Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs.pipenv.org is an impostor #1635

Closed
dheerajreal opened this issue May 4, 2021 · 6 comments
Closed

docs.pipenv.org is an impostor #1635

dheerajreal opened this issue May 4, 2021 · 6 comments

Comments

@dheerajreal
Copy link

The domain docs.pipenv.org appears to be related to pipenv
But it's an older domain for the project and is now under unknown control.
See here
Moreover, the site has some suspicious links to external domains that might be mailcious.
See here

Wow, this is a creative use of an expired domain.

I let pipenv.org expire, as it appeared few people used it, as opposed to the pypa site

Originally posted by @kennethreitz in pypa/pipenv#4671 (comment)
@welcome
Copy link

welcome bot commented May 4, 2021

Hello! Thank you for opening your first issue in this repo. It’s people like you who make these host files better!

funilrys added a commit to mitchellkrogza/Badd-Boyz-Hosts that referenced this issue May 4, 2021
@funilrys
Introduction of docs.pipenv.org and pipenv.org
e937912 
This patch fixes #StevenBlack/hosts#1635.
StevenBlack added a commit that referenced this issue May 4, 2021
@StevenBlack
Issue #1635: add docs.pipenv.org.
708fc8a
@StevenBlack
Copy link
Owner

Thank you Dheeraj @dheerajreal. This is added in commit 708fc8a.

Ref: pypa/pipenv#4671

@TPS
Copy link

TPS commented May 5, 2021
edited
Loading

@StevenBlack I think you didn't go far enough. Per pypa/pipenv#4671 (comment), it'd be good to add pipenv.org & www.pipenv.org, as well. 🙇🏾‍♂️

@StevenBlack
Copy link
Owner

Hi @TPS thanks for the note.

I went back to the comment you just linked and that's not a conclusion I see.

Maybe you could have linked me directly to whatever the heck you're referring-to?

@TPS
Copy link

TPS commented May 6, 2021

Well, if nobody friendly owns the domain name, then I guess the right thing to do is submit *.pipenv.org to Google Safe Browsing and similar malware lists:

https://safebrowsing.google.com/safebrowsing/report_general/

The only domains I could find besides docs. are www. & the root domain.

funilrys added a commit to mitchellkrogza/Badd-Boyz-Hosts that referenced this issue May 7, 2021
@funilrys
Introduction of www.pipenv.org
2a1ff08 
This patch touches and fixes StevenBlack/hosts#1635.
@funilrys
Copy link
Contributor

funilrys commented May 7, 2021

Hi Steve @StevenBlack, took a bit more time to do some enumeration and then test everything I could find with PyFunceble 4 and although there is/was much more subdomains behind that wildcard, the only available at this time are the following:

pipenv.org
www.pipenv.org
docs.pipenv.org

As they are all part of the Badd-Boyz-Hosts, they should be merged here on your next release.

Stay safe and healthy.

vegai pushed a commit to vegai/hosts that referenced this issue May 27, 2021
@StevenBlack
Issue StevenBlack#1635: add docs.pipenv.org.
7f7aec4
@StevenBlack StevenBlack mentioned this issue May 17, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@StevenBlack @TPS @funilrys @dheerajreal