbaxrjtqsew.com^$all ! https://www.virustotal.com/gui/url/e467e9e449d7c375cbebf3e04f6afd9943084d79437b1043f56a8a38a41ba932 -||wcmbqxzeuopnvyfmhkstaretfciywdrl.name^$all ! https://www.virustotal.com/gui/url/bdad8846cfe9cffdfe63c56d333a14a580b7e54b0fcb3e1e1faa397e7689e388 ||ruciplbrxwjscyhtapvlfskoqqgnxevw.name^$all ! https://www.virustotal.com/gui/url/7c8b73e89ec7c0c5c8daf50b6849630831213a3c86f1834964ef7143f5fa4d93 @@ -3920,7 +3231,6 @@ ! https://www.virustotal.com/gui/url/13aa4d7c701883f00056378d3797235cb2a02ec6db92d3f05288b367a550b01a ||etzndtcvqvyxajpcgwkzsoweaubilflh.com^$all ! https://www.virustotal.com/gui/url/dab6733a9fe1a7d60c2ee530a3d4c55e854b1e27cf0d6f6eb5e780b6bb92313c -||esnoptdkkiirzewlpgmccbwuynvxjumf.name^$all ! https://www.virustotal.com/gui/url/68f784279b6138317f18fd2575e00f4789ea44bb5b6fd78329ceb182f3cd9a26 ||ekubhtlgnjndrmjbsqitdvvewcgzpacy.name^$all ! https://www.virustotal.com/gui/url/176ef35507b54fcd3ca42471e2d36625a0a9e2aea57b4df1072c9d9f6afe4237?nocache=1 @@ -3944,34 +3254,18 @@ ! https://github.com/iam-py-test/investigations/blob/main/2021/10/24/1.md ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-950351144 ||google-yandex.info^$all -||pumicer-unreturned-hemipteron.xyz^$all -||sleuthlike-phantasiastic-handsome.xyz^$all -||powerskyslip.top^$all -||zbpfrd.powerskyslip.top^$all -||xdqsrg.powerskyslip.top^$all -||disturbative-descriptively-undeflectability.xyz^$all ||cloud-apps.store^$all ! https://www.bleepingcomputer.com/news/security/popular-npm-library-hijacked-to-install-password-stealers-miners/ ! https://github.com/faisalman/ua-parser-js/issues/536 ! https://www.virustotal.com/gui/url/742d7241eae804d130351df3b936980e4c89d98a3c59ab98a8bd25cfe6019069 -||citationsherbe.at^$all ! https://www.virustotal.com/gui/url/c8d68722a01ab94c011ecf3ae6ccbfd709f406ab985968cd977ba4b2de0d37ad?nocache=1 ||159.148.186.228^$all ! https://www.virustotal.com/gui/file/b64ab676ffe01925adc506eebcc62f6edc901e017c339af5d90f6d64292e9822/relations -||dirfgame.com^$all ||abmaxdigital.com^$all ||shpak125.tumblr.com^$all -||topstylesolutions.xyz^$all -||zertypelil.xyz^$all -||pcfixmy-download-96.xyz^$all -||densalenge.xyz^$all -||ivaloribar.xyz^$all -||qumaranero.xyz^$all ||iplis.ru^$all -||dwarimlari.xyz^$all -||my-farlab.com^$all ! https://www.virustotal.com/gui/file/3ae5f736bfce95b0611a36c8bcfa56bf0f13a00f69076bd9c70cdac71f6dda61/community ||persianlanguageonline.com^$all @@ -3979,12 +3273,8 @@ ! https://www.virustotal.com/gui/url/2e874f308e1202ce4deb4068d029675c8487bed465f3bd34aeefb4a84c6b767f ! https://www.virustotal.com/gui/url/859be64d71834dba1693b079ec85f77edcd06124031c65178838555fea31efd7 ||dliscord.com^$all -||dissord.gift^$all -||dizcord.gift^$all ! https://github.com/blocklistproject/Lists/issues/537 -||venture7program.biz^$document -||safetystudy1.biz^$document ! https://github.com/blocklistproject/Lists/issues/538 ||gosuslugi.contact^$all ||gosulugl.ru^$all @@ -4023,12 +3313,9 @@ ! https://www.virustotal.com/gui/file/0a2b70617c3867acb5c762b8cb1136d2cf67b09eedfaa6d5c0c22f8adf8f68ee/community ! https://www.virustotal.com/gui/url/4af299d39303fce61705804b80e05aae005917eb659367dbe409afe54254eef9?nocache=1 -! https://safeweb.norton.com/report/show?url=quicksoft.in -||quicksoft.in^$document ! https://blog.talosintelligence.com/2021/10/squirrelwaffle-emerges.html ||168betclub.com^$all -||360digidives.com^$all ||abogadoaccidentedetransito.com^$all ||abogadosnegocios.co^$all ||abufarees.com^$all @@ -4043,14 +3330,9 @@ ! https://blog.google/threat-analysis-group/phishing-campaign-targets-youtube-creators-cookie-theft-malware/ ! https://www.virustotal.com/gui/url/498cb2174736cedece47080f5f35f1ce1eb7aa759d361ddd9c106c26bb3b8a05?nocache=1 -||qznr.lkd.cioubfiare.com^$all -||swth.lkd.cioubfiare.com^$all -||00001011111101.lkd.ge5r6h7tjrfrhegs.top^$all -||ge5r6h7tjrfrhegs.top^$all ! https://www.virustotal.com/gui/file/0e2f7af509abfb3389320e195944b5702317bf0553169f9350afaacc16529307/relations ! https://www.virustotal.com/gui/url/4ceb6da6f85c060299a5bab40880ab95f4c401c2f3bbfcca5d2ad7307c2d1289 -||jelikob.ru^$all ! https://www.virustotal.com/gui/file/cf7df6863ec2d98c6ebf48de6219956d012bb2a6dd1af9eb9502ffecd7c75b72/community ! https://www.virustotal.com/gui/url/a36b26696f762d0dee74e8b09f0599bd2e19f25955efb1071752ff5a32ffaef8 @@ -4065,16 +3347,13 @@ ! https://urlhaus.abuse.ch/url/1720702/ ! https://www.virustotal.com/gui/url/444cd0b1e10dde9a9857d4103beb627101337bb76d7adbbd27f1e02f21af4f2f ! https://www.virustotal.com/gui/url/ab8f11d7926a7a1ecc631308557ee46338a647cef52f51cd29f4c39739edd4e7 -||sysaheu90.top^$all ! https://www.virustotal.com/gui/file/a5e44dd81280a7fbef17c18e528c9df4b1289144fbc107d011af282a69cc3062/relations ! https://www.virustotal.com/gui/url/da7adf6821aa64e2e6b0ec2a0997e40607a99eaea26f4cf83603f5520dd42541 ||pcandtool.com^$all ! https://www.virustotal.com/gui/url/a263cdde5304a1eb2f8391ce547200d52ce461485295644d2cfdb74d5a50bd58 -||niemannbest.me^$all ! https://www.virustotal.com/gui/file/bcf9211a247a807974edf92b8e643ce15b6701c53676e5fe59d38f80259bdbbe/community -||privacytoolzforyou-6000.top^$all ! https://www.virustotal.com/gui/file/410dd4aecdfa74eeab45713cde39903d3f93e428c8db4ca23cf20b9c95865f71/community ! https://www.virustotal.com/gui/url/dcc99e2264983670ad434c93943c794746b467e059172e76e15f5eedcab3f95a?nocache=1 @@ -4083,16 +3362,9 @@ ! https://www.virustotal.com/gui/file/fdadaa29cddfdc73c668258fea6614be64a933dcfa19072a6342024985a0a68b/relations ! https://www.virustotal.com/gui/url/64125a9f54ae4b8692db8bcaaab8ce09d1f6fe3aad667d48999c8f579b8546aa?nocache=1 -! https://safeweb.norton.com/report/show?url=komawai.ru -! https://www.urlvoid.com/scan/komawai.ru/ -! https://www.siteadvisor.com/sitereport.html?url=komawai.ru -||komawai.ru^$all ! https://www.virustotal.com/gui/url/1389bac88cdc28f7f2bf371745bbbd1860cd27ca10c208419002b3ee3ffa2acc?nocache=1 -||wdv.federguda.ru^$all ! https://www.virustotal.com/gui/url/e83e8aabda549218a7733cb1c4f167797684af08d41e9036cf3ec423dca7b519?nocache=1 -||federguda.ru^$all ! https://www.virustotal.com/gui/url/573b2952362b66904c602e7232b60015941ac3e025d3fe3ab90c417e96af726c -||wetuspost.xyz^$all ! https://www.virustotal.com/gui/file/b7ba5aa2f8f7781d408e87b2131fa2cc9b95cdf3460f9778229398c9e851772a/community ! https://www.virustotal.com/gui/url/5bd80ecef1382d6c011a3dd937aec3b3f923d77b22d718fbb994c700f6252fbc @@ -4110,7 +3382,6 @@ ! https://www.virustotal.com/gui/file/7e148999439b83e74d823e98f7a82e4bd75d5e259e4c6351aabbb446eb9dfcc8/community ! https://www.virustotal.com/gui/url/c729caf3eec0092349e4756fbc9f95b85ac8d76d05f6e30d8d1ca4cbb5f65faa ! https://www.virustotal.com/gui/url/486ccac29bca2afd9872f56a59738c91bd62efd036c6e1e7e58fe9899fd718da?nocache=1 -||thecowbook.com^$all ! https://www.virustotal.com/gui/file/2aaf7b39e21dc933b0f7ca5f098ae21f501369bfd08f2969ae9c08c70a3210f8/community ! https://www.virustotal.com/gui/url/9861a82096b4d008aac456e8a0d77e39ab4a2d0225c2d805a012a77e0eaaa6ff?nocache=1 @@ -4156,8 +3427,6 @@ ! https://threatpost.com/chrome-deliver-malware-as-legit-win-10-app/175884/ ! https://www.rapid7.com/blog/post/2021/10/28/sneaking-through-windows-infostealer-malware-masquerades-as-windows-application/ -||updateslives.com^$all -||eu.postsupport.net^$all ||cleancrack.tech^$all ||s4.cleancrack.tech^$all ||clickmatters.biz^$all @@ -4186,7 +3455,6 @@ ! https://www.virustotal.com/gui/url/1020389b8482768e4e1e1de6780695d8382b381baa91eeb7779faa2869ead3fb?nocache=1 ||198.23.207.126^$all ! https://www.virustotal.com/gui/url/d98879ac25e9f58c9df55b8f35da4fbc1b23cc96e80084a262a3555e9f37c3f9?nocache=1 -||74f26d34ffff049368a6cff8812f86ee.ml^$all ! https://www.virustotal.com/gui/url/e3ff8e31b9cfa804da922a669adafd0aaf6975e2e0814ddf83d3b2ef166dcbfe?nocache=1 ||staffportal.uoz.edu.krd^$document @@ -4197,7 +3465,6 @@ ! https://www.virustotal.com/gui/file/c370bb81149e5a41ff7207e97c2b309cb24cb8059e13185713278d054cdccab7/relations ! https://www.virustotal.com/gui/url/5360be49126e116baaadcb5ebe70068614208ea841581f1682a4925ec5b6d061 -||clunikol.club^$all ! https://www.virustotal.com/gui/file/f2b4beda6dccd753e370df728f24ee2af38201d05ed1b408b3e262a94c8cc382/community ! https://www.virustotal.com/gui/url/ff392416c5b4c8c575d9e8f3d1c2b539b6496e1eb75a9bcf418fc0d22aaf53fd?nocache=1 @@ -4220,7 +3487,6 @@ ||194.5.212.190^$all ! https://www.virustotal.com/gui/file/ad226d0d0d65f6b2cf338844fad2229e5556df67303fdcd0ba079f6c0dd0345e/relations -||honawey70.top^$all ! https://github.com/iam-py-test/investigations/blob/main/2021/11/3/1.md#domains ||youutube.com^$all @@ -4232,20 +3498,17 @@ ! https://www.virustotal.com/gui/file/78275c4299a8959d17cf695e4e4cebf40a993a487b9ceba5fb51fd1108b5c55c/relations ! https://www.virustotal.com/gui/url/b44a32b57fce4b753194dbec576badb6cf98c27492aa93c4fb976dc3817e2d74 -||gervenez.xyz^$all ! https://www.virustotal.com/gui/file/8021eb6cfa850b00dc489a7c12f2132c7d93d66e7232799ab70ad09e1340f625/relations ! https://www.virustotal.com/gui/url/bfe41e7ae9953fb749a76086e1e26bd0eebac2acad6e2aafcf919df5e973aa5e ||2.56.59.211^$all ! https://www.virustotal.com/gui/url/16973b168ca89e297f49805d259fe337d079f6d558408fc1a9e9ff8261a575ec -||chrisproperties.xyz^$all ! https://www.virustotal.com/gui/url/cbde34946a1dc932fc0e602c16acfee9ed7aea4e080cc645e0ec96411b48e9f1?nocache=1 ||fuckme69.duckdns.org^$all ! https://www.virustotal.com/gui/file/8fe260a56a8e9f9d6583ba23521d3662e2c11ff7c46773900c72ba8fc8502403/community ! https://www.virustotal.com/gui/url/fa62c30e8bb130fb69f35130b03dff10e30a1688d6d42fd35ac61bd528e742cd?nocache=1 ! https://www.virustotal.com/gui/url/88b1d0f10881c78c3c33b8698e39a0e55b12a0302ccf5459f8ffec28c3febf78?nocache=1 -||privacytoolzforyou7000.top^$all ! https://www.virustotal.com/gui/url/b8d61e5816b78c4385440df15ba635ab6d793bc721a254aab3ea047a14bbbc9b?nocache=1 ! https://www.virustotal.com/gui/url/27c6c144d447319f978c2ce4fa8272faa15d47aa1db6b04adb4fe2749c2b70ef?nocache=1 @@ -4261,7 +3524,6 @@ ! https://www.virustotal.com/gui/file/46cf9751def425de0d2cac62f2c6c91111b6b4b102d44ce5e8aa74b48310a008/community ! https://www.virustotal.com/gui/url/c907c778931a0223604c16483a68c6101f9339b8f84f45281b46dbeb144d65d4 ! https://www.virustotal.com/gui/url/83238f741c7fb148afe4c193467d742e938e6c6baa10f123fc41f488d010f23c -||host-host-file6.com^$all ! https://www.virustotal.com/gui/file/e14c7699a88132d45dacece5881b93f8e01193d3afb27ee7bf03f562003fb6f2/community ! https://www.virustotal.com/gui/url/c5cc184fdc51e791d90ea80c78630dea2ec410d9b3b9ab2b70318e77c509d7ca?nocache=1 @@ -4325,10 +3587,8 @@ ||212.109.222.225^$all ! https://www.virustotal.com/gui/url/a9a9ac2eeb94c12ae39afb300abcc15ad2eaae12975b077f3b24a00698bfc1ab/community -||disccord.shop^$all ! https://www.virustotal.com/gui/url/4bc2cd85dc88835634fff22f4eb754b5642cc8e92d1b81486edc0d3c43a6c9b6/community -||bcryp.net^$all ! https://www.virustotal.com/gui/domain/aman.xyz/relations ! https://www.virustotal.com/gui/url/19a46ea93a6974edf3b59461c1c91fb38ddc8286eb58ffd71dc1db594ff96747/community @@ -4434,7 +3694,6 @@ ! https://www.virustotal.com/gui/file/13654e2fe0c25303cd4697dd2f66c5d3b228cd3fff6e97ac979257c0b0768cb8/community ! https://www.virustotal.com/gui/url/2c94b13268b3a7a515fd086d8b124d07e3ce2a1f7fe15198de3fbd44cdd7ed70?nocache=1 ! https://www.virustotal.com/gui/url/ff345268ae5cc7f8de8c9e7fa4cc21c5068364e7697ad18b763c9dfdd7ceb50c?nocache=1 -||dumancue.com^$all ! https://www.virustotal.com/gui/file/4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7/community ! https://www.virustotal.com/gui/url/308dd80dc677089be722012653a33bdbf0b5dff10877f8d3c5d2e80663c817e5?nocache=1 @@ -4467,10 +3726,8 @@ ! https://www.virustotal.com/gui/file/bf45b415add34c4a9cfd28e2f0060a5771b452a290d4807cc66e5e0355b014c0/community ! https://www.virustotal.com/gui/url/931f06b3237b5a3146155be67490fc186ed2527b0b6b73a78d06b22aa15d35d7?nocache=1 -||xetwau08.top^$all ! https://www.virustotal.com/gui/ip-address/92.38.189.206/relations ! https://www.virustotal.com/gui/url/97ebe4817da3382f244586324c1eeb0ec39f3f466a6bf85acdae5cd4e6269fe4 -||xetbak07.top^$all ! https://www.virustotal.com/gui/file/e629334def73be9e166ecdd9d5d73d6be97ef7f7d16f05383892332acb324b73/community ! https://www.virustotal.com/gui/url/ba79121c07cef5a2e58edcf9e0a51214c17b12a3f5bc9e886fe7c9833f98b4a8?nocache=1 @@ -4479,7 +3736,6 @@ ! https://www.virustotal.com/gui/ip-address/46.242.232.202/relations ! https://www.virustotal.com/gui/url/75ea70d543f6009284e91be48b3b4d455d047380769f51bd4ba78ddf91ac5844 -||fkty224wazne.pl^$all ! https://www.virustotal.com/gui/url/8b6e00f2a6355452de1fcd5e95360c75f1dedb1f5fc1299d530fdef3181079c2?nocache=1 ||hosting2047279.online.pro^$document @@ -4489,7 +3745,6 @@ ! https://www.virustotal.com/gui/ip-address/192.64.119.78/relations ! https://www.virustotal.com/gui/url/efe8aec5fee6b99bc7f3b7b0c0bca9006a982dab6feb6bbf83a6f22f2448aaa5 -||polska-pomoc-12w.xyz^$all ! https://www.bleepingcomputer.com/news/security/windows-10-app-installer-abused-in-bazarloader-malware-attacks/ ! https://github.com/sophoslabs/IoCs/blob/master/Troj-BazarBackdoor.csv @@ -4498,11 +3753,7 @@ ! https://www.virustotal.com/gui/url/49084a6ebf5edfb36a61fd95a7f5acf47eebc6b597ac078f2b7514f4aba73d4c ||dfgerta.com^$all ! https://www.virustotal.com/gui/url/a0c4731dfc864387318b5937bb509f0d73b866c12a5f1d3058234c30cf1dcf2b -||asdlfkasklf.com^$all -||aslflasf.com^$all ||falomana.com^$all -||gakosafd.com^$all -||joramanmnbman.com^$all ! https://www.virustotal.com/gui/file/7930bf3f1be9acdf429e2433aa7d0c36985d9a97e580571fee1ffe8cbc0d8f5a/community ! https://www.virustotal.com/gui/url/6496408801245ebc8e42ad93044d1ee4fbec1829641b8c844b556c0bcd9b8153 @@ -4514,7 +3765,6 @@ ! https://www.virustotal.com/gui/url/8bb706c85f55c2c429fe521176e46210c95742634735e1055aaa89ed9d721a71?nocache=1 ! https://www.virustotal.com/gui/url/3e957264c1152dd629abda0e1c015b067aa23fc6178bf1105d9593fbfad9c439 -||thegiftschoolnc.com^$all ! https://www.virustotal.com/gui/file/adace11a1835d8b0b768bbb451dccf8507f5baf0c49925ff103ce1c88f0e1ba3/community ! https://www.virustotal.com/gui/url/1cf1099aa38de926f266b422f4def4a5a81f8aeaac60b7fb4cc685b82701c3ed @@ -4522,13 +3772,9 @@ ||capraroconsulting.com^$all ! https://www.virustotal.com/gui/file/879fccdf9b4b09063a6dbf1ac2cc381a1ebcacf6e38f5b8d4889785a4ccde22a/community -||xetery20.top^$all ! https://www.virustotal.com/gui/file/4970975b3596048497e4cd865a66e68b017afddc392ce8de6d1b071846908295/community -||host-file-host0.com^$all ! https://www.virustotal.com/gui/file/48bf6b216fedcd9ad055231d5179cd419533fdd480870a1a819cb90c903e557e/relations -||privacytoolzforyou-7000.top^$all -||nalirou70.top^$all ! https://scammer.info/t/phishing-mail-with-domain-polatemlakhaninsaat-com/83493 ||polatemlakhaninsaat.com^$document @@ -4582,7 +3828,6 @@ ! https://github.com/iam-py-test/investigations/blob/main/2021/11/15/1.md#iocs ||freedownloadfiles.org^$all -||fruegelke.xyz^$all ||ec2-34-213-49-207.us-west-2.compute.amazonaws.com^$all ||172.67.186.189^$all ! https://www.virustotal.com/gui/file/b346f73352f3df0ec81e2bb986205f48855d98b426693375f37a2ed5f5c530d1/relations @@ -4607,16 +3852,12 @@ ! https://www.virustotal.com/gui/file/5328c4aab99fe1a6c8d10a8735a88e4a720b544576cd7acd8b03f8a063a545b1/community ||198.46.136.245^$all -||74f26d34ffff049368a6cff8812f86ee.gq^$all ! https://www.virustotal.com/gui/url/ce69462e263f0907114076f070cad653d2c944dda105793aed2115eeab5c82a3/community -||shib-inu.cc^$all ! https://www.virustotal.com/gui/url/8f26eac1984a9738a36f7794a37b5d737e62c2ba647ca594ac0721babc28040d/community -||ether-give21.net^$all ! https://www.virustotal.com/gui/file/15c04c213c3c4a5f9078d87512c7e1f951cdb540d5949cb7196df3153612ef2b/relations -||lkomgplrwtspmfk.su^$all ! https://www.virustotal.com/gui/url/af8f443208f4e86d469549b219fccbeb43b7cae40be5f1b4c4e5083e27fc8111 ! https://www.virustotal.com/gui/url/76223ce4461cdfd32a6c2a1ff435cf4b61b02597795d0d228d5e6a9f923f40db?nocache=1 @@ -4634,10 +3875,8 @@ ||tough-numerous-lemur.glitch.me^$all ! https://scammer.info/t/scam-bots-are-invading-g4-tvs-discord-server/83802 -||steamdocsoffers.xyz^$all ! https://github.com/avast/covid-19-ioc/commit/1539def33debd4ddbc903a26166205cae6aaedd9 -||cov-19pl.site^$all ! https://www.virustotal.com/gui/file/f657dd8b99b9fa047c524f055984dfb1f9886cc97c788c8ebb9e63537f327c1a/community ! https://www.virustotal.com/gui/file/676de5f6ff737af6e73a00caf93767cc9af16e6e6bd50016b5bd03ffa097c373/community @@ -4700,7 +3939,6 @@ ||45.42.201.16^$all ! https://www.virustotal.com/gui/file/df7841fad13bb90a108a0861c92c565ad754528e684600ad07011cd4e83f1a63/community -||mywfpi02.top^$all ! https://www.virustotal.com/gui/url/29a76a0ae74cb6cdda4abcaad46246aad99ae4b58c4d8ebeaed6a084c38efeef ||bug-codashop-diamond.duckdns.org^$all @@ -4709,7 +3947,6 @@ ||secure-infodirec350.duckdns.org^$all ! https://github.com/uBlockOrigin/uAssets/pull/10542 -||best-winplace.life^$all ! https://www.virustotal.com/gui/url/a2524bba49ae71297d2b408b30d058700d9c80b5b1154924cafe190ec3e605a6/detection ||newrrb.bid^$all @@ -4727,26 +3964,17 @@ ||610418.selcdn.ru^$all ! https://www.virustotal.com/gui/file/2fb97449ff00263495f3d1bd7311532b4b43d5f2bcef700fe4d593dc3fa64d68/community -||mywmis14.top^$all ! https://github.com/iam-py-test/investigations/blob/main/2021/11/24/1.md ||macsoftwarez.com^$all -||laajew.xyz^$document ||namilon.xyz^$document ||ec2-3-238-75-201.compute-1.amazonaws.com^$document -||notycars.xyz^$document ||ec2-54-177-49-112.us-west-1.compute.amazonaws.com^$document -||zinkahulu.xyz^$document -||krmcean.xyz^$document -||meiryenzen.xyz^$document ||ec2-44-192-106-88.compute-1.amazonaws.com^$document ||ec2-52-53-211-120.us-west-1.compute.amazonaws.com^$document ! C2s -||fouratlinks.com^$all ||toa.mygametoa.com^$all ||mygametoa.com^$document -||postbackstat.biz^$all -||tweakballs.com^$document ! https://www.virustotal.com/gui/file/12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef/community ||221.210.97.251^$all @@ -4766,12 +3994,8 @@ ! https://www.virustotal.com/gui/url/781a2d763b034c9610ab9832bdc2692aced3d86c6b7296ea72579da7b68dc073?nocache=1 ||631e69eb.ainans.com^$all ! https://www.virustotal.com/gui/url/2fb021cabd8ebdc964c11f78d634d598085eca46535bbb9d5498299d9807c6e0?nocache=1 -||gbdmagazine.xyz^$all -||www.gbdmagazine.xyz^$all ! https://www.virustotal.com/gui/url/c895ae811452b51cc54c5845aad820dbbc89cd3d2c963a1a28f38191c213380a?nocache=1 -||pggmeym.cn^$all ! https://www.virustotal.com/gui/url/e44e62fe32d2e25405df7d18539b297b4c298ceb629e0b7edb21dba040e698e2 -||flg34w.cn^$all ! https://www.virustotal.com/gui/file/36a44bb88a9d935641882b44718c3cab933416f5b408b6c663e1f6b53cb659b9/community ||194.85.250.141^$all @@ -4821,16 +4045,13 @@ ||14.226.182.203^$all ! https://www.virustotal.com/gui/file/2f08f5b23a062671fba5957b98d05a728299bb1ae98695b9b5d36e75528ccab7/community -||dell-tv.tk^$all ! https://www.virustotal.com/gui/file/0c6d57557120decedc9a102794ea95bcaf64529eb1f18058e4df62c34b724988/community ||103.171.1.140^$all ! https://www.virustotal.com/gui/file/ff4e17d62ce9c71164879418e7942cecf8db37b16cb66adebc6c2570840f8524/relations -||www.blancheshelley.xyz^$all ! https://scammer.info/t/phising-on-crypto/84207 -||geminisupport.azurewebsites.net^$all ! https://scammer.info/t/onedrive-phishing-5/84102 ||vgiukhnmvhjhukhj.nustadaltu.workers.dev^$all @@ -4839,11 +4060,7 @@ ||quantumadblocker.com^$document ! https://www.virustotal.com/gui/file/c5d5a28565277162bc72399c71d38bf329be3a8e5b34140447212533c06a2be2/community -||host-coin-data-1.com^$all ! https://www.virustotal.com/gui/ip-address/212.192.241.249/relations -||file-file-host4.com^$all -||host-file-host9.com^$all -||privacytoolzfor-you7000.top^$all ! https://www.virustotal.com/gui/file/d6a99ad5595b073830f571defe840abc14fba0dfb6b4d406bcb00b78b92c5fee/community ||61.3.149.176^$all @@ -4852,7 +4069,6 @@ ||186.33.85.112^$all ! https://www.virustotal.com/gui/file/c18cf6f2677277c4885ccb069d4e65b8c97c96c0ea72cee5d8e6a2d018d74ed0/relations -||saninolece.xyz^$all ! https://www.virustotal.com/gui/file/311ac01e395d96f8017ef95dfa9ee8f00aa527e02cfcd207de371e04e5aed023/community ||194.85.248.159^$all @@ -4868,14 +4084,10 @@ ||163.179.168.44^$all ! https://github.com/uBlockOrigin/uAssets/pull/10620 -||mcdupe.com^$all -||shadyclient.net^$all ! https://www.virustotal.com/gui/file/cbeb4e922aabe85afb7d5d3508aa7f153b58509d76d77787ec6d640d4a6300a5/relations -||ccf9ba3695b15b4f0787e6290e0f63allcomejroo839jxi13.xyz^$all ! https://www.virustotal.com/gui/file/a8bfc3885f89bca5242709e290a276de03d8774cbd6c744ca3676e681fae1e49/relations -||kotob.top^$all ! https://www.virustotal.com/gui/file/12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef/community ||110.89.59.135^$all @@ -4905,11 +4117,9 @@ ||185.9.36.106^$all ! https://www.virustotal.com/gui/file/af27173ed576215bb06dab3a1526992ee1f8bd358a92d63ad0cfbc0325c70acf/relations -||amimegutadowntown.com^$all ||51.195.57.232^$document ! https://www.virustotal.com/gui/file/ec892345779df7156691fcc7eb37deb89bb8d6d6fd925841fa1764ea93bef58f/community -||coin-coin-coin-2.com^$document ! https://github.com/uBlockOrigin/uAssets/pull/10662 ||api.crm.duominuo.com^$all @@ -4918,7 +4128,6 @@ ||duominuo.com^$all ! https://scammer.info/t/pihishing-site-claiming-to-hold-a-ups-package-that-needs-payment/84466 -||ups-dk.u1537460.cp.regruhosting.ru^$all ! https://www.virustotal.com/gui/url/269d374b629d7896da1f9e7449bd5afecf6284a9a564244f96a71e5192363635?nocache=1 ||lowseelan.com^$all @@ -4933,7 +4142,6 @@ ! https://forums.malwarebytes.com/topic/281310-malware-sample/ ! https://www.virustotal.com/gui/file/9c3f82fc5a23181b4652cd2696bf4bdb1a27f43836ebc2b654610b61d5e6d8a7/community -||humnkd.xyz^$all ! https://github.com/DandelionSprout/adfilt/pull/395 ! https://www.huorong.cn/info/1531309921141.html @@ -4959,10 +4167,8 @@ ||fire.hypersys-server.com.ar^$all ! https://www.virustotal.com/gui/file/25dc1c67a35ee480f36d1ec2590f935ec6c8d70eacbd95e96208374c402cac99/community -||ecowin55.com^$all ! https://www.virustotal.com/gui/file/611cf2be6752c173be1328ea47cc8ea736bc3bda9030da617390b23afa955b47/community -||df.yollowsun.site^$all ! https://www.virustotal.com/gui/file/c59a0bc3fb5029c906b4f491dfccfd5bf8aafb25db2c281dc4092e6eaa81bb53/community ||117.194.171.13^$all @@ -4970,11 +4176,8 @@ ! https://github.com/uBlockOrigin/uAssets/pull/10774 ! https://bbs.kafan.cn/thread-2222478-1-1.html -||a1475.com^$all ! https://bbs.kafan.cn/thread-2221903-1-1.html -||twitter.anlytisc.com^$all ! https://bbs.kafan.cn/thread-2221781-1-1.html -||shibatokenclaim.net^$all ! https://bbs.kafan.cn/thread-2220230-1-1.html ||ts-group.com^$all ! https://bbs.kafan.cn/thread-2221419-1-1.html @@ -4982,7 +4185,6 @@ ! https://www.huorong.cn/info/1627034201698.html ! https://bbs.kafan.cn/thread-2217785-1-1.html ||win.zjwhr.top^$all -||win.xzhyl.top^$all ! https://twitter.com/Cryptolaemus1/status/1468266929014157316 ||lartmana.com^$all @@ -5003,11 +4205,9 @@ ||profullversion.com^$all ||vcracks.com^$all ||keysfull.net^$all -||naqeebicrack.com^$all ||crackswall.com^$all ||crackthere.com^$all ||crackpcsoft.net^$all -||a2zp30.net^$all ||crackserialkey.co^$all ||keygenfile.net^$all ||maliksofts.com^$all @@ -5048,7 +4248,6 @@ ||trycracksoftware.com^$all ||fullcrackedpc.com^$all ||cracktopc.com^$all -||filepapa.com^$all ||crackkey4u.com^$all ||rootcracks.org^$all ||idmfullcrack.info^$all @@ -5064,14 +4263,12 @@ ||autocracking.com^$all ||macwinsofts.com^$all ||productkeyfree.org^$all -||crackwatch.org^$all ||chcracked.com^$all ||cracksdat.com^$all ||patchcracks.com^$all ||activationkeys.co^$all ||serialsofts.com^$all ||piratpc.com^$all -||bulletcracks.com^$all ||prosoftlink.com^$all ||cracksole.com^$all ||finalcracked.com^$all @@ -5124,7 +4321,6 @@ ||65.108.81.182^$all ! https://www.virustotal.com/gui/file/4bef75aae931f4dec589397a013befac963cd48a8b1f1fd4958bd52ca3c6a52e/relations -||bruze2.ug^$all ! https://www.virustotal.com/gui/file/a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3/community ||83.43.152.54^$all @@ -5136,10 +4332,7 @@ ! https://github.com/iam-py-test/investigations/blob/main/2021/12/13/1.md ||haxpc.net^$all -||meonenlist.xyz^$document -||nogrono.xyz^$document ||52.53.243.52^$all -||hrutruthe.xyz^$all ||34.201.22.10^$all ! https://twitter.com/Max_Mal_/status/1470107440268161030 @@ -5147,10 +4340,8 @@ ||5.182.206.13^$all ! https://scammer.info/t/amazon-phishing-scam/85343 -||vrifyacpas-managecstomer.cloudns.ph^$all ! https://scammer.info/t/i-dont-need-that-bayonet-scam/85314 -||steamtrading.org^$all ! https://www.virustotal.com/gui/file/12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef/community ||123.10.225.196^$all @@ -5167,7 +4358,6 @@ ||doc-0s-6k-docs.googleusercontent.com/docs/securesc/rfercc3a76jeult4d0h2382iop9rvhs7/bkokfcop5q4c5nh6ab7ua8fqrvfhqbut/1639701150000/13045886741651917350/15048584419024227515Z/1lvkYzenTwpcsl7vjsbds1J7MKSFxv-4D?e=download&nonce=m87re19eg7bia&user=15048584419024227515Z&hash=e46r3l57308v862803q96485oi1sd2jp^$all ! https://twitter.com/Max_Mal_/status/1471844088265719817 -||sabitblog.com^$all ! https://forums.malwarebytes.com/topic/281936-malware-campaing-distribuition-malicious-link/ ||10dimensions.com^$all @@ -5245,11 +4435,9 @@ ! malware - https://bazaar.abuse.ch/sample/a12d74b1756d49531e21f755fef2049ab6c83626f0834cb945c781c39d40a177/ ||crackedable.com^$all -||teaserens.xyz^$all ||3.239.226.246^$all ! hxxpx[:]//crackpropc[.]com/winrar-crack/ - https://bazaar.abuse.ch/sample/4f4376563cfc35d3fb0b4f857674729727b5f959235fe39daa928a1d4a28649a/ -||rtrttf.xyz^$all ||wastyuioytryiuoytryiuopuytryuioewr5t678i.s3.amazonaws.com^$all ! https://github.com/uBlockOrigin/uAssets/pull/10997 @@ -5257,7 +4445,6 @@ ||phpstat.cntcm.com.cn/phpstat/count/abceffgh/abceffgh.js^$all ! https://bazaar.abuse.ch/sample/357226dff2f3309f8271b5a7c2cc816aa8fb779275357dce9b98b30357951210/ -||mozicrack.com^$all ||download-srvr.xyz^$all ||134.122.115.190^$all ||cybermicto768jubileejhsye6yt6543.s3.us-east-1.amazonaws.com^$all @@ -5274,7 +4461,6 @@ ! https://www.virustotal.com/gui/file/e48c144e54d3200492b920895b376a8cb34a2360195b3b3f4917fd59d23b6474/community ||185.215.113.84^$all -||ashihsijaediaehf.su^$all ! https://www.virustotal.com/gui/file/4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7/community ||219.155.253.210^$all @@ -5316,18 +4502,13 @@ ||find-it.pro^$all ! fake Flash Player -||restorehighlyadvancedthefile.vip^$all -||restorecurrenthighlythefile.vip^$all ||new-meet-dating.life^$document ||wellhello.com^$document ! https://github.com/blocklistproject/Lists/issues/600 ||avomas.me/rbBvg78^$all -||trackital.checkposttt.top^$all -||corriertt.parceldlvr.xyz^$all ||choicemonitor.top^$document ||hellothere.shop/a/OUevEKzLtg2P7xAs^$document -||ufesif.com^$all ||italtrack.checkitemtt.top^$all ||checkitemtt.top^$document ||conv-alida-recapiro-com.preview-domain.com^$document @@ -5336,10 +4517,8 @@ ||juandfar.github.io^$all ! https://forums.malwarebytes.com/topic/282352-metamask-phishing/ -||metmaskslog.xyz^$all ! https://github.com/uBlockOrigin/uAssets/pull/11161 -||flashplayer-cn.com^$all ! https://bazaar.abuse.ch/sample/d696d27429f51199a8b88b7a332cfa2c05d6cf6a875a88046a8764a290bf588f/ ||slidehostdowny.xyz^$all @@ -5348,7 +4527,6 @@ ||rest.healthy2fit.com^$all ||api.healthy2fit.com^$all ||rest.mcghealthcare.org^$all -||api.mcghealthcare.org^$all ||rest.neckbackpainrelief.org^$all ! https://github.com/uBlockOrigin/uAssets/issues/11157 @@ -5365,17 +4543,12 @@ ||mailsecure-helpdesk.azurefd.net^$all ! https://www.virustotal.com/gui/file/a7ee420fd3a477e690dab56f47b264dd6c8376941101065d6645716bbf4b6333/community -||unicupload.top^$all -||amogohuigotuli.at^$all ! https://twitter.com/pr0xylife/status/1479004948868341760 -||greshman.xyz^$all ! https://scammer.info/t/discord-nitro-scam-26/87304 -||ntrospromotions.com^$all ! https://scammer.info/t/discord-nitro-scam-25/87303 -||ldlscord.com^$all ! https://scammer.info/t/discord-nitro-scam-23/87273 ||discqrdapp.com^$all @@ -5385,51 +4558,33 @@ ! https://blog.malwarebytes.com/threat-intelligence/2022/01/patchwork-apt-caught-in-its-own-web/ ||bgre.kozow.com^$all -||karachidha.org^$all ! https://blog.malwarebytes.com/web-threats/2022/01/card-skimmers-strike-sothebys-in-brightcove-supply-chain-attack/ ||cdn-imgcloud.com^$all ! https://twitter.com/MBThreatIntel/status/1480659259712884736 -||efphoretsdnrseo.aeeorrpniuhmhwe.store^$all -||ufd.cam^$all ! https://scammer.info/t/discord-nitro-scam-25/87887 -||discorde-nitre.xyz^$all ! https://twitter.com/pr0xylife/status/1483380330652487680 -||uber-ourtaxi.az^$all ||185.7.214.7^$all -||2021.posadamision.com^$all ||plus-x.xsrv.jp^$all ||senior.tims.se^$all -||mail.agreatfurnitureplace.com^$all ||mecaglobal.com^$all ||mymicrogreen.mightcode.com^$all -||mawroyalmedia.com.ng^$all -||pokawork.com.ng^$all ||ariesnetwork.co.uk^$all -||clatmagazine.com^$all ||animalkingdompro.com^$all ||bitcoin-up.fomentomunivina.cl^$all ||cr.almalunatural.com^$all ! https://github.com/blocklistproject/Lists/issues/623 -||bookitlab.tech^$all -||winaudio-tools.com^$all -||graphic-updater.com^$all -||github.url-mini.com^$all -||url-mini.com^$document -||office360-update.com^$all ! https://github.com/blocklistproject/Lists/issues/613#issuecomment-1018499340 -||e-giftnitro.com^$all ! https://www.virustotal.com/gui/file/cfb15322084d6292f43038a69b0e017b809f178b7c85c310f8effdb37a3eb9a3/community ||florafawnamusic.com^$all ! https://www.virustotal.com/gui/file/edddab090284f2bd22d4a30b9bbe352af5c0c357f72ab3d27154fdabf9fee51c/community -||hfjv9g950bag53fcbcdnbcbnmhy35zch.tk^$all ! https://www.virustotal.com/gui/file/049c51aeeb616f8b465cbe006dd1d3ad27984882578f07ec043c71148797cccf/community ||179.43.175.148^$all @@ -5438,8 +4593,6 @@ ||198.12.127.206^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/108571 -||valida-acesso.com^$all -||ston-app.com^$all ! https://www.virustotal.com/gui/file/a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3/community ||36.228.38.96^$all @@ -5500,7 +4653,6 @@ ! https://www.bleepingcomputer.com/news/security/a-look-at-the-new-sugar-ransomware-demanding-low-ransoms/ ||cdn2546713.cdnmegafiles.com/data23072021_1.dat^$all -||chat5sqrnzqewampznybomgn4hf2m53tybkarxk4sfaktwt7oqpkcvyd.onion^$document ! https://www.virustotal.com/gui/file/a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3/community ||14.104.202.76^$all @@ -5552,15 +4704,8 @@ ||c0xmailservice.weebly.com^$all ! https://twitter.com/malwrhunterteam/status/1491859158349537280 -||officialcoinbase-mining.com^$all -||coinbasewalletapp.com^$all ! https://www.virustotal.com/gui/file/33b647a646e62b8b95a40370b3a228fa50d7ac844bf4192456213ed492d74b83/relations -||dollybuster.at^$all -||egsagl.com^$all -||fennsports.com^$all -||remik-franchise.ru^$all -||spaldingcompanies.com^$all ! https://github.com/uBlockOrigin/uAssets/pull/11744 ||greencracks.com^$all @@ -5570,7 +4715,6 @@ ||cracksoftware.org^$all ||downloadpc.net^$all ||pcfullcrack.org^$all -||serialkey.info^$all ||keygenpc.com^$all ||up4pc.com^$all ||hitproversion.com^$all @@ -5578,7 +4722,6 @@ ||137.184.159.42^$all ||iplogger.org/2Acru6^$all ||yourpcnotification.com^$all -||r3achb3ach.com^$document ! https://blog.malwarebytes.com/threat-analysis/social-engineering-threat-analysis/2022/02/dont-let-scammers-ruin-your-valentines-day/ ||162.33.178.57^$all @@ -5587,8 +4730,6 @@ ||198.46.132.195^$all ! https://twitter.com/ankit_anubhav/status/1495648193396490240 -||apps.weightlossihp.com^$all -||168c39dd.apps.weightlossihp.com^$all ! https://www.virustotal.com/gui/file/6411a828f023be935730023e2b3bd19843106557a4a8c7126ffb4f7b16383ffe/community ||107.175.87.164^$all @@ -5615,41 +4756,27 @@ ||ykqbts2t6x4sc354mdei6j5e6qe6baro.vrvy4ai.1.0.ozlnabtsgij2f5y455ywbxylg4.4d6vd7y.dns0.org^$all ||211.119.84.111^$all ||203.228.9.102^$all -||coralee.at^$all ! https://twitter.com/malwrhunterteam/status/1502609755868696578 -||resetting-twitter.com^$all ! https://github.com/uBlockOrigin/uAssets/issues/12194 ||fulptube.org^$all ! https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en/ -||webserv.systems^$all ||194.165.16.24^$all ! https://bazaar.abuse.ch/sample/d7308dab0110ae3bc79fd15024f5ccfcbd6e676b7c42b27a0112506e8357a6dc/ --> https://app.any.run/tasks/bc53e7a9-5fd7-4682-894d-11e48e9ea89a# ||www.pccrackworld.com^$all ||pccrackworld.com^$all -||calsign.xyz^$all -||jwq98u.xyz^$all -||nhskuhiuscja.xyz^$all ! https://twitter.com/reecdeep/status/1504732496616906756 -||onlinerlines.top^$document -||onlinerlink.top^$document -||onlinerline.top^$document -||checksound.su^$document ! https://www.virustotal.com/gui/file/f158c883db7803a14c124e29a3adb1b72cca3168d904f7cee2a6ebbbdc535ca3/relations ||winfrey2024.com^$all ||www.winfrey2024.com^$all -||599-63rdstreet.com^$all -||755xy.xyz^$all ||bisbenefits.solutions^$all -||cupboarddi.com^$all ! https://www.virustotal.com/gui/file/361805dc92fd6e036de72ba6eebb15dbf62e12e4b24462bba58b9565a56a18f3/relations -||furnaceshst.net^$all ! https://www.virustotal.com/gui/file/31d61f0e8fd95c5d71954c86a35617a4449d0f872c1be00aa33ffc01518c4310/relations ||136.144.41.109^$all @@ -5661,15 +4788,12 @@ ||thaisethalitaconfeccoes.com.br^$all ! https://www.virustotal.com/gui/url/8e6215c6207521bca9da1d1e72bfcb5256ef0f4a46201e6a041756671c1c45d5?nocache=1 -||olx-pl.ip-pl018985605.xyz^$all ! https://www.virustotal.com/gui/url/34512642d5d361717a97c817fbf65c008d4cc903a2c7ae641820a9d1e0fca5e0?nocache=1 --> https://app.any.run/tasks/5fb54e2b-1857-45ea-9656-bb4e185d47ab ||pirate4.life^$all ! https://www.virustotal.com/gui/file/439db5f69b49091964c335c5977bc6dbf8aa41398d0240410dfeb898add7dace/relations -||www.smithwordman.com^$all ||891706.com^$all -||hunnidcentcotton.com^$all ||www.njgummys.com^$all ! https://www.virustotal.com/gui/url/3e045124ad9f01b098462bc0397705e565d563c708dee52aaea209f55aea86bb @@ -5699,9 +4823,7 @@ ||27.147.183.45^$all ! https://bazaar.abuse.ch/sample/3fd0837381babda7ef617b810457f0db32bd7c1f7e345480e6c525050ca818fa/ -||nominally.ru^$all ! https://www.virustotal.com/gui/ip-address/188.114.97.16/relations -||jordanserver232.com^$all ! https://forums.malwarebytes.com/topic/285132-outgoing-trojan-2dodddnsnet/ ||2dod.ddns.net^$all @@ -5720,9 +4842,7 @@ ||codingbit.co.in^$all ||fishslayerjigco.com^$all ||avanzatechnicalsolutions.com^$all -||srkpc.com^$all ||wholesalerandy.com^$all -||mattingsolutions.co^$all ||integrativehealthpartners.com^$all ||wwpcrisis.com^$all ||markbrey.com^$all @@ -5760,13 +4880,11 @@ ! another malware website ||gamesrar.co^$all -||toasingle.xyz^$document ||hiptheacro.xyz^$all ||ucedover6.xyz^$all ! https://www.virustotal.com/gui/url/5362f975d1c08851b967850f2053c2ea79e6f2687012911733d65f4cf130cfff/community ||webmail8pnme.srvrwwalker.workers.dev^$all -||royat.panel.craymordw.xyz^$all ! https://www.virustotal.com/gui/file/82d95ff9662f05179df7fdccb7ffb7b9e9cd96fb04792aed62ca40efbadca263/relations ||103.167.92.57^$all @@ -5775,23 +4893,15 @@ ||nolhivaranfaruonline.com^$all ! https://www.virustotal.com/gui/url/abc995b45665ad896ef807e92a3af1f29f5b9fd06dbac888eba326b4c8e93a06/community --> https://twitter.com/ANeilan/status/1513210658166390787 -||www.garina999.win^$all -||garina999.win^$all ! https://twitter.com/ANeilan/status/1513203825313824773 -||show-videos-2022.ga^$all ! https://www.virustotal.com/gui/url/3d68f17518f9d0f4bc75e9f44e7ac5b3e4f0f474362ea08efa45d6b0c4cfe6a1 -||invite-forms-hypesquad.com^$all ! https://www.virustotal.com/gui/url/dc7b1ff1beb61c84c6200391d3ef818f9975256f4e347795bf8ccec14a7a2a66/community -||roblox.com.ht^$all ! https://www.virustotal.com/gui/url/511902d4a7801d3a8ce02ae5efcb35ff708e58bf6f2e92e44df5e346daa102af -||metamakkslgin.azurewebsites.net^$all ! https://forums.malwarebytes.com/topic/285865-malwarebytes-keep-blocking-random-websites/ -||monsutiur4.com^$all -||linislominyt11.at^$all ! https://bazaar.abuse.ch/sample/306b5745054cab7a000edf375dd4409935c6ff704dff0860a3563a04b3fa8e66/ ||2.56.57.98^$all @@ -5809,17 +4919,13 @@ ! https://www.bleepingcomputer.com/news/security/unofficial-windows-11-upgrade-installs-info-stealing-malware/ (dead but may undie) ||windows11-upgrade11.com^$all -||windows-server031.com^$all ! https://www.virustotal.com/gui/url/b56536f2753c28e251a16e85e960e503e1a0fa7460225daba497734b091ef3d6/community --> https://app.any.run/tasks/0d8b025d-ba39-4f88-b83d-db3274b62f49 -||intensifytraders.com^$document ||codesbro.com^$document ! https://www.virustotal.com/gui/file/56682c4820125acfcfc901b7c478b4f3925ad0bd8cba76a43c4189c230288543/relations -||samhangeumsan.com^$all ! https://github.com/uBlockOrigin/uAssets/pull/12902 -||flippingcharts.com^$all ! https://www.virustotal.com/gui/file/ebb5399c5cdae017dce979d25046e7cc7963eac947201a1395975c4613fc5454 --> https://www.virustotal.com/gui/url/b228c1c9c795926c58c75fe54181e675b5a8fb304c24d8b8d3a7b6f25b086399 ||isiontalents.cfd^$document @@ -5835,14 +4941,11 @@ ||95.217.246.15^$all ! https://app.any.run/tasks/1d3c738e-f209-457b-ae95-fc42433cafbf -||vnjt.top^$all ! https://bazaar.abuse.ch/sample/50196dfa833bc753f0c8a4b7f17c6462ad3e7f2eee41b52943f2eadade94ce53/ --> https://app.any.run/tasks/15ce1b12-68d5-4345-8a56-c89b97839241 -||ugll.org^$all ||195.201.253.119^$all ! https://urlhaus.abuse.ch/url/2186985/ --> https://app.any.run/tasks/26b0ab9a-34d9-4def-902f-a371e1e2b60f -||vmopahtqdf84hfvsqepalcbcch63gdyvah.ml^$all ! https://forums.malwarebytes.com/topic/286435-malwarebytes-reporting-riskware-through-powershell-every-minute/ ||wmail-service.com^$all @@ -5859,15 +4962,10 @@ ||spellwomancapital.xyz^$document ! https://blog.malwarebytes.com/threat-intelligence/2022/05/custom-powershell-rat-targets-germans-seeking-information-about-the-ukraine-crisis/ --> https://app.any.run/tasks/38748b95-4658-4e8a-9ff3-43c5283c53af -||collaboration-bw.de^$all -||kleinm.de^$all ! https://web.archive.org/web/20220513180448/https://forums.malwarebytes.com/topic/286567-large-red-circle-in-top-right-corner-of-mb-dock-icon-all-of-a-sudden/ -||greenspecialmyline.com^$document ! https://forums.malwarebytes.com/topic/286715-emailed-html-file-phish-appears-is-somehow-bypassing-browserguard/ -||valdia.quatiappcn.pw^$all -||quatiappcn.pw^$all ||rickmemeoapz.firebaseapp.com/bnmyssrthsdvzxv/themes/imgs/microsoft_logo.svg^$all ||etools.page^$document @@ -5889,7 +4987,6 @@ ! https://www.virustotal.com/gui/url/ea37961ff4ba03a3f50b537668b97e7e682a4d6c2a980504ed4be8d4f593fd96 --> https://bazaar.abuse.ch/sample/727a3154e9862b477a4d556940a8fb47fb7f8dd955102ef7738bc32b587076f5/ ||latestsoftz.com^$all -||getsafesoftware.org^$document ||cdn.discordapp.com/attachments/888545381921726544/980115418058457158/setup.7z^$all ||cdn.discordapp.com/attachments/888545381921726544/980115239888637993/setup.rar^$all @@ -5938,9 +5035,7 @@ ||ankltrafficexit.xyz^$all ||clicksdeliveryserver.space^$all ||cryptosuite.pro^$all -||cryptotraffictdss.xyz^$all ||daiichisankyo-hc.live^$all -||earncryptomoney.info^$all ||gettime.xyz^$all ||hilllandings.xyz^$all ||jillstuart-floranotisjillstu.art^$all @@ -5950,18 +5045,10 @@ ||mizuno.casa^$all ||money365.xyz^$all ||nawa-store.com^$all -||newallfrommag.xyz^$all ||nippon-mask.site^$all -||northfarmstock.xyz^$all -||offersstudioex.live^$all ||openphoto.xyz^$all -||prelandingpages.xyz^$all -||promodigital.me^$all ||selfadtracker1.online^$all ||traffic.selfadtracker1.online^$all -||trafficdeliveryclick.xyz^$all -||trafficdeliveryoffers.com^$all -||trytime.xyz^$all ||zerocryptocard.shop^$all ||185.220.35.26^$document ||188.225.75.54^$document @@ -5985,55 +5072,30 @@ ! https://blog.malwarebytes.com/threat-intelligence/2022/06/client-side-magecart-attacks-still-around-but-more-covert/ ||accdn.lpsnmedia.org^$all -||amplify.outbrains.net^$all ||app.iofrontcloud.com^$all ||app.nomalert.org^$all -||app.purechat.org^$all -||cdn.accutics.org^$all -||cdn.alexametrics.net^$all ||cdn.alligaturetrack.com^$all ||cdn.base-code.org^$all ||cdn.boxsearch.org^$all -||cdn.cookieslaw.org^$all ||cdn.getambassador.net^$all -||cdn.hs-analytics.org^$all -||cdn.jsdelivr.biz^$all -||cdn.nosto.org^$all -||cdn.pinnaclecart.io^$all -||cdn.speedcurve.org^$all ||cdn.tomafood.org^$all ||common.quatserve.com^$all -||content.digital-metric.org^$all -||demo-metrics.net^$all ||dwin1.org^$all ||epos.bayforall.biz^$all -||feedaty.org^$all ||h.lookmind.net^$all ||hal-data.org^$all ||img.etakeawaymax.biz^$all -||js.g-livestatic.com^$all ||js.imagero.org^$all -||listrakbi.io^$all ||lp.celebrosnlp.org^$all ||m.sleeknote.org^$all -||marklibs.com^$all -||pepperjams.org^$all ||px.owneriq.org^$all -||r.klarnacdn.org^$all -||s1.listrakbi.org^$all ||sdk.moonflare.org^$all ||search.global-search.net^$all -||shopvisible.org^$all ||sjsmartcontent.org^$all -||snapengage.io^$all -||stat-analytics.org^$all ||static.clarlity.com^$all -||static.druapps.org^$all ||static.lookmetric.com^$all ||static.newrelc.net^$all -||t.trackedlink.org^$all ||trustedport.org^$all -||web.dwin-co.jp^$all ||web.livechatsinc.net^$all ||web.speedstester.com^$all ||185.253.32.174^$all @@ -6092,7 +5154,6 @@ ! https://twitter.com/malwrhunterteam/status/1539964420607971328 ||business-page-appeal-126-73125.web.app^$all -||tornadokosta.live^$all ! https://scammer.info/t/phishing-my-account-will-be-blocked/100783 ||bit.do/terewebmqil^$document @@ -6101,10 +5162,8 @@ ! https://scammer.info/t/fake-discord-nitro-generator/99942 ! https://bazaar.abuse.ch/sample/afc4c49625b8c888e7e4958ec95cf0a79baf48736d71b0cac2bb2fc5f1c99279/ ||importadoracandy.com^$all -||xfilesreborn.ru^$all ! https://twitter.com/malwrhunterteam/status/1541694571461201928 -||online-basvuru-yap.app^$document ! YouTube video on a probably hacked channel --> https://bazaar.abuse.ch/sample/786947bd41f7be120bc82fd563b5658ff319bcb45f8e3a35e9e4c62a03ef103e/ ||telegra.ph/Sony-Vegas-Pro-19-Crack-06-28-3^$all @@ -6112,14 +5171,11 @@ ! https://www.virustotal.com/gui/url/419dcd36895e1822796c14fa169a191eeda2f03013bd8f225aef6ba2f22aad3a/community ! https://app.any.run/tasks/85e32268-b888-4dfb-bb30-c7cec084039c -||us.r-q.media^$all -||r-q.media^$document ! https://www.virustotal.com/gui/file/8014510ba4ca11285598396ec7f36058ce42b2fdd4fd80004c1f1c84933126f1/detection ||jodywiltjer614883.wixsite.com^$all ||byltly.com/24hrsg^$all ||sbnue.com^$document -||starwhitlirateadro.gq^$all ! https://forums.malwarebytes.com/topic/287876-im-posting-a-malware-to-ask-if-anyone-know-the-type-of-this-malware/ ||cdn.adx1.com/df60634899739d9c8ce9ae33940358dd.jpeg^$all @@ -6195,8 +5251,6 @@ ||antivirushub.co^$all ! https://forums.malwarebytes.com/topic/288114-website-blocked-due-to-riskware-wmail-endpointcom-and-wmail-chatcom/ -||wmail-endpoint.com^$document -||wmail-chat.com^$document ! https://www.virustotal.com/gui/url/081c3fe5d843567d0b5a1f7b2efd6592eded82d8a6b0a4283760c53b06b9d009/community ||coinbase-buysell-cryptocurrency.yolasite.com^$all @@ -6216,18 +5270,15 @@ ! https://bazaar.abuse.ch/sample/77c945c874a9eec07cba31323fb7dd074c22f61ca1d2c7c27c768097fe237a41/ ! https://app.any.run/tasks/811d0de5-e707-4f2d-92ae-e988a5a94832/ -||vorganas.top^$all ! https://bazaar.abuse.ch/sample/97143ab8ca0ca0b8ff80aecb1b46ab09ee8160e8cea45ff6a6d81b4dcb028284/ ! https://www.virustotal.com/gui/url/2d025728fa1d0b8f3ac26cd87c542d86d674215cb5fc12d8d9cefa57159686c8/community -||hype-invites.gq^$all ! https://www.virustotal.com/gui/url/0f08c044228d8d5cf50356deeadea492d78fd691735df5438f118c52a622267b/community ||planebux.xyz^$all ! someone shared this SMS with me --> https://twitter.com/iam_py_test/status/1545164642346930176 ||amazon-security-info.lnk.to^$all -||verif-caseid9871-verizonrview.com^$all ! https://bazaar.abuse.ch/sample/b41a79633a38811e378ce4e3e05cbaf086791272ae55c87eafa845eb655994a9/ ||telegra.ph/Best-tutorial-04-30^$all @@ -6243,7 +5294,6 @@ ||pegaz-paragliding.com^$all ! https://www.virustotal.com/gui/url/0d0c7e807f82b3c75bb11ecf6add5a274ffaf66586374744b69021a791c057c9/community -||twitchnews.net^$document ! http://vxvault.net/ViriFiche.php?ID=44491 ! https://app.any.run/tasks/aace491d-fd35-4e27-93e0-fbec758db2e4 @@ -6290,7 +5340,6 @@ ||drive.google.com/uc?export=download&confirm=no_antivirus&id=1gdvS1_qYnp--dM2DPtNC3IWQr48rJjre^$all ! https://bazaar.abuse.ch/sample/6198d6e4a7def1d5b431b708a3700c24f7a9a955ab9b02040bfda4ebc3bb85be/ -||susyamog458dhref34.ddns.net^$all ! https://forums.malwarebytes.com/topic/289086-antivirus-keeps-telling-me-blocked-3523615979-and-cant-find-a-solution/ ! https://forums.malwarebytes.com/topic/289935-hijackautoconfigurlprxysvrrst-backdoorfarfli-in-registre-key/ @@ -6370,40 +5419,29 @@ ||rb.gy/itouxx^$all ||es-sign-caieyna-b65164.ingress-florina.ewp.live^$all -! https://www.virustotal.com/gui/domain/twilio-okta.com/community -||twilio-okta.com^$all ! https://forums.malwarebytes.com/topic/289254-reoccuring-website-blocked-due-to-malwaretrojan-message/ ||104.155.207.188^$all ! https://forums.malwarebytes.com/topic/289146-contrapersescom-malware-popups/ -||contraperses.com^$all ! https://forums.malwarebytes.com/topic/289555-malwarebytes-reporting-riskware-and-trojan-through-powershell-every-second/ -||wmail-blog.com^$all ||45.227.254.52^$document ! https://www.virustotal.com/gui/url/8cf70fad0ee6a511ce4133266b02530a09f7f9bee7e5f1acfe2bc17c70fc0abe/community -||bendigo-resolve-au.com^$all ! https://twitter.com/_JohnHammond/status/1564246090748141568 -||next.get-report.site^$all -||get-report.site^$document ||cdn.discordapp.com/attachments/601028724606894082/1013911373635399722/CopyrightReport.zip^$all ||65.21.195.97^$document ! https://bazaar.abuse.ch/sample/7d6ed961c659e4f884e8c61d5b837ae70828bb42f51675d6cd82bba9518442a7/ -||tzitziklishop.ddns.net^$all ! https://bazaar.abuse.ch/sample/370262db05f130a4cf76ac1eebbe8fd8d491abcc89fd38d2eba31d1a31d5e682/ -||clitspace.com^$all ! https://twitter.com/malwrhunterteam/status/1565435960380243968 ||ibkrs.xyz^$all ! https://twitter.com/MBThreatIntel/status/1567604533458780160 -||kvte.shop^$all -||dtiipwmr.otsrhesa.rest^$all ||hgoawa.xyz^$all ||31.44.6.123^$all @@ -6418,10 +5456,8 @@ ||142.93.141.182^$all ! https://www.virustotal.com/gui/url/ede9ff1400c40a55acb7f9d543fc41f27f69cdf385b350330dea3631bfd67e99/community -||host-coin-file-17.com^$all ! https://www.virustotal.com/gui/url/548de04f92a9ebfb18f55ba7717c3a23963f69d0ac1eb70af7d68f783ce41352/community -||derioswinf.org^$all ! https://forums.malwarebytes.com/topic/289986-what-is-plusclick/ ||plusclick.biz^$all @@ -6431,22 +5467,9 @@ ! https://www.virustotal.com/gui/url/16134b536ddf476faedd91fe7f5f92ffefe8a9645755c33188647839fe2609cc/community ||clck.ru/sdToA^$all -||steamcomunlty.ru^$all ! https://bazaar.abuse.ch/sample/60d3fbde28010f86727b2e42f463b32cbd734b16e07f1173ee8c8f9875bcacdb/ ! https://www.virustotal.com/gui/file/60d3fbde28010f86727b2e42f463b32cbd734b16e07f1173ee8c8f9875bcacdb/relations -||lilisjjoer44.com^$document -||limo00ruling.org^$document -||luxulixionus.net^$document -||mini55tunul.com^$document -||moroitomo4.net^$document -||nikogkojam.org^$document -||nikogminut88.at^$document -||nunuslushau.com^$document -||nusurionuy5ff.at^$document -||samnutu11nuli.com^$document -||susuerulianita1.net^$document -||cucumbetuturel4.com^$document ! https://www.virustotal.com/gui/file/fe3f662947b072546eea1183ff626e851cb99a50a406dbe28a520078f38a84df ||youtube.com/watch?v=-dQbwMVfdP4^$all @@ -6459,7 +5482,6 @@ ! https://www.virustotal.com/gui/file/85ace27ad92cbb5920913a63f34e02b4dc9191271ad35bc3ae9c902a4fb4bca2 ||youtube.com/watch?v=FFwti_C7ACQ^$all -||softwareforwork.site^$all ||transfer.sh/get/4vJ531/softwareforwork.zip^$all ! https://bazaar.abuse.ch/sample/a674c8d984fe21bdbf03a9cafabe8963f0b471155655943299ef9695b836c307/ @@ -6472,11 +5494,8 @@ ! https://twitter.com/MBThreatIntel/status/1571949584943054848 ! https://blog.sucuri.net/2022/06/analysis-massive-ndsw-ndsx-malware-campaign.html <-- old, maybe dead? -||adsprofitnetwork.com^$all -||pixelapn.adsprofitnetwork.com^$all ! https://www.virustotal.com/gui/url/4232ca1e457512771eeb058dce5e6acf2f0cb5b3259743cda8048cad110e4a42/community -||bendigohelp.top^$all ! https://www.virustotal.com/gui/url/94532535b8591efdebf95cf3c463f4b6116c76a354320676d38ab1384d40d26f/community ||sukudoanalytica.com^$all @@ -6505,10 +5524,8 @@ ||medijaplus.com/wp-admin/network/ATOPSpA/^$all ! https://twitter.com/iam_py_test/status/1576210230119403520 -||komarusoft.org^$all ! https://twitter.com/MBThreatIntel/status/1577039325157822464 -||stripecheck.com^$all ! https://forums.malwarebytes.com/topic/290797-drive-by-typosquat/ ||login.mimecast.cm^$document @@ -6528,7 +5545,6 @@ ! https://forums.malwarebytes.com/topic/290918-blocking-trojans-from-sites-i-didnt-visit-persistant/ ! https://app.any.run/tasks/5a5e6346-9bd1-4afe-8190-956ea289e735# ! https://www.virustotal.com/gui/file/ccb4ef3fffb4661e7cdb4570fdfcac6a5e6701d6ee3602bbc0e1b5e5955951fc/detection -||softlab.site^$all ||5.161.120.43^$all ! https://twitter.com/malwrhunterteam/status/1579793270959636480 @@ -6542,7 +5558,6 @@ ||garmin-download.com^$all ! https://www.virustotal.com/gui/url/d56c2ac37804bb6016c6666697b34ed0e95ad1a36ca2bd8b9db78c1e13f8ae81/community -||ammoopirental.com^$document ||objectstorage.us-sanjose-1.oraclecloud.com^$all ! https://www.virustotal.com/gui/url/cf647bc81b76bd4857b34fe9a6dbec1f695b3bb8910e8cd000fa16e48d8c0c4c/community @@ -6555,21 +5570,14 @@ ! https://github.com/VernonStow/Filterlist/commit/cb04d77547497a1cd211d2eac20f8af10de01a76 (all credit to https://github.com/VernonStow for finding these domains) ! https://app.any.run/tasks/f204948b-3940-41d2-af50-b3db789d4ac3 ! https://www.virustotal.com/gui/file/e34575d69ee7a2c0231982d4c2e47edc9adbf7c9290caedd69ad7598a2ae759c (with junk data deleted) -||notepads-plus-plus.org^$all ! same file -||thundersbird.org^$all -||codevisualstudio.org^$all -||braves-browsers.org^$all ! https://twitter.com/l205306/status/1584804864013479936 -||software-plus.space^$all ! https://twitter.com/JAMESWT_MHT/status/1584811225720164357 ||45.15.156.81^$all ||79.137.202.36^$all ! https://www.virustotal.com/gui/url/76875c981cc7ea6120260fd9c77b5edbc4ea14cc1077b6eb8fbc834b7de62a44/community -||centrica.com--otquhaigsms9dovxnoxmotquhaigsms9dovxnoxm--5709331927445963.ayllur.com^$all -||51051767719--5105176771951051767719--5105176771951051767719.skylightsurgical.com^$all ! https://forums.malwarebytes.com/topic/291507-i-keep-getting-rtp-detection-and-trojan-blocked-website-notifications/ (todo: retest soon) ! https://www.virustotal.com/gui/url/795ab548c024258eab569f7f55e968c0ad8bad8e08de3b4ef464983ce1f14899?nocache=1 @@ -6590,8 +5598,6 @@ ||clipper.guru^$all ! https://forums.malwarebytes.com/topic/291771-facebook-hacked-and-suspicious-link-sent-out/ -||photo.1pmoc.com^$all -||1pmoc.com^$document ||monkey.redirectmaster.com^$all ||xe2w.com^$all @@ -6626,7 +5632,6 @@ ||abc13news.com^$all ||abcyamath.com^$all ||aboutarc.com^$all -||abub-jobs.co.uk^$all ||abuhamzahfx.com^$all ||abwkoeln.de^$all ||biosaude.co^$all @@ -6641,7 +5646,6 @@ ||admiralmarket.com^$all ||adriod.com^$all ||advancaauto.com^$all -||advisorytool.com^$all ||aegiscrew.com^$all ||aerepostal.com^$all ||aergerforum.de^$all @@ -6656,7 +5660,6 @@ ||akintor.com^$all ||alabamamedicaid.org^$all ||alamoinsurancegroup.com^$all -||alhizaperfumes.co^$all ||allsttae.com^$all ||alojamientogratuito.info^$all ||altesino.com^$all @@ -6669,11 +5672,8 @@ ||americanghostsandhauntings.com^$all ||americanlegion.net^$all ||americanwingsnorcross.com^$all -||amicorumak.com^$all ||amienmelody.com^$all -||amishbuilders.net^$all ||ammica.com^$all -||amosan.com^$all ||anabolicalternative.com^$all ||anactor.net^$all ||anandasoftbd.com^$all @@ -6685,7 +5685,6 @@ ||anheiserbusch.com^$all ||animerunkkari.net^$all ||anningten.de^$all -||ansear.com^$all ||antennebayer.de^$all ||antiqueforhire.com^$all ||childrenwish.ca^$all @@ -6754,7 +5753,6 @@ ||beatthestreak.com^$all ||bedbedandbeyond.com^$all ||befancyhair.com^$all -||beigblox.com^$all ||beilgries.de^$all ||bejaminbluemchen.de^$all ||benifits.org^$all @@ -6794,7 +5792,6 @@ ||booking.pixelextended.me^$all ||booksandmarks.com^$all ||boostbobile.com^$all -||bootofshine.com^$all ||bootrep.com^$all ||boottownusa.com^$all ||bootyplanet.com^$all @@ -6813,9 +5810,7 @@ ||brotherprinter.com^$all ||bsswift.com^$all ||bt666.com^$all -||btbit.pro^$all ||burnsidedigital.com^$all -||buyexvluder.com^$all ||bwmbank.de^$all ||bzp.net^$all ||cabesp.com^$all @@ -6858,7 +5853,6 @@ ||christianbooksummaries.com^$all ||christiansocialnetwork.net^$all ||chuckychesse.com^$all -||chustart.com^$all ||cicda.com^$all ||cinemavf.org^$all ||citimortgage.cm^$all @@ -6873,13 +5867,11 @@ ||cloudmail.ontatio.ca^$all ||clubemusicas.com^$all ||clubterracan.net^$all -||code300.net^$all ||cogeca.ca^$all ||collectioncentre.com^$all ||collegeoftheozarks.com^$all ||colonnialpenn.com^$all ||colordrives.com^$all -||columbiamh.com^$all ||columbusstoreeq.com^$all ||comcmast.net^$all ||comicstee.com^$all @@ -6889,7 +5881,6 @@ ||confusion.co.uk^$all ||consunercellular.com^$all ||continentalcredito.com^$all -||continentalpatisserie.co.uk^$all ||convertapdftoword.com^$all ||cookiecliker.com^$all ||coolgearing.com^$all @@ -6897,9 +5888,7 @@ ||costcobusinessphone.com^$all ||cottagechicbymargie.com^$all ||cottonflower.com^$all -||coulorbox.com^$all ||countrybros.com^$all -||countrycurtins.com^$all ||countrylifegifts.com^$all ||courtreporting.com^$all ||covermania.com^$all @@ -6912,7 +5901,6 @@ ||credditonebank.com^$all ||cricket.info^$all ||crowddream.com^$all -||cructhcfiled.com^$all ||cruiseadventures.com^$all ||crystaldiskinfo.com^$all ||crystallinks.com^$all @@ -7030,7 +6018,6 @@ ||ellisiland.org^$all ||elreydelfalafel.com^$all ||elwinpure.com^$all -||emiritesairlines.com^$all ||empak.de^$all ||emperorinfo.com^$all ||emulespana.net^$all @@ -7039,17 +6026,14 @@ ||enfmail.com^$all ||engineerbob.com^$all ||enigaluce.com^$all -||enviosacuba.net^$all ||enyergy.com^$all ||eoonext.com^$all ||epicgamis.com^$all ||epph.com^$all ||eppicard.cm^$all -||equfax.ca^$all ||erotic-flowers.com^$all ||erotic99.com^$all ||es-toyaqui.com^$all -||esl-grammar.com^$all ||esmallbusinessgrants.net^$all ||esperiqn.com^$all ||estilosashop.com^$all @@ -7060,8 +6044,6 @@ ||ethtrada.com^$all ||etimology.com^$all ||euronets.com^$all -||eveintbrite.com^$all -||evenhubs.com^$all ||events.compres.us^$all ||everdaycarry.com^$all ||evil-unveiled.com^$all @@ -7179,7 +6161,6 @@ ||frontgatd.com^$all ||fsuwebmail.com^$all ||ftrontgate.com^$all -||fucillonissan.com^$all ||fuckhoes.com^$all ||fudelidade.com^$all ||fullyloadednews.com^$all @@ -7229,7 +6210,6 @@ ||glamrockbeauty.com^$all ||glassdoir.com^$all ||glasssoor.com^$all -||glasstropics.com^$all ||glendeedogrescue.co.uk^$all ||globalifeinc.com^$all ||glomp.com^$all @@ -7260,14 +6240,12 @@ ||graberbkinds.com^$all ||grabetblinds.com^$all ||gracehillision.com^$all -||gracehillviosion.com^$all ||granddentalpc.com^$all ||grassrootsmeasures.com^$all ||greandhra.com^$all ||greatbulletin.com^$all ||greatlesson.com^$all ||greatrating.com^$all -||greencghef.com^$all ||greenvaporco.com^$all ||greyhoundbuslines.com^$all ||grillsandgreens.com^$all @@ -7276,12 +6254,9 @@ ||grupomnemon.com^$all ||gsmatena.com^$all ||gtuts.com^$all -||gu-rock.com^$all ||guicc.com^$all -||guinezscab.com^$all ||gulfmonster.com^$all ||hack-game.net^$all -||hairlosssolution.org^$all ||halilou.com^$all ||hallsdawghouse.com^$all ||halys.com^$all @@ -7291,7 +6266,6 @@ ||hao1131.com^$all ||harfordlife.com^$all ||harpers-property.co.uk^$all -||harvestpink.com^$all ||hatventures.net^$all ||haveringfireplaces.co.uk^$all ||hawaiianaor.com^$all @@ -7317,7 +6291,6 @@ ||hiwaytractor.com^$all ||hobbylobby.cm^$all ||hobyto.com^$all -||hogwartsees.com^$all ||holidayproperty.com^$all ||holidycheck.at^$all ||hollywoodmoviez.net^$all @@ -7337,7 +6310,6 @@ ||hpinstankink.co.uk^$all ||hpsupportphonenumber.com^$all ||hqjt.com^$all -||htgvmag.com^$all ||htmail.co.uk^$all ||httpexample.com^$all ||hu0.com^$all @@ -7350,7 +6322,6 @@ ||iclovd.com^$all ||ideed.ca^$all ||identtyguard.com^$all -||idlebarin.com^$all ||idlebrsin.com^$all ||idoline.org^$all ||ieltsonlineexam.com^$all @@ -7359,10 +6330,8 @@ ||iheartmandalas.com^$all ||iidcgwalior.com^$all ||imageshake.de^$all -||imgcrazy.com^$all ||importadoravehicular.com^$all ||inchirieriregimhotelier.net^$all -||indigoaappy.com^$all ||indonesiaigo.com^$all ||infonavid.com^$all ||infoum.com^$all @@ -7392,8 +6361,6 @@ ||jailbait-gallery.net^$all ||janethepsychic.co.uk^$all ||jaspe.com^$all -||jattmobi.com^$all -||jcdinfo.com^$all ||jcpenmey.com^$all ||jcpenneybenefits.com^$all ||jcpenneyey.com^$all @@ -7402,7 +6369,6 @@ ||jeporady.com^$all ||jerrysappliancecenter.com^$all ||jewelpak.com^$all -||jeytblue.com^$all ||jimmygaorestaurant.com^$all ||jimmysfarmtoys.com^$all ||jira.hannoverscheallgemeinezeitung.de^$all @@ -7423,7 +6389,6 @@ ||kascarpet.net^$all ||kayoutlets.com^$all ||kbshengyi.com^$all -||kelbytaining.com^$all ||kelleyservices.com^$all ||keyrug.com^$all ||keysschools.net^$all @@ -7433,7 +6398,6 @@ ||kholsrebates.com^$all ||kickoff.cm^$all ||kindfirls.com^$all -||kingwith.com^$all ||kit-co2.com^$all ||kitchenmusings.com^$all ||kiwihelme.de^$all @@ -7451,7 +6415,6 @@ ||kyxc.com^$all ||kzdress.com^$all ||laarsens-basingstoke.co.uk^$all -||labobinacr.com^$all ||laguiadelocio.com^$all ||lahipitaweb.com^$all ||lakecumberlandfishingguide.com^$all @@ -7459,7 +6422,6 @@ ||landgirlscookeryschool.co.uk^$all ||landhausmitpfiff.de^$all ||lankantunes.com^$all -||lapcorpos.com^$all ||lapels.org^$all ||larka.de^$all ||lasierratiresutah.com^$all @@ -7480,8 +6442,6 @@ ||lifellinescreening.com^$all ||lightyearapp.live^$all ||likoer43.de^$all -||lincolshireimmunisations.co.uk^$all -||lindfieldpestcontrol.co.uk^$all ||linkbaru.com^$all ||linkdin.ca^$all ||linkgudangcoding.com^$all @@ -7491,7 +6451,6 @@ ||livescom.com^$all ||livetvonlinefree.com^$all ||livingcomforts.com^$all -||lkea-usa.com^$all ||llantaslandin.com^$all ||llivet.com^$all ||loandaministration.com^$all @@ -7508,7 +6467,6 @@ ||lowcostparceldelivery.com^$all ||lowe4s.com^$all ||lpaodata.net^$all -||lumberliquidahors.com^$all ||lunettesde.com^$all ||lutherancommunitygrace.net^$all ||luxerycard.com^$all @@ -7533,7 +6491,6 @@ ||mamapho1.com^$all ||manage.polka-dot.co^$all ||mandourpharmacy.com^$all -||mandspeoplesysyem.co.uk^$all ||maneige.ca^$all ||manheimauto.com^$all ||manitobaparks.ca^$all @@ -7579,7 +6536,6 @@ ||meubelmarkt.com^$all ||meuconsorciobb.com^$all ||mic-river.com^$all -||michi-no-eki.net^$all ||midasbuy.co^$all ||midiuser.net^$all ||mightylayoutboys.com^$all @@ -7609,7 +6565,6 @@ ||momsrings.com^$all ||monasteriodepoio.com^$all ||monesupermarket.com^$all -||monsterstoreonline.com^$all ||monyorder.com^$all ||mortgae.com^$all ||motogris.com^$all @@ -7631,7 +6586,6 @@ ||multiquality.tech^$all ||multuimap.co.uk^$all ||mundoftp.com^$all -||murcuryholidays.co.uk^$all ||musicans-place.de^$all ||musleblaze.com^$all ||mutedvods.com^$all @@ -7645,13 +6599,10 @@ ||mybodysoul.com^$all ||mybooing.com^$all ||mycarrer.com^$all -||mycdlroadtest.com^$all -||mycharthmhs.com^$all ||mycips.com^$all ||mycreditonecard.com^$all ||mydicksportinggoods.com^$all ||myebookmaster.com^$all -||myequifdax.com^$all ||myeverydayrewards.com^$all ||myfappening.org^$all ||myfinco.com^$all @@ -7659,7 +6610,6 @@ ||myftdi.com^$all ||myhbc.com^$all ||myherbelife.com^$all -||myhousemap.com^$all ||myjobsscotland.co.uk^$all ||mykohs.com^$all ||mylacountybenefit.com^$all @@ -7677,7 +6627,6 @@ ||myvirtualterminal.com^$all ||myvweizon.com^$all ||myxrt.com^$all -||n63release.org^$all ||nactar.com^$all ||nados.co.uk^$all ||nahro.com^$all @@ -7689,7 +6638,6 @@ ||napkimcuong.com^$all ||nartube.com^$all ||nationpage.com^$all -||nationwie.co.uk^$all ||naturebois.com^$all ||navyfereral.org^$all ||nbkonline.com^$all @@ -7711,27 +6659,22 @@ ||nextflex.com^$all ||nflflagfootball.com^$all ||niagaragazette.com^$all -||nichcanvas.com^$all ||nichewines.com^$all ||nigerialatestnews.com^$all ||nikene.com^$all ||nissenusa.com^$all ||niuqiu.com^$all -||njfamilycaer.com^$all ||njtutoriales.net^$all ||noborobo.com^$all ||nodesjs.org^$all ||nomorerobocalls.com^$all ||nooder.com^$all -||norrdaccount.com^$all ||northpoleicecreamshop.com^$all ||norto.com^$all ||nortofn.com^$all ||norwoodcadillac.com^$all ||novadevelooment.com^$all -||novagorta.com^$all ||novorojencek.com^$all -||npy34.com^$all ||carmax.cm^$all ||skyteam.cm^$all ||pcmag.cm^$all @@ -7739,11 +6682,8 @@ ||tillys.cm^$all ||nuken.com^$all ||nursingsa.com^$all -||nurtrsystem.com^$all -||nutans.co.uk^$all ||nutricroq.com^$all ||nutriksystem.com^$all -||nwajobs.com^$all ||nylottery.com^$all ||nyulangoners.com^$all ||o-shohousen.com^$all @@ -7757,13 +6697,11 @@ ! https://forums.malwarebytes.com/topic/291856-suspicious-apk/ (account required) ! https://www.virustotal.com/gui/file/9ee91462c53498b2e2f59f0beb216bcef53fd28f0d0ec0ca99a0c01b71e4a0b1/detection -||sicredi.acesso-suporte.com^$all ! https://www.virustotal.com/gui/url/ca6883e44a103ed205b6225d866719bc51a9301aca937d336dc38610e46c7ea2/community ||58.252.203.71^$all ! https://www.virustotal.com/gui/url/9951de9e42468c39c8bc5b05f67cd6645fb945ab8ed1677607cc32571214c0f3/community (redirects to localhost, maybe geolocked?) -||arnazon.zbhpx.com^$all ! a "Yahoo" email claiming I will be locked out if I don't "correct my email" ||yahooo-mail-service.webflow.io^$all @@ -7783,10 +6721,8 @@ ||safety-search.com^$document ! https://github.com/uBlockOrigin/uAssets/issues/15650 -||give-crypto.com^$all ! https://app.any.run/tasks/2de64615-6df3-457f-bfb8-3e207b44667c -||ukstorepc.dedyn.io^$all ||ngxqvvpwkumowm.click^$all ||kmmd6i2bg0rs.click^$all ||mega.nz/file/2kIAhSSS#RfpDvKxaabLwA-3WA9Qm7HOsYHQg1_g3oMEykkNrZMY^$all @@ -7803,7 +6739,6 @@ ! https://forums.malwarebytes.com/topic/292268-phishing-html-download-url/ (account required) ! https://app.any.run/tasks/1758a17e-86da-4472-88c2-bc21dfe25c47 -||davestillshoeshop.com^$all ! https://app.any.run/tasks/2309c8ba-3e9f-41f2-8a5c-f15f7411ac58# ||www.sadeempc.com^$all @@ -7811,14 +6746,12 @@ ||iplogger.org/2AnXe7^$all ||bit.ly/Password-1234-FullSetups^$all ||iplogger.com/Sadeempcfullversins^$all -||cfg6yh.cfd^$all ! https://www.youtube.com/watch?v=xwJJkvIsEJQ ||torrent-protection.com^$all ||downloadfilearea.com^$document ! https://app.any.run/tasks/e5ba6bf3-98ee-46bf-b9ee-406b1bbebe1f -||freversionpc.dedyn.io^$all ||u8gr576y.cfd^$all ||rotf.lol/BDFG-KZTP-QAYW^$all ||88.198.106.9^$all @@ -7867,7 +6800,6 @@ ||betjoltiktor.com^$all ||betotodileon.com^$all ||bett2you.org^$all -||betxerneastor.club^$all ||bigsport.today^$all ||breakingfeedz.com^$all ||businessenviron.com^$all @@ -7878,11 +6810,9 @@ ||clicktracklink.com^$all ||comivolo.com^$all ||consoupow.com^$all -||costaquire.com^$all ||countriesnews.com^$all ||daizoode.com^$all ||davaifoa.com^$all -||deliverydom.com^$all ||desabrator.com^$all ||dfsdkkka.com^$all ||dodurantom.com^$all @@ -7939,7 +6869,6 @@ ||itgiblean.com^$all ||itnuzleafan.com^$all ||ittorchicer.com^$all -||ittoxicroakon.club^$all ||itzekromom.com^$all ||jeehathu.com^$all ||karsauwi.xyz^$all @@ -7958,7 +6887,6 @@ ||meet4youu.com^$all ||mekstolande.com^$all ||moakaumo.com^$all -||mobiflyc.com^$all ||moksoxos.com^$all ||mygtmn.com^$all ||naisoops.net^$all @@ -7992,8 +6920,6 @@ ||overswaloton.com^$all ||overzoruaon.com^$all ||overzubatan.com^$all -||padsdel.com^$all -||padsdel2.com^$all ||paiwhoki.com^$all ||parumal.com^$all ||pipeschannels.com^$all @@ -8010,26 +6936,21 @@ ||roduster.com^$all ||roosteem.net^$all ||rouinfernapean.com^$all -||rtb1bid.com^$all ||rtmark.net^$all ||rtrgt2.com^$all ||saimifoa.net^$all ||seevustu.xyz^$all ||serconmp.com^$all -||setopsdata.com^$all ||shoubsee.net^$all ||show-review.com^$all ||sportevents.news^$all ||staixooh.com^$all ||stastips.net^$all -||stickertable.com^$all ||surv2you.net^$all ||survey2you.org^$all -||tadadamads.com^$all ||tauvoojo.net^$all ||teefuthe.com^$all ||thoamike.xyz^$all -||throughdfp.com^$all ||timecrom.com^$all ||toateeli.net^$all ||toglooman.com^$all @@ -8051,7 +6972,6 @@ ||uparceuson.com^$all ||uplucarioon.com^$all ||uponarticunoer.com^$all -||uponelectabuzzor.club^$all ||upregisteelon.com^$all ||urmavite.com^$all ||uwhuglup.net^$all @@ -8070,29 +6990,10 @@ ||139.45.197.239^$all ! https://www.bleepingcomputer.com/news/security/fake-msi-afterburner-targets-windows-gamers-with-miners-info-stealers/ -||msi-afterburner--download.site^$all -||msi-afterburner-download.site^$all -||msi-afterburner-download.tech^$all -||msi-afterburner-download.online^$all -||msi-afterburner-download.store^$all -||msi-afterburner-download.ru^$all -||msi-afterburner.download^$all -||mslafterburners.com^$all -||msi-afterburnerr.com^$all -||git.git.skblxin.matrizauto.net^$all -||git.git.git.skblxin.matrizauto.net^$all -||git.git.git.git.skblxin.matrizauto.net^$all -||git.git.git.git.git.skblxin.matrizauto.net^$all ! https://forums.malwarebytes.com/topic/292537-phishing-x-3/ (account required, credit to https://forums.malwarebytes.com/profile/126832-bradraynor/) ||13ee53.codesandbox.io^$document -||lmo.bluemountaininc.cfd^$all -||bluemountaininc.cfd^$document -||www.bluemountaininc.cfd^$document ! https://www.virustotal.com/gui/ip-address/20.126.134.116/relations -||l0gin-m1cros0ft0niline-com.directair.xyz^$all -||directair.xyz^$document -||73dfbd5e-a0ed-4b17-9840-6eb625ac1fa2-1b2670f7.directair.xyz^$document ! https://forums.malwarebytes.com/topic/292570-malwarebytes-blocked-trojanexe-am-i-safe/ ! https://threatfox.abuse.ch/ioc/1024382/ @@ -8107,10 +7008,7 @@ ||cdn.discordapp.com/attachments/1045660833943928856/1048563018402897950/File.zip^$all ||privacy-tools-for-you-453.com^$all ||gcrpgqhhmf.com^$document -||kokoko-24.online^$all ||bestsmartfind.com^$all -||xv.yxzgamen.com^$all -||yxzgamen.com^$all ||77.73.133.72^$all ||31.41.244.167^$all ||163.123.143.4^$all @@ -8272,14 +7170,12 @@ ! https://www.virustotal.com/gui/url/2eeeeba08305b13c205d66f7d9cd6a853bc491688d0e91c0381613066b2566a3/community ||storageapi.fleek.co/65d6137a-aa68-4f10-9b8d-3763e277f165-bucket/fav/indexxxxxx.html^$all -||awareofthat.za.com^$all ! https://www.virustotal.com/gui/url/f297b1523c8c0ac766edeccbc5fb099f1c7bd031c29f837a1701e0a1f71a8651/community ||desinvca.ru^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/136390 ||glthub.org^$document -||glthub.pro^$document ! https://forums.malwarebytes.com/topic/293043-fake-notepad-website-with-fake-installer/ (login required) ! credit to https://forums.malwarebytes.com/profile/284536-liteiton/ @@ -8287,11 +7183,8 @@ ! https://www.virustotal.com/gui/url/eddc1bb4cd5e2ce587a32c445fb5a0e428388e7990692b6c6068e66421bf707d/community ! https://www.virustotal.com/gui/url/39b74b6bf53d51836fe43dedf78b6d89b4fe17b9d05e740fdfcbd700229692e6/community -||roskoierser15.co.vu^$all ! https://github.com/uBlockOrigin/uAssets/pull/16038 -||hypixei.com^$all -||msverify.dev^$all ||microauth.ru^$all ! https://forums.malwarebytes.com/topic/293076-google-docs-extension-malware/ @@ -8307,11 +7200,9 @@ ||authentication-vmail.us-east-1.linodeobjects.com^$all ! fake "Edge update" -||tomcleaneraddon.com^$all ! https://bazaar.abuse.ch/sample/dd022ea963e777dec7fbb6c3f84893961c60a0b72fa26152416a9e75e9879c5d/ ||youtube.com/watch?v=NTrWmbbLebA^$all -||thebestwesoft.org^$all ||bitbucket.org/edidervishid46/facebooker/downloads/Passw_wesoft_DownloadApp.rar^$all ||bitbucket.org/edidervishid46/facebooker/downloads/Passw_wesoft_AdobeLoader_All_In_One.rar^$all ||bitbucket.org/edidervishid46/facebooker/downloads/Passw_wesoft_AdobeSubstanceDesigner.rar^$all @@ -8397,10 +7288,8 @@ ! https://app.any.run/tasks/f4e39100-c15b-4cd3-9a2c-3401df4435d4 ! https://tria.ge/221227-3mk7jagg99 -||oceanpcfre.dedyn.io^$all ||thyr65qw.cfd^$all ||5rd5tgh.cfd^$all -||lkjhe45.cfd^$all ||116.203.121.167^$all ! https://www.hybrid-analysis.com/sample/f2e12223da0ae00323260f8dadbdd1596f7ce8fcd2e2520fde0aefc6fd19a88b @@ -8431,14 +7320,12 @@ ! https://www.virustotal.com/gui/file/f82251f78347ba9a0a0fe6efee7fdfb4a07ef133ec29d4fb816116b194c4f4a2/detection ||116.203.3.152^$all ! https://app.any.run/tasks/42060440-db32-43e2-8928-4a4dbe634b0f -||fullsoftcatalog.dedyn.io^$all ! shared by https://github.com/JobcenterTycoon ||funnycrack.com^$all ! https://www.hybrid-analysis.com/sample/329ba701c991e0dcf29efc79b93c589e89e25e2b6f28b4c0f75dee01fc8f2ed7 ! https://www.virustotal.com/gui/file/329ba701c991e0dcf29efc79b93c589e89e25e2b6f28b4c0f75dee01fc8f2ed7/detection ! https://tria.ge/230103-px6pbsbd48/behavioral2 -||marooner.top^$all ! https://app.any.run/tasks/5f9ddba3-9d5d-45a6-8ab1-37eaca832b2a/ ! https://tria.ge/230103-s79qhsfb2z/behavioral2 @@ -8475,19 +7362,13 @@ ! copied from ThreatFox ! https://threatfox.abuse.ch/ioc/1064519/ ! https://threatfox.abuse.ch/ioc/1053246/ -||wwww-dlscord.top^$all ! https://threatfox.abuse.ch/ioc/1064520/ ! https://threatfox.abuse.ch/ioc/1053244/ -||wwww-discord.top^$all ! https://threatfox.abuse.ch/ioc/1064521/ -||wwwwdiscord.top^$all ! https://threatfox.abuse.ch/ioc/1064528/ ! https://threatfox.abuse.ch/ioc/1053222/ -||www-discord.top^$all ! https://threatfox.abuse.ch/ioc/1064468/ -||vvv-discord.top^$all ! https://threatfox.abuse.ch/ioc/1064472/ -||vwvv-discord.top^$all ! https://forums.malwarebytes.com/topic/293448-brute-force-password-attack-on-email-server-from-ip-address-9820013539/?do=findComment&comment=1547922 (account required) ! https://www.abuseipdb.com/check/68.60.77.128 @@ -8516,7 +7397,6 @@ ||waumari.tk^$document,popup ||web.tumbleceq.in^$document,popup ||web.squirmaccess.site^$document,popup -||web.benefitcolor.xyz^$document,popup ||track.findb.news^$document,popup ||web.zoombleat.top^$document,popup ||web.grittyago.xyz^$document,popup @@ -8529,7 +7409,6 @@ ||deugahat.gq^$document,popup ||web.acidicadorn.top^$document,popup ||leelabea.cf^$document,popup -||girlsfinder.life^$document,popup ||beladra.cf^$document,popup ||web.actgrovel.site^$document,popup ||ysiquaarac.ga^$document,popup @@ -8548,7 +7427,6 @@ ||web.gristwattle.online^$document,popup ! https://bazaar.abuse.ch/sample/971a53dd3d17c44c1f4b21e33c0c161aed411ebb8c4d7f5a47c3cc68849340a5/ -||detail-booking-reservation.com^$all ||skynetx.com.br^$all ! https://app.any.run/tasks/45e3bc2d-8e87-47b6-b233-cf8bfecbd5b7 ||cdt2023.ddns.net^$all @@ -8589,11 +7467,8 @@ ||ormoredeta.xyz^$all ! https://forums.malwarebytes.com/topic/293896-malwarebytes-keeps-blocking-domains-for-malvertising/ -||pfewfvrkcps.com^$all ! https://forums.malwarebytes.com/topic/293881-hijackautoconfigurlprxysvrrst-backdoorfarfli/ -||pp.abcgameabc.com^$all -||abcgameabc.com^$document ||g.agametog.com^$all ||agametog.com^$document @@ -8638,16 +7513,13 @@ ||blender3d-software.net^$all ! https://www.virustotal.com/gui/url/6b19b5e07a1d736934459f8bfc3db4a5f5d9055311e19a7d470173014502a6da/community -||mediafireqqwbaok.aqz-xpr.me^$document ! https://github.com/uBlockOrigin/uAssets/issues/16558 ! (my analysis) https://tria.ge/230130-pl42csac69/static1 -||obsproicet.net^$all ||driveusercontent.us^$document ! https://forums.malwarebytes.com/topic/294473-malware-not-detected-in-malwarebytes/ (account required) ! (my analysis) https://app.any.run/tasks/14b9da67-7f1e-49ff-b73d-26a5d263efbf/ -||rocketpool-net.website^$all ||135.181.41.147^$all ! https://github.com/DesktopECHO/T95-H616-Malware @@ -8657,20 +7529,10 @@ ||cbpheback.com^$all ! https://bazaar.abuse.ch/sample/89da2eee6af1c267e164bd9b24866bcac56588fe67efaf3bdb9aa98afa8cf990/ -||niua9f.tabcoperoo.sbs^$all ! https://bazaar.abuse.ch/sample/7df24f04c4df829cd9e643cd9be596d0996b79d1fbb9422c75a17741f10414a4/ (all credit to abusech) -||noicuckoo.cfd^$all -||oqzxtzpjagh.buzz^$all ||pusgpaxnddw.top^$all ||qlmhxmwlyhr.top^$all ||qmudnleqjjx.top^$all -||1r2d76nob3mu.yachts^$all -||58sozi3fke55.yachts^$all -||cjdadpbxjtk.yachts^$all -||dcascfymifzm.yachts^$all -||f0ksf1lkyjj3.yachts^$all -||jh9y4fr53c2s.yachts^$all -||xer382yrotxz.yachts^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/141376 ||watch-online.7oc5b1i3v4iu.top^$all @@ -8700,7 +7562,6 @@ ||service-domain.xyz^$all ! https://twitter.com/KesaGataMe0/status/1621321884012019712 (https://github.com/AdguardTeam/AdguardFilters/commit/cc46c1f0f0c2a71e989c697fb382cdd68621d366) -||www-biccamera-com.xdtylc468.com^$all ||www-biccamera-com.jycfmf.com^$all ! https://www.virustotal.com/gui/url/7edda570d0f8fae48fac53194950c93137721d5535829d88add851c9bf42a0e2 @@ -8713,11 +7574,8 @@ ! https://www.virustotal.com/gui/url/9f52f7e0f34c63c2f0c8de10fa003fd4d8c2e0804f7ea97e056125564a56ebc7/community ! (my analysis) https://app.any.run/tasks/3525a515-f11e-4ff1-9be0-c5640b1d5904 -||satoulishing0-webapps-document-adaf7.ondigitalocean.app^$all -||perpendiculer.cc^$all ! https://bazaar.abuse.ch/sample/d089b6082b4f5ecf765148ffea5885d8cd81e9e078d69bee786be9e6d60a653f/ -||heargattack.cyou^$all ! NSFW: https://app.any.run/tasks/84fe2ec3-067b-4095-8a4f-e74636671351 ||message.okaynotification.com^$all @@ -8733,8 +7591,6 @@ ||gamebee.club^$document ! https://app.any.run/tasks/dc47eebe-06b8-4ea7-87c5-ecab7bd18d99 -||tiktok.topprofile24.site^$all -||topprofile24.site^$all ! https://forums.malwarebytes.com/topic/294675-mygov-scamfraudpersonal-detail-theft-alert/ (account required) ! (my analysis) https://app.any.run/tasks/463e490a-12bb-4afd-a496-f5500177b794/ @@ -8769,7 +7625,6 @@ ||xk9tx.top^$all ||wiruv.top^$all ||xpdep.top^$all -||woodbattle2.xyz^$document ||shoesauto3.xyz^$document ! https://forums.malwarebytes.com/topic/294740-trojans-will-not-disappear-and-mb-wont-stop-blocking-websites/ @@ -8777,7 +7632,6 @@ ||194.87.216.194^$all ! https://www.malware-traffic-analysis.net/2023/02/03/index.html ||yes2food.com^$all -||cpu-id.top^$all ||advertising-check.ru^$all ||softs-lab.ru^$all ||62.204.41.176^$all @@ -8785,9 +7639,6 @@ ! https://threatfox.abuse.ch/ioc/1078856/ ! https://twitter.com/1ZRR4H/status/1623067548781539339 -||best-exp.org^$all -||soft-pro.site^$all -||exp-pc.com^$all ||79.137.248.136^$all ||79.137.206.31^$all ||85.192.40.253^$all @@ -8800,14 +7651,9 @@ ||vserpg.ru^$all ! https://github.com/hagezi/dns-blocklists/issues/324 -||cashspacex.org^$all -||elonmusk2x.org^$all -||tesla-gpt.com^$all -||teslalnc.org^$all ||teslacar.io^$all ! https://forums.malwarebytes.com/topic/294906-tesla-crypto-scam/ (account required) -||teslamoney2023.com^$all ! https://app.any.run/tasks/bcd4633b-931e-4bfc-a874-24d04a136036 ||wlbss.inghesatin.com^$all @@ -8829,13 +7675,10 @@ ||dejig.live^$all ! https://github.com/iam-py-test/my_filters_001/issues/109 -||ask.elbwaba.com^$all ||btc.latest-articles.com^$all ||en.firstgooal.com^$all ||en.rawafedpor.com^$all -||eq.yomeat.com^$all ||news.istisharaat.com^$all -||plus.cr-halal.com^$all ||ust.aly2um.com^$all ||filestack.live^$all ||0-4.top^$all @@ -8843,7 +7686,6 @@ ||5pm.am^$all ||77w.pw^$all ||7la.la^$all -||99pw.pw^$all ||9ge.ge^$all ||b-d.bond^$all ||b-i-t-l-y.co^$all @@ -8854,7 +7696,6 @@ ||bitly.best^$all ||bitly.email^$all ||bitly.gold^$all -||bitly.host^$all ||bitly.network^$all ||c-lick.click^$all ||c-you.cyou^$all @@ -8863,10 +7704,8 @@ ||cr-7.cc^$all ||cutlinks.biz^$all ||cutlinks.ca^$all -||cutlinks.ch^$all ||cutlinks.mobi^$all ||cutlinks.org^$all -||cutlinks.pw^$all ||cuturls.net^$all ||d-ev.dev^$all ||fco.to^$all @@ -8916,7 +7755,6 @@ ||w-ws.ws^$all ||wac.ac^$all ||wci.ci^$all -||wco.pw^$all ||wst.st^$all ||xx-yz.xyz^$all @@ -8938,7 +7776,6 @@ ! https://app.any.run/tasks/77b6a223-4c81-4798-9dc0-a747de6e0f6d ||crackshash.com^$document -||shgsdhfsdfbbe5.monster^$document ||czgovd.com^$all ||pufgilsofp.sbs^$all ||bstnwswrld.com^$document @@ -9028,26 +7865,17 @@ ! https://www.virustotal.com/gui/url/be690a1da2bc52dcfc6d7069248b1d085237009c8fb7b45110098eedf8390024/community ! (my analysis) https://app.any.run/tasks/535ae7f2-c6dd-4b51-aee5-e80c4af11b82 -||onedriverfaxnow.blob.core.windows.net^$all -||resultmailer01.runningnode.online^$all ! https://forums.malwarebytes.com/topic/295202-windows-powershell-keeps-popping-up-randomly-and-closing/ -||chatgigi2.com^$all ! https://www.virustotal.com/gui/file/d3c9371a1456fd7c4551e18b0c1172a597f86c97e2864bc0b1be632c48da9697/relations ||ahoravideo-blog.com^$all -||ahoravideo-blog.xyz^$all ||ahoravideo-cdn.com^$all -||ahoravideo-cdn.xyz^$all -||ahoravideo-chat.com^$all -||ahoravideo-chat.xyz^$all ||ahoravideo-endpoint.com^$all ||ahoravideo-endpoint.xyz^$all ||ahoravideo-schnellvpn.com^$all ||ahoravideo-schnellvpn.xyz^$all ||bideo-blog.com^$all -||bideo-blog.xyz^$all ||bideo-cdn.com^$all -||bideo-cdn.xyz^$all ||bideo-chat.com^$all ||bideo-chat.xyz^$all ||bideo-endpoint.com^$all @@ -9055,27 +7883,19 @@ ||bideo-schnellvpn.com^$all ||bideo-schnellvpn.xyz^$all ||fairu-blog.com^$all -||fairu-blog.xyz^$all ||fairu-cdn.com^$all -||fairu-cdn.xyz^$all ||fairu-chat.com^$all ||fairu-chat.xyz^$all ||fairu-endpoint.com^$all ||fairu-endpoint.xyz^$all ||fairu-schnellvpn.com^$all ||fairu-schnellvpn.xyz^$all -||privatproxy-blog.com^$all ||privatproxy-blog.xyz^$all -||privatproxy-cdn.com^$all ||privatproxy-cdn.xyz^$all ||privatproxy-chat.com^$all -||privatproxy-chat.xyz^$all -||privatproxy-endpoint.com^$all ||privatproxy-endpoint.xyz^$all ||privatproxy-schnellvpn.com^$all -||privatproxy-schnellvpn.xyz^$all ||wmail-blog.xyz^$all -||wmail-cdn.com^$all ||wmail-cdn.xyz^$all ||wmail-chat.xyz^$all ||wmail-endpoint.xyz^$all @@ -9096,35 +7916,24 @@ ||skillfactsim.com^$all ||burningpushing.info^$3p ! https://urlscan.io/result/ff16e3ca-7cc9-48aa-9028-dae2e7769419/ -||update48451.xyz^$all ||catomernsuents.com^$all ! https://www.virustotal.com/gui/url/46add8496717590d1e5eef43fb67c8d09710945f395c26d822dd8d1db6a4bb13/community ! (my analysis) https://app.any.run/tasks/f531a557-d782-45a1-ac7f-da6bbfabd172 -||uspsnewinfo.link^$all -||change.uspsnewinfo.link^$all -||dfg.uspsnewinfo.link^$all ! https://www.virustotal.com/gui/url/954e540f3914567dfa26ae82847a085c6052436ac46db1b977deba0bf05205c9/community ! (my analysis) https://app.any.run/tasks/01951733-079f-4a8e-b3b1-5d2172f860e1/ -||dlscord-nltro.com^$all ! https://bazaar.abuse.ch/sample/777a98db2b04de56c57e9d4485d4e8e8bae7e28cb0b276742862fcf22ce85f1a/ ! https://app.any.run/tasks/4b61f476-bb18-4bee-9ebc-0574611bfed6/ -||uaery.top^$all -||jiqaz.com^$all ! https://bazaar.abuse.ch/sample/533d169364edf867fafa28fb948a564c032312794a5dc01f27464be65892775b/ -||ewzsvl72.top^$all ! https://www.virustotal.com/gui/url/b640badf626400458c15e3574d013a02e0e50652c53b135a71e3b099d29e0956/community ! (my analysis) https://app.any.run/tasks/974fe120-a13e-4fe3-9546-64aa16ad4687 -||dash.blastchallenger-intel.pro^$all -||blastchallenger-intel.pro^$document ! https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/ ||xrepositoryx.name^$all -||myrepositoryx.com^$all ||erdjknfweklsgwfmewfgref.com^$all ||harrysucksdick.com^$all ||heikickgn.com^$all @@ -9136,10 +7945,6 @@ ||eatablehelprut.com^$all ! https://github.com/hagezi/dns-blocklists/issues/585 -||chatgpt-pc.com^$all -||www.chatgpt-pc.com^$all -||chatbot-gpt.org^$all -||www.chatbot-gpt.org^$all ! https://forums.malwarebytes.com/topic/295590-malwarebyes-blocks-webite/ ||mignished-sility.com^$all @@ -9157,96 +7962,32 @@ ! https://github.com/RPiList/specials/issues/948#issuecomment-1458739160 ||yuppdownload.com^$all -||cabbageknee.site^$all -||suntrees.icu^$all -||sparkrainstorm.host^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/145513 ||4b34eusvcxsdublb6f.runoj.click^$all ||runoj.click^$all -||achilles-par.com^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/145513#issuecomment-1468676678 -||adrastos-eli.com^$document,popup -||aegid-bal.com^$document,popup ||aesch-mko.com^$document,popup ||agapios-gla.com^$document,popup ||ahura-maz.com^$document,popup -||alia-iso.com^$document,popup ||altwi-cha.com^$document,popup -||amanda-cle.info^$document,popup -||animikii-ana.com^$document,popup -||apoll-amp.com^$document,popup -||aries-nbl.com^$document,popup ||artax-evn.com^$document,popup -||aslau-cre.info^$document,popup ||balor-ghn.com^$document,popup -||baste-znl.com^$document,popup -||belia-glp.com^$document,popup -||bilqi-omv.com^$document,popup -||blode-cpq.com^$document,popup -||bricius-ing.com^$document,popup -||brije-cor.info^$document,popup -||chima-eoj.com^$document,popup -||chlod-qui.com^$document,popup -||ciar-kep.com^$document,popup -||clarus-che.com^$document,popup -||cynes-gwf.com^$document,popup -||daeda-iyk.com^$document,popup -||dipaka-ead.com^$document,popup -||enki-mit.com^$document,popup -||epiph-xvm.com^$document,popup ||ermin-oxj.info^$document,popup -||freyr-clo.com^$document,popup -||gdocument,popupa-uev.com^$document,popup ||gargi-xba.com^$document,popup -||gaut-hil.com^$document,popup ||gloos-zus.info^$document,popup ||gronw-zis.com^$document,popup -||gwawl-oqs.com^$document,popup ||harib-eir.info^$document,popup ||heily-nin.com^$document,popup -||hilarion-lar.com^$document,popup -||hildr-zah.com^$document,popup -||iason-eug.com^$document,popup -||illum-sec.com^$document,popup -||ingig-nes.com^$document,popup ||iorwe-qmf.com^$document,popup -||irene-eux.com^$document,popup -||kamak-mab.com^$document,popup ||kuno-gae.com^$document,popup ||laurentia-kor.com^$document,popup -||leont-pfd.com^$document,popup -||ligeia-gip.com^$document,popup -||linus-axz.com^$document,popup -||lugaid-kal.com^$document,popup -||lykos-bzm.com^$document,popup -||lysim-lre.com^$document,popup -||lysimachus-aur.com^$document,popup ||menelaus-col.com^$document,popup -||nesto-sig.com^$document,popup ||nicomachus-mac.com^$document,popup -||orest-vlv.com^$document,popup ||orige-duo.com^$document,popup -||orion-gen.com^$document,popup -||patro-sfe.com^$document,popup ||phara-gte.com^$document,popup -||philotheos-iov.com^$document,popup -||phoka-mps.com^$document,popup -||ponti-pzk.com^$document,popup -||pritha-ner.com^$document,popup -||proserpina-zeb.com^$document,popup -||pyrrh-xbf.com^$document,popup ||quinctus-isb.com^$document,popup -||rama-bac.com^$document,popup -||rober-srr.com^$document,popup -||sigiward-ger.com^$document,popup ||sindr-yet.com^$document,popup -||tanit-adr.com^$document,popup -||thiem-csl.com^$document,popup -||thor-pom.com^$document,popup -||thutm-bru.com^$document,popup -||uthyr-que.com^$document,popup -||zp-dom.com^$document,popup ||redirect.newprogrammatic.click^$document ||3.231.116.86^$document ||54.237.193.255^$document @@ -9260,19 +8001,14 @@ ||telegra.ph/Software-2023-02-21-6^$document ||en.bestadultdatinglist-com.ru^$document ||fuckbookmobile.org^$document -||new.bonebow.top^$all -||bonebow.top^$all ||theparlornextthef.com^$document,popup ||dtsdr.theparlornextthef.com^$all -||findc-download2.cfd^$document -||lxyrlp.shop^$all ||palons.live^$all ||alertci.click^$all ||9ijgfdc4rf56.click^$all ||nbsb7nr44.cfd^$all ||pingatinga.click^$all ||srinaboglad.click^$all -||fcfervkcx.cfd^$all ||bvnie.taitlastwebegan.com^$all ||taitlastwebegan.com^$all ||162.243.164.175^$all @@ -9282,7 +8018,6 @@ ||justfreesetuphere.xyz^$all ||hit5k.one^$all ||zdr566yh.click^$all -||ghu86tyh.cfd^$all ||getnomadtblog.com^$all ||urhandups.xyz^$all ||qtgsr.taitlastwebegan.com^$all @@ -9302,20 +8037,9 @@ ||jonathanbartz.com^$all ||jp.imonitorsoft.com^$all ||junk-bros.com^$all -||kakiosk.adsparkdev.com^$all ||kepw.org^$all ||kristinee.com^$all ||lakeside-fishandchips.com^$all -||system-libs.com^$all -||usa-winwin.com^$all -||optercore.com^$all -||optimizewin.com^$all -||office-softs.com^$all -||office-checker.com^$all -||system-checker.com^$all -||center-main.com^$all -||office-view.com^$all -||i-likefood.co^$document ||108.61.242.65^$all ||146.70.78.43^$all ||87.120.254.39^$all @@ -9343,12 +8067,9 @@ ||file-uploud.site^$document ! https://github.com/uBlockOrigin/uAssets/pull/17521 -||cs2code.com^$all ! https://github.com/durablenapkin/scamblocklist/issues/31 ||balkeryswep.online^$all -||bakeryxswap.org^$all -||bakareiswap.xyz^$all ! https://github.com/durablenapkin/scamblocklist/issues/29 ||youtubee.com^$document @@ -9367,7 +8088,6 @@ ||msedgeupdate.com^$all ! https://github.com/uBlockOrigin/uAssets/pull/17651 -||full-nitro.com^$all ! https://app.any.run/tasks/00d5d80b-3924-4421-8780-7ba796d7b825 ! https://tria.ge/230420-anfn8agb9z/behavioral1 @@ -9378,27 +8098,19 @@ ! https://github.com/durablenapkin/scamblocklist/issues/36 ||ledgerlivewallets.com^$all -||explore-ledger.online^$all -||web3ledger-app.online^$all -||ledgqer.com^$all ||nanoweb3-rarityledgertech.com^$all ||ledger-liveweb3app.com^$all ||shop-nanox.com^$all -||ledgerrlivess.org^$all ||ledgerlive.mobi^$all -||ledgerslive.org^$all ||ledgerlives.live^$all ||ledgers.network^$all ! https://github.com/mitchellkrogza/phishing/pull/225 -||wilkinson-intl.powerappsportals.com^$all ! https://blog.morphisec.com/in2al5d-p3in4er ||cv-builder.site^$all ||siamaster.com.mx^$all ||chatgptex.us^$all -||allfreesoftware.online^$all -||all-free-software.online^$all ||45.15.156.182^$all ||45.15.156.70^$all ||45.132.106.77^$all @@ -9410,7 +8122,6 @@ ||5.34.180.208^$all ! https://github.com/uBlockOrigin/uAssets/pull/17767 -||olympofreptiles.io^$all ! https://www.reddit.com/r/uBlockOrigin/comments/1304khl/badware_sites/ ||actionclassicgames.com^$document @@ -9433,7 +8144,6 @@ ! https://app.any.run/tasks/5fddd235-4433-4376-9a75-39a28b018f6b ||realtorstrust.com^$all -||filetosend-next.com^$all ! https://app.any.run/tasks/d40fc871-4942-4acd-8d6a-d8f4baae1f32 ||kuyhaa-me.id^$all @@ -9454,8 +8164,6 @@ ||87cibrsm009t2lj.buzz^$all ! https://github.com/hagezi/dns-blocklists/issues/1003 -||steanmconmminity.com^$all -||steammcommunuty.ru^$all ! https://forums.malwarebytes.com/topic/297570-phishing/ (account required) ||0.drroham.ir^$all @@ -9482,7 +8190,6 @@ ||activehdd.ru^$all ||oled8kultra.ru^$all ||xhamster-18.ru^$all -||oled8kultra.site^$all ||activessd6.ru^$all ||activedebian.ru^$all ||shluhapizdec.ru^$all @@ -9492,7 +8199,6 @@ ||pochelvpizdy.ru^$all ||evatds.ru^$all ||click7adilla.ru^$all -||grhfgetraeg6yrt.site^$all ||92.53.96.119^$all ||103.195.103.54^$all ||94.142.138.218^$all @@ -9503,7 +8209,6 @@ ||colisumy.com^$all ! (message on OALabs server) https://discord.com/channels/885624530071085097/885624530519871541/1106068675313815662 -||csgo-twitch.tv^$all ! https://www.virustotal.com/gui/url/4cbb55b62fe8bc2acdaa79d3c4fd3a6d33c0d5eed287bbe655fc117c6bdeb0a3/community ! (my analysis) https://app.any.run/tasks/2de7c1a5-bfe4-4b48-a1e5-b7d8c059cbd0 @@ -9529,14 +8234,7 @@ ||ublockerext.com^$all ! This domain has been used for typosquatting, malware, phishing, and scams (redirects to other scam/malware sites as of 17/9/2021) -! https://www.siteadvisor.com/sitereport.html?url=gogle.net -! https://www.mywot.com/scorecard/gogle.net -! https://www.urlvoid.com/scan/gogle.net/ -! https://www.fortiguard.com/webfilter?q=gogle.net -! https://www.virustotal.com/gui/domain/gogle.net/detection ! curl on 9/5/2021 shows it is still online -||gogle.net^$all -! Found in the curl response of gogle.net ! https://www.siteadvisor.com/sitereport.html?url=quatrefeuillepolonaise.xyz ! https://www.virustotal.com/gui/url/7319b37aff351dc0f0e71dba194b5f21972be9ad072b955a35d27d5af359d5fa/community ! https://www.virustotal.com/gui/domain/quatrefeuillepolonaise.xyz/detection @@ -9552,14 +8250,12 @@ ! https://github.com/DandelionSprout/adfilt/commit/0af1431c8f4cf45e9c27e359edf777b0c9bfa153 ||extragifis.site^$all ||captcharesolving-universe.com^$all -||roaddrinkfun.live^$all ||5.8.47.3^$all ||5.8.34.26^$all ! https://www.virustotal.com/gui/ip-address/5.8.34.26/relations ! https://github.com/DandelionSprout/adfilt/issues/188 ||captcharesolver.com^$all ! https://www.virustotal.com/gui/url/136909c39798eacfc82e58459684619a4b89de8d3dedbe5a3010c5152b670328/detection -||chatroom33.com^$all ! https://github.com/iam-py-test/Assets-001/blob/main/goglenet%20malware ||cpmstatsart.com^$all ! https://github.com/DandelionSprout/adfilt/issues/188#issuecomment-848834204 @@ -9574,19 +8270,13 @@ ! https://www.virustotal.com/gui/url/7bedfdd70bd23869a3598186270bcca9e64870842fb95df46da9ed5519e0b41c/detection ||gamesex.fun^$all ! just redirects to another blocked domain -||wyoutube.com^$all -||gmsail.com^$all -||gmailgmail.com^$all ! https://github.com/DandelionSprout/adfilt/issues/188 ||kmip.net^$all ||iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com^$all ||204.11.56.48^$document ||goldprize.xyz^$all ! More scam stuff on 27/9/2021 -||nextarrangewent.top^$document -||avqhqc.nextarrangewent.top^$all ||smartcaptchasolve.top^$all -||pvzksi.nextarrangewent.top^$all ||cloud-repos.store^$document ||retailproductsusa.com^$all ||www.retailproductsusa.com^$all @@ -9596,11 +8286,7 @@ ||diabasewoodhouse.xyz^$document ||signupandturnyourscreenoffsafepowernow.date^$document ||www.signupandturnyourscreenoffsafepowernow.date^$all -||capitaldearrub.top^$document -||iytjki.capitaldearrub.top^$all -||captchafilter.top^$all ||best-prizes.life^$document -||fivqnt.capitaldearrub.top^$all ||jsontdsexit.com^$document ||therewardboost.com^$all ||t.therewardboost.com^$all @@ -9609,15 +8295,8 @@ ||d2m2wsoho8qq12.cloudfront.net^$document ||jpgtrk.com^$document ||pnghst.com^$document -||watchhighlyspeedythefile.vip^$all -||softstreamstore.com^$document -||birdplantmonth.top^$document -||xnbsmm.birdplantmonth.top^$all -||tnnsge.birdplantmonth.top^$all ! domains which gogle[.]net redirects to on 17/10/2021 ||positivestar.org^$all -||protectionwebsupport.com^$all -||www.protectionwebsupport.com^$all ||securysearchapp.com^$document ||www1.securysearchapp.com^$document ||mydealprotection.com^$document @@ -9626,16 +8305,12 @@ ||intunes.com^$document ||pple.com^$document ||gimal.com^$document -||youotube.com^$document -||googlep.com^$document -||feedproxy.googlep.com^$all ! 19/11/2022: https://sitecheck.sucuri.net/results/get-the-prize-ht3.live ||get-the-prize-ht3.live^$document ! https://github.com/uBlockOrigin/uAssets/issues/9344 ! https://github.com/iam-py-test/Assets-001/tree/main/uiz.io_scam ||uiz.io^$document -||ogtrk.net^$all ! More scam domains found via redirects when clicking on the fake recaptcha ! https://www.virustotal.com/gui/url/73dae7d74bcdc9099a54b75b904cc45995d85534a313ad65fcc4d9e401b34607/detection ||rewardsavenue.net^$all @@ -9657,17 +8332,7 @@ ||beta-one.net^$all ||ny-t.r-tb.com^$all ||pisism.com^$document -||czyzd.xyz^$all -||r1it6.xyz^$all -||sqjxp.xyz^$all -||h5e4b.xyz^$all -||nkb18.xyz^$all -||m6ydd.xyz^$all -||welcomejohncena.pro^$all ||security-scanner.xyz^$all -||c2egp.xyz^$all -||ese40.xyz^$all -||e07wm.xyz^$all ! https://github.com/iam-py-test/investigations/blob/main/2021/10/26/1.md#html-captures ||news-back.org^$document ||www1.news-back.org^$all @@ -9684,21 +8349,13 @@ ! https://github.com/DandelionSprout/adfilt/pull/289 ||gogles.com^$all ||flexroll.online^$document -||earnestbee.info^$document -||weaknessnill.shop^$all -||aquariuminn.com^$document ||army-glo.scrollingsystem.com^$document ! ||www.kqzyfj.com^$all ! ||kqzyfj.com^$all ! ||cj.dotomi.com^$all ||mcafee12.tt.omtrdc.net^$document -||trolleydrop.info^$document -||jaynordan.digital^$document ! https://www.virustotal.com/gui/ip-address/70.32.1.32/relations -||hssupoort.us^$all ||clk.rtpdn14.com^$document -||starbux.fun^$all -||fortnitecode.online^$all ||cd.org^$document ! https://github.com/uBlockOrigin/uAssets/issues/9848#issuecomment-907855092 @@ -9721,49 +8378,32 @@ ||ppcnzi.xyz^$document ||www.ppcnzi.xyz^$document ||eritokyo.jp^$document -||dweto.xyz^$document -||friendperiodscale.top^$document -||bmtbpi.friendperiodscale.top^$all -||yeiwke.friendperiodscale.top^$all -||yeaeqs.friendperiodscale.top^$all -||storesleepmagnet.top^$document -||vnilhc.storesleepmagnet.top^$all ||www.cpanlyzr.co^$all ||cpanlyzr.co^$document -||qqnlag.storesleepmagnet.top^$all -||pqxzzl.storesleepmagnet.top^$all ||rewardzoneusa.com^$all ||contact.rewardzoneusa.com^$all ||reward3spot.com^$all ||www.reward3spot.com^$all ||order-safely.com^$document ||www.order-safely.com^$document -||manage-point-wmc2.click^$all ||followlink.click^$document ||us.systemupdatecontrol.com^$all ||systemupdatecontrol.com^$all ||ryderftv.co^$document ||www.ryderftv.co^$all -||comparepeoplecat.top^$document -||epoeve.comparepeoplecat.top^$all -||fmywxx.comparepeoplecat.top^$all ||publishers.revenueuniverse.com^$document ! https://scammer.info/t/crypto-scam/82425 ||gemini-horoscope-astrologer.business.site^$all ! https://scammer.info/t/i-dont-need-that-knife-discord-scam/82776 -||steamhistory-offer.xyz^$all ! https://scammer.info/t/multiple-fake-discord-websites/82773 -||cbccke.co^$all -||discord-giveaways.ru^$all ! https://scammer.info/t/noteit-scam/82283 ||pautils.online^$document ! https://scammer.info/t/your-computer-is-infected-scan-for-free-now-scam/81989 -||fpsbooster.net^$all ! https://scammer.info/t/usps-spam/83368 ||www.wutaideng.wang^$document @@ -9772,7 +8412,6 @@ ||gemini-telephonecompany.business.site^$document ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-974886953 -||your-ladie-fun.life^$all ||e.datingmap.top^$all ||datingmap.top^$all ||tonightshookup.com^$document @@ -9795,8 +8434,6 @@ ||play.sweepstakesalerts.com^$document ||sweepstakesalerts.com^$document ||www.stash.com^$document -||f.prformce.com^$document -||prformce.com^$document ||www.qualityhealth.com^$document ||qualityhealth.com^$document ||consumerproductsusa.com^$document @@ -9818,32 +8455,25 @@ ||buncoswosh.com^$document ||b58ncoa1c07f.com^$document ||t.avroute01.com^$document -||ultimate-detection.com^$all ||gammamkt.com^$document ||leadgentrk.com^$document ||chirkacylal.com^$document -||phooreew.net^$document ! https://github.com/AdguardTeam/AdguardFilters/issues/122055 ||shoksips.com^$all ! https://scammer.info/t/bank-scams-in-greece/82743 -||alphgr-live.com^$all ! https://scammer.info/t/faremart/82671 ||www.faremart.com^$document,image ||faremart.com^$document ! https://scammer.info/t/please-report-these-sites/78244 -||virus-pros.com^$document -||usa-pc.com^$document -||www.usa-pc.com^$document ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-977912975 ! https://www.tv2.no/nyheter/14368524/ ||alexstewartinternationalltd.rw^$all ||vps.re^$all ! https://www.tek.no/i/wOVv0o/ -||21steditionnaturalgh.com^$all ! https://www.youtube.com/watch?v=iQiVH533ncM ||avengeradblocker.com^$document @@ -9859,69 +8489,42 @@ ||yunosurveys.com^$all ! https://github.com/iam-py-test/investigations/blob/main/2021/11/28/1.md -||updsec.builtfromzero.com^$all -||money-mod.com^$document ||gospelchor.info^$document -||smwgwa.brownbrothersilver.top^$all -||new.bestlifeoffer20.com^$all ||reykijnoac.com^$document ||totalnicefeed.com^$all ||omnatuor.com^$all -||raisehelpmajor.top^$document -||myheapple.top^$document -||timegrasscase.top^$document -||swojmf.drysugardiffer.top^$document ! https://github.com/iam-py-test/investigations/blob/main/2021/11/28/2.md -||riteupd.mimanduca.co^$all -||oaesso.info^$document -||bestlifeoffer20.com^$all ! same as above - hxxpx[:]//momupd[.]enuguhomes[.]com/download-winrar-crack/ -||momupd.enuguhomes.com^$all -||fifxuq.granddidrepeat.top^$all -||granddidrepeat.top^$document ! https://scammer.info/t/youtube-bot-roblox-scam-49-gift-cards/84540 -||giftcodes.rest^$all -||clickfam.ru^$document -||clickfam.com^$document ! https://scammer.info/t/youtube-bot-roblox-scam-48-gift-cards/84539 -||freeco.bar^$all ! https://scammer.info/t/youtube-bot-roblox-scam-47-gift-cards/84538 -||giftcod.bar^$all ! https://scammer.info/t/youtube-bot-roblox-scam-46/84537 -||rbxrbx.bar^$all ! https://scammer.info/t/youtube-bot-roblox-scam-45-gift-cards/84536 -||giftcodes.bar^$all ! https://scammer.info/t/youtube-bot-roblox-scam-44/84535 -||rubox.bar^$all ! https://scammer.info/t/youtube-bot-roblox-scam-43/84534 -||rbo.bar^$all ! https://scammer.info/t/youtube-bot-roblox-scam-42/84533 -||myfan.monster^$all ! https://scammer.info/t/youtube-bot-roblox-scam-41/84532 -||codescodes.bar^$all ! https://scammer.info/t/youtube-bot-roblox-scam-39/84530 ||freeco.xyz^$all ! https://scammer.info/t/youtube-bot-roblox-scam-38/84529 -||freegameresource.com^$all ! https://scammer.info/t/youtube-bot-roblox-scam-37/84528 ||modgjn.uno^$all ! https://scammer.info/t/youtube-bot-roblox-scam-36/84527 -||getrx.best^$all ! https://scammer.info/t/paypal-phishing-12/84592 ||golemgreat122.000webhostapp.com^$all @@ -9939,27 +8542,11 @@ ! https://forums.malwarebytes.com/topic/281514-scam-websites/ ||812138.com^$document -||up-ada.net^$document ||dk-video.xyz^$document ||dj-video.xyz^$document ||gi-video.xyz^$document ||hj-video.xyz^$document -||buterin21.cc^$document -||xrpproduce.co^$document -||wind-video.xyz^$document -||eth-reward.org^$document ||havmoney.xyz^$document -||ether-coin.net^$document -||shiba-give.live^$document -||eth-info.fun^$document -||coinfolio.finance^$document -||get-safemoon.com^$document -||ozzon-mobi-pay.com^$document -||holiday.tll-4estlat.xyz^$document -||holiday.tll-8essage.xyz^$document -||holiday.skk-8ixelssc.xyz^$document -||holiday.tll-1ncluded.xyz^$document -||massive-play.buzz^$document ! https://github.com/uBlockOrigin/uAssets/pull/10804 ! https://bbs.kafan.cn/thread-2221500-1-1.html @@ -9971,10 +8558,8 @@ ! https://www.nkom.no/aktuelt/ikke-trykk-pa-lenker-i-sms--for-du-er-helt-sikker/ ||eccolabgroup.com^$all ||galerijajava.ba^$all -||hfyjbk.ml^$all ||p-stn.net^$all ! https://borsen.dagbladet.no/74020239/ -||poetic-selection.flywheelsites.com^$all ! scam dating sites ||casualdating.com^$document @@ -9988,25 +8573,13 @@ ||cagothie.net^$document ! https://github.com/iam-py-test/investigations/blob/main/2021/12/9/1.md -||susannamakeup.com^$document -||gpspdt.susannamakeup.com^$all -||visamo.info^$document -||impsus.info^$all -||thinsmileteam.top^$document -||rwmwje.thinsmileteam.top^$all ||0s.click^$document ||0ffer.icu^$document ||0pen.online^$document -||repairextremelyswiftthefile.vip^$document ! https://github.com/iam-py-test/investigations/blob/main/2021/12/12/1.md -||advisorsfox.onlineenglishteacher.co^$all ||onlineenglishteacher.co^$document -||smtmpo.monthclockpay.top^$all -||monthclockpay.top^$document -! https://www.mywot.com/scorecard/youdontknowwhoiam.org -||youdontknowwhoiam.org^$document ||www.fling.com^$document ! either redirects to random websites or scams @@ -10016,380 +8589,66 @@ ! fake MediaFire websites ||songlos.com^$document ||royaltees.co^$all -||correctwantserve.top^$document -||qilihi.correctwantserve.top^$all -||hunterrandom.latabledusanglier.com^$all -||insload.bainisgaingeals.com^$document -||viahunter.lafabricagourmet.co^$document ||findes.co^$document ||vitafox.findes.co^$document -||ooload.qualitywatches.co^$document -||locatorblog.sukabumitoday.co^$all -||sukabumitoday.co^$document -||glofwy.sugarfinehot.top^$document ||supersong.nl/upload/6277.rar^$all -||nlnvan.garydouglasnewell.co^$all -||garydouglasnewell.co^$document -||partdate.yaspiq.co^$document -||jmtrading.co^$all ||monkeyselite.tonick.co^$document -||rappersonal.paradisedestination.co^$all -||kqnpcp.friendmagnetcool.top^$all -||contactalliance.mbogi.co^$all ||kitago.info^$all -||websitesforge.paradisedestination.co^$all -||vietnamblog.ruxor.co^$all -||nlnbang.makexdesign.com^$all -||zmzrjm.betweeninstantfun.top^$all -||blogutah.urbanartdesigns.co^$document ||herezfile400.weebly.com^$all -||yjtjuz.windowwhoclock.top^$all -||windowwhoclock.top^$document ||hereeup447.weebly.com^$all -||fishnln.wonderandroam.co^$all ||yaihxj.knewdayfull.top^$all ||knewdayfull.top^$document ||4lgx4.bemobtrcks.com^$document -||tahunter.mostazza.co^$document -||undaido.info^$document -||dlwyuw.hugewifesilver.top^$all ||hugewifesilver.top^$document -||onthegofox.kimiatrade.co^$all -||wftzxd.floorhalfforce.top^$all -||floorhalfforce.top^$document ||ge6s.com^$all -||fbdate.farazsteel.co^$all -||zfqfuv.wellatfeel.top^$all -||wellatfeel.top^$document -||blogcompany.startinblock.co^$all -||xmkikk.wellatfeel.top^$all -||lenssft.ownerschoice.co^$all -||mpuwcp.wellatfeel.top^$all ||sitexchange.causeart.co^$all -||ehtfxz.wellatfeel.top^$all -||hiddenpersonal.startinblock.co^$all -||nlnhour.yellowspirit.co^$all -||mezvdf.wellatfeel.top^$all -||aqvcrp.wellatfeel.top^$all ||yellowmother374.weebly.com^$all -||mahnii.co^$all -||spyclub.actyve.co^$all -||easft.pna-car.org^$all -||webdesignsite.villa1000.co^$all ||myhayward.us^$all -||lilereba.info^$document -||eatsft.origamiswan.co^$all -||hunterzo.danelleandryan.us^$all -||victor.honestcareforkids.us^$all -||blogswap.globaltactics.co^$all -||i.boleroforensics.co^$all -||davomate.info^$all ||tiborola.info^$all -||pimtqc.reasonlocatedry.top^$all -||reasonlocatedry.top^$document ||artbistro.us^$all -||ffipfz.tookfinishcool.top^$all -||tookfinishcool.top^$document -||d.lusona.co^$all -||instyles.co^$all ||myhypeposts.com^$all -||rlkusw.takechaircaptain.top^$all -||takechaircaptain.top^$document -||softwaveit.co^$all -||ipowga.takechaircaptain.top^$all -||g.intelierrestaurantsites.co^$all -||v.citycoth.us^$all -||bumblelex.allheartcards.co^$all -||c.eveshop.us^$all -||gcxfiw.eyeneversomebody.top^$all -||eyeneversomebody.top^$document -||gorgons.softwaveit.co^$all -||dhoul.thelittlebaker.co^$all -||kewpji.favourofmake.top^$all -||favourofmake.top^$document ||onlynewstoday.com^$all -||zibandam.co^$all -||altisgroup.co^$all -||precisionrepair.us^$all ||payments4u.org^$all -||kxaei.xyz^$all -||b2lj0.xyz^$all -||9sgiq.xyz^$all -||j4325.xyz^$all -||opss7.xyz^$all -||ctvkne.hopebathim.top^$all -||hopebathim.top^$all -||goto.batteryscience.us^$all -||cifegate.info^$all -||caws.getgreencard.us^$all -||ellisfurreverfriends.co^$all -||originstore.co^$all -||jxigxq.knewkeptthe.top^$all -||knewkeptthe.top^$document ||freeiphone.info^$all ||static.cdnativepush.com/contents/s/7f/95/8c/2488823c2d95d7162ff723c840/01192333514141.png^$all ||static.cdnativepush.com/contents/s/04/d8/68/c0dd305c8a79b01ae4f24672ac/01477976446043.png^$all -||richmondartscouncil.co^$all -||blogtraffic.metagent.co^$all ||flummer.geppe.us^$all -||foxseal.naturalwatches.co^$all -||spud.bredrins.co^$all -||www.jsscportal.co^$all -||jsscportal.co^$all -||slqome.knewkeptthe.top^$all -||fast.captoro.co^$all ||tuckets.moanas.us^$all ||static.cdnativepush.com/contents/s/b8/4e/1d/153294973f0fff7258e8f43d7c/0647024544646.jpeg^$all ||static.cdnativepush.com/contents/s/d2/3f/93/7fe562c37a9a7a6af5df460ee7/0490618650236.png^$all -||fend.ketertyre.us^$all -||chattags.partehartu-sopuerta.biz^$all -||pnqxtz.manjobalone.top^$all -||manjobalone.top^$document -||medgossip.co^$all -||abogapp.co^$all -||fjbnoq.scoretellcompare.top^$all -||scoretellcompare.top^$document -||boothloading.abogapp.co^$all -||loadcity.frubert.com^$all -||keened.myhos.net^$all -||huntereq.broomemeadowbakes.com^$all -||leelainfo.co^$all -||quicorum.info^$all -||dagltx.whosefillnot.top^$all -||whosefillnot.top^$all ||ssp-creatives.askprivate.com/prod/images/33242825/en/69dcb41b14c0449dbc67b998ca5b0c94.jpeg^$all ||ssp-creatives.askprivate.com/prod/icons/33242825/en/8bb2cd79c7dd45eb8075d0127f8d8331.jpeg^$all -||clipmart.co^$all -||krfox.ensoneregli.com^$all -||foxcell.carlostoriophoto.com^$all -||animalstoris.com^$all -||xraawj.fateachfresh.top^$all -||fateachfresh.top^$all ||zxzfic.weebly.com^$all ||iminna.info^$all -||dxfcpo.gavestopstrange.top^$all -||gavestopstrange.top^$document -||gfeycr.flymiddlepaper.top^$document -||lengthbedspot.top^$document -||flymiddlepaper.top^$document -||ekqapa.silentlistenwhy.top^$document -||familyexperiencemoney.top^$document -||ftenll.exactdevelopspeed.top^$document -||atsfls.exactdevelopspeed.top^$document -||silentlistenwhy.top^$document -||exactdevelopspeed.top^$document -||connectkillmark.top^$document -||backconditionrace.top^$document -||tinysleepabout.top^$document -||bigdrinkevidence.top^$document -||toosongsupport.top^$all -||fruitoncetrack.top^$all -||mindhurrymusic.top^$all -||springindicatehold.top^$document -||mattercontrolfail.top^$all -||skyfightmade.top^$document -||boardprotectlevel.top^$all -||realacademicmediausa.com^$all -||yellowmissprocess.top^$document -||northgivepath.top^$document -||blowlegplural.top^$document -||txrlqt.payexceptstay.top^$document -||dzinwy.broadbonewalk.top^$all -||vdlahh.broadbonewalk.top^$all -||suitbeautycontinue.top^$document -||broadbonewalk.top^$all -||uamcjh.playbartwenty.top^$document -||payexceptstay.top^$document -||playbartwenty.top^$document -||yearjustat.top^$document -||presshillspell.top^$all -||wouldraiselarge.top^$document -||trackstronghundred.top^$document -||movedistanttrouble.top^$all -||patternobjectlaw.top^$all -||chairshellnecessary.top^$document -||stretchmilkbetween.top^$all -||ho2y.com^$document -||cvevfx.stretchmilkbetween.top^$document -||yapyxn.chargegirlpull.top^$document -||chargegirlpull.top^$document -||hadlistenwood.top^$all -||lpwucf.shiplookthrough.top^$document -||brighteggfat.top^$document -||shiplookthrough.top^$document -||samemoveprovide.top^$document -||drawshoescomplete.top^$all -||lawshapewide.top^$document -||producthappenlie.top^$all -||fightcontrollevel.top^$document -||frommenhere.top^$document -||climbcontinuefigure.top^$document -||mnmfsu.ableagaindark.top^$document -||ableagaindark.top^$document -||cgodia.stonenextwest.top^$all -||qkyfix.stonenextwest.top^$all -||wrxffo.stonenextwest.top^$all -||stonenextwest.top^$all -||fastanimalsilent.top^$all -||chargetreatbest.top^$document -||deepsymbolteeth.top^$all -||educationheatwho.top^$document -||dvfudm.drinksightseparate.top^$all -||suneastteam.top^$all -||earthsalthad.top^$all -||playlengthup.top^$all -||drinksightseparate.top^$all -||roxard.figureideastop.top^$document -||coufra.figureideastop.top^$document -||makemodernis.top^$all -||figureideastop.top^$all -||poemlistpair.top^$document -||sawwhilelady.top^$all -||widekindtravel.top^$all -||gatherstraightdoor.top^$all -||indicatebearsurface.top^$all -||kevtsp.safeseacheck.top^$all -||gotoneswim.top^$document -||shineplanopen.top^$all -||safeseacheck.top^$all -||raiselanguageproperty.top^$all -||zckucx.symboldrawearly.top^$all -||symboldrawearly.top^$all -||hearthelptail.top^$all -||ejekhz.legnoonnotice.top^$all -||bbzpks.legnoonnotice.top^$all -||carneverwomen.top^$all -||legnoonnotice.top^$all -||catblowstone.top^$all -||piecesmallsolution.top^$all -||eightcampkey.top^$all -||decimalbehindmeant.top^$all -||browneyecompany.top^$all -||materialallowreceive.top^$all -||followguessexplain.top^$all -||namearebody.top^$all -||specialearcard.top^$all -||feetcheckoff.top^$all -||morningbeginsome.top^$all -||soldierratherride.top^$document -||ssioez.likecutstrange.top^$document -||carebeenuse.top^$document -||pairwhiteplay.top^$all -||causebroadnation.top^$document -||likecutstrange.top^$all -||hadtreatbreak.top^$all -||manquarterfine.top^$all -||likeenemyfarm.top^$all -||wentwherepiece.top^$all -||gunbroadbegin.top^$all ||bloghunter.aaguatemala.org^$all -||meanrivermorning.top^$all -||lolxpb.meanrivermorning.top^$all -||pesqfx.humanpartybetween.top^$document -||humanpartybetween.top^$document -||kjypmo.nothingsaveevening.top^$document -||nothingsaveevening.top^$document -||ydilnu.shortcareabout.top^$document -||shortcareabout.top^$document -||gwvyre.wintertherelow.top^$document -||wintertherelow.top^$document -||divbwr.endsurpriselady.top^$document -||endsurpriselady.top^$document -||swxnwy.hatthingoh.top^$document -||hatthingoh.top^$document -||thousandsmallsight.top^$document -||wansch.thousandsmallsight.top^$document -||comemiddletie.top^$all -||kyzwpb.comemiddletie.top^$document -||juqgea.comemiddletie.top^$document -||mmryjp.comemiddletie.top^$all -||riljss.comemiddletie.top^$all ||abated-hamate.xyz^$all -||ganges-urania.xyz^$all -||s3hg0.xyz^$all -||tabw5.xyz^$all -||owldl.xyz^$all -||iwft8.xyz^$all -||4sdth.xyz^$all -||7yapf.xyz^$all -||8a4uj.xyz^$all -||yij7w.xyz^$all -||82vor.xyz^$all -||xusdh.xyz^$all -||iwd3l.xyz^$all -||iqrcs.xyz^$all -||47p0a.xyz^$all -||ugaa6.xyz^$all -||uigur.xyz^$all -||32vby.xyz^$all -||iss5s.xyz^$all -||ifmom.xyz^$all -||3wuq1.xyz^$all -||forumload.src-creative.co^$all -||bkmwme.straightmusicgirl.top^$all -||straightmusicgirl.top^$all ||api.pushnami.com/scripts/v2/pushnami-sw/5e4bf7d0e7585f1f723a7243^$all ||cleveradult148.weebly.com^$all -||relulimate.info^$all ||forexever451.weebly.com^$all -||aorgrj.trademadeteeth.top^$all -||trademadeteeth.top^$all ||ourcoolposts.com^$all -||siclegion.info^$all ||bitnew695.weebly.com^$all ||www.iztzo.com^$all ||iztzo.com^$all -||1frozenthrone1.com^$document -||kakstitotako.com^$document ||gomusic.info^$document -||www.yourdailysecurity.com^$all -||yourdailysecurity.com^$all ||myprotectionsurveys.com^$document ||www.myprotectionsurveys.com^$document -||initiatelatestheavilythefile.vip^$document ||ouphouch.com^$all ! https://github.com/iam-py-test/investigations/blob/main/2021/12/14/2.md -||quizhunter.simplifiedstrategy.co^$all -||wxlkdz.middledividehour.top^$all -||middledividehour.top^$document ! https://github.com/iam-py-test/investigations/blob/main/2021/12/14/1.md ||onemacusa.net^$all -||pernicrolst.xyz^$all ! random .xyz domains which just don't look legit ||cp2s.xyz^$all -||ju0g8.xyz^$all -||kr6c2.xyz^$all -||o5pp7.xyz^$all -||rj6jn.xyz^$all -||i0x2z.xyz^$all -||hfet0.xyz^$all -||dkv2b.xyz^$all -||u650k.xyz^$all -||ujzt5.xyz^$all -||3q539.xyz^$all -||5p15c.xyz^$all -||owlld.xyz^$all -||v8xv8.xyz^$all -||56qzh.xyz^$all -||7wijw.xyz^$all -||xk9xt.xyz^$all ||80302.xyz^$all -||rq64u.xyz^$all -||c2j5r.xyz^$all -||g53uv.xyz^$all -||4f77e.xyz^$all ! https://github.com/DevSpen/links/pull/3 -||discordtotal.net^$all ||d13nu0oomnx5ti.cloudfront.net^$all ||dgu9g3a2kzqx2.cloudfront.net^$all ||d13pxqgp3ixdbh.cloudfront.net^$all ! https://scammer.info/t/important-security-message-888-498-2847/85668/2 -||catelcds.xyz^$all ! https://scammer.info/t/snapchat-spam-click-link-don-t-link-investigate-please/85620 ||nvoddn.hotglrls.net^$all @@ -10400,7 +8659,6 @@ ! https://scammer.info/t/stupid-ass-scammers-lol/85601 (support[@]clickgadgets[.]club) ||bit.ly/3DWxMNv^$all -||security-protection.me^$all ||clickgadgets.club^$all ! scam website with only fake links @@ -10417,9 +8675,6 @@ ||fuck-me.io^$document ! https://scammer.info/t/youtube-comment-spam/85737 -||youtubes.uno^$all -||1.youtubes.uno^$all -||0.youtubes.uno^$all ||0.acceptww.com^$all ||acceptww.com^$all ||8.acceptww.com^$all @@ -10438,28 +8693,17 @@ ||live.newsvot.com^$document ||adalgard-wol.com^$all ||secure-access-981cd52a6hqpm8e2.gate23.xyz^$document -||best-pc-protect.xyz^$all ||ny-feed.r-tb.com^$document -||d7s26.xyz^$document -||rt6qb.xyz^$document -||qyti8.xyz^$document -||1jizt.xyz^$document -||j42az.xyz^$document -||k316u.xyz^$document ||clk.hosting-redirect.com^$document -||robertprotectsyourpc-us1.com^$all ! https://scammer.info/t/cyberpunk-2077-fake-generator/85772 ||groups.google.com/g/cyberpunk-steam-key-generator-working-check-now-2022?$document ||groups.google.com/g/cyberpunk-steam-key-generator-working-check-now-2022/$document ||ragamer.com^$document -||gamingstone.com^$all ! https://scammer.info/t/discord-nitro-scam-10/85771 -||dlscord-collaboration.com^$all ! https://scammer.info/t/discord-nitro-scam-1/85706 -||discrode-gift.com^$all ! https://scammer.info/t/indian-kotak-mahindra-bank-scam/85760 ||raam-and-laxman98.000webhostapp.com^$all @@ -10468,19 +8712,14 @@ ||gift-discords.com^$all ! https://scammer.info/t/discord-nitro-scam-8/85739 -||steamsdiscordl.com^$all ! https://scammer.info/t/discord-nitro-scam-6/85710 -||nitro-gg.com^$all ! https://scammer.info/t/discord-nitro-scam-7/85709 -||discords-gifts.club^$all ! https://scammer.info/t/discord-nitro-3/85708 -||nitro-full.xyz^$all ! https://scammer.info/t/discord-nitro-scam-2/85707 -||nitro-ds.com^$all ! possible Tech Support Scam ||installmysecurity.com^$document @@ -10495,28 +8734,20 @@ ||landing.marketstm.com^$document ! https://scammer.info/t/airdrop-discord-nitro-with-steam-scam-7-977-525-68-47/86156 -||discrode-app.com^$all ! https://scammer.info/t/1-month-nitro-for-free-take-it-scam/86166 ||discrode-gifte.club^$all ! https://scammer.info/t/kohlsshoppergiftopportunity-scam-e-mail/86102 -||fattect.co.uk^$document -||viewbasics.com^$document ! https://github.com/DevSpen/scam-links/pull/11 -||dlscord-app.su^$document ! https://forums.malwarebytes.com/topic/282206-scam-websites/ -||gexofa.ru^$all -||exmo.cam^$all ||hu-video.xyz^$all -||ne-video.xyz^$all ||bs-video.xyz^$all ||xa-video.xyz^$all ||video-cd.xyz^$all ||gm-video.xyz^$all -||video-seb.xyz^$all ||iamoney.xyz^$all ||vbmoney.xyz^$all ||obmoney.xyz^$all @@ -10526,56 +8757,12 @@ ||uamoney.xyz^$all ||tbmoney.xyz^$all ||ecmoney.xyz^$all -||mxxmoney.xyz^$all -||m.boxyss.buzz^$all ||gcmoney.xyz^$all -||winlinee.com^$all -||orion-hook.ru^$all -||ua-drama.com^$all -||dramat-teatr.ru^$all -||amount-pay.top^$all -||appy-survey.top^$all -||year.boxyss.buzz^$all -||bank.boxyss.buzz^$all -||2022.boxyss.buzz^$all -||happy.boxyss.buzz^$all -||m.nogapku.today^$all -||year.nogapku.today^$all -||bank.nogapku.today^$all -||2022.nogapku.today^$all -||happy.nogapku.today^$all -||m.can-you-tap.buzz^$all -||ep.b228mskn.xyz^$all -||topplucky2021.xyz^$all -||lss.oscamwasws.biz^$all -||russian-standups.ru^$all ||xosi.ru/shop-wallets/$document -||year.can-you-tap.buzz^$all -||bank.can-you-tap.buzz^$all -||2022.can-you-tap.buzz^$all -||happy.can-you-tap.buzz^$all -||m.tap-box-prize.buzz^$all -||year.tap-box-prize.buzz^$all -||bank.tap-box-prize.buzz^$all -||2022.tap-box-prize.buzz^$all -||happy.tap-box-prize.buzz^$all -||m.cash-out-win.buzz^$all -||year.cash-out-win.buzz^$all -||bank.cash-out-win.buzz^$all -||2022.cash-out-win.buzz^$all -||happy.cash-out-win.buzz^$all -||holiday.fzx-1ntityin.xyz^$all -||holiday.bzn-6ainint.xyz^$all -||holiday.ndd-5yhitshl.xyz^$all -||holiday.dzv-6oleeffe.xyz^$all -||palm-flame.buzz^$document -||momentomono-banking.com^$all ! https://forums.malwarebytes.com/topic/282206-scam-websites/?do=findComment&comment=1494794 ||iglookup.com^$document ||www.iglookup.com^$document ! https://www.virustotal.com/gui/ip-address/172.67.210.43/relations -||0rahvs.cn^$all -||dmat33rixpony.top^$all ! 'click allow to continue' scam which redirects to random subdomains when the premission is blocked. Also redirects to TotalAV at the end ||8db3p.leadoesnotknowaboutkukuriko.xyz^$all @@ -10607,7 +8794,6 @@ ! "press allow to continue" popup ad ||masstech.info^$all -||defender-scanning.xyz^$all ||windows-secureit.com^$all ! fake game cheat download buttons redirecting to "press allow to continue" and Norton @@ -10616,7 +8802,6 @@ ||freychang.fun^$all ! fake discord Nitro generator -||discordnitro.pw^$all ||us.doctorpost.net^$document ! another fake Nitro generator @@ -10634,28 +8819,14 @@ ! fake human verification scam ! start form - reported for abuse -||techhubtools.com^$all ||q.promotionsonlineusa.com^$all ||reward4spot.com^$all ||www.reward4spot.com^$all -||iget4free.com^$all -||www.iget4free.com^$all ! fake download buttons with popups ||cracked-games.org^$all -||payments4u.info^$all -||d6gyt.xyz^$all -||fg9kd.xyz^$all -||dtjdp.xyz^$all ||prksism.com^$all -||c1s9f.xyz^$all -||sqz7u.xyz^$all -||c8pgj.xyz^$all -||e93nq.xyz^$all ! https://www.virustotal.com/gui/ip-address/18.210.201.44/relations -||testigwebpushdomain.xyz^$document -||testigwebpushdomain.live^$document -||syncfreehighlythefile.vip^$document ||antirobotsystem.com^$document ! fake 'no human verification' discord nitro generator @@ -10670,10 +8841,8 @@ ||linktr.ee/FreeDiscordNitroGift^$all ! https://scammer.info/t/install-required-trojan/90099 -||uress.xyz^$all ! https://www.youtube.com/watch?v=0P4OkPQP7C4 -||ww2citgruop.online^$document ! "press allow to continue" ||www.kuyhaa-mee.com^$all @@ -10683,7 +8852,6 @@ ||581358.waystriling.com^$all ||qyt8pi.waystriling.com^$all ||xiiowt.waystriling.com^$all -||link.kuyhaa-mee.com^$all ||www.upload-4ever.com^$document ||upload-4ever.com^$document ||worldcoolfeed.com^$all @@ -10719,39 +8887,6 @@ ||sites.google.com/mytv/maintenance^$all ! all the RARs just contained one zero-byte file, so just blocking the confirmed scam part of it (start URL hxxpx[://]bayanhuu[.]com/microsoft-office-2016-full-download[/] -||voecf.xyz^$all -||dn34q.xyz^$all -||ieond.xyz^$all -||snwgb.xyz^$all -||cdmw9.xyz^$all -||qse7e.xyz^$all -||qyt8i.xyz^$all -||q18px.xyz^$all -||lytf0.xyz^$all -||m0w2s.xyz^$all -||osdme.xyz^$all -||p0sx0.xyz^$all -||4f7e7.xyz^$all -||8s3fw.xyz^$all -||r1i6t.xyz^$all -||rj6nj.xyz^$all -||vtxfh.xyz^$all -||jkiof.xyz^$all -||k31u6.xyz^$all -||kwptr.xyz^$all -||wiruv.xyz^$all -||w5ajw.xyz^$all -||opc0r.xyz^$all -||owflz.xyz^$all -||lhky5.xyz^$all -||m5xz1.xyz^$all -||ibq43.xyz^$all -||rx93u.xyz^$all -||sqjpx.xyz^$all -||i5aqm.xyz^$all -||b7sw8.xyz^$all -||b2l0j.xyz^$all -||srvdedi.xyz^$all ||habitum.xyz^$all ||news-easy.org^$all @@ -10766,48 +8901,11 @@ ||omnioffers.com^$document ! https://www.virustotal.com/gui/url/98f0186f4d20f3138a4e05f58369019cee8e88153578e3d729b716d8b57c0857/community -||boxes.loading-win-wait-4.buzz^$all -||loading-win-wait-4.buzz^$document -||happy.loading-win-wait-4.buzz^$all -||x6pay.top^$all -||o6pay.info^$all -||n6pay.icu^$all -||h6pay.info^$all -||i6pay.xyz^$document -||j6pay.xyz^$document -||u6pay.top^$document -||k6pay.info^$document -||i6pay.info^$document -||g6pay.xyz^$document -||p6pay.icu^$document ||k6pay.top^$document -||j6pay.icu^$document -||l6pay.top^$document -||i6pay.icu^$document -||e6pay.info^$all -||j6pay.top^$document -||l6pay.icu^$all -||d6pay.info^$all -||k6pay.icu^$document -||g6pay.info^$all -||i6pay.top^$document ||h6pay.top^$all -||h6pay.icu^$document ||g6pay.top^$all -||f6pay.icu^$document -||m6pay.top^$document -||o6pay.top^$document -||f6pay.info^$all ||n6pay.top^$document -||g6pay.icu^$document -||c6pay.xyz^$document -||c5pay.info^$all -||b6pay.info^$document ||c6pay.top^$all -||e5pay.top^$all -||f5pay.top^$all -||s0pay.icu^$document -||lotoq.ru^$document ||190.115.26.220^$document ! typical fake discord nitro generator -> survey scams @@ -10816,10 +8914,7 @@ ||www.gamecodeclaim.com^$all ! hxxpx[://]consortiumrecords[.]co/free-tools/download-microsoft-office-365-product-key-crack-updated/ -||consortiumrecords.co^$document ||foradream.top^$all -||jmujav.eveningpaintjoy.top^$all -||eveningpaintjoy.top^$all ||h.therewardboost.com^$all ||b.therewardboost.com^$all ||i.therewardboost.com^$all @@ -10851,10 +8946,8 @@ ||dream-singles.com^$document ! https://scammer.info/t/take-it-discord-gift-7-0251200521/92613 -||diskcord.gift^$all ! https://scammer.info/t/discord-has-gifted-you-nitro-for-1-month-scam-3/92326 -||discred.gift^$all ! even more fake "human verification" ||speedboostpc.com^$document @@ -10870,39 +8963,18 @@ ||appbase.best/dboost^$all ! poped up while running malware -||mideaacc.biz^$all -||aerxas.inventagainstpattern.top^$all -||inventagainstpattern.top^$document ! looks very shady ||www.taixiu.bet^$document ||taixiu.bet^$document ! https://github.com/AdguardTeam/AdguardFilters/issues/111843 -||loadware.org^$all ||cybop.net^$document ! https://forums.malwarebytes.com/topic/284608-crypto-giveaway-scams/ ||x2-shiba.org/shiba/giveway.php^$document -||rise-crypto.org^$document -||dropcoins.cash^$document -||zenithcryptotraders.com^$document -||2x-ether.com^$document -||ark-promo.com^$document -||elontake.org^$document -||x2-arkevent.com^$document -||buterin2x.net^$document -||upxrp2022.com^$document -||eth-yt.com^$document -||bnbdrop.cash^$document -||ether-2211.org^$document -||saylorgifts.com^$document -||ripplex2.org^$document ||ark-today.com/ethgiveaway.html^$document ||ark-today.com/btcgiveaway.html^$document -||2022adaevent.com^$document -||eth-yt.pw^$document -||invest-ark.tech^$document ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1060031240 ||webcams-chat.com^$all @@ -10921,49 +8993,16 @@ ! https://www.virustotal.com/graph/gae4b79eddfec44439142fec34bf90890609e118340984dbd855b515b1be9cfc9 ||holgerstrehlow.de/discord-nitro-code-generator-no-human-verification.html^$document -||find-top-prizes-here.life^$all -||ellnkw.bestagainstwife.xyz^$all -||bestagainstwife.xyz^$all -||somemypoint.xyz^$document -||divisionstreetsteam.xyz^$document -||differnowelse.xyz^$document -||sideincludeinsect.xyz^$document -||shallpresentlist.xyz^$document -||joinmeanpound.xyz^$document -||earlyshellbrought.xyz^$document -||hqkcjc.mineletterbone.top^$document -||togethermotionearly.top^$document -||sandskyissue.top^$document -||mineletterbone.top^$document -||catbookseveral.top^$all -||aftercleanthem.top^$all -||villageclasspush.top^$all -||pointonyoung.top^$all -||selectthinkshoes.top^$all -||begandecideface.top^$all -||mhkjmn.desertshellshore.top^$document -||willtenfrom.top^$all -||speakspreadbasic.top^$all -||throwshopset.top^$all ! GH? ||github.com/faisalali734/$document ! starts at hxxpx[:]//triunetech[.]co/windows-software/winrar-64-bit-for-windows-10-with-crack-free-download/ -||thenelectricstring.xyz^$all -||krgqfy.thenelectricstring.xyz^$all ! auto-redirect from hxxpx://createwithkrista[.]co/windows/winrar-for-windows-10-64-bit-free-download-with-crack/ -||createwithkrista.co^$document ||outto.us^$document -||freepartner.us^$all -||nraqnr.posedrinkdescribe.xyz^$all -||posedrinkdescribe.xyz^$all ! hxxpx://thecornermarket[.]co/free-crack/winrar-64-bit-download-crack/?utm_referrer=https%3A%2F%2Fwww.bing.com%2F -||thecornermarket.co^$document ||merchd.rip^$all -||jufdyn.pieceveryyoung.xyz^$all -||pieceveryyoung.xyz^$all ! the rest is blocked ||buymeacoffee.com/getcode/discord-free-nitro-generator-no-human-verification-survey^$all @@ -10973,18 +9012,10 @@ ||grptrac.com^$all ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1074966240 -||melding.link^$document -||skatteetaten.no.melding.link^$document ! https://github.com/blocklistproject/Lists/issues/693 -||mcafee.software-reminder.cloud^$all ! https://app.any.run/tasks/b43b04b3-b8c1-4384-b455-961f427f5379 -||dating-goodgirls.top^$all -||g.dating-goodgirls.top^$all -||st.dating-goodgirls.top^$all -||i.dating-goodgirls.top^$all -||b.dating-goodgirls.top^$all ||h.shyflirttalks.com^$document ! Yet Another fake discord generator @@ -11002,57 +9033,25 @@ ! https://forums.malwarebytes.com/topic/285189-scam-warnings-of-trojansviruses-via-web-browser-service-workers/ ||yourwebshield.com^$all -||mysecuresoftware.com^$all ! https://app.any.run/tasks/a8a589e0-2aee-43f5-9fbe-92dc9e4bfec4 -||bst.protective-system.com^$all -||protective-system.com^$all -||news-hubucu.cc^$document -||3zl49.xyz^$all -||7yqck.xyz^$all ||action.miliated.xyz^$document ||undrininvereb.info^$all ! https://app.any.run/tasks/3d80ad3d-3a47-46ae-a389-c0f9122ee2e2 -||toppark.info^$all -||wdmtg.xyz^$all -||lavish-nicely.xyz^$all ! https://app.any.run/tasks/94987721-2dbd-4705-8d87-561d0fc546c4 -||shapelcounset.xyz^$document ! https://twitter.com/MBThreatIntel/status/1509956416311742464 -||xposednews.xyz^$all -||tomguide.xyz^$all -||eronews.xyz^$all -||taclenews.xyz^$all -||chapternews.xyz^$all -||tomsguides.xyz^$all -||exposednews.xyz^$all -||crypcoinsnews.xyz^$all -||newsjump.xyz^$all -||newsmaven.xyz^$all -||kathnews.xyz^$all -||hrmaclenews.xyz^$all -||maanews.xyz^$all -||newsdeals.xyz^$all ! https://forums.malwarebytes.com/topic/285210-hacked-discord-account-through-malware/?do=findComment&comment=1509000 -||m2mx.nceacticsi.pro^$all -||nceacticsi.pro^$document -||kpws.nceacticsi.pro^$all -||dmy5.nceacticsi.pro^$all ! https://app.any.run/tasks/7bfb3be3-ba73-4db5-b739-50eb76ea0e0a -||www.yourdesktopdefence.com^$document -||yourdesktopdefence.com^$document -||balleu.info^$all ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1094359634 ||disq.us/p/2o9pztr^$document ||disq.us/p/2o9qqsl^$document ||disq.us/p/2o9pmyi^$document -||fast-date.site^$all ||2horney-girls.life^$document ||localdates16s.com^$document ||popupchat-live.com^$document @@ -11061,26 +9060,21 @@ ! a "press allow to continue" + fake McAfee ||ultrafastultra.blogspot.com^$all ||tei.ai^$document -||app.web-scanning.com^$all ||forfrogadiertor.com^$all ||ourdailystories.com^$all ! Fake Discord nitro generator ||acreauburn.com/profile/kyrrwgutzctpad/profile^$document -||freegiftcard.pw^$all ||www.uplevelreward.com^$document ||uplevelreward.com^$all ! https://github.com/uBlockOrigin/uAssets/pull/12699 -||jacobtvmountingservice.com^$all -||streamwebx.online^$all ||ziltzwebsol.online^$all ! even more fake Discord Nitro generators ||coub.com/stories/946163-free-discord-nitro-codes-list-all^$document ||t.co/5N0H4rfCgL?DiscordNitro^$all ||t.co/5N0H4rfCgL^$document -||game-time.me^$all ! Google Group --> Discord Nitro generator ||groups.google.com/g/discord-nitro-generator-free-2021-without-human-verification/c/1MKZDSll9uA?msclkid=7bce476ac87a11eca172b94bbb5a5692^$document @@ -11112,32 +9106,17 @@ ! https://blog.malwarebytes.com/web-threats/2022/05/fake-recaptcha-forms-dupe-users-via-compromised-wordpress-sites/ ! https://blog.sucuri.net/2022/05/massive-wordpress-javascript-injection-campaign-redirects-to-ads.html -||legendarytable.com^$all -||local.drakefollow.com^$all -||links.drakefollow.com^$all -||bluestringline.com^$all -||browntouchmysky.com^$all -||redstringline.com^$all -||whitetouchmysky.com^$all -||gregoryfavorite.space^$all -||gregoryfavorite.top^$all -||pushnow.net^$document -||drakefollow.com^$all ! https://www.virustotal.com/gui/url/9dfce1c855c4ad3bfc6b95ec8ec80090b7eecd1cc93eab1f39e456e9cdec4496/community -||ethereum-tesla.net^$all ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1137050700 ! https://www.tv2.no/14815077/ -||sikkerbruger.com^$document ! https://twitter.com/iam_py_test/status/1528858711128625152 ||supercillious.xyz^$all ! a fake MediaFire domain ||walkeryellow141.weebly.com^$all -||qmzaem.dogtenshout.xyz^$all -||dogtenshout.xyz^$document ||www.rewards-cards.org^$document ||www.dealskeeper.com^$document ||h.promotionsonlineusa.com^$document @@ -11151,7 +9130,6 @@ ||y.promotionsonlineusa.com^$document ! https://twitter.com/dubstard/status/1531883515494662144 -||balancer-flnance.com^$document ! ads on a site --> https://www.virustotal.com/gui/url/0871f217f945c993d8624aadd5e718e9bb740096d13fad74d58b3fc3a4fdfda0?nocache=1 ||ebaaa.xyz^$all @@ -11162,8 +9140,6 @@ ||postoffice-depot38.com^$document ! a random popup -||not1f1ac1no.xyz^$all -||2.not1f1ac1no.xyz^$all ||lifeimpressions.net^$popup ||d0063d.lifeimpressions.net^$document ||100800.lifeimpressions.net^$document @@ -11174,26 +9150,20 @@ ||trafredirtds.com^$document ! https://scammer.info/t/microsoft-popup-scam-1-888-622-9118/100449 -||oqepaeogab924.ml^$all ! https://twitter.com/iam_py_test/status/1538267982551347200 ||may8forstudents.org/free-discord-nitro-codes-list-no-human-verification/^$all ||www.easyrobuxtoday.org^$document ||robloxhackv2111.blogspot.com^$all -||bux.wellter.de^$document -||play.cheat.ru.com^$document ||appinstallcheck.com^$all ||api.pushnami.com/api/push/image/id/61f58059b94aff0015c3e03c^$all ! weird website with some Push Allow To Continue alerts - hxxpx[://]www[.]filefixation[.]com/malwarebytes-pro-crack-serial-keygen-download.html ||filefixation.com^$document ||www.filefixation.com^$document -||am.deal-warriors.com^$all ||deal-warriors.com^$document -||fifth-burned.com^$document ! yet another push-allow-to-continue scam on a YouTube downloader site -||freenotifications.com^$all ! ads ||ffe405491d.28b67b8230.com^$popup @@ -11203,32 +9173,18 @@ ! redirects to scams ||sharefast572.tumblr.com^$all -||qrtsy.rocks^$all -||aadvbj.whileshowsheet.buzz^$all -||whileshowsheet.buzz^$document ||tumblr.gotohouse.top^$document ||gotohouse.top^$all ! https://www.virustotal.com/gui/ip-address/5.189.217.107/relations -||forwardpartkey.buzz^$document -||hecompletesmell.buzz^$document -||sellthousandleast.buzz^$document -||saltarmsettle.buzz^$document -||bloodeachamong.buzz^$document -||planehetotal.buzz^$document ! redirected to scams automatically ||loadingdead.netlify.app^$document ||down.myboxloadneed.top^$all ||myboxloadneed.top^$document -||smrjno.crowdgoalturn.buzz^$all -||crowdgoalturn.buzz^$all -||redirectproduct.us^$document ! fake download to scams ||alexisfernandez.doodlekit.com^$document ||doodlekit.gotorange.top^$document -||certainspendcrowd.buzz^$document -||knrtpn.certainspendcrowd.buzz^$all ! tech support scam - https://forums.malwarebytes.com/topic/287438-excel-macro-40-abuse-protection-prevents-opening-password-protected-files/?do=findComment&comment=1519928 ||ewebprotection.info^$document @@ -11240,7 +9196,6 @@ ||justtrck.net/run.php^$document ! https://www.virustotal.com/gui/url/d27d2c721d7ff421e35934dfc189834ae69e0a5a59712dff7dbd3a8051aa3778 -||welcome-hypesquad.gq^$all ! https://app.any.run/tasks/8125703c-6fdb-49bc-a18c-918e64e83f4d ||nedaugha.buzz^$all @@ -11253,7 +9208,6 @@ ||challonge.com/discordnitrogenerator/^$all ! https://www.virustotal.com/gui/url/ccccbdeb6be72608e84d5d566167b1264fe03a02052a2f91a2a31c389b92427c/community -||king-prawn-app-howvu.ondigitalocean.app^$all ! Push-Allow-To-Continue ||ptaimpeerte.com^$all @@ -11272,28 +9226,18 @@ ||teenmas46.tistory.com^$all ||teenymi.tistory.com^$all ||myapplesite.us^$all -||feuvpu.evidencelonglie.top^$all -||evidencelonglie.top^$document ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1209782781 ! https://app.any.run/tasks/a7cc86ee-a604-4a65-968c-26c237620b2b (nsfw) ||girlluscious.com^$document ||fuckbook.tv^$document -||a.montnotimex.top^$all -||b.montnotimex.top^$all -||montnotimex.top^$document -||sexybltch.net^$document ! https://www.youtube.com/watch?v=6e7MsoThffo ||loadnova898.netlify.app^$document ||tonrino.info^$all -||mubqjh.overloveexperience.top^$all -||overloveexperience.top^$document ||new.bestageoffers2022.com^$document ||d0zi.com^$all ||rewards-cards.org^$document -||xmfngo.meanquestiondouble.top^$all -||meanquestiondouble.top^$document ||x-delivery.icu^$document ||nextsoft.icu^$all @@ -11301,16 +9245,12 @@ ||a2ics.eu^$all ! https://github.com/blocklistproject/Lists/issues/801, credit to https://github.com/alanjacobmathew -||amazononlinewinners.in^$document ! https://github.com/uBlockOrigin/uAssets/issues/14569 -||bnbdeal.net^$all -||www.bnbdeal.net^$all ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1230875702 ||youtube.com/channel/UCxpXAcML6p3Ns5T9GwEK5hQ^$all ||stils-top.space^$all -||sweergirlsi.com^$document ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1230939213 ||classicsgirl.com^$document @@ -11339,7 +9279,6 @@ ||subscription.trk-deserunt.com^$all ||event.trk-deserunt.com^$all ||trk-deserunt.com^$all -||ionicdents.com^$document ||core.alertsx.com^$all ||alertsx.com^$all ! https://twitter.com/iam_py_test/status/1571997052900413440 @@ -11347,8 +9286,6 @@ ! Porn scam ||her-cupid.com^$all -||getlaid-snaphookupna.com^$document -||getlaid-chat.com^$document ||hottieswantu.com^$document ||offers.usabangpalace.com^$document ||w86a5jeili53sd6j26lv71h0.find-singles-online.com^$all @@ -11359,32 +9296,22 @@ ||install-network.com^$document ! https://app.any.run/tasks/541d38e7-67d1-46a7-85c8-dfcba7e40761 ||fatededers.com^$all -||app2.trckxflow.xyz^$all -||trckxflow.xyz^$document ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1257870944 ||netbuilding.com.ar^$document ! https://github.com/uBlockOrigin/uBOL-issues/issues/1 -||trustedvalues.ml^$all ! Push scam shared by https://github.com/Yuki2718 ||nextpsh.top^$all ! Scam shared by https://github.com/piquark6046 (https://app.any.run/tasks/c30445b3-cc48-4039-9b02-26289f798b2f) -||216.wiswentidea.live^$all -||wiswentidea.live^$document ||54.37.5.34^$document ! https://github.com/AdguardTeam/AdguardFilters/issues/131156 -||s41sg.tyhogot.sbs^$all -||tyhogot.sbs^$document ! redirects from a hacked website ||rx-qualityshop.com^$all -||momentxshop.com^$all -||distrbxshop.com^$all -||grabxshop.com^$all ||canadatrustmed.com^$all ! domains used by adfly for notification spam @@ -11478,8 +9405,6 @@ ||winnenmetje.info^$document ! https://forums.malwarebytes.com/topic/291785-virus-removal/ -||a.captcha4you.top^$all -||captcha4you.top^$all ! https://www.virustotal.com/gui/url/7b40e1b7ffc3b710640ae41c529aff18e4c8cded55391d55c34b601912c5a2a2/community ! https://app.any.run/tasks/f0a198be-f4a4-4414-94c5-21ed61ae0264 @@ -11496,7 +9421,6 @@ ||wilycaptcha.live^$document ||captchasee.live^$document ||captchatotal.live^$document -||pushycaptcha.live^$document ! https://app.any.run/tasks/c87a34ca-0d2f-43cb-be6d-8f48506bd723 ||ftuyn.ewoverth.buzz^$all @@ -11507,7 +9431,6 @@ ||napublic.com^$document ||haxbyq.com^$all ||authookroop.com^$document -||s1cp.xyz^$all ||dlinkrdr.com^$document ||s.viichxt.com^$document ||getsecures.com^$all @@ -11537,8 +9460,6 @@ ||iphonediscord.info^$all ! popups from shady URL shorteners -||muchnow.net^$popup -||us.muchnow.net^$document ||mediasama.com^$document ||nadjustifygas.com^$document ||ufacw.com^$document @@ -11563,7 +9484,6 @@ ||uspftiltedt.info^$all ! https://www.virustotal.com/gui/url/fe572bb6ae200bc0c888f0a4de73039aa594451e9cea8517ab835ffed1be4bd5/community -||jios24hus.ml^$all ! https://www.bleepingcomputer.com/forums/t/779953/urambledcom-just-a-nuisance-or-what/ ||urambled.com^$all @@ -11602,17 +9522,9 @@ ||casualdates4you.com^$document ! an infected VM -||1317.ideautland.live^$all -||ideautland.live^$document -||winyourprize36.com^$document ||dreamyproducts4u.net^$document ||xorror.shop^$document -||1317.bedlesscope.live^$all -||bedlesscope.live^$document ||getarrectlive.com^$all -||aimbot.games^$document -||www.fulltimesecurityguard.com^$all -||fulltimesecurityguard.com^$all ||identitysecurecenter.online^$all ||get.securedbrowser.net^$document ||securedbrowser.net^$document @@ -11622,15 +9534,12 @@ ||microsoftedge.microsoft.com/addons/detail/gfbbhkcipmfiidllnalpchabihdgklnl^$document ||microsoftedge.microsoft.com/addons/detail/secured-browse/gfbbhkcipmfiidllnalpchabihdgklnl^$document ||kms-auto.site^$document -||gwe92vt.cfd^$all -||coacytecarni.ga^$all ||phenotypeguide.com^$all ||onesocialimpactnow.com^$all ||globaledyta.com^$all ||topcontactinc.com^$all ||adsforcomputertech.com^$all ||pushuworld.com^$all -||managecompletelyquickinfo-file.info^$all ||jytibarose.xyz^$all ! https://app.any.run/tasks/67907c11-6877-4c38-932f-2cf09ee4e434 ||adblock-chrome.net^$all @@ -11660,7 +9569,6 @@ ! https://app.any.run/tasks/e0266815-2e00-42cb-b646-fa7dffb4a5e5 ||myget.org/feed/roblox-generator-no-verification/package/nuget/free-robux-generator-no-verification-or-survey-2022-v5153^$all -||freerobux.best^$all ||deine.belohnung24.com^$all ||spr.belohnung24.com^$all ||expensivesurvey.click^$all @@ -11672,15 +9580,9 @@ ! various scams from one site ||recodetime.com^$all ||updateinfoacademy.com^$all -||setupgreatlylatestinfo-file.info^$all -||sv.uggfzaj.icu^$all -||uggfzaj.icu^$all ||updaterglobal.com^$all ||phooking-nearected.com^$all ||deten.live^$all -||kfl86.xyz^$all -||70uj5.xyz^$all -||7l087.xyz^$all ! https://forums.malwarebytes.com/topic/293205-alexa-support-scam/ ||twitter.com/smartdotsupport^$all @@ -11693,7 +9595,6 @@ ! discord nicro scam ||discordnitrocodegeneratorfree2022nohumanverification.weebly.com^$all ||gainforfree.com^$all -||freegamingreward.com^$all ! https://www.virustotal.com/gui/url/65e7a48f0f2efb758087a0d99e8482a4b3245468e959633493655754fec08f48/community ! https://app.any.run/tasks/58b76078-e35e-46c8-b15e-e187ed375be6 @@ -11704,20 +9605,15 @@ ! (nsfw) https://app.any.run/tasks/a8a191ea-0e54-439f-96fd-c04a04150b06 ||expresscommusa.com^$document ||flirtingworld.com^$document -||befjajh.hornydats.com^$all -||hornydats.com^$document ||date.sofortdates69.com^$document ||sofortdates69.com^$document ! hxxps[://]www[.]youtube[.]com/watch?v=d2ox4EcjtQY (spam comments) -||idealhackers.com^$document ! https://forums.malwarebytes.com/topic/293293-i-clicked-on-something-and-i-got-redirected-to-malicious-website-help/ ! https://forums.malwarebytes.com/topic/293294-fake-onlyfans-website/ (account required) ! https://app.any.run/tasks/cb1a672e-c3ed-455a-bc84-4b8bc060ee68 ! https://www.hybrid-analysis.com/sample/c3190b42a350a79f2b97af529a8bb57f39b62c9b12367419e71a2d053fb4a5fe -||jwbvdz.exceilentdate.com^$all -||exceilentdate.com^$document ||sexfriendfdr.freeflirtz.com^$document ||freeflirtz.com^$document @@ -11728,7 +9624,6 @@ ! https://www.virustotal.com/gui/url/5808655d76b6ad31b7cc15fc266be2acb904ff8512fc1424103a6c54443bd272/community ! https://app.any.run/tasks/f619367b-ba77-4dbb-9046-211758a7f31a (my "analysis") -||2jb1swa.overnightbook.co.in^$document ||viptips4youtoday.world^$document ! typical fake "discord nitro generator" @@ -11753,280 +9648,39 @@ ||lootprime.com^$all ||rdr.mobiletime.net^$all -! https://www.virustotal.com/gui/domain/btc8588.com/community -||btc8588.com^$document ! https://github.com/AdguardTeam/AdguardFilters/issues/139667 (credit to DandelionSprout for some of these entries) ||500654179.kilpa2017.fi^$all -||sintiwent.buzz^$all -||sawsupportquiet.buzz^$all ||yepsimmen.live^$all -||rememberespeciallyturn.buzz^$all -||thoseverbmuch.buzz^$all -||crymanbee.buzz^$all -||wantledwife.buzz^$all -||catabovewinter.buzz^$all -||againstbarsolution.buzz^$all -||spacesharpone.buzz^$all -||legenergybreak.buzz^$all -||asreadmeat.buzz^$all -||pointcookship.buzz^$all -||pointladydear.buzz^$all -||f9dle.skin^$all ||kilpa2017.fi^$all ||51.68.87.229^$all ! resolve to 51.68.87.229 ||hillendan.live^$document -||68.sagpewzoo.live^$document -||sagpewzoo.live^$document ||intoobut.live^$document -||214.logomuado.live^$document ||logomuado.live^$document -||caphiresite.live^$document -||lifealsosen.live^$document -||enimpdoor.live^$document -||wrymofive.live^$document -||funnorwork.live^$document -||cartankbit.live^$document -||beenjumptwo.live^$document -||loadsaveaxe.live^$document -||thinbudpe.live^$document -||221.laxthatpie.live^$document -||idactbeat.live^$document ||laxthatpie.live^$document -||getcastref.live^$document -||huntrisetea.live^$document -||gatelovecode.live^$document -||hutsnowlog.live^$document ||nebdanext.live^$document -||tienewsput.live^$document -||1310.yepsimmen.live^$document -||doorgirlxu.live^$document -||shwaveline.live^$document ||drewcorsit.live^$document -||arbyeapt.live^$document ||weyeplost.live^$document -||hitfreehug.live^$document -||niltopion.live^$document -||wyefivewin.live^$document -||dryranboat.live^$document -||rumparsir.live^$document -||sitefeltmil.live^$document ||loaditjew.live^$document -||mombeatbad.live^$document -||celldablad.live^$document ||rawsalwet.live^$document -||evethyfry.live^$document -||weorealt.live^$document ||rugpinchi.live^$document ||tillwoonote.live^$document -||18.reftourcop.link^$document -||314.reftourcop.link^$document -||317.reftourcop.link^$document ||becashcode.live^$document ||absbeatsic.live^$document ||tooldidhurt.live^$document ||crypostmark.live^$document -||cadfixdisc.live^$document -||reftourcop.link^$document -||putmujoy.live^$document -||funddincue.live^$document ||varyhurtback.live^$document -||katookfair.live^$document -||monartcoo.live^$document -||dietsiadd.live^$document ||toeastdue.live^$document -||towriskkit.buzz^$document -||2320.rushmaineat.buzz^$document -||rushmaineat.buzz^$document -||hourridsap.buzz^$document -||areledfay.buzz^$document -||docoolman.buzz^$document -||tabooken.buzz^$document -||niptolddug.buzz^$document -||cuecardrole.buzz^$document -||1914.rateomala.buzz^$document -||itfootjun.buzz^$document -||ownayrear.buzz^$document -||fuelwarmink.buzz^$document -||bluestopleg.buzz^$document -||barraingave.buzz^$document -||itsvoteoh.buzz^$document -||sewhellbeen.buzz^$document -||hirerolltry.buzz^$document -||relywhenthin.buzz^$document -||sipboar.buzz^$document -||solecutplug.buzz^$document -||oakflatrod.buzz^$document -||nipsignbye.buzz^$document -||itemwearawe.buzz^$document -||dugnaphung.buzz^$document -||giveoohab.buzz^$document -||posthirepin.buzz^$document -||maysouldone.buzz^$document -||hotburnsong.buzz^$document -||gungetfee.buzz^$document -||thishishair.buzz^$document -||sewaxfeed.buzz^$document -||varypoplose.buzz^$document -||areamatdeal.buzz^$document -||daloetook.buzz^$document -||axejunsh.buzz^$document -||lesfallsoon.buzz^$document -||wismoveoak.buzz^$document -||leadplugcard.buzz^$document -||heyfortsite.buzz^$document -||oddcastwry.buzz^$document -||fulltadroe.buzz^$document -||starbowvia.buzz^$document -||timeailab.buzz^$document -||racedayspath.top^$document -||coataboutcompany.top^$document -||newcopybroke.top^$document -||effectthreefinger.top^$document -||doorordergreat.top^$document -||doctorcrossear.top^$document -||bysingcrowd.top^$document -||organcolouropposite.top^$document -||lowtwobest.top^$document -||motherdearexcept.top^$document -||keptlandmap.top^$document -||oceanownfavour.top^$document -||processwifestand.top^$document -||clotheseveningfish.top^$document -||thirdcoolsail.top^$document -||piecebelieveequate.top^$document -||lightcutlike.top^$document -||speechdeadallow.top^$document -||leavestrongfact.top^$document -||womenletplay.top^$document -||pagewalkstill.top^$document -||villageedgerose.top^$document -||keptmatchmessage.top^$document -||badlotquiet.top^$document -||mindclotheswrong.top^$document -||learnwindowpoem.top^$document -||atsellsilent.top^$document -||backgreatoperate.top^$document -||toolofficetop.top^$document -||unittubegame.top^$document -||evidencemustrow.top^$document -||fivemindhouse.top^$document -||quotientphraseglad.top^$document -||meanpostteam.top^$document -||thosespokefloor.top^$document -||beforefewwrong.top^$document -||eventlightrace.top^$document -||childbelievejump.top^$document -||travelsignspot.top^$document -||instantaskfat.top^$document -||caseafteregg.top^$document -||soilriveroffer.top^$document -||woodtimetall.top^$document -||methodthosehot.top^$document -||securitylikequiet.top^$document -||shortwaterstraight.top^$document -||afraidshowdifficult.top^$document -||agojumpat.top^$document -||goneslavejust.top^$document -||issuemomentsolution.top^$document -||mansteadband.top^$document -||pricerulegeneral.top^$document -||teethsolutionparty.top^$document -||eggportlunch.top^$document -||townhasbaby.top^$document -||rulespeakbegin.top^$document -||figurecommonvalue.top^$document -||busysolutionare.top^$document -||tinysitsubstance.top^$document -||decidehardchief.top^$document -||youfeelclose.top^$document -||breadhuntgrass.top^$document -||lostjoinleg.top^$document -||godwetbay.buzz^$document -||wereharmwage.buzz^$document -||taskyetmuch.buzz^$document -||findeansen.buzz^$document -||sixleeplus.buzz^$document -||oversonhour.buzz^$document -||pluserapt.buzz^$document -||milfisheat.buzz^$document -||flyroomend.buzz^$document -||intoeftka.buzz^$document -||fepagelad.buzz^$document -||mealfulltend.buzz^$document -||bookmasssag.buzz^$document -||budriskmax.buzz^$document -||butplugwise.buzz^$document -||palhuhegg.buzz^$document -||sinmokeep.buzz^$document -||backwidehome.buzz^$document -||refdalsoft.buzz^$document -||heashsal.buzz^$document -||solfillcoal.buzz^$document -||tenfoursew.buzz^$document -||growenoughinstant.top^$document -||pacfinetab.buzz^$document -||owyetcap.buzz^$document -||sizedaysout.buzz^$document -||companybeatworld.top^$document ! https://github.com/AdguardTeam/AdguardFilters/issues/139667#issuecomment-1383935774 ||tapwhomjay.live^$all -||usewifesix.live^$document -||1621.tapwhomjay.live^$all -||1620.tapwhomjay.live^$all -||1619.tapwhomjay.live^$all -||1618.tapwhomjay.live^$all -||1617.tapwhomjay.live^$all -||1616.tapwhomjay.live^$all -||1513.tapwhomjay.live^$all -||1615.tapwhomjay.live^$all -||1614.tapwhomjay.live^$all -||1613.tapwhomjay.live^$all -||1612.tapwhomjay.live^$all -||1611.tapwhomjay.live^$all -||1610.tapwhomjay.live^$all -||169.tapwhomjay.live^$all -||168.tapwhomjay.live^$all -||167.tapwhomjay.live^$all -||166.tapwhomjay.live^$all -||165.tapwhomjay.live^$all -||1511.tapwhomjay.live^$all -||164.tapwhomjay.live^$all -||163.tapwhomjay.live^$all -||1519.tapwhomjay.live^$all -||162.tapwhomjay.live^$all -||1510.tapwhomjay.live^$all -||158.tapwhomjay.live^$all -||161.tapwhomjay.live^$all -||159.tapwhomjay.live^$all -||1512.tapwhomjay.live^$all -||160.tapwhomjay.live^$all -||1521.tapwhomjay.live^$all -||1520.tapwhomjay.live^$all -||1517.tapwhomjay.live^$all -||1523.tapwhomjay.live^$all -||1516.tapwhomjay.live^$all -||1514.tapwhomjay.live^$all -||1522.tapwhomjay.live^$all -||1518.tapwhomjay.live^$all -||1515.tapwhomjay.live^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/139667#issuecomment-1387103725 -||sadaasend.live^$all ! https://www.virustotal.com/gui/url/5c74d63d19b8ec82321d352749977e29795a9d074fcdacce3f1c822da28a3bba/detection ||mindkneenay.live^$document ! https://github.com/AdguardTeam/AdguardFilters/issues/139667#issuecomment-1398421015 -||hiowmas.live^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/139667#issuecomment-1399002017 -||sagahaclub.live^$all -||2021.sagahaclub.live^$all -||f9rlf.yachts^$document -||itthis.f9rlf.yachts^$all ! https://tria.ge/230120-1tlersbg8x/behavioral1 -||2022.sagahaclub.live^$all -||tecappcloud.com^$document ||totalrecaptcha.top^$all -||prizehunters.life^$document ! https://github.com/DandelionSprout/adfilt/issues/747 ! https://github.com/DandelionSprout/adfilt/commit/f055f89a51e7f9b1bcc58a0013b6207f89594ebe (all credit to DandlionSprout) @@ -12035,11 +9689,8 @@ ||adidasencostarica.com^$all ||adidasfactoryoutlet-uk.com^$all ||adidasfactoryoutletonline.com^$all -||adidasusa.us^$all ||adsoutletusa.com^$all -||adulttoyonline.shop^$all ||adulttoysale.top^$all -||adulttoyvibrators.store^$all ||airjordanshoes.store^$all ||airjordansneakers.store^$all ||alabamacollege.store^$all @@ -12053,11 +9704,9 @@ ||altrafactoryoutletonline.com^$all ||approachmall.com^$all ||arastockistsuk.com^$all -||arcterusoutlet.com^$all ||arizonacollege.store^$all ||arkansascollege.store^$all ||arkansasrazorbacks.store^$all -||arkansasrazorbacks.xyz^$all ||asiacenter.sk^$all ||asicousutlet.com^$all ||asicrunningus.com^$all @@ -12075,13 +9724,7 @@ ||atl-braves.shop^$all ||atlantabraves.store^$all ||auburncollege.store^$all -||auburntigers.online^$all ||aukarenmillenbest.net^$all -||aulacoststore.com^$all -||aunewbalan.com^$all -||backpackclearanus.com^$all -||backpacktooutlet.com^$all -||balancecheapsuk.com^$all ||balansukcheap.com^$all ||baseballhat.store^$all ||baseballjerseys.store^$all @@ -12091,7 +9734,6 @@ ||baylorbearsncaa.store^$all ||baylorcollege.store^$all ||begaborschoenensale.com^$all -||belstafactoryusa.com^$all ||bestsclothingsale.com^$all ||billabong-turkiye.com^$all ||billabong-us.com^$all @@ -12101,8 +9743,6 @@ ||billabonguruguay.com^$all ||blundstonefactoryoutletus.com^$all ||bogsoutletie.com^$all -||bomshellonline.com^$all -||bomshellweb.com^$all ||bossoutletsau.com^$all ||bosssalescheap.com^$all ||bossukcheaps.com^$all @@ -12113,8 +9753,6 @@ ||bostoncollegecollege.store^$all ||bostoncollegeeagles.store^$all ||bostonjersey.store^$all -||bostonjerseys.store^$all -||botyhitec.com^$all ||bravesjersey.store^$all ||bravesworldseries.shop^$all ||broncosnfl.store^$all @@ -12132,11 +9770,8 @@ ||canadagoosebrasil.com^$all ||cancercatch.store^$all ||carharttfactory-store.com^$all -||carharttphilippines.com^$all ||cariuma-australia.com^$all -||cariuma-nz.com^$all ||cariumafactoryoutlet.com^$all -||cariumasale.com^$all ||celticsfan.store^$all ||celticsjersey.shop^$all ||celticsjersey.store^$all @@ -12144,18 +9779,12 @@ ||chaconewzealand.com^$all ||chacooutletswebsite.com^$all ||chacosandalsaustralia.com^$all -||chacoshoesoutlet.com^$all ||chacoshoesuk.com^$all ||cheapdiesesale.com^$all -||cheapgstauk.com^$all -||cheaplacostuk.com^$all ||cheappumuk.com^$all ||cheapsclothingus.com^$all -||cheapsdieseuk.com^$all -||cheapstumiuk.com^$all ||chgaborschuhe.com^$all ||cincinnatibearcats.shop^$all -||cincinnatibengals.store^$all ||cincinnaticollege.store^$all ||cipomagyarorszag.com^$all ||cipooutlethungary.com^$all @@ -12197,13 +9826,10 @@ ||collegeauburntigers.store^$all ||collegebuckeyes.shop^$all ||collegefootballshop.top^$all -||collegegamejersey.store^$all ||collegegameshop.com^$all ||collegejayhawks.store^$all ||collegejersey.store^$all -||collegejerseys.store^$all ||collegencaa.store^$all -||collegencaajersey.store^$all ||collegepro.store^$all ||collegespartans.com^$all ||collegewolverines.store^$all @@ -12217,8 +9843,6 @@ ||columoutletusa.com^$all ||columsportsale.net^$all ||columsportsusa.com^$all -||columsportusa.com^$all -||colunsportstore.com^$all ||converse-finland.com^$all ||converse-malaysia.com^$all ||converseirelandshop.com^$all @@ -12226,7 +9850,6 @@ ||crucialcatch.online^$all ||crucialcatch.pro^$all ||crucialcatchhoodie.store^$all -||crucialcatchnfl.store^$all ||crucialcatchpro.store^$all ||crucialcatchshop.pro^$all ||crucialcatchstore.com^$all @@ -12234,9 +9857,6 @@ ||demonia--suomi.com^$all ||demonia-boots-australia.com^$all ||demonia-boots-uk.com^$all -||demoniaskorsverige.com^$all -||demoniasshoeschile.com^$all -||detroittigersfittedhat.com^$all ||diadora-schoenen.com^$all ||dieseclothingus.com^$all ||dieselsalebests.com^$all @@ -12250,18 +9870,15 @@ ||dodgershat.store^$all ||dodgersjersey.shop^$all ||dodgersjersey.store^$all -||drbootsfactoryoutlet.com^$all ||drcanadaoutletstore.com^$all ||dukebluedevils.store^$all ||dukecollege.store^$all ||ecco-canadasale.com^$all ||ecco-turkiye.com^$all -||eccoaustraliafactory.com^$all ||eccodanmarkwebbutik.com^$all ||eccofactoryoutlets.com^$all ||eccofactoryoutletus.com^$all ||eccofactoryoutletusa.com^$all -||ecconorgeskosalg.com^$all ||eccooutletukfactory.com^$all ||eccoshoesnz.com^$all ||eccoskonorge.com^$all @@ -12274,11 +9891,9 @@ ||exynet.sk^$all ||fanaticsretailer.store^$all ||fanaticsshop.net^$all -||fansedgejersey.store^$all ||fashioninmall.com^$all ||fightingirish.shop^$all ||fightingirish.store^$all -||filshoespain.com^$all ||firstcoastthings.com^$all ||fitflop-irelandstockists.com^$all ||fitflop-philippines.com^$all @@ -12328,25 +9943,17 @@ ||georgiabulldogs.shop^$all ||georgiabulldogs.store^$all ||georgiacollege.store^$all -||geox-southafrica.com^$all ||geoxaustralia.com^$all ||geoxmalaysia.com^$all -||geoxphilippines.com^$all -||geoxromania.com^$all -||geoxshoesusa.com^$all -||geoxsingapore.com^$all -||geoxturkiye.com^$all ||gheteclarksromania.com^$all ||gonzagabulldogs.store^$all ||goodr-australia.com^$all ||goodr-indonesia.com^$all ||goodrphilippines.com^$all ||goodrsingapore.com^$all -||goodrsunglassesireland.com^$all ||goodrsunglassesmalaysia.com^$all ||goodrsunglassessaleus.com^$all ||goodrsunglassesuk.com^$all -||grawjeansusa.com^$all ||groundiesshoesuk.com^$all ||gym-shark-usa.com^$all ||gymshark-canada.com^$all @@ -12358,27 +9965,20 @@ ||gymsharksaleus.com^$all ||gymsharkunitedkingdom.com^$all ||gymsharkunitedstates.com^$all -||gymsharkusonline.com^$all -||gymsharkusweb.com^$all -||gymsharkweb.com^$all -||gymxsharkonline.com^$all ||haglofsrea.com^$all ||haglofstilbud.com^$all ||haglofsturkiye.com^$all ||haglofsusastore.com^$all ||havenshungary.com^$all ||hellyhansencanadasale.com^$all -||heydudesoutlet.net^$all ||hhjacketsfactoryoutlet.com^$all ||hitecayakkabi.com^$all ||hitecchaussure.com^$all ||hitecscarpe.com^$all ||hitecschoenen.com^$all -||hitecschuhe.com^$all ||hitecskonorge.com^$all ||hitecsouthafrica.com^$all ||hockeyfightscancer.store^$all -||hockeyjerseys.store^$all ||hokairelandsales.com^$all ||hokashoesaustralia.com^$all ||hotsaleclearance.com^$all @@ -12387,8 +9987,6 @@ ||hoyoufat.store^$all ||hoyoufatjersey.store^$all ||hugobossclearanuk.net^$all -||hugobossoriginas.com^$all -||hugobosstousa.com^$all ||hushpuppies-uk.com^$all ||hushpuppiesshoesoutlet.com^$all ||illinoiscollege.store^$all @@ -12403,22 +10001,15 @@ ||jackwolfskindubai.com^$all ||japanzarclothes.com^$all ||jayhawkscollege.store^$all -||jerseyreaslusa.com^$all -||jeweloutletfn.com^$all -||jeweloutletir.com^$all ||jeweloutletshopline.com^$all ||jeweloutletshoplus.com^$all -||jewelrygiftbw.com^$all -||jewelrygiftcw.com^$all ||jewelrylimitedsr.com^$all -||jewelrytoloverus.com^$all ||jordanshoe.store^$all ||jordanshoes.store^$all ||josefseibelshoesuk.com^$all ||kamikbootsukstore.com^$all ||kankenportugal.com^$all ||kansasjayhawks.shop^$all -||kansasjayhawks.store^$all ||kansasstatecollege.store^$all ||kansasstatewildcats.store^$all ||karenmillebestus.com^$all @@ -12438,7 +10029,6 @@ ||kenscottshopify.com^$all ||kentuckywildcats.shop^$all ||kentuckywildcats.store^$all -||kizikshoescanada.ca^$all ||ksgiftshopline.com^$all ||kubasketball.shop^$all ||kurtka-hhsklep.com^$all @@ -12457,7 +10047,6 @@ ||lojashushpuppies.com^$all ||longchamp-luxembourg.com^$all ||longchamp-southafrica.com^$all -||longchampbagsireland.net^$all ||longchampbagsonsalecanada.com^$all ||longchampfactoryoutletuk.com^$all ||longchampoutletenligne.com^$all @@ -12465,37 +10054,22 @@ ||longchampparissoldes.net^$all ||longchampuaedubai.com^$all ||losangelesdodgers.store^$all -||losangelesrams.pro^$all ||louisvillecardinals.store^$all ||louisvillecollege.store^$all ||lowa-boots-uk.com^$all ||lowakangor.com^$all ||lowaoutlet-usa.com^$all -||lowaschweiz.net^$all ||lowaslovensko.com^$all ||lsucollege.store^$all ||lsutigers.store^$all -||luxuryoriginaltsale.com^$all ||mango-pakistan.com^$all -||mangoisrael.com^$all ||marmot-australia.com^$all ||marmot-schweiz.com^$all ||marylandcollege.store^$all ||marylandterrapins.store^$all -||mein-karamel.de^$all -||merrell-canadaclearance.com^$all ||merrell-outletfactory.com^$all ||merrell-sg.com^$all ||merrell-shoesphilippines.com^$all -||merrell-skodanmark.com^$all -||merrell-south-africa.com^$all -||merrell-uruguay.com^$all -||merrellcanadaoutlets.com^$all -||merrellcolombia-co.com^$all -||merrellcostarica.com^$all -||merrelldanmark.com^$all -||merrellshoes-nz.com^$all -||merrellshoesoutlets.com^$all ||miamicollege.store^$all ||michigancollege.store^$all ||michiganstatecollege.store^$all @@ -12504,85 +10078,39 @@ ||minnesotagoldengophers.store^$all ||mississippistatebulldogs.store^$all ||mississippistatecollege.store^$all -||miumiuoutletitalia.com^$all -||miumiuportugal.com^$all -||miumiuschweiz.com^$all -||miumiuuae.com^$all ||mixedmalls.com^$all ||mizunooutletuk.com^$all -||mlball-star.store^$all ||mlballstar.net^$all -||mlballstar.store^$all -||mlballstargame.store^$all -||mlballstarjersey.store^$all ||mlballstarshop.com^$all ||mlbastros.store^$all ||mlbastrosjersey.store^$all ||mlbbaseballhat.store^$all ||mlbbraves.pro^$all ||mlbcap.net^$all -||mlbcap.online^$all -||mlbcapfan.store^$all -||mlbcapsale.store^$all ||mlbcapshop.com^$all -||mlbcapssale.store^$all ||mlbcityconnect.sale^$all ||mlbcityconnect.store^$all -||mlbfancap.store^$all -||mlbfancaps.store^$all -||mlbfanhats.store^$all -||mlbfanshat.store^$all ||mlbfansjersey.store^$all ||mlbfanstore.com^$all -||mlbfitted.store^$all -||mlbfittedcap.store^$all -||mlbfittedhats.store^$all ||mlbhat.sale^$all ||mlbhat.store^$all ||mlbhat.top^$all -||mlbhatbaseball.store^$all -||mlbhatfan.store^$all -||mlbhatpro.store^$all -||mlbhats.net^$all -||mlbhats.online^$all ||mlbhats.sale^$all -||mlbhatsale.store^$all -||mlbhatshop.store^$all ||mlbjersey.store^$all -||mlbjerseyfan.store^$all ||mlbjerseys.online^$all ||mlbjerseysale.shop^$all -||mlbjerseysfan.store^$all ||mlbjerseyshop.net^$all ||mlbprobraves.store^$all ||mlbprojersey.com^$all ||mlbraves.store^$all -||mlbshop.store^$all -||mlbstore.store^$all ||monitormalls.com^$all -||msucollege.store^$all ||nba75.store^$all ||nba75jerseys.store^$all -||nbaallstar.store^$all ||nbaallstarfan.store^$all -||nbafanjersey.store^$all ||nbafanjerseys.com^$all -||nbafanjerseys.online^$all -||nbafanjerseys.store^$all -||nbafanpro.store^$all -||nbafans.online^$all -||nbafans.store^$all ||nbafansjersey.com^$all -||nbafansjerseys.store^$all ||nbajerseycheap.com^$all -||nbajerseyonline.store^$all ||nbajerseys.top^$all -||nbajerseysale.store^$all -||nbajerseysfan.store^$all -||nbajerseyshop.com^$all -||nbaonline.store^$all -||nbaprojersey.store^$all -||nbasale.store^$all ||nboutletphilippines.com^$all ||ncaaalabama.store^$all ||ncaaarizona.store^$all @@ -12594,25 +10122,19 @@ ||ncaabluedevils.store^$all ||ncaabruins.store^$all ||ncaabuckeyes.store^$all -||ncaacincinnati.store^$all ||ncaaclemsontigers.store^$all ||ncaacollege.store^$all ||ncaacollegejersey.store^$all -||ncaacollegejerseys.store^$all ||ncaacougars.store^$all ||ncaacrimsontide.store^$all ||ncaadiablesbleus.store^$all ||ncaaducks.store^$all ||ncaaduke.store^$all ||ncaadukebluedevils.store^$all -||ncaafanjersey.store^$all -||ncaafanjerseys.store^$all ||ncaafanshop.com^$all ||ncaafightingirish.store^$all ||ncaafightingtigers.store^$all -||ncaafootball.store^$all ||ncaafootballjersey.store^$all -||ncaagamejersey.store^$all ||ncaageorgia.store^$all ||ncaageorgiabulldogs.store^$all ||ncaahoustoncougars.store^$all @@ -12628,7 +10150,6 @@ ||ncaajerseypro.store^$all ||ncaajerseys.store^$all ||ncaajerseysstore.com^$all -||ncaakansasjayhawks.store^$all ||ncaakentuckywildcats.store^$all ||ncaalonghorns.store^$all ||ncaalsu.store^$all @@ -12656,9 +10177,6 @@ ||ncaazags.store^$all ||nebraskacollege.store^$all ||nebraskacornhuskers.store^$all -||nederlandvejasneakers.com^$all -||newbalanusoutlet.com^$all -||newbalausaoutlet.com^$all ||newyorksport.store^$all ||nfl49ers.store^$all ||nflbengals.store^$all @@ -12672,30 +10190,22 @@ ||nflcrucialcatch.top^$all ||nflcrucialcatchshop.com^$all ||nfldraft.shop^$all -||nfldraft.store^$all -||nfldraftcap.store^$all ||nfldrafthat.store^$all ||nfldraftshop.com^$all ||nfleagles.store^$all -||nflfansjersey.store^$all ||nflgamejersey.store^$all ||nflgamelimited.store^$all ||nflhelmet.store^$all ||nfljersey.fans^$all ||nfljersey.pro^$all -||nfljersey.sale^$all -||nfljersey.top^$all ||nfljerseysale.shop^$all -||nfljerseyssale.store^$all ||nflnikeshoes.com^$all ||nflnikeshoes.store^$all ||nflpackers.store^$all -||nflsale.store^$all ||nflsaleshop.com^$all ||nflsalutetoservice.com^$all ||nflsalutetoservice.store^$all ||nflservice.store^$all -||nflservicejersey.store^$all ||nflshoe.store^$all ||nflshoes.pro^$all ||nflshoes.shop^$all @@ -12703,7 +10213,6 @@ ||nflshoesale.store^$all ||nflshopfan.com^$all ||nflsocks.com^$all -||nflsportjersey.store^$all ||nflstaple.store^$all ||nflstapleshop.top^$all ||nflstorefan.com^$all @@ -12721,14 +10230,12 @@ ||nhlfightscancer.store^$all ||nhlhockey.store^$all ||nhlhockeyjersey.store^$all -||nhlhockeyjerseys.store^$all ||nhljersey.sale^$all ||nhljersey.site^$all ||nhljersey.store^$all ||nhljersey.top^$all ||nhljerseyfan.store^$all ||nhljerseypro.store^$all -||nhljerseys.online^$all ||nhljerseys.sale^$all ||nhljerseysale.shop^$all ||nhljerseysfan.store^$all @@ -12754,7 +10261,6 @@ ||northcarolinatarheels.shop^$all ||northcarolinatarheels.store^$all ||northfaceoutletstoreus.com^$all -||northfaclearan.com^$all ||notredamecollege.store^$all ||notredamefightingirish.store^$all ||off-whitecanada.com^$all @@ -12767,7 +10273,6 @@ ||off-whitemalaysia.com^$all ||off-whitemexico.com^$all ||off-whitenetherlands.com^$all -||off-whitenorge.com^$all ||off-whiteromania.com^$all ||off-whiteschweiz.com^$all ||off-whitesuomi.com^$all @@ -12786,14 +10291,12 @@ ||onlinestoresshops.com^$all ||onlinevipshplus.com^$all ||oofos-ireland.com^$all -||oofos-nederland.org^$all ||oofosnorgeoutlet.com^$all ||oofosoutletcanada.com^$all ||oofosoutletmalaysia.com^$all ||oofosoutletonline.com^$all ||oofosshoeaustralia.com^$all ||oofosskorsveriges.com^$all -||oofosukstockists.com^$all ||operationmalls.com^$all ||oregoncollege.store^$all ||oregonducks.shop^$all @@ -12805,7 +10308,6 @@ ||outletjewelshoplzza.com^$all ||outletjewelsvip.com^$all ||outletmerrellargentina.com^$all -||outletuasverige.com^$all ||outletuksorel.com^$all ||outletvipshoplus.com^$all ||outletvipshopy.com^$all @@ -12817,13 +10319,10 @@ ||philadelphiaeagles.store^$all ||piercemalls.com^$all ||pittpanthers.shop^$all -||pittpanthers.store^$all ||pittsburghsteelersshop.com^$all ||planmalls.com^$all ||proficientmalls.com^$all ||psychobunnycolombia.com^$all -||psychobunnymexico.com^$all -||psychobunnyshop.com^$all ||puma-greece.com^$all ||puma-norge.co.no^$all ||puma-uy.com^$all @@ -12834,7 +10333,6 @@ ||pumaoutletonlineportugal.com^$all ||pumaturkish.com^$all ||pumauruguay.com^$all -||pumavsoutlet.com^$all ||pumoutletusa.com^$all ||pumsaleusa.com^$all ||pumusoutlet.com^$all @@ -12853,7 +10351,6 @@ ||rebecamalls.com^$all ||reclassicsg.org^$all ||redwingbootsoutlets.com^$all -||redwingshoesuae.com^$all ||reebok-chile.com^$all ||reebok-romania.com^$all ||reebokblackfridayoffers.com^$all @@ -12888,7 +10385,6 @@ ||salomonoutletstoresusa.com^$all ||salomonshoesoutletusa.com^$all ||salomonxapro3d.com^$all -||samsoluggagesale.com^$all ||samsonclearanus.com^$all ||samsondiscountus.com^$all ||sandalitevaofferta.com^$all @@ -12897,18 +10393,15 @@ ||sapatilhasallstarbaratas.com^$all ||sapatosclarkportugal.com^$all ||saucony-australia.com^$all -||saucony-factory-outlet.com^$all ||sauconyfactoryoutletsuk.com^$all ||sauconyfactoryoutletuk.com^$all ||sauconyjazzturkey.com^$all ||sauconyoutletaustralia.com^$all ||sauconyoutletuk.com^$all -||seattlekraken.pro^$all ||seattlekraken.sale^$all ||sebagoshoesdubai.com^$all ||shoesnike.store^$all ||shopmksus.com^$all -||shopsluggageus.com^$all ||shopsmithsus.com^$all ||silentmalls.com^$all ||skecheausale.com^$all @@ -12916,19 +10409,13 @@ ||skechers-israel.com^$all ||skechers-tenisice.com^$all ||skechersarchfitromania.com^$all -||skecherscanadastore.com^$all ||skechersfactorysoutlet.com^$all ||skechersgolfshoesusa.com^$all ||skechersoutletpraha.cz^$all -||skechersskosalg-norge.com^$all ||skecherstrainers-uk.com^$all -||skechersuk-outlet.com^$all ||skecherusaclearan.com^$all ||skecheukclearan.com^$all ||skecheusoutlet.com^$all -||skechstoreusa.com^$all -||skechusshop.com^$all -||slipperscrocph.com^$all ||slovenskokanken.com^$all ||sneakersnike.store^$all ||sorelfactoryoutlet.com^$all @@ -12946,7 +10433,6 @@ ||stanfordcardinal.store^$all ||stanfordcollege.store^$all ||storeskechesale.com^$all -||strictlymall.com^$all ||suicokeshoessale.com^$all ||suicokeuk.com^$all ||superbowllvi.shop^$all @@ -12958,8 +10444,6 @@ ||swarovskioutletuk.com^$all ||swarovskiphilippines.com^$all ||swarovskisaleoutlet.com^$all -||swarovskiuae.com^$all -||swarovskiusa.com^$all ||tamarisfactoryoutlet.com^$all ||tamarisgreece.com^$all ||tamarisgreecer.com^$all @@ -12975,7 +10459,6 @@ ||tevafactoryoutletuk.com^$all ||tevagreece.com^$all ||tevaromaniasandale.com^$all -||tevasandalsisrael.com^$all ||tevaturkey.com^$all ||texasamaggies.store^$all ||texasamcollege.store^$all @@ -12996,63 +10479,35 @@ ||tombradystore.com^$all ||tommyhilfigerperth.com^$all ||tomssingaporesale.com^$all -||trendyjewelryev.com^$all ||tumibeststores.com^$all ||tumicheapuk.com^$all -||tumiclearancefr.com^$all -||tumiclearanus.com^$all ||tumioutletclearan.com^$all -||tumusaclearan.com^$all ||tumusaoutlet.com^$all ||ua-australia.com^$all ||ua-canada.com^$all ||ua-chile.com^$all ||ua-greece.com^$all -||ua-malaysia.com^$all -||uasaleuk.com^$all ||ukclarkcheap.com^$all ||ukclarkoutlets.com^$all ||ukcollege.store^$all ||ukkarenmillencheap.com^$all ||uklacostsale.com^$all ||ukskechecheap.com^$all -||unc.sale^$all ||uncbasketball.store^$all ||uncjersey.shop^$all ||uncjersey.store^$all ||unctarheels.shop^$all ||unctarheels.store^$all -||under-armour-argentina.com^$all -||under-armour-ecuador.com^$all -||under-armour-india.com^$all -||under-armour-norge.com^$all -||underarmour-argentina.com^$all -||underarmour-belgium.com^$all -||underarmour-brasil.com^$all -||underarmour-canada.com^$all -||underarmour-colombia.com^$all -||underarmour-costarica.com^$all ||underarmour-costerica.com^$all -||underarmour-espana.com^$all ||underarmour-israel.com^$all ||underarmour-italia.com^$all ||underarmour-nl.com^$all ||underarmour-nz.com^$all -||underarmour-outletuk.com^$all ||underarmour-saudiarabia.com^$all -||underarmour-sg.com^$all -||underarmour-southafrica.com^$all -||underarmour-uae.com^$all -||underarmour-us.com^$all -||underarmourdanmarkdk.com^$all ||underarmourhungary.com^$all -||underarmourirelandoutlet.com^$all -||underarmourjp.com^$all ||underarmourosterreich.com^$all ||underarmouroutlet-usa.com^$all ||underarmouroutletromania.com^$all -||underarmouroutletus.com^$all -||underarmourph.com^$all ||underarmourromania-ro.com^$all ||underarmourshortsuk.com^$all ||undergroundmalls.com^$all @@ -13064,24 +10519,19 @@ ||utahcollege.store^$all ||utahutes.shop^$all ||utahutes.store^$all -||utahutes.xyz^$all ||veja-froutlet.com^$all ||vejafactoryoutletusa.com^$all ||vejajapanstore.com^$all -||vejanlsneakers.com^$all ||vejaoslo.com^$all ||vejaosterreich.com^$all ||vejaromaniaoutlet.com^$all ||vejasale-ireland.com^$all -||vejaschoenen-be.com^$all ||vejasneakers-schweiz.com^$all ||vejasuomiale.com^$all ||vejatenisice-hr.com^$all ||vibramfive-fingers.cz^$all ||vibramsk.com^$all -||viipackmall.com^$all ||vionicshoes-southafrica.com^$all -||vionicshoesca.com^$all ||vionicshoessingapore.com^$all ||vionicshoesuksale.com^$all ||vipgiftshopline.com^$all @@ -13090,7 +10540,6 @@ ||vippgiftsonline.com^$all ||virginiatechcollege.store^$all ||virginiatechhokies.store^$all -||vivianhansen.ca^$all ||vlone-uk.com^$all ||wakeforestcollege.store^$all ||wakeforestdemondeacons.store^$all @@ -13117,72 +10566,43 @@ ||baconaces.pro^$all ||twgfw.eredhadbeen.xyz^$all ||eredhadbeen.xyz^$all -||vjwh2.xyz^$all ||nugans.live^$all ||chrome.google.com/webstore/detail/cats-fanpage/nkhleengjihjncmbkldpfmoankdkhahg^$document ! NSFW: https://app.any.run/tasks/10647999-b75b-42bd-ae49-c7d596f3c797 ||kdakm.eredhadbeen.xyz^$all ||qualitydating.top^$all -||vipdating-now.life^$all ||a.curedating.top^$all ||curedating.top^$all ! https://www.virustotal.com/gui/ip-address/5.181.203.4/relations ||finestdating.top^$document -||bingo-dating.top^$document -||i.bingo-dating.top^$document -||f.bingo-dating.top^$document -||e.bingo-dating.top^$document ||goodating.top^$document -||datingsweet.top^$document ||datingpoint.top^$document ||cutiesdating.top^$document ||vipdatingtime.top^$document -||power-dating.top^$document ! https://www.virustotal.com/gui/ip-address/195.201.253.131/relations ||sensualflirts.life^$document ||yourbestpartner.life^$document ||thebestdate.life^$document ||besttightflirts.life^$document -||datinghall.life^$document -||sensualflirt.life^$document ||timetopdatings.life^$document ||realhotmeets.life^$document ||dateflirt.life^$document ||originalspartner.life^$document ||loveclick.life^$document ||goyummdating.life^$document -||dating-entice.life^$document ||bestdatingsforyou.life^$document -||soulmate-search.life^$document ||findsoulmate.life^$document -||bestcasualdate.life^$document -||find-partner.life^$document -||dating-steps.com^$document ||instinctdating.life^$document -||datingsspace.life^$document -||bestprizes.life^$document -||take-best-bonuses.life^$document -||romancedream.life^$document ||charmingdating.life^$document -||meetpartner.life^$document ||datingarea.life^$document -||excitingdates.life^$document ||delightdatings.life^$document ||delightflirt.life^$document ||delightdating.life^$document -||cooldates.life^$document ||bestflirtzone.life^$document -||dating-better.life^$document ||getsexy.life^$document -||lovers-finder.life^$document ||lover-finder.life^$document ||findsexy.life^$document -||super-datings.life^$document -||magic-dating.life^$document -||datings-club.life^$document -||datingsclub.life^$document -||magic-datings.life^$document ! (copied from DandelionSprout's list): https://github.com/DandelionSprout/adfilt/issues/748 ||adidas-budapest.com^$all @@ -13214,7 +10634,6 @@ ||argentina-adidas.com^$all ||asicsayakkabitr.com^$all ||asicscipohungary.com^$all -||asicsfactoryshop.com^$all ||asicsnederland.com^$all ||asicswinkelnederland.com^$all ||billabongfactoryoutlet.ca^$all @@ -13228,7 +10647,6 @@ ||botaswolverine.com.mx^$all ||brooksshoesstore.us^$all ||bundyslovakia.com^$all -||butyasicspolska.com^$all ||butywolverlne.com^$all ||canada-nike.com^$all ||cariuma-france.fr^$all @@ -13237,7 +10655,6 @@ ||cariumashoessingapore.com^$all ||chaussurenobull.com^$all ||chaussuresnobull.com^$all -||conversecanadafactory.ca^$all ||conversesingaporeoutlets.com^$all ||danskonederland.com^$all ||danskosaldi.it^$all @@ -13250,7 +10667,6 @@ ||docmartens-canada.com^$all ||docsmartensslovensko.sk^$all ||docsmartensthailand.com^$all -||doctormartenchile.com^$all ||doctormartensmadrid.com^$all ||doctormartensnederland.com^$all ||doctormartensromanla.com^$all @@ -13269,7 +10685,6 @@ ||gymshark-hrvatska.com^$all ||gymsharkjp.com^$all ||gymsharks-hrvatska.com^$all -||hellyhansenjackarea.com.se^$all ||heydudeshoessaleuk.com^$all ||hhworkwearcanada.com^$all ||hoka-canada.ca^$all @@ -13288,16 +10703,13 @@ ||ludan102.com^$all ||lululemonbarcelona.es^$all ||martenslovensko.com^$all -||martensosterrelch.com^$all ||martensslovensko.sk^$all ||martensxhrvatska.com^$all ||martensywarszawa.com^$all -||martenszurlch.com^$all ||martenywarszawa.com^$all ||merrell-canada-clearance.com^$all ||merrellbutysklepy.pl^$all ||merrellportugalshop.com^$all -||miumiuaustria.at^$all ||mizuno-italia.com^$all ||mizuno-mexico.com.mx^$all ||mizuno-peru.com^$all @@ -13308,7 +10720,6 @@ ||mizunofootballbootsuk.com^$all ||mizunoshoescanada.ca^$all ||mizunosshoesindia.com^$all -||mizunovolleybalschoenen.com^$all ||nb-uae.com^$all ||nbalancechile.com^$all ||nike-factoryoutletstore.com^$all @@ -13317,14 +10728,11 @@ ||nobullproiectcanada.com^$all ||nobullswitzeriand.com^$all ||nobulltrainerphilippines.com^$all -||nobulltrainersmalaysia.com^$all ||nobulltrainersslngapore.com^$all ||nobullxespana.com^$all ||nobvllshoesuk.com^$all ||norge-adidas.com^$all ||northfaceindiastore.com^$all -||northfacelndianstore.com^$all -||northfacelndlastore.com^$all ||northfaceoutletargentina.com^$all ||northfacexhungary.com^$all ||northfacezurich.com^$all @@ -13333,11 +10741,9 @@ ||osterreich-adidas.com^$all ||peru-adidas.com^$all ||portugal-adidas.com^$all -||psychobunnyclothing.com^$all ||psychobunnypolo.com^$all ||psychobunnytshirt.com^$all ||puma-turkey.com.tr^$all -||pumacolombiaoutlet.com.co^$all ||romaniagymshark.com^$all ||salomon-retailers.com^$all ||salomonchileoutlet.com^$all @@ -13345,7 +10751,6 @@ ||salomonfactoryoutletza.com^$all ||salomonshoesonline.us^$all ||salomonshop.ca^$all -||salomonsingaporesale.com^$all ||salomonskioutletshop.com^$all ||salomonspeedcrossusa.com^$all ||salomonspikecrosscanada.com^$all @@ -13373,18 +10778,14 @@ ||sorelbootsoutlet.com^$all ||sperryonsale.com^$all ||sperryoutletfactory.com^$all -||sperrysaleblackfriday.com^$all ||suomi-adidas.com^$all ||tevadanmarkshop.com^$all -||tevaitaliasaldi.com^$all ||tevamalaysias.com^$all ||tevamalaysiashop.com^$all ||tevanorgeshop.com^$all -||thenorthfacebogota.com^$all ||thenorthfacenzsale.com^$all ||thenorthfacexromania.com^$all ||thursdayboothungary.com^$all -||thursdaybootireland.com^$all ||thursdayboots-ro.com^$all ||thursdaybootschweiz.com^$all ||thursdaybootsdenmark.com^$all @@ -13393,20 +10794,16 @@ ||thursdaybootsgreek.com^$all ||thursdaybootsmalaysla.com^$all ||thursdaybootsnorway.com^$all -||thursdaybootspoland.com^$all ||thursdaybootsportugals.com^$all ||thursdaybootsrea.com^$all ||thursdaybootsturkey.com^$all ||thursdayshoesnz.com^$all ||tiendaasicsmexico.com^$all -||tiendanorthfaceespana.com^$all ||tiendasadidaschile.com^$all ||tiendaskecherchile.com^$all ||tiendasnorthfacemexico.com^$all ||tnfsoldes.com^$all ||uptsejacketsale.com^$all -||vivoshoes-canada.com^$all -||wanderingnobody.com^$all ||wolverineayakkabi.com^$all ||wolverineboty.cz^$all ||wolverinechaussure.fr^$all @@ -13436,19 +10833,15 @@ ||hokasnorgeno.com^$all ||adidasbratislava.sk^$all ||airsuomi.com^$all -||asicstopanky-sk.com^$all -||asicstopanky.sk^$all ||asicswebshopshu.com^$all ||brooksrunnersireland.com^$all ||brooksrunningindia.co.in^$all ||chaussurestoms.fr^$all -||cheapasicsca.com^$all ||clarks-romania.com^$all ||clarksshop-hu.com^$all ||clarkswyprzedaz.com^$all ||columbiaindiasale.com^$all ||columbianzoutlet.com^$all -||conversevypredaj.sk^$all ||crocsacheter.fr^$all ||deeruptrunner.me^$all ||desertbootshop.com^$all @@ -13456,7 +10849,6 @@ ||eobuvecco.sk^$all ||falconportugalshop.me^$all ||fitflopsalenederland.com^$all -||footwearinnz.com^$all ||footwearnl.com^$all ||footwearsalesg.com^$all ||hunter-danmark.com^$all @@ -13464,7 +10856,6 @@ ||hurricane-outlet.co^$all ||keenscarpeitalia.it^$all ||keentürkiye.com^$all -||magazincrocsromania.com^$all ||mammutsverige.com.se^$all ||mammutuksale.com^$all ||newvanshoes.co.in^$all @@ -13476,7 +10867,6 @@ ||rb-greece.com^$all ||rbingreece.com^$all ||rbshopgreece.com^$all -||rbslovensko.sk^$all ||ropapuma.com^$all ||runninginshop.com^$all ||salomonbutikdanmark.com^$all @@ -13485,7 +10875,6 @@ ||shoesstoregreece.com^$all ||sportsonlineuk.com^$all ||sportwebaruhaz.com^$all -||tiendacrocsonline.com^$all ||tiendadiadoramexico.com^$all ||tomosterreich.com^$all ||toms-budapest.com^$all @@ -13499,12 +10888,9 @@ ||vanssnorge.com^$all ||alo-yoga-turkey.com^$all ||aloyoga-chile.com^$all -||aloyoga-italia.it^$all -||aloyoga-schweiz.com^$all ||aloyogaespana.es^$all ||aloyogairelandstore.com^$all ||aloyogaturkey.com.tr^$all -||asics.com.se^$all ||asicsisverige.com^$all ||asolobootsireland.com^$all ||asolocolombia.com^$all @@ -13545,7 +10931,6 @@ ||hoka-polska.pl^$all ||hoka-spain.es^$all ||hokabaratas.com^$all -||hokaenchile.com^$all ||hokaencolombia.com^$all ||hokagermany.de^$all ||hokaitaliaoutlet.it^$all @@ -13562,7 +10947,6 @@ ||hunter-colombia.com.co^$all ||hunter-costarica.com^$all ||hunter-cz.com^$all -||hunter-greece.com.gr^$all ||hunter-greece.gr^$all ||hunter-jp.com^$all ||hunter-osterreich.at^$all @@ -13588,11 +10972,9 @@ ||hunterbootssouthafrica.co.za^$all ||huntercr.com^$all ||hunterfrankfurt.com^$all -||huntergreece.com.gr^$all ||hunterhelsinki.com^$all ||hunterhrhrvatska.com^$all ||hunterhrvatskahr.com^$all -||hunterisverige.com.se^$all ||hunteritaliaoutlet.com^$all ||hunterjapanjp.com^$all ||hunterkalosze-pl.com^$all @@ -13761,7 +11143,6 @@ ||quiksilversalesouthafrica.co.za^$all ||quiksilversingapore.com^$all ||quiksilversklep.com^$all -||quiksilversoldes.fr^$all ||quiksilversouthafrica.com^$all ||quiksilversuomi.com^$all ||quiksilversverige.com^$all @@ -13770,7 +11151,6 @@ ||quiksilverwinkel.com^$all ||salomocolombia.com^$all ||salomon-danmark.net^$all -||salomon-greece.com.gr^$all ||salomon-pt.com^$all ||salomon-spain.es^$all ||salomonencolombia.com^$all @@ -13822,13 +11202,11 @@ ||bootsonlineindia.com^$all ||botteshunterfrance.fr^$all ||cizmeshopromania.com^$all -||demoniabotturkiye.com^$all ||demoniasjapan.com^$all ||dieseljeancolombia.com^$all ||dieseljeanscolombia.com^$all ||drmarswebshop.com^$all ||enucuzsuperdry.com^$all -||gorrabogota.com^$all ||gummistiefelhunter.de^$all ||gummistøvlerhunter.com^$all ||hokalopesko.com^$all @@ -13838,7 +11216,6 @@ ||huntegummistiefelsale.com^$all ||hunteranbootsindia.com^$all ||hunterbootcanada.com^$all -||hunterbootsgreek.com^$all ||hunterholinky.com^$all ||hunterirelandonline.com^$all ||hunterlaarzenbelgle.com^$all @@ -13848,12 +11225,10 @@ ||hunterstovlersalg.com^$all ||hunterwelliesirelandsale.com^$all ||lacostemagyarorszag.com^$all -||lacostesgoutlet.com^$all ||marbotysleva.cz^$all ||martenbratislava.sk^$all ||martengreece.com^$all ||martenportugal.com^$all -||martensbotturkiye.com^$all ||martensbotysleva.cz^$all ||martenshelsinki.net^$all ||martenshrvatska.co^$all @@ -13884,18 +11259,14 @@ ||salonomaustria.com^$all ||salonomireland.com^$all ||salonomitalia.com^$all -||salonomoslo.com^$all -||salonompolska.com^$all ||salonomportugal.com^$all ||salonomslovensko.com^$all ||salononfranceonline.com^$all ||salononsverige.com^$all -||sporthatscanada.com^$all ||stivalihuntersaldi.com^$all ||superdryfactorysg.com^$all ||tenishokaoneone.com^$all ||tevasandalehrvatska.com^$all -||tiendadieselchile.com^$all ||vans-finland.com^$all ||martensbratislava.sk^$all ||zapatillasmcqueen.com^$all @@ -13905,11 +11276,6 @@ ||f.estivaltodayz.com^$document ||hollandcash.nl^$all ||exit.hollandcash.nl^$all -||premium.cyou^$all -||yt.premium.cyou^$all -||broadmaster.top^$all -||fly.broadmaster.top^$all -||trk.lnkshr.cyou^$document ||clean-blocker.com^$all ||chrome.google.com/webstore/detail/cleanblocker/obhoainpkkkkjeegnbaobapedpfdhbdl^$all @@ -13920,9 +11286,6 @@ ||vipdatingtoday.top^$all ||mo4ckid.click^$all ||xxxnewvideos.com^$all -||secureinternetpanel.com^$document -||us.secureinternetpanel.com^$all -||bostewsom.shop^$all ||iseult-aplite.xyz^$all ||img.pushflow.net/creatives/11/5645/1649754393755-push-preview-img.png^$all ||theantivirusprotection.xyz^$all @@ -13948,12 +11311,9 @@ ||www.carltus.click^$all ||renhadmasandbab.info^$document ||bestadultdatinglist-com.ru^$document -||www.xtracker.top^$all -||xtracker.top^$all ||findflirtpartner6.euroshoptrendingclub.ru^$document ||h.curedating.top^$all ||martoysure.live^$all -||2818.martoysure.live^$all ||goodgollygold.com^$document ! https://www.virustotal.com/gui/domain/beastws.com @@ -14002,12 +11362,9 @@ ! https://app.any.run/tasks/e90c2a06-036f-4fff-a36f-dffd0d4048ab ||doxspb.adajobs.de^$all ||giftaward.life^$all -||witcotwait.live^$all -||512.witcotwait.live^$all ! https://github.com/badmojr/1Hosts/issues/1098 ||elon23.page.link^$all -||teslaev.d1v854kgghhsze.amplifyapp.com^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/142492 --> https://github.com/uBlockOrigin/uAssets/commit/fca5436e3e823d73541721867f42dd0712da54a0 ||apkmirror.co^$all @@ -14026,7 +11383,6 @@ ||yandex.co^$document ! https://scammer.info/t/pop-up-888-804-8031/121011 -||67rd5b.ml^$all ! a test system ||paleks.live^$all @@ -14070,26 +11426,19 @@ ||nirvezal.com^$all ! https://www.virustotal.com/gui/url/09440e588a0f6992de1f2b85b05eb915e3fbca4f201e151038802bdd790da2cc/community -||tesla-make.com^$all ! https://www.virustotal.com/gui/url/9100833bcdcbcf5b8c2f3b56fe9b77d02f3a574b93a736e0d73e0c83a1cbf983/community -||2023spacexevent.com^$all ! https://www.virustotal.com/gui/url/413da77a326371e24a4c334e749a54928b43ee6bcd27165167940456b9c14f52/community ||eg-ame.com^$all ! https://forums.malwarebytes.com/topic/295588-support-scam-supportclientexe-and-screenconnectwindowsclientexe/ (account required) ! https://forums.malwarebytes.com/topic/295605-techsupport-scam/ (account required) -||123secure.org^$all -||sup2.10239.org^$all ! https://github.com/AdguardTeam/AdguardFilters/issues/144514 -||attractbestbonuses.life^$all ||attractbonus.life^$all ||best-prize.life^$all ||bestbigbonus.life^$all -||big-win.life^$all -||bonuses-gains.life^$all ||bonusgift.life^$all ||bonusreward.life^$all ||bonusscore.life^$all @@ -14097,7 +11446,6 @@ ||giftjackpot.life^$all ||greatbonushere.life^$all ||greatprizes.life^$all -||hugewins.life^$all ||jackpotscore.life^$all ||jackpotwinning.life^$all ||keep-rewards.life^$all @@ -14110,7 +11458,6 @@ ||prizehere.life^$all ||prizerush.life^$all ||prizesenses.life^$all -||prizespace.life^$all ||prizesure.life^$all ||realgift.life^$all ||rewardgains.life^$all @@ -14118,7 +11465,6 @@ ||simpleprize.life^$all ||simplewin.life^$all ||taketheprizes.life^$all -||thebestprizes.life^$all ||topbonusgain.life^$all ||win-bonus.life^$all ||win-prize-now.life^$all @@ -14133,23 +11479,18 @@ ||winprizehere.life^$all ||winpulse.life^$all ||winregistry.life^$all -||winserv.life^$all ||winsimply.life^$all ||wintarget.life^$all -||wintouch.life^$all -||winxlbonus.life^$all ||185.155.184.98^$document ! https://www.virustotal.com/gui/url/f81cf3b28a018e74571e9287064f335fde30be757b822b1014ab24480dfcd9ad/community ! (my analysis) https://app.any.run/tasks/d7861c5a-d032-4529-98fe-42e99e077a34 -||luckyydayzz-offfersss-forrryouuu.co.in^$all ! https://github.com/uBlockOrigin/uAssets/issues/17075 ! my analysis: https://app.any.run/tasks/ed301c03-1105-47e5-88d1-66fded6a0a9b ||myspecialdates.com^$document ! https://github.com/AdguardTeam/AdguardFilters/issues/144823 -||landings.cbdswef.com^$document ! https://www.reddit.com/r/uBlockOrigin/comments/11s92xa/badware_risks_page_request_malware/ ||s3.amazonaws.com/extpro/speed4.html$all @@ -14163,17 +11504,13 @@ ! elon musk crypto scam on hacked YouTube channels ! https://app.any.run/tasks/2963db56-bd87-4b82-8b24-97e6e68aef66/ ||x2-promo.net^$all -||futuretesla.net^$all ! https://tria.ge/230318-twrw1ach63/behavioral1 ||teslasend.io^$all ! https://app.any.run/tasks/4a2f1865-80be-4726-8d03-59687de38e65/ -||teslaprice.io^$all ! https://app.any.run/tasks/b8a7501d-77e5-47dc-879b-eb43625728db -||teslaether.net^$all ! https://forums.malwarebytes.com/topic/296022-comment-spam-from-my-site/ (account required) ! (my analysis) NSFW https://app.any.run/tasks/cd2d1278-ad10-4c38-8f49-fa34fa675820 -||best-datepop.life^$all ||f.vipcooldating.top^$all ||vipcooldating.top^$all ||i.vipcooldating.top^$all @@ -14197,20 +11534,13 @@ ||cdn.locked3.com^$document ! https://github.com/durablenapkin/scamblocklist/issues/15 -||collectivebux.com^$document -||boostrobux.com^$document -||robuxmenu.vip^$document ||thuthuatxiaomi.com^$document ||petsimulator.live^$document -||robuxclaims.live^$document -||robuxreward.live^$document -||claimsrobux.live^$document ||rewardsgiantca.com^$document ||earnpets.com^$document ! https://github.com/durablenapkin/scamblocklist/issues/14 ! (my analysis) https://tria.ge/230404-27rdlsce3y/behavioral1 -||tsla-stock.com^$all ! https://0xacab.org/my-privacy-dns/matrix/-/issues/90853 ! (my analysis) https://app.any.run/tasks/029760ea-9972-4c3a-8a7e-cca3d7777c0f @@ -14225,13 +11555,6 @@ ||warehousesale.shop^$document ! https://github.com/durablenapkin/scamblocklist/issues/17 -||spacexprize.com^$all -||musk-event.pro^$all -||telsadouble.live^$all -||getmsx2.com^$all -||brad-finance.net^$all -||xrpfinance-promo.org^$all -||xrpdouble-official.net^$all ! https://app.any.run/tasks/3137c861-185d-4037-84e9-65cc0adeba15 ||bgqcb.econsultingcoem.com^$all @@ -16129,7 +13452,6 @@ ||keted.live^$document ||rolels.live^$document ||roseks.live^$document -||pakons.live^$document ||roweks.live^$document ||rofels.live^$document ||roceks.live^$document @@ -16610,10 +13932,8 @@ ||perceive81.molotiras.ru^$document ||judgement71.nightmit.ru^$document ||73descendant.erinaceuso.ru^$document -||akpar.ru^$document ||debts71.semashi.ru^$document ||mewed.ulitron.ru^$document -||poloniumo.ru^$document ||alley.sorting88.cavalierso.ru^$document ! https://github.com/durablenapkin/scamblocklist/issues/18 @@ -16627,45 +13947,27 @@ ||www.webstore.getsecuredsetup.com^$document ! https://github.com/durablenapkin/scamblocklist/issues/24 -||gpt-open23.com^$all -||tslaeth.live^$all ! https://github.com/durablenapkin/scamblocklist/issues/25 -||openai.faith^$all ! https://github.com/uBlockOrigin/uAssets/issues/17602 ||allprizesforme.com^$all ! https://github.com/durablenapkin/scamblocklist/issues/26 -||tesla2023.store^$all -||musk-bit.com^$all -||elontsla.com^$all -||openai-give.online^$all -||msaylor2x.com^$all ! https://github.com/durablenapkin/scamblocklist/issues/28 -||microstrategy2023.net^$all -||elonlive2x.com^$all ||muskai.net^$all ||tslawill.com^$all ||xrp-give.pro^$all ! https://github.com/durablenapkin/scamblocklist/issues/32 -||elongives.net^$all -||day-starship.net^$all ||spacexmusk.io^$all -||openaiteam.space^$all -||openai4btc.com^$all -||future-promo.com^$all ! https://github.com/durablenapkin/scamblocklist/issues/30 -||danegreatjp.blob.core.windows.net^$all ! https://forums.malwarebytes.com/topic/296904-cant-identify-the-source/ -||linkforcaptcha.top^$document ! https://github.com/durablenapkin/scamblocklist/issues/33 -||spacex-starship.net^$all ! https://www.reddit.com/r/uBlockOrigin/comments/12r255v/gamingnewsanalystcom_badware/ ! https://github.com/uBlockOrigin/uAssets/pull/17655 @@ -16680,11 +13982,7 @@ ||123moviesgo.ga^$all ! https://github.com/durablenapkin/scamblocklist/issues/35 -||now-openai.site^$all -||ms-event.tech^$all ||tslaget.live^$all -||tesla-openai.com^$all -||2023-openai.com^$all ||musk-aigpt.com^$all ! https://0xacab.org/my-privacy-dns/matrix/-/issues/121793 @@ -16695,9 +13993,6 @@ ||rplnd60.com^$all ||news-pewuce.com^$all ||djpjwf.com^$all -||eelmyfeet.info^$all -||ms-42.feelmyfeet.info^$all -||ms-49.feelmyfeet.info^$all ! from notifications (sandbox: ) ||totalprotection-2023.store^$all ||closingday2.xyz^$all @@ -16717,8 +14012,6 @@ ||antivirusgaming.com^$all ||xrlbq.aluationiamcur.com^$all ||aluationiamcur.com^$document -||www.mydailywebdefender.com^$all -||mydailywebdefender.com^$all ||awesome-blocker.com^$document ! https://app.any.run/tasks/c9657f58-f49e-4e9e-80bf-9704f0eaa32a (NSFW) @@ -16726,24 +14019,13 @@ ||www6.renhadmasandbab.info^$popup ||mobilesecuremail.com^$document ! looks like a metamask phishing website? -||wormair.bio^$document ! https://github.com/durablenapkin/scamblocklist/issues/38 -||bitcompay.org^$all ||miningpror.top^$all ||paypartc.top^$all ||bitcllpay.top^$all ||tdsintegrations11.online^$all -||crypto022.online^$all -||crypto023.online^$all -||crypto024.online^$all -||crypto025.online^$all -||crypto026.online^$all -||crypto027.online^$all -||crypto028.online^$all -||crypto029.online^$all ||crypto030.online^$all -||crypto031.online^$all ! NSFW: https://app.any.run/tasks/a1a425ca-7b5d-4774-95bf-c11f8f25685a ||webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg^$all @@ -16756,13 +14038,10 @@ ! https://github.com/durablenapkin/scamblocklist/issues/40 ||dischargebackhanded.com^$document ||zech-company.com^$document -||voucheras.com^$document -||lp.voucheras.com^$document ||govmedcareers.com^$document ||talentmaster.bio^$document ||radiatorcrate.com^$document ||theniemannbest.com^$document -||auditorscarf.com^$document ||jellyfishstat.live^$document ! https://github.com/durablenapkin/scamblocklist/issues/42 @@ -16832,7 +14111,6 @@ ||decompraschile.com^$document ||salimusic.com^$document ||open-cbd.de^$document -||gourmetkitchenhouse.shop^$document ||onrunningshop.com^$document ||bygigi.mx^$document ||vkeys.online^$document @@ -16861,7 +14139,6 @@ ||xunlei.it^$document ||botsuanah.com^$document ||lojaacasa.com.br^$document -||netsugar.shop^$document ||dashracegear.net^$document ||youthfy.shop^$document ||smartokids.com^$document @@ -16889,7 +14166,6 @@ ! https://github.com/durablenapkin/scamblocklist/issues/45 ||teslatucker.com^$all -||muskweb.net^$all ! https://www.reddit.com/r/uBlockOrigin/comments/13e53jy/badware_movie_sites/ ||filmshngjbzix.blogspot.com^$document @@ -17010,8 +14286,6 @@ ||totalwebshield.com^$all ||download.totalwebshield.com^$all ! seems to be a mirror? -||virussecurity.shop^$document -||www.virussecurity.shop^$document ! https://www.virustotal.com/gui/file/c190a676d707f290a0f6fccb60ecbc4b3b5dea5ea27d552095acd4110aff51bc/relations -> https://www.virustotal.com/gui/file/33f1e7e43ededca200bda52cc9df5b2af315505fde83cab5c25d3604bfe73294/detection -> https://duckduckgo.com/?q=ScanGuard&ia=web ! This is owned by Protected[.]net, who also is responsible for the TotalAV scam. Can not get an exe as it requires me to pay first... ||scanguard.com^$all @@ -17073,7 +14347,6 @@ ||winzipdriverupdater.com^$document ||slowness.winzipdriverupdater.com^$document ! https://www.virustotal.com/gui/url/e5e8624a07064fc3a296dcab3b0b578ac0ed6d841094489e8bec989653deb93c/detection -||winzipssytemtools.com^$document ! https://www.virustotal.com/gui/ip-address/3.222.136.53/relations ||winzipultimatepccare.com^$document ||www.winzipultimatepccare.com^$document @@ -17103,7 +14376,6 @@ ||vold-cdn.pcspeedcat.com^$all ||envoy.pcspeedcat.com^$all ||www-click-cf.pcspeedcat.com^$all -||mantis.pcspeedcat.com^$all ! Found in the shady Bing ads when searching for ADWCleaner ! Before downloading, ADWCleaner detected no adware. After downloading, ADWCleaner detected adware, which included the program. Program claims that buying the paid version (and entering private data) will fix issues with a clean VM. @@ -17114,15 +14386,12 @@ ||www.mycleanpc.com^$document ! Found using VirusTotal ||reviews.mycleanpc.com^$document -||software.mycleanpc.com^$document ||m.mycleanpc.com^$document ||shop.mycleanpc.com^$document ||web.mycleanpc.com^$document ||blog.mycleanpc.com^$document ||app.mycleanpc.com^$document -||dev-get.mycleanpc.com^$document ||get.mycleanpc.com^$document -||qa-m.mycleanpc.com^$document ||dev-www.mycleanpc.com^$document ! related domains owned by the company used for paying - obtained when talking to the scammer ||ustechsupport.com^$document @@ -17192,7 +14461,6 @@ ||mobile.iobit.com^$document ||m.iobit.com^$document ||startup.iobit.com^$document -||secure.iobit.com^$document ||survey.iobit.com^$document ||checkout.iobit.com^$document ||blog.iobit.com^$document @@ -17212,11 +14480,6 @@ ||update.itopvpn.com^$document ||api.itopvpn.com^$document ||stats.itopvpn.com^$document -||stats.itopreport.com^$document -||itopreport.com^$document -||update.itopupdate.com^$document -||stats.itopupdate.com^$document -||itopupdate.com^$document ! https://www.virustotal.com/gui/file/4efd1bc1bdc12da1bbdc597cf3f37f0c65e582f42e353cf781ac1fe422dfa68c/detection ! https://www.virustotal.com/gui/file/69d9d162a040888164707b7e44f4709059ad45296a832c077c0dc91afed89c05/detection @@ -17243,14 +14506,10 @@ ! https://github.com/iam-py-test/Assets-001/blob/main/PUPs/MediaGet/mediaget_detections.jpeg ||mediaget.com^$all ! found by @DandelionSprout in https://github.com/DandelionSprout/adfilt/issues/253 -||mediaget.ru^$all ||media-get.com^$all ||media-get.ru^$all -||carpet72.com^$all ||mediagetplus.com^$all ||mgmgmg.com^$all -||temp74.com^$all -||trackwebclick.com^$all ||23.111.31.137^$document ||23.111.88.207^$document @@ -17298,18 +14557,12 @@ ||www.tweakbit.com^$all ||debuglogs.tweakbit.com^$all ||update.tweakbit.com^$all -||assist.tweakbit.com^$all ||dynamicdownloads.tweakbit.com^$all ||downloads.tweakbit.com^$all ||store.tweakbit.com^$all ||cdn.tweakbit.com^$all ||aff.tweakbit.com^$all -||test.tweakbit.com^$all -||link.tweakbit.com^$all -||ovh.tweakbit.com^$all ||mail.tweakbit.com^$all -||lp.tweakbit.com^$all -||speedtest.tweakbit.com^$all ! Original inspection ! disable uBlock Origin and go to https://www.google.com/search?q=clean+up+computer+to+run+faster&source=hp&ei=Y4KzYIrUL-rP0PEPqM2liAc&iflsig=AINFCbYAAAAAYLOQcwKl4vglkAEcsALPhO6XEyguHxPP&oq=clean+up+comp&gs_lcp=Cgdnd3Mtd2l6EAEYATICCAAyAggAMgIIADICCAAyBQgAEMkDMgIIADICCAAyAggAMgIIADICCAA6DgguELEDEMcBEKMCEJMCOgsILhCxAxDHARCjAjoFCAAQsQM6CAgAELEDEIMBOggILhDHARCjAjoOCC4QsQMQgwEQxwEQrwE6CAgAEOoCEI8BOggILhCxAxCDAToICC4QxwEQrwE6BQguELEDOggILhCxAxCTAjoICAAQsQMQyQM6BQgAEJIDOgsILhDHARCjAhCTAjoCCC46BQguEJMCUOUoWKCDAWDakwFoAnAAeACAAYoDiAGaFJIBCDAuMTQuMC4xmAEAoAEBqgEHZ3dzLXdperABCg&sclient=gws-wiz @@ -17487,7 +14740,6 @@ ||search.freddostagione.com^$all ||147.135.253.55^$document ||search.motherpipe.net^$document -||search.scuroporta.com^$document ||humanverified.net^$all ||search.potestainsula.com^$document ||search.husmicto.com^$document @@ -17498,8 +14750,6 @@ ||search.megliolavoro.com^$document ||search.luminosoocchio.com^$document ||search.osservareimmaginare.com^$document -||search.frescopartito.com^$document -||search.flussofoglio.com^$document ||search.avantiwendo.com^$document ||search.desideriosoldi.com^$document ||search.sottilesezione.com^$document @@ -17526,7 +14776,6 @@ ||chrome.google.com/webstore/detail/ad-blocker-app/iamhhblhmpldjchjecmapgoikpjmmfoe^$document ! https://forums.malwarebytes.com/topic/291853-hijackhost-found-chrome-windows-10-home-64-bit/ -||charmsearching.com^$document ! https://blog.malwarebytes.com/detections/pup-optional-bytefence/ ! https://www.virustotal.com/gui/file/21dfa4ed47de7007c0fb6eadb3f94d2e847b3f4e301767d2320623f02f0926ba @@ -17554,7 +14803,6 @@ ! https://forums.malwarebytes.com/topic/199170-false-positive-with-auslogics-boostspeed/#elControls_1116195_menu ||auslogics.com^$all ||www.auslogics.com^$all -||download.auslogics.com^$all ! https://www.virustotal.com/gui/file/1d26c8e2760b9d95e344dc93e4516c88c23bae5af1e888b2769186520f53021d/detection ! https://www.virustotal.com/gui/url/c9d507f4fe1720bb0b70a799abfd548f315694f59eebea676204da1cbaee4b4f/detection @@ -17655,8 +14903,6 @@ ||manualsdirectory.org^$document ||tab.freshymanuals-site.com^$document ||search.freshy.com^$document -||freshysearch-api.net^$document -||search.freshysearch-api.net^$document ! https://github.com/uBlockOrigin/uAssets/issues/17568 ||wigglewurm.com^$document @@ -17669,11 +14915,8 @@ ||mysecurify.com^$document ||search.mysecurify.com^$document ||ext.mysecurify.com^$all -||securifythis.com^$document -||ext.securifythis.com^$all ! https://0xacab.org/my-privacy-dns/matrix/-/issues/102265 -||kpmk.info^$all ! an infected VM --> this extension hijacks the search engine claiming it protects your searchs ||privacykeeperapp.com^$document @@ -17690,7 +14933,6 @@ ! https://github.com/uBlockOrigin/uAssets/issues/17960 ||templatesearch.org^$all -||templatesearch-cdn.org^$all ! ----- Spam ----- @@ -17717,15 +14959,12 @@ ||lovesingle.xyz^$document ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1120210042 -||super-dating.life^$all ||fuckbookmobile.com^$document ||www.fuckbookmobile.com^$document ! https://github.com/DandelionSprout/adfilt/issues/63#issuecomment-1179770663 ||like.xcat.buzz^$document ||disqus.com/by/disqus_AIqzI15v88/^$document -||get-partner.life^$document -||hookup33s.com^$document ! https://web.archive.org/web/20221007114132/https://forums.malwarebytes.com/topic/290873-whats-the-hottest-temperature-in-your-city/ ||rathbunlakeassoc.com^$document @@ -17737,12 +14976,8 @@ ! GH spam, i.e. https://github.com/tesla-android/issue-tracker/discussions/162#discussioncomment-4551799 ||4.fo^$document -||meethotlady.life^$all ||mylocaldates1s.com^$all -||gratefuldating.top^$all -||g.gratefuldating.top^$all ||in.sv^$document -||i.gratefuldating.top^$all ||static.imghst-de.com/eb01eaf3-369a-423f-a31e-c4221a2ca42d.png^$all ||trk-click.pshtrk.com^$document ! https://github.com/DandelionSprout/adfilt/commit/e83dc45b60a61c6097b8c40605855a80e3282901 @@ -17898,11 +15133,7 @@ ||media-sync-a.fonetracker.com^$all ||media-sync-a.thetruthspy.com^$all ||media-sync-a100.fonetracker.com^$all -||media-sync-a100.thetruthspy.com^$all ||media-sync-a600.fonetracker.com^$all -||media-sync-a621.fonetracker.com^$all -||media-sync-a696.fonetracker.com^$all -||media-sync-a710.fonetracker.com^$all ||media-sync-a740.thetruthspy.com^$all ||media-sync-a743.thetruthspy.com^$all ||media-sync-a746.thetruthspy.com^$all @@ -17937,63 +15168,20 @@ ||protocol-a.copy9.com^$all ||protocol-a.exactspy.com^$all ||protocol-a.fonetracker.com^$all -||protocol-a.guestspy.com^$all ||protocol-a.ispyoo.com^$all ||protocol-a.mxspy.com^$all ||protocol-a.thetruthspy.com^$all ||protocol-a100.fonetracker.com^$all -||protocol-a100.thetruthspy.com^$all -||protocol-a5.guestspy.com^$all -||protocol-a58.guestspy.com^$all -||protocol-a59.guestspy.com^$all -||protocol-a6.thetruthspy.com^$all -||protocol-a60.guestspy.com^$all ||protocol-a600.fonetracker.com^$all -||protocol-a610.copy9.com^$all -||protocol-a610.thetruthspy.com^$all -||protocol-a611.copy9.com^$all -||protocol-a611.thetruthspy.com^$all -||protocol-a612.copy9.com^$all -||protocol-a614.copy9.com^$all -||protocol-a615.copy9.com^$all -||protocol-a616.copy9.com^$all -||protocol-a617.copy9.com^$all -||protocol-a618.copy9.com^$all -||protocol-a620.copy9.com^$all ||protocol-a621.copy9.com^$all -||protocol-a65.guestspy.com^$all -||protocol-a69.copy9.com^$all ||protocol-a696.copy9.com^$all -||protocol-a70.guestspy.com^$all ||protocol-a710.copy9.com^$all ||protocol-a712.fonetracker.com^$all -||protocol-a72.thetruthspy.com^$all -||protocol-a720.thetruthspy.com^$all -||protocol-a721.thetruthspy.com^$all -||protocol-a722.thetruthspy.com^$all -||protocol-a723.thetruthspy.com^$all -||protocol-a724.thetruthspy.com^$all -||protocol-a725.thetruthspy.com^$all -||protocol-a726.thetruthspy.com^$all -||protocol-a727.thetruthspy.com^$all -||protocol-a728.thetruthspy.com^$all -||protocol-a729.thetruthspy.com^$all -||protocol-a730.thetruthspy.com^$all -||protocol-a731.thetruthspy.com^$all -||protocol-a732.thetruthspy.com^$all -||protocol-a733.thetruthspy.com^$all -||protocol-a734.thetruthspy.com^$all -||protocol-a735.thetruthspy.com^$all -||protocol-a736.thetruthspy.com^$all -||protocol-a737.thetruthspy.com^$all -||protocol-a738.thetruthspy.com^$all -||protocol-a739.thetruthspy.com^$all ||protocol-a740.thetruthspy.com^$all ||protocol-a741.thetruthspy.com^$all ||protocol-a742.thetruthspy.com^$all ||protocol-a743.thetruthspy.com^$all ||protocol-a744.thetruthspy.com^$all -||protocol-a745.mxspy.com^$all ||protocol-a745.thetruthspy.com^$all ||protocol-a746.thetruthspy.com^$all ||protocol-a747.thetruthspy.com^$all @@ -18006,13 +15194,10 @@ ||protocol-a785.copy9.com^$all ||protocol-a785.fonetracker.com^$all ||protocol-a810.ispyoo.com^$all -||protocol-a810.mxspy.com^$all ||protocol-a810.thetruthspy.com^$all ||protocol-a811.ispyoo.com^$all ||protocol-a811.mxspy.com^$all ||protocol-a880.ispyoo.com^$all -||protocol-a89.ispyoo.com^$all -||protocol-a89.mxspy.com^$all ||protocol-a910.thetruthspy.com^$all ||protocol-a915.thetruthspy.com^$all ||protocol-a920.thetruthspy.com^$all @@ -18025,9 +15210,7 @@ ||protocol-monitor.thetruthspy.com^$all ||protocol-viewer-a.copy9.com^$all ||protocol.copy9.com^$all -||protocol.guestspy.com^$all ||protocol.ispyoo.com^$all -||protocol.mxspy.com^$all ||protocol.systemserviceprovider.com^$all ||protocol.thetruthspy.com^$all ||secondclone-2d312.firebaseio.com^$all