Add clck.ai to whitelist

[sokolyanskydev]

clck.ai is a legitimate private service used for internal monitoring and reporting. It is not associated with phishing, impersonation, or any malicious activity.

Phantom currently flags it as suspicious — this appears to be a false positive, likely triggered by fuzzy matching.

Requesting addition to the whitelist.

Summary by CodeRabbit

• Chores
  • Added clck.ai to the whitelist.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: dc7dc200-b10c-4659-802e-48316d0bd9a9

📥 Commits

Reviewing files that changed from the base of the PR and between f0e8ff9 and ec91052.

📒 Files selected for processing (1)

• whitelist.yaml

---

📝 Walkthrough

Walkthrough

Updated whitelist.yaml to add a new whitelisted URL entry for clck.ai alongside the existing nftplus.io entry. File formatting was normalized to include a trailing newline.

Changes

Cohort / File(s)	Summary
Configuration Update whitelist.yaml	Added new URL entry clck.ai to the whitelist and normalized file ending with trailing newline.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and accurately summarizes the main change: adding clck.ai to the whitelist, which matches the file modifications and PR objectives.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sokolyanskydev]

Bumping — this PR has been open for ~2 months.

cc @joel-phantom @lfernandezpt — could someone from the Phantom team take a look?

Important diagnostic note: I checked the current master of this repo and clck.ai is not present in blocklist.yaml, fuzzylist.yaml, or whitelist.yaml, and it has never appeared in the git history of blocklist.yaml. The fuzzylist.yaml file is also empty, so fuzzy matching cannot be the cause.

Yet Phantom users are still seeing the malicious-site warning when visiting clck.ai. This suggests the flagging signal comes from outside this repository — perhaps an internal/private classifier, an upstream feed, or stale cached blocklist data on clients.

Could you:

1. Merge this whitelist entry as a defensive measure, AND
2. Point me to the correct channel to report a false-positive that isn't sourced from this public repo?

Context on the domain: clck.ai is a private monitoring/reporting endpoint for an internal VPN infrastructure project (status dashboards, server health reports, telemetry). It does not host wallets, dApps, swaps, NFTs, airdrops, drainers, or any crypto-related content. It is not associated with Solana, EVM chains, or any blockchain project. Zero overlap with the phishing-target surface area.

Happy to provide any further info (WHOIS, DNS, server access logs) needed to clear this. Thanks!