Hello,

My site ibmirror[.]com has been blocked by Avast. The claim is phishing, but I cannot see the reason.
Is there any way to get more details, like the URL or any other possible details, so that we can understand what caused this?

If this is a false positive, please kindly remove the site from Avast’s blacklist as soon as possible.

Below are the online health checks that I performed to understand what the problem is. Without the exception of BitDefender, all came out as clean. I will also be contacting BitDefender today, and try to get some details from their side as well.

http://www.unmaskparasites.com/security-tools/find-hidden-links/site/?siteUrl=www.ibmirror.com
https://sitecheck.sucuri.net/results/www.ibmirror.com
http://dnscheck.pingdom.com/?domain=ibmirror.com
http://zulu.zscaler.com/submission/show/8b2a1956a1b9af5620ea896460f6d596-1492364683
https://quttera.com/sitescan/www.ibmirror.com
http://www.siteadvisor.com/sites/ibmirror.com
https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url=ibmirror.com
http://online6.drweb.com/cache/?i=cf8dcc22cb8fdd4dc99fcbd93ce478a4
→ All clean

https://www.virustotal.com/en/url/b5522b465d2ec9b96be3f64d5f80cfbd73d49f221b999f7a16643eb91f95f654/analysis/1492364485/
→ 1 hit: Bitdefender calls it a phishing site

http://www.urlvoid.com/scan/ibmirror.com/
→ 1 hit: Bitdefender calls it a phishing site

Please help as soon as possible.

Best regards,
Reha Esen

Strange, this has been fixed already.
→ https://forum.avast.com/index.php?topic=200829.0

Yes, confirmed, my post Reply #20 on the 15th April 2017 has an image extract of the site.
https://forum.avast.com/index.php?topic=200829.msg1386732#msg1386732

I was able to visit it again before posting this.

Still strange that both guys claim to be the owner…!? ???

Yes, strange, doesn’t effect the fact it isn’t blocked though.

Maybe, let’s see… (IP is different)

Some insecurity improvements could be made:
Retirable jQuery code detected: http://retire.insecurity.today/#!/scan/4122b16928ea35e40fb718fafe30e12d2e0f9a6caad3fd435b903f7f5176b512
SRI-hashed not set because not generated, creates “same origin” threats → F-status:
https://sritest.io/#report/41b932e8-e0d6-4021-b4cb-c3891a6b697f
Cert. Strict Transport Security (HSTS): UNKNOWN
F-D-X-status: https://observatory.mozilla.org/analyze.html?host=www.ibmirror.com
See recommended change also.

polonus (volunteer website security analyst and website error-hunter)

Hello, really sorry for the confusion. I was helping the site owner, but I did not want to go into detail trying to explain who I am.

I should have searched the forum for possible past posts about the site, before posting something new, my bad really.

I will concur with the site owner about whether he still experiences any issues or not and get back to you guys.

Thanks a lot for the prompt replies and good support.

OK. You’re welcome.

You’re welcome.

Hi rehaesen,

Our pleasure. Anything making the website more secure is what we are after…
As it is from the avast community for the avast community en beyond!

polonus (volunteer website security analyst and website error-hunter)