Author Topic: Site Blocked - URL:Phishing  (Read 145388 times)

0 Members and 1 Guest are viewing this topic.

Offline aymnb8046

  • Newbie
  • *
  • Posts: 2
Re: Site Blocked - URL:Phishing
« Reply #630 on: April 07, 2021, 10:41:39 AM »
When I launch the Avast program and open my site it says url phishing to me

I want to cancel the ban, please, on my website: https://money-exchange-sefina.com/


Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 70226
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W 8.1 [x64] - Avast PremSec 21.4.2462.B3 [UI.617] - EEK - Firefox ESR 78.10.1 [NS/uBO/PB] - TB 78.10.1
Avast-Tools: Secure Browser 90.0 - Cleanup 21.1 - SecureLine 5.11 - Driver Updater 21.1 - CCleaner 5.78
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37012
Re: Site Blocked - URL:Phishing
« Reply #632 on: April 07, 2021, 10:56:10 AM »
Quote
I want to cancel the ban, please, on my website:
How to do that is posted many many times in this topic with red colour



Offline aymnb8046

  • Newbie
  • *
  • Posts: 2
Re: Site Blocked - URL:Phishing
« Reply #633 on: April 07, 2021, 01:32:23 PM »
My site has been banned and I am not getting an answer

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 70226
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Site Blocked - URL:Phishing
« Reply #634 on: April 07, 2021, 01:34:36 PM »
My site has been banned and I am not getting an answer
You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php
W 8.1 [x64] - Avast PremSec 21.4.2462.B3 [UI.617] - EEK - Firefox ESR 78.10.1 [NS/uBO/PB] - TB 78.10.1
Avast-Tools: Secure Browser 90.0 - Cleanup 21.1 - SecureLine 5.11 - Driver Updater 21.1 - CCleaner 5.78
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33122
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #635 on: April 07, 2021, 03:06:04 PM »
So wait for a final verdict from avast team, as they are the only ones to come and unblock.

See Indicators here: https://urlscan.io/result/736d95a8-da1f-4f3e-9d7f-292f7499b8a1/#indicators

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline taskak

  • Newbie
  • *
  • Posts: 1
Re: Site Blocked - URL:Phishing
« Reply #636 on: April 21, 2021, 07:40:21 PM »
Hello for a reason my website is blocked with avast -> url: https://omniscia.io
 Can you unblock this. Thnx

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 84901
  • No support PMs thanks
Re: Site Blocked - URL:Phishing
« Reply #637 on: April 21, 2021, 07:57:20 PM »
Hello for a reason my website is blocked with avast -> url: hXXps://omniscia.io
 Can you unblock this. Thnx

Please 'modify' your post change the URL from http to hXXp, to break the link (as I have in the quoted text) and avoid accidental exposure to suspect sites, thanks.

Use the link given by Asyn, two posts above yours.
https://forum.avast.com/index.php?topic=218384.msg1597927#msg1597927
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33122
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #638 on: April 22, 2021, 09:34:07 PM »
Do not see that website blocked by avast's.

JavaScript errors:
Quote
SyntaxError: Unexpected identifier
  eval ()()
  :4:80()
  Object.t [as F_c] (:3:191)()
  Object.E_u (:4:244)()
  eval (eval at exec_fn (:2:115), :74:477)()
  Object.create (eval at exec_fn (:2:115), :76:193)()
  c (eval at exec_fn (:2:115), :15:231)()
  :4:80()
  i (eval at exec_fn (:2:115), :13:165)()
  eval (eval at exec_fn (:2:115), :13:292)()

SyntaxError: Invalid regular expression flags
  eval ()()
  :4:80()
  Object.t [as F_c] (:3:191)()
  Object.E_u (:4:244)()
  eval (eval at exec_fn (:2:115), :74:477)()
  Object.create (eval at exec_fn (:2:115), :76:193)()
  c (eval at exec_fn (:2:115), :15:231)()
  :4:80()
  i (eval at exec_fn (:2:115), :13:165)()
  eval (eval at exec_fn (:2:115), :13:292)()

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 84901
  • No support PMs thanks
Re: Site Blocked - URL:Phishing
« Reply #639 on: April 22, 2021, 09:42:55 PM »
Do not see that website blocked by avast's.

<snip>

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Still blocked by Avast.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33122
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #640 on: April 23, 2021, 05:56:48 AM »
Could be these two redirects: (redirects via CloudFlare dot net) that are being flagged.
Redirected requests
There were HTTP redirect chains for the following requests:

Request Chain 4
 -https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
 -https://unpkg.com/swiper@6.5.7/swiper-bundle.min.css
Request Chain 14
 -https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
 -https://unpkg.com/swiper@6.5.7/swiper-bundle.min.js

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline jayson.arcayna

  • Newbie
  • *
  • Posts: 3
Re: Site Blocked - URL:Phishing
« Reply #641 on: April 24, 2021, 11:50:00 AM »
Hello.

One of the websites I am currently working on is blocked by avast as a phishing site.

Can you please remove the website from the list?

hxxps://applemclinic.com

I already scanned it and it is virus-free,

https://sitecheck.sucuri.net/results/https/applemclinic.com
https://www.immuniweb.com/darkweb/?id=Qw0rygBW


Thanks,
Jayson

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 84901
  • No support PMs thanks
Re: Site Blocked - URL:Phishing
« Reply #642 on: April 24, 2021, 12:46:20 PM »
@    jayson.arcayna
You can use the link given previously by Asyn.

<snip quote>
You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

See https://awesometechstack.com/analysis/website/applemclinic.com/ jQuery needs updating.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33122
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #643 on: April 24, 2021, 10:45:28 PM »
With malzilla I get
Code: [Select]
HTTP/1.0 301 Moved Permanently
Connection: close
Content-Type: text/html; charset=UTF-8
X-Redirect-By: WordPress
Location: -https://applemclinic.com/
Content-Length: 0
Date: Sat, 24 Apr 2021 20:35:47 GMT
Server: LiteSpeed

=========================
Server IP(s):
0.0.0.0

=========================
HTTP headers:

GET / HTTP/1.0
Host: -applemclinic.com:443
User-Agent: Mozilla/7.0 (Windows; U; Windows NT 5.1; en-US; rv:0.9.2) Gecko/20010726 Netscape/7.0
Referer: -http://applemclinic.com
Accept-Encoding: gzip


Various Word Press issues: core version isn not the latest.

User Enumeration
The first two user ID's were tested to determine if user enumeration is possible.

Username   Name
ID: 1   admin   @admin
ID: 2   not found   
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. Take note that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Directory Indexing
In the test an attempt was made to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is a common information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.

Path Tested   Status
/wp-content/uploads/      enabled
/wp-content/plugins/      disabled
Directory indexing is tested on the /wp-content/uploads/ and /wp-content/plugins/ directores. Note that other directories may have this web server feature enabled, so ensure you check other folders in your installation. It is good practice to ensure directory indexing is disabled for your full WordPress installation either through the web server configuration or .htaccess.

Scan issue, scan will not materialize. Take this up with the hosting party in LA.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline jayson.arcayna

  • Newbie
  • *
  • Posts: 3
Re: Site Blocked - URL:Phishing
« Reply #644 on: April 25, 2021, 03:13:30 AM »
@    jayson.arcayna
You can use the link given previously by Asyn.

<snip quote>
You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

See https://awesometechstack.com/analysis/website/applemclinic.com/ jQuery needs updating.

Hi,

Thanks for your reply.

I already updated jQuery to the latest version. I also filled that form already. Thanks

I hope this gets resolved soon.


Thank you