link.storjshare.io

[spatula75]

What adblocker/DNS cloud service are you using?

BIND/named response policy zone

Which blocklists are used?

https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/pro.txt

Which domain(s) should be unblocked?

link.storjshare.io

Why should the domain(s) be unblocked? If necessary, please describe the steps to reproduce.

This appears to be a generic CDN operated by https://www.storj.io/, not necessarily a site that serves up malware, trackers, etc. In particular, it is used by the Mastodon site tech.lgbt's media server, media.tech.lgbt (by virtue of a CNAME), to serve up general media content (images, videos, sound clips, etc).

[hagezi]

Flagged as phishing, blocked by a few SecureDNS, picked up as a new phishing domain here today:

https://github.com/mitchellkrogza/Phishing.Database/blob/f534c3a217737421faca3797a4552434a775ce62/phishing-domains-NEW-today.txt#L8237

Domain:
 - link.storjshare.io OK

Malware/Phishing/Scam:
 - Malicous?       POSSIBLE (1)

 - Threat?
   HaGeZi.TIF.LT   YES
   HaGeZi.TIF      YES
   HaGeZi.TIF.RAW  YES
   Quad9           NO
   OpenDNS         NO
   ThreatFox       NO
   URLhaus         NO
   ThreatView      NO
   KADHosts        NO

 - Phishing?
   Phishing.Army   NO
   PT/OP/PH        YES
   CERT.PL         NO
   Phishing.DB     NO

Top 1M rank:
 - Umbrella:       -/-
 - Tranco:         -/-
 - Chrome:         -/-

Secure DNS:
 - CleanBrowsing   BLOCKED
 - Cloudflare      BLOCKED
 - CONTROLD.TIF    OK
 - DNS0.eu         BLOCKED
 - DNS0.eu.ZERO    BLOCKED
 - NextDNS.TIF_AI  BLOCKED
 - NRD.DGA.IDN     OK
 - OpenDNS         OK
 - Quad9           OK
 - SafeDNS         BLOCKED
 - UltraDNS        OK

Blocklists:
 - 1Hosts.Lite     OK
 - 1Hosts.Mini     OK
 - 1Hosts.Pro      OK
 - AdGuardDNS      OK
 - AhaDNS          OK
 - CONTROLD        OK
 - DNSforge.de     BLOCKED
 - EasyList        OK
 - HaGeZi.LIGHT    BLOCKED
 - HaGeZi.NORMAL   BLOCKED
 - HaGeZi.PERSONAL BLOCKED
 - HaGeZi.PRO      BLOCKED
 - HaGeZi.PRO.PLUS BLOCKED
 - HaGeZi.ULTIMATE BLOCKED
 - hBlock          OK
 - Lightswitch05   OK
 - NextDNS         OK
 - NoTracking      OK
 - OISD            OK
 - QuidsUp.NOTRACK OK
 - StevenBlack     OK

Intels:
 - Google          https://transparencyreport.google.com/safe-browsing/search?url=link.storjshare.io
 - VirusTotal      https://www.virustotal.com/en/domain/link.storjshare.io/information/
 - AlienVault      https://otx.alienvault.com/indicator/domain/link.storjshare.io
 - Bitdefender     https://trafficlight.bitdefender.com/info/?url=https%3A%2F%2Flink.storjshare.io
 - FortiGuard      https://www.fortiguard.com/webfilter?q=link.storjshare.io&type=&engine=1
 - Kaspersky       https://opentip.kaspersky.com/link.storjshare.io?tab=web
 - McAfee          https://siteadvisor.com/sitereport.html?url=link.storjshare.io
 - Norton          https://safeweb.norton.com/report/show?url=link.storjshare.io
 - OpenDNS         https://domain.opendns.com/link.storjshare.io
 - URLVoid         https://www.urlvoid.com/scan/link.storjshare.io/
 - Yandex          https://yandex.com/safety/?l10n=en&url=link.storjshare.io

Sources:
 - malware-filter.io_malware-filter_phishing-filter-hosts
 - mitchellkrogza_phishing.database_phishing-domains-new-today

[hagezi]

When the domain is no longer flagged, it also disappears from my lists.

[spatula75]

Thanks for the information; I'll give the proprietors of the site a heads-up that they need to deal with an abusive site and/or get themselves delisted from the sites that are originating a block for them.