diff --git a/filters/badware.txt b/filters/badware.txt index 6d5e0e57af0..acbb8393b21 100644 --- a/filters/badware.txt +++ b/filters/badware.txt @@ -3349,6 +3349,11 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ! https://www.virustotal.com/gui/url/fec16443e3fdb3c4112230fd5271044f3eea542efa85be26b8c8c5f5ba7202c3 ||rampostsouthafrican-*.codeanyapp.com^$all,to=~ram.co.za ||codeanyapp.com/southafrica/*/PAYU^$doc,to=~ram.co.za +! https://urldna.io/scan/6734c9b617aed83575751074 +! https://www.virustotal.com/gui/url/ac22c2340836b8dd3d611948cb1f0f370d55f9903faac7bfc5eea1ff71901a80 +||ntriela-solar65.line.pm^$doc,to=~ameli.fr +||line.pm/*/SNF-GKFF.FR/$doc,to=~ameli.fr + ! wetransfer ! https://www.virustotal.com/gui/url/2dc456580d55d86c4b131ecc5120af4d79439ac3f9be066ce2c2440e4af96581 ||vercel.app/magi/olde/saac-wetr-magi.html^$doc,to=~wetransfer.com @@ -3368,10 +3373,6 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ||auth-llbc.elementfx.com^$all,to=~leboncoin.fr ||epayln.site.tb-hosting.com^$all,to=~leboncoin.fr -! webmail.shaw.ca -||shawupdatingservic.wixstudio.io^$all,to=~webmail.shaw.ca -||shawmailboxservice4.wixsite.com^$all,to=~webmail.shaw.ca - ! linkedin ||faran.ac.ir/wp-content/$all,to=~linkedin.com ! https://www.virustotal.com/gui/url/0de3c62f4908d543d129c280ede7df7ad39cb8bdc69a7781aceab7bd9916cacf @@ -3392,9 +3393,10 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ! webmail ||formspark.rongviet.com.vn^$all ||webmailrupdatekorea.firebaseapp.com^$all +||benpsignin-portal.webflow.io^$all ||mail-cytanet.pages.dev^$all,to=~mail.cytanet.com.cy +||serviceteasfreem.weebly.com^$all ||jhwbcvkjkshaw.weebly.com^$all,to=~webmail.shaw.ca -||hootbio.com/bellmail$all,to=~webmail.bell.net ! https://www.virustotal.com/gui/url/dd060d260d7781f9610f40bdff4991144ed5b52be3a14dfcda6783987efc4b79 ||phoenixvilla.rw/wp-about/*.html^$doc ! https://www.virustotal.com/gui/url/5a758358bf0a16b7afeadc99026ce4fc7c1faf0298f2f7c6b5ace52e7f148eef @@ -3406,6 +3408,17 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ! https://www.virustotal.com/gui/url/060b5ecd27e1ea35fa0718a87e73c270ac3c7310ddc4a7aef81b70bb7b89908a ||resisted-amusing-driver.glitch.me^$all ||glitch.me/public/index_CNC.html^$doc +! https://urldna.io/scan/6737523ade915d9ef3ea0976 +! https://www.virustotal.com/gui/url/a2cfa303c4597801742de9c1f607e8f56822178e4c2d72c48a9c6c0445c93ecd +||emaildomains.ezzomatic.online^$all + +! webmail.bell.net +||bellsecuredloginfom-net.vercel.app^$all,to=~webmail.bell.net +||hootbio.com/bellmail$all,to=~webmail.bell.net + +! webmail.shaw.ca +||shawupdatingservic.wixstudio.io^$all,to=~webmail.shaw.ca +||shawmailboxservice4.wixsite.com^$all,to=~webmail.shaw.ca ! ups.com ! https://www.virustotal.com/gui/url/ef9755fcb211a668986b9afc5187577c92fb8c8bf62057bf9d0b59333827a35a @@ -3480,6 +3493,7 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ! ourtime ||login-ourtime.members-datings.workers.dev^$all,to=~ourtime.com ||ourtime-assist.members-authenticated.workers.dev^$all,to=~ourtime.com +||chat.voice-datings.workers.dev^$all,to=~ourtime.com ! https://www.virustotal.com/gui/url/8caad65d38a5f6df0e322dad6e4576fe0f42d2a9c4a4672d5959f5c53cb59632 ||profile-ourtime.*.workers.dev^$doc,to=~ourtime.com ! https://www.virustotal.com/gui/url/ef9755fcb211a668986b9afc5187577c92fb8c8bf62057bf9d0b59333827a35a @@ -3722,6 +3736,9 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ||jybelinda.com^$all,to=~alibaba.com ! https://www.virustotal.com/gui/url/1649712cd78f28d5660fbf0d0de7d475f8cd51105caac04b3b521ecd850234a1 ||vetsinthecity.me/*/Alibaba/$doc,to=~alibaba.com +! https://urldna.io/scan/6734c98f32353732f75caebe +! https://www.virustotal.com/gui/url/8f2575c66072c227f8e1a60a422e5ff861903bb97f28fb5e3229fa3ec204ae7a +||sanpelmaquinas.com.br^$all,to=~alibaba.com ! aliexpress ! https://www.virustotal.com/gui/url/8348d50aefd96888490c11d2a155b0bae9299a51163b55463b2fd2bf709ef2f2 @@ -3807,12 +3824,22 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ! https://www.virustotal.com/gui/url/df772a3d132acedfd317846a7d291c5040650a99f43db6a706b7cc5155b00d50 ||insolvency-development.co.uk^$all,to=~gov.uk -! gouv.fr -||antai-gouv-fr.troliga.sk^$all,to=~amendes.gouv.fr +! impots.gouv.fr ! https://infosec.exchange/@urldna/112442514480319184 ! https://www.virustotal.com/gui/url/43dc3482b86f463550c0a163836c4c622e4ec801184ba76f49aca03cf7fb5128 ||mybluehost.me/*/impo/$doc,to=~impots.gouv.fr ||isz.bqv.mybluehost.me^$doc,to=~impots.gouv.fr +! https://urldna.io/scan/6725d792a8bda5a0f5926ac5 +! https://www.virustotal.com/gui/url/2ed7817356b844c59b8767582f7b7e484b74f17654e4f3e18ed158db60060262 +||polufredsoa.2mydns.net^$all,to=~impots.gouv.fr +||2mydns.net/fr-impot-gouv^$doc,to=~impots.gouv.fr +! https://urldna.io/scan/6734c7a19ee995c0b18b4fdc +! https://www.virustotal.com/gui/url/6114364912105935ec4264d07368ae3142c6b44dd9ebd68ced4545de317ad44f +/\.temporary\.site\/service\/[a-f0-9]{32}\//$doc,to=temporary.site|~impots.gouv.fr +||kkg.yaf.temporary.site^$doc,to=~impots.gouv.fr + +! amendes.gouv.fr +||antai-gouv-fr.troliga.sk^$all,to=~amendes.gouv.fr ! https://urldna.io/scan/66a17973cf69aaa3408529d8 ! https://www.virustotal.com/gui/url/59f573968e59b6b2f4f09ca26a81608992b83aaef9e7200b29529e10d7641d24 ||mybluehost.me/wp-content/12/*.php^$doc,to=~amendes.gouv.fr @@ -3870,10 +3897,6 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ||antaidossiersuivamendimpayeer*.zynekcctv.com^$all,to=~amendes.gouv.fr ||zynekcctv.com/amandes/$doc,to=~amendes.gouv.fr /amandes/infospage.php^$doc,to=~amendes.gouv.fr -! https://urldna.io/scan/6725d792a8bda5a0f5926ac5 -! https://www.virustotal.com/gui/url/2ed7817356b844c59b8767582f7b7e484b74f17654e4f3e18ed158db60060262 -||polufredsoa.2mydns.net^$all,to=~amendes.gouv.fr -||2mydns.net/fr-impot-gouv^$doc,to=~amendes.gouv.fr ! bank ||chamsocthekhachhang-$doc,to=~edu|~gov|~edu.vn|~gov.vn @@ -3897,6 +3920,7 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ||douroweb.eu^$all,to=~bankofamerica.com ||gaoyinjiao.com^$all,to=~jabank.jp ||activatecustomerduesupportdillegence.com^$all,to=~asb.co.nz +||nyfinance.ru^$all,to=~nykredit.com /^https:\/\/tpbank\.[-a-z0-9]{5,}\.[a-z]{3}(?:\.vn)?\//$doc,to=~edu|~gov|~gov.vn|~tpb.vn ! https://infosec.exchange/@urldna/112496070441371886 ||mybluehost.me/service/*/nkl-log.php$doc,to=~nickel.eu @@ -4001,6 +4025,9 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ||santanderstaging.interviewtoolkit.io^$all ||recompensaszurichsantander.com.mx^$all ||santander.cf.sandbox.motrada.ch^$all,to=~santanderbank.com|~santander.co.uk +! https://urldna.io/scan/67375864415af7ad29e177f6 +! https://www.virustotal.com/gui/url/4b0287034559c9ad4cb28be0e557d2e14b745e8f7e59bee9b57a45f46230c9c6 +||santanderpod.*.co.uk^$all ! DHL ||dhl.*.potabox.com^$doc,to=~dhl.com @@ -4327,6 +4354,8 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ||activarhotmail.weebly.com^$all ||hab-sharepoint.weebly.com^$all ||servicewebformoes.weebly.com^$all +||microsoft-verify.glitch.me^$all +||validacionesoutlookmailwebadmin.glitch.me^$all ||whfdny.org^$all ||infos4.yolasite.com^$all ||microsoftupdate67.wixsite.com^$all @@ -4342,7 +4371,6 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ||e-outlook-online.com^$all ||serverdata.ch^$all ||nilousplaypen.com^$all -||microsoft-verify.glitch.me^$all ||cashum.unam.mx/wp-content/backups-dup-pro/imports/index.htm$all ||od.atami.no/one_drive.html$all ||thermovitraffic.com.mx/SharepointFileProject/$all @@ -4460,8 +4488,9 @@ torrdroidforpc.com##[href^="http://slugmefilehos.xyz/"] ! https://urldna.io/scan/67324ae225a29e5c04a0cac2 ! https://www.virustotal.com/gui/url/32d23c85dd5e4c10a1a7813f935117e236dfe8f914ad882fb302e83eca32f47a ||facture-pdf-secure-*.vercel.app^$all -! https://www.virustotal.com/gui/url/936f2702a84d2b2aca2542cb8b2131701f4c1961978503ed8f847c4ecafca01a -||validacionesoutlookmailwebadmin.glitch.me^$all +! https://urldna.io/scan/67380ef58a64bab0b45d0b6b +! https://www.virustotal.com/gui/url/13c5d820504770599d96aa85000d49ed4af09e2191dcff38e8b63e4ec5eaead5 +||hkwordpress.com/public/export/SM-ORDER/excelz/$doc ! telegram ||telegramhcn.com^$all