False Positive | sibalogtv.com

[Fernandof28]

What are the subjects of the false-positive (domains, URLs, or IPs)?

https://sibalogtv.com/Fundacion
https://sibalogtv.com/Scotiabank
https://sibalogtv.com/hsbc)

Why do you believe this is a false-positive?

This Domain www.sibalogtv.com is for Ecommerce B2B, we verified the site is clean, we check malware and the team of Quttera verified the site is clean

The domain is in your blacklist, please help me testing again the URL

How did you discover this false-positive(s)?

VirusTotal

Where did you find this false-positive if not listed above?

I discovered this false-positive by...

Have you requested a review from other sources?

The team of Quttera and Sucuri, check the site and is clean

Do you have a screenshot?

Screenshot


Additional Information or Context

I have also noticed that...

[spirillen]

Can't help you, as you are denying the public access to the domain

[spirillen]

https://www.sibalogtv.com/scotiabank
https://www.sibalogtv.com/scotiabank/index24.php
http://www.sibalogtv.com/scotiabank

[Fernandof28]

Hi,

The site is working, but you are trying to access a File don´t exist (Index24.php)

Checking the server, I see that there are no Blocked IP's, the screen you send me is of the application Firewall that is activated in the event of suspicious activity, could you share your IP with me to investigate with the Quttera and Sucuri team why your computer is blocked when doing URL validation

[g0d33p3rsec]

Can't help you, as you are denying the public access to the domain

urlscan shows 404s for that URI which matches @Fernandof28's statement. I was not previously aware that GoDaddy offered a WAF, interesting.

[spirillen]

GoDaddy offered a WAF, interesting.

Can tell you it blocks out about every one, especially when you use tor network, for privacy = Gofloffy are not into freedom and democracy 😒 just like Putin and trump

could you share your IP

Nope, rotate constantly, thanks to Tor 👍🏻

investigate with the Quttera and Sucuri

Could be nice if you tell them, you are loosing bunch of legit visitors as they are blocking the white-net/Light-net of Tor, while allowing the Evil net 😉

@g0d33p3rsec are you adding this one to the whitelist? I'm on my way out

[g0d33p3rsec]

@g0d33p3rsec are you adding this one to the whitelist? I'm on my way out

Sure, I'll take care of that right now. I like to have at least one other set of eyes on a domain I didn't make the initial report for.

[g0d33p3rsec]

@g0d33p3rsec are you adding this one to the whitelist? I'm on my way out

It should be addressed in Phishing-Database/phishing#557. Can you or one of the other maintainers verify that it is on the appropriate list before I merge it?

[g0d33p3rsec]

@Fernandof28 I added the domain in Phishing-Database/phishing#557 and requested a review from the other maintainers.

It may take a little while for the results to propagate once merged.