False Positive | kilpatrickexecutive.com #1128
Comments
Verification Required@WasimAlhalabi, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:
Important Notes
How to Check the TXT Record ?You can verify that the TXT record is properly set using:
Thank you for your cooperation! We will address your issue as soon as possible after verification. The Phishing.Database Project Team. |
|
Thaks for your kind assistance. The TXT record is properly set https://mxtoolbox.com/SuperTool.aspx?action=txt%3a_phishingdb.kilpatrickexecutive.com&run=toolpage ----------------To: Phishing-Database/Phishing.Database ***@***.***);Cc: Mention ***@***.***);Subject: [Phishing-Database/Phishing.Database] False Positive | kilpatrickexecutive.com (Issue #1128);12.02.2025, 17:51, "Phishing Database" ***@***.***>:Verification ***@***.***, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:Set a DNS TXT record for the domain(s) listed in this issue with the following details:Record Name: _phishingdbRecord Value: antiphish-e82e2a1999dc18d0d3a90bc197a897e34e54ffeaYour Verification ID: antiphish-e82e2a1999dc18d0d3a90bc197a897e34e54ffeaWait for DNS propagation (this may take a few minutes to a few hours).Reply to this issue once the TXT record has been set.Important NotesVerification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.If the record cannot be set or you need alternative methods of verification, please contact us at ***@***.*** - preferably from the domain's official email address.How to Check the TXT Record ?You can verify that the TXT record is properly set using:Online tools like MXToolBox TXT Lookup.The command line: dig TXT _phishingdb.example.com
Thank you for your cooperation! We will address your issue as soon as possible after verification.The Phishing.Database Project Team.—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: ***@***.***>phishing-database-bot left a comment (Phishing-Database/Phishing.Database#1128)Verification ***@***.***, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:Set a DNS TXT record for the domain(s) listed in this issue with the following details:Record Name: _phishingdbRecord Value: antiphish-e82e2a1999dc18d0d3a90bc197a897e34e54ffeaYour Verification ID: antiphish-e82e2a1999dc18d0d3a90bc197a897e34e54ffeaWait for DNS propagation (this may take a few minutes to a few hours).Reply to this issue once the TXT record has been set.Important NotesVerification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.If the record cannot be set or you need alternative methods of verification, please contact us at ***@***.*** - preferably from the domain's official email address.How to Check the TXT Record ?You can verify that the TXT record is properly set using:Online tools like MXToolBox TXT Lookup.The command line:dig TXT _phishingdb.example.com
Thank you for your cooperation! We will address your issue as soon as possible after verification.The Phishing.Database Project Team.—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: ***@***.***>
|
|
@funilrys, this is a very good example of what is happening when you misconfiguration the issue templates... and using
ptcheck kilpatrickexecutive.com antiphish-e82e2a1999dc18d0d3a90bc197a897e34e54ffea Thanks for using my tools. |
Search resultsLookup provided by My Privacy DNS Hosts-SourcesExternal Hosts-Sources can be found here phishing_database/ALL-phishing-links.csv:kilpatrickexecutive.com
phishing_database/phishing.database/domain.csv:kilpatrickexecutive.comSorted resultEasyListMatrix blacklist projectMatrix blacklist project, FilteredResponse Policy Zone - RPZDid not find any matching RPZ records Known IssuesrgxRecord: kilpatrickexecutive.com
DNS lookupns1.dns-parking.com.
ns2.dns-parking.com.HTTP headerHTTP response, click to expand |
|
Hmm, can see you are using |
curlx -IL kilpatrickexecutive.com
HTTP/1.1 403 ForbiddenAnd since the domain ain't public available we can't test or verify is classification status. write back, if you decide to make your intranet domain a public available website. |
|
The DNS Server we are using is Hostinger, also the website is public https://www.kilpatrickexecutive.com
|
|
The access to the domain is still prohibited, I'll pass the issue to the next in line. To whom think they can access your intranet site, I only have access to public domains. curlx -IL kilpatrickexecutive.com
HTTP/1.1 403 Forbidden
Date: Thu, 13 Feb 2025 13:42:44 GMT
Content-Type: text/html
Content-Length: 4792
Connection: keep-alive
Vary: Accept-Encoding
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 7eaf0188975232baf91e620e71c956cc-srv-edge4kilpatrickexecutive.com. 172800 IN NS ns1.dns-parking.com.
kilpatrickexecutive.com. 172800 IN NS ns2.dns-parking.com.
kilpatrickexecutive.com. 60 IN A 77.37.83.177 |
|
I have disable the firewall temporary, now you can check the website public, please let me know when you fix the issue for phishing database, thanks |
|
Please enable the firewall once again... do you have some script running in the ISS that are turning your website into a intranet site, preventing the whitenet of TOR, while allowing the SpyNet full access? PS: still get 403 with curl over tor-network If you prefer we can take this talk more privately for keeping security in mind at @spirillen:matrix.org or https://mypdns.youtrack.cloud OR https://mypdns.youtrack.cloud/issue/PD-1273 (can set acl on who can read comments there) |
|
@spirillen no we do not have any script running in the ISS that is turning our website, PLease remove our website from your Database, that was an old issue for 4 years and we don't have such a thing right now. CRDF Labs confirmed removed as well |
|
One more thing the website is clean with www as you can see in the following: |
I would like to challenge that 100%
This proves you are blocking the tor network 100%, weather you are aware about it, despite my earlier proves. But as it turns out you are using WordPress, you might have a addon blocking your visitors from enter your website, costing you money at the end of the day. |
|
Fingerprinting?? sure looks like it
I have to parse this issue to someone else. I do not have possibilities to test your site, as I literately concerned about my privacy and network security doing so |
|
Yes we have a plugin to protect our WordPress website, All In One WP Security and Firewall, what is the issue if this is protecting the Tor network, we are asking about the phishing database, if there is no phishing now please remove the website from the database |
You’re not protecting anything; you’re actually preventing human rights, freedom, and democracy by only letting the big five surveillance companies’ meta sheep's in. You’ve withheld information about blocking access to a network that stands for freedom, and I’ve asked you about it directly! You're right; I'm done playing nice. I feel like I've wasted an hour of my free, unpaid time trying to help you solve your issue, and it's incredibly frustrating. |
What are the subjects of the false-positive (domains, URLs, or IPs)?
kilpatrickexecutive.com
http://kilpatrickexecutive.com
https://kilpatrickexecutive.com
Why do you believe this is a false-positive?
I believe this is a false-positive because... we have checked the website with many tools and our technical team reviewed the website there is no issue even when you used www.kilpatrickexecutive.com there were no issues such as this:
https://www.virustotal.com/gui/url/4548124669f45c1bd6f5b8cb46b2128dec8ecee8467a890feb23a442645218c1
How did you discover this false-positive(s)?
VirusTotal
Where did you find this false-positive if not listed above?
I discovered this false-positive by...
Have you requested a review from other sources?
I have requested a review from... https://www.phishtank.com/index.php but we didn't find any issue
Do you have a screenshot?
Screenshot
Additional Information or Context
I have also noticed that...
The text was updated successfully, but these errors were encountered: