search

hagezi / dns-blocklists

DNS-Blocklists: For a better internet - keep the internet clean!
GNU General Public License v3.0
6.14k stars 207 forks source link

tropicalspicegarden.com #641

Closed ghost closed 1 year ago

ghost commented 1 year ago

What adblocker/DNS cloud service are you using?

uBlock Origin

Which blocklists are used?

Ultimate

Which domain(s) should be unblocked?

tropicalspicegarden.com

Why should the domain(s) be unblocked? If necessary, please describe the steps to reproduce.

https://github.com/hagezi/dns-blocklists/issues/93

hagezi commented 1 year ago

Blocked because phishing activities. Flagged: https://www.virustotal.com/gui/domain/tropicalspicegarden.com/detection

Domain:
 - tropicalspicegarden.com OK

Malware/Phishing/Scam:
 - Malicous?       POSSIBLE (1)

 - Threat?
   HaGeZi.TIF.LT   YES
   HaGeZi.TIF      YES
   HaGeZi.TIF.RAW  YES
   Quad9           NO
   OpenDNS         NO
   ThreatFox       NO
   URLhaus         NO
   ThreatView      NO
   KADHosts        NO

 - Phishing?
   Phishing.Army   YES
   PT/OP/PH        NO
   CERT.PL         NO
   Phishing.DB     YES

Top 1M rank:
 - Umbrella:       -/-
 - Tranco:         -/-
 - Chrome:         -/-

Secure DNS:
 - CleanBrowsing   OK
 - Cloudflare      OK
 - CONTROLD.TIF    BLOCKED
 - DNS0.eu         OK
 - DNS0.eu.ZERO    OK
 - NextDNS.TIF_AI  BLOCKED
 - NRD.DGA.IDN     OK
 - OpenDNS         OK
 - Quad9           OK
 - SafeDNS         OK
 - UltraDNS        OK

Blocklists:
 - 1Hosts.Lite     OK
 - 1Hosts.Mini     OK
 - 1Hosts.Pro      OK
 - AdGuardDNS      OK
 - AhaDNS          OK
 - CONTROLD        BLOCKED
 - DNSforge.de     BLOCKED
 - EasyList        OK
 - HaGeZi.LIGHT    BLOCKED
 - HaGeZi.NORMAL   BLOCKED
 - HaGeZi.PERSONAL BLOCKED
 - HaGeZi.PRO      BLOCKED
 - HaGeZi.PRO.PLUS BLOCKED
 - HaGeZi.ULTIMATE BLOCKED
 - hBlock          BLOCKED
 - Lightswitch05   OK
 - NextDNS         OK
 - NoTracking      BLOCKED
 - OISD            OK
 - QuidsUp.NOTRACK OK
 - StevenBlack     OK

Intels:
 - Google          https://transparencyreport.google.com/safe-browsing/search?url=tropicalspicegarden.com
 - VirusTotal      https://www.virustotal.com/en/domain/tropicalspicegarden.com/information/
 - AlienVault      https://otx.alienvault.com/indicator/domain/tropicalspicegarden.com
 - Bitdefender     https://trafficlight.bitdefender.com/info/?url=https%3A%2F%2Ftropicalspicegarden.com
 - FortiGuard      https://www.fortiguard.com/webfilter?q=tropicalspicegarden.com&type=&engine=1
 - Kaspersky       https://opentip.kaspersky.com/tropicalspicegarden.com?tab=web
 - McAfee          https://siteadvisor.com/sitereport.html?url=tropicalspicegarden.com
 - Norton          https://safeweb.norton.com/report/show?url=tropicalspicegarden.com
 - OpenDNS         https://domain.opendns.com/tropicalspicegarden.com
 - URLVoid         https://www.urlvoid.com/scan/tropicalspicegarden.com/
 - Yandex          https://yandex.com/safety/?l10n=en&url=tropicalspicegarden.com
hagezi commented 1 year ago

If it is false positive, then the operator should have the flags removed and request a deletion here:

https://phishing.army/ @drego85 https://github.com/mitchellkrogza/Phishing.Database

drego85 commented 1 year ago

This is a double request!

Please @bestplayerbot don't open another one, you have already been given all the clarifications!

And you also correctly opened an issues to the source of this problem.

Please wait for @mitchellkrogza to verify your report!

Thanks!