Getting "Invalid URL" accessing www.google.com using Firefox 44.0.2
On Windows 10 system, open Firefox 44.0.2 with www.google.com as homesite. Immediately get "Invalid URL The Requested URL "/" is invalid. Reference #9.167f1cb9.1455221410.4e70d644". Have cleared cache and history; did not help. Have disabled AVG Internet Security temporarily; did not help. Have run malware scan; did not help. Have looked at hosts file which contains nothing other than comment (#) lines. Problem also exists when using Chrome, although there I get "Your connection is not private Attackers might be trying to steal your information from www.google.com. NET::ERR_CERT_COMMON_NAME_INVALID"
Have other computers (Windows 7) on same network, also running Firefox 44.0.2 and which are able to access www.google.com with no problem. Router is Cisco RV130 VPN Firewall. Using AVG Internet Security 2015.0.6189, updated 2/11/2016.
All Replies (13)
If you hit the secure link in Firefox directly, do you get a certificate error?
Does it give the same explanation as Chrome or a different one (you may need to click an Advanced button on the error page to see the details).
AVG has some browser filtering features called LinkScanner Surf-Shield and Online Shield. One or both of these may be intercepting your Google requests. In order to decrypt secure requests, AVG needs to give your browsers a fake certificate and naturally Firefox objects.
Could you try disabling these specific features as a test: https://support.avg.com/SupportArticleView?l=en_US&urlName=How-to-disable-individual-AVG-components
As a data point, the solution in this old threat was to reboot the router: Invalid URL The requested URL "/", is invalid. Reference #9.a2fc54b8.1345130184.5cbbba6.
On a different forum, it was suggested to try using a different DNS service provider (e.g., OpenDNS or Google Public DNS) if it affects multiple sites, since it may indicate a name resolution problem at your current DNS provider.
As I mentioned in my original post, I had disabled AVG protection and tried to connect to Google with the same result. Nonetheless, I did try disabling the individual components as you suggested, with the same Invalid URL result.
I don't believe that the problem is related to DNS. Initially, the NIC adapter settings used automatic DNS obtained from the router. This is true of all of the other computers on the network, none of which have this problem. I did, however, change the DNS settings to use specific values. The Invalid URL problem continued. In fact, I pinged www.google.com and copied the displayed IP address into the address field in Firefox - bypassing DNS altogether - and get the same result.
If I try https://www.google.com, I get:
"Your connection is not secure. The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site used HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate."
If I click the Advanced button, I see:
"www.google.com uses an invalid security certificate.
The certificate is only valid for the following names: cl2.apple.com, cl3.apple.com, cl4.apple.com, cl5.apple.com, cl1.apple.com
(Error code: ssl_error_bad_cert_domain)"
I'm not sure why apple.com is involved???
Thanks for your reply, but I'm still stuck.
have you tried disabling the webbrowsing protection modules in avast like described in jscher2000's link?
in addition you might want to run a scan for malware with two other security tools:
I ran the ADWCleaner program. After the Scan, it did not show any files or folders or other things that had been found, but I went ahead and ran the Cleaning function nonetheless. Rebooted. The Invalid URL problem remains. I had run MalwareBytes before but ran it again from your AntiMalware link, rebooted, problem is still there.
I should mention that late yesterday I received the same Invalid URL message on my iPad (4) but today I can get to www.google.com on the iPad with no problem. iPhone and Android Samsung S4, Windows XP desktop and two Windows 7 systems all access www.google.com with no problem. It is only this Windows 10 system where the problem exists currently.
k14abmul said
If I click the Advanced button, I see:
"www.google.com uses an invalid security certificate.
The certificate is only valid for the following names: cl2.apple.com, cl3.apple.com, cl4.apple.com, cl5.apple.com, cl1.apple.com
(Error code: ssl_error_bad_cert_domain)"
I'm not sure why apple.com is involved???
That's an excellent question. Does your connection from Windows 10 run through any kind of Apple device?
I notice your router supports VPN connections. Could use or non-use of VPN be a difference among your devices?
You can remove all data stored in Firefox from a specific domain via "Forget About This Site" in the right-click context menu of an history entry ("History > Show All History" or "View > Sidebar > History") or via the about:permissions page.
Using "Forget About This Site" will remove all data stored in Firefox from that domain like bookmarks, cookies, passwords, cache, history, and exceptions, so be cautious. If you have a password or other data from that domain that you do not want to lose then make sure to backup this data or make a note.
You can't recover from this 'forget' unless you have a backup of the involved files.
If you revisit a 'forgotten' website then data from that website will be saved once again.
You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
- click "Advanced" to expand the error message
- click "Add Exception" to open "Add Security Exception"
If this isn't possible then open "Add Security Exception" by pasting this URL in the location/address bar and paste the URL of the website (https://xxx.xxx) in it's location field.
- chrome://pippki/content/exceptionDialog.xul
Let Firefox retrieve the certificate -> "Get Certificate"
- click the "View" button and inspect the certificate
check who is the issuer of the certificate
You can see details like intermediate certificates that are used in the Detail tab.
