masbog · May 31, 2016 02:55
diff --git a/hosts b/hosts





 # =====================================================================
 ## SHADY APPS FROM CHINA HOSTS
 ## BLOCK LIST v2.2.6 Work in Progress (May 2016)
 ## By Megaton
 #
 # For use with products from: 
 # Aimersoft, iSkysoft, Wondershare, Xillisoft (all same company), iStonsoft,
 # epubor and many others. 
 # Info about Shenzhen Wondershare Information Technology Co., Ltd. 
 # http://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=23093779
 # http://www.macworld.com/article/1153685/speaking_spammers.html
 # 
 # OTHER: Discussion (Japanese) http://applech2.com/archives/28812089.html
 #
 # NOTE: be sure to check out the different Privacy Policies by Wondershare 
 # their ”shadow” and OEM companies. 
 # INFO: Some older versions are signed by Yi Xing Investment Co., Ltd.
 #
 # This list will be updated. 
 # =====================================================================
 # BEWARE OF APPS BRANDED WITH:
 # Wondershare, iSkysoft, Xillisoft, Aimersoft, Tuneup360, iStonsoft,
 # Sidify, MacXDVD, 5k, 4k, ChungwaSoft, Epubor, ePubee, FVD, eTinySoft,
 # TotalVideo, Xiisoft, ZiioSoft, xy, wontube, Eltima, Trillix, 
 # Tenorshare, Noteburner, iTube, AnyVideo, AnyMP4, Any(insertname),
 # Movavi, Enolsoft, AzwSoft, Mac Video Downloader, FlipBuilder,
 # FlipPDF, Flip, iMobie, Backuptrans,MacGo, Macblurayplayer, Free Media Player
 # IdealShare, 3herosoft, 4Media, 4videosoft, Aiseesoft, AnyBizSoft,
 # Aunsoft, Bigasoft, Brorsoft, EffectMatrix, iMacsoft, Joboshare,
 # Kigo, Macsome, Moyea, Tipard, uSeesoft, WinX, MacX, iFoneBox,
 # MiniTool, 



 # =====================================================================
 ## NOTE:  Could disable downloads from the 
 # sites of Wondershare, iSkysoft and Aimersoft and others
 # Disable entries if needed for testing or other tasks. 
 # =====================================================================
 0.0.0.0 cbs.wondershare.com # (Same as cbs.iskysoft.com)
 0.0.0.0 cbs.iskysoft.com 
 0.0.0.0 api.wondershare.com
 0.0.0.0 api.iskysoft.com
 0.0.0.0 api.aimersoft.com   # (Same as cbs.iskysoft.com) 
 0.0.0.0 api.xillisoft.com
 0.0.0.0 api.tuneup360.com   # (See NOTES below)

 ## NOTES (api.tuneup360.com)
 # 1. Google Safe Browsing (Jul 2015):  Malicious site
 # 2. Google Safe Browsing (Feb 2016):  Safe 
 # 3. Web of Trust WOT (Feb 2016): Poor reputation, scammy behavior,
 # technical dangers such as malware and other issues. (Feb 2016)
 # 4. Alert: Links to serveral sites that are known for malware,
 # adware, tracking and spam. Most notable is download25 
 # a Romanian download site that is mentioned spreading malware, viruses, 
 # spam, and different types of cybercrime (other than mentioned).
 # Also claims to be owned by a non existent company (but the real
 # owners is Wondershare, and the SW is also signed by Wondershare).

 0.0.0.0 i.wondershare.com   # (Same as api.aimersoft.com)
 0.0.0.0 i.iskysoft.com      # (Same as api.iskysoft.com)
 0.0.0.0 i.aimersoft.com     # (Same as cbs.iskysoft.com)
 0.0.0.0 i.tuneup360.com     # (Same as api.aimersoft.com)

 0.0.0.0 macplatform.wondershare.com
 0.0.0.0 platform.wondershare.com
 0.0.0.0 wondershare.cn.edgesuite.net
 0.0.0.0 resource.wondershare.com
 0.0.0.0 resource.wondershare.com.cdnga.net
 0.0.0.0 my.wondershare.com
 0.0.0.0 us.wondershare.com
 0.0.0.0 pop.wondershare.com
 0.0.0.0 rest.wondershare.com
 0.0.0.0 rest.iskysoft.com
 0.0.0.0 96.17.10.24        # api.tuneup360.com    (Known IP)
 0.0.0.0 69.172.201.208     # api.xillisoft.com    (Known IP)
 0.0.0.0 203.130.48.6       # cbs.iskysoft.com     (Known IP)
 0.0.0.0 70.39.189.218      # api.iskysoft.com     (Known IP)
 0.0.0.0 96.17.10.41        # api.wondershare.com  (Known IP)
 0.0.0.0 96.17.10.25        # api.wondershare.com  (Known IP)
 0.0.0.0 203.130.48.18      # macplatform.wondershare.com   (Helper Compact.app) 
 0.0.0.0 70.39.189.178      # (Helper Compact.app) 
 0.0.0.0 205.185.206.155    # wondershare.cn.edgesuite.net  (Known IP)
 0.0.0.0 96.17.10.26        # wondershare.cn.edgesuite.net  (Known IP)
 0.0.0.0 184.173.254.16     # wondershare.cn.edgesuite.net  (Known IP)
 0.0.0.0 184.173.254.16-static.reverse.softlayer.com     # (See above)
 0.0.0.0 203.130.48.6-bj-cnc                             # (See above)
 0.0.0.0 a1737.g.akamai.net #            (Associated with Wondershare)


