Author Topic: False Positive - URL Phishing  (Read 881 times)

0 Members and 1 Guest are viewing this topic.

Offline dave.killian

  • Newbie
  • *
  • Posts: 1
False Positive - URL Phishing
« on: October 24, 2022, 09:56:06 PM »
Hello,

It seems that my site has been blocked for URL phishing. I scanned my site several times and everything came up clean. I also submitted a false positive report and have not received any response. Please help as some of my visitors are blocked and cannot do business on my site.

url:
epic.gallery
« Last Edit: October 25, 2022, 01:06:55 AM by dave.killian »

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 87653
  • No support PMs thanks
Re: False Positive - URL Phishing
« Reply #1 on: October 24, 2022, 10:32:31 PM »
Hello,

It seems that my site has been blocked for URL phishing. I scanned my site several times and everything came up clean. I also submitted a false positive report and have not received any response. Please help as some of my visitors are blocked and cannot do business on my site.

url:
epic.gallery

Please modify your post and break active links to suspect sites, as I have in the quoted text.

Nothing found here - https://www.virustotal.com/gui/url/73b2384c15f2e4149ec785619a69c00605fdf4f7876da16a7dc717ad845cb47c?nocache=1
Low Security Risk - https://sitecheck.sucuri.net/results/epic.gallery
Some security issues reported here - https://en.internet.nl/site/epic.gallery/1751847/
Webpage Security Score F - outdated software - https://snyk.io/test/website-scanner/?test=221024_BiDcPD_EFA&utm_medium=referral&utm_source=webpagetest&utm_campaign=website-scanner

These may or may not have contributed to the detection, but it is certainly something that should be addressed to reduce the chances of being exploited.

If you used the - Reporting a Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php link.
Then you should get a response in a day or two.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 23.4.6062 (build 23.4.8118.762) UI 1.0.762/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33647
  • malware fighter
Re: False Positive - URL Phishing
« Reply #2 on: October 25, 2022, 11:28:41 AM »
Apart from the information that was already provided by DavidR, one should also consider these relations:
https://www.virustotal.com/gui/domain/epic.gallery/relations    with some earlier flags.

Javascript links were all being checked by Google Safe Browsing:
Quote
JS Link   Hosting / Company Netblock   Country
  -https://epic.gallery//assets/js/vendor/slider.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/core.min.js   CLOUDFLARENET   
  -https://epic.gallery//static/js/2.c49ed985.chunk.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/bootstrap.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/all.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/shuffle.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/popper.min.js -https://epic.gallery//assets/js/vendor/popper.min.js   CLOUDFLARENET   
  -https://epic.gallery//static/js/main.2961e046.chunk.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/vendor/countdown.min.js   CLOUDFLARENET   
  -https://epic.gallery//assets/js/main.js   CLOUDFLARENET

Results of an HTLM-check (validation): https://validator.w3.org/nu/?doc=https%3A%2F%2Fepic.gallery%2F

polonus
« Last Edit: October 25, 2022, 11:23:51 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!