Closed orazioedoardo closed 1 year ago
Seems to come from https://raw.githubusercontent.com/stamparm/aux/master/maltrail-malware-domains.txt Ping @stamparm Notes:
https://xinjiangpolicefiles.org:443/IE9CompatViewList.xml
, which no longer existsOpenDNS seems to block this domain
It doesn't on my end (208.67.222.222 and 208.67.220.220).
Odd. Maybe my tool is buggy
Thank you for the support @iam-py-test. @orazioedoardo will be removed.
My report:
Domain:
- xinjiangpolicefiles.org OK
Malware/Phishing/Scam:
- Malicous? POSSIBLE (1)
- Threat?
HaGeZi.TIF.LT NO
HaGeZi.TIF YES
HaGeZi.TIF.RAW YES
Quad9 NO
OpenDNS NO
ThreatFox NO
URLhaus NO
ThreatView NO
KADHosts NO
- Phishing?
Phishing.Army NO
PT/OP/PH NO
Phishing.DB NO
Top 1M rank:
- Umbrella: -/-
- Tranco: 802911/-
- Chrome: -/-
Secure DNS:
- CleanBrowsing OK
- Cloudflare OK
- CONTROLD.TIF OK
- DNS0.eu OK
- DNS0.eu.ZERO OK
- NextDNS.TIF_AI BLOCKED
- NRD.DGA.IDN OK
- OpenDNS OK
- Quad9 OK
- SafeDNS OK
- UltraDNS OK
Blocklists:
- 1Hosts.Lite OK
- 1Hosts.Mini OK
- 1Hosts.Pro OK
- AdGuardDNS OK
- AhaDNS OK
- CONTROLD BLOCKED
- DNSforge.de OK
- EasyList OK
- HaGeZi.LIGHT OK
- HaGeZi.NORMAL OK
- HaGeZi.PERSONAL OK
- HaGeZi.PRO BLOCKED
- HaGeZi.PRO.PLUS BLOCKED
- HaGeZi.ULTIMATE BLOCKED
- hBlock OK
- Lightswitch05 OK
- NextDNS OK
- NoTracking BLOCKED
- OISD OK
- QuidsUp.NOTRACK OK
- StevenBlack OK
Intels:
- Google https://transparencyreport.google.com/safe-browsing/search?url=xinjiangpolicefiles.org
- VirusTotal https://www.virustotal.com/en/domain/xinjiangpolicefiles.org/information/
- AlienVault https://otx.alienvault.com/indicator/domain/xinjiangpolicefiles.org
- Bitdefender https://trafficlight.bitdefender.com/info/?url=https%3A%2F%2Fxinjiangpolicefiles.org
- FortiGuard https://www.fortiguard.com/webfilter?q=xinjiangpolicefiles.org&type=&engine=1
- Kaspersky https://opentip.kaspersky.com/xinjiangpolicefiles.org?tab=web
- McAfee https://siteadvisor.com/sitereport.html?url=xinjiangpolicefiles.org
- Norton https://safeweb.norton.com/report/show?url=xinjiangpolicefiles.org
- OpenDNS https://domain.opendns.com/xinjiangpolicefiles.org
- URLVoid https://www.urlvoid.com/scan/xinjiangpolicefiles.org/
- Yandex https://yandex.com/safety/?l10n=en&url=xinjiangpolicefiles.org
Thanks, domain(s) has been added to the allowlist and will be removed in the next update.
sorry for late reply. removed it from maltrail repo. also, maltrail-malware-domains.txt should reflect the changes in max 24h (automatically pushed)
Which AdBlocker/DNS cloud service do you use?
Other
Other
No response
NextDNS users only
Which blocklist(s) do you use?
Threat Intelligence Feeds
Which domain(s) should be unblocked?
xinjiangpolicefiles.org www.xinjiangpolicefiles.org
Why should the domain(s) be unblocked?
Domains listed are not serving ads nor malware. It's a single purpose website for leaked files regarding Xinjiang internment camps, see https://en.wikipedia.org/wiki/Xinjiang_Police_Files. It seems to originate from the Threat Intelligence feed and included Pro, Pro+, Ultimate, according to
grep
. Considering the topic of the website, it may have been a censorship attempt.