Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ebeyez.com #431

Closed
1 of 3 tasks
spirillen opened this issue Dec 7, 2023 · 0 comments
Closed
1 of 3 tasks

ebeyez.com #431

spirillen opened this issue Dec 7, 2023 · 0 comments
Assignees
@spirillen

Comments

@spirillen
Copy link
Contributor

spirillen commented Dec 7, 2023
edited
Loading

Blacklist domain as

  • Wildcard, The domain should be entirely blacklisted
  • Subdomain, We should not blacklist the entire domain, only sub-domains
  • Both types, category depended, How to Blacklist, depends on category assign per (sub-)domain

Domain records

ebeyez.com|adware,malicious,phishing,spam,tracking

Hosts specific records, not used by DNS RPZ firewalls

No response

Screenshots

Screenshot

image

Links to external sources

No response

logs from uBlock Origin

Logger output
+54 ebeyez.com 1 get image http://ebeyez.com/build/images/flags.007b2705.png
+52 ebeyez.com 1 get script http://ebeyez.com/build/opt_out.js
+52 no-remote-fonts: * true -- ebeyez.com 1 get doc http://ebeyez.com/opt/out
+51 ebeyez.com 1 get doc http://ebeyez.com/opt/out
+45 ##a[href^="https://google.com"] www.google.com get dom https://www.google.com/
+45 ##.Fgvgjc www.google.com get dom https://www.google.com/
+45 ||google.$important -- www.google.com 1 get image https://www.google.com/favicon.ico
+45 ||google.$important -- www.google.com 1 get image https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=oNBxZfONMpjtkgWIn4eIBg&rt=wsrt.3500,aft.366,cbt.83,hst.83,prt.366&wh=900&imn=4&ima=0&imad=0&imac=1&imf=0&aft=1&aftp=-1&opi=89978449
+45 ||google.$important -- www.google.com 1 get image https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
+45 ||gstatic.com^ -- www.google.com 3 get script https://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
+45 ||gstatic.com^ -- www.google.com 3 get script https://www.gstatic.com/og/_/js/k=og.qtm.en_US.bzF-LaXn39U.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTtGj0ppAB9TeeShbTNSI3bE_iNr4Q
+45 ||google.$important -- www.google.com 1 get image https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
+45 ||google.$important -- www.google.com 1 get image https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
+45 ||google.$important -- www.google.com 1 get script https://www.google.com/xjs/_/js/k=xjs.hd.en.7XrjcqYdCrE.O/am=AAAAAAAAAAAAAAAAAAAAACAAAAAAgKCBcAhgAwQABAAAAwQAAQAUiCAKAQ4AgYCHMgEAAJgAgSFgUUBU4BkFAMAEVAEAAAAAAAgGQACABwQAANABAAAIaAQwACGgBAQAAAAgDwDBAcAgggAAAAAAAAAAAAAEPEEwuCABEBBAAAAAAAAAAAAAAJCSJhcDCA/d=1/ed=1/dg=2/rs=ACT90oEJ8xyLngIlj2N98c3eEzeAjy7rQg/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;kbAm9d:MkHyGd;g8nkx:U4MzKc;YV5bee:IvPZ6d;pNsl2d:j9Yuyc;BjwMce:cXX2Wb;KpRAue:Tia57b;jY0zg:Q6tNgc;aZ61od:arTwJ;yGxLoc:FmAr0c;vfVwPd:lcrkwe;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;UyG7Kb:wQd0G;LsNahb:ucGLNb;w9w86d:dt4g2b;coJ8e:KvoW8;oSUNyd:fTfGO,fTfGO,pnvXVc;SMDL4c:fTfGO,pnvXVc;lzgfYb:PI40bd;qZx2Fc:j0xrE;IoGlCf:b5lhvb;w4rSdf:XKiZ9;h3MYod:cEt90b;eO3lse:nFClrf;zaIgPb:Qtpxbd;HMDDWe:G8QUdb;ShpF6e:N0pvGc;k2Qxcb:XY51pe;IBADCc:RYquRb;pKJiXd:VCenhc;rQSrae:C6D5Fc;kCQyJ:ueyPK;EABSZ:MXZt9d;qavrXe:zQzcXe;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;GleZL:J1A7Od;Nyt6ic:jn2sGd;JXS8fb:Qj0suc;w3bZCb:ZPGaIb;VGRfx:VFqbr;G0KhTb:LIaoZ;XUezZ:sa7lqb;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;gtVSi:ekUOYd;KQzWid:ZMKkN;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;OgagBe:cNTe0;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;bcPXSc:gSZLJb;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;pj82le:mg5CW;dLlj2:Qqt3Gf;oUlnpc:RagDlc;Q1Ow7b:x5CSu;bFZ6gf:RsDQqe;ESrPQc:mNTJvc;R9Ulx:CR7Ufe;KOxcK:bFOvTc;G6wU6e:hezEbd;VsAqSb:PGf2Re;okUaUd:wItadb;ZWEUA:afR4Cf;U96pRd:FsR04;heHB1:sFczq;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;lkq0A:JyBE3e;daB6be:lMxGPd;LEikZe:byfTOb,lsjVmc/m=cdos,cr,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
+45 ||google.$important -- www.google.com 1 get image https://www.google.com/gen_204?s=webhp&t=cap&atyp=csi&ei=oNBxZfONMpjtkgWIn4eIBg&rt=wsrt.3500,cbt.83,hst.83&opi=89978449
+45 ##+js(set-constant, rwt, noopFunc) www.google.com get scriptlet https://www.google.com/
+45 ##+js(remove-attr, onmousedown|data-mousedown|ping|data-click, a[href][onmousedown], a[href][ping]) www.google.com get scriptlet https://www.google.com/
+45 ##+js(remove-attr, ping, div[id="search"] a[data-ved][ping]) www.google.com get scriptlet https://www.google.com/
+45 no-remote-fonts: * true -- www.google.com 1 get doc https://www.google.com/
+44 ||google.$important -- behind-the-scene 0,3 get other http://google.com/
+43 www.google.com 1 get doc https://www.google.com/
+43 no-remote-fonts: * true -- google.com 1 get doc https://google.com/
+41 google.com 1 get doc https://google.com/
+41 google.com 1 get doc http://google.com/
+41 no-remote-fonts: * true -- sigate-stract.icu 1 get doc https://sigate-stract.icu/redirect?target=BASE64aHR0cDovL2dvb2dsZS5jb20&ts=1701957787815&hash=6eiFgLW91BOwjGpawQTCv8uRzfNgmk691n37912Voms&rm=DJ
+40 sigate-stract.icu 1 get doc https://sigate-stract.icu/redirect?target=BASE64aHR0cDovL2dvb2dsZS5jb20&ts=1701957787815&hash=6eiFgLW91BOwjGpawQTCv8uRzfNgmk691n37912Voms&rm=DJ
+40 no-remote-fonts: * true -- track.amsfor.com 1 get doc https://track.amsfor.com/b43aeba5-18b3-4446-b626-75f415f1ccb5?click_id=pfqJYYo&var3=&var4=&var5=&var6=&var7=&var8=&var9=&no={no}
+38 track.amsfor.com 1 get doc https://track.amsfor.com/b43aeba5-18b3-4446-b626-75f415f1ccb5?click_id=pfqJYYo&var3=&var4=&var5=&var6=&var7=&var8=&var9=&no={no}
+38 no-remote-fonts: * true -- ebeyez.com 1 get doc http://ebeyez.com/pfqJYYo
+37 ebeyez.com 1 get doc http://ebeyez.com/pfqJYYo
+36 ebeyez.com 1 get doc https://ebeyez.com/pfqJYYo
+36 ebeyez.com 1 get doc http://ebeyez.com/pfqJYYo
+5 ebeyez.com 1 get image http://ebeyez.com/build/images/flags.007b2705.png
+2 ebeyez.com 1 get script http://ebeyez.com/build/opt_out.js
+2 no-remote-fonts: * true -- ebeyez.com 1 get doc http://ebeyez.com/opt/out
+1 ebeyez.com 1 get doc http://ebeyez.com/opt/out
+0 ebeyez.com 1 get doc https://ebeyez.com/opt/out
+0 ebeyez.com 1 get doc http://ebeyez.com/opt/out
+0 no-remote-fonts: * true -- ebeyez.com 1 get doc http://ebeyez.com/
@spirillen spirillen self-assigned this Dec 7, 2023
spirillen added a commit to mitchellkrogza/phishing that referenced this issue Dec 7, 2023
@spirillen
ebeyez.com
ba7b592 
Ref mypdns/matrix#431
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spirillen spirillen

Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@spirillen