// // PAC (Proxy Auto Configuration) Filter // Available at: // // http://www.hostsfile.org/pac.html // http://www.securemecca.com/pac.html // // Primary Code Author: // Danny R. Johnston // (REGEXP GURU) // Pattern, Tracker, and Malware Analyzer // David Alexander Harvey // alias Henry Hertz Hobbit // hhhobbit GNAT securemecca.com // Original List: // Eric Phelps // http://www.ericphelps.com/security/pac.htm // // Version: 3.1.6 // Release Date: Saturday 13 March 2010 // // (C) Copyright 2006-2010 // David Alexander Harvey alias Henry Hertz Hobbit // Danny R Johnston // With contributions by Eric Phelps // With contributions by Rodney alias DomainAnalysis // With contributions by Elric Scott // With contributions by Stefan Welch // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be // useful, but WITHOUT ANY WARRANTY; without even the implied // warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR // PURPOSE. See the GNU General Public License for more details. // // You should have received a copy of the GNU General Public // License along with this program; if not, write to the Free // Software Foundation, Inc., 59 Temple Place, Suite 330, // Boston, MA 02111-1307 USA // // If you normally use a proxy, replace "DIRECT" below with // "PROXY MACHINE:PORT" // where MACHINE is the IP address or host name of your proxy // server and PORT is the port number of your proxy server. var normal = "DIRECT"; var blackhole = "PROXY 127.0.0.1:80"; //var blackhole = "PROXY 192.168.0.1:80"; // Set debug to level you want status alerts for testing var debugNone = 0; // No debuging alerts. var debugGeneral = 1; // Show alert when file is loaded. var debugShowPass = 2; // Show all URLS that pass and why. var debugShowFail = 4; // Show all URLS that fail and why. var debugRegxGen = 8; // Show Regx expressions generated. var debugModURL = 16; // Show removal of CGI args and anchors from URL. var debugShowIP = 32; // Show when we find an IP numeric address. var debugNormal = debugGeneral | debugShowFail; var debugAll = debugGeneral | debugShowPass | debugShowFail | debugRegxGen | debugModURL | debugShowIP; // WARNING: Opera, Konqueror, AND Safari USERS MUST NEVER SET DEBUG TO // ANYTHING OTHER THAN debugNone. THE alert() CALL CAUSES THEM TO FAIL! var debug = debugNormal; var fullParse = 0; // Parse the whole thing. var pathParse = 1; // Parse the host & path but no CGI args or anchors. var parseURL = pathParse; // WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING // The arrays below are for words to disallow or allow host or URLS. Be // very carefull about adding things if you don't understand regular // expressions. They can be very tricky. Danny has set up a function to // escape periods so you don't have to worry about their special // meanings in regular expressions but all the other stuff works. One // handy regular expression you may need to use is the brackets [] and // the caret ^. When used in an expression like "[^c]lips" it will match // lips but not clips. Please note that you do not use something like // that in any of the following ways: // // GoodDomains at the end // BadDomains at the end // // BadURL_Parts okay anywhere // BadHostParts okay anywhere // // BadURL_WordStarts at the begining // BadHostWordStarts at the begining // // BadURL_WordEnds at the end // BadHostWordEnds at the end // // You MUST do it this way due to anchors in the regular expressions // that are generated from them. If you do use a character that is // used in regular expressions you must double backslash them to // escape them due to the way the regular expressions are generated // from the strings. One escape will be eaten by the string generation // and escape the second one that will be passed to the regular // expression parser. // // http://www.webreference.com/js/column5/ is a good site for learning // about regular expressions // Please also note that some words you may think are bad may be // embedded. For example "cheapornothing" has the word "porn" in it. // Likewise "stockmansexchange" has "sex" in it. Buried inside a phrase // like that, it might be okay. However, it's harder to imagine a // "good" phrase that starts or finishes with the word "sex" or "porn", // so you would not want to put it in the BadURL_Parts array but probably // would want it in one or both of the BadURL_WordStart or BadURL_WordEnd // arrays. Nevertheless, until a false positive shows up, the word // "porn" is not allowed anywhere in a URL. As soon as that rule elicits // a false positive, it will be downgraded to HOST, and the start and end // rules will be uncommented and activated for the URL. // Here are what the arrays do: // // GoodDomains Regular expressions that must match the end of // a host name to force a URL to pass. // GoodNetworks Network number followed by a netmask for ranges // of good networks // BadNetworks Network number followed by a netmask for ranges // of bad networks // BadDomains Regular expressions that must match the end of // a host name to force a URL to fail. // // BadURL_Parts Words that will cause blocking if they show up // anywhere in a URL. // BadHostParts Regular expressions the will cause a URL to fail // if found anywhere in the HOST name. // // BadURL_WordStarts Regular expressions that will cause a URL to // fail if they have a non alpha character before // them anywhere in a URL. // BadHostWordStarts Regular expressions that will cause a HOST to // fail if they have a non alpha character before // them in a HOST name or start the host name. // // BadURL_WordEnds Regular expressions that will cause a URL to // fail if they have a non alpha character following // them or are at the very end of a URL. // BadHostWordEnds Regular expressions that will cause a HOST to // fail if they have a non alpha character following // them or are at the very end of a HOST name. // // NOTE: Even if a URL fails it may still be passed if the IP is in RFC // reserved nets. This is because any thing that is behind your // firewall using these addresses are considered safe and should // never exist in the internet. These are defined at the very // bottom of the function FindProxyForURL and if you want to // modify them you must do it there. // Counter Variable to initalize the arrays. var i= 0; // If the host name ends in any of the following domains it will be passed // WARNING - DO NOT PUT REGEXPs AT THE *END* OF THIS ARRAY var GoodDomains = new Array(); i=0; GoodDomains[i++] = ".123-reg.co.uk"; // Phish - 2009-12-07 GoodDomains[i++] = "1800flowers.com"; GoodDomains[i++] = ".1and1.co.uk"; // Phish - 2009-12-07 GoodDomains[i++] = ".1and1.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".1und1.de"; // Phish - 2009-12-07 GoodDomains[i++] = ".4shared.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".50webs.com"; // Phish - 2009-12-08 GoodDomains[i++] = "aarpmedicarerx.com"; // SPAM - 2009-12-17 GoodDomains[i++] = "aba.com"; // Phish - 2010-02-05 GoodDomains[i++] = "abcdelasecurite.free.fr"; GoodDomains[i++] = ".ac.uk"; // 2009-02-17 GoodDomains[i++] = "adblockplus.org"; // block - 2009-04-18 GoodDomains[i++] = ".adobe.com"; // flash-plugin - 2009-09-03 GoodDomains[i++] = "ads.morningstar.com"; // bad LSO allow - 2009-12-21 GoodDomains[i++] = "adsense.blogspot.com"; // adsense - 2010-01-12 GoodDomains[i++] = "agnitum.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "agnitum.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".akamai.net"; // 17 & 18 GoodDomains[i++] = "aladdin.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "aladdin.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "all-inkl.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".ally.com"; // Phish - 2009-11-30 GoodDomains[i++] = ".allybank.com"; // Phish - 2009-12-29 GoodDomains[i++] = "altavista.com"; // 2010-01-04 GoodDomains[i++] = ".amazon.ca"; GoodDomains[i++] = ".amazon.com"; GoodDomains[i++] = ".americanexpress.com"; // Phish - 2009-12-06 GoodDomains[i++] = ".angelfire.com"; // Phish - 2009-12-07 GoodDomains[i++] = "antispamfilterblocker.com"; // Security - 2009-11-25 GoodDomains[i++] = ".antivirus.com"; // Security - 2009-12-19 GoodDomains[i++] = "antivirusyellowpages.com"; // antivir - 2009-02-12 GoodDomains[i++] = ".aol.com"; // Phish - 2010-02-05 GoodDomains[i++] = ".aolcdn.com"; // 2010-02-05 GoodDomains[i++] = "apple.com"; GoodDomains[i++] = "arcor.de"; // Phish - 2009-12-07 GoodDomains[i++] = "arcor-online.net"; // Phish - 2009-12-07 GoodDomains[i++] = ".aruba.it"; // Phish - 2009-12-07 GoodDomains[i++] = ".ask.com"; GoodDomains[i++] = "assiste.com.free.fr"; GoodDomains[i++] = "avast.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".avg.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".avgate.net"; // 17 & 18 GoodDomains[i++] = "avgfrance.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "avira.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "avira.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".avp.ru"; // SECURITY - 2009-08-18 GoodDomains[i++] = ".awardspace.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".barnesandnoble.com"; GoodDomains[i++] = ".bbva.es"; // Phish - 2009-12-22 GoodDomains[i++] = ".bestbuy.com"; GoodDomains[i++] = "bicycling.com"; // 2010-01-04 GoodDomains[i++] = "bitdefender.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "bitdefender.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "blockacountry.com"; // SECURITY - 2009-11-11 GoodDomains[i++] = ".bluecoat.com"; GoodDomains[i++] = ".bluehost.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".bp.blogspot.com"; // 2009-07-19 GoodDomains[i++] = "bytecrime.org"; GoodDomains[i++] = ".ca.