Author Topic: Site Blocked - URL:Phishing  (Read 63991 times)

0 Members and 3 Guests are viewing this topic.

Offline Amy D

  • Newbie
  • *
  • Posts: 2
Re: Site Blocked - URL:Phishing
« Reply #390 on: September 28, 2019, 04:17:19 PM »
https://goo.gle/gocc_01_sea
Whit this link I get the same pop up message from avast. Could anyone unlock this for me?

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36233
Re: Site Blocked - URL:Phishing
« Reply #391 on: September 28, 2019, 04:25:32 PM »
https://goo.gle/gocc_01_sea
Whit this link I get the same pop up message from avast. Could anyone unlock this for me?
If you think it is wrong then report it .... looks suspicious since it ask for your google password ?


Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php





« Last Edit: September 28, 2019, 04:34:06 PM by Pondus »
“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline Amy D

  • Newbie
  • *
  • Posts: 2
Re: Site Blocked - URL:Phishing
« Reply #392 on: September 28, 2019, 04:44:35 PM »
https://goo.gle/gocc_01_sea
Whit this link I get the same pop up message from avast. Could anyone unlock this for me?
If you think it is wrong then report it .... looks suspicious since it ask for your google password ?


Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

Thank you!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31856
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #393 on: September 28, 2019, 05:52:20 PM »
Here you can see that that address you give is redirecting to:
 -https://prismatic-age-179203.appspot.com/gprep_tech1/register *

See at: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=Z11dLmdse2BnXV5eXzAxX3N7fA%3D%3D~enc

* this redirected address seems OK, when scanned for at VT: https://www.virustotal.com/gui/url/80eaf94a693eff0787e1bb09a5f45ac2cc20a93e06d65e7240bdc08c23a26adf/details
while associated relations affiliates will kick up quite some flags, also at VT (when we dig a little deeper):
https://www.virustotal.com/gui/ip-address/172.217.212.153/relations

Wait for a final verdict by an avast team member, they are the ones to come and unblock,
whenever that should be appropriate.

By the way the redirect address complete uri just kicks up an error.,
while the general domain address opens up to Google Online Challenge,
wit a hostname as -iad23s69-in-f20.1e100.net 
There we come to encounter a "404 not found", nothing to do with avast detection, I assume.
So you are probably barking at the wrong tree, and it is an internal hick-up at Goggle's.  ;)

Just for the record some scan results on that redirecting domain address.

DOM-XSS issues Results from scanning URL: -https://prismatic-age-179203.appspot.com/
Number of sources found: 0
Number of sinks found: 22

Scan also opens up to: -https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Number of sources found: 43
Number of sinks found: 0  (bootstrap.min.js Is it really needed, read the diacussion at StackOverflow's:
-> https://stackoverflow.com/questions/48738305/jquery-min-js-is-it-needed-bootstrap-4-0-0-alpha-6  )
   &
Results from scanning URL: -https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Number of sources found: 33
Number of sinks found: 10
   &
Results from scanning URL: -https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Number of sources found: 33
Number of sinks found: 10

2 vulnerable libraries with retrable jQuery library code:
https://retire.insecurity.today/#!/scan/29241cb52ddcbce0960ccbec1d7e624aaa73d4855946a407918867b6c81e65f4
scan info credits go to Erlend Oftedal

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)



Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline martineli_martineli

  • Newbie
  • *
  • Posts: 2
Re: Site Blocked - URL:Phishing
« Reply #394 on: October 05, 2019, 07:24:06 AM »
Same here for
Autods.com
Can u please unblock it?

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61495
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Site Blocked - URL:Phishing
« Reply #395 on: October 05, 2019, 07:26:06 AM »
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - TB 68.2.2 [EM] - ABS/ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline martineli_martineli

  • Newbie
  • *
  • Posts: 2
Re: Site Blocked - URL:Phishing
« Reply #396 on: October 05, 2019, 01:56:58 PM »
 Well avast blocked the site becouse of phishing. What to do than, when the site is secure?



Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61495
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Site Blocked - URL:Phishing
« Reply #397 on: October 05, 2019, 02:13:56 PM »
Well avast blocked the site becouse of phishing. What to do than, when the site is secure?
You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - TB 68.2.2 [EM] - ABS/ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31856
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #398 on: October 05, 2019, 07:21:50 PM »
VT gives the site as clean: https://www.virustotal.com/gui/url/3f9278444a9f00bf4dada6d52cad059e626103f84c533e9b911390740ef29d0c/details
Probable reason for detection is malware on other domains on that same IP:
https://www.virustotal.com/gui/ip-address/104.24.102.175/relations

CMS Word Press version is outdated. Site issue and outdated software PHP: https://sitecheck.sucuri.net/results/Autods.com
Also consider: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=fHV0XSNzLl5dbQ%3D%3D~enc

DOM-XSS issues: Results from scanning URL: -https://Autods.com
Number of sources found: 162
Number of sinks found: 513
&
Results from scanning URL: -https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Number of sources found: 27
Number of sinks found: 8
&
Results from scanning URL:-https://autods.com/wp-content/cache/busting/1/wp-content/themes/Avada/includes/lib/assets/min/js/library/packery-2.0.0.js
Number of sources found: 4
Number of sinks found: 2
&
Results from scanning URL: -https://autods.com/wp-content/cache/busting/1/wp-content/plugins/fusion-builder/assets/js/min/general/fusion-column-1.js
Number of sources found: 5
Number of sinks found: 2  Stating congratulations you have reached the end of the Internet  ::)
&
Results from scanning URL: -https://autods.com/wp-content/cache/busting/1/wp-content/themes/Avada/includes/lib/assets/min/js/general/fusion-responsive-typography-1.js
Number of sources found: 27
Number of sinks found: 5
&
Results from scanning URL: -https://www.googletagmanager.com/gtag/js?id=UA-125371527-2
Number of sources found: 33
Number of sinks found: 12
&
Results from scanning URL: -https://autods.com/wp-content/cache/busting/1/wp-content/plugins/heateor-facebook-comments-moderation/js/front/front-1.2.10.js
Number of sources found: 23
Number of sinks found: 24
&
Results from scanning URL: -https://autods.com/wp-content/cache/busting/1/wp-content/themes/Avada/includes/lib/assets/min/js/library/packery-2.0.0.js
Number of sources found: 79
Number of sinks found: 16
& last but not least
Results from scanning URL: -https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Number of sources found: 294
Number of sinks found: 14

See the vulnerabilities on the CloudFlare server for that IP: https://www.shodan.io/host/104.24.102.175
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
linux-gnu-SF.

polonus (3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6396
  • volunteer
Re: Site Blocked - URL:Phishing
« Reply #399 on: October 07, 2019, 02:14:19 PM »
Same here for
Autods.com
Can u please unblock it?

Detection was removed in 07.10.2019 at 04:59 AM

Quote from: Avast
Our virus specialists have now cleared its reputation in our database.

With URLs this change should be instant, but it might take up to 24 hours with files.

Offline jam_jam2

  • Newbie
  • *
  • Posts: 1
Re: Site Blocked - URL:Phishing
« Reply #400 on: October 08, 2019, 10:13:15 PM »
Hello.
I have problem with my site. The avast has blocked my site. pizzeriananda.fi  could you please unblock my site.

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36233
Re: Site Blocked - URL:Phishing
« Reply #401 on: October 08, 2019, 10:24:50 PM »
“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31856
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #402 on: October 08, 2019, 11:28:56 PM »
Here a phishing test came up undecided: https://www.immuniweb.com/radar/?id=QJnzNkG7

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline kankanyan

  • Newbie
  • *
  • Posts: 1
Re: Site Blocked - URL:Phishing
« Reply #403 on: October 09, 2019, 09:04:16 AM »
Awast started blocking legitimate company web site https://www.nsasoft.us with reason "URL:phishing". This site doesn't have anything related with "URL:phishing". How to fix and remove this alert?

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36233
Re: Site Blocked - URL:Phishing
« Reply #404 on: October 09, 2019, 09:06:03 AM »
Awast started blocking legitimate company web site https://www.nsasoft.us with reason "URL:phishing". This site doesn't have anything related with "URL:phishing". How to fix and remove this alert?

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php


Sucuri scan  >>  https://sitecheck.sucuri.net/results/https/www.nsasoft.us


Blacklist check  >>  https://www.virustotal.com/gui/url/c60360e150218aced045232a440096a8dbc49880c18fa5377c7d3fefcae6971e/detection




« Last Edit: October 09, 2019, 09:08:08 AM by Pondus »
“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"