Avast WEBforum

Other => Viruses and worms => Topic started by: derek77777 on June 24, 2020, 10:25:42 AM

Title: Site Falsely Blocked for Phishing
Post by: derek77777 on June 24, 2020, 10:25:42 AM

Hello,

Yesterday my website **** was blocked by Avast for Phishing while the website is totally clean.

I lose traffic and positions in google because of this blocking.
Can you do the necessary please and remove this false alarm for Phishing?

I would appreciate if it will be done quickly.
Thank You.

Title: Re: Site Falsely Blocked for Phishing : CPASMIEUX.ORG
Post by: Asyn on June 24, 2020, 10:33:08 AM

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

Title: Re: Site Falsely Blocked for Phishing : CPASMIEUX.ORG
Post by: derek77777 on June 24, 2020, 10:35:34 AM

Quote from: Asyn on June 24, 2020, 10:33:08 AM

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

I reported but usually, how long will it take to get a response?

Title: Re: Site Falsely Blocked for Phishing : CPASMIEUX.ORG
Post by: Asyn on June 24, 2020, 11:45:01 AM

You should get a reply within 48 hours.

Title: Re: Site Falsely Blocked for Phishing : CPASMIEUX.ORG
Post by: polonus on June 24, 2020, 02:57:27 PM

Hi derek77777,

Your site kicked up an error - https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=XnB8c21be3V4Ll19Zw%3D%3D~enc
Something with the site's configuration is not as it should be, take that up with your hoster.

For outgoing links -> https://www.virustotal.com/gui/ip-address/104.24.104.8/relations
Various detections there.

Probably this was taken into the bargain of the detection also:
https://www.abuseipdb.com/check/185.230.60.211

Why I see a link to a webserver that is down? -> hxtps://aboutrestoration.eu
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token"

Quote

content="hc:meta:server:EeZ0u3+GdzQa3oXwTdR+Wf4npx+BvZrXXXXXXXXXXX/f0lkdrtqFdOtXPD3VnXGTKtLKu0jhADyLxAD7Kb8CQ==" />

on <meta name="csrf-param" content="authenticity_token" />
on  htxps://support.cloudflare.com/

Wait for a final verdict of an avast team member, as they are the only ones to come and unblock,

Also saw XSS-DOM issues in -http://cpasmieux.org/cdn-cgi/scripts/zepto.min.js
Number of sources found: 20
Number of sinks found: 5

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Title: Re: Site Falsely Blocked for Phishing : CPASMIEUX.ORG
Post by: polonus on June 30, 2020, 11:20:22 PM

Hi derek77777,

Do not see it blocked any longer - "seul domaine officiel et c'est tout bien",
It was checking the browser, captcha filled out and all is working like a charm.
I am happy for ye,

polonus