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "cdc.gov"; // Phish - 2009-12-02 GoodDomains[i++] = ".chase.com"; // Phish - 2009-11-30 GoodDomains[i++] = "checkpoint.com"; // SECURITY - 2009-08-18 GoodDomains[i++] = "checkpoint.com.cn"; // SECURITY - 2009-08-18 GoodDomains[i++] = "checkoutfree.com"; // ussearch.com GoodDomains[i++] = "circuitcity.com"; GoodDomains[i++] = "clamav.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "clamav.net"; // SECURITY - 2009-08-17 GoodDomains[i++] = "clamav.org"; // SECURITY - 2009-08-17 GoodDomains[i++] = "clamwin.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "clamwin.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "clamwin.org"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".cnn.com"; GoodDomains[i++] = "codecguide.com"; // codec - 2009-08-12 GoodDomains[i++] = "comcast.com"; // 2009-12-02 GoodDomains[i++] = "comcast.net"; // 2009-12-02 GoodDomains[i++] = "comodo.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".coolclips.com"; GoodDomains[i++] = "crazyfox.com"; GoodDomains[i++] = "cybertipline.com"; // Advertising GoodDomains[i++] = "creativecommons.org"; GoodDomains[i++] = "ddanchev.blogspot.com"; // 2009-07-19 GoodDomains[i++] = "discovercard.com"; // Phish - 2009-11-23 GoodDomains[i++] = ".disney.com"; // Disney - PERSONAL RULE GoodDomains[i++] = ".dotster.com"; // Phish - 2009-12-19 GoodDomains[i++] = ".dreamhost.com"; // Phish - 2009-12-07 GoodDomains[i++] = "drweb-online.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "drweb.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "drweb.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".dynadot.com"; // Phish - 2009-12-07 GoodDomains[i++] = "earthlink.com"; // Phish - 2009-12-07 GoodDomains[i++] = "ebay.com"; // Phish - 2009-12-08 GoodDomains[i++] = ".ebayimg.com"; // Phish - 2009-12-08 GoodDomains[i++] = ".ebayrtm.com"; // rx - 2010-01-14 GoodDomains[i++] = ".ebaystatic.com"; // Phish - 2009-12-08 GoodDomains[i++] = ".ebony.com"; GoodDomains[i++] = "ebonyjet.com"; GoodDomains[i++] = ".edu"; GoodDomains[i++] = ".edu.cn"; // 2009-02-17 GoodDomains[i++] = ".edu.tw"; // 2009-04-07 GoodDomains[i++] = "emsisoft.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "emsisoft.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "eset-nod32.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".eset.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "eurotunnel.com"; GoodDomains[i++] = ".ewido.net"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".f-prot.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".f-prot.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "f-secure.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "f-secure.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "f-secure.net"; // SECURITY - 2009-08-17 GoodDomains[i++] = "f-secure.org"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".facebook.com"; // Phish - 2009-11-15 GoodDomains[i++] = ".fasthosts.co.uk"; // Phish - 2009-12-07 GoodDomains[i++] = "fdic.gov"; // Phish - 2009-11-15 GoodDomains[i++] = "filext.com"; // 2009-01-04 GoodDomains[i++] = "foxitsoftware.com"; // flash-plugin - 2009-09-03 GoodDomains[i++] = "free-av.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "free-av.de"; // SECURITY - 2009-08-17 GoodDomains[i++] = "free-av.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "free-firewall.org"; // SECURITY - 2009-09-15 GoodDomains[i++] = ".free-graphics.com"; GoodDomains[i++] = "freenet-homepage.de"; GoodDomains[i++] = "freepatentsonline.com"; GoodDomains[i++] = "freenode.net"; GoodDomains[i++] = "freeos.com"; GoodDomains[i++] = "freepcsecurity.co.uk"; // 2009-07-17 GoodDomains[i++] = ".freewebs.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".freeresumeexamples.net"; GoodDomains[i++] = "garwarner.blogspot.com"; // SECURITY - 2009-11-14 GoodDomains[i++] = "gdata.de"; // SECURITY - 2009-08-17 GoodDomains[i++] = "gdata.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "geekgirlsguide.com"; // girls - 2010-01-01 GoodDomains[i++] = "gnome.org"; // live GoodDomains[i++] = ".godaddy.com"; // Phish - 2009-12-07 GoodDomains[i++] = "google.com"; // Phish - 2009-12-10 GoodDomains[i++] = "googlepages.com"; // Phish - 2009-12-10 GoodDomains[i++] = ".gov"; GoodDomains[i++] = "grisoft.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "grisoft.cz"; // SECURITY - 2009-08-17 GoodDomains[i++] = "hacker-tracker.com"; // tracker - 2009-10-27 GoodDomains[i++] = "haloscan.com"; // scan - 2009-08-03 GoodDomains[i++] = ".homestead.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".hostgator.com"; // Phish - 2009-12-08 GoodDomains[i++] = ".hostmonster.com"; // Phish - 2009-12-07 GoodDomains[i++] = "hosts-file.net"; // 2009-08-03 GoodDomains[i++] = "hostsfile.org"; // Phish - 2009-12-07 GoodDomains[i++] = "hotmail.com"; GoodDomains[i++] = "hotwire.com"; GoodDomains[i++] = ".hp.com"; // 17 & 18 GoodDomains[i++] = ".hsbc.co.uk"; // Phish - 2010-01-19 GoodDomains[i++] = ".hulu.com"; // thumb US-only GoodDomains[i++] = "humanarxplans.com"; // SPAM - 2009-12-22 GoodDomains[i++] = "i.i.com.com"; // cock - 2009-11-07 GoodDomains[i++] = ".images-amazon.com"; GoodDomains[i++] = ".imageshack.us"; // 17 & 18 GoodDomains[i++] = "imdb.com"; GoodDomains[i++] = "intermountainlive.org"; GoodDomains[i++] = "internetfilter.com"; // Security - 2009-11-25 GoodDomains[i++] = "irs.gov"; // Phish - 2009-11-15 GoodDomains[i++] = "indigipix.com"; GoodDomains[i++] = "java.com"; // java_v - 2010-01-12 GoodDomains[i++] = "javacoolsoftware.com"; GoodDomains[i++] = ".jeeran.com"; // Phish - 2009-12-07 GoodDomains[i++] = "jetico.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "jotti.org"; // scan - 2009-05-07 GoodDomains[i++] = "kaspersky-labs.com"; // SECURITY - 2009-10-28 GoodDomains[i++] = "kaspersky-labs.org"; // SECURITY - 2009-08-17 GoodDomains[i++] = "kaspersky.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "kaspersky.com.cn"; // SECURITY - 2009-08-18 GoodDomains[i++] = "kaspersky.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "kaspersky.ru"; // SECURITY - 2009-08-18 GoodDomains[i++] = "kerio.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "kerio.eu"; // SECURITY - 2009-08-17 GoodDomains[i++] = "kerio.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "lavasoftusa.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".live.com"; GoodDomains[i++] = "live365.com"; GoodDomains[i++] = "livejournal.com"; GoodDomains[i++] = "livejournal.ru"; // RUSSIA - 2008-12-07 GoodDomains[i++] = ".locaweb.com.br"; // Phish - 2009-12-07 GoodDomains[i++] = ".lunarpages.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".lycos.com"; // Phish - 2009-12-07 GoodDomains[i++] = "malwaredatabase.net"; // 2009-07-17 GoodDomains[i++] = "malwaredomainlist.com"; // 2009-07-17 GoodDomains[i++] = ".mastercard.com"; // Phish - 2009-12-08 GoodDomains[i++] = "mcafee.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "mcafee.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "mcafeesecurity.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".mediafire.com"; // Phish - 2009-12-07 GoodDomains[i++] = "medopinions.com"; // 2010-01-04 GoodDomains[i++] = ".microsoft.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".monster.com"; // Phish - 2009-12-08 GoodDomains[i++] = ".mozdev.org"; // block - 2009-10-30 GoodDomains[i++] = "mozilla.com"; // 2009-12-02 GoodDomains[i++] = "mozilla.org"; // 2009-12-02 GoodDomains[i++] = ".mozy.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".mqcdn.com"; // 17 & 18 GoodDomains[i++] = ".msn.com"; // hot GoodDomains[i++] = "msmvps.com"; GoodDomains[i++] = "mvps.org"; GoodDomains[i++] = "mydomain.com"; // Phish - 2009-11-23 GoodDomains[i++] = "myspace.com"; // Phish - 2009-11-15 GoodDomains[i++] = "myspacecdn.com"; // Phish - 2009-11-15 GoodDomains[i++] = "mywot.com"; // Security - 2010-01-28 GoodDomains[i++] = "nacha.org"; // Phish - 2009-11-15 GoodDomains[i++] = ".namecheap.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".nameintel.com"; // thumb - 2008-12-25 GoodDomains[i++] = "nationalgeographic.com"; // 2010-01-04 GoodDomains[i++] = ".netbenefit.co.uk"; // Phish - 2009-12-07 GoodDomains[i++] = "netfilter.org"; // Security - 2009-11-25 GoodDomains[i++] = "netsafeutah.org"; // PERSONAL RULE GoodDomains[i++] = "network54.com"; GoodDomains[i++] = "networkscanning.com"; // scan - 2009-05-07 GoodDomains[i++] = ".networksolutions.com"; // Phish - 2009-12-07 GoodDomains[i++] = "nod32.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "norton.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "npr.org"; GoodDomains[i++] = "officemax.com"; GoodDomains[i++] = "opendns.com"; // adult GoodDomains[i++] = "openoffice.org"; GoodDomains[i++] = "openx.zomoto.nl"; // openx - 2010-01-20 GoodDomains[i++] = "osnews.com"; // 2010-01-04 GoodDomains[i++] = ".over-blog.com"; // 17 & 18 GoodDomains[i++] = ".panda.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "pandaguard.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "pandasecurity.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "pandasoftware.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "pandasoftware.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".passport.com"; // hot GoodDomains[i++] = ".passport.net"; // hot GoodDomains[i++] = ".paypal.com"; // Phish - 2009-12-08 GoodDomains[i++] = ".pbs.org"; GoodDomains[i++] = "pbskids.org"; GoodDomains[i++] = "pc-cillin-zone.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "pcantivirusreviews.com"; // 2009-03-11 GoodDomains[i++] = "pctools.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "pestpatrol.