search

hagezi / dns-blocklists

DNS-Blocklists: For a better internet - keep the internet clean!
GNU General Public License v3.0
5.99k stars 203 forks source link

Xinjiang Police Files #1353

Closed orazioedoardo closed 1 year ago

orazioedoardo commented 1 year ago

Which AdBlocker/DNS cloud service do you use?

Other

Other

No response

NextDNS users only

Which blocklist(s) do you use?

Threat Intelligence Feeds

Which domain(s) should be unblocked?

xinjiangpolicefiles.org www.xinjiangpolicefiles.org

Why should the domain(s) be unblocked?

Domains listed are not serving ads nor malware. It's a single purpose website for leaked files regarding Xinjiang internment camps, see https://en.wikipedia.org/wiki/Xinjiang_Police_Files. It seems to originate from the Threat Intelligence feed and included Pro, Pro+, Ultimate, according to grep. Considering the topic of the website, it may have been a censorship attempt.

iam-py-test commented 1 year ago

Seems to come from https://raw.githubusercontent.com/stamparm/aux/master/maltrail-malware-domains.txt Ping @stamparm Notes:

orazioedoardo commented 1 year ago

OpenDNS seems to block this domain

It doesn't on my end (208.67.222.222 and 208.67.220.220).

iam-py-test commented 1 year ago

Odd. Maybe my tool is buggy

hagezi commented 1 year ago

Thank you for the support @iam-py-test. @orazioedoardo will be removed.

My report:

Domain:
 - xinjiangpolicefiles.org OK

Malware/Phishing/Scam:
 - Malicous?       POSSIBLE (1)

 - Threat?
   HaGeZi.TIF.LT   NO
   HaGeZi.TIF      YES
   HaGeZi.TIF.RAW  YES
   Quad9           NO
   OpenDNS         NO
   ThreatFox       NO
   URLhaus         NO
   ThreatView      NO
   KADHosts        NO

 - Phishing?
   Phishing.Army   NO
   PT/OP/PH        NO
   Phishing.DB     NO

Top 1M rank:
 - Umbrella:       -/-
 - Tranco:         802911/-
 - Chrome:         -/-

Secure DNS:
 - CleanBrowsing   OK
 - Cloudflare      OK
 - CONTROLD.TIF    OK
 - DNS0.eu         OK
 - DNS0.eu.ZERO    OK
 - NextDNS.TIF_AI  BLOCKED
 - NRD.DGA.IDN     OK
 - OpenDNS         OK
 - Quad9           OK
 - SafeDNS         OK
 - UltraDNS        OK

Blocklists:
 - 1Hosts.Lite     OK
 - 1Hosts.Mini     OK
 - 1Hosts.Pro      OK
 - AdGuardDNS      OK
 - AhaDNS          OK
 - CONTROLD        BLOCKED
 - DNSforge.de     OK
 - EasyList        OK
 - HaGeZi.LIGHT    OK
 - HaGeZi.NORMAL   OK
 - HaGeZi.PERSONAL OK
 - HaGeZi.PRO      BLOCKED
 - HaGeZi.PRO.PLUS BLOCKED
 - HaGeZi.ULTIMATE BLOCKED
 - hBlock          OK
 - Lightswitch05   OK
 - NextDNS         OK
 - NoTracking      BLOCKED
 - OISD            OK
 - QuidsUp.NOTRACK OK
 - StevenBlack     OK

Intels:
 - Google          https://transparencyreport.google.com/safe-browsing/search?url=xinjiangpolicefiles.org
 - VirusTotal      https://www.virustotal.com/en/domain/xinjiangpolicefiles.org/information/
 - AlienVault      https://otx.alienvault.com/indicator/domain/xinjiangpolicefiles.org
 - Bitdefender     https://trafficlight.bitdefender.com/info/?url=https%3A%2F%2Fxinjiangpolicefiles.org
 - FortiGuard      https://www.fortiguard.com/webfilter?q=xinjiangpolicefiles.org&type=&engine=1
 - Kaspersky       https://opentip.kaspersky.com/xinjiangpolicefiles.org?tab=web
 - McAfee          https://siteadvisor.com/sitereport.html?url=xinjiangpolicefiles.org
 - Norton          https://safeweb.norton.com/report/show?url=xinjiangpolicefiles.org
 - OpenDNS         https://domain.opendns.com/xinjiangpolicefiles.org
 - URLVoid         https://www.urlvoid.com/scan/xinjiangpolicefiles.org/
 - Yandex          https://yandex.com/safety/?l10n=en&url=xinjiangpolicefiles.org
github-actions[bot] commented 1 year ago

Thanks, domain(s) has been added to the allowlist and will be removed in the next update.

stamparm commented 1 year ago

sorry for late reply. removed it from maltrail repo. also, maltrail-malware-domains.txt should reflect the changes in max 24h (automatically pushed)