Update falsepositive.list

[pistazie]

Domains or links
pitch.com

More Information
How did you discover your web site or domain was listed here? Found it on virustotal.com

Have you requested removal from other sources? CRDF - removal was approved

Additional context

Pitch is a presentation platform that allows users to publish content on the web. As such, we are vulnerable to abuse by users.

The security of all Pitch users is at the top of our minds, and we are aware of a recent effort to abuse Pitch for phishing.

We resolved the issue and invested a lot in automation of content scanning and blocking. We believe we solved the recent issue.

Among the measures taken are:

• We integrated multiple tools and services that scan each Pitch public slide/URL for phishing and other abuse. In doubt, our tooling automatically blocks suspicious content.
• We added multiple tools that allow users to report suspicious content.
• We are manually scanning Pitch for suspicious content.

We would appreciate a fast merge and removal from the list, as many innocent users are currently affected.

Happy to provide any other details privately at [email protected].

[spirillen]

I, as @spirillen, can't help until you allow traffic from tor

[pistazie]

I, as @spirillen, can't help until you allow traffic from tor

Thanks @spirillen . can you provide more details about the issues you are having using pitch.com with Tor? (OS, browser, anything we can use to reproduce the issue)

I am not aware of any measures we are taking to block Tor and I was able to use the Tor browser to browse pitch.com, sign-up, and use our application.

[luigigubello]

Hi @spirillen, thanks for your response. I work as a Security Engineer @ Pitch (pitch.com), and I am able to visit pitch.com via Tor too (tested on macOS Sonoma and Android). How can we help you break the deadlock and move pitch.com into falsepositive.list? :)

[spirillen]

You tell me...