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "phillips.com"; // 17 & 18 - 2008-09-07 GoodDomains[i++] = "phillips.fr"; // 17 & 18 - 2008-09-07 GoodDomains[i++] = ".photobucket.com"; // 17 & 18 GoodDomains[i++] = "pointsmartclicksafe.org"; // Advertising GoodDomains[i++] = "privacydigest.com"; GoodDomains[i++] = "proxify.com"; // Au Revoir PAC - 2009-04-26 GoodDomains[i++] = "proxy.org"; // Au Revoir PAC - 2009-04-11 GoodDomains[i++] = "quotetracker.com"; // tracker - 2009-10-27 GoodDomains[i++] = "reliantrxwa.com"; // SPAM - 2009-12-22 GoodDomains[i++] = "rlwpx.free.fr"; // Airelle GoodDomains[i++] = "rsbac.org"; // 2010-01-04 GoodDomains[i++] = "rxcareercenter.com"; // SPAM - 2009-12-22 GoodDomains[i++] = "sarc.com"; // Symantec GoodDomains[i++] = ".scanalert.com"; // scan - 2009-05-21 GoodDomains[i++] = "securemecca.com"; // Phish - 2009-12-07 GoodDomains[i++] = "securitytracker.com"; // tracker - 2009-06-23 GoodDomains[i++] = "secuser.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "secuser.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".sendspace.com"; // Phish - 2010-01-19 GoodDomains[i++] = "seventeentraditions.com"; // PERSONAL RULE GoodDomains[i++] = ".shutterstock.com"; // thumb GoodDomains[i++] = "siteadvisor.com"; GoodDomains[i++] = "siteadvisor.cn"; // 2009-01-13 GoodDomains[i++] = ".sitesell.com"; // Phish - 2009-12-07 GoodDomains[i++] = "skyangel.com"; GoodDomains[i++] = "snowleopard.org"; // 2010-01-04 GoodDomains[i++] = "sophos.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "sophos.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "sourceforge.net"; // SECURITY - 2009-08-17 GoodDomains[i++] = "spywareremove.com"; GoodDomains[i++] = "ssa.gov"; // Phish - 2009-11-26 GoodDomains[i++] = "stock-anal.com"; // anal - 2009-10-28 GoodDomains[i++] = "stopscum.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".strato.de"; // Phish - 2009-12-07 GoodDomains[i++] = "sun.com"; // java_v - 2010-01-12 GoodDomains[i++] = "sunbelt-software.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "sunbeltsoftware.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "surfcanyon.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "surfcontrol.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "sygate.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "symantec.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "symantec.com.cn"; // SECURITY - 2009-08-18 GoodDomains[i++] = "symantec.com.ru"; // SECURITY - 2009-08-18 GoodDomains[i++] = "symantec.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "symantec.ru"; // SECURITY - 2009-08-18 GoodDomains[i++] = "symantecliveupdate.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".tbs.com"; GoodDomains[i++] = ".techguy.org"; // 2009-02-23 GoodDomains[i++] = ".technet.com"; // 2009-06-13 GoodDomains[i++] = "thecodingstudio.com"; // adsense - 2010-01-12 GoodDomains[i++] = "thirteen.org"; // teen - 2010-02-08 GoodDomains[i++] = ".thumbshots.com"; GoodDomains[i++] = ".thumbshots.org"; GoodDomains[i++] = "tiaa-cref.org"; // 2010-01-04 GoodDomains[i++] = "trend-micro-zone.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "trendmicro-europe.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "trendmicro.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "trendmicrozone.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "ubuntuforums.org"; // 2010-01-04 GoodDomains[i++] = "unblockcity.org"; // Au Revoir PAC - 2009-04-14 GoodDomains[i++] = ".usaa.com"; // Phish - 2010-01-19 GoodDomains[i++] = "usbank.com"; // Phish - 2009-12-14 GoodDomains[i++] = "ustreas.gov"; // Phish - 2009-11-30 GoodDomains[i++] = ".vegas.com"; // vegas GoodDomains[i++] = "versiontracker.com"; // tracker - 2009-10-27 GoodDomains[i++] = "virginmedia.com"; GoodDomains[i++] = "virginmega.fr"; GoodDomains[i++] = "virscan.org"; // SECURITY - 2009-08-17 GoodDomains[i++] = "virus.org"; // SECURITY - 2009-08-17 GoodDomains[i++] = "virustotal.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".visa.com"; // Phish - 2009-12-08 GoodDomains[i++] = "visitlasvegas.com"; // vegas GoodDomains[i++] = "visnetic.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "washingtonpost.com"; // 2010-01-04 GoodDomains[i++] = "webbweavers.com"; // bbw GoodDomains[i++] = "webroot.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "webroot.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = ".webshots.net"; // thumb GoodDomains[i++] = "websitethumbnail.de"; // thumb - 2008-12-25 GoodDomains[i++] = ".wellsfargo.com"; // Phish - 2009-12-08 GoodDomains[i++] = "wikimedia.org"; GoodDomains[i++] = "wikipedia.org"; GoodDomains[i++] = "windowssecrets.com"; // secret - 2009-06-06 GoodDomains[i++] = "womenssportsfoundation.org"; GoodDomains[i++] = "wwwomen.com"; GoodDomains[i++] = ".yahoo.com"; // Phish - 2009-12-07 GoodDomains[i++] = ".yahooapis.com"; // Phish - 2009-12-07 GoodDomains[i++] = "youngdemocrats.net"; GoodDomains[i++] = "youngrepublicans.com"; GoodDomains[i++] = "youtube.com"; // Malware - 2009-11-17 GoodDomains[i++] = "youtube-nocookie.com"; // Malware - 2009-10-05 GoodDomains[i++] = "zeustracker.abuse.ch"; // SECURITY - 2009-11-19 GoodDomains[i++] = "zonealarm.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "zonealarm.fr"; // SECURITY - 2009-08-17 GoodDomains[i++] = "zonelabs.com"; // SECURITY - 2009-08-17 GoodDomains[i++] = "zonelabs.fr"; // SECURITY - 2009-08-17 // Add any good networks here. Format is network folowed by a comma and // optional white space, and then the netmask. var GoodNetworks = new Array(); i=0; GoodNetworks[i++] = "10.0.0.0, 255.0.0.0"; // NRIP GoodNetworks[i++] = "65.52.0.0, 255.255.252.0"; // Microsoft GoodNetworks[i++] = "192.168.0.0, 255.255.0.0"; // NRIP GoodNetworks[i++] = "169.254.0.0, 255.255.0.0"; // APIPA GoodNetworks[i++] = "127.0.0.0, 255.0.0.0"; // LOOPBACK GoodNetworks[i++] = "172.16.0.0, 255.240.0.0"; // NRIP // Add any bad networks here. Format is network folowed by a comma and // optional white space, and then the netmask. var BadNetworks = new Array(); i=0; BadNetworks[i++] = "61.129.48.64, 255.255.255.128"; // imrworldwide_04 - 2008-11-21 BadNetworks[i++] = "61.139.105.128, 255.255.255.192"; // WAN-SCAN - 2009-04-18 BadNetworks[i++] = "61.143.211.187, 255.255.255.255"; // Pseudo-Park-1 - 2009-06-29 BadNetworks[i++] = "61.152.112.60, 255.255.255.128"; // imrworldwide_08 - 2008-11-21 BadNetworks[i++] = "61.213.156.128, 255.255.255.224"; // imrworldwide_10 - 2008-11-21 BadNetworks[i++] = "62.161.94.0, 255.255.255.0"; // xiti.com_1 - 2009-06-19 BadNetworks[i++] = "62.189.244.224, 255.255.255.224"; // imrworldwide_06 - 2008-11-21 BadNetworks[i++] = "64.58.80.0, 255.255.254.0"; // REALMEDIA-1 - 2009-02-23 BadNetworks[i++] = "64.74.197.0, 255.255.255.0"; // YOUR CHOICE ADBUREAU-1 - 2009-04-10 BadNetworks[i++] = "64.94.137.0, 255.255.255.128"; // ZANGO1 - 2009-06-19 BadNetworks[i++] = "64.111.196.117, 255.255.255.255"; // HASH REDIR - 2009-08-21 BadNetworks[i++] = "64.154.80.0, 255.255.248.0"; // YOUR CHOICE HITBOX - 2009-09-15 BadNetworks[i++] = "64.191.218.0, 255.255.254.0"; // REALMEDIA-2 - 2009-02-23 BadNetworks[i++] = "64.237.103.151, 255.255.255.255"; // adjuggler.com - 2008-11-30 BadNetworks[i++] = "65.243.103.55, 255.255.255.255"; // landings.trafficz.com FE - 2009-01-14 // next rule - all *.*toolbar.com hosts redirect to hosting.conduit.com BadNetworks[i++] = "66.77.197.154, 255.255.255.255"; // 2008-11-24 BadNetworks[i++] = "66.150.14.0, 255.255.255.128"; // ZANGO2 - 2009-06-19 // BadNetworks[i++] = "66.150.161.44, 255.255.255.255"; // PARKFUNNEL - 2008-09-21 BadNetworks[i++] = "66.150.161.32, 255.255.255.224"; // PARKFUNNEL - 2009-06-19 BadNetworks[i++] = "66.150.208.0, 255.255.255.0"; // 2o7.net - 2008-09-03 BadNetworks[i++] = "66.150.217.0, 255.255.255.224"; // 2o7.net - 2008-09-03 BadNetworks[i++] = "66.151.152.0, 255.255.255.0"; // 2o7.net - 2008-09-03 BadNetworks[i++] = "66.151.244.0, 255.255.255.0"; // 2o7.net - 2008-09-03 BadNetworks[i++] = "66.220.17.0, 255.255.255.0"; // Malware (LOP) - 2009-06-19 // 66.235.128.0 ... 66.235.159.255 // BadNetworks[i++] = "66.235.132.0, 255.255.254.0"; // 2o7.net - 2008-09-03 // BadNetworks[i++] = "66.235.142.0, 255.255.254.0"; // 2o7.net - 2008-09-14 BadNetworks[i++] = "66.235.128.0, 255.255.224.0"; // 2o7.net - 2008-11-04 BadNetworks[i++] = "67.191.128.0, 255.255.192.0"; // Comcast PCs - 2009-12-25 (tmp) // BadNetworks[i++] = "69.25.47.166, 255.255.255.255"; // PARKFUNNEL - 2008-09-21 BadNetworks[i++] = "69.25.47.160, 255.255.255.224"; // PARKFUNNEL - 2009-06-19 BadNetworks[i++] = "69.72.142.98, 255.255.255.255"; // wfb.zoneedit.com-1 2009-02-14 BadNetworks[i++] = "69.80.200.192, 255.255.255.192"; // imrworldwide_11 - 2008-11-21 BadNetworks[i++] = "76.9.16.144, 255.255.255.240"; // HASH REDIR - 2009-09-10 BadNetworks[i++] = "80.13.0.0, 255.255.0.0"; // Wanadoo PCs - 2010-01-14 BadNetworks[i++] = "80.80.13.192, 255.255.255.192"; // imrworldwide_01 - 2008-11-21 BadNetworks[i++] = "80.118.149.0, 255.255.255.0"; // xiti.com_2 - 2009-06-19 BadNetworks[i++] = "81.31.38.0, 255.255.255.128"; // PORN exmasters.com-1 - 2009-06-19 BadNetworks[i++] = "84.52.156.0, 255.255.255.0"; // WAN-SCAN - 2009-04-23 BadNetworks[i++] = "89.185.228.0, 255.255.254.0"; // PORN exmasters.com-2 - 2009-06-19 BadNetworks[i++] = "122.170.0.0, 255.255.128.0"; // ABTS-WEST-DSL PCs - 2010-01-12 BadNetworks[i++] = "128.241.21.0, 255.255.255.0"; // 2o7.net - 2008-09-03 BadNetworks[i++] = "128.242.100.0, 255.255.255.224"; // 2o7.net - 2008-09-03 BadNetworks[i++] = "128.242.125.0, 255.255.255.0"; // 2o7.net - 2008-09-03 BadNetworks[i++] = "130.117.119.0, 255.255.255.0"; // xiti.com_3 - 2009-06-19 BadNetworks[i++] = "159.54.239.0, 255.255.255.128"; // gcirm - 2009-06-19 BadNetworks[i++] = "168.75.66.156, 255.255.255.254"; // hittail - 2009-06-19 BadNetworks[i++] = "188.32.0.2, 255.255.255.255"; // Pseudo-Park-4 - 2009-06-29 BadNetworks[i++] = "193.110.146.68, 