 # ==========================================================
 # Wondershare and OEM Local Servers
 # ==========================================================
 # Some apps trying to do download browser extensions that
 # will inject ads or tracking into your browsers.
 # For this they launch a webserver on your computer
 # and downloads and installs extension "updates".
 # Do mind that there are legitimate uses for using
 # this method (not installing shit however).
 # So if you need this local IP, disable this entry.


 0.0.0.0 192.168.10.48


 # ==========================================================
 # Bug Reporters
 # ==========================================================
 0.0.0.0 www.bugsplatsoftware.com
 0.0.0.0 bugsplatsoftware.com
 # ==========================================================
 # Rest of the Wondershare and OEM Hosts
 # ==========================================================
 0.0.0.0 wondershare.com
 0.0.0.0 www.wondershare.com
 0.0.0.0 iskysoft.com
 0.0.0.0 www.iskysoft.com
 0.0.0.0 download.wondershare.com
 0.0.0.0 interface.wondershare.com
 0.0.0.0 datarecovery.wondershare.com
 0.0.0.0 lt.wondershare.com
 0.0.0.0 ori-www.wondershare.com
 0.0.0.0 api.fantashow.wondershare.com
 0.0.0.0 us-stats.wondershare.com
 0.0.0.0 images2.wondershare.com
 0.0.0.0 pdfimages.wondershare.com
 0.0.0.0 pdf.wondershare.com
 0.0.0.0 resource.wondershare.com
 0.0.0.0 download.ru.wondershare.com
 0.0.0.0 filmora.wondershare.com
 0.0.0.0 labs.wondershare.com
 0.0.0.0 download.nl.wondershare.com
 0.0.0.0 shop.wondershare.com
 0.0.0.0 sell.wondershare.com
 0.0.0.0 file.wondershare.com
 0.0.0.0 statics.was.wondershare.com
 0.0.0.0 images.ru.wondershare.com
 0.0.0.0 nl.wondershare.com
 0.0.0.0 images.nl.wondershare.com
 0.0.0.0 photo.wondershare.com
 0.0.0.0 images.player.wondershare.com
 0.0.0.0 was-stats.wondershare.com
 0.0.0.0 was.wondershare.com
 0.0.0.0 mobilego.wondershare.com
 0.0.0.0 powercam.wondershare.com
 0.0.0.0 rest.wondershare.com
 0.0.0.0 res.wondershare.com
 0.0.0.0 player.wondershare.com
 0.0.0.0 fantashow.wondershare.com
 0.0.0.0 ori-download.wondershare.com
 0.0.0.0 newaffiliateadownload.wondershare.com
 0.0.0.0 newsletters.wondershare.com
 0.0.0.0 support.wondershare.com
 0.0.0.0 store.wondershare.com
 0.0.0.0 my.wondershare.com
 0.0.0.0 i.wondershare.com
 0.0.0.0 newsletter.wondershare.com
 0.0.0.0 download-affiliate.wondershare.com
 0.0.0.0 blog.wondershare.com
 0.0.0.0 free.wondershare.com
 0.0.0.0 images.fantashow.wondershare.com
 0.0.0.0 images.wondershare.com
 0.0.0.0 tw.wondershare.com
 0.0.0.0 uk.wondershare.com
 0.0.0.0 no.wondershare.com
 0.0.0.0 hi.wondershare.com
 0.0.0.0 otq.wondershare.com
 0.0.0.0 bs.wondershare.com
 0.0.0.0 ha.wondershare.com
 0.0.0.0 th.wondershare.com
 0.0.0.0 iw.wondershare.com
 0.0.0.0 ms.wondershare.com
 0.0.0.0 dk.wondershare.com
 0.0.0.0 id.wondershare.com
 0.0.0.0 ro.wondershare.com
 0.0.0.0 vi.wondershare.com
 0.0.0.0 sr.wondershare.com
 0.0.0.0 sk.wondershare.com
 0.0.0.0 tr.wondershare.com
 0.0.0.0 fi.wondershare.com
 0.0.0.0 cs.wondershare.com
 0.0.0.0 sa.wondershare.com
 0.0.0.0 pl.wondershare.com
 0.0.0.0 jp.wondershare.com
 0.0.0.0 sv.wondershare.com
 0.0.0.0 ru.wondershare.com
 0.0.0.0 www.isky.co.kr
 0.0.0.0 isky.co.kr
 0.0.0.0 support.iskysoft.com
 0.0.0.0 us.iskysoft.com




 # ==========================================================
 # Other Wondershare Shadow Companies & and OEMs
 # ==========================================================