Logger output

+4			pitch.com	1	get	image	https://pitch.com/favicon.ico
+4			pitch.com	3	get	image	https://res.cloudinary.com/pitch-software/image/upload/f_auto/v1600165469/website-images/images/apple-touch-icon-precomposed.png
+4			pitch.com	1	post	xhr	https://api.owl.services.pitch.com/v1/p
+4			pitch.com	1	get	xhr	https://evs.owl.services.pitch.com/v1/projects/MLtSEkcVNVGNVAmwIU5MESLqxrNUzixk/settings
+4	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/MarkPro-Heavy.woff2
+4	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/Eina01-Regular.woff2
+4	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/Eina01-Bold.woff2
+3			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/pages/_error-ca2aff2daa60d599.js
+3			behind-the-scene	0,3	get	other	https://pitch.com/
+3			behind-the-scene	0,3	get	other	http://pitch.com/
+3			pitch.com	1	get	image	https://pitch.com/favicon.ico
+3			pitch.com	3	get	image	https://res.cloudinary.com/pitch-software/image/upload/f_auto/v1600165469/website-images/images/apple-touch-icon-precomposed.png
+2			pitch.com	1	post	xhr	https://api.owl.services.pitch.com/v1/p
+2	##div[class^="style_cookiesBanner"]		pitch.com		get	dom	https://pitch.com/
+2	##a[href*="youtube.com"]		pitch.com		get	dom	https://pitch.com/
+2	##[href^="https://www.facebook.com"]		pitch.com		get	dom	https://pitch.com/
+2			pitch.com	1	get	xhr	https://evs.owl.services.pitch.com/v1/projects/MLtSEkcVNVGNVAmwIU5MESLqxrNUzixk/settings
+2			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/661.32bacffb2b4ae862.js
+2			pitch.com	1	get	css	https://pitch.com/_next/static/css/bdc4055ca27c700f.css
+2			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/317.87cd917324227b45.js
+2			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/fb7d5399.6da07087df7803d8.js
+2	googletagmanager_gtm.js:5	<<	pitch.com	3	get	script	https://www.googletagmanager.com/gtm.js?id=GTM-5QXGGVG
+2	||googletagmanager.com/gtm.js$script,redirect-rule=googletagmanager_gtm.js:5	--	pitch.com	3	get	script	https://www.googletagmanager.com/gtm.js?id=GTM-5QXGGVG
+2	||googletagmanager.com^	--	pitch.com	3	get	script	https://www.googletagmanager.com/gtm.js?id=GTM-5QXGGVG
+2			pitch.com	3	get	xhr	https://boards-api.greenhouse.io/v1/boards/pitch/jobs
+2	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/Eina01-Bold.ttf
+2	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/MarkPro-Heavy.ttf
+2	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/Eina01-Regular.ttf
+2	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/Eina01-Bold.woff
+2	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/MarkPro-Heavy.woff
+2	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/Eina01-Regular.woff
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/analytics.webm
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/share.webm
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/edit.webm
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/styles.webm
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/hero.webm
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/analytics.mp4
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/share.mp4
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/edit.mp4
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/styles.mp4
+1	||cloudfront.net^	--	pitch.com	3	get	media	https://d3x4b1wy4qlu9.cloudfront.net/media/homepage-2023/hero.mp4
+1			behind-the-scene	0,3	get	xhr	https://[ff00::]/nscl/moz-extension://5db5a3ff-a6af-450c-a6d8-809e451483a5/syncMessage?id=e54eedde98.4298%2Chttps%3A%2F%2Fpitch.com%2F&url=https%3A%2F%2Fpitch.com%2F&top=true&msg=%7B%22id%22%3A%22fetchChildPolicy%22%2C%22url%22%3A%22https%3A%2F%2Fpitch.com%2F%22%7D
+1			pitch.com	1	get	script	https://pitch.com/_next/static/3W38ZoZpWVfXTi79_jbTj/_ssgManifest.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/3W38ZoZpWVfXTi79_jbTj/_buildManifest.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/pages/home-1156e2c4aeda735c.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/509-f3b7e7d781910e8e.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/565-5ffed53120d706cd.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/834-bf5fda0451f5acc2.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/pages/_app-9275744021306616.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/main-5f1bfd5d86dfc6c2.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/framework-3a93e14c9b198fe2.js
+1			pitch.com	1	get	script	https://pitch.com/_next/static/chunks/webpack-c1c7e30361e68646.js
+1			pitch.com	1	get	css	https://pitch.com/_next/static/css/631b4ff2b28732e3.css
+1			pitch.com	1	get	css	https://pitch.com/_next/static/css/39630e14128d6d60.css
+1			pitch.com	1	get	css	https://pitch.com/_next/static/css/f8ec60bc37a664cc.css
+1	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/MarkPro-Bold.woff2
+1	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/MarkPro-Heavy.woff2
+1	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/Eina01-Regular.woff2
+1	no-remote-fonts: * true	--	pitch.com	1	get	font	https://pitch.com/fonts/Eina01-Bold.woff2
+1	no-remote-fonts: * true	--	pitch.com	1	get	doc	https://pitch.com/
+1	no-remote-fonts: * true	--	pitch.com	1	get	inline-font	https://pitch.com/
+0			pitch.com	1	get	doc	https://pitch.com/
+0			pitch.com	1	get	doc	http://pitch.com/

[luigigubello]

Your Security Level is set on "Safer". If you set it on "Safest" or "Standard" you should be able to load it.

[luigigubello]

@spirillen are you able to visit pitch.com using the Standard Security Level? Because I was able to reproduce 404 in the Safer Security Level.

Safer Security Level:

Standard Security Level:

[spirillen]

I'm using standard, but that is not your issue. I can see your site for about 1 => 2 seconds, then I get some unwanted software from your server which gets blocked and you are then returning a 404, to have people lowering their privacy settings.

By the way, I find it rather impressive that your site know a new visitor have 4 pending jobs without even logging in!!

[luigigubello]

@spirillen

By the way, I find it rather impressive that your site know a new visitor have 4 pending jobs without even logging in!!

4 is the number of open positions on the career page (Jobs) that we have.

[luigigubello]

Our engineers have fixed the website, so now you should be able to visit it in all three Tor levels: Standard, Safer, and Safest. @spirillen let me know if it works for you.