From e85ff9549bb0a56912d9a9f6f473ff4374a8d38b Mon Sep 17 00:00:00 2001 From: apdel Date: Thu, 29 Oct 2020 23:49:00 -0700 Subject: [PATCH] scheduled update --- COVID-19-CTI-LEAGUE-PIHOLE-DOMAIN-BLACKLIST.txt | 9 +++++++++ Cyber_threat_Coalition_domain_Blacklist.txt | 9 +++++++++ README.md | 2 +- UNVETTED-zetalytics-domain-names.csv | 2 ++ 4 files changed, 21 insertions(+), 1 deletion(-) diff --git a/COVID-19-CTI-LEAGUE-PIHOLE-DOMAIN-BLACKLIST.txt b/COVID-19-CTI-LEAGUE-PIHOLE-DOMAIN-BLACKLIST.txt index 3216ee46..17f1c8a1 100644 --- a/COVID-19-CTI-LEAGUE-PIHOLE-DOMAIN-BLACKLIST.txt +++ b/COVID-19-CTI-LEAGUE-PIHOLE-DOMAIN-BLACKLIST.txt @@ -60634,6 +60634,7 @@ natwest.com.payee-review-5778.info natwest.com.payee-review-8759.info natwest.com.payee-review-9384.info natwest.com.payee-review-9587.info +natwest.deletepayee.com natwest.newpayeesalert.com natwest.newpaymentalert.com natwest.newpaymentcheck.com @@ -70229,6 +70230,7 @@ pwcitlgwrokhppsiheikfjvqex-dot-gleowayel400503.uc.r.appspot.com pwcneaek.sweetvprice.su pwcrvvrpadzfelhd-dot-glexcel1.ue.r.appspot.com pwdnyqrbymrsolvg-dot-millinium.ey.r.appspot.com +pwghlfgdbosccbojajxdbnoroiywqujcneei-dot-solar-vertex-285913.rj.r.appspot.com pwgyommjgamsakiamllaawvebdhyurhrfryi-dot-glenxpecial3009493.ey.r.appspot.com pwieurc.godaddysites.com pwitknltjhzxrkxi-dot-millinium.ey.r.appspot.com @@ -79364,6 +79366,7 @@ shiny-tulip-william.glitch.me shinynickel.000webhostapp.com shipcrewmanagercom.chifanavoid.top shipent-track-delivery.32-b.it +shiplebdhcxplsveterhxsslgvoaandtpvlv-dot-solar-vertex-285913.rj.r.appspot.com shipment-dhl-notification.000webhostapp.com shipment.free-h.net shipping.adsflycircle.com @@ -86332,6 +86335,7 @@ twominuin.com twomissa.com twowheelcool.com twp-swab.000webhostapp.com +twqkzhswmzgtgjmakfkhuuaxatvuuaesxeuf-dot-cryptic-now-290917.ey.r.appspot.com twreckx.com twsikqlotrbmswergkagzsnlwd-dot-gleowayel400503.uc.r.appspot.com twsxt.xyz @@ -86537,6 +86541,7 @@ uade.net uadmin.natwest-secureserver.ru uaelawyergroup.com uaeluxuryhotels.icu +uaerhqjthiropcteuzfxhlpklseuqwimdnnc-dot-solar-vertex-285913.rj.r.appspot.com uafinty3f552sda.serveirc.com uaixsuam.web.app ualocal787.org @@ -93630,6 +93635,7 @@ wwoorrk.com wwoutlookctzxspuoqjspso8invngomtg8.azurewebsites.net wwpay.ru wwpn.addroits.com +wwppeikgeexpjdzkgaxsivahlcewlqsllatg-dot-solar-vertex-285913.rj.r.appspot.com wwqp.svcoding.com wwrgnxzvf.hotdiscountnow.ru wwrsy.com @@ -94772,6 +94778,7 @@ www.ee-mobsupport.com www.ee-online-secure.com www.ee-paynow.com www.ee-secure-online.com +www.ee-secureaccounts.com www.ee-securepay.com www.ee-update-billing.com www.ee-updatebills.com @@ -95892,6 +95899,7 @@ www.nflix.starairaviation.com.pk www.ningzhidata.com www.nixtechnix.com www.nontonbokep17.jkub.com +www.normally-story.xyz www.notify-alert.secure01.chase.com-auth.mydailywire.us www.notify-alert.secure01a.chase.com-auth.credit-financebank.com www.notify-alert.secure01a.chase.com-auth.mydailywire.us @@ -99364,6 +99372,7 @@ z9w1d.jaysbrand.com z9wc.mentriqq.com za549.onderhost.com zaaher.com +zaawgzoeogtwhfkpcrkcjbyvfimrxddxscok-dot-solar-vertex-285913.rj.r.appspot.com