Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False Positive | mobilephotokiosk.com #1103

Closed
idformats opened this issue Feb 5, 2025 · 4 comments
Closed

False Positive | mobilephotokiosk.com #1103

idformats opened this issue Feb 5, 2025 · 4 comments

Comments

@idformats
Copy link

What are the subjects of the false-positive (domains, URLs, or IPs)?

https://mobilephotokiosk.com/

Why do you believe this is a false-positive?

I believe this is a false-positive because Pixel-Tech on behalf which I'm contanting you is an owner of this domain. Second our domain: mobilephotokiosk.app had the same issue and has been whitelisted by you.

How did you discover this false-positive(s)?

VirusTotal

Where did you find this false-positive if not listed above?

I discovered this false-positive by VirusTotal.

Have you requested a review from other sources?

I have requested a review from several other vendors. We were whitelisted and waiting for an update at VirusTotal.

Image

Image

Do you have a screenshot?

Screenshot

Additional Information or Context

I have also noticed that the situation is strange. We bought mobilephotokiosk.com domain two days ago to solve some problems with mobilephotokiosk.app. It has almost immediately been blacklisted.
@phishing-database-bot
Copy link
Member

Verification Required

@idformats, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

  1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

    • Record Name: _phishingdb
    • Record Value: antiphish-4f5d637607374ed30924de9e0a4d8e84a55ebe13

    Your Verification ID: antiphish-4f5d637607374ed30924de9e0a4d8e84a55ebe13

  2. Wait for DNS propagation (this may take a few minutes to a few hours).

  3. Reply to this issue once the TXT record has been set.

Important Notes

  • Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
  • If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

@idformats
Copy link
Author

Done.

@spirillen
Copy link
Contributor

spirillen commented Feb 6, 2025
edited
Loading

Done.

Should I give you a good ol' wipe-down now, or are you saving that for a special occasion 😏 ?

ptcheck mobilephotokiosk.com antiphish-4f5d637607374ed30924de9e0a4d8e84a55ebe13
The test value matches the DNS TXT record.

Thanks for using my tools.
Please consider a sponsor ship at https://www.mypdns.org/donate

Update: I do not see any records for this domain in the lists..

@spirillen
Copy link
Contributor

Search results

Lookup provided by My Privacy DNS

Hosts-Sources

External Hosts-Sources can be found here



Sorted result




EasyList




Matrix blacklist project




Matrix blacklist project, Filtered




Response Policy Zone - RPZ


Did not find any matching RPZ records


Known Issues



DNS lookup


ns1-08.azure-dns.com.
ns2-08.azure-dns.net.
ns3-08.azure-dns.org.
ns4-08.azure-dns.info.
;; Warning: Client COOKIE mismatch


HTTP header


HTTP response, click to expand

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Feb 2025 08:32:44 GMT
Server: Kestrel
Set-Cookie: TiPMix=48.498370316150364; path=/; HttpOnly; Domain=mobilephotokiosk.com; Max-Age=3600; Secure; SameSite=None
Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=mobilephotokiosk.com; Max-Age=3600; Secure; SameSite=None
Set-Cookie: .AspNetCore.Mvc.CookieTempDataProvider=CfDJ8FDDUl03ZPRAmWNERZOBmPrZACf9q3byrLOXjNeVAIrPnHaqsZSzpbchbw0aDEp3qnqQ47MP8HCw09AS40iuJ4j1q-gLhnsn2RDMxXbxcoe2SDV4fOSTqfTu-RPvcg47B5Mb8V9DFlCNzYLIgrwjwYIFkPTlWxrFzcTktuDyNrPy; path=/; samesite=lax; httponly
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:c6cbdadb-1312-4729-9a9d-5f80d7a4909c
PT-IS-BETA: False
PT-INSTANCE-ID: ca1ff062b08be75077eb168ad82ba2b69bd4131fa3b74c9604a17248dd47bcf5
PT-COMPUTER-NAME: ln0xsdlwk0000RB
PT-CUSTOM-SLOT-NAME: production




      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
            

    


    

    

      
    

    


      

          @github-project-automation
github-project-automation
bot



          moved this from 🆕 New
  to ✅ Done
  in Phishing Database Backlog


      Feb 6, 2025

    

  



    











  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                    




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

    None yet







      

  

    

        

    Projects
  


        




        
  

    

      
          
        Phishing Database Backlog
        
    

    

      

            
    Status: ✅ Done

              
      

    

    

  







  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    
      

        
    

    Development
  




          
    
No branches or pull requests







    
  




      

    

  
      

  

    

      6 participants
    

    

        
          @mitchellkrogza 
        
          @funilrys 
        
          @spirillen 
        
          @g0d33p3rsec 
        
          @phishing-database-bot 
        
          @idformats