« previous next »
Pages: [1]   Go Down

Author Topic: False Positive - URL Phishing  (Read 1258 times)

0 Members and 1 Guest are viewing this topic.

Offline dave.killian

  • Newbie
  • *
  • Posts: 1
False Positive - URL Phishing
« on: October 24, 2022, 09:56:06 PM »
Hello,

It seems that my site has been blocked for URL phishing. I scanned my site several times and everything came up clean. I also submitted a false positive report and have not received any response. Please help as some of my visitors are blocked and cannot do business on my site.

url:
epic.gallery
« Last Edit: October 25, 2022, 01:06:55 AM by dave.killian »
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89029
  • No support PMs thanks
Re: False Positive - URL Phishing
« Reply #1 on: October 24, 2022, 10:32:31 PM »
Quote from: dave.killian on October 24, 2022, 09:56:06 PM
Hello,

It seems that my site has been blocked for URL phishing. I scanned my site several times and everything came up clean. I also submitted a false positive report and have not received any response. Please help as some of my visitors are blocked and cannot do business on my site.

url:
epic.gallery

Please modify your post and break active links to suspect sites, as I have in the quoted text.

Nothing found here - https://www.virustotal.com/gui/url/73b2384c15f2e4149ec785619a69c00605fdf4f7876da16a7dc717ad845cb47c?nocache=1
Low Security Risk - https://sitecheck.sucuri.net/results/epic.gallery
Some security issues reported here - https://en.internet.nl/site/epic.gallery/1751847/
Webpage Security Score F - outdated software - https://snyk.io/test/website-scanner/?test=221024_BiDcPD_EFA&utm_medium=referral&utm_source=webpagetest&utm_campaign=website-scanner

These may or may not have contributed to the detection, but it is certainly something that should be addressed to reduce the chances of being exploited.

If you used the - Reporting a Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php link.
Then you should get a response in a day or two.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33897
  • malware fighter
Re: False Positive - URL Phishing
« Reply #2 on: October 25, 2022, 11:28:41 AM »
Apart from the information that was already provided by DavidR, one should also consider these relations:
https://www.virustotal.com/gui/domain/epic.gallery/relations    with some earlier flags.

Javascript links were all being checked by Google Safe Browsing:
Quote
JS Link   Hosting / Company Netblock   Country
  -https://epic.gallery//assets/js/vendor/slider.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/core.min.js   CLOUDFLARENET   
  -https://epic.gallery//static/js/2.c49ed985.chunk.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/bootstrap.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/all.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/shuffle.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/popper.min.js -https://epic.gallery//assets/js/vendor/popper.min.js   CLOUDFLARENET   
  -https://epic.gallery//static/js/main.2961e046.chunk.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/countdown.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/main.js   CLOUDFLARENET

Results of an HTLM-check (validation): https://validator.w3.org/nu/?doc=https%3A%2F%2Fepic.gallery%2F

polonus
« Last Edit: October 25, 2022, 11:23:51 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »