vor 3 Wochen · a5ccb95b22
--- a/yoroi_malware_level1.dns
+++ b/yoroi_malware_level1.dns
--- a/yoroi_malware_level2.dns
+++ b/yoroi_malware_level2.dns
--- a/yoroi_suspicious_level1.dns
+++ b/yoroi_suspicious_level1.dns
@@ -9,90 +9,174 @@
 
				 # Category        : Suspicious
			
 
				 # Confidence      : 10
			
 
				 #
			
 
				-hsbc.ratereset.net
			
 
				-g68r.xyz
			
 
				+allegros.cam
			
 
				+www.h98z.xyz
			
 
				+www.wnuakdnf.cc
			
 
				+p204t.xyz
			
 
				+pos-rogers.com
			
 
				+j295m.xyz
			
 
				+s109m.xyz
			
 
				+gemini.951520.xyz
			
 
				+king-gb.zeabur.app
			
 
				+www.dousunieciadomenas.piotrpiotr.pl
			
 
				+www.p36588.com
			
 
				+www.amazvistore.online
			
 
				+b248w.xyz
			
 
				+xfinity-welcome-hub.base44.app
			
 
				+fexiocomigez.com
			
 
				+continue.business-minagne.com
			
 
				+h99b.xyz
			
 
				+www.b248u.xyz
			
 
				+www.s109p.xyz
			
 
				+s109j.xyz
			
 
				+www.mobilitybusinessorders.com
			
 
				+apidbtoks.xyz
			
 
				+www.trynqlaf.com
			
 
				+www.trunqbsp.com
			
 
				+www.public-biometrique-sante.com
			
 
				+public-biometrique-sante.com
			
 
				+www.jtklqaz.com
			
 
				+jtklqaz.com
			
 
				+allegro.oferta-4710081.cc
			
 
				+allegrolokalnie.oferta-4710081.cc
			
 
				+allegrolokalnie.dla-ciebie-oferty16253.sbs
			
 
				+allegrolokalnie.dla-ciebie-oferty15253.sbs
			
 
				+user-exodsweb3.created.app
			
 
				+olympstore.cc
			
 
				+ameli-organisation.com
			
 
				+mar.cloakingserv.xyz
			
 
				+lodfdsvx8.rosangelica-a03.workers.dev
			
 
				+www.61727.xyz
			
 
				+kucoinexchang.webador.com
			
 
				+kucoinlagiins.webador.com
			
 
				+smdjsceja4.us-west-2.awsapprunner.com
			
 
				+portoftyne.customerserviceportal.co.uk
			
 
				+getmidas.specialfor.za.com
			
 
				+proximus-client.was-systems.com
			
 
				+expedition-mrelay.com
			
 
				+diligent-business-963107.framer.app
			
 
				+galabet-giris.pro
			
 
				+m.m-galabet1052.com
			
 
				+www.wqilnucwfn.my
			
 
				+galabet.games
			
 
				+m.galabet-tr2026.top
			
 
				+whsgrts.com
			
 
				+regestrationwithmystore.cyou
			
 
				+ppadisahbet.com
			
 
				+agra.org
			
 
				+ap-web-whatsapp.hl.cn
			
 
				+www.smbcaigow.com
			
 
				+learn-us-suite-trezzr-en.typedream.app
			
 
				+www.znshdkeonp.my
			
 
				+bonuspro.it.com
			
 
				+www.zkeyusnwuu.my
			
 
				+landingcaptcha12.live
			
 
				+e-cordillerab.com
			
 
				+sp502872.sitebeat.crazydomains.com
			
 
				+my-site-104291-103226.weeblysite.com
			
 
				+my-site-103448-107697.weeblysite.com
			
 
				+chilly-point-535224.framer.app
			
 
				+marmoud.journ-6262.pro
			
 
				+yassintap.journ-6262.pro
			
 
				+poulet.journ-6262.pro
			
 
				+jambon.journ-6262.pro
			
 
				+fauconnier.journ-6262.pro
			
 
				+coinbase-rec.com
			
 
				+bbestdiaadiapt.zohosites.com
			
 
				+atendimentobestpt.com
			
 
				+csmoneys.at
			
 
				+cskmoney.com
			
 
				+regular-patterns-355532.framer.app
			
 
				+meojrbal.com
			
 
				+www.meojrbal.com
			
 
				+trozr-df8d.rosangelica-a03.workers.dev
			
 
