Site Blocked - URL:Phishing

[Adam638]

Already reported first URL and no response, second has been reported with no response, 2 domains both blocked within days, 2 annoyed clients so Im trying my best to find an answer other than report it avast, I appreciate your reply, thanks

[DavidR]

Already reported first URL and no response, second has been reported with no response, 2 domains both blocked within days, 2 annoyed clients so Im trying my best to find an answer other than report it avast, I appreciate your reply, thanks

You should have received an email response within a day or two, I reported one very recently using that link and received an email reply in a day (FP confirmed and site removed).

I have just checked one site against 3 sites:
Considered a Medium Security Risk here - https://sitecheck.sucuri.net/results/trusted-tattoo.com - also some Hardening Improvements listed at the bottom.
Some security points also raised here - https://webhint.io/scanner/da7f2c1b-72d5-4946-8858-cc6b81834677
Not much reported here but a low score - https://awesometechstack.com/analysis/website/trusted-tattoo.com/

Whilst the top two may or may not have been why Avast alerted, but should be considered.
You could run your other two against these checks.

[nanarichgh]

Hello

Please i have the same problem and i was thinking of uninstalling avast, my site www.3dt.com.gh is blocked by avast for phishing on every pc even though i have cleared my site of all files and recreated the site. please take a look at it for me

[Asyn]

-> https://sitecheck.sucuri.net/results/www.3dt.com.gh
-> https://www.virustotal.com/gui/url/0bdbacc36cb6a70745711511847fdf78d4a0ce3b3ad911e0ebf5cd5b4fad90ec/detection

[DavidR]

Hello

Please i have the same problem and i was thinking of uninstalling avast, my site 3dt.com.gh is blocked by avast for phishing on every pc even though i have cleared my site of all files and recreated the site. please take a look at it for me

Also some of the sites software is out of date leaving it vulnerable to attack - https://awesometechstack.com/analysis/website/3dt.com.gh/

[Millertimewest]

Hello,
Having issues with a site that has never caused any problems before.   Banking site https://www.firstontario.com/
when clicking Log In the Avast URL:Phishing warning comes up and no longer lets me get to the site.   This is trusted site, so I'm not sure what has changed in the last couple weeks.
Thanks in advance for any assistance.
Cheers

[DavidR]

Hello,
Having issues with a site that has never caused any problems before.   Banking site firstontario.com/
when clicking Log In the Avast URL:Phishing warning comes up and no longer lets me get to the site.   This is trusted site, so I'm not sure what has changed in the last couple weeks.
Thanks in advance for any assistance.
Cheers

You should modify your posted URL as I have in the quoted text, to prevent accidental exposure.

Considering this is a bank it has security issues - https://webhint.io/scanner/05391a02-90ae-4953-9c59-c81e7b2e606e
Whilst this check failed to complete the check, it shows outdated software jQuery, which could leave it vulnerable to attack - https://awesometechstack.com/analysis/website/firstontario.com/?protocol=https%3A

You could also have used the - Reporting Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php. - posted several times in this topic, which goes to the virus labs team.

[bernieleigh]

-> https://sitecheck.sucuri.net/results/https/fbrcgroup.com

I am still having the same issue, no malware has been detected in the website but still whenever I am opening the site from any browser which has Avast installed it is showing me the security alert. Can you please resolve it at the earliest.

[Asyn]

-> https://sitecheck.sucuri.net/results/https/fbrcgroup.com

I am still having the same issue, no malware has been detected in the website but still whenever I am opening the site from any browser which has Avast installed it is showing me the security alert. Can you please resolve it at the earliest.

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

[tichym]

Hi,
when starting google chrome i keep getting avast warning.

Avast is aborting connection to https://click.site/3LtGWV 
Do I understand correctly that Google is accessing a website that Avast is considering problematic? How do I solve it?

I removed chrome and reinstalled it - still the same.

Avast Alert ID 80395f2cf8a6

Thank you.

Image of the warning is hopefully here:

[bernieleigh]

When I am trying to open the website https://fbrcgroup.com/ in systems that have Avast installed it is showing a security alert, whereas I have checked continuously with https://sitecheck.sucuri.net/ and found no malware detected in my site.
Kindly resolve this at the earliest as a matter of urgency, I have raised a request in https://www.avast.com/false-positive-file-form.php 

[Asyn]

OK, now you need to wait for the verdict from threat lab. You should get a reply within 48 hours.

[stomshoppro]

Hi, I have the problem with my site: stomshop.pro
In fact, the loading of the pages of the site is automatically canceled and the following message appears as a pop-up ("URL-infected connection: Phishing")

I have done other research on the most important blacklist sites, but this domain is NOT absolutely infected!
How can I unlock the website to delete these incorrect reports?

[polonus]

When scanning the site at VT Comodo flags it under the classification "illegal software".
Dr. Web's scan gives it the all green.

Errors on page:

ReferenceError: userip is not defined
 /:125

NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load '-https://sovetnik-off.ru/block/f7a40a70f084ad4eff9927b13155e997'.
  XMLHttpRequest.patched [as send] (:1155:35)()
 /:213
 /:214

ReferenceError: _f7a40a70f084ad4eff9927b13155e997 is not defined
 /:2349

SyntaxError: Unexpected identifier
  eval ()()
  :4:80()
  Object.t [as F_c] (:3:191)()
  Object.E_u (:4:244)()
  eval (eval at exec_fn (:2:115), :67:477)()
  Object.create (eval at exec_fn (:2:115), :69:193)()
  c (eval at exec_fn (:2:115), :7:231)()
  :4:80()
  i (eval at exec_fn (:2:115), :5:165)()
  eval (eval at exec_fn (:2:115), :5:292)()

SyntaxError: Invalid regular expression flags
  eval ()()
  :4:80()
  Object.t [as F_c] (:3:191)()
  Object.E_u (:4:244)()
  eval (eval at exec_fn (:2:115), :67:477)()
  Object.create (eval at exec_fn (:2:115), :69:193)()
  c (eval at exec_fn (:2:115), :7:231)()
  :4:80()
  i (eval at exec_fn (:2:115), :5:165)()
  eval (eval at exec_fn (:2:115), :5:292)()

Retirable libraries

Retire.js
bootstrap   3.3.5   Found in -https://stomshop.pro/catalog/view/javascript/bootstrap/js/bootstrap.min.js _____Vulnerability info:
Medium   28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331   
Medium   20184 XSS in data-target property of scrollspy CVE-2018-14041   
Medium   20184 XSS in collapse data-parent attribute CVE-2018-14040   
Medium   20184 XSS in data-container property of tooltip CVE-2018-14042   
jquery   2.1.1.min   Found in -https://stomshop.pro/catalog/view/javascript/jquery/jquery-2.1.1.min.js _____Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   123
Medium   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   123
Medium   CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS   
Medium   CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS   

But not given as vulnerable by Vulners. Site has 33 % tracking a.o. -www12.io, connect.facebook dot net and -mc.yandex.ru
and -https://tracker.convead.io/widgets/1627689600/widget-4dbd11e8d8030e1e18006e3d806830a2.js  being blocked for me.

Wait for a final verdict by avast team, as they are the only ones to come and unblock,

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

[Asyn]

-> https://sitecheck.sucuri.net/results/stomshop.pro