Chrome now classifying my Proscan web server page as dangerous

[avaloncourt]

Try entering your ProScan web page address in the Google link Bob gave just above your last post and see what that says... it might give a little more info if that page flags it.

See what I just posted above.

 

[ProScan]

Can you try it with a Let's Encrypt cert?

Websites Without HTTPS Now Flagged As Insecure - No-IP Blog

Google has been warning website owners for years that they will soon prefer HTTPS (Hypertext Transfer Protocol Secure) traffic over HTTP. These changes have officially taken place. Now, all HTTP traffic is viewed as insecure. If you use the Google Chrome browser, you’ve probably already visited...

www.noip.com

 

[avaloncourt]

It's showing safe in the Google Safe Browsing site status.

Google Transparency Report

transparencyreport.google.com

{edit} I see the URL is blocked out. Are you going to proscan.org

{edit} I think I misunderstood. You are using the ProScan Web Server. Are you using a no IP service?

I am using Dynu for a dynamic IP service using my own domain. I'm just mapping DNS to them.

So, I looked at the page source for the IP-only based viewing and the one using the domain. I see two differences.

Using the domain name, line 12 changes from:

ws_main.js/true,false,SDS200,0,false,

to

ws_main.js/true,true,SDS200,16,false,

and I also see the following in the domain-viewed version...

var hotSpots = [];
hotSpots.push({id: 'ScannerButton1', coords: '411,152,468,180'});
hotSpots.push({id: 'ScannerButton2', coords: '477,152,534,180'});
hotSpots.push({id: 'ScannerButton3', coords: '543,152,600,180'});
hotSpots.push({id: 'ScannerButton4', coords: '411,12,468,40'});
hotSpots.push({id: 'ScannerButton5', coords: '477,12,534,40'});
hotSpots.push({id: 'ScannerButton6', coords: '543,12,600,40'});
hotSpots.push({id: 'ScannerButton7', coords: '411,47,468,75'});
hotSpots.push({id: 'ScannerButton8', coords: '477,47,534,75'});
hotSpots.push({id: 'ScannerButton9', coords: '543,47,600,75'});
hotSpots.push({id: 'ScannerButton10', coords: '411,82,468,110'});
hotSpots.push({id: 'ScannerButton11', coords: '477,82,534,110'});
hotSpots.push({id: 'ScannerButton12', coords: '543,82,600,110'});
hotSpots.push({id: 'ScannerButton13', coords: '411,117,468,145'});
hotSpots.push({id: 'ScannerButton14', coords: '477,117,534,145'});
hotSpots.push({id: 'ScannerButton15', coords: '543,117,600,145'});
hotSpots.push({id: 'ScannerButton16', coords: '402,187,450,215'});
hotSpots.push({id: 'ScannerButton17', coords: '456,187,504,215'});
hotSpots.push({id: 'ScannerButton18', coords: '510,187,558,215'});
hotSpots.push({id: 'ScannerButton19', coords: '564,187,612,215'});
hotSpots.push({id: 'ScannerButton20', coords: '388,222,436,250'});
hotSpots.push({id: 'ScannerButton21', coords: '442,222,490,250'});
hotSpots.push({id: 'ScannerKnob1', coords: '524,251,18'});
hotSpots.push({id: 'ScannerKnob2', coords: '567,251,18'});
hotSpots.push({id: 'ScannerKnob3', coords: '616,249,23'});
hotSpots.push({id: 'SoftKey1', coords: '1,249,110,262'});
hotSpots.push({id: 'SoftKey2', coords: '122,249,242,262'});
hotSpots.push({id: 'SoftKey3', coords: '254,249,363,262'});


These are the only differences in the page source.

 

[ProScan]

I am using Dynu for a dynamic IP service using my own domain. I'm just mapping DNS to them.

So, I looked at the page source for the IP-only based viewing and the one using the domain. I see two differences.

Using the domain name, line 12 changes from:

ws_main.js/true,false,SDS200,0,false,

to

ws_main.js/true,true,SDS200,16,false,

and I also see the following in the domain-viewed version...

var hotSpots = [];
hotSpots.push({id: 'ScannerButton1', coords: '411,152,468,180'});
hotSpots.push({id: 'ScannerButton2', coords: '477,152,534,180'});
hotSpots.push({id: 'ScannerButton3', coords: '543,152,600,180'});
hotSpots.push({id: 'ScannerButton4', coords: '411,12,468,40'});
hotSpots.push({id: 'ScannerButton5', coords: '477,12,534,40'});
hotSpots.push({id: 'ScannerButton6', coords: '543,12,600,40'});
hotSpots.push({id: 'ScannerButton7', coords: '411,47,468,75'});
hotSpots.push({id: 'ScannerButton8', coords: '477,47,534,75'});
hotSpots.push({id: 'ScannerButton9', coords: '543,47,600,75'});
hotSpots.push({id: 'ScannerButton10', coords: '411,82,468,110'});
hotSpots.push({id: 'ScannerButton11', coords: '477,82,534,110'});
hotSpots.push({id: 'ScannerButton12', coords: '543,82,600,110'});
hotSpots.push({id: 'ScannerButton13', coords: '411,117,468,145'});
hotSpots.push({id: 'ScannerButton14', coords: '477,117,534,145'});
hotSpots.push({id: 'ScannerButton15', coords: '543,117,600,145'});
hotSpots.push({id: 'ScannerButton16', coords: '402,187,450,215'});
hotSpots.push({id: 'ScannerButton17', coords: '456,187,504,215'});
hotSpots.push({id: 'ScannerButton18', coords: '510,187,558,215'});
hotSpots.push({id: 'ScannerButton19', coords: '564,187,612,215'});
hotSpots.push({id: 'ScannerButton20', coords: '388,222,436,250'});
hotSpots.push({id: 'ScannerButton21', coords: '442,222,490,250'});
hotSpots.push({id: 'ScannerKnob1', coords: '524,251,18'});
hotSpots.push({id: 'ScannerKnob2', coords: '567,251,18'});
hotSpots.push({id: 'ScannerKnob3', coords: '616,249,23'});
hotSpots.push({id: 'SoftKey1', coords: '1,249,110,262'});
hotSpots.push({id: 'SoftKey2', coords: '122,249,242,262'});
hotSpots.push({id: 'SoftKey3', coords: '254,249,363,262'});