				+allegrolokalnie.57483931.xyz
			
 
				+www.stelepraxis.cfd
			
 
				+login-iive.com
			
 
				+lodfdsvx8.brionnaa4.workers.dev
			
 
				+portalnfe.site
			
 
				+allegrolokalnie.pl-oferta9332729.icu
			
 
				+www.njdznalr.com
			
 
				+njdznalr.com
			
 
				+renouvellement-devotrecarte-vitale.com
			
 
				+aumentoweb.sbs
			
 
				+pro.formview.io
			
 
				+seoyonetim.vip
			
 
				+aide-securipass21.com
			
 
				+ocn-wanting-mitten.surge.sh
			
 
				+actions-gemini.com
			
 
				+mail-matellink.appwrite.network
			
 
				+aa89729a-907a-4b15-822e-2e9f101512a4-00-1il02hn0y93h.riker.replit.dev
			
 
				+a97c1ba3-9fe0-473f-bb26-59389d5bfbd4-00-15o04h8oud890.worf.replit.dev
			
 
				+allegrolokalnie.pl-019276218bavvchags72652628.icu
			
 
				+b8cd720d-d7ae-498a-b24d-8e874c664e47-00-2rcwvmeafyycq.worf.replit.dev
			
 
				+dapps-exodus-wllet.created.app
			
 
				+crevnqle.com
			
 
				+creditoenlineapichincha.lovable.app
			
 
				+creditpichincha2026.lovable.app
			
 
				+exxodus-en.zapier.app
			
 
				+exodus-us-web3.created.app
			
 
				+exodusweb3wallet.created.app
			
 
				+en--exo-x-us-wallet.created.app
			
 
				+en-exodus-es.created.app
			
 
				+mcs-cityline.info
			
 
				+reproglivraisonmondialrlay.com
			
 
				+sfr.service.client.disposablebazar.com
			
 
				+web3-com-exodus.created.app
			
 
				 www.f230e.xyz
			
 
				-www.amatl.cfd
			
 
				+allegrolokalnie.387328752.cfd
			
 
				+allegrolokalnie.pl-7685.cfd
			
 
				+allegro.pl-7685.cfd
			
 
				+allegro.pl-522947.sbs
			
 
				+allegrolokalnie.pl-7865.sbs
			
 
				+allegro.pl-93dw8.cfd
			
 
				 allegrolokalnie.7282p182xs28.lat
			
 
				 allegro.pl-oferta9614533.cfd
			
 
				 allegro.pl-ogloszenie-id5967429337.cyou
			
 
				+www.amatl.cfd
			
 
				 www.pleochroic.cfd
			
 
				 www.hubblesequence.cfd
			
 
				 www.specificgravity.cfd
			
 
				 www.biometrie-carte-sante.com
			
 
				 www.trkamepn.com
			
 
				-allegrolokalnie.387328752.cfd
			
 
				-allegrolokalnie.pl-7685.cfd
			
 
				-allegro.pl-7685.cfd
			
 
				-allegro.pl-522947.sbs
			
 
				-allegrolokalnie.pl-7865.sbs
			
 
				-allegro.pl-93dw8.cfd
			
 
				-ws-what01.com
			
 
				-cartoesshopee.site
			
 
				-www.updateterms.com
			
 
				-www.ma-carte-renouvellement.com
			
 
				+allegro.pl-oferta7415288.sbs
			
 
				+allegrolokalnie.40349821.xyz
			
 
				 gorevmerkezi.it.com
			
 
				-www.tagrodovias.athrosauditores.site
			
 
				-www.digitalvias.athrosauditores.site
			
 
				-www.61955.xyz
			
 
				-61942.xyz
			
 
				 k5ahmfv2rx.tiffney1.workers.dev
			
 
				-m.tiktokshop.work
			
 
				-x104s.xyz
			
 
				-tiktok.tnzmedia.com
			
 
				-en--exo-x-us-wallet.created.app
			
 
				 trozr-sdf87we.roshunda11.workers.dev
			
 
				-exodusweb3wallet.created.app
			
 
				-en-exodus-es.created.app
			
 
				-web3-com-exodus.created.app
			
 
				-dapps-exodus-wllet.created.app
			
 
				-exodus-us-web3.created.app
			
 
				 meindkbgiroprodukte.online
			
 
				-mcs-cityline.info
			
 
				-exxodus-en.zapier.app
			
 
				-allegro.pl-oferta7415288.sbs
			
 