255.255.255.254"; // PORN Malware - 2008-11-30 BadNetworks[i++] = "193.110.146.70, 255.255.255.255"; // PORN Malware - 2008-11-30 BadNetworks[i++] = "195.10.6.225, 255.255.255.255"; // scripts.dlv4.com - 2009-01-05 BadNetworks[i++] = "195.10.6.0, 255.255.255.0"; // PORN 004 - 2009-06-19 BadNetworks[i++] = "203.21.27.0, 255.255.255.224"; // imrworldwide_12 - 2008-11-21 BadNetworks[i++] = "203.166.18.0, 255.255.255.0"; // imrworldwide_02 - 2008-11-21 BadNetworks[i++] = "207.66.153.90, 255.255.255.254"; // flyingcroc - 2010-02-12 BadNetworks[i++] = "203.166.110.160, 255.255.255.224"; // imrworldwide_07 - 2008-11-21 BadNetworks[i++] = "208.71.120.0, 255.255.248.0"; // YOUR CHOICE REALMEDIA-3 - 2009-02-23 BadNetworks[i++] = "208.81.232.0, 255.255.252.0"; // YOUR CHOICE REALMEDIA-5 - 2010-01-20 BadNetworks[i++] = "208.184.36.64, 255.255.255.224"; // imrworldwide_14 - 2008-11-21 BadNetworks[i++] = "210.51.186.0, 255.255.255.128"; // imrworldwide_09 - 2008-11-21 BadNetworks[i++] = "210.80.139.0, 255.255.255.0"; // imrworldwide_05 - 2008-11-21 BadNetworks[i++] = "210.80.177.0, 255.255.255.0"; // imrworldwide_03 - 2008-11-21 BadNetworks[i++] = "212.95.58.115, 255.255.255.255"; // DNSWCD mybeliefs.info - 2009-11-15 BadNetworks[i++] = "212.95.58.121, 255.255.255.255"; // DNSWCD wegoodentertainment.info - 2009-11-15 BadNetworks[i++] = "212.113.31.48, 255.255.255.248"; // YOUR CHOICE REALMEDIA-4 - 2009-02-23 BadNetworks[i++] = "212.239.41.96, 255.255.255.224"; // imrworldwide_13 - 2008-11-21 BadNetworks[i++] = "216.52.17.0, 255.255.255.0"; // 2o7.net - 2008-09-03 BadNetworks[i++] = "216.65.41.185, 255.255.255.255"; // OWNBOX FE TYPO BadNetworks[i++] = "216.65.41.188, 255.255.255.255"; // OWNBOX FE TYPO BadNetworks[i++] = "216.98.141.250, 255.255.255.255"; // wfb.zoneedit.com-2 2009-02-14 BadNetworks[i++] = "216.200.199.0, 255.255.255.0"; // BPATH - 2009-06-17 BadNetworks[i++] = "221.231.137.94, 255.255.255.255"; // Pseudo-Park-2 - 2009-06-29 BadNetworks[i++] = "222.191.251.143, 255.255.255.255"; // Pseudo-Park-3 - 2009-06-29 // If the host name ends with any of the following domains the // FindProxyForURL function will reject it unless it was previously // matched by any of the GoodDomains or the IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *END* OF THIS ARRAY var BadDomains = new Array(); i=0; BadDomains[i++] = ".0catch.com"; // AdServer - 2009-06-16 BadDomains[i++] = ".15x.net"; // Tracker BadDomains[i++] = ".247realmedia.com"; // AdServer BadDomains[i++] = ".2o7.net"; // Tracker - 2010-03-12 BadDomains[i++] = ".3322.org"; // Malware - 2008-12-14 BadDomains[i++] = ".51yes.com"; // Tracker BadDomains[i++] = ".8866.org"; // Malware - 2008-12-14 BadDomains[i++] = ".a013.com"; // DNSWCD Malware - 2009-11-03 BadDomains[i++] = ".adbureau.net"; // AdServer BadDomains[i++] = ".adgardener.com"; // AdServer BadDomains[i++] = ".adisn.com"; // Tracker - 2009-08-19 BadDomains[i++] = ".adjuggler.com"; // AdServer - 2009-11-28 BadDomains[i++] = ".adjuggler.net"; // YOUR CHOICE AdServer - 2009-11-28 BadDomains[i++] = ".adskape.ru"; // DNSWCD AdServer - 2009-01-26 BadDomains[i++] = ".adtech.de"; // AdServer BadDomains[i++] = ".adtech.fr"; // AdServer BadDomains[i++] = ".advance.net"; // AdServer - 2009-11-03 BadDomains[i++] = ".advertising.com"; // AdServer BadDomains[i++] = ".advertserve.com"; // AdServer BadDomains[i++] = ".alexametrics.com"; // Tracker - 2009-10-05 BadDomains[i++] = ".asklots.com"; // DNSWCD AdServer - 2010-02-05 BadDomains[i++] = ".axelsfun.com"; // AdServer BadDomains[i++] = ".axf8.net"; // DNSWCD Tracker - 2009-05-25 BadDomains[i++] = ".bangbros1.com"; // PORN BadDomains[i++] = ".banner-count.com"; // DNSWCD MalWare - 2009-06-08 BadDomains[i++] = ".bidsystem.com"; // AdServer / Tracker - 2009-08-24 BadDomains[i++] = ".bigmir.net"; // AdServer - WebBug BadDomains[i++] = ".blogbugs.org"; // PORN BadDomains[i++] = ".blogtur.com"; // PORN BadDomains[i++] = ".blueseek.com"; // DNSWCD - WebBug - 2009-01-22 BadDomains[i++] = ".bravenet.com"; // Tracker BadDomains[i++] = ".ccbill.com"; // DNSWCD Tracker - 2009-03-30 BadDomains[i++] = ".checkm8.com"; // Tracker - 2010-01-14 BadDomains[i++] = ".cjb.net"; // PORN - MalWare BadDomains[i++] = ".clearblogsonline.com"; // PORN BadDomains[i++] = ".click-new-download.com"; // P2P - 2009-03-24 BadDomains[i++] = "click.alertsweb.com"; // DNSWCD Tracker - 2009-08-28 BadDomains[i++] = ".clickability.com"; // Tracker - 2009-01-30 BadDomains[i++] = ".clickbank.net"; // DNSWCD Tracker - 2009-01-06 BadDomains[i++] = ".clickintext.net"; // DNSWCD Tracker - 2009-05-19 BadDomains[i++] = ".clickshield.net"; // DNSWCD Tracker - 2010-01-09 BadDomains[i++] = ".clicktale.net"; // Tracker - 2009-10-26 BadDomains[i++] = ".clickzs.com"; // Tracker BadDomains[i++] = ".cn"; // YOUR CHOICE - MalWare BadDomains[i++] = ".cnzz.com"; // Tracker BadDomains[i++] = ".cqcounter.com"; // DNSWCD Tracker - 2008-12-18 BadDomains[i++] = ".crwdcntrl.net"; // AdServer - 2010-02-05 BadDomains[i++] = ".da.ru"; // PORN BadDomains[i++] = ".ddfdn.biz"; // PORN BadDomains[i++] = ".deluxepass.com"; // PORN - 2009-11-03 BadDomains[i++] = ".directtrack.com"; // Tracker BadDomains[i++] = ".dynamic.dol.ru"; // AdServer - 2009-11-03 BadDomains[i++] = ".erasercash.com"; // DNSWCD AdServer - 2008-11-28 BadDomains[i++] = ".everesttech.net"; // WebBug BadDomains[i++] = ".exmasters.com"; // PORN - MalWare BadDomains[i++] = ".extreme-dm.com"; // Tracker BadDomains[i++] = ".ezboard.com"; // AdServer - 2010-02-12 BadDomains[i++] = ".falkag.net"; // Tracker BadDomains[i++] = ".fastclick.net"; // Tracker - SpyWare BadDomains[i++] = ".filter.oridianppc.com"; // MalWare - 2009-09-02 BadDomains[i++] = ".g.ak.nbci.com"; // AdTracker - 2009-01-08 BadDomains[i++] = ".gcion.com"; // Tracker - 2009-06-01 BadDomains[i++] = ".gemius.pl"; // WebBug - Tracker BadDomains[i++] = ".gostats.com"; // Tracker BadDomains[i++] = ".hitbox.com"; // Tracker BadDomains[i++] = ".hittail.com"; // DNSWCD AdServer - 2009-06-19 BadDomains[i++] = ".hopfeed.com"; // DNSWCD Tracker - 2010-02-05 BadDomains[i++] = ".hotbar.com"; // AdWare BadDomains[i++] = ".hotlog.ru"; // DNSWCD Tracker - 2008-12-18 BadDomains[i++] = ".hotwords.com.br"; // DNSWCD AdServer - 2009-11-07 BadDomains[i++] = ".hpg.com.br"; // DNSWCD AdServer BadDomains[i++] = ".imgis.com"; // DNSWCD AdServer - 2008-11-28 BadDomains[i++] = ".imrworldwide.com"; // Nielsen Ratings Tracker BadDomains[i++] = ".insightexpressai.com"; // Tracker BadDomains[i++] = ".intellitxt.com"; // Tracker BadDomains[i++] = ".internetserviceteam.com"; // DNSWCD Malware - 2009-06-06 BadDomains[i++] = ".iperceptions.com"; // Tracker - 2009-09-07 BadDomains[i++] = ".ivwbox.de"; // Tracker - (some) WebBug BadDomains[i++] = ".l2m.net"; // DNSWCD - Tracker - WebBug BadDomains[i++] = ".linkbucks.com"; // DNSWCD WebBug - 2009-11-20 BadDomains[i++] = ".links.channelintelligence.com"; // Tracker - 2009-11-03 BadDomains[i++] = ".list.ru"; // WebBug BadDomains[i++] = ".liveadvert.com"; // AdServer BadDomains[i++] = ".liveperson.net"; // Tracker - WebBug BadDomains[i++] = ".masterstats.com"; // Tracker BadDomains[i++] = ".maxserving.com"; // Tracker BadDomains[i++] = ".metriweb.be"; // Tracker BadDomains[i++] = ".misstrends.com"; // Tracker BadDomains[i++] = ".miva.com"; // Malware - 2008-12-08 BadDomains[i++] = ".mochiads.com"; // DNSWCD AdServer - 2009-12-26 BadDomains[i++] = ".movcab.yi.org"; // TMP Malware - 2009-01-10 BadDomains[i++] = ".mybeliefs.info"; // DNSWCD - WebBug - 2009-06-22 BadDomains[i++] = ".mycomputer.com"; // Tracker - 2009-01-12 BadDomains[i++] = ".mystat-in.net"; // DNSWCD - Tracker BadDomains[i++] = ".mylongtail.com"; // DNSWCD - Tracker BadDomains[i++] = ".netlog.com"; // DNSWCD - Tracker - 2009-04-26 BadDomains[i++] = ".offermatica.com"; // Tracker BadDomains[i++] = ".omtrdc.net"; // Tracker - 2009-08-19 BadDomains[i++] = ".openclick.com"; // Tracker BadDomains[i++] = ".opentracker.net"; // Tracker BadDomains[i++] = ".openx.net"; // Tracker - 2010-01-20 BadDomains[i++] = ".openx.org"; // Tracker - 2010-01-20 BadDomains[i++] = ".origin.channelintelligence.com"; // Tracker - 2009-11-03 BadDomains[i++] = ".outster.com"; // Tracker - Spyware BadDomains[i++] = ".overture.com"; // Tracker BadDomains[i++] = ".partie-privee.com"; // PORN - 2009-11-03 BadDomains[i++] = ".paycount.com"; // DNSWCD Tracker -2009-01-10 BadDomains[i++] = ".paypopup.com"; // DNSWCD Tracker - 2009-12-04 BadDomains[i++] = ".p0rt2.com"; // DNSWCD - MalWare BadDomains[i++] = ".pochta.ru"; // MalWare - 2009-11-03 BadDomains[i++] = ".popunder.ru"; // DNSWCD - WebBug BadDomains[i++] = ".primosearch.com"; // DNSWCD - WebBug - 2009-01-22 BadDomains[i++] = ".rdr.channelintelligence.com"; // Tracker - 2009-11-03 BadDomains[i++] = ".realtracker.com"; // Tracker BadDomains[i++] = ".richrelevance.com"; // AdServer Tracker - 2009-11-23 // BadDomains[i++] = ".ru"; // YOUR CHOICE - MalWare BadDomains[i++] = ".ru4.com"; // Tracker BadDomains[i++] = ".seekmo.com"; // DNSWCD - MalWare BadDomains[i++] = ".sexcounter.com"; // Tracker BadDomains[i++] = ".sitemeter.com"; // WebBug - Tracker BadDomains[i++] = ".sitestat.com"; // Tracker BadDomains[i++] = ".sitestats.com"; // Tracker BadDomains[i++] = ".sitetracker.com"; // Tracker BadDomains[i++] = ".smarttargetting.com"; // Tracker - 2008-12-25 BadDomains[i++] = ".smtp.ru"; // DNSWCD Malware - 2009-06-20 BadDomains[i++] = ".spylog.com"; // Tracker - WebBug BadDomains[i++] = ".statcounter.com"; // Tracker - WebBug BadDomains[i++] = ".superstats.com"; // Tracker BadDomains[i++] = ".thumblogger.com"; // PORN - 2009-11-03 BadDomains[i++] = "toolbar.com"; // DNSWCDs - *.