 ## Misc
 0.0.0.0 lonasoft.com
 0.0.0.0 www.lonasoft.com
 0.0.0.0 www.avsmedia.com
 0.0.0.0 avsmedia.com
 0.0.0.0 aura4you.com
 0.0.0.0 www.aura4you.com
 0.0.0.0 www.amacsoft.com
 0.0.0.0 daniusoft.com 
 0.0.0.0 www.daniusoft.com
 0.0.0.0 aimersoft.com
 0.0.0.0 www.aimersoft.com
 0.0.0.0 aiseesoft.com
 0.0.0.0 www.aiseesoft.com
 0.0.0.0 4videosoft.com
 0.0.0.0 www.4videosoft.com
 0.0.0.0 www.tipard.com
 0.0.0.0 tipard.com
 0.0.0.0 3herosoft.com
 0.0.0.0 www.3herosoft.com
 0.0.0.0 www.useesoft.com
 0.0.0.0 xilisoft.com
 0.0.0.0 www.xilisoft.com
 0.0.0.0 download.xilisoft.com

 ## iStonsoft 
 # Apps like: MOBI2epub
 0.0.0.0 www.istonsoft.com
 0.0.0.0 istonsoft.com

 # MacXDVD
 0.0.0.0 macxdvd.com
 0.0.0.0 www.macxdvd.com
 0.0.0.0 macxdvd.com


 # 5K Player and other 5K SW
 0.0.0.0 www.5kplayer.com
 0.0.0.0 5kplayer.com

 ## ChungwaSoft
 # Mail Plug-ins and SW
 0.0.0.0 www.chungwasoft.com
 0.0.0.0 www.feingeist.io
 0.0.0.0 chungwasoft.com
 0.0.0.0 feingeist.io

 ## Epubor Soft or Epubee
 # Fires up a couple of localhost servers to do stuff.
 0.0.0.0 chat.epubor.com
 0.0.0.0 code.epubor.com
 0.0.0.0 download.epubor.com
 0.0.0.0 trace.epubor.com
 0.0.0.0 epubee.com
 0.0.0.0 epubor.com

 ## AniceSoft (Like ePubee)
 0.0.0.0 anicesoft.com
 0.0.0.0 www.anicesoft.com
 0.0.0.0 trace.anicesoft.com
 0.0.0.0 download.anicesoft.com
 0.0.0.0 code.anicesoft.com

 # FVD Show
 0.0.0.0 ffdshow-tryout.sourceforge.net
 0.0.0.0 ffdshow.sourceforge.net


 # TotalVideo (AKA eTinySoft, AKA ZiioSoft)
 0.0.0.0 etinysoft.com
 0.0.0.0 license.etinysoft.com
 0.0.0.0 update.etinysoft.com
 0.0.0.0 www.etinysoft.com
 0.0.0.0 effectmatrix.com
 0.0.0.0 www.effectmatrix.com
 0.0.0.0 ziiosoft.net
 0.0.0.0 www.ziiosoft.net
 0.0.0.0 updates.ziiosoft.net
 0.0.0.0 cdn.ziiosoft.net
 0.0.0.0 license.ziiosoft.net

 ## Eltima 
 # From Russia or Ukraina, first based in the US, now in Germany.
 # However, they use the same methods as the Chinese
 # OEMs, so they deserve a place on this list.

 0.0.0.0 activate.eltima.com
 0.0.0.0 eltima.com
 0.0.0.0 mac.eltima.com
 0.0.0.0 appstatico.com # Tracking that installs silently upon app launch
 0.0.0.0 appstatico.eltima.com # Tracking that installs silently upon app launch

 # Misc Collected by Scanning hardcoded URLs inside the Apps.
 # A few of the URLs could be legit ones. 
 0.0.0.0 www.free-codecs.com
 0.0.0.0 free-codecs.com
 0.0.0.0 emajix.com
 0.0.0.0 www.emajix.com
 0.0.0.0 fontframe.com # Serves adware
 0.0.0.0 www.fontframe.com # Serves adware
 0.0.0.0 www.cyberlink.com
 0.0.0.0 cyberlink.com
 0.0.0.0 www.divxity.com # Affilate
 0.0.0.0 divxity.com # Affilate
 0.0.0.0 www.loronix.com # Intelligence Solutions
 0.0.0.0 loronix.com # Intelligence Solutions
 0.0.0.0 www.winimage.com
 0.0.0.0 winimage.com
 0.0.0.0 video-converter.jp
 0.0.0.0 www.video-converter.jp


