Avast WEBforum
Other => Viruses and worms => Topic started by: val_ter on January 15, 2020, 08:15:21 AM
-
Please remove my web site from blacklist
www.vmpart.com
http://prntscr.com/qnvpzf
https://www.virustotal.com/gui/url/8be00b86fcb01585b83523741ca29b17e39294634d2eb45956d9d601ad8bac4f/detection
-
-> https://sitecheck.sucuri.net/results/www.vmpart.com
-
In spite of this site doesn't open if AVAST installed.
http://prntscr.com/qnw4ns
We can open site if AVAST tirned off
-
Please attach your screenshot(s), some of us don't follow external links. ;)
-
It is impossible to attach something here.
Could we use e-mail?
-
You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php
-
I've just reported with attached file.
But i've reported yesterday firstly, but result the same - cannot open site
with AVAST turned on.
-
Hi val_ ter,
As you can see from Asyn's scan results, the website uri kicks up a 403 error.
Here it is given as clean: https://www.virustotal.com/gui/url/d1d60ae69110f97e168c56c565f0be0ee3616608d141c02f6f074617a970322f/details
Detections on IP-related: https://www.virustotal.com/gui/ip-address/46.229.214.96/relations
Consider recommendations found through linting here: https://webhint.io/scanner/16395f7f-7a70-4b47-bb44-375e924c37e0
especially the security related scan results.
Also consider: https://www.shodan.io/host/46.229.214.96 at hoster (unsigned/with recent EXIM vulnerabilities?).
Wait for an avast team member to give the final verdict, they are the ones to come and unblock.
We are just volunteers with relative knowledge in the field of website security here,
polonus (volunteer 3rd party cold recon website security analyst and website error hunter)
-
At the hoster at https://www.shodan.io/host/46.229.214.96
they should be aware of https://www.exploit-db.com/exploits/44571
Consider: https://medium.com/@straightblast426/my-poc-walk-through-for-cve-2018-6789-2e402e4ff588
& https://github.com/synacktiv/Exim-CVE-2018-6789
Website retirable jQuery library:
jquery 1.9.1 Found in https://vmpart.com/js/lib/jquery/jquery.min.js?ver=4.9.1
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
Insecure connection - Website is insecure by default
100% of the trackers on this site could be protecting you from NSA snooping. Tell -vmpart.com to fix it.
All trackers
At least 5 third parties know you are on this webpage.
-vmpart.com
-Google
-Google
-Google
-fonts.googleapis.com -Google
Tracker could be tracking safely if this site was secure.
Tracker does not support secure transmission.
No tracking ads detected
polonus
-
I've just reported with attached file.
But i've reported yesterday firstly, but result the same - cannot open site
with AVAST turned on.
Detection has been removed
Our virus specialists have been working on this problem and it has now been resolved. The provided website isn't detected by Avast anymore.