Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False Positive | https://home.oxfordowl.co.uk/ #1023

Closed
sucuri-cleanups opened this issue Jan 15, 2025 · 3 comments
Closed

False Positive | https://home.oxfordowl.co.uk/ #1023

sucuri-cleanups opened this issue Jan 15, 2025 · 3 comments
Assignees
@spirillen @g0d33p3rsec
Labels
wontfix This will not be worked on

Comments

@sucuri-cleanups
Copy link

What are the subjects of the false-positive (domains, URLs, or IPs)?

(https://home.oxfordowl.co.uk/)

Why do you believe this is a false-positive?

I believe this is a false-positive because...
the site has been cleaned

How did you discover this false-positive(s)?

VirusTotal

Where did you find this false-positive if not listed above?

I discovered this false-positive by...

Have you requested a review from other sources?

I have requested a review from...

Do you have a screenshot?

Screenshot

Additional Information or Context

I have also noticed that...
@phishing-database-bot
Copy link
Member

Verification Required

@sucuri-cleanups, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

  1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

    • Record Name: _phishingdb
    • Record Value: antiphish-122760feb4181f7c8aaf1113c29870fe215d7891

    Your Verification ID: antiphish-122760feb4181f7c8aaf1113c29870fe215d7891

  2. Wait for DNS propagation (this may take a few minutes to a few hours).

  3. Reply to this issue once the TXT record has been set.

Important Notes

  • Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
  • If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

@emidaniel
Copy link

emidaniel commented Jan 30, 2025
edited
Loading

the site has been cleaned

It just got reinfected with russian phish pages again
https://home.oxfordowl.co.uk/wp-content/languages/plugin/kogop/njoa/wokd/kows/hotd/mok/doaz/index.php
https://urlscan.io/result/289863d8-1f77-4031-a4f3-97f0f03fb5d3/

Note that it also has been "cleaned" twice before.
Such behavior is consistent in this company: #868 (comment)

@spirillen
Copy link
Contributor

It appears that there are some significant security concerns that need to be addressed before we can proceed with the whitelist process.

Due to these security issues, I won’t be able to add your domain to the whitelist, as doing so will lead to a permanent removal from the results of phishing domains and URIs.

I truly empathize with your situation and understand how you might be feeling. However, the importance of overall online security must take precedence over any individual domain.

Thank you for your understanding.

@github-project-automation github-project-automation bot moved this from 🆕 New to ✅ Done in Phishing Database Backlog Feb 2, 2025
@spirillen spirillen added the wontfix This will not be worked on label Feb 2, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spirillen spirillen

@g0d33p3rsec g0d33p3rsec

Labels
wontfix This will not be worked on
Projects
Phishing Database Backlog
Status: ✅ Done
Milestone
No milestone
Development

No branches or pull requests
7 participants
@mitchellkrogza @funilrys @spirillen @sucuri-cleanups @g0d33p3rsec @emidaniel @phishing-database-bot