zabava163.ru zablimited.com zaborkursk.ru diff --git a/Cyber_threat_Coalition_domain_Blacklist.txt b/Cyber_threat_Coalition_domain_Blacklist.txt index a8b6cdac..56d8dffe 100644 --- a/Cyber_threat_Coalition_domain_Blacklist.txt +++ b/Cyber_threat_Coalition_domain_Blacklist.txt @@ -60635,6 +60635,7 @@ natwest.com.payee-review-5778.info natwest.com.payee-review-8759.info natwest.com.payee-review-9384.info natwest.com.payee-review-9587.info +natwest.deletepayee.com natwest.newpayeesalert.com natwest.newpaymentalert.com natwest.newpaymentcheck.com @@ -70230,6 +70231,7 @@ pwcitlgwrokhppsiheikfjvqex-dot-gleowayel400503.uc.r.appspot.com pwcneaek.sweetvprice.su pwcrvvrpadzfelhd-dot-glexcel1.ue.r.appspot.com pwdnyqrbymrsolvg-dot-millinium.ey.r.appspot.com +pwghlfgdbosccbojajxdbnoroiywqujcneei-dot-solar-vertex-285913.rj.r.appspot.com pwgyommjgamsakiamllaawvebdhyurhrfryi-dot-glenxpecial3009493.ey.r.appspot.com pwieurc.godaddysites.com pwitknltjhzxrkxi-dot-millinium.ey.r.appspot.com @@ -79365,6 +79367,7 @@ shiny-tulip-william.glitch.me shinynickel.000webhostapp.com shipcrewmanagercom.chifanavoid.top shipent-track-delivery.32-b.it +shiplebdhcxplsveterhxsslgvoaandtpvlv-dot-solar-vertex-285913.rj.r.appspot.com shipment-dhl-notification.000webhostapp.com shipment.free-h.net shipping.adsflycircle.com @@ -86333,6 +86336,7 @@ twominuin.com twomissa.com twowheelcool.com twp-swab.000webhostapp.com +twqkzhswmzgtgjmakfkhuuaxatvuuaesxeuf-dot-cryptic-now-290917.ey.r.appspot.com twreckx.com twsikqlotrbmswergkagzsnlwd-dot-gleowayel400503.uc.r.appspot.com twsxt.xyz @@ -86538,6 +86542,7 @@ uade.net uadmin.natwest-secureserver.ru uaelawyergroup.com uaeluxuryhotels.icu +uaerhqjthiropcteuzfxhlpklseuqwimdnnc-dot-solar-vertex-285913.rj.r.appspot.com uafinty3f552sda.serveirc.com uaixsuam.web.app ualocal787.org @@ -93631,6 +93636,7 @@ wwoorrk.com wwoutlookctzxspuoqjspso8invngomtg8.azurewebsites.net wwpay.ru wwpn.addroits.com +wwppeikgeexpjdzkgaxsivahlcewlqsllatg-dot-solar-vertex-285913.rj.r.appspot.com wwqp.svcoding.com wwrgnxzvf.hotdiscountnow.ru wwrsy.com @@ -94773,6 +94779,7 @@ www.ee-mobsupport.com www.ee-online-secure.com www.ee-paynow.com www.ee-secure-online.com +www.ee-secureaccounts.com www.ee-securepay.com www.ee-update-billing.com www.ee-updatebills.com @@ -95893,6 +95900,7 @@ www.nflix.starairaviation.com.pk www.ningzhidata.com www.nixtechnix.com www.nontonbokep17.jkub.com +www.normally-story.xyz www.notify-alert.secure01.chase.com-auth.mydailywire.us www.notify-alert.secure01a.chase.com-auth.credit-financebank.com www.notify-alert.secure01a.chase.com-auth.mydailywire.us @@ -99365,6 +99373,7 @@ z9w1d.jaysbrand.com z9wc.mentriqq.com za549.onderhost.com zaaher.com +zaawgzoeogtwhfkpcrkcjbyvfimrxddxscok-dot-solar-vertex-285913.rj.r.appspot.com zabava163.ru zablimited.com zaborkursk.ru diff --git a/README.md b/README.md index b6cba29f..2ffda5e2 100644 --- a/README.md +++ b/README.md @@ -1 +1 @@ -![TLP:WHITE](https://github.com/COVID-19-CTI-LEAGUE/PUBLIC_RELEASE/blob/master/MARKUP_RESOURCES/TLP-IMAGES/TLP-WHITE.jpg)
Files vetted, and approved for public release as of Thu Oct 29 22:58:28 PDT 2020

