Phishing.Database icon indicating copy to clipboard operation
Phishing.Database copied to clipboard
verified publisher icon mitchellkrogza

False Positive | s3.amazonaws.com

Open p1r473 opened this issue 3 months ago • 3 comments

What are the subjects of the false-positive (domains, URLs, or IPs)?

s3.amazonaws.com

Why do you believe this is a false-positive?

Amazon S3 bucket

How did you discover this false-positive(s)?

Other (Please fill out the next box)

Where did you find this false-positive if not listed above?

Visted site

Have you requested a review from other sources?

No response

Do you have a screenshot?

Screenshot

Additional Information or Context

No response

p1r473 avatar Sep 23 '25 16:09 p1r473

Verification Required

@p1r473, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

  1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

    • Record Name: _phishingdb
    • Record Value: antiphish-82ab4465694413a46b1c60248d9dcda44ed3a4cf

    Your Verification ID: antiphish-82ab4465694413a46b1c60248d9dcda44ed3a4cf

  2. Wait for DNS propagation (this may take a few minutes to a few hours).

  3. Reply to this issue once the TXT record has been set.

Important Notes

  • Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
  • If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

phishing-database-bot avatar Sep 23 '25 16:09 phishing-database-bot

I do not own Amazon :)

p1r473 avatar Sep 23 '25 16:09 p1r473

I was coming here myself to find who thought this was an appropriate blackhole: ||s3.amazonaws.com^ You can not black hole the entire Amazon cloud. Seriously?

GldRush98 avatar Sep 25 '25 20:09 GldRush98

@GldRush98 you are right but, but it is also true that this system is not so well done. It requires to have dns control for a delisting request, but S3, Cloudfront, and tons of others services like them are owner by big companies. With DNS is not possible to manage such resources so they should also avoid to blacklist them

Giannandrea avatar Dec 11 '25 10:12 Giannandrea