Threat Response Error for app.strongblock.com

[101security]

Hey, just went to strongblock website at https://strongblock.com and etheraddresslookup is showing that the app.strongblock.com website is a risk with a notification by phishfork being a risk of a phishing attack. This is incorrect as the security cert was valid for the domain and or website which was issued through cloudflare. Wanted to provide some feed back and if you wish to share with me anything that contradicts these findings I would appreciate it. Thanks for the great extension and keep up the great work!

[xtcxtc9]

Hi and thanks for helsing me but my engelskspråklige er ikke så bra. I need a little help with some things..... Sendt fra Yahoo Mail på Android Den lør. 5. feb.. 2022 kl. 1.30 skrev ***@***.***>: Hey, just went to strongblock website at https://strongblock.com and etheraddresslookup is showing that the app.strongblock.com website is a risk with a notification by phishfork being a risk of a phishing attack. This is incorrect as the security cert was valid for the domain and or website which was issued through cloudflare. Wanted to provide some feed back and if you wish to share with me anything that contradicts these findings I would appreciate it. Thanks for the great extension and keep up the great work! — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[101security]

Hei, gikk nettopp til strongblock-nettstedet på https://strongblock.com og etheraddresslookup viser at app.strongblock.com nettstedet er en risiko med en varsling fra phishfork som en risiko for et phishing-angrep. Dette er feil siden sikkerhetssertifikatet var gyldig for domenet og/eller nettstedet som ble utstedt gjennom cloudflare. Jeg ønsket å gi noen tilbakemeldinger, og hvis du ønsker å dele noe med meg som motsier disse funnene, vil jeg sette pris på det. Takk for den flotte utvidelsen og fortsett med det flotte arbeidet

[101security]

Jeg har sendt deg den oversatte versjonen som mitt svar på norsk. Jeg håper ikke Google Oversetter gjør det for dårlig. Uansett, jeg skal prøve å hjelpe deg best mulig på grunn av språkgapet. Fortell meg hvilke spørsmål du har da jeg sjekket igjen i dag og fant det samme problemet med nettsiden som dukket opp som et phishing-angrep, og igjen limte jeg inn advarselen og gikk til nettsiden, og det sjekket ut bra på min side.

[xtcxtc9]

Can you help me pleas.???

[101security]

How would you like me to help?

[xtcxtc9]

Can u give me some tips??? Sendt fra Yahoo Mail på Android Den lør. 12. feb.. 2022 kl. 15.09 skrev ***@***.***>: How would you like me to help? — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: ***@***.***>

[101security]

Can u give me some tips???

Sendt fra Yahoo Mail på Android

Den lør. 12. feb.. 2022 kl. 15.09 skrev @.***>:

How would you like me to help?

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented. Message ID: @.***>

As to tips, I am not a developer. Instead, I am a security researcher. I can tell you that both Etheraddresslookup and Phishfort, which pulls its blocklist from Etheraddresslookup is, saying that strongblock.com is a potential phishing website. When I looked into it, I noticed that the domain name strongblock.com is correct, and the certificate issuing agent is Cloudflare, which can be viewed in most web browsers by clicking the lock icon🔒 for the "HTTPS" address. This is located in the browser address bar, generally on the left side. Once you click on it, you can see the certificate information. Usually, when a website is a phishing site, you need to have an alternate or modified cert, which would also change the domain name. In short, Cloudflare is saying that the domain name strongblock.com is legit. Meaning that strongblock.com is who they say they are. I believe the issue is that Etheraddresslookup and Phishfort have a way to submit or report a website, so it's trusting that the end-user knows what they are looking at and are technical. In this case, I believe some normy write the site wrong as I also checked with strongblock.com social feeds and found that there was no communication regarding a phishing attack as well. I don't think the normy researched the matter or reported it by accident. Anyway, in short its simply modifying the backend of the blacklist should solve the problem by removing strongblock.com from that list. I hope this information helps with fixing this matter.
Regards,
Scott

The blicklist simply needs to remove strongblock.com