mitchellkrogza/phishing

False positive still in effect a long time after whitelisting PR merge

taraldr opened this issue · 1 comments

taraldr commented

Domain/URL/IP(s) you believe NOT to be Phishing

https://current.aletheia-test.idtech.no/authorization

Whitelist type

  • 1 to 1 match
  • ALL subdomains or REGEX
  • RZD all sub- and top level domains matching given record(s)

More Information

  • Website was hacked
  • Phishtank
  • OpenPhish
  • VirusTotal
  • Other (Please fill out the next box)

Related external source

No response

Screenshot

No response

Additional context

Whitelisting PR (#380) was merged three days ago, but virustotal still says Phishing Database reports the site as malicious. Why isn't the whitelisting reflected in virustotal yet?

Virustotal link: https://www.virustotal.com/gui/url/164248c4b08e36070dfdbae6a849b4fc079a7e7501ea2015a1922f913c93d016?nocache=1

spirillen commented

Hmm, I do not find you in the phishing lists, but in tracking lists, which mean you need to contact Alphabet (VT)

dsearch idtech.no

Search result from External Hosts-Sources

@mypdns's External Hosts-Sources can be found here

remote: Enumerating objects: 683, done.
remote: Counting objects: 100% (683/683), done.
remote: Compressing objects: 100% (95/95), done.
remote: Total 683 (delta 585), reused 683 (delta 585), pack-reused 0
Receiving objects: 100% (683/683), 36.04 MiB | 3.40 MiB/s, done.
Resolving deltas: 100% (585/585), completed with 72 local objects.
From github.com:Import-External-Sources/hosts-sources
04c66e803..493e51f9d master -> 0xacab/master

data/badmojr1Hosts.txt:browser-report.preview.oidc.idtech.no
data/badmojr1Hosts.txt:idtech.no
data/badmojr1Hosts.txt:oidc.idtech.no
data/badmojr1Hosts.txt:preview.oidc.idtech.no

Sorted result

browser-report.preview.oidc.idtech.no
idtech.no
oidc.idtech.no
preview.oidc.idtech.no

Search result from easylist

remote: Enumerating objects: 587, done.
remote: Counting objects: 100% (587/587), done.
remote: Compressing objects: 100% (208/208), done.
remote: Total 587 (delta 413), reused 522 (delta 379), pack-reused 0
Receiving objects: 100% (587/587), 2.51 MiB | 2.95 MiB/s, done.
Resolving deltas: 100% (413/413), completed with 14 local objects.
From github.com:easylist/easylist
418473ec785..ead5067b49d master -> origin/master
d301bee8c4e..492c87ee256 gh-pages -> origin/gh-pages



Search in Matrix


Search results from Matrix blacklist project




Did not find any matching RPZ records


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+ Thanks to My Privacy DNS for this knowledge

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++