Help Pop Up Message

Getting this error message constantly popping up on my iPhone here are photos, I can not find a fix for this!! Please help me!

!

Hi @doodyhead2000

what's the exact address you use. notifguide.online hasn't an open mail port, so you can't get that error message.

I don't understand what you mean it keeps popping up on my phone every few minutes

Those are screen shots of my phone

@JuergenAuer means which hostname you have configured in your e-mail app.

The website illustrated in the image has a misconfigured certificate.
SSLLABS extracted a reference to c a l e n d a r . w p u . s h (intentionally bunged up)
Looks like the phone has malware or a virus...


Sorry this is off topic here.
2 Likes

@Rip I'm getting the same cert as @doodyhead2000 and not that certificate from SSL Labs.. Same IP address. Port 443 with SNI. You only get that weird certificate when not using SNI.

If the certificate (without SNI!) is indeed related to malware, it's more likely the server has been hacked and not the phone.

2 Likes

But the certificate port 443 is correct - see https://check-your-website.server-daten.de/?q=notifguide.online

calendar.wpu.sh is the certificate seen checking the ip address (SNI-check), that shouldn't be a problem.

And the domain notifguide.online has no of the typical mail ports open.

1 Like

Looking at the first screenshot, it seems @doodyhead2000 is connecting to exactly the host "notifguide.online". The certificate configured for HTTPS only has the wildcard hostname included, not the base domain notifguide.online.

@doodyhead2000 You or your server system operator should also include the hostname notifguide.online in the certificate.

Hmmm, interesting by the way:

It seems the hostname notifguide.online also has a vew recent certificates for that URL c a l e n d a r . w p u . s h.

1 Like

Do I have to run virus software on my iPhone?

See if these instructions work for you:

1 Like

Yes. But why tries a mail program to connect port 443?

@doodyhead2000 : What's the program / environment you use?

I don't know, I don't own any Apple products. Perhaps some apps can use HTTPS for some kind of email related protocol.

Also, from the link @jvanasco I'm gathering the whole notifguide.online is also related to the virus... I was thinking it was the URL of the e-mail provider XD Sorry guys. An "I don't recognise this hostname!" from OP would have been helpful for me :stuck_out_tongue:

This isn't off-topic.

@doodyhead2000 clicked something that installed a "virus calendar" on their phone or email (gmail?) account. It's was a common scam, google and apple recently cracked down on it to make things harder. This may have been running for a while.

In this case, the OP DOES NOT want to connect to the website, so it's good the certificate is somehow not matching. [oddly, i can't find that certificate on crt.sh; but it could be my issue]

The scams work like this:

  • spam emails are sent to people and try to abuse OS/App exploits or trick people into subscribing to a calendar or accepting a calendar invitation; sometimes these are done by apps or advertisements instead of email.
  • The calendar then uses "events" to popup advertisements, or try to install malware or viruses.

Having a misconfigured certificate or server, in this case, is GREAT NEWS! It means the phone is not loading the dangerous content.

4 Likes

Indeed, my assessment of the situation was incorrect. :confounded:

1 Like

Thank you but how do I stop it?? It's popping up almost every time I open my phone

1 Like

Why is Let's Encrypt coming up in the information