 # ==========================================================
 # BROWSER EXTENSIONS 
 # ==========================================================
 ###### Browser Extensions Crap from Wondershare and iSkysoft
 # Looking inside  Wondershare Video Converter for Mac
 # You will find the following entries:
 # http://192.168.10.48/WonderShare/Common/MacMediaLib/Trunk/Src/BrowserExtensions/
 # ExtensionsCode/Wondershare%20AllMyTube/Wondershare/Firefox/chrome
 # http://www.wontube.com/software/allmytube-plugin-mac/Aimersoft_chromeupdate.xml
 # http://www.wontube.com/software/allmytube-plugin-mac/AimersoftForVC_chromeupdate.xml
 # http://www.wontube.com/software/allmytube-plugin-mac/AllMyTube_chromeupdate.xml
 # http://www.wontube.com/software/allmytube-plugin-mac/iskydeluxe_chromeupdate.xml
 # http://www.wontube.com/software/allmytube-plugin-mac/iTube_chromeupdate.xml
 # http://www.wontube.com/software/allmytube-plugin-mac/Ultimate_chromeupdate.xml
 # http://www.wontube.com/software/allmytube-plugin-mac/xydownloader_chromeupdate.xml
 # http://www.wontube.com/software/allmytube-plugin-mac/XYDownloader_chromeupdate.xml
 # And as bonus:
 # A super weird blog URL to a Japanese Sex Monger: http://yckart.com/


 0.0.0.0 fvdsuite.com
 0.0.0.0 fvd-player.com
 0.0.0.0 fvd-converter.com
 0.0.0.0 flashvideodownloader.org
 0.0.0.0 www.flashvideodownloader.org
 0.0.0.0 rp.tadanadanet1.com
 0.0.0.0 tadanadanet1.com
 0.0.0.0 tadanadanet.com
 0.0.0.0 www.flash-video-soft.com
 0.0.0.0 wontube.com
 0.0.0.0 www.wontube.com
 0.0.0.0 xydownloader.com
 0.0.0.0 www.xydownloader.com

 # =====================================================================
 ## B3. Chinese IPs used in known attacks that targets Wondershare/Others
 # Applications.  Disable if there is legit use.
 # =====================================================================
 0.0.0.0 59.175.104.125
 0.0.0.0 59.175.109.66
 0.0.0.0 59.175.109.69
 0.0.0.0 59.175.119.235
 0.0.0.0 59.175.130.116
 0.0.0.0 59.175.130.176
 0.0.0.0 59.175.130.54
 0.0.0.0 59.175.132.102
 0.0.0.0 59.175.134.18
 0.0.0.0 59.175.134.20
 0.0.0.0 59.175.135.166
 0.0.0.0 59.175.137.247
 0.0.0.0 59.175.137.254
 0.0.0.0 59.175.137.531
 0.0.0.0 59.175.137.69
 0.0.0.0 59.175.142.170
 0.0.0.0 59.175.142.173
 0.0.0.0 59.175.142.190
 0.0.0.0 59.175.142.24
 0.0.0.0 59.175.142.29
 0.0.0.0 59.175.142.34
 0.0.0.0 59.175.142.38
 0.0.0.0 59.175.142.40
 0.0.0.0 59.175.142.50
 0.0.0.0 59.175.144.110
 0.0.0.0 59.175.144.123
 0.0.0.0 59.175.144.42
 0.0.0.0 59.175.144.85
 0.0.0.0 59.175.144.87
 0.0.0.0 59.175.145.102
 0.0.0.0 59.175.145.116
 0.0.0.0 59.175.145.124
 0.0.0.0 59.175.145.132
 0.0.0.0 59.175.145.154
 0.0.0.0 59.175.145.156
 0.0.0.0 59.175.145.166
 0.0.0.0 59.175.145.179
 0.0.0.0 59.175.145.200
 0.0.0.0 59.175.145.5
 0.0.0.0 59.175.147.82
 0.0.0.0 59.175.148.300
 0.0.0.0 59.175.148.34
 0.0.0.0 59.175.148.5
 0.0.0.0 59.175.148.59
 0.0.0.0 59.175.148.66
 0.0.0.0 59.175.148.79
 0.0.0.0 59.175.153.106
 0.0.0.0 59.175.153.150
 0.0.0.0 59.175.153.20
 0.0.0.0 59.175.153.27
 0.0.0.0 59.175.153.45
 0.0.0.0 59.175.153.51
 0.0.0.0 59.175.160.42
 0.0.0.0 59.175.180.18
 0.0.0.0 59.175.181.243
 0.0.0.0 59.175.181.247
 0.0.0.0 59.175.181.251
 0.0.0.0 59.175.182.146
 0.0.0.0 59.175.188.165
 0.0.0.0 59.175.188.82
 0.0.0.0 59.175.195.220
 0.0.0.0 59.175.201.152
 0.0.0.0 59.175.201.226
 0.0.0.0 59.175.213.67
 0.0.0.0 59.175.214.3
 0.0.0.0 59.175.218.126
 0.0.0.0 59.175.218.195
 0.0.0.0 59.175.230.59
 0.0.0.0 59.175.233.118
 0.0.0.0 59.175.238.11
 0.0.0.0 59.175.238.117
 0.0.0.0 59.175.238.122
 0.0.0.0 59.175.238.16
 0.0.0.0 59.175.238.19
 0.0.0.0 59.175.238.39
 0.0.0.0 59.175.238.68
 0.0.0.0 59.175.238.95
 0.0.0.0 59.175.238.977
 0.0.0.0 59.175.32.231
 0.0.0.0 59.175.37.80


 ## BLOCKLIST END





	# =====================================================================
	## SHADY APPS FROM CHINA HOSTS
	## BLOCK LIST v2.2.6 Work in Progress (May 2016)
	## By Megaton
	#
	# For use with products from:
	# Aimersoft, iSkysoft, Wondershare, Xillisoft (all same company), iStonsoft,
	# epubor and many others.
	# Info about Shenzhen Wondershare Information Technology Co., Ltd.
	# http://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=23093779
	# http://www.macworld.com/article/1153685/speaking_spammers.html
	#
	# OTHER: Discussion (Japanese) http://applech2.com/archives/28812089.html
	#
	# NOTE: be sure to check out the different Privacy Policies by Wondershare
	# their ”shadow” and OEM companies.
	# INFO: Some older versions are signed by Yi Xing Investment Co., Ltd.
	#
	# This list will be updated.
	# =====================================================================
	# BEWARE OF APPS BRANDED WITH:
	# Wondershare, iSkysoft, Xillisoft, Aimersoft, Tuneup360, iStonsoft,
	# Sidify, MacXDVD, 5k, 4k, ChungwaSoft, Epubor, ePubee, FVD, eTinySoft,
	# TotalVideo, Xiisoft, ZiioSoft, xy, wontube, Eltima, Trillix,
	# Tenorshare, Noteburner, iTube, AnyVideo, AnyMP4, Any(insertname),
	# Movavi, Enolsoft, AzwSoft, Mac Video Downloader, FlipBuilder,
	# FlipPDF, Flip, iMobie, Backuptrans,MacGo, Macblurayplayer, Free Media Player
	# IdealShare, 3herosoft, 4Media, 4videosoft, Aiseesoft, AnyBizSoft,
	# Aunsoft, Bigasoft, Brorsoft, EffectMatrix, iMacsoft, Joboshare,
	# Kigo, Macsome, Moyea, Tipard, uSeesoft, WinX, MacX, iFoneBox,
	# MiniTool,



	# =====================================================================
	## NOTE: Could disable downloads from the
	# sites of Wondershare, iSkysoft and Aimersoft and others
	# Disable entries if needed for testing or other tasks.
	# =====================================================================
	0.0.0.0 cbs.wondershare.com # (Same as cbs.iskysoft.com)
	0.0.0.0 cbs.iskysoft.com
	0.0.0.0 api.wondershare.com
	0.0.0.0 api.iskysoft.com
	0.0.0.0 api.aimersoft.com # (Same as cbs.iskysoft.com)
	0.0.0.0 api.xillisoft.com
	0.0.0.0 api.tuneup360.com # (See NOTES below)

	## NOTES (api.tuneup360.com)
	# 1. Google Safe Browsing (Jul 2015): Malicious site
	# 2. Google Safe Browsing (Feb 2016): Safe
	# 3. Web of Trust WOT (Feb 2016): Poor reputation, scammy behavior,
	# technical dangers such as malware and other issues. (Feb 2016)
	# 4. Alert: Links to serveral sites that are known for malware,
	# adware, tracking and spam. Most notable is download25
	# a Romanian download site that is mentioned spreading malware, viruses,
	# spam, and different types of cybercrime (other than mentioned).
	# Also claims to be owned by a non existent company (but the real
	# owners is Wondershare, and the SW is also signed by Wondershare).

	0.0.0.0 i.wondershare.com # (Same as api.aimersoft.com)
	0.0.0.0 i.iskysoft.com # (Same as api.iskysoft.com)
	0.0.0.0 i.aimersoft.com # (Same as cbs.iskysoft.com)
	0.0.0.0 i.tuneup360.com # (Same as api.aimersoft.com)

	0.0.0.0 macplatform.wondershare.com
	0.0.0.0 platform.wondershare.com
	0.0.0.0 wondershare.cn.edgesuite.net
	0.0.0.0 resource.wondershare.com
	0.0.0.0 resource.wondershare.com.cdnga.net
	0.0.0.0 my.wondershare.com
	0.0.0.0 us.wondershare.com
	0.0.0.0 pop.wondershare.com
	0.0.0.0 rest.wondershare.com
	0.0.0.0 rest.iskysoft.com
	0.0.0.0 96.17.10.24 # api.tuneup360.com (Known IP)
	0.0.0.0 69.172.201.208 # api.xillisoft.com (Known IP)
	0.0.0.0 203.130.48.6 # cbs.iskysoft.com (Known IP)
	0.0.0.0 70.39.189.218 # api.iskysoft.com (Known IP)
	0.0.0.0 96.17.10.41 # api.wondershare.com (Known IP)
	0.0.0.0 96.17.10.25 # api.wondershare.com (Known IP)
	0.0.0.0 203.130.48.18 # macplatform.wondershare.com (Helper Compact.app)
	0.0.0.0 70.39.189.178 # (Helper Compact.app)
	0.0.0.0 205.185.206.155 # wondershare.cn.edgesuite.net (Known IP)
	0.0.0.0 96.17.10.26 # wondershare.cn.edgesuite.net (Known IP)
	0.0.0.0 184.173.254.16 # wondershare.cn.edgesuite.net (Known IP)
	0.0.0.0 184.173.254.16-static.reverse.softlayer.com # (See above)
	0.0.0.0 203.130.48.6-bj-cnc # (See above)
	0.0.0.0 a1737.g.akamai.net # (Associated with Wondershare)


	# ==========================================================
	# Wondershare and OEM Local Servers
	# ==========================================================
	# Some apps trying to do download browser extensions that
	# will inject ads or tracking into your browsers.
	# For this they launch a webserver on your computer
	# and downloads and installs extension "updates".
	# Do mind that there are legitimate uses for using
	# this method (not installing shit however).
	# So if you need this local IP, disable this entry.


	0.0.0.0 192.168.10.48


	# ==========================================================
	# Bug Reporters
	# ==========================================================
	0.0.0.0 www.bugsplatsoftware.com
	0.0.0.0 bugsplatsoftware.com
	# ==========================================================
	# Rest of the Wondershare and OEM Hosts
	# ==========================================================
	0.0.0.0 wondershare.com
	0.0.0.0 www.wondershare.com
	0.0.0.0 iskysoft.com
	0.0.0.0 www.iskysoft.com
	0.0.0.0 download.wondershare.com
	0.0.0.0 interface.wondershare.com
	0.0.0.0 datarecovery.wondershare.com
	0.0.0.0 lt.wondershare.com
	0.0.0.0 ori-www.wondershare.com
	0.0.0.0 api.fantashow.wondershare.com
	0.0.0.0 us-stats.wondershare.com
	0.0.0.0 images2.wondershare.com
	0.0.0.0 pdfimages.wondershare.com
	0.0.0.0 pdf.wondershare.com
	0.0.0.0 resource.wondershare.com
	0.0.0.0 download.ru.wondershare.com
	0.0.0.0 filmora.wondershare.com
	0.0.0.0 labs.wondershare.com
	0.0.0.0 download.nl.wondershare.com
	0.0.0.0 shop.wondershare.com
	0.0.0.0 sell.wondershare.com
	0.0.0.0 file.wondershare.com
	0.0.0.0 statics.was.wondershare.com
	0.0.0.0 images.ru.wondershare.com
	0.0.0.0 nl.wondershare.com
	0.0.0.0 images.nl.wondershare.com
	0.0.0.0 photo.wondershare.com
	0.0.0.0 images.player.wondershare.com
	0.0.0.0 was-stats.wondershare.com
	0.0.0.0 was.wondershare.com
	0.0.0.0 mobilego.wondershare.com
	0.0.0.0 powercam.wondershare.com
	0.0.0.0 rest.wondershare.com
	0.0.0.0 res.wondershare.com
	0.0.0.0 player.wondershare.com
	0.0.0.0 fantashow.wondershare.com
	0.0.0.0 ori-download.wondershare.com
	0.0.0.0 newaffiliateadownload.wondershare.com
	0.0.0.0 newsletters.wondershare.com
	0.0.0.0 support.wondershare.com
	0.0.0.0 store.wondershare.com
	0.0.0.0 my.wondershare.com
	0.0.0.0 i.wondershare.com
	0.0.0.0 newsletter.wondershare.com
	0.0.0.0 download-affiliate.wondershare.com
	0.0.0.0 blog.wondershare.com
	0.0.0.0 free.wondershare.com
	0.0.0.0 images.fantashow.wondershare.com
	0.0.0.0 images.wondershare.com
	0.0.0.0 tw.wondershare.com
	0.0.0.0 uk.wondershare.com
	0.0.0.0 no.wondershare.com
	0.0.0.0 hi.wondershare.com
	0.0.0.0 otq.wondershare.com
	0.0.0.0 bs.wondershare.com
	0.0.0.0 ha.wondershare.com
	0.0.0.0 th.wondershare.com
	0.0.0.0 iw.wondershare.com
	0.0.0.0 ms.wondershare.com
	0.0.0.0 dk.wondershare.com
	0.0.0.0 id.wondershare.com
	0.0.0.0 ro.wondershare.com
	0.0.0.0 vi.wondershare.com
	0.0.0.0 sr.wondershare.com
	0.0.0.0 sk.wondershare.com
	0.0.0.0 tr.wondershare.com
	0.0.0.0 fi.wondershare.com
	0.0.0.0 cs.wondershare.com
	0.0.0.0 sa.wondershare.com
	0.0.0.0 pl.wondershare.com
	0.0.0.0 jp.wondershare.com
	0.0.0.0 sv.wondershare.com
	0.0.0.0 ru.wondershare.com
	0.0.0.0 www.isky.co.kr
	0.0.0.0 isky.co.kr
	0.0.0.0 support.iskysoft.com
	0.0.0.0 us.iskysoft.com




	# ==========================================================
	# Other Wondershare Shadow Companies & and OEMs
	# ==========================================================