Cyber Threat Coalition : Blacklists by hash, IP and domain. Vetted list of known bad actors.

PiHole Domain Blacklist : A blacklist ready to be imported into the PiHole DNS filtering system.
Instructions for how to install this list in your PiHhole are in the file PIHOLE-HOWTO.txt

Together we are power, and power can save a life.

+![TLP:WHITE](https://github.com/COVID-19-CTI-LEAGUE/PUBLIC_RELEASE/blob/master/MARKUP_RESOURCES/TLP-IMAGES/TLP-WHITE.jpg)
Files vetted, and approved for public release as of Thu Oct 29 23:48:53 PDT 2020

Cyber Threat Coalition : Blacklists by hash, IP and domain. Vetted list of known bad actors.

PiHole Domain Blacklist : A blacklist ready to be imported into the PiHole DNS filtering system.
Instructions for how to install this list in your PiHhole are in the file PIHOLE-HOWTO.txt

Together we are power, and power can save a life.

diff --git a/UNVETTED-zetalytics-domain-names.csv b/UNVETTED-zetalytics-domain-names.csv index 1bb43978..c47233d2 100644 --- a/UNVETTED-zetalytics-domain-names.csv +++ b/UNVETTED-zetalytics-domain-names.csv @@ -89,6 +89,7 @@ 2020-10-29,elitecovidtest.com,elitecovidtest.com,, 2020-10-29,elitecovidtest.com,ns41.domaincontrol.com,, 2020-10-29,elitecovidtest.com,ns42.domaincontrol.com,, +2020-10-29,fastcovidtesting.co.uk,2a00:da00:1800:802a::4,GB,Europe 2020-10-29,fastcovidtesting.co.uk,77.68.122.81,GB,Europe 2020-10-29,fastcovidtesting.co.uk,fastcovidtesting.co.uk,, 2020-10-29,fastcovidtesting.co.uk,ns1.fastcovidtesting.co.uk,, @@ -127,6 +128,7 @@ 2020-10-30,americascovidtest.com,americascovidtest.com,, 2020-10-30,covid19-quicktest.eu,a.ns14.net,, 2020-10-30,covid19-quicktest.eu,b.ns14.net,, +2020-10-30,covid19-quicktest.eu,c.ns14.net,, 2020-10-30,covid19-quicktest.eu,covid19-quicktest.eu,, 2020-10-30,covid19-quicktest.eu,d.ns14.net,, 2020-10-30,covidtestsites.ca,covidtestsites.ca,,