False Positive | mypag.io

[MykhailoDev]

What are the subjects of the false-positive (domains, URLs, or IPs)?

mypag.io
https://mypag.io/

Why do you believe this is a false-positive?

Hello,
We noticed that our URL, https://mypag.io/, part of our link-in-bio service associated with http://mysignature.io/, has been blocked by your service.
I have already opened one request on this issue, but the case has not yet been resolved, so I kindly ask you to review the ticket and unblock mypag.io as soon as possible. This block is negatively affecting our legitimate users who rely on our service for their daily activities.
We received lists of malicious links that abused our platform and immediately blocked them. We are also actively working on solutions to prevent any fraudulent activity in the future.
Thank you very much for your cooperation and understanding.
Best regards,
http://mysignature.io/

How did you discover this false-positive(s)?

VirusTotal

Where did you find this false-positive if not listed above?

We received a request from a user about problems with access to the service and checked the domain on Virustotal.

Have you requested a review from other sources?

We have contacted alphaMountain.ai, VIPRE, Seclookup, Gridinsoft, CRDF, Fortinet, CyRadar to reconsider blocking our domain, and they have already added it to the whitelists.

Do you have a screenshot?

No response

Additional Information or Context

No response

[phishing-database-bot]

Verification Required

@MykhailoDev, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

   • Record Name: _phishingdb
   • Record Value: antiphish-f96e8816b4f23fce3ec05982a09c3a62f194a101

   Your Verification ID: antiphish-f96e8816b4f23fce3ec05982a09c3a62f194a101

2. Wait for DNS propagation (this may take a few minutes to a few hours).

3. Reply to this issue once the TXT record has been set.

Important Notes

• Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
• If the record cannot be set or you need alternative methods of verification, please contact us at [email protected] - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

• Online tools like MXToolBox TXT Lookup.
• The command line:

  dig TXT _phishingdb.example.com
  

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

[MykhailoDev]

The TXT record has already been set.

[spirillen]

Search results

Lookup provided by My Privacy DNS

Hosts-Sources

External Hosts-Sources can be found here

phishingArmy.csv:mypag.io
phishing_army_blocklist_extended.csv:mypag.io
phishing_database/ALL-phishing-links.csv:mypag.io
phishing_database/phishing.database/domain.csv:mypag.io

Sorted result

EasyList

Matrix blacklist project

Matrix blacklist project, Filtered

Response Policy Zone - RPZ

Did not find any matching RPZ records

Known Issues

• There are no known issue for mypag.io in My Privacy DNS
• There are no known issue for mypag.io in My Privacy DNS (Issue Backup)
• There are no known issue for mypag.io in GitHub:Matrix
• False Positive | mypag.io #1235
• False Positive | mypag.io #1263
• There are no known issue for mypag.io in phishing (Database)

DNS Servers

elliot.ns.cloudflare.com.
virginia.ns.cloudflare.com.
;; Warning: Client COOKIE mismatch

HTTP header

HTTP response, click to expand

HTTP/2 200 
date: Tue, 25 Mar 2025 04:22:33 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
x-powered-by: Nuxt
x-do-app-origin: e4a7fbbb-8b49-4d38-a9bd-07d882a44ebc
cache-control: private
x-do-orig-status: 200
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Mar 2025 04:22:33 GMT
set-cookie: __cf_bm=Ckn1ruARtogLdPzV14Cy3aIx6bH8zBRBdYxnP0eMHns-1742876553-1.0.1.1-upHH9tGb3ybWoesgIs.4W2w791vsG8yJmYQ0Zh4yj.M1IIwOR20IhAGrm5AFg_UETGJkymEXtOV9i5IKKLyzNXgxSfI2G1DQoDOlGiovdYI; path=/; expires=Tue, 25-Mar-25 04:52:33 GMT; domain=.mypag.io; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nyMcuQeeoyi1RvyySgx0Q7pLlKsWDy0%2BDCFOJyjlzXXCBoyacEhBeoG6jYy5LK0syYCA2uejpB5PmiTYiRRx6GDSuBLz3eF0jBvH1timAvQbIU1C37cTzutZQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 925ba0b998c55c32-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9630&min_rtt=4312&rtt_var=11527&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3385&recv_bytes=843&delivery_rate=656242&cwnd=252&unsent_bytes=0&cid=e7278bdbf6986b85&ts=262&x=0"

[spirillen]

Declined Assistance with Whitelisting Requests

I (@spirillen ) regret to inform you that I will not be assisting with whitelisting requests in this matter, as you are utilising networks associated with Cloudflare, Google, Amazon, or Microsoft. These entities have a notorious reputation for disregarding individuals' Fundamental Human Rights and Online Privacy (as detailed here: https://kb.mypdns.org/articles/MPDNS-A-2).

As such, you will need to await assistance from a meta sheep who may be willing to help. I cannot support the surveillance of innocent individuals without a court order from a democratic country, which notably excludes, but is not limited to, the USA and Denmark.

Thank you for your understanding.

[MykhailoDev]

Hello, as I see from your analysis, there are no more reasons to keep us on the list of suspicious pages. We are also actively working on solutions to prevent any future fraudulent activity. Can someone please review the whitelisting request again? @mitchellkrogza @funilrys @g0d33p3rsec

Thank you very much for your cooperation and understanding!