No blocking enabled, but one client keeps getting blocked going to siasky.net.
Several times a day, one client will get blocked going to siasky.net. Googling siasky, it appears to be some kind of cryptocurrency malware.
(moderator edit: explicit debug log removed)
(For your own privacy and security, please do not post your full, unsanitised debug log.
We just ask for the token. )
siasky.net is either not resolvable at all or blocked by at least one of the upstream DNS servers, as demonstrable running dig siasky.net @9.9.9.11.
If an upstream would reject a query as blocked, that would show up as Blocked (external) in Pi-hole's Query Log.
Yes. The log entry calls it:
" Query Status: **Blocked (external, NXRA) Reply: NXDOMAIN"
which indicates it is being blocked by an upstream server; not pihole itself.
I presume there is something causing the query to happen on my computer, but all the malware scanners I've run have not found the source.