Phishing.Database icon indicating copy to clipboard operation
Phishing.Database copied to clipboard
verified publisher icon mitchellkrogza

False Positive | ajax.googleapis.com

Open ClevyPasserby opened this issue 11 months ago • 7 comments

What are the subjects of the false-positive (domains, URLs, or IPs)?

  • ajax.googleapis.com

Why do you believe this is a false-positive?

I believe this is a false-positive because... It breaks functionality of a specific nsfw website

How did you discover this false-positive(s)?

Other (Please fill out the next box)

Where did you find this false-positive if not listed above?

I discovered this false-positive by... I was using a particular nsfw literary website, when I noticed the side menu being blocked completely (which was used to search certain nsfw fiction). Through guessing, I realized that it was this specific domain which was responsible for it.

Have you requested a review from other sources?

I have requested a review from...

I also requested a review from Ultimate Hosts Blacklists in this issue

Do you have a screenshot?

Screenshot

Additional Information or Context

I have also noticed that...

Found the domain in phishing-domains-ACTIVE.txt And that you have encountered the issue before. It's a bit strange some domains whitelisted years ago would make a comeback here.

ClevyPasserby avatar Jan 13 '25 11:01 ClevyPasserby

@spirillen Hello, just requesting some attention here. Apologies as I made this issue when my account was falsely flagged by github.

ClevyPasserby avatar Feb 16 '25 07:02 ClevyPasserby

googleapis.com are already whitelisted outside this public scope, Not that I understand why as is it over floated with malicious, spyware and phishing contents.

Next is, I do read two thing in your reply, which one should go with?

  1. The issue was made in error?
  2. You believe this evil domain should be whitelisted?

spirillen avatar Feb 16 '25 10:02 spirillen

googleapis.com are already whitelisted outside this public scope, Not that I understand why as is it over floated with malicious, spyware and phishing contents.

I did find the domain in the active list.

  1. The issue was made in error?

What I mean is that I made the issue without noticing that my account was flagged as I was not notified so when I did manage to get my account unflagged, the issue reappeared in this repo and was already weeks old, consequently it went under the radar, so it's not that my issue was made in error.

  1. You believe this evil domain should be whitelisted?

The ajax domain did serve a functional purpose to power a genre filtering search engine in the nsfw website. Though, if you believe that the domain's broad usage does more harm than good, then I guess I'll respect that and close the issue. Is it the case that the specific ajax domain is more harmful than it is functional? If you don't mind, why is this specific ajax domain harmful as you implied?

ClevyPasserby avatar Feb 16 '25 10:02 ClevyPasserby

Though, if you believe that the domain's broad usage does more harm than good, then I guess I'll respect that and close the issue. Is it the case that the specific ajax domain is more harmful than it is functional? If you don't mind, why is this specific ajax domain harmful as you implied?

You raise several important points here. I (@spirillen) would never permit any of Alphabet's products on my network, not at all. They are fundamentally detrimental, and those who fail to recognise this should certainly consider asking for a refund on their education, as it seems they have not grasped the significant threat posed to democracy, freedom, and human rights when a select few individuals or corporations possess comprehensive knowledge about everyone else. Since they adopted their slogan, "Do~~n't~~ be evil," they have become a menace to any democratic society and free-thinking individuals, as they manipulate you all.

However, this project, which is not mine, views the situation differently. As mentioned earlier, they should be whitelisted by this project, despite my reservations.

Notifications regarding these anti-democratic corporations occasionally surface when the whitelist project encounters issues. Once the whitelist project is operational again, Alphabet will likely resume its surveillance of your every move, aiming to influence you in favour of the highest bidder.

I will therefor close this issue for now. If this domain persist (rightly) to be on the blacklist after https://github.com/Phishing-Database/phishing/issues/749 should be solved. Please do bump this issue and target funilrys

spirillen avatar Feb 16 '25 15:02 spirillen

@funilrys Hello, it's been a while and I saw that the domain is still on the active lists. I understand that while the said domain is a sort of double-edged sword, I'm still a firm believer in functionality in regards to adblocking. And seeing as the domain itself doesn't seem to be exactly phishing in and of itself, I would like to ask your decision on whether to keep blocking this or not.

ClevyPasserby avatar Oct 02 '25 11:10 ClevyPasserby

@Phishing-Database/contributors — is this happening again? If so, please reopen https://github.com/Phishing-Database/phishing/issues/749. If that issue has been closed, I suggest creating a new, similar issue that can be flagged/reopened/bumped when the whitelist fails. That will give @funilrys an issue to follow and to sign up for mail alerts.

This is only my recommendation; I’ll leave the decision to the active contributors. As you know, I’m currently away due to cataract surgery.

The duck was here

spirillen avatar Oct 02 '25 11:10 spirillen

Verification Required

@ClevyPasserby, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

  1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

    • Record Name: _phishingdb
    • Record Value: antiphish-ba37a89069add3a64f7c855ae0ab1b1d48b443b8

    Your Verification ID: antiphish-ba37a89069add3a64f7c855ae0ab1b1d48b443b8

  2. Wait for DNS propagation (this may take a few minutes to a few hours).

  3. Reply to this issue once the TXT record has been set.

Important Notes

  • Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
  • If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

phishing-database-bot avatar Oct 02 '25 12:10 phishing-database-bot