*toolbar.com BadDomains[i++] = ".tradedoubler.com"; // Tracker - WebBug BadDomains[i++] = ".trackalyzer.com"; // Tracker - 2009-11-30 BadDomains[i++] = ".tribalfusion.com"; // Tracker BadDomains[i++] = ".vizu.com"; // DNSWCD Tracker - 2010-01-19 BadDomains[i++] = ".wegoodentertainment.info"; // DNSWCD - WebBug - 2009-11-16 BadDomains[i++] = ".wemfbox.ch"; // WebBug - 2010-01-12 BadDomains[i++] = ".x-traceur.com"; // Tracker BadDomains[i++] = ".x0.nl"; // DNSWCD - MalWare BadDomains[i++] = ".xiti.com"; // Tracker - WebBug - 2009-06-19 BadDomains[i++] = ".zango.com"; // DNSWCD - WebBug BadDomains[i++] = ".zedo.com"; // Tracker - WebBug // If any of the following BadURL_Parts show up anywhere in the URL // the FindProxyForURL will reject it unless the resulting IP is // in a safe range. You can put REGEXPs anywhere you want here. var BadURL_Parts = new Array(); i=0; BadURL_Parts[i++] = "2\.2\.2\.[(0|1)]\.cab"; // Malware - 2009-12-06 BadURL_Parts[i++] = "adcheck\.fcgi"; // YOUR CHOICE Tracker - 2009-11-16 BadURL_Parts[i++] = "adproducts"; // AdServer - 2009-04-27 BadURL_Parts[i++] = "adrevolver"; // AdServer - 2009-04-27 BadURL_Parts[i++] = "ads\.js"; // Tracker - 2009-10-26 BadURL_Parts[i++] = "ads\.php"; // YOUR CHOICE Tracker - 2009-11-07 BadURL_Parts[i++] = "[^e]adult"; // Malware - 2010-02-25 BadURL_Parts[i++] = "amatrice"; BadURL_Parts[i++] = "amatuer"; BadURL_Parts[i++] = "amatur"; BadURL_Parts[i++] = "analsex"; BadURL_Parts[i++] = "analytics.sol"; // Tracker - 2010-01-12 BadURL_Parts[i++] = "av2009"; // Rogue-Ware 2009-03-28 BadURL_Parts[i++] = "av2010"; // Rogue-Ware 2009-12-18 BadURL_Parts[i++] = "[^blmprsvw]ass[^eiou]"; // YOUR CHOICE BadURL_Parts[i++] = "babes"; BadURL_Parts[i++] = "backdoor"; BadURL_Parts[i++] = "backseat"; BadURL_Parts[i++] = "baise"; BadURL_Parts[i++] = "banned"; BadURL_Parts[i++] = "bang-bus"; BadURL_Parts[i++] = "bangbus"; BadURL_Parts[i++] = "bange"; BadURL_Parts[i++] = "banging"; BadURL_Parts[i++] = "bareback"; BadURL_Parts[i++] = "barely-legal"; BadURL_Parts[i++] = "barelylegal"; BadURL_Parts[i++] = "bbw"; BadURL_Parts[i++] = "bdsm"; BadURL_Parts[i++] = "beauties"; BadURL_Parts[i++] = "beastial"; BadURL_Parts[i++] = "beaver"; BadURL_Parts[i++] = "behaviorads"; // AdServer - 2009-12-17 BadURL_Parts[i++] = "belle"; BadURL_Parts[i++] = "bestial"; BadURL_Parts[i++] = "bigtit[^l]"; BadURL_Parts[i++] = "bikini"; BadURL_Parts[i++] = "bisex"; BadURL_Parts[i++] = "bitch"; BadURL_Parts[i++] = "bizar"; BadURL_Parts[i++] = "bizzar"; BadURL_Parts[i++] = "blonde"; BadURL_Parts[i++] = "blowjob"; BadURL_Parts[i++] = "bondage"; BadURL_Parts[i++] = "boner"; BadURL_Parts[i++] = "boobs"; BadURL_Parts[i++] = "breast"; BadURL_Parts[i++] = "bukkake"; BadURL_Parts[i++] = "busty"; BadURL_Parts[i++] = "cardstatement\.exe"; // Phish - 2009-12-22 BadURL_Parts[i++] = "centerfold"; BadURL_Parts[i++] = "chaude"; BadURL_Parts[i++] = "cheating"; BadURL_Parts[i++] = "chicas"; BadURL_Parts[i++] = "chicks"; BadURL_Parts[i++] = "chicos"; BadURL_Parts[i++] = "chik"; BadURL_Parts[i++] = "chix"; BadURL_Parts[i++] = "chubby"; BadURL_Parts[i++] = "clit"; BadURL_Parts[i++] = "[^ehn]cock[^t]"; // Malware - 2010-02-05 BadURL_Parts[i++] = "coeds"; BadURL_Parts[i++] = "coremetrics"; // Tracker - 2009-11-23 BadURL_Parts[i++] = "counter\.[(c|j)]"; // YOUR CHOICE Tracker - 2009-11-16 BadURL_Parts[i++] = "crazy"; BadURL_Parts[i++] = "creampie"; BadURL_Parts[i++] = "[^aeilnors]cul[^it]"; // YOUR CHOICE BadURL_Parts[i++] = "culotte"; BadURL_Parts[i++] = "cumshot"; BadURL_Parts[i++] = "cunt"; BadURL_Parts[i++] = "dating"; BadURL_Parts[i++] = "dblclick"; // AdServer - 2009-09-04 BadURL_Parts[i++] = "deepthroat"; BadURL_Parts[i++] = "desire"; BadURL_Parts[i++] = "dicks"; BadURL_Parts[i++] = "dildo"; BadURL_Parts[i++] = "doubleclick"; // AdServer - 2009-09-04 BadURL_Parts[i++] = "dreamgirl"; BadURL_Parts[i++] = "drunk"; BadURL_Parts[i++] = "dykes"; BadURL_Parts[i++] = "ebony"; BadURL_Parts[i++] = "ejacula"; BadURL_Parts[i++] = "eluminate"; // YOUR CHOICE Tracker - 2009-11-16 BadURL_Parts[i++] = "erection"; BadURL_Parts[i++] = "eroti"; BadURL_Parts[i++] = "escorts"; BadURL_Parts[i++] = "exotic"; BadURL_Parts[i++] = "explicit"; BadURL_Parts[i++] = "exploited"; // YOUR CHOICE - 2009-10-28 BadURL_Parts[i++] = "exposed"; BadURL_Parts[i++] = "facial"; BadURL_Parts[i++] = "famosas"; BadURL_Parts[i++] = "fantas"; BadURL_Parts[i++] = "fellatio"; BadURL_Parts[i++] = "females"; BadURL_Parts[i++] = "femdom"; BadURL_Parts[i++] = "femme"; BadURL_Parts[i++] = "fetiche"; BadURL_Parts[i++] = "fetisch"; BadURL_Parts[i++] = "fetish"; BadURL_Parts[i++] = "ficken"; BadURL_Parts[i++] = "fingering"; BadURL_Parts[i++] = "fisting"; BadURL_Parts[i++] = "flasher"; BadURL_Parts[i++] = "flashing"; BadURL_Parts[i++] = "flesh"; BadURL_Parts[i++] = "forbidden"; BadURL_Parts[i++] = "foxy"; BadURL_Parts[i++] = "ftv"; BadURL_Parts[i++] = "fuck"; BadURL_Parts[i++] = "galeri"; BadURL_Parts[i++] = "galls"; BadURL_Parts[i++] = "gang-bang"; BadURL_Parts[i++] = "gangbang"; BadURL_Parts[i++] = "gecock"; // Malware - 2009-12-02 BadURL_Parts[i++] = "geile"; BadURL_Parts[i++] = "geisha"; BadURL_Parts[i++] = "girlfriend"; BadURL_Parts[i++] = "glamour"; BadURL_Parts[i++] = "gloryhole"; BadURL_Parts[i++] = "goddess"; BadURL_Parts[i++] = "goldenshower"; BadURL_Parts[i++] = "googlead"; // YOUR CHOICE AdServer - 2009-11-16 BadURL_Parts[i++] = "grannie"; BadURL_Parts[i++] = "granny"; BadURL_Parts[i++] = "groupsex"; BadURL_Parts[i++] = "gyn[(e|o)]"; BadURL_Parts[i++] = "hairy"; BadURL_Parts[i++] = "handjob"; BadURL_Parts[i++] = "hardcore"; BadURL_Parts[i++] = "hardon"; BadURL_Parts[i++] = "hentai"; BadURL_Parts[i++] = "heterosex"; BadURL_Parts[i++] = "hidden-cam"; BadURL_Parts[i++] = "hiddencam"; BadURL_Parts[i++] = "hirsute"; BadURL_Parts[i++] = "homos"; BadURL_Parts[i++] = "honeys"; BadURL_Parts[i++] = "hooker"; BadURL_Parts[i++] = "hooter"; BadURL_Parts[i++] = "horney"; BadURL_Parts[i++] = "horny"; BadURL_Parts[i++] = "hottie"; BadURL_Parts[i++] = "hotty"; BadURL_Parts[i++] = "huge"; BadURL_Parts[i++] = "[^c]hunk"; BadURL_Parts[i++] = "huren"; BadURL_Parts[i++] = "huss[(i|y)]"; BadURL_Parts[i++] = "hustler"; BadURL_Parts[i++] = "incest"; BadURL_Parts[i++] = "indextools\.js"; // Tracker - 2009-09-11 BadURL_Parts[i++] = "innocent"; BadURL_Parts[i++] = "interacial"; BadURL_Parts[i++] = "intercourse"; BadURL_Parts[i++] = "interracial"; BadURL_Parts[i++] = "intimate"; BadURL_Parts[i++] = "jackoff"; BadURL_Parts[i++] = "java_v\."; // Malware - 2010-01-12 BadURL_Parts[i++] = "jeune"; BadURL_Parts[i++] = "jiz"; BadURL_Parts[i++] = "joven"; BadURL_Parts[i++] = "juicy"; BadURL_Parts[i++] = "junge"; BadURL_Parts[i++] = "karup"; BadURL_Parts[i++] = "kinky"; BadURL_Parts[i++] = "lesbi"; BadURL_Parts[i++] = "lesbo"; BadURL_Parts[i++] = "libertine"; BadURL_Parts[i++] = "libido"; BadURL_Parts[i++] = "licking"; BadURL_Parts[i++] = "lingerie"; BadURL_Parts[i++] = "livecam"; BadURL_Parts[i++] = "loglib\.js"; // YOUR CHOICE Tracker - 2009-11-16 BadURL_Parts[i++] = "lolita"; BadURL_Parts[i++] = "luscious"; BadURL_Parts[i++] = "maitresse"; BadURL_Parts[i++] = "masterbat"; BadURL_Parts[i++] = "masturba"; BadURL_Parts[i++] = "milf[^o]"; // Malware - 2009-05-24 BadURL_Parts[i++] = "mistress"; BadURL_Parts[i++] = "models"; BadURL_Parts[i++] = "mouth-ful"; BadURL_Parts[i++] = "mouthful"; BadURL_Parts[i++] = "muff"; BadURL_Parts[i++] = "mujeres"; BadURL_Parts[i++] = "mysex"; BadURL_Parts[i++] = "nackt"; BadURL_Parts[i++] = "naked"; BadURL_Parts[i++] = "[^y]nasty"; // Malware - 2009-06-01 BadURL_Parts[i++] = "ntpagetag"; // Tracker - 2009-10-05 BadURL_Parts[i++] = "naughty"; BadURL_Parts[i++] = "nipple"; BadURL_Parts[i++] = "nookie"; BadURL_Parts[i++] = "nowtrue\.swf"; // YOUR CHOICE Malware - 2010-03-05 BadURL_Parts[i++] = "nudie"; BadURL_Parts[i++] = "nudis"; BadURL_Parts[i++] = "nudit"; BadURL_Parts[i++] = "nylon"; BadURL_Parts[i++] = "nymph"; BadURL_Parts[i++] = "obgyn"; BadURL_Parts[i++] = "orgasm"; BadURL_Parts[i++] = "orgy"; BadURL_Parts[i++] = "p0rn"; BadURL_Parts[i++] = "pantie"; BadURL_Parts[i++] = "panty"; BadURL_Parts[i++] = "pdf\.pdf"; // Malware - 2010-03-05 BadURL_Parts[i++] = "pecker"; BadURL_Parts[i++] = "peeing"; BadURL_Parts[i++] = "penetration"; BadURL_Parts[i++] = "penis"; BadURL_Parts[i++] = "penthouse"; BadURL_Parts[i++] = "perky"; BadURL_Parts[i++] = "perver"; BadURL_Parts[i++] = "petite"; BadURL_Parts[i++] = "phonesex"; BadURL_Parts[i++] = "pissing"; BadURL_Parts[i++] = "piwik\.js"; // Tracker - 2009-10-13 BadURL_Parts[i++] = "playboy"; BadURL_Parts[i++] = "pleasure"; BadURL_Parts[i++] = "plumper"; BadURL_Parts[i++] = "porn"; BadURL_Parts[i++] = "preteen"; BadURL_Parts[i++] = "prostit"; BadURL_Parts[i++] = "pubic"; BadURL_Parts[i++] = "pussie"; BadURL_Parts[i++] = "pussy"; BadURL_Parts[i++] = "redhead"; BadURL_Parts[i++] = "redlight"; BadURL_Parts[i++] = "salope"; BadURL_Parts[i++] = "schoolgirl"; BadURL_Parts[i++] = "sesso"; BadURL_Parts[i++] = "seostats\.php"; // Tracker - 2009-06-26 BadURL_Parts[i++] = "sexpics"; BadURL_Parts[i++] = "sexshow"; BadURL_Parts[i++] = "sexsite"; BadURL_Parts[i++] = "sextoy"; BadURL_Parts[i++] = "sexvideo"; BadURL_Parts[i++] = "sexworld"; BadURL_Parts[i++] = "sexy"; BadURL_Parts[i++] = "shaved"; BadURL_Parts[i++] = "shemale"; BadURL_Parts[i++] = "sinful"; BadURL_Parts[i++] = "site_stats"; // Tracker - 2009-06-26 BadURL_Parts[i++] = "slave"; BadURL_Parts[i++] = "slut"; BadURL_Parts[i++] = "sms\.exe"; // Malware - 2009-04-21 BadURL_Parts[i++] = "smsreader"; // Malware - 2009-04-21 BadURL_Parts[i++] = "smokin"; BadURL_Parts[i++] = "smut"; BadURL_Parts[i++] = "snatch"; BadURL_Parts[i++] = "sodom"; BadURL_Parts[i++] = "softcore"; BadURL_Parts[i++] = "spanking"; BadURL_Parts[i++] = "sperm"; BadURL_Parts[i++] = "spunk"; BadURL_Parts[i++] = "spycam"; BadURL_Parts[i++] = "squirt"; BadURL_Parts[i++] = "starlet"; BadURL_Parts[i++] = "statement\.exe"; // Malware - 2009-11-26 BadURL_Parts[i++] = "stocking"; BadURL_Parts[i++] = "strapon"; BadURL_Parts[i++] = "stripper"; BadURL_Parts[i++] = "studs"; BadURL_Parts[i++] = "swf\.swf"; // Malware - 2010-03-05 BadURL_Parts[i++] = "swinger"; BadURL_Parts[i++] = "swinging"; BadURL_Parts[i++] = "taboo"; BadURL_Parts[i++] = "tacoda"; // AdServer - 2009-08-24 BadURL_Parts[i++] = "tecock"; // Malware - 2009-12-02 BadURL_Parts[i++] = "teenage"; BadURL_Parts[i++] = "teengirls"; BadURL_Parts[i++] = "teenie"; BadURL_Parts[i++] = "teens"; BadURL_Parts[i++] = "teeny"; BadURL_Parts[i++] = "teenz"; BadURL_Parts[i++] = "[^_k]tgp[^br]"; // Malware - 2009-06-08 BadURL_Parts[i++] = "[^a]tits"; // Malware - 2010-02-13 BadURL_Parts[i++] = "titten"; BadURL_Parts[i++] = "tittie"; BadURL_Parts[i++] = "titts"; BadURL_Parts[i++] = "titty"; BadURL_Parts[i++] = "toilet"; BadURL_Parts[i++] = "topless"; BadURL_Parts[i++] = "torture"; BadURL_Parts[i++] = "totty"; // BadURL_Parts[i++] = "[^d]track\.