From f737c0a335cf6b6140172786e15bf3320d86d806 Mon Sep 17 00:00:00 2001
From: unknown <hej@aspoblourib.1w1.one>
Date: Thu, 3 Feb 2022 18:40:05 +0700
Subject: [PATCH] Blocked : [Read Commit Desc] hgufs.eu.org, kubi.one,
 mediastream1.blogspot.com, bunitu.eu.org, tystreammovies.blogspot.com,
 khi1.kubi.one, d1a81fc.hgufs.eu.org, 89c8c1d728.bunitu.eu.org

		  These domain marked as suspected to be a malware that spread on Media Page on Facebook Thailand Lately . The method of these kind of spam is use url shorter(like s.id, bit.do) to short their domain at [A].eu.org and proceed to [A].blogspot.com
		  kubi.one is cname of [A].eu.org, when facebook crawl that url, Url Preview usually look like this [01] (Please note that Catdumb is 100% Legitimate media and had no public/known relationship with Spammer anyways)

		  [A]  Refer to subdomains of domains that added to blocklist on commit Message
		  [01](https://serv.1w1.one/content/image/FB-spam-commit/1.png)
---
 Resources/blocked.txt | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Resources/blocked.txt b/Resources/blocked.txt
index 736f4fc..e3110fb 100644
--- a/Resources/blocked.txt
+++ b/Resources/blocked.txt
@@ -9,6 +9,7 @@ asia-vcode-od.vivoglobal.com
 beacon.wikia-services.com
 bodis.com
 btrace.qq.com
+bunitu.eu.org
 c.gj.qq.com
 ccleaner.org
 cdn-gl.imrworldwide.com
@@ -37,16 +38,19 @@ get-express-vpn.xyz
 goat.blahdns.com
 graph.fbpigeon.com
 guanjia.qq.com
+hgufs.eu.org
 huyts.eu.org
 in-os-config-appstore.vivoglobal.com
 incoming.telemetry.mozilla.org
 innity.net
+kubi.one
 lamssettings-pa.googleapis.com
 master.etl.desktop.qq.com
 masterconn.qq.com
 masterconn11.qq.com
 masterconn2.qq.com
 matomo.1984.is
+mediastream1.blogspot.com
 myapp.com
 p.gitjournal.io
 p2pupdate.gamedl.qq.com
@@ -91,6 +95,7 @@ syzs.qq.com
 tagmanager.smartadserver.com
 telemetry-incoming.r53-2.services.mozilla.com
 telemetry.soundcloud.com
+tystreammovies.blogspot.com
 www.fastly-insights.com
 www.get-express-vpn.com
 www.get-express-vpn.net