Update CDN & Reject Hosts

Build/lib/get-phishing-domains.test.ts

@@ -4,6 +4,7 @@ import { calcDomainAbuseScore } from './get-phishing-domains';
 
 describe('sortDomains', () => {
   it('nmdj.pl', () => {
+    console.log(calcDomainAbuseScore('.booking-com'));
     console.log(calcDomainAbuseScore('plikgier'));
     console.log(calcDomainAbuseScore('www.addgumtree'));
     console.log(calcDomainAbuseScore('zrz'));

Build/lib/get-phishing-domains.ts

@@ -1,7 +1,7 @@
 import { processDomainLists } from './parse-filter';
 import * as tldts from 'tldts-experimental';
 
-import type { Span } from '../trace';
+import { dummySpan, type Span } from '../trace';
 import { appendArrayInPlaceCurried } from './append-array-in-place';
 import { PHISHING_DOMAIN_LISTS_EXTRA } from '../constants/reject-data-source';
 import { loosTldOptWithPrivateDomains } from '../constants/loose-tldts-opt';
@@ -13,6 +13,7 @@ const BLACK_TLD = new Set([
   'accountant',
   'autos',
   'bar',
+  'beauty',
   'bid',
   'biz',
   'bond',
@@ -55,10 +56,13 @@ const BLACK_TLD = new Set([
   'live',
   'link',
   'loan',
+  'lol',
   'ltd',
+  'me',
   'men',
   'ml',
   'mobi',
+  'mom',
   'net.pl',
   'one',
   'online',
@@ -122,18 +126,24 @@ const sensitiveKeywords = createKeywordFilter([
   'virus-',
   'icloud-',
   'apple-',
-  'www.apple.',
+  'www.apple',
   '-coinbase',
   'coinbase-',
   'lcloud.',
-  'lcloud-'
+  'lcloud-',
+  'booking-com',
+  'booking.com-',
+  'booking-eu',
+  'vinted-cz',
+  'inpost-pl'
 ]);
 const lowKeywords = createKeywordFilter([
   '-co-jp',
   'customer.',
   'customer-',
   '.www-',
-  'instagram'
+  'instagram',
+  'microsoft'
 ]);
 
 const cacheKey = createCacheKey(__filename);
@@ -198,11 +208,12 @@ export const getPhishingDomains = (parentSpan: Span) => parentSpan.traceChild('g
         || (domainScoreMap[domain] >= 5 && domainCountMap[domain] >= 4)
       )
     ) {
-      console.log({ domain });
       domainArr.push(`.${domain}`);
     }
   }
 
+  // console.log(domainScoreMap['']);
+
   return domainArr;
 });
 
@@ -252,3 +263,8 @@ export function calcDomainAbuseScore(subdomain: string | null) {
 
   return weight;
 }
+
+if (require.main === module) {
+  getPhishingDomains(dummySpan)
+    .catch(console.error);
+}

Source/domainset/cdn.conf

@@ -2156,6 +2156,11 @@ runkit-packages-static-executables.com
 runkit-packages-static.com
 # bilibili.tv
 pic-bstarstatic.akamaized.net
+# Vinted
+static.vinted.com
+static-assets.vinted.com
+marketplace-web-assets.vinted.com
+images1.vinted.net
 # Others
 .ziffstatic.com
 .muscache.com

Source/domainset/reject_sukka.conf

@@ -322,6 +322,11 @@ inst.360safe.com
 .jdie.pl
 .lumindigitalhosting.com
 
+.mdy8.skin
+.sfmc-marketing.com
+.sfmc-contentqa.com
+
+
 # --- AD Block ---
 
 # >> General
@@ -929,6 +934,10 @@ analytics.bytegiftia.top
 .5clo0xmbf.com
 .k3718qw08.com
 .j6t91e89q.com
+.marketingcloudqaops.com
+.marketingcloudqaapis.com
+.cfolks.pl
+.deeplinking.sfmctest.com
 
 # >> Alexa
 data.alexa.com