False Positive | clear-armor.com

[candycaineb]

What are the subjects of the false-positive (domains, URLs, or IPs)?

clear-armor.com

Why do you believe this is a false-positive?

I believe this is a false-positive because...
We have ensured all safety best practices and have found no malware or vulnerabilities on the site. All scanning tools and manual checks determine the site to be safe

How did you discover this false-positive(s)?

Other (Please fill out the next box)

Where did you find this false-positive if not listed above?

I discovered this false-positive by...
Few/certain secured networks flag this site as malicious and phishing.

Have you requested a review from other sources?

I have requested a review from...
Yes, everyone has removed the site from their phising dbs
https://www.urlvoid.com/scan/clear-armor.com/

Do you have a screenshot?

[Screenshot](https://docs.google.com/document/d/18_2eRWIEwesZt5ACQp5n_11yILenSOVJ2YSI3H7tALI/edit?usp=sharing)

Additional Information or Context

I have also noticed that...

[phishing-database-bot]

Verification Required

@candycaineb, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

   • Record Name: _phishingdb
   • Record Value: antiphish-323f8c3979a4a46742211817ce00efc6251c6118

   Your Verification ID: antiphish-323f8c3979a4a46742211817ce00efc6251c6118

2. Wait for DNS propagation (this may take a few minutes to a few hours).

3. Reply to this issue once the TXT record has been set.

Important Notes

• Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
• If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

• Online tools like MXToolBox TXT Lookup.
• The command line:

  dig TXT _phishingdb.example.com
  

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

[spirillen]

Please solve title on issue to match your domain

[candycaineb]

Verification Required

@candycaineb, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

   • Record Name: _phishingdb
   • Record Value: antiphish-323f8c3979a4a46742211817ce00efc6251c6118

   Your Verification ID: antiphish-323f8c3979a4a46742211817ce00efc6251c6118

2. Wait for DNS propagation (this may take a few minutes to a few hours).

3. Reply to this issue once the TXT record has been set.

Important Notes

• Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
• If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

• Online tools like MXToolBox TXT Lookup.
• The command line:

  dig TXT _phishingdb.example.com
  

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

Just added this as a txt record, thanks!

[spirillen]

how did you add _phishingdb.example.com to example.com?

[spirillen]

ptcheck clear-armor.com antiphish-323f8c3979a4a46742211817ce00efc6251c6118
The test value does not match the DNS TXT record.

Thanks for using my tools.
Please consider a sponsor ship at https://www.mypdns.org/donate

[candycaineb]

Hello & thanks for the quick response, I’ve added it via GoDaddy, looks like someone else added one previously as well. Also, I updated the site in Github. Let me know if I need to do anything else. Thanks, Caine

…

On Feb 7, 2025, at 12:00 PM, spirillen ***@***.***> wrote: ptcheck <http://www.mypdns.org/r/tools/ptcheck?utm_source=github&utm_medium=github_Issues&mtm_campaign=github&mtm_kwd=ptcheck> clear-armor.com antiphish-323f8c3979a4a46742211817ce00efc6251c6118 The test value does not match the DNS TXT record. Thanks for using my tools. Please consider a sponsor ship at https://www.mypdns.org/donate <https://www.mypdns.org/donate> — Reply to this email directly, view it on GitHub <#1117 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADNVAB2ZEE7CSHQOU7GU5YD2OTRDXAVCNFSM6AAAAABWWKIE2GVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMNBTGQ4DMOJXHA>. You are receiving this because you were mentioned.