	## Misc
	0.0.0.0 lonasoft.com
	0.0.0.0 www.lonasoft.com
	0.0.0.0 www.avsmedia.com
	0.0.0.0 avsmedia.com
	0.0.0.0 aura4you.com
	0.0.0.0 www.aura4you.com
	0.0.0.0 www.amacsoft.com
	0.0.0.0 daniusoft.com
	0.0.0.0 www.daniusoft.com
	0.0.0.0 aimersoft.com
	0.0.0.0 www.aimersoft.com
	0.0.0.0 aiseesoft.com
	0.0.0.0 www.aiseesoft.com
	0.0.0.0 4videosoft.com
	0.0.0.0 www.4videosoft.com
	0.0.0.0 www.tipard.com
	0.0.0.0 tipard.com
	0.0.0.0 3herosoft.com
	0.0.0.0 www.3herosoft.com
	0.0.0.0 www.useesoft.com
	0.0.0.0 xilisoft.com
	0.0.0.0 www.xilisoft.com
	0.0.0.0 download.xilisoft.com

	## iStonsoft
	# Apps like: MOBI2epub
	0.0.0.0 www.istonsoft.com
	0.0.0.0 istonsoft.com

	# MacXDVD
	0.0.0.0 macxdvd.com
	0.0.0.0 www.macxdvd.com
	0.0.0.0 macxdvd.com


	# 5K Player and other 5K SW
	0.0.0.0 www.5kplayer.com
	0.0.0.0 5kplayer.com

	## ChungwaSoft
	# Mail Plug-ins and SW
	0.0.0.0 www.chungwasoft.com
	0.0.0.0 www.feingeist.io
	0.0.0.0 chungwasoft.com
	0.0.0.0 feingeist.io

	## Epubor Soft or Epubee
	# Fires up a couple of localhost servers to do stuff.
	0.0.0.0 chat.epubor.com
	0.0.0.0 code.epubor.com
	0.0.0.0 download.epubor.com
	0.0.0.0 trace.epubor.com
	0.0.0.0 epubee.com
	0.0.0.0 epubor.com

	## AniceSoft (Like ePubee)
	0.0.0.0 anicesoft.com
	0.0.0.0 www.anicesoft.com
	0.0.0.0 trace.anicesoft.com
	0.0.0.0 download.anicesoft.com
	0.0.0.0 code.anicesoft.com

	# FVD Show
	0.0.0.0 ffdshow-tryout.sourceforge.net
	0.0.0.0 ffdshow.sourceforge.net


	# TotalVideo (AKA eTinySoft, AKA ZiioSoft)
	0.0.0.0 etinysoft.com
	0.0.0.0 license.etinysoft.com
	0.0.0.0 update.etinysoft.com
	0.0.0.0 www.etinysoft.com
	0.0.0.0 effectmatrix.com
	0.0.0.0 www.effectmatrix.com
	0.0.0.0 ziiosoft.net
	0.0.0.0 www.ziiosoft.net
	0.0.0.0 updates.ziiosoft.net
	0.0.0.0 cdn.ziiosoft.net
	0.0.0.0 license.ziiosoft.net

	## Eltima
	# From Russia or Ukraina, first based in the US, now in Germany.
	# However, they use the same methods as the Chinese
	# OEMs, so they deserve a place on this list.

	0.0.0.0 activate.eltima.com
	0.0.0.0 eltima.com
	0.0.0.0 mac.eltima.com
	0.0.0.0 appstatico.com # Tracking that installs silently upon app launch
	0.0.0.0 appstatico.eltima.com # Tracking that installs silently upon app launch

	# Misc Collected by Scanning hardcoded URLs inside the Apps.
	# A few of the URLs could be legit ones.
	0.0.0.0 www.free-codecs.com
	0.0.0.0 free-codecs.com
	0.0.0.0 emajix.com
	0.0.0.0 www.emajix.com
	0.0.0.0 fontframe.com # Serves adware
	0.0.0.0 www.fontframe.com # Serves adware
	0.0.0.0 www.cyberlink.com
	0.0.0.0 cyberlink.com
	0.0.0.0 www.divxity.com # Affilate
	0.0.0.0 divxity.com # Affilate
	0.0.0.0 www.loronix.com # Intelligence Solutions
	0.0.0.0 loronix.com # Intelligence Solutions
	0.0.0.0 www.winimage.com
	0.0.0.0 winimage.com
	0.0.0.0 video-converter.jp
	0.0.0.0 www.video-converter.jp