Who is the issuer of the certificate?
I did as you suggested and ran the exceptionDialog.xul and viewed the certificate. I am including several screen captures of what I saw in the view and, below, show all of the field values from the scrolling window within the View screen. If you copy this text and paste it into a larger window (e.g. Notepad) where it might retain the formatting, it might be easier to make sense of.
Again, much of it reflects Symantec and Apple, which is puzzling.
Certificate View Detail Values
Certificate Version Version 3 Serial Number 27:F5:26:A6:E6:E9:08:BB:B3:92:EA:D8:3D:DB:85:17 Certificate Signature Algorithm PKCS #1 SHA-256 With RSA Encryption Issuer CN = Symantec Class 3 EV SSL CA - G3 OU = Symantec Trust Network O = Symantec Corporation C = US Validity Not Before Monday, February 8, 2016 7:00:00 PM (Tuesday, February 9, 2016 12:00:00 AM GMT) Not After Wednesday, April 25, 2018 7:59:59 PM (Wednesday, April 25, 2018 11:59:59 PM GMT) Subject CN = cl1.apple.com OU = Internet Services for Akamai O = Apple Inc. Object Identifier (2 5 4 9) = 1 Infinite Loop L = Cupertino ST = California Object Identifier (2 5 4 17) = 95014 C = US Object Identifier (2 5 4 5) = C0806592 Object Identifier (2 5 4 15) = Private Organization Object Identifier (1 3 6 1 4 1 311 60 2 1 2) = California Object Identifier (1 3 6 1 4 1 311 60 2 1 3) = US Subject Public Key Info Subject Public Key Algorithm PKCS #1 RSA Encryption Subject's Public Key Modulus (2048 bits): e4 9f 29 bb 5c 6d 4e b4 01 bb 2a 4a f6 1c 2c 7a f1 6e 2c fc 4e 64 58 35 48 be 03 09 43 be 9e 48 cf 28 66 38 4e 31 38 92 c7 49 84 2e d3 37 da 1d e9 b9 31 0f 49 a7 19 0d eb 50 a7 c3 a7 61 7d 0e 04 b7 f4 6c e3 6b 9e 09 cb 9c c5 cb b3 9c 1d c8 66 9e 39 45 cc e5 c3 a5 3a 6e de bf 7a 24 6b 48 53 b6 4a d2 4c 96 85 e3 15 2d 71 ff dd 3d 02 47 c8 33 32 50 e5 dd ea 96 0d 80 07 c1 68 38 a6 97 ab 21 06 39 0e cd 26 95 5c 9e 60 ba 8d ca 7c 2c b2 c3 4d 07 a3 f1 3b 19 fb c1 98 c0 df 03 6a 56 9e cb e2 d5 00 4d e3 11 1a c0 7f 7d 48 35 0c df 89 41 79 32 c4 06 fa f2 c7 db da 19 31 ee 62 55 6f 49 91 b8 90 cf b7 d5 81 41 0e ef cc 27 ba 76 ac 46 79 00 67 59 96 db 94 67 70 15 e1 ff 8f e2 bf 83 01 7a ba 37 13 03 a2 29 76 a4 15 c8 f2 2d fa 7c 30 d9 77 f8 ae 37 ae aa 45 18 36 32 62 c3
Exponent (24 bits): 65537 Extensions Certificate Subject Alt Name Not Critical DNS Name: cl2.apple.com DNS Name: cl3.apple.com DNS Name: cl4.apple.com DNS Name: cl5.apple.com DNS Name: cl1.apple.com Certificate Basic Constraints Not Critical Is not a Certificate Authority Certificate Key Usage Critical Signing Key Encipherment Extended Key Usage Not Critical TLS Web Server Authentication (1.3.6.1.5.5.7.3.1) TLS Web Client Authentication (1.3.6.1.5.5.7.3.2) Certificate Policies Not Critical 2.16.840.1.113733.1.7.23.6: Extended Validation (EV) SSL Server Certificate Certification Practice Statement pointer: https://d.symcb.com/cps User Notice: https://d.symcb.com/rpa Certificate Authority Key Identifier Not Critical Size: 20 Bytes / 160 Bits 01 59 ab e7 dd 3a 0b 59 a6 64 63 d6 cf 20 07 57 d5 91 e7 6a CRL Distribution Points Not Critical URI: http://sr.symcb.com/sr.crl Authority Information Access Not Critical OCSP: URI: http://sr.symcd.com CA Issuers: URI: http://sr.symcb.com/sr.crt Object Identifier (1 3 6 1 4 1 11129 2 4 2) Not Critical Size: 367 Bytes / 2936 Bits 04 82 01 6b 01 69 00 76 00 dd eb 1d 2b 7a 0d 4f a6 20 8b 81 ad 81 68 70 7e 2e 8e 9d 01 d5 5c 88 8d 3d 11 c4 cd b6 ec be cc 00 00 01 52 c6 ce da 9f 00 00 04 03 00 47 30 45 02 20 19 d1 9c e7 4c e9 50 50 a1 03 d5 f8 82 c6 55 ce c4 08 15 a8 f2 e5 d0 62 3f ab 15 7e 0e 49 51 60 02 21 00 ec 0d 8d 4d 08 64 7e 42 bd 74 ca 6a 31 14 23 9f 95 29 4d 94 18 dc a3 76 58 ad f6 10 71 9a 1c 3b 00 76 00 a4 b9 09 90 b4 18 58 14 87 bb 13 a2 cc 67 70 0a 3c 35 98 04 f9 1b df b8 e3 77 cd 0e c8 0d dc 10 00 00 01 52 c6 ce da e4 00 00 04 03 00 47 30 45 02 20 65 b4 68 4e 35 9c 02 7b 8a 6b 38 58 3f b1 59 d7 4c a4 d8 8f b0 83 b1 ea da 40 47 ed 85 cd ef f4 02 21 00 ea 72 73 21 9a 7a b0 b1 7a 9d c0 77 c5 99 e7 cf ae 65 e0 c9 d2 9f be 45 bd fe f3 29 16 c4 b8 0c 00 77 00 68 f6 98 f8 1f 64 82 be 3a 8c ee b9 28 1d 4c fc 71 51 5d 67 93 d4 44 d1 0a 67 ac bb 4f 4f fb c4 00 00 01 52 c6 ce da e9 00 00 04 03 00 48 30 46 02 21 00 95 41 a8 0e 49 9f d9 e4 8b d0 2f be 10 18 70 d2 eb 92 6b a7 fe f8 00 5b cc 46 0f e2 55 79 c0 39 02 21 00 b7 d9 a9 78 6f 34 0e 13 0e 6f 1b 98 ed 83 12 8b 4a 04 e4 2d 44 da 67 0c 60 e8 07 cc 36 9f dc a2 Certificate Signature Algorithm PKCS #1 SHA-256 With RSA Encryption Certificate Signature Value Size: 256 Bytes / 2048 Bits 9c bf 64 a3 1e 63 8f cf be 24 e9 9b 98 86 1f 49 78 08 27 a7 47 e3 d9 78 65 bd 90 cf c1 e8 6f 96 11 08 3f 88 66 ab 4d 2c 49 1e 36 2b 63 86 a2 60 f6 7b a6 fc b2 84 6e e6 19 14 84 85 77 98 bb 8f 9c 44 33 52 27 52 d4 fb 75 cf 16 46 8e 8b c7 fc 2c cd 2f e5 fd 07 69 97 5d a1 b6 57 93 42 81 a5 bf b7 35 da 03 54 4d 77 da fe 9b 1b a1 49 ed e2 52 79 1d c8 51 58 34 fb ad a0 7f 60 b8 f2 94 a7 96 d9 12 62 7a 98 33 ff e6 d4 94 dc 96 b5 09 6b 15 83 2b a9 b5 16 f3 b6 9b 69 8d c1 14 3f 43 27 49 2d 1c 6f 17 01 b8 5f f0 f7 55 fb bb 46 4b a4 ac 90 68 6e e1 bb 77 f3 51 3a c9 a0 6a 2a 8c 53 dc 4e 51 90 be f1 29 79 74 bd 35 fd 02 e4 c6 a7 ae e6 ac 39 ee 9e a3 09 82 a7 b3 d1 26 44 a0 b7 f9 ec ef 49 73 cd fb 9f bf 60 8c 2a 17 16 91 07 69 55 91 fb cf 1d 0d 2b 3d a4 9c d8 bb 3c 40 7c
cor-el modificouno o
Subject CN = cl1.apple.com OU = Internet Services for Akamai O = Apple Inc.
Akamai came up when I was searching for other discussion of this problem:
I converted this computer to Windows 10 about a month ago, so in an attempt to resolve this problem, I restored the previous system (Windows 7). Having done that, Google works fine - no more Invalid URL problem! That would seem to rule out anything external to the computer (DNS, network issues, etc.). Perhaps the problem was in some aspect of Windows 10 security although I couldn't find any security setting (e.g. family settings) that was in force.
At some point, I will want to migrate to Windows 10, so I would still appreciate any suggestions about the Invalid URL problem.
Some Windows 10 upgraders have found it helpful to reset the TCP/IP stack as described in this thread:
https://support.mozilla.org/questions/1075112
Otherwise, I'm not familiar with Windows 10-specific networking issues.
hi k14abmul
very very strange i have run windows 10 since it's public release with the microsoft anti-virus software and have no problems with firefox accessing any websites
of course i don't use add-ons and i only use windows monday-friday to run firefox so maybe that's why :-) ?
cheers!
...Roland
and i did the windows 7->8->10 dance on the same computer, i just use whatever the latest and greatest general availability release of Windows happens to be