[candycaineb]

Hello, Just got this updated so the only _phishingdb TXT record is the one ending in 118. When I run dig TXT _phishingdb.clear-armor.com <http://phishingdb.clear-armor.com/>, I still get the old value but it should propagate soon. Thanks, Caine

…

On Feb 7, 2025, at 2:54 PM, caine barber ***@***.***> wrote: Hello & thanks for the quick response, I’ve added it via GoDaddy, looks like someone else added one previously as well. Also, I updated the site in Github. Let me know if I need to do anything else. Thanks, Caine <Screen Shot 2025-02-07 at 2.53.46 PM.png> > On Feb 7, 2025, at 12:00 PM, spirillen ***@***.*** ***@***.***>> wrote: > > > ptcheck <http://www.mypdns.org/r/tools/ptcheck?utm_source=github&utm_medium=github_Issues&mtm_campaign=github&mtm_kwd=ptcheck> clear-armor.com <http://clear-armor.com/> antiphish-323f8c3979a4a46742211817ce00efc6251c6118 > The test value does not match the DNS TXT record. > > Thanks for using my tools. > Please consider a sponsor ship at https://www.mypdns.org/donate > > — > Reply to this email directly, view it on GitHub <#1117 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADNVAB2ZEE7CSHQOU7GU5YD2OTRDXAVCNFSM6AAAAABWWKIE2GVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMNBTGQ4DMOJXHA>. > You are receiving this because you were mentioned. >

[spirillen]

It should have been propagated after an hour, check your serial (SOA record)

[candycaineb]

Hello, Apparently we had to do it on virtual ave instead. Now they should be good. Thanks, Caine

…

On Feb 7, 2025, at 4:52 PM, spirillen ***@***.***> wrote: It should have been propagated after an hour, check your serial (SOA record) image.png (view on web) <https://github.com/user-attachments/assets/66d0a6a3-30c2-4659-a2cb-57ef03b081bb> — Reply to this email directly, view it on GitHub <#1117 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADNVAB2TEGWWT3V45MAIJXD2OUTKJAVCNFSM6AAAAABWWKIE2GVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMNBUGE4TMMBZGQ>. You are receiving this because you were mentioned.

[spirillen]

That seems better

$ ptcheck clear-armor.com antiphish-323f8c3979a4a46742211817ce00efc6251c6118
The test value matches the DNS TXT record.

Thanks for using my tools.
Please consider a sponsor ship at https://www.mypdns.org/donate

Now lets move on...

[spirillen]

Search results

Lookup provided by My Privacy DNS

Hosts-Sources

External Hosts-Sources can be found here

Ultimate.Hosts.Blacklist1.csv:clear-armor.com
phishing_database/ALL-phishing-links.csv:clear-armor.com
phishing_database/phishing.database/domain.csv:clear-armor.com

Sorted result

EasyList

Matrix blacklist project

Matrix blacklist project, Filtered

Response Policy Zone - RPZ

Did not find any matching RPZ records

Known Issues

rgxRecord: clear-armor.com

• There are no known issue for clear-armor.com in My Privacy DNS
• There are no known issue for clear-armor.com in My Privacy DNS (Issue Backup)
• There are no known issue for clear-armor.com in GitHub:Matrix
• There are no known issue for clear-armor.com in phishing (Database)
• False Positive | clear-armor.com #1117
• False Positive | clear-armor.com #1068
• False Positive | clear-armor.com #1117
• False Positive | clear-armor.com #1068

DNS lookup

ns1.virtualave.net.
ns2.virtualave.net.
;; Warning: Client COOKIE mismatch

HTTP header

HTTP response, click to expand

HTTP/2 403 
date: Fri, 07 Feb 2025 23:23:19 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 07 Feb 2025 23:23:34 GMT
server: cloudflare
cf-ray: 90e72089cb86ebdc-ARN
alt-svc: h3=":443"; ma=86400

[spirillen]

I've said this so many times, public domains only. How should I be able to verify you domain are clean, when you lock the door?

How do you feel when you get invite somewhere and then the door get locked right in front of you??

Read more about CloudFlare's meta sheep farm inside their walled garden and the problems about them

• https://kb.mypdns.org/articles/MTX-A-73/CloudFlare
• https://kb.mypdns.org/articles/MTX-A-100/Cloudflare-and-GDPR
• https://kb.mypdns.org/articles/MTX-A-98/CloudFlares-Walled-Garden
• https://kb.mypdns.org/articles/MTX-A-99/Cloudflares-Data-Collection-Practices-and-Their-Implications

[spirillen]

duplicate of #1068