[(g|j|p)]"; // YOUR CHOICE Tracker - 2009-11-16 BadURL_Parts[i++] = "tracker\.[(g|j|p)]"; // YOUR CHOICE Tracker - 2009-08-14 BadURL_Parts[i++] = "tracking\.[(g|j|p)]"; // YOUR CHOICE Tracker - 2009-11-17 BadURL_Parts[i++] = "tramp"; BadURL_Parts[i++] = "trannie"; BadURL_Parts[i++] = "tranny"; BadURL_Parts[i++] = "transex"; BadURL_Parts[i++] = "transgend"; BadURL_Parts[i++] = "transparent-pixel"; // YOUR CHOICE Tracker - 2009-12-27 BadURL_Parts[i++] = "transves"; BadURL_Parts[i++] = "travesti"; BadURL_Parts[i++] = "trial\.exe"; // Malware - 2009-04-21 BadURL_Parts[i++] = "twat[^ce]"; BadURL_Parts[i++] = "twistys"; BadURL_Parts[i++] = "uncensored"; BadURL_Parts[i++] = "uncut"; BadURL_Parts[i++] = "updatetool\.exe"; // Malware - 2009-11-30 BadURL_Parts[i++] = "upskirt"; BadURL_Parts[i++] = "utm\.gif"; // Tracker - 2009-11-02 BadURL_Parts[i++] = "utm\.js"; // YOUR CHOICE Tracker - 2009-11-16 BadURL_Parts[i++] = "vagina"; BadURL_Parts[i++] = "vecock"; // Malware - 2009-12-02 BadURL_Parts[i++] = "venus"; BadURL_Parts[i++] = "viagra"; BadURL_Parts[i++] = "vibrator"; BadURL_Parts[i++] = "vierge"; BadURL_Parts[i++] = "vixen"; BadURL_Parts[i++] = "voyeur"; BadURL_Parts[i++] = "warez[^o]"; // Malware 2009-04-02 BadURL_Parts[i++] = "web-cam"; BadURL_Parts[i++] = "webcam"; BadURL_Parts[i++] = "webiqonline"; // DNSWCD Tracker - 2009-11-05 BadURL_Parts[i++] = "webtrekk\.js"; // YOUR CHOICE Tracker - 2009-11-16 BadURL_Parts[i++] = "whore"; BadURL_Parts[i++] = "wives"; BadURL_Parts[i++] = "wunderloop"; // AdServer - 2009-11-17 BadURL_Parts[i++] = "x-rated"; BadURL_Parts[i++] = "xrated"; BadURL_Parts[i++] = "zoosex"; // If the HOST name has any of the following words in it the // FindProxyForURL function will reject it unless it matched any // of the GoodDomains or the IP is in a safe range. // You can put REGEXPs anywhere you want here. var BadHostParts = new Array(); i=0; BadHostParts[i++] = "--"; BadHostParts[i++] = "123-reg\.co\.uk"; // Phish - 2009-12-07 // BadHostParts[i++] = "17"; // YOUR CHOICE // BadHostParts[i++] = "18"; // YOUR CHOICE BadHostParts[i++] = "1and1\.co\.uk"; // Phish - 2009-12-07 BadHostParts[i++] = "1and1\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "1und1\.de"; // Phish - 2009-12-07 BadHostParts[i++] = "3x"; BadHostParts[i++] = "4shared\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "50webs\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "69"; BadHostParts[i++] = "aba\.com"; // Phish - 2010-02-05 BadHostParts[i++] = "adobe\.com"; // flash-plugin - 2010-02-15 BadHostParts[i++] = "all-inkl\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "ally\.com"; // YOUR CHOICE Phish - 2009-12-03 BadHostParts[i++] = "allybank\.com"; // Phish - 2009-12-29 BadHostParts[i++] = "amateur"; // Malware - 2010-02-13 BadHostParts[i++] = "americanexpress\.com"; // Phish - 2009-12-06 BadHostParts[i++] = "[^hnrv]angel"; // Malware - 2010-01-04 BadHostParts[i++] = "angelfire\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "anony"; // PROXY YOUR CHOICE - 2009-04-18 BadHostParts[i++] = "anti-vir"; // YOUR CHOICE - 2009-12-31 BadHostParts[i++] = "antispy"; // YOUR CHOICE - 2008-12-01 BadHostParts[i++] = "antivir"; // YOUR CHOICE - 2008-12-01 BadHostParts[i++] = "aol\.com"; // Phish - 2010-02-05 BadHostParts[i++] = "arcor\.de"; // Phish - 2009-12-07 BadHostParts[i++] = "arcor-online\.net"; // Phish - 2009-12-07 BadHostParts[i++] = "around"; // PROXY YOUR CHOICE - 2009-04-18 BadHostParts[i++] = "aruba\.it"; // Phish - 2009-12-07 BadHostParts[i++] = "asian"; BadHostParts[i++] = "awardspace\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "bannerad"; // AdServer - 2009-05-28 BadHostParts[i++] = "babylon"; BadHostParts[i++] = "bbva\.es"; // Phish - 2009-12-22 BadHostParts[i++] = "beast"; // BadHostParts[i++] = "block"; // PROXY YOUR CHOICE - 2009-04-18 BadHostParts[i++] = "bluehost\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "boob"; BadHostParts[i++] = "booty"; BadHostParts[i++] = "boys"; BadHostParts[i++] = "boyz"; BadHostParts[i++] = "butt[^eor]"; BadHostParts[i++] = "bypass"; // PROXY BadHostParts[i++] = "casalemedia"; // AdServer - 2009-04-27 BadHostParts[i++] = "casino"; // GAMBLING RULE BadHostParts[i++] = "cdc\.gov"; // Phish - 2009-12-03 BadHostParts[i++] = "celeb"; // Malware - 2008-12-07 BadHostParts[i++] = "chase\.com"; // YOUR CHOICE Phish - 2009-12-03 BadHostParts[i++] = "chaseonline\.chase\.com"; // Phish - 2009-11-30 BadHostParts[i++] = "cheat"; BadHostParts[i++] = "cheerlead"; BadHostParts[i++] = "cherry"; BadHostParts[i++] = "cloak"; // PROXY BadHostParts[i++] = "codec"; // YOUR CHOICE - TROJAN // BadHostParts[i++] = "cool"; // YOUR CHOICE BadHostParts[i++] = "[^nt]dame"; // tdameritrade.com BadHostParts[i++] = "dirt"; BadHostParts[i++] = "discovercard"; // Phish - 2009-11-23 BadHostParts[i++] = "donne"; BadHostParts[i++] = "dotster\.com"; // Phish - 2009-12-19 BadHostParts[i++] = "dreamhost\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "dynadot\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "earthlink\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "ebay\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "ebayimg\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "ebayrtm\.com"; // Phish - 2010-01-14 BadHostParts[i++] = "ebaystatic\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "exponential"; // AdServer - 2009-04-27 BadHostParts[i++] = "extrem"; BadHostParts[i++] = "facebook"; // Phish - 2009-11-15 BadHostParts[i++] = "fasthosts\.co\.uk"; // Phish - 2009-12-07 BadHostParts[i++] = "fdic\.gov"; // YOUR CHOICE Phish - 2009-12-03 BadHostParts[i++] = "fhg"; BadHostParts[i++] = "fille"; BadHostParts[i++] = "finger"; BadHostParts[i++] = "firewall"; // PROXY YOUR CHOICE - 2009-04-18 BadHostParts[i++] = "flirt"; // BadHostParts[i++] = "[^g]free[^bdz]"; // YOUR CHOICE - 2009-05-07 BadHostParts[i++] = "freewebs\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "friendfinder"; BadHostParts[i++] = "galleri"; BadHostParts[i++] = "gallery"; BadHostParts[i++] = "gay"; BadHostParts[i++] = "getpast"; // PROXY BadHostParts[i++] = "girls"; BadHostParts[i++] = "girlz"; BadHostParts[i++] = "godaddy\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "google\.com"; // Phish - 2009-12-10 BadHostParts[i++] = "googlepages\.com"; // Phish - 2009-12-10 BadHostParts[i++] = "hidden"; // PROXY BadHostParts[i++] = "hide"; // PROXY YOUR CHOICE BadHostParts[i++] = "[^w]hole"; BadHostParts[i++] = "homestead\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "hostgator\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "hostmonster\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "hostsfile\.org"; // Phish - 2009-12-07 BadHostParts[i++] = "hsbc\.co\.uk"; // Phish - 2010-01-19 BadHostParts[i++] = "invisible"; // PROXY BadHostParts[i++] = "irs\.gov"; // YOUR CHOICE Phish - 2009-12-03 BadHostParts[i++] = "jeeran\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "kazaa"; // P2P YOUR CHOICE BadHostParts[i++] = "kontera"; // AdServer - 2009-04-27 BadHostParts[i++] = "locaweb\.com\.br"; // Phish - 2009-12-07 BadHostParts[i++] = "lunarpages\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "[^cl]lust"; BadHostParts[i++] = "lycos\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "mastercard\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "mature"; BadHostParts[i++] = "mediafire\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "microsoft\.com"; // SpearPhish - 2010-01-19 BadHostParts[i++] = "monster\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "mozy\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "mydomain"; // Phish - 2009-11-23 BadHostParts[i++] = "myspace"; // Phish - 2009-11-15 BadHostParts[i++] = "nacha\.org"; // YOUR CHOICE Phish - 2009-12-03 BadHostParts[i++] = "namecheap\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "netbenefit\.co\.uk"; // Phish - 2009-12-07 BadHostParts[i++] = "networksolutions\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "nude"; BadHostParts[i++] = "oasc[(0|1|e)]"; // AdServer - 2010-03-01 BadHostParts[i++] = "passion"; BadHostParts[i++] = "paypal\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "peep"; BadHostParts[i++] = "pix"; BadHostParts[i++] = "poker"; // GAMBLING RULE BadHostParts[i++] = "privacy"; // PROXY YOUR CHOICE BadHostParts[i++] = "prok[(c|s)]"; // PROXY YOUR CHOICE - 2009-04-18 BadHostParts[i++] = "prox"; // PROXY BadHostParts[i++] = "refund-services\.irs"; // YOUR CHOICE Phish - 2009-12-03 BadHostParts[i++] = "refunds\.irs"; // YOUR CHOICE Phish - 2009-12-03 BadHostParts[i++] = "rencontre"; BadHostParts[i++] = "[^aeost]rx[^c]"; // YOUR CHOICE SPAM - 2009-11-12 BadHostParts[i++] = "scan"; // Malware - 2009-05-07 