What are the subjects of the false-positive (domains, URLs, or IPs)?
digitaloceanspaces.com
nyc3.digitaloceanspaces.com
ams3.digitaloceanspaces.com
sfo2.digitaloceanspaces.com
sfo3.digitaloceanspaces.com
sgp1.digitaloceanspaces.com
lon1.digitaloceanspaces.com
fra1.digitaloceanspaces.com
tor1.digitaloceanspaces.com
blr1.digitaloceanspaces.com
syd1.digitaloceanspaces.com
Why do you believe this is a false-positive?
Hello,
My name is Tim Dawson, and I work on the Security team at DigitalOcean. It was recently brought to our attention that several of our regional endpoints for our S3-compatible Object Storage product, Spaces (https://www.digitalocean.com/products/spaces), are listed as Suspicious or Malicious on VirusTotal. I'm contacting vendors who have any of the following URLs listed in order to:
- Request information regarding next steps in delisting them, and
- Recommend that these URLs be excluded from future listing, as these URLs merely represent the gateway endpoints for the entire Spaces service in that region and therefore should never be classified as malicious:
digitaloceanspaces.com
nyc3.digitaloceanspaces.com
ams3.digitaloceanspaces.com
sfo2.digitaloceanspaces.com
sfo3.digitaloceanspaces.com
sgp1.digitaloceanspaces.com
lon1.digitaloceanspaces.com
fra1.digitaloceanspaces.com
tor1.digitaloceanspaces.com
blr1.digitaloceanspaces.com
syd1.digitaloceanspaces.com
We would like to reiterate DigitalOcean’s commitment to keeping our platform free of abuse. As part of this process, we would be happy to review and expedite the removal of any specific Spaces URLs currently listed in your system that are actively engaged in abusive behavior. You can find our Terms of Service and Acceptable Use Policy on the following pages:
https://www.digitalocean.com/legal/terms-of-service-agreement
https://www.digitalocean.com/legal/acceptable-use-policy
Additionally, we operate an API which provides privileged actions for trusted reporters. Reports submitted via this API will be actioned via an automated system and drastically reduce time to takedown for URLs submitted by verified reporters. If you are interested in being onboarded for access to this, please let me know and I would be happy to provide more information.
Please let me know if you have any questions or concerns. We look forward to hearing from you.
How did you discover this false-positive(s)?
VirusTotal
Where did you find this false-positive if not listed above?
Via VirusTotal and customer reports.
Have you requested a review from other sources?
Yes, we are requesting review from all other vendors who currently have these URLs listed.
Do you have a screenshot?
No applicable screenshots to provide.
Additional Information or Context
To summarize: these URLs are only the regional gateway endpoints for our S3 service, and should not be classified as malicious. We will take swift action on any reports for specific Spaces URLs hosting malicious content.
What are the subjects of the false-positive (domains, URLs, or IPs)?
digitaloceanspaces.com
nyc3.digitaloceanspaces.com
ams3.digitaloceanspaces.com
sfo2.digitaloceanspaces.com
sfo3.digitaloceanspaces.com
sgp1.digitaloceanspaces.com
lon1.digitaloceanspaces.com
fra1.digitaloceanspaces.com
tor1.digitaloceanspaces.com
blr1.digitaloceanspaces.com
syd1.digitaloceanspaces.com
Why do you believe this is a false-positive?
Hello,
My name is Tim Dawson, and I work on the Security team at DigitalOcean. It was recently brought to our attention that several of our regional endpoints for our S3-compatible Object Storage product, Spaces (https://www.digitalocean.com/products/spaces), are listed as Suspicious or Malicious on VirusTotal. I'm contacting vendors who have any of the following URLs listed in order to:
We would like to reiterate DigitalOcean’s commitment to keeping our platform free of abuse. As part of this process, we would be happy to review and expedite the removal of any specific Spaces URLs currently listed in your system that are actively engaged in abusive behavior. You can find our Terms of Service and Acceptable Use Policy on the following pages:
https://www.digitalocean.com/legal/terms-of-service-agreement
https://www.digitalocean.com/legal/acceptable-use-policy
Additionally, we operate an API which provides privileged actions for trusted reporters. Reports submitted via this API will be actioned via an automated system and drastically reduce time to takedown for URLs submitted by verified reporters. If you are interested in being onboarded for access to this, please let me know and I would be happy to provide more information.
Please let me know if you have any questions or concerns. We look forward to hearing from you.
How did you discover this false-positive(s)?
VirusTotal
Where did you find this false-positive if not listed above?
Via VirusTotal and customer reports.
Have you requested a review from other sources?
Yes, we are requesting review from all other vendors who currently have these URLs listed.
Do you have a screenshot?
No applicable screenshots to provide.
Additional Information or Context
To summarize: these URLs are only the regional gateway endpoints for our S3 service, and should not be classified as malicious. We will take swift action on any reports for specific Spaces URLs hosting malicious content.