JG_Esabora Posted July 4, 2023 ID:1575762 Share Posted July 4, 2023 Please remove the block in our professionnal domain, it prevents our customers to use the site. Domain is : esabora.solutions Please can you also tell me why it is blocked ? Thanks. Link to post
Porthos Posted July 4, 2023 ID:1575765 Share Posted July 4, 2023 @JG_Esabora Do you have a log or screenshot of the block? Link to post
JG_Esabora Posted July 4, 2023 Author ID:1575768 Share Posted July 4, 2023 Yes. On 2 différents subdomain (see pictures). If I loock a bit deeper in the network : chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/eventpages/block.html?referrer=undefined&url=https%3A%2F%2F*****.esabora.solutions%2FPopup%2FGetAlert&host=******.esabora.solutions&type=scam&subtype=phishing&tabId=693872247&filename=undefined&prevUrl=null Thank you for your help. Link to post
JG_Esabora Posted July 5, 2023 Author ID:1575877 Share Posted July 5, 2023 Do you have an update on this ? We have more and more customers complaining about this, as they can't work because their tool (website) is broken. This probleme does not occur on all pages, it seems to be only in pages with datatables (HTML tables), but I don't know if this is the reason. In the network, the first blocking event seems to be : Location : chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/eventpages/block.html?referrer=undefined&url=https%3A%2F%******.esabora.solutions%2FPersonnel%2FListPersonnels&host=********.esabora.solutions&type=scam&subtype=phishing&tabId=693872474&filename=undefined&prevUrl=null Non-Authoritative-Reason:WebRequest API Tell me if you need more informations. Thank you. Link to post
JG_Esabora Posted July 5, 2023 Author ID:1575890 Share Posted July 5, 2023 I believe this is related to recent update 2.6.5 of malwarebytes. This version has been released around the 3rd July, date from when the customers start complaining. Link to post
Staff Dashke Posted July 5, 2023 Staff ID:1575987 Share Posted July 5, 2023 Hello, JG_Esabora, We are very sorry for the problem you are experiencing. After we improved our phishing heuristic detection mechanisms, there was a misconfiguration that caused some legitimate pages to be detected. The new version v2.6.6 has already been released with the introduced fix. Please try to update your version and let us know how it goes. Thanks and have a malware free day! Link to post
JG_Esabora Posted July 6, 2023 Author ID:1576078 Share Posted July 6, 2023 Hello, Unfortunately the problem is stil there with 2.6.6. Please continue your investigations as we have many many complains about this. Regards Link to post
thisisu Posted July 7, 2023 ID:1576225 Share Posted July 7, 2023 17 hours ago, JG_Esabora said: Hello, Unfortunately the problem is stil there with 2.6.6. Please continue your investigations as we have many many complains about this. Regards Can you attach debug logs please so we can look further into this? I'm currently unable to replicate the block on 2.6.6 Chrome. Link to post
JG_Esabora Posted July 7, 2023 Author ID:1576282 Share Posted July 7, 2023 Hi, I've attached the log file (as this website has restricted access some informations have been deleted). Please note that the same site (with exactly the same code) is not blocked in UAT environnement (I mean with others domain names). Regards, BG-Logs_v2.6.6_2023-07-07_115015.txt Link to post
Solution thisisu Posted July 8, 2023 Solution ID:1576403 Share Posted July 8, 2023 Thank you. Tryingto manually whitelist this for now and I've passed along info for devs to review. In the next database update it should be fully allowed. Sorry for the inconvenience. Link to post
JG_Esabora Posted July 10, 2023 Author ID:1576634 Share Posted July 10, 2023 Hello, everything seems to be back to normal ;) Thank you. Link to post
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now