BadHostParts[i++] = "secret"; // PROXY - 2009-02-05 BadHostParts[i++] = "secure\.ally\.com"; // Phish - 2009-11-30 BadHostParts[i++] = "securemecca\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "sendspace\.com"; // Phish - 2010-01-19 BadHostParts[i++] = "sextracker"; BadHostParts[i++] = "single"; BadHostParts[i++] = "sitesell\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "sneak"; // PROXY BadHostParts[i++] = "ssa\.gov"; // Phish - 2009-11-26 BadHostParts[i++] = "stats"; // YOUR CHOICE - Tracker - 2009-04-21 BadHostParts[i++] = "strato\.de"; // Phish - 2009-12-07 BadHostParts[i++] = "submissi"; BadHostParts[i++] = "[^sy]suck"; // Malware - 2010-01-12 // BadHostParts[i++] = "surf"; // YOUR CHOICE - PROXY BadHostParts[i++] = "tease"; BadHostParts[i++] = "[^rs]teen"; // Malware - 2010-02-08 BadHostParts[i++] = "thumb"; BadHostParts[i++] = "tracking"; // Tracker - 2009-06-01 BadHostParts[i++] = "tube"; // YOUR CHOICE - MalWare BadHostParts[i++] = "tunnel"; // PROXY BadHostParts[i++] = "twink"; BadHostParts[i++] = "unblock"; // PROXY BadHostParts[i++] = "unlock"; // PROXY BadHostParts[i++] = "usaa\.com"; // Phish - 2010-01-19 BadHostParts[i++] = "usbank\.com"; // Phish - 2009-12-14 BadHostParts[i++] = "ustreasury"; // YOUR CHOICE Phish - 2009-12-03 BadHostParts[i++] = "valueclick"; // AdServer - 2009-10-07 BadHostParts[i++] = "vegas"; BadHostParts[i++] = "virgin[^im]"; BadHostParts[i++] = "visa\.com"; // Phish - 2009-12-08 BadHostParts[i++] = "wellsfargo.com"; // Phish - 2010-02-25 BadHostParts[i++] = "wicked"; BadHostParts[i++] = "women"; BadHostParts[i++] = "xxx"; // Malware - 2010-01-28 BadHostParts[i++] = "yahoo\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "yahooapis\.com"; // Phish - 2009-12-07 BadHostParts[i++] = "young"; // If any of the following BadURL_WordStarts show up at the start of a // word in the URL the FindProxyForURL will reject it unless the // resulting IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *START* OF THIS ARRAY var BadURL_WordStarts = new Array(); i=0; BadURL_WordStarts[i++] = "ad_label_"; // AdServer - 2009-11-23 BadURL_WordStarts[i++] = "adsense"; // AdServer - 2010-01-12 BadURL_WordStarts[i++] = "advertising"; // AdServer - 2010-01-20 BadURL_WordStarts[i++] = "ajrotator"; // AdServer - 2009-11-28 BadURL_WordStarts[i++] = "chest"; BadURL_WordStarts[i++] = "cmdatatagutils"; // Tracker - 2009-11-23 BadURL_WordStarts[i++] = "coed"; BadURL_WordStarts[i++] = "competetracking"; // Tracker - 2010-01-12 BadURL_WordStarts[i++] = "escort"; BadURL_WordStarts[i++] = "flash-plugin"; // Malware - 2009-09-03 BadURL_WordStarts[i++] = "flash-hq-plugin"; // Malware - 2009-11-07 BadURL_WordStarts[i++] = "flash_up"; // Malware - 2010-01-08 BadURL_WordStarts[i++] = "flashinstaller"; // Malware - 2009-11-23 BadURL_WordStarts[i++] = "gals"; BadURL_WordStarts[i++] = "gay"; BadURL_WordStarts[i++] = "girl"; // BadURL_WordStarts[i++] = "install"; // YOUR CHOICE Malware - 2009-11-30 BadURL_WordStarts[i++] = "install_activex"; // YOUR CHOICE Malware - 2010-02-08 BadURL_WordStarts[i++] = "legs"; BadURL_WordStarts[i++] = "mature"; BadURL_WordStarts[i++] = "mtvi_reporting"; // Tracker - 2009-12-03 BadURL_WordStarts[i++] = "new-video-addon"; // YOUR CHOICE Malware - 2010-02-08 BadURL_WordStarts[i++] = "nude"; BadURL_WordStarts[i++] = "omnidiggthis"; // Tracker - 2009-08-19 BadURL_WordStarts[i++] = "openads"; // Tracker - 2010-01-12 BadURL_WordStarts[i++] = "oral"; BadURL_WordStarts[i++] = "pageear"; // Tracker - 2010-01-19 BadURL_WordStarts[i++] = "photoarchive"; // YOUR CHOICE Malware - 2010-02-08 BadURL_WordStarts[i++] = "pink"; BadURL_WordStarts[i++] = "piss"; BadURL_WordStarts[i++] = "rape"; // 2010-02-25 BadURL_WordStarts[i++] = "redirectexittrack"; // Tracker - 2009-11-23 BadURL_WordStarts[i++] = "revsci"; // Tracker - 2010-01-19 BadURL_WordStarts[i++] = "sex"; BadURL_WordStarts[i++] = "show_afs_ads"; // AdServer - 2009-11-30 BadURL_WordStarts[i++] = "smart-plugin"; // YOUR CHOICE Malware - 2010-02-08 BadURL_WordStarts[i++] = "touchclarity"; // Tracker - 2010-01-19 BadURL_WordStarts[i++] = "1x1_trans\.gif"; // Tracker - 2010-02-13 BadURL_WordStarts[i++] = "adlinks\.[(j|p)]"; // AdServer - 2010-01-14 BadURL_WordStarts[i++] = "admanager\."; // Tracker - 2010-01-15 BadURL_WordStarts[i++] = "adrelated\."; // AdServer - 2010-02-05 BadURL_WordStarts[i++] = "adsonar\."; // AdServer - 2010-02-05 BadURL_WordStarts[i++] = "adssrv\."; // AdServer - 2009-12-17 BadURL_WordStarts[i++] = "adstream\.[(j|p)]"; // AdServer - 2010-01-14 BadURL_WordStarts[i++] = "anal[^oy]"; BadURL_WordStarts[i++] = "babe[^l]"; BadURL_WordStarts[i++] = "bot\.exe"; // Malware - 2010-01-07 BadURL_WordStarts[i++] = "clickjs\.php"; // Tracker - 2009-11-30 BadURL_WordStarts[i++] = "dcs\.gif"; // Tracker - 2009-10-26 BadURL_WordStarts[i++] = "dotclear\.[(g|j)]"; // YOUR CHOICE Tracker - 2010-01-09 BadURL_WordStarts[i++] = "elqcfg\.[(j|p)]"; // Tracker - 2010-02-13 BadURL_WordStarts[i++] = "elqimg\.[(g|j|p)]"; // Tracker - 2010-02-13 BadURL_WordStarts[i++] = "eros[^e]"; // Malware - 2009-10-27 // BadURL_WordStarts[i++] = "gate\.php"; // YOUR CHOICE Malware - 2010-01-08 BadURL_WordStarts[i++] = "hitin\.php"; // YOUR CHOICE Malware - 2010-02-12 BadURL_WordStarts[i++] = "ldr\.exe"; // Malware - 2010-01-07 BadURL_WordStarts[i++] = "loader\.exe"; // Malware - 2010-01-07 BadURL_WordStarts[i++] = "new-video-addon\."; // Malware - 2010-03-01 BadURL_WordStarts[i++] = "omniture\.js"; // YOUR CHOICE Tracker - 2009-11-04 BadURL_WordStarts[i++] = "omniture_code\.js"; // YOUR CHOICE Tracker - 2009-11-02 BadURL_WordStarts[i++] = "pee[^nrv]"; BadURL_WordStarts[i++] = "popunder\."; // AdServer - 2010-01-20 BadURL_WordStarts[i++] = "ptv8\.swf"; // YOUR CHOICE Tracker - 2009-12-27 BadURL_WordStarts[i++] = "s_code\.js"; // YOUR CHOICE Tracker - 2009-10-20 BadURL_WordStarts[i++] = "s_code_remote\.js"; // YOUR CHOICE Tracker - 2009-11-02 BadURL_WordStarts[i++] = "showads\.[(j|p)]"; // Tracker - 2010-01-12 BadURL_WordStarts[i++] = "sitecatalystinclude\.js"; // YOUR CHOICE Tracker - 2009-11-07 BadURL_WordStarts[i++] = "spc_trans\.gif"; // Tracker - 2010-02-13 BadURL_WordStarts[i++] = "\.sys"; // Malware - 2009-12-14 BadURL_WordStarts[i++] = "tc_logging\.js"; // Tracker - 2010-02-05 BadURL_WordStarts[i++] = "techprops\.js"; // Tracker - 2009-11-23 BadURL_WordStarts[i++] = "teen[^y]"; // Malware - 2009-11-23 BadURL_WordStarts[i++] = "trans_pixel"; // Tracker - 2009-12-29 (ASP) BadURL_WordStarts[i++] = "vtrack\.php"; // Tracker - 2009-11-23 BadURL_WordStarts[i++] = "webtrends_tag\.js"; // Tracker - 2009-11-03 BadURL_WordStarts[i++] = "wtbase\.js"; // Tracker - 2009-09-19 BadURL_WordStarts[i++] = "wtid\.js"; // Tracker - 2009-09-19 BadURL_WordStarts[i++] = "wtinit\.js"; // Tracker - 2009-09-19 BadURL_WordStarts[i++] = "xplay[(m|s)]"; // Malware - 2010-02-05 BadURL_WordStarts[i++] = "xtcore\.[(j|p)]"; // Tracker - 2010-01-14 // If any of the following BadHostWordStarts show up at the start of a // word in the HOST the FindProxyForURL will reject it unless the // resulting IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *START* OF THIS ARRAY var BadHostWordStarts = new Array(); i=0; BadHostWordStarts[i++] = "adserver"; // YOUR CHOICE AdServer - 2009-10-06 BadHostWordStarts[i++] = "anon"; // PROXY YOUR CHOICE - 2009-04-18 BadHostWordStarts[i++] = "bang"; BadHostWordStarts[i++] = "boy"; BadHostWordStarts[i++] = "fotos"; BadHostWordStarts[i++] = "gcirm"; // AdServer - 2009-06-19 BadHostWordStarts[i++] = "girl"; BadHostWordStarts[i++] = "hide"; // PROXY BadHostWordStarts[i++] = "lady"; BadHostWordStarts[i++] = "lips"; // BadHostWordStarts[i++] = "live"; // YOUR CHOICE BadHostWordStarts[i++] = "rx"; // YOUR CHOICE SPAM - 2010-01-14 BadHostWordStarts[i++] = "sex"; BadHostWordStarts[i++] = "strip"; BadHostWordStarts[i++] = "surf"; // YOUR CHOICE - PROXY BadHostWordStarts[i++] = "ustreasury"; // Phish - 2009-11-30 BadHostWordStarts[i++] = "zoo"; // YOUR CHOICE BadHostWordStarts[i++] = "adimg\."; // AdServer - 2010-01-14 BadHostWordStarts[i++] = "adlog\."; // YOUR CHOICE Tracker - 2010-01-09 BadHostWordStarts[i++] = "ads\."; // YOUR CHOICE ADS - 2009-04-02 BadHostWordStarts[i++] = "ads1\."; // YOUR CHOICE ADS - 2009-06-21 BadHostWordStarts[i++] = "adsys\."; // YOUR CHOICE ADS - 2009-05-28 BadHostWordStarts[i++] = "ally\.com"; // Phish - 2009-11-30 BadHostWordStarts[i++] = "chase\.com"; // Phish - 2009-11-30 BadHostWordStarts[i++] = "cpanel\."; // Phish - 2009-12-07 BadHostWordStarts[i++] = "ebay\.com"; // Phish - 2009-12-08 BadHostWordStarts[i++] = "fdic\.gov"; // Phish - 2009-11-15 BadHostWordStarts[i++] = "hard[(b|c|e|p|s)]"; // BadHostWordStarts[i++] = "hot[^em]"; // YOUR CHOICE // next is for - *.insightexpressai.com, // *.insightfirst.com, and insightxe* SPIES BadHostWordStarts[i++] = "insight[(e|f|x)]"; // SPIES BadHostWordStarts[i++] = "irs\.gov"; // Phish - 2009-11-15 BadHostWordStarts[i++] = "nacha\.org"; // Phish - 2009-11-15 BadHostWordStarts[i++] = "openx\."; // Tracker - 2010-01-20 BadHostWordStarts[i++] = "refund-services\.irs"; // Phish - 2009-11-30 BadHostWordStarts[i++] = "refunds\.irs"; // Phish - 2009-11-30 BadHostWordStarts[i++] = "sdc\."; // AdServer - 2010-02-05 BadHostWordStarts[i++] = "synad\."; // AdServer - 2010-01-12 BadHostWordStarts[i++] = "synad2\."; // AdServer - 2010-01-12 BadHostWordStarts[i++] = "tit[^abhilmu]"; BadHostWordStarts[i++] = "utm\."; // Tracker - 2009-09-27 BadHostWordStarts[i++] = "visa\.com"; // Phish - 2009-12-08 BadHostWordStarts[i++] = "webs\.com"; // Phish - 2009-12-07 // If any of the following BadURL_WordEnds show up at the end of a // word in the URL the FindProxyForURL will reject it unless the // resulting IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *END* OF