One of my clients’ sites is throwing what I believe is a false positive, URL:Phishing.
The site in question is emcsecurity.com. Their google ads are coming back clean, so we’re at a loss if it’s not a false positive.
One of my clients’ sites is throwing what I believe is a false positive, URL:Phishing.
The site in question is emcsecurity.com. Their google ads are coming back clean, so we’re at a loss if it’s not a false positive.
→ https://sitecheck.sucuri.net/results/emcsecurity.com
→ https://www.virustotal.com/gui/url/98d1f7e7f3418585305c9da5250e4f86775d941321c8e295b3f33f0a42d18195/detection
You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php
Detection has been removed 06.08.2019 at 07:54 AM.
Our virus specialists have been working on this problem and it has been resolved. The provided website isn't detected by Avast anymore.
I am having the same issue with a website, app.coinhouse.com
How can I figure out why this is happening ?
https://www.virustotal.com/gui/url/92ea7858e27d5e06194204b66345d10e4ebad26ee4d8cd892a25389e53491b4e/detection
https://sitecheck.sucuri.net/results/app.coinhouse.com
How can I figure out why this is happening ?Report it to avast lab
Site no longer is detected.
Hello, I am a IT maintenance engineer. I am falsely reported as a phishing website on this website ( https://www.myhair.asia/ ), please help detect? Can I lift the ban?
https://sitecheck.sucuri.net/results/www.myhair.asia
many thanks
You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php
Hi, I have Report a suspected false positive, but I am still waiting for reply.
many thanks
Website is no longer being flagged by avast’s.
However check: ReferenceError: ga is not defined
/:20 and jquery 1.12.4 Found in -https://myhair.sakacdn.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers 1
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution
polonus
Hi, this problem has been fixed so far, should it be ok?
many thanks
Hi Sakamoto,
That retirable jQuery library had nothing to do with the avast FP detection, now elevated.
More with the minified js code of the regular expression in:
https://myhair.sakacdn.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
read on that particular subject here: https://github.com/SnakeskinTpl/Snakeskin/issues/69
just meant for hardening your security there,
一切都很好 all’s well that ends well, a.k.a everything is fine,
polonus (volunteer 3rd party cold recon website security analyst & website error-hunter)
unminify -code at https://unminify.com/ (pol)
Hi nadim221mia,
Why you attach this to a report for a site, that is not even online anymore?
Are you the developer of Unminify JS? Hope this was not intentional then?
De-minifying is only for CSS min.js script, you can detect such scripts for instance while using the SRC extension in the browser, a.k.a. Quick Source Viewer, an extension to help website developers and also those into website security analysis.
Falls in the realm of scripts like Retire.JS and the likes.
I am just looking at a newly reported suspicious PHISH: -burency.io
(something with cryptocurrency for the Middle East, USA excluded).
Re: https://www.phishtank.com/phish_detail.php?phish_id=6651116&frame=details
Checked at Zonemaster: https://www.zonemaster.net/domain_check
Just have the following script run at the unminifyer:
→ -https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js
lands at -http://burency.io/js/bioPopupView.js (no DOM-XSS sources & sinks)…
polonus (volunteer 3rd party cold recon website security anlayst and website error-hunter)