-
-
Notifications
You must be signed in to change notification settings - Fork 213
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add to azezieldraconous[.]com to wildcard-domain list #381
Add to azezieldraconous[.]com to wildcard-domain list #381
Conversation
Thanks again for your commit 🥇 |
A pleasure, as always. |
@spirillen just a heads up, it looks like this domain is active again. This is the first time I've seen a domain reused.
|
@spirillen unless I'm missing something, I'm unable to find any record of this domain in the upstream repo. Seeing as this is the first instance where the actor has reused a previous domain, it is causing me more concern than the previous omissions. Should one of us be considering filing an issue upstream? cc @mitchellkrogza - do you have any suggestions that I could help with? |
Your right... seems to be related to #395, I'm the only project who have this record active... You can always use this repo to do search on external projects https://github.com/external-sources/hosts-sources?tab=readme-ov-file#external-sources including this one and the upstream PS: If you know any other that should be included, please just make a PR 😄 @mitchellkrogza + @funilrys , seem the workflow for phishing.database is broken...
|
I found a second instance of a previous domain being reused without protection and added it to the issue reported in #395. Similar to the previously mentioned domain, this one is also still visible in your list but not in the Phishing Database. If the entries are failing to make their way upstream, what should I change for making a PR? The domains are visible in this repo so I'm failing to see what good a second PR would do, though I'm likely misunderstanding something. |
The simple answer, is nothing, your commits are 100% perfect. The issue isn't in this repo, it lies with phishing.database, hence @mitchellkrogza or @funilrys have to look into it, as I do not have the keys to that door. |
Do to a bug in Phishing.Database we are not able to do full search in the active files. For that reason we are now importing the `ALL-phishing-links.txt` and strips it down to domain only list in `data/phishing_database/` Related issues: - mitchellkrogza/Phishing.Database#840 - mitchellkrogza/Phishing.Database#881 - mitchellkrogza/phishing#381 (comment) - mitchellkrogza/phishing#396 - mitchellkrogza/phishing#407 - mitchellkrogza/phishing#395 - mypdns/matrix#624 - blocklistproject/Lists#1252 - mitchellkrogza/Phishing.Database#840 - mitchellkrogza/Phishing.Database#722 Trying to use @main for the php installer and using php version 8.4 Added `libdomain-publicsuffix-perl` to the dependencies.sh script as it is required by perl in import.sh. It turns out Perl just anoyingly does it again... 😏
Phishing Domain/URL/IP(s):
Impersonated domain
Describe the issue
This domain is now serving the phishing kit that was previously at westernautomobileassembly[.]com (#376) , littleswanaircon[.]com[.]sg (#372), iwan2travel[.]com(#370 ), applesforfred[.]com (#369), theaerie[.]ca (#367), nico[.]sa (#366), and ajstelecom[.]com[.]mx (#362)
Related external source
Screenshot
Click to expand