I am getting the message popup login.dotomi.com constantly on Safari. I have OS Sierra.

The next time you open Safari, hold down the Shift key while Safari opens. This prevents Safari from automatically reopening any windows.

Hi,

Pop ups are due to adware or malware but you can use the Malwarebytes free utility to remove it.

Click here > https://www.malwarebytes.com

Then click: Download

Only takes a minute to run Malwarebytes.

Hello !

You can install malware bytes , it will be downloaded in download folder , then drag and drop malware bytes into application folder .

Now , go to finder > click on applications and select Malwarebytes again ,right click on malware bytes & click on scan .

If you want to use malware bytes permanently & remain in your system.

Please empty the Malwarebytes from download folder as .dmg files should never be there .

Thanks !

Safari – Popup takes over

Safari – Popup takes over (2)

Popup remover – Scam Zapper

This is not malware or a virus. This is Safari warning you that the website you are on is attempting to make a connection to a server that has an invalid certificate. It is a security feature.

The reason you are seeing this a lot lately is because xxxx.dotomi.com serves up a lot of malware and their certificate must be no longer accepted by signing authorities. And, there are a lot of websites that serve up ads from this server.

As tempting as it is, do not click Show Certificate and then Trust it. You are opening yourself up to security risks. Contact the website that you get the alert on, if they are a legit site, and send them a screenshot.

After a little research I found some info. The certificate revocation list that is cached in your keychain needs to be updated.

The following comes from this website: https://support.globalsign.com/customer/portal/articles/1353318

Delete CRL and OCSP Cache

Clear CRL & OCSP Cache
Windows
By default, Windows caches Certificate Revocation Lists (CRL) and CA certificates to quickly verify certificate chains. The downside of this behavior is that the client does not pick up a newer CRL until the locally cached CRL has expired. To delete OCSP and/or CRL cache from your Windows system:
Go to Start Menu > Run
Type cmd and press Enter
Enter the following command and press Enter to execute:
certutil -urlcache * delete

Mac OS X

Note: After clearing the cache, you need to restart your computer for the changes to take effect.

OS X (through 10.11)
To delete both OCSP and CRL cache, in a terminal, enter the following command:
sudo rm /var/db/crls/*cache.db
That will remove the following files:

• /var/db/crls/crlcache.db
• /var/db/crls/ocspcache.db

OS X 10.12 Sierra

To delete both OCSP and CRL cache in OS X 10.12, open a terminal and run the following command:
sqlite3 ~/Library/Keychains/*/ocspcache.sqlite3 'DELETE FROM ocsp;'

Restart the machine from apple logo & empty the trash .🙂

tygb, are you saying to do this after the terminal commands or instead of?

Clear the stored data on all of your browsers this may be helpful, or you can do this in a different way: first clear one of your browsers if the message disappeared its done, if now clear the second and check and so on this.