From f61804ff511c518f54168d7492ad09a919d883a9 Mon Sep 17 00:00:00 2001 From: SukkaW Date: Thu, 5 Sep 2024 23:41:06 +0800 Subject: [PATCH] Update CDN & Reject Hosts --- Build/lib/get-phishing-domains.test.ts | 1 + Build/lib/get-phishing-domains.ts | 26 +++++++++++++++++++++----- Source/domainset/cdn.conf | 5 +++++ Source/domainset/reject_sukka.conf | 9 +++++++++ 4 files changed, 36 insertions(+), 5 deletions(-) diff --git a/Build/lib/get-phishing-domains.test.ts b/Build/lib/get-phishing-domains.test.ts index e4d4e5ed..37e5b2ed 100644 --- a/Build/lib/get-phishing-domains.test.ts +++ b/Build/lib/get-phishing-domains.test.ts @@ -4,6 +4,7 @@ import { calcDomainAbuseScore } from './get-phishing-domains'; describe('sortDomains', () => { it('nmdj.pl', () => { + console.log(calcDomainAbuseScore('.booking-com')); console.log(calcDomainAbuseScore('plikgier')); console.log(calcDomainAbuseScore('www.addgumtree')); console.log(calcDomainAbuseScore('zrz')); diff --git a/Build/lib/get-phishing-domains.ts b/Build/lib/get-phishing-domains.ts index 00019b4d..eb9840c0 100644 --- a/Build/lib/get-phishing-domains.ts +++ b/Build/lib/get-phishing-domains.ts @@ -1,7 +1,7 @@ import { processDomainLists } from './parse-filter'; import * as tldts from 'tldts-experimental'; -import type { Span } from '../trace'; +import { dummySpan, type Span } from '../trace'; import { appendArrayInPlaceCurried } from './append-array-in-place'; import { PHISHING_DOMAIN_LISTS_EXTRA } from '../constants/reject-data-source'; import { loosTldOptWithPrivateDomains } from '../constants/loose-tldts-opt'; @@ -13,6 +13,7 @@ const BLACK_TLD = new Set([ 'accountant', 'autos', 'bar', + 'beauty', 'bid', 'biz', 'bond', @@ -55,10 +56,13 @@ const BLACK_TLD = new Set([ 'live', 'link', 'loan', + 'lol', 'ltd', + 'me', 'men', 'ml', 'mobi', + 'mom', 'net.pl', 'one', 'online', @@ -122,18 +126,24 @@ const sensitiveKeywords = createKeywordFilter([ 'virus-', 'icloud-', 'apple-', - 'www.apple.', + 'www.apple', '-coinbase', 'coinbase-', 'lcloud.', - 'lcloud-' + 'lcloud-', + 'booking-com', + 'booking.com-', + 'booking-eu', + 'vinted-cz', + 'inpost-pl' ]); const lowKeywords = createKeywordFilter([ '-co-jp', 'customer.', 'customer-', '.www-', - 'instagram' + 'instagram', + 'microsoft' ]); const cacheKey = createCacheKey(__filename); @@ -198,11 +208,12 @@ export const getPhishingDomains = (parentSpan: Span) => parentSpan.traceChild('g || (domainScoreMap[domain] >= 5 && domainCountMap[domain] >= 4) ) ) { - console.log({ domain }); domainArr.push(`.${domain}`); } } + // console.log(domainScoreMap['']); + return domainArr; }); @@ -252,3 +263,8 @@ export function calcDomainAbuseScore(subdomain: string | null) { return weight; } + +if (require.main === module) { + getPhishingDomains(dummySpan) + .catch(console.error); +} diff --git a/Source/domainset/cdn.conf b/Source/domainset/cdn.conf index a3348ca7..059a6d3f 100644 --- a/Source/domainset/cdn.conf +++ b/Source/domainset/cdn.conf @@ -2156,6 +2156,11 @@ runkit-packages-static-executables.com runkit-packages-static.com # bilibili.tv pic-bstarstatic.akamaized.net +# Vinted +static.vinted.com +static-assets.vinted.com +marketplace-web-assets.vinted.com +images1.vinted.net # Others .ziffstatic.com .muscache.com diff --git a/Source/domainset/reject_sukka.conf b/Source/domainset/reject_sukka.conf index 6b363fcc..2ee5af2f 100644 --- a/Source/domainset/reject_sukka.conf +++ b/Source/domainset/reject_sukka.conf @@ -322,6 +322,11 @@ inst.360safe.com .jdie.pl .lumindigitalhosting.com +.mdy8.skin +.sfmc-marketing.com +.sfmc-contentqa.com + + # --- AD Block --- # >> General @@ -929,6 +934,10 @@ analytics.bytegiftia.top .5clo0xmbf.com .k3718qw08.com .j6t91e89q.com +.marketingcloudqaops.com +.marketingcloudqaapis.com +.cfolks.pl +.deeplinking.sfmctest.com # >> Alexa data.alexa.com