THIS ARRAY var BadURL_WordEnds = new Array(); i=0; // BadURL_WordEnds[i++] = "\.bat"; // Malware - 2010-01-27 BadURL_WordEnds[i++] = "[^ck]anal"; // Malware - 2010-02-13 BadURL_WordEnds[i++] = "[^h]eros"; // BadURL_WordEnds[i++] = "\.exe"; // Malware - 2010-01-27 // BadURL_WordEnds[i++] = "\.pdf"; // Malware - 2010-01-27 BadURL_WordEnds[i++] = "[^u]pee"; BadURL_WordEnds[i++] = "[^cg]rape"; BadURL_WordEnds[i++] = "\.sh"; // Malware - 2010-01-27 BadURL_WordEnds[i++] = "[^s]teen"; // Malware - 2009-10-01 BadURL_WordEnds[i++] = "babe"; BadURL_WordEnds[i++] = "butt"; BadURL_WordEnds[i++] = "chest"; BadURL_WordEnds[i++] = "coed"; BadURL_WordEnds[i++] = "escort"; BadURL_WordEnds[i++] = "gals"; BadURL_WordEnds[i++] = "gay"; BadURL_WordEnds[i++] = "girl"; BadURL_WordEnds[i++] = "girls"; BadURL_WordEnds[i++] = "girlz"; BadURL_WordEnds[i++] = "legs"; BadURL_WordEnds[i++] = "mature"; BadURL_WordEnds[i++] = "nude"; BadURL_WordEnds[i++] = "pink"; BadURL_WordEnds[i++] = "piss"; BadURL_WordEnds[i++] = "sex"; BadURL_WordEnds[i++] = "sexe"; // If any of the following BadHostWordEnds show up at the end of a // word in the HOST the FindProxyForURL will reject it unless the // resulting IP is in a safe range. // WARNING - DO NOT PUT REGEXPs AT THE *END* OF THIS ARRAY var BadHostWordEnds = new Array(); i=0; BadHostWordEnds[i++] = "[^cs]hard"; // BadHostWordEnds[i++] = "[^s]hot"; // YOUR CHOICE - 2009-12-22 BadHostWordEnds[i++] = "[^c]lips"; // BadHostWordEnds[i++] = "bang"; // YOUR CHOICE BadHostWordEnds[i++] = "boy"; BadHostWordEnds[i++] = "fotos"; BadHostWordEnds[i++] = "girl"; BadHostWordEnds[i++] = "girls"; BadHostWordEnds[i++] = "hide"; // PROXY BadHostWordEnds[i++] = "lady"; // BadHostWordEnds[i++] = "live"; // YOUR CHOICE BadHostWordEnds[i++] = "sex"; BadHostWordEnds[i++] = "tracker"; // Tracker - 2009-10-27 /////////////////////////// // Set up GoodDomainRegx // /////////////////////////// for(i in GoodDomains) { GoodDomains[i] = GoodDomains[i].split(/\./).join("\\."); } var GoodDomainRegx = new RegExp("(" + GoodDomains.join("|") + ")$", "i"); if (debug & debugRegxGen) { alert("GoodDomainRegx = " + GoodDomainRegx); } ////////////////////////// // Set up BadDomainRegx // ////////////////////////// for(i in BadDomains) { BadDomains[i] = BadDomains[i].split(/\./).join("\\."); } var BadDomainRegx = new RegExp("(" + BadDomains.join("|") + ")$", "i"); if (debug & debugRegxGen) { alert("BadDomainRegx = " + BadDomainRegx); } /////////////////////////// // Set up BadHostPartRegx // /////////////////////////// for(i in BadHostParts) { BadHostParts[i] = BadHostParts[i].split(/\./).join("\\."); } var BadHostPartRegx = new RegExp(BadHostParts.join("|"), "i"); if (debug & debugRegxGen) { alert("BadHostPartRegx = " + BadHostPartRegx); } ///////////////////////////////// // Set up BadHostWordStartRegx // ///////////////////////////////// for(i in BadHostWordStarts) { BadHostWordStarts[i] = BadHostWordStarts[i].split(/\./).join("\\."); } var BadHostWordStartRegx = new RegExp("(^|[^a-z0-9])(" + BadHostWordStarts.join("|") + ")", "i"); if (debug & debugRegxGen) { alert("BadHostWordStartRegx = " + BadHostWordStartRegx); } /////////////////////////////// // Set up BadHostWordEndRegx // /////////////////////////////// for(i in BadHostWordEnds) { BadHostWordEnds[i] = BadHostWordEnds[i].split(/\./).join("\\."); } var BadHostWordEndRegx = new RegExp("(" + BadHostWordEnds.join("|") + ")([^a-z0-9]|$)", "i"); if (debug & debugRegxGen) { alert("BadHostWordEndRegx = " + BadHostWordEndRegx); } //////////////////////////// // SET UP BadURL_PartRegx // //////////////////////////// for(i in BadURL_Parts) { BadURL_Parts[i] = BadURL_Parts[i].split(/\./).join("\\."); } var BadURL_PartRegx = new RegExp(BadURL_Parts.join("|"), "i"); if (debug & debugRegxGen) { alert ("BadURL_PartRegx = " + BadURL_PartRegx ); } ///////////////////////////////// // SET UP BadURL_WordStartRegx // ///////////////////////////////// for(i in BadURL_WordStarts) { BadURL_WordStarts[i] = BadURL_WordStarts[i].split(/\./).join("\\."); } var BadURL_WordStartRegx = new RegExp("[^a-z0-9](" + BadURL_WordStarts.join("|") + ")", "i"); if (debug & debugRegxGen) { alert ("BadURL_WordStartRegx = " + BadURL_WordStartRegx ); } /////////////////////////////// // SET UP BadURL_WordEndRegx // /////////////////////////////// for(i in BadURL_WordEnds) { BadURL_WordEnds[i] = BadURL_WordEnds[i].split(/\./).join("\\."); } var BadURL_WordEndRegx = new RegExp("(" + BadURL_WordEnds.join("|") + ")([^a-z0-9]|$)", "i"); if (debug & debugRegxGen) { alert ("BadURL_WordEndRegx = " + BadURL_WordEndRegx ); } /////////////////////////////////////////// // Define the IsIPAddr function and vars // /////////////////////////////////////////// var IpAddrRegx = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/; function IsNumIpAddr(host) { var ipAry = host.match(IpAddrRegx); var isIPValid = false; if (ipAry) { isIPValid = true; for( i = 1; i <= 4; i++) { if (ipAry[i] >= 256) { isIPValid = false; } } } if (debug & debugShowIP && isIPValid) { alert("Found a IP host address: " + host); } return isIPValid; } ///////////////////// // Done Setting Up // ///////////////////// if (debug) {alert("proxy pac file loaded");} ////////////////////////////////// // Define the FindProxyFunction // ////////////////////////////////// function FindProxyForURL(url, host) { var TestResult; var FuncResult = normal; var str = ""; var i = ""; var tmpNet; var IsNumIP = IsNumIpAddr(host); var HasIPv4Address = true; var IPv4Address; /////////////////////////////////////////////////////////////////////// // FTP patch for privoxy - Elric Scott schemalogic.com // // At one time I recommended privoxy. Since this is a security hole // // I recommend using Firefox + NoScript instead. See WARNING.txt // /////////////////////////////////////////////////////////////////////// // if (url.substr(0,4) == "ftp:") { // return "DIRECT"; // } /////////////////////////////////////////////////////////////////////// // Remove any anchors and arguments from the url if we are only // // looking at the path part // /////////////////////////////////////////////////////////////////////// if (parseURL == pathParse) { str = url.match(/^[^\?#]*/); if (str != url) { if (debug & debugModURL) { alert ("URL modified:\n" + url + "\n" + str); } url = str; } } /////////////////////////////////////////////////////////////////////// // PASS LIST: domains matched here will always be allowed. // /////////////////////////////////////////////////////////////////////// if (!IsNumIP && (TestResult = GoodDomainRegx.exec(host))) { if (debug & debugShowPass) { str = "Passed URL due to Good Domain in host: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return normal; } /////////////////////////////////////////////////////////////////////// // Check to make sure we can get an IPv4 address from the given host // // name. If we cannot do that then skip the Networks tests. // /////////////////////////////////////////////////////////////////////// if (IsNumIP) { IPv4Address = host; } else { if (isResolvable(host)) { IPv4Address = dnsResolve(host); } else { HasIPv4Address = false; } } if (HasIPv4Address) { /////////////////////////////////////////////////////////////////////// // If the IP translates to one of the GoodNetworks we pass it // // since it is considered to be safe. // /////////////////////////////////////////////////////////////////////// for (i in GoodNetworks) { tmpNet = GoodNetworks[i].split(/,\s*/); if (isInNet(IPv4Address, tmpNet[0], tmpNet[1])) { if (debug & debugShowPass) { str = "Passed URL due to good IP address: " + url + "\n\tNet: " + tmpNet[0] + " mask " + tmpNet[1]; alert(str); } return normal; } } /////////////////////////////////////////////////////////////////////// // If the IP translates to one of the BadNetworks we fail it // // since it is not considered to be safe. // /////////////////////////////////////////////////////////////////////// for (i in BadNetworks) { tmpNet = BadNetworks[i].split(/,\s*/); if (isInNet(IPv4Address, tmpNet[0], tmpNet[1])) { if (debug & debugShowFail) { str = "Blocked URL due to bad IP address: " + url + "\n\tNet: " + tmpNet[0] + " mask " + tmpNet[1]; alert(str); } return blackhole; } } } ////////////////////////////////////////////////////////// // BLOCK LIST: stuff matched here here will be blocked // ////////////////////////////////////////////////////////// if (!IsNumIP && (TestResult = BadDomainRegx.exec(host))) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word in Domain Name: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (!IsNumIP && (TestResult = BadHostPartRegx.exec(host))) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word in Host Name: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadHostWordStartRegx.exec(host)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word Start in Host Name: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadHostWordEndRegx.exec(host)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word End in Host Name: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadURL_PartRegx.exec(url)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Word in URL: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadURL_WordStartRegx.exec(url)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Starting Word in URL: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (TestResult = BadURL_WordEndRegx.exec(url)) { if (debug & debugShowFail) { str = "Blocked URL due to Bad Ending Word in URL: " + url; for (i in TestResult) { str += "\n\tTestResult." + i + " = \"" + TestResult[i] + "\""; } alert(str); } return blackhole; } if (debug & debugShowPass) { str = "Passed URL: " + url; alert(str); } return normal; }