This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Mike_Lutgendorf
Participant
‎2019-10-15 01:36 PM

Best way to whitelist KnowBe4 Phishing domains?

So probably an obvious answer to this, but... long story short I need to whitelist the below. These are for phishing training from KnowBe4. 

Is there a way to import these given they're not all the same classification? Or is it better to attempt to treat these all like a host objects and hope their AWS IP's don't change? 

Sorry if it's a silly question. They also don't have CP listed in their documentation so i'd like something to forward on to them to add to it. 

Thanks in advance. 

Online-banking.kb4.io,
En-us.secureconnection.moneytransaction.kb4.io,
Mail.kb4.io,
Breakingnews.comano.us,
Secure-mail.web.magnetonics.com,
Socialmedia-insights.bloemlight.com,
Messaging-security.comano.us,
Do.not.click.on.this.link.instantrevert.net,
ftp.phishing.guru,
test.user-click.phishtrain.org,
password-changes.phishwall.net,
Robust-backend.ancillarycheese.com,
Web-login.malwarebouncer.com,
https.file-transfers.ancillarycheese.com,
guru.phishing.guru,
http.www.secure.kb4.io,
su.onamoc.comano.us,
https.secure-links.bloemlight.com,
dontclickthis.knowbe4.com,
us-api.mimecast.com,kb4.io,
addto.password.land,
05kqatnrJ9s0sNAh9.phish.farm,
secure.payment-gateway.microransom.us,
cardpayments.microransom.us.
crypt.single-sign-on.password.land.
oldmacdonald.had-a.phish.farm.
login.gogie.com,000000000000.phish.farm,
report-scam.malwarebouncer.com,
spamchallenge.msftemail.com,
gmail.net-login.com,
kn0wbe4.compromisedblog.com,
welsfargo.com-onlinebanking.com,
bofa.com-onlinebanking.com,
chase.com-onlinebanking.com,
capital1.com-onlinebanking.com,
2fa.com-token-auth.com,
token.onelogin.com-token-auth.com,
cnn.compromisedblog.com,
employeeportal.net-login.com,
34.75.2O2.lOl,

strongencryption.org.
protected-forms.com,
safe-site.protected-forms.com,
https.protected-forms.com,
secured-login.net,
singlesignon.secured-login.net,
googl-e.secured-login.net,
salesfarce.secured-login.net,
webmail.strongencryption.org.
login.strongencryption.org.
account.secured-login.net,
drive.secured-login.net,
form.secured-login.net,
tls.secured-login.net,
certificate.strongencryption.org.
office.strongencryption.org.
suite.strongencryption.org.
http.protected-forms.com,
internet.protected-forms.com,
submit.protected-forms.com,
*.kb4.io,
*.comano.us.
*.magnetonics.com,
*.bloemlight.com,
*.instantrevert.net,
*.phishing.guru.
*.phishtrain.org.
*.phishwall.net,
*.ancillarycheese.com,
*.malwarebouncer.com,
*.knowbe4.com,
*.password.land.
*.phish.farm.
*.microransom.us.
*.msftemail.com,
*.net-login.com,
*.compromisedblog.com,
*.com-onlinebanking.com,
*.com-token-auth.com,
*.2O2.lOl,

0 Kudos
(1)
Who rated this post