	# ==========================================================
	# BROWSER EXTENSIONS
	# ==========================================================
	###### Browser Extensions Crap from Wondershare and iSkysoft
	# Looking inside Wondershare Video Converter for Mac
	# You will find the following entries:
	# http://192.168.10.48/WonderShare/Common/MacMediaLib/Trunk/Src/BrowserExtensions/
	# ExtensionsCode/Wondershare%20AllMyTube/Wondershare/Firefox/chrome
	# http://www.wontube.com/software/allmytube-plugin-mac/Aimersoft_chromeupdate.xml
	# http://www.wontube.com/software/allmytube-plugin-mac/AimersoftForVC_chromeupdate.xml
	# http://www.wontube.com/software/allmytube-plugin-mac/AllMyTube_chromeupdate.xml
	# http://www.wontube.com/software/allmytube-plugin-mac/iskydeluxe_chromeupdate.xml
	# http://www.wontube.com/software/allmytube-plugin-mac/iTube_chromeupdate.xml
	# http://www.wontube.com/software/allmytube-plugin-mac/Ultimate_chromeupdate.xml
	# http://www.wontube.com/software/allmytube-plugin-mac/xydownloader_chromeupdate.xml
	# http://www.wontube.com/software/allmytube-plugin-mac/XYDownloader_chromeupdate.xml
	# And as bonus:
	# A super weird blog URL to a Japanese Sex Monger: http://yckart.com/


	0.0.0.0 fvdsuite.com
	0.0.0.0 fvd-player.com
	0.0.0.0 fvd-converter.com
	0.0.0.0 flashvideodownloader.org
	0.0.0.0 www.flashvideodownloader.org
	0.0.0.0 rp.tadanadanet1.com
	0.0.0.0 tadanadanet1.com
	0.0.0.0 tadanadanet.com
	0.0.0.0 www.flash-video-soft.com
	0.0.0.0 wontube.com
	0.0.0.0 www.wontube.com
	0.0.0.0 xydownloader.com
	0.0.0.0 www.xydownloader.com

	# =====================================================================
	## B3. Chinese IPs used in known attacks that targets Wondershare/Others
	# Applications. Disable if there is legit use.
	# =====================================================================
	0.0.0.0 59.175.104.125
	0.0.0.0 59.175.109.66
	0.0.0.0 59.175.109.69
	0.0.0.0 59.175.119.235
	0.0.0.0 59.175.130.116
	0.0.0.0 59.175.130.176
	0.0.0.0 59.175.130.54
	0.0.0.0 59.175.132.102
	0.0.0.0 59.175.134.18
	0.0.0.0 59.175.134.20
	0.0.0.0 59.175.135.166
	0.0.0.0 59.175.137.247
	0.0.0.0 59.175.137.254
	0.0.0.0 59.175.137.531
	0.0.0.0 59.175.137.69
	0.0.0.0 59.175.142.170
	0.0.0.0 59.175.142.173
	0.0.0.0 59.175.142.190
	0.0.0.0 59.175.142.24
	0.0.0.0 59.175.142.29
	0.0.0.0 59.175.142.34
	0.0.0.0 59.175.142.38
	0.0.0.0 59.175.142.40
	0.0.0.0 59.175.142.50
	0.0.0.0 59.175.144.110
	0.0.0.0 59.175.144.123
	0.0.0.0 59.175.144.42
	0.0.0.0 59.175.144.85
	0.0.0.0 59.175.144.87
	0.0.0.0 59.175.145.102
	0.0.0.0 59.175.145.116
	0.0.0.0 59.175.145.124
	0.0.0.0 59.175.145.132
	0.0.0.0 59.175.145.154
	0.0.0.0 59.175.145.156
	0.0.0.0 59.175.145.166
	0.0.0.0 59.175.145.179
	0.0.0.0 59.175.145.200
	0.0.0.0 59.175.145.5
	0.0.0.0 59.175.147.82
	0.0.0.0 59.175.148.300
	0.0.0.0 59.175.148.34
	0.0.0.0 59.175.148.5
	0.0.0.0 59.175.148.59
	0.0.0.0 59.175.148.66
	0.0.0.0 59.175.148.79
	0.0.0.0 59.175.153.106
	0.0.0.0 59.175.153.150
	0.0.0.0 59.175.153.20
	0.0.0.0 59.175.153.27
	0.0.0.0 59.175.153.45
	0.0.0.0 59.175.153.51
	0.0.0.0 59.175.160.42
	0.0.0.0 59.175.180.18
	0.0.0.0 59.175.181.243
	0.0.0.0 59.175.181.247
	0.0.0.0 59.175.181.251
	0.0.0.0 59.175.182.146
	0.0.0.0 59.175.188.165
	0.0.0.0 59.175.188.82
	0.0.0.0 59.175.195.220
	0.0.0.0 59.175.201.152
	0.0.0.0 59.175.201.226
	0.0.0.0 59.175.213.67
	0.0.0.0 59.175.214.3
	0.0.0.0 59.175.218.126
	0.0.0.0 59.175.218.195
	0.0.0.0 59.175.230.59
	0.0.0.0 59.175.233.118
	0.0.0.0 59.175.238.11
	0.0.0.0 59.175.238.117
	0.0.0.0 59.175.238.122
	0.0.0.0 59.175.238.16
	0.0.0.0 59.175.238.19
	0.0.0.0 59.175.238.39
	0.0.0.0 59.175.238.68
	0.0.0.0 59.175.238.95
	0.0.0.0 59.175.238.977
	0.0.0.0 59.175.32.231
	0.0.0.0 59.175.37.80


	## BLOCKLIST END