				-allegrolokalnie.40349821.xyz
			
 
				-ofertascomvalor.online
			
 
				-sfr.service.client.disposablebazar.com
			
 
				 allegro.pl-oferta5013582-apple-macbook-pro-m4-24gb.site
			
 
				-allegrolokalnie.pl-019276218bavvchags72652628.icu
			
 
				 allegro.pl-019276218bavvchags72652628.icu
			
 
				 www.crevnqle.com
			
 
				-crevnqle.com
			
 
				-aa89729a-907a-4b15-822e-2e9f101512a4-00-1il02hn0y93h.riker.replit.dev
			
 
				-a97c1ba3-9fe0-473f-bb26-59389d5bfbd4-00-15o04h8oud890.worf.replit.dev
			
 
				-creditoenlineapichincha.lovable.app
			
 
				-b8cd720d-d7ae-498a-b24d-8e874c664e47-00-2rcwvmeafyycq.worf.replit.dev
			
 
				-creditpichincha2026.lovable.app
			
 
				-1670082278.dojiner.at
			
 
				-10001311.dojiner.at
			
 
				 1d018414-0a7e-4fa8-8adc-234f631939b7-00-1i7xop7udlg49.worf.replit.dev
			
 
				-1703351226.dojiner.at
			
 
				-support.useraccountverify.com
			
 
				-help.useraccountverify.com
			
 
				-utyer68register993.42web.io
			
 
				-splendid-popup-564450.framer.app
			
 
				-easygoing-hours-190538.framer.app
			
 
				+10001311.dojiner.at
			
 
				+75886-104819.weeblysite.com
			
 
				 bt-109788.weeblysite.com
			
 
				-5064334288.dojiner.at
			
 
				+easygoing-hours-190538.framer.app
			
 
				 espaceclient.bhane.fr
			
 
				 fwblnb.02335.de
			
 
				 juss-103519.weeblysite.com
			
 
				-post-nouvellesvitales.offremanagement-accessibilities.icu
			
 
				+splendid-popup-564450.framer.app
			
 
				+support.useraccountverify.com
			
 
				 t-109975.weeblysite.com
			
 
				 tronlink.org.uk
			
 
				-75886-104819.weeblysite.com
			
 
				-senvest.sbs
			
 
				+utyer68register993.42web.io
			
 
				+5064334288.dojiner.at
			
 
				+1670082278.dojiner.at
			
 
				+help.useraccountverify.com
			
 
				+1703351226.dojiner.at
			
 
				+post-nouvellesvitales.offremanagement-accessibilities.icu
			
 
				 lodfd8fdd.roshunda11.workers.dev
			
 
				 bafybeifo2pid4d2xyk7cc2rncpemph3kljg5ylnovhdmdvw4khoq3uzlya.ipfs.infura-ipfs.io
			
 
				 h98m.xyz
			
 
				 f230u.xyz
			
 
				 www.f230v.xyz
			
 
				+g69b.xyz
			
 
				+senvest.sbs
			
 
				+h97a.xyz
			
 
				 www.m49fka.webwave.dev
			
 
				 g69j.xyz
			
 
				 www.flixpromo.click
			
 
				-g69b.xyz
			
 
				-h97a.xyz
			
 
				 www.bingejobs.com
			
 
				 www.s108v.xyz
			
 
				 mam.zeabur.app
			
@@ -103,24 +187,24 @@ exds-wlt-ds6.brionnaa4.workers.dev
 
				 coinbase-ticketing.com
			
 
				 saoha.saoha.workers.dev
			
 
				 lis-update.appwrite.network
			
 
				+254afef7-d571-4acb-8af7-04db4ff9314a-00-1xrj0kbjlc651.janeway.replit.dev
			
 
				+programationlivraisoncartesante.com
			
 
				+stream-billing.com
			
 
				 8e0258e9-6bd9-445e-8f1f-fbb0b4e59bdc-00-3htge7vz2vu1z.riker.replit.dev
			
 
				+6bed10b4-7f14-47f0-9a8a-ae46c6e2c953-00-29op5zoaeva8f.picard.replit.dev
			
 
				 7b4a02c6-cce3-44dc-9aaf-a4ca65512cdc-00-377wgx2fvc91x.spock.replit.dev
			
 
				 allegrolokalnie.pl-8726.sbs
			
 
				 allegrolokalnie.pl-ogloszenie-id5697239412.cfd
			
 
				 allegrolokalnie.pl-oferta7872373.sbs
			
 
