Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False Positive | book.gigwell.com #1017

Closed
glade-at-gigwell opened this issue Jan 13, 2025 · 6 comments
Closed

False Positive | book.gigwell.com #1017

glade-at-gigwell opened this issue Jan 13, 2025 · 6 comments
Assignees
@mitchellkrogza @funilrys @g0d33p3rsec

Comments

@glade-at-gigwell
Copy link

What are the subjects of the false-positive (domains, URLs, or IPs)?

Why do you believe this is a false-positive?

We are a saas website and control the content very specifically. Occasionally, one of our temporary links gets flagged by an email user and we have to request URL removal. We're registered with Mcafee and Norton.

How did you discover this false-positive(s)?

Other (Please fill out the next box)

Where did you find this false-positive if not listed above?

Customers are reporting browser blockages.

Have you requested a review from other sources?

Yes, we have requested reviews through all other vendors, and we have 100% success rate in confirmation.
We are also submitting to Avira.

Do you have a screenshot?

We only have browser reports, i'm following up because this site lists you.

https://www.urlvoid.com/scan/book.gigwell.com/

Additional Information or Context

I have also noticed that...
@phishing-database-bot
Copy link
Member

Verification Required

@glade-at-gigwell, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

  1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

    • Record Name: _phishingdb
    • Record Value: antiphish-668b52aff39bad8af19d5b420ad38f4b91f55e53

    Your Verification ID: antiphish-668b52aff39bad8af19d5b420ad38f4b91f55e53

  2. Wait for DNS propagation (this may take a few minutes to a few hours).

  3. Reply to this issue once the TXT record has been set.

Important Notes

  • Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
  • If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

@spirillen
Copy link
Contributor

And for good reasons, you held a paypal phishing site.

However I can see it have cleaned.

If you get the TXT record added to your DNS, then we can proceed the whitelist process.

By the way. you should post a http code 410 not 302, that way our test program would have cached it, and removed you from the list.

HTTP response status codes 410 Gone

Indicates that the resource requested was previously in use but is no longer available and will not be available again. This should be used when a resource has been intentionally removed and the resource should be purged. Upon receiving a 410 status code, the client should not request the resource in the future. Clients such as search engines should remove the resource from their indices. Most use cases do not require clients and search engines to purge the resource, and a "404 Not Found" may be used instead.
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_client_errors

@glade-at-gigwell
Copy link
Author

And for good reasons, you held a paypal phishing site.

However I can see it have cleaned.

If you get the TXT record added to your DNS, then we can proceed the whitelist process.

By the way. you should post a http code 410 not 302, that way our test program would have cached it, and removed you from the list.

HTTP response status codes 410 Gone

Indicates that the resource requested was previously in use but is no longer available and will not be available again. This should be used when a resource has been intentionally removed and the resource should be purged. Upon receiving a 410 status code, the client should not request the resource in the future. Clients such as search engines should remove the resource from their indices. Most use cases do not require clients and search engines to purge the resource, and a "404 Not Found" may be used instead.
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_client_errors

What are you remotely talking about for Paypal phishing site? Please quote actual evidence.

@spirillen
Copy link
Contributor

First off, giving thums_down to people, and then exspect them to help you futher!!! er you in family with Trump?

With that attitude, you can walk all over the list your self https://urlscan.io/search/#gigwell.com, Roger out, mister thumbs down.

See if any other wants to help you out.

Details

image

@spirillen spirillen removed their assignment Jan 15, 2025
@glade-at-gigwell
Copy link
Author

This project could use some better decorum for handling issues. I simply asked for a link or evidence. A single, magic link that was scanned in an email is not phishing site.

@glade-at-gigwell
Copy link
Author

The links have been expired.

@github-project-automation github-project-automation bot moved this from 🆕 New to ✅ Done in Phishing Database Backlog Jan 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mitchellkrogza mitchellkrogza

@funilrys funilrys

@g0d33p3rsec g0d33p3rsec

Labels
None yet
Projects
Phishing Database Backlog
Status: ✅ Done
Milestone
No milestone
Development

No branches or pull requests
6 participants
@glade-at-gigwell @mitchellkrogza @funilrys @spirillen @g0d33p3rsec @phishing-database-bot