Re: Remove site from Avast blacklist

[jtoro]

Good afternoon,

Could you please remove https://chworks.org/ off of your blacklist. We have a client that uses your antivirus that cannot access our organizations website because it is listed as a phishing site. This is incorrect and our client has been unable to access our site for a couple of weeks. Your attention on this matter is greatly appreciated. Thank you.

V/R,

Jose Toro
IT Help Desk Technician
Community Housing Works
3111 Camino Del Rio N Suite 800
San Diego, CA 92108

[Asyn]

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

[polonus]

Website at -cloudproxy10003.sucuri.net

Better as average here, D-grade in stead of the run of the mill F-grade I often come across, see:
https://observatory.mozilla.org/analyze/chworks.org

Re: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=Xmh3XX1rcy5dfWc%3D~enc
1 retirable jQuery library: https://retire.insecurity.today/#!/scan/9cabd111ca428350b991967914ad1eeb362c0ccc84e4c43e99217b875cafe4f7

General threat risks for -https://chworks.org -> see: https://webscan.upguard.com/#/https://chworks.org

TLS Recommendations
HTTPS mixed content found. Your HTTPS website is referring to an HTTP resource:
-http://chworks.org/public/_admin/_filemanager/Image/01-Our-Impact-circle-CHW-LM(1).png on https://chworks.org/our-impact
-http://chworks.org/public/_admin/_filemanager/Image/Our%20Impact/SupportiveHousingIcon.png on https://chworks.org/our-impact
-http://chworks.org/public/_admin/_filemanager/Image/icon-set2.png on https://chworks.org/our-impact
-http://chworks.org/public/_admin/_filemanager/Image/icon-set3.png on https://chworks.org/our-impact
-http://chworks.org/public/_admin/_filemanager/Image/icon-set4.png on https://chworks.org/our-impact
-http://chworks.org/public/_admin/_filemanager/Image/icon1(1).jpg on https://chworks.org/our-impact
-http://chworks.org/public/_admin/_filemanager/Image/icon2.jpg on https://chworks.org/our-impact
-http://chworks.org/public/_admin/_filemanager/Image/icon3.jpg on https://chworks.org/our-impact
-http://chworks.org/public/_admin/_filemanager/Image/icon4.jpg on https://chworks.org/our-impact

Error: ReferenceError: WebFont is not defined
 /:1195
& Unchecked runtime.lastError: The message port closed before a response was received.

Website is insecure by default
100% of the trackers on this site could be protecting you from NSA snooping. Tell chworks.org to fix it.

 All trackers
At least 5 third parties know you are on this webpage.

-chworks.org -chworks.org
 -Google
 -www.googletagmanager.com
 -Google
 -Google
Legend Tracker could be tracking safely if this site was secure.

DOM XSS Scan Results
Results from scanning URL: -https://chworks.org/
Number of sources found: 13
Number of sinks found: 166
&
Results from scanning URL: -https://chworks.org/public/_front/assets/js/dnr-concatenate-plugin.js
Number of sources found: 185
Number of sinks found: 136

pop-up interaction: popup.js:12 Uncaught DOMException: Failed to read the 'localStorage' property from 'Window':
Access is denied for this document.
    at initOptionSwitcher (chrome-extension://jafmfknfnkoekkdocjiaipcnmkklaajd/popup.js:12:50)
    at HTMLDocument.<anonymous> (chrome-extension://jafmfknfnkoekkdocjiaipcnmkklaajd/popup.js:28:2)
initOptionSwitcher @ popup.js:12
(anonymous) @ popup.js:28

Wait for a final verdict from an avast team member, as they are the only onbes to come and unblock,
we here are just volunteers ith in this case relevant knowledge.

Just take hints and recommendations to come to a more secure website as guidelines.
The linting through 3rd party cold reconnaissance scan results is not directly related to the website,
being suspicious/malicious or otherwise. They just represent implementations of so-called "best policies".

polonus

[HonzaZ]

Detection disabled yesterday 16:00 CEST.
Please note that it was not incorrect - there was phishing on chworks[.]org/confirms/update/support/id-numb785/myaccount/signin