Since few days we are experiencing an issue in one of our a domain named "id-validation.us".
Google is blocking this domain on browsing from google-chrome. We tried to rectify the issue and found that google blocking all hits which is being done to id-validation.us. We are using a wildcard certificate on this domain and certificate is fine as it is working well on rest of the domain. We tried to remove the code from a web server as well but the result is still same.
Google is throwing below error once you browse the website from google-chrome. Currently, an index.html file is placed on this web-server for this domain but the response is same.
error message
Can someone help me find the solution to this problem?
You may have some automated script that may affect the computer or browser settings. Google recognizes any automatic redirection or setting-changing code in a server/website as malware.
Related
Very strange, I can surf to every website I try. Except subdomains of google.com.
ex; firebase.google.com or photos.google.com or analytics.google.com ...
(I am enable to do normal google searches though)
When I go to these sites Google Chrome returns following error:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
And it says x.google.com doesn't use a supported protocol.
Same result when using FireFox:
SSL_ERROR_NO_CYPHER_OVERLAP
Microsoft Edge also raises an error, saying something about the TLS-configuration
As I found it very difficult to believe this is an issue caused by the Google side, I tried two things:
Cleared my cookies
Cleared SSL certificates
But no result.. Any idea's?
You may get this error as the website is still encrypted with the older RC4 or SHA-1 algorithm.
You must check the status of the Cipher-suit of the website, it will help you to understand the correct concern and you can solve the issue.
I've noticed that Google keeps visiting some of my url:s each time i boot up Google Chrome, does anyone know why this might be?
This wouldn't be much of a problem, except that it keeps hitting an login-url for a system I've built. And each time there's an unknown login-call I receive a text message... so, it's kind of annoying.
The IP range i keep receiving this visits from is 66.102.9.*.
Sure, I could block this ip-range. But first I'd like to know why I keep receiving this visits. Does anyone have any ideas?
Perhaps it is your Chrome's starting page and you could change it in the settings.
That's where I'd start, unless you have already checked that.
If that's not it, try the Google Chrome forums
When you use Google Chrome, it sends GET requests to Google's servers for the bowser's update checks and for the Chrome apps updates.
Chrome sends requests to multiple URLs when it’s checking for and downloading updates. The order of requests is determined dynamically at runtime. Both HTTP and HTTPS protocols might be tried. The following URL list of hostnames and paths can change at any time without notice:
www.google.com/dl/*
*.gvt1.com
tools.google.com/service/update2
dl.google.com/*
google.com/dl/*
clients2.google.com
update.googleapis.com/service/update2
Hi i just installed a chrome in my new development laptop and every time I go to google is does this weird URL from chrome into the url
https://www.google.com.ph/?gfe_rd=cr&ei=OG9OVP7YIOqS8QeN4oCwCQ&gws_rd=ssl
anybody knows what it is and why it is showing up on my development pc I already know its a Get method?
or maybe my pc just got infected with a trojan or virus?
I have never encountered it before is it a crawler or robot
what does it do and will it affect me
Your PC is not infected.
You must be accessing google.com using http://www.google.com, you just need to use HTTPS instead of HTTP.
When you access google.com using HTTP then google redirects you to HTTPS site for google and appends all the information that you are getting in your url.
Hope it helped.
found the solution here
I try to make correct authorization in Chrome App. I followed official tutorial, but I was not able to sign in - every try ended with redirection to settings page and communicate that
Account sign-in details are out of date. Sign in again
After signing in, I got redirection once again to setting page, and after a moment, the same situation happened.
I saw in chrome://identity-internals that token expiration date is set on 0 of Unix time, so it seems error.
I decided to try samples from Google Chrome Github. I installed the GDrive one and it worked fine - till the moment I deleted key from manifest, I found in documentation that this is kind of extension id. Without it, situation is identical to this with my own app. This happens in all samples with chrome.identity - without key, they are unusable, with key works fine.
Had anyone ever similar problem? Maybe this is connected to some kind of additional Origin in Cloud Console? I am not able to find any information about it. I use key from Web Application App, cause when I try to register Chrome Extension I always receive
Invalid appId for type CHROME_EXTENSION:
but in documentation of Chrome Apps is written that I should Web Aplication Keys.
Would be great if anyone could help. I use latest Dev Channel normal Chrome and Canary, same problem on both of them.
Right, the key needs to be there for the API to work. See http://developer.chrome.com/apps/app_identity.html for all the details.
I uploaded a utility in the last few days to google cloud storage.
It's a zip file containing two executables and a readme file.
I tested the download and it worked fine. I then looked into how I could see the download stats and yesterday I enabled logging.
I posted the link to a mailing list this afternoon and clicked it to verify that I had the right link and the download in chrome reports "xxx.zip appears to be malicious".
This did not happen prior to when I enabled logging, but I don't know for sure that is what caused it.
I am using a CNAME alias for the download, and I am a paying google apps customer.
The executables are not malicious in any way. They are simple utilities for doing replacements in text files. They do not access the network at all.
My question is "Why is my zip file being reported as malicious?" and is there any way to remedy this situation?
I looked around for a solution to this problem and I found the following advice:
1) Sign your EXEs. As it turns out, this advice is incorrect. While it has worked for some people, there are people who report that even signed executables are reported as malicious downloads.
2) Use SSL. SSL access is not available for google cloud storage unless you use the commondatastorage.googleapis.com or sandbox.google.com URLs. While this does might work, it doesn't resolve my problem.
3) Use the commondatastorage.googleapis.com URL. This works. The same file using the commondatastorage.googleapis.com url rather than my custom CNAME record does not report that it "appears malicious".
4) Register your site with Google Webmaster Tools. Getting around Chrome's Malicious File Warning According to this stackoverflow entry, the solution is to sign up for Google Webmaster Tools and add your site.
I have tried this one, but it has not made a change just yet. Because this is google cloud storage and not a main site, I added an index.html page, a 404 page, and ran the gsutil commands to enable web configuration within google cloud storage. I added the site to Webmaster Tools and additionally added it to Google Analytics.
I'll give solution 4 a few days to see if it pans out.
It seems like this is more of an issue with Google Chrome and not necessarily Google Cloud Storage. Chrome's methods for identifying malicious files are less than desirable right now.