search

phishfort / phishfort-lists

Blacklists and whitelists maintained by PhishFort
GNU General Public License v3.0
105 stars 71 forks source link

[Legitimate Site Blocked] abstract.deform.cc #1428

Open scchang-catherine opened 3 weeks ago

scchang-catherine commented 3 weeks ago

https://abstract.deform.cc/ is a legitimate website that's being inappropriately flagged as suspicious.

We, the DeForm team, recently launched a joined community campaign with Abstract and this is blocking users from participating in social & onchain activations.

Please resolve this ASAP! Thank you.

shrestha-milann commented 3 weeks ago

Hi,

The domain is not blocked by Phishifort. Please verify with following:

https://lookup.phishfort.com/api/lookup?url=abstract.deform.cc

Warm Regards,

Milan Shrestha

Anti-Phishing Operations

@.***

phishfort.com https://www.phishfort.com/

https://www.linkedin.com/company/phishfort/ https://t.me/phishfort https://twitter.com/PhishFort

On Mon, Oct 14, 2024 at 12:47 AM scchang-catherine @.***> wrote:

https://abstract.deform.cc/ is a legitimate website that's being inappropriately flagged as suspicious.

We, the DeForm team, recently launched a joined community campaign with Abstract and this is blocking users from participating in social & onchain activations.

Please resolve this ASAP! Thank you.

— Reply to this email directly, view it on GitHub https://github.com/phishfort/phishfort-lists/issues/1428, or unsubscribe https://github.com/notifications/unsubscribe-auth/AYFSODHAM2SNS23UXCS4ZJ3Z3K7UDAVCNFSM6AAAAABP3WJIFOVHI2DSMVQWIX3LMV43ASLTON2WKOZSGU4DIMJZGUYDANQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

scchang-catherine commented 3 weeks ago

Hi,

The API response does flag the site as non-dangerous. However, when I click into the URL, the browser triggers a warning. Please reference below:

Screenshot 2024-10-14 at 10 23 36 AM

Is there some alternative pathway that's blocking access to the site?

thatguyintech commented 3 weeks ago

Hey there @shrestha-milann ! Eng @ DeForm here. This is what I'm getting from the API response:

{
  "dangerous": false,
  "safe": false,
  "warning": false,
  "hostname": "abstract.deform.cc"
}

Does the "safe": false flag mean that Phishifort is blocking the site? Would love to get this fixed asap

thatguyintech commented 3 weeks ago

The DeForm site integrates with Privy to authenticate users via wallet signature and other social media account integrations. We don't ask for users to take any other actions unless i.e. they choose to mint an NFT. The NFT minting uses a standard ERC1155 smart contract audited by the Animoca Brands smart contract audit team.