Funnelish was a new geoshitty to me (free domain-less web hosting often used for phishing). It's an eCommerce platform, but in the 14-day trial I was able to:

• fully customize product and checkout pages and forms
• send the data to a webhook! (webhook[.]site)
• register immediately with a burner duckduck email
• free trial subdomains are randomly generated but you can set the slugs to different pages

It has been added to the list below. I suggest blocking since a real business would use their own domain. Luckily they separate their platforms domain from the user content.

Block myfunnelish[.]com (and the webhooks aaS)

https://github.com/BadSamuraiDev/bs-lists/blob/main/geoshitties.txt

Thank you @urldna for your phishing feed where I found this.

#phishing #blueteam #infosec #blocklist

Weekly block list report: 3,494 entries; 3,473 valid / 21 invalid; 3 deleted #ads #adblocking #blocklist #trackers #pglblocklistreport

List URL: https://pgl.yoyo.org/as/serverlist.php

This escalated quickly. Can't tell if "Daniel Levy" is a confused European struggling with his 2nd or 3rd language or just a bot

#Blocklist

https://mastodon.social/@daniellevy/115611298564445371