These are the only differences in the page source.

Thanks. 16 means logged in as super user and the hotspots (virtual scanner buttons) will work when logged in as super user.

 

[ProScan]

I really don't know what can be done in the Web Server at this point.

I wish I knew specifically why Google is flagging the site as unsafe.

 

[avaloncourt]

I really don't know what can be done in the Web Server at this point.

I wish I knew specifically why Google is flagging the site as unsafe.

I just don't know why Google is somehow thinking the page is overtly collecting personal data but only when using the domain name. Weird. Thanks for looking into it anyway.

By the way, I have radiofeed running as a streamer for an SDR and I'm getting the same thing on that port. So, they've just painted the whole domain with the phishing brush.

 

[ProScan]

Can you try using this and see what it shows?

Sucuri Security

SiteCheck is a website security scanner that checks any site, link, or URL for malware, viruses, blacklist status, seo spam, or malicious code. Check your website safety for free with Sucuri Security.

sitecheck.sucuri.net

 

[avaloncourt]

Can you try using this and see what it shows?

Sucuri Security

SiteCheck is a website security scanner that checks any site, link, or URL for malware, viruses, blacklist status, seo spam, or malicious code. Check your website safety for free with Sucuri Security.

sitecheck.sucuri.net

It won't let me use a specific port to scan and if I just use the domain it says it doesn't get a response and can't scan it.

It notes: Site is Blacklisted by Google Safe Browsing
which we already knew.

It does provide the correct IP address though. So, it's in the right place.

 

[ProScan]

I just don't know why Google is somehow thinking the page is overtly collecting personal data but only when using the domain name. Weird. Thanks for looking into it anyway.

By the way, I have radiofeed running as a streamer for an SDR and I'm getting the same thing on that port. So, they've just painted the whole domain with the phishing brush.

What no IP service(site) are you using so I can try to use the same and see if the problem is with that service?

 

[carbineone]

ESET also reporting as potentially unwanted content is found and will not let you on website.

 

[ProScan]

The more I think about this, I think it's the domain name that the no IP service is using.
I don't see how Google would know the sub domain name or fully qualified domain name (FQDN) unless it's published somewhere.
I setup my web server to use non secure ProScan Web Server on port 80 and going to let it run till next Tuesday and see what happens.

 

[ProScan]

ESET also reporting as potentially unwanted content is found and will not let you on website.

Is that proscan.org or the ProScan Web Server?

 

[avaloncourt]

The more I think about this, I think it's the domain name that the no IP service is using.
I don't see how Google would know the sub domain name or fully qualified domain name (FQDN) unless it's published somewhere.
I setup my web server to use non secure ProScan Web Server and on port 80 and going to let it run tell next Tuesday and see what happens.

I think you're misunderstanding about the ddns service. I'm not using their subdomains. They're using my own domain which is my amateur radio callsign and mapping DNS to the IP address their utility reports in use.

I ran the site on a different security checker. It didn't come up with any malware or data collection issues. It just picked apart vulnerabilities in the webserver.

 

[avaloncourt]

What no IP service(site) are you using so I can try to use the same and see if the problem is with that service?

DYNU.COM

 

[carbineone]

Is that proscan.org or the ProScan Web Server?

Proscan.org

 

[Whiskey3JMC]

I setup my web server to use non secure ProScan Web Server on port 80 and going to let it run till next Tuesday and see what happens.

Ooh I now get to listen to Bob's SDS200 for a while. Straight from his workshop at the North Pole

 

[ProScan]

DYNU.COM

OK thanks

 

[avaloncourt]

I setup my web server to use non secure ProScan Web Server on port 80 and going to let it run till next Tuesday and see what happens.

Just remember that this took probably 8 months to surface with Google.

 

[iMONITOR]

Using FireFox and just typing in: proscan.org takes me to: ProScan

Perfectly safe, perfectly normal. ProScan is not the problem with the O.P. avaloncourt

 

[avaloncourt]

Using FireFox and just typing in: proscan.org takes me to: ProScan

Perfectly safe, perfectly normal. ProScan is not the problem with the O.P. avaloncourt

This has nothing to do with Proscan.org. This post is related to the Proscan software web server. You're going off on a completely unrelated tangent that has nothing to do with the question.