				 infoassureactualisationcarte.com
			
 
				-programationlivraisoncartesante.com
			
 
				 allegrolokalnie.pl-4532.sbs
			
 
				 allegrolokalnie.pl-584724239.sbs
			
 
				-stream-billing.com
			
 
				-254afef7-d571-4acb-8af7-04db4ff9314a-00-1xrj0kbjlc651.janeway.replit.dev
			
 
				-6bed10b4-7f14-47f0-9a8a-ae46c6e2c953-00-29op5zoaeva8f.picard.replit.dev
			
 
				 ldr3vxc7dfs.roshunda11.workers.dev
			
 
				-semcancela.online
			
 
				-dhl.servirtual.cl
			
 
				 gemimi.zeabur.app
			
 
				 gedmni.zeabur.app
			
 
				 green-epic-dust.store
			
 
				+semcancela.online
			
 
				+dhl.servirtual.cl
			
 
				 wh1513395.ispot.cc
			
 
				 blockbook-btc-2.nodes.zelcore.io
			
 
				 blockbook-clore-1.nodes.zelcore.io
			
@@ -145,6 +229,7 @@ schwabsession.com
 
				 montoon.speciallreward.com
			
 
				 itpontos.lat
			
 
				 www.whatsapp.sc.cn
			
 
				+allegro.2782ds8263x7.lat
			
 
				 moneyswap24.vip
			
 
				 ufmgbr.ukit.me
			
 
				 pucrsbbh.ukit.me
			
@@ -152,30 +237,30 @@ aigemini.zeabur.app
 
				 wraaa.eportalsecure.workers.dev
			
 
				 redirect-7t12.onrender.com
			
 
				 ldr3fdg45365.roshunda11.workers.dev
			
 
				-allegro.2782ds8263x7.lat
			
 
				 plateforme-colis.com
			
 
				 securipass21-app.com
			
 
				 allegrolokalnie.pl-953189.icu
			
 
				-www.robuxsupply.shop
			
 
				-www.icloudoficial.com
			
 
				-app.635-488.com
			
 
				 mail-icloud.com
			
 
				 blue-leather-coat.shop
			
 
				 p203c.xyz
			
 
				 62240.xyz
			
 
				+www.robuxsupply.shop
			
 
				+www.icloudoficial.com
			
 
				+app.635-488.com
			
 
				 ldr-df45-fd4.abdiel33.workers.dev
			
 
				 trz0r-d87d.mahsa2-1f6.workers.dev
			
 
				 terzf4335tgf.randolfa20.workers.dev
			
 
				 trzrl4jrgpo.garvie14.workers.dev
			
 
				 atmc-xfdr3.yussufc3.workers.dev
			
 
				 actualizacionbdh2026.wuaze.com
			
 
				+attnet-yahoo-mail-support.weeblysite.com
			
 
				 ead26e08-a768-4fae-bc9e-ec8073e49d91-00-29xd0laspnibv.worf.replit.dev
			
 
				 memorable-convention-974605.framer.app
			
 
				-attnet-yahoo-mail-support.weeblysite.com
			
 
				+dd7b4a94-9b0c-4743-867e-622a60b1f62b-00-1kigbbgtmxotx.kirk.replit.dev
			
 
				 allegrolokalnie.smart-72643.cfd
			
 
				 allegrolokalnie.pl-oferta9682276.cfd
			
 
				-dd7b4a94-9b0c-4743-867e-622a60b1f62b-00-1kigbbgtmxotx.kirk.replit.dev
			
 
				 allegrolokalnie.pl-oferta3139169.cfd
			
 
				+www.shadowaagraphswaney.info
			
 
				 www.microsofupdate.com
			
 
				 fly.ahoj.baby
			
 
				 gragas654.anakembok.de.116-193-191-4.cpanel.site
			
@@ -186,12 +271,11 @@ m36r.xyz
 
				 x103a.xyz
			
 
				 hsbc6.cashanalytics.com
			
 
				 coinbaseproaloegin.webador.com
			
 
				-www.shadowaagraphswaney.info
			
 
				 x101i.xyz
			
 
				 whatap.eu.cc
			
 
				 www.wdxs-whatsapp.hl.cn
			
 
				 www.wdxf-whatsapp.hl.cn
			
 
				 ata-ext-train-performance.trycloudflare.com
			
 
				+trozr-wlt-c7s.dwanna3.workers.dev
			
 
				 allegro.pl-oferta7401856.cfd
			
 
				 badbugss.lat
			
 
				-trozr-wlt-c7s.dwanna3.workers.dev
			
--- a/yoroi_suspicious_level2.dns
+++ b/yoroi_suspicious_level2.dns