Avast WEBforum
Other => Viruses and worms => Topic started by: REDACTED on August 21, 2018, 07:56:01 AM
-
Please help! I'm the webmaster of wxw.club21ids.is and avast has been alerting of URL:PHISHING on my site. I believe this issue has been rectified on my site. Would you be able to verify and remove the alert on the site please? Thanks!
-
-> https://sitecheck.sucuri.net/results/www.club21ids.is/
-> http://labs.sucuri.net/db/malware/malware-entry-mwhta7
-> https://www.virustotal.com/#/url/1ec2bb7c1ef7b61f00d6b0c1c419c7f84ba493f5c93086c8fc6e65872911cd61/detection
-
A particular redirect is being flagged.
Read about proper redirects: https://www.webconfs.com/154/301-redirects-how-to-redirect-your-website/
Check 'em here: http://webconfs.com/redirect-check.php
But in this case it is malware redirect, like described here: http://labs.sucuri.net/db/malware/malware-entry-mwhta7
One should remove offending code from .htaccess and/or index.php
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
-
Hi,
The URLwas removed from our blacklist on 21.08., 13:48 CEST.
-
Hi, I have the same problem with my website: estudioagil.com I already scanned it and it is virus free,
https://sitecheck.sucuri.net/results/estudioagil.com
https://www.immuniweb.com/radar/?id=JHJAo1ux
What else can I do to get it removed from your blacklist.
-
Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php
-
Bitdefender is the engine that detects this website with this particular uri and file:
https://www.virustotal.com/gui/url/01e63e6bb7ff375c8317a0fccf57830503065dbf6b26c3208992aa0f03e041df/detection
Various detection for this domain in relations to the IP:
https://www.virustotal.com/gui/ip-address/162.241.184.154/relations
also as a PHISH:
htxp://estudioagil.com/dd/f/cd1181924c58104eb9735cdf24c014715e2d0ed9fdffa29f2a657d8cb11420302a68f3e6f140f131d661afea1a59b38b
I now get: Header returned by request for: hxtp://estudioagil.com/ -> -162.241.184.154
HTTP/1.1 302 Found
Date: Mon, 30 Sep 2019 17:30:05 GMT
Server: nginx/1.17.3
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
-
Content that was returned by your request for the URL: hxtp://estudioagil.com/
Note: Content displayed is from the redirect location, the URL web/
Re: https://toolbar.netcraft.com/site_report?url=estudioagil.com -> https://mxtoolbox.com/SuperTool.aspx?action=http%3a%2f%2festudioagil.com&run=toolpage
10 problems here: https://mxtoolbox.com/domain/estudioagil.com/
527 improvement recommendations found through linting here: https://webhint.io/scanner/7c5b31aa-d034-452f-bf4a-47645c6a42a7
No Cloaking, No Spammy Links, Status codes: GoogleBot returned code 302 to web/ Google Chrome returned code 302 to web/
ni iFrames, no Blacklists,
wait for an avast team member to give a final verdict on your website,
as they are the only ones that can come and unblock, we are just volunteers with expertise knowledge,
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
-
Hi, I have the same problem with my website: estudioagil.com I already scanned it and it is virus free,
https://sitecheck.sucuri.net/results/estudioagil.com
https://www.immuniweb.com/radar/?id=JHJAo1ux
What else can I do to get it removed from your blacklist.
Detection was removed in 07.10.2019 at 04:58 AM.
Our virus specialists have now cleared its reputation in our database.
With URLs this change should be instant, but it might take up to 24 hours with files.