[FALSE-POSITIVE] #868
Comments
When you see someone from this "suckuri team" complaining, it almost always means that the page is not removed: I bet they just launched some "website malware scanner" to delete few scripts/files it considers malicious, then submit these requests and don't care to check even once whether phishing pages actually got deleted.
|
|
Hi there,
Can you please double check this for us. We made sure to remove the suspicious redirects. I have already cleared the cache from the Firewall. Please let us know if you still detect the redirection after we cleared the Firewall cache.
Regards,
John Edward Equiza
GoDaddy WSA | Remediation I
[https://email-sig.gd-resources.net/img/godaddy-guides-lockup.png]
***@***.******@***.***>
www.godaddy.com/contact-us<https://www.godaddy.com/contact-us>
www.godaddy.com/help<https://www.godaddy.com/help>
…________________________________
From: emi ***@***.***>
Sent: Thursday, April 18, 2024 11:55 AM
To: mitchellkrogza/Phishing.Database ***@***.***>
Cc: JohnEdward Equiza (Vendor) ***@***.***>; Author ***@***.***>
Subject: Re: [mitchellkrogza/Phishing.Database] [FALSE-POSITIVE] (Issue #868)
You don't often get email from ***@***.*** Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
Caution: This email is from an external sender. Please do not click links or open attachments unless you recognize the sender and know the content is safe. Forward suspicious emails to ***@***.***
We've scanned the site and remove all malicious content.
When you see someone from this "suckuri team" complaining, it almost always means that the page is not removed:
https://urlscan.io/result/e8994c9e-324c-40a4-801b-8a8a4d43dc67/
I bet they just launched some "website malware scanner" to delete few scripts/files it considers malicious, then submit these requests and don't care to check even once whether phishing pages actually got deleted.
bishopberrian.com - urlscan.io<https://urlscan.io/result/e8994c9e-324c-40a4-801b-8a8a4d43dc67/>
urlscan.io - Website scanner for suspicious and malicious URLs
—
Reply to this email directly, view it on GitHub<#868 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/BH5B646RSGPZGNRA2RT35LTY5474JAVCNFSM6AAAAABGMLU2B2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANRSHE2DGNJZGY>.
You are receiving this because you authored the thread.Message ID: ***@***.***>
|
|
bishopberrian.com/fitnessbase looks removed now.
Why couldn't you do this before sending these requests? I've also found that the site is also serving malware: http://bishopberrian.com/22.exe -> http://bishopberrian.com/1.exe https://app.any.run/tasks/91ed7f5f-970a-42b2-a7bb-b97c66104095 How come you missed this too? Shouldn't be too hard to find when you have full access to files list. |
Domains or links
Please list any domains and links listed here which you believe are a false positive.
More Information
How did you discover your web site or domain was listed here?
Have you requested removal from other sources?
Please include all relevant links to your existing removals / whitelistings.
E-mailed Antiy: support@antiy.cn [undefined:support@antiy.cn]
E-mailed SOCRadar: info@socradar.io
E-mailed Cluster25: threatintel@cluster25.io
E-mailed CyRadar: contact@cyradar.com [undefined:contact@cyradar.com
E-mailed Phishtank:
https://submit.gdatasoftware.com/privacy
https://safetoopen.com/contact
https://www.criminalip.io/contact-us
https://www.alphamountain.ai/
https://www.avira.com/en/analysis/submit-url
https://www.bitdefender.com/consumer/support/answer/29358/
https://www.brightcloud.com/tools/change-request.php#
https://helpdesk.vipre.com/hc/en-us/requests/new
https://www.brightcloud.com/tools/change-request.php
https://www.phishtank.com/phish_detail.php?phish_id=8451615
Additional context
We've scanned the site and remove all malicious content.
Sucuri Team
❗
We understand being listed on a Phishing Database like this can be frustrating and embarrassing for many web site owners. The first step is to remain calm. The second step is to rest assured one of our maintainers will address your issue as soon as possible. Please make sure you have provided as much information as possible to help speed up the process.
Send a Pull Request for faster removal
Users who understand github and creating Pull Requests can assist us with faster removals by sending a PR to mitchellkrogza/phishing repository, on the falsepositive.list file
The text was updated successfully, but these errors were encountered: