Avast WEBforum
Other => Viruses and worms => Topic started by: nousgr on March 25, 2014, 11:34:36 AM
-
Hello everyone,
In the last couple of weeks, Avast detects some problem on wordpress site istologio.org
I scanned it with ALL tools & online services mentioned in the forum (scanurl, urlvoid, virustotal, urlquery) but none detected any problem.
I also downloaded all files and scanned them locally with Avast; again no threat.
Can you please help me confirm that the site is clean and then remove it from Avast's blacklist?
Thanks,
-
Clean on Sucuri and Zulu.
You can report a possible FP here: http://www.avast.com/contact-form.php
-
Blacklisted IP
http://zulu.zscaler.com/submission/show/d61777ebe867afed1cd0c6ffc783200b-1395744872 (http://zulu.zscaler.com/submission/show/d61777ebe867afed1cd0c6ffc783200b-1395744872)
http://www.unlocktheinbox.com/blacklist/bl/209.139.208.51/ (http://www.unlocktheinbox.com/blacklist/bl/209.139.208.51/)
-
Hello,
Any domain hosted on afraid.org can be used by other persons for dns hosting without your control. It happened for your domain, it was misused for malicious purposes - in that case, when nobody has control on subdomains of domain (DNS hijacking), we block the whole domain in order to protect our users. For you, the solution is most probably only changing the dns hosting and letting us know later (www.avast.com/contact-form.php).
Milos
-
Hello,
Any domain hosted on afraid.org can be used by other persons for dns hosting without your control. It happened for your domain, it was misused for malicious purposes - in that case, when nobody has control on subdomains of domain (DNS hijacking), we block the whole domain in order to protect our users. For you, the solution is most probably only changing the dns hosting and letting us know later (www.avast.com/contact-form.php).
Milos
Milos, which is the tool that you use to check if the domain was hijacked by afraid.org?
Maybe we can test and, if is the case, give the same answer you've posted here. What do you think?
-
Hello,
Any domain hosted on afraid.org can be used by other persons for dns hosting without your control. It happened for your domain, it was misused for malicious purposes - in that case, when nobody has control on subdomains of domain (DNS hijacking), we block the whole domain in order to protect our users. For you, the solution is most probably only changing the dns hosting and letting us know later (www.avast.com/contact-form.php).
Milos
Milos, which is the tool that you use to check if the domain was hijacked by afraid.org?
Maybe we can test and, if is the case, give the same answer you've posted here. What do you think?
Hello,
i.e "bgp.he.net/dns/" -> "bgp.he.net/dns/istologio.org"
Milos
-
Thank you, Milos, for the swift reply and useful information. I changed dns hosting and just sent a request as you suggested via http://www.avast.com/contact-form.php
Hello,
Any domain hosted on afraid.org can be used by other persons for dns hosting without your control. It happened for your domain, it was misused for malicious purposes - in that case, when nobody has control on subdomains of domain (DNS hijacking), we block the whole domain in order to protect our users. For you, the solution is most probably only changing the dns hosting and letting us know later (www.avast.com/contact-form.php).
Milos
-
Site seems no longer blocked by avast!
polonus