My Website Is Reporting A False Positive URL:Mal

[REDACTED]

Hello,
Anytime that anyone visits  our website with Avast installed, they get the following error:

Avast Web Shield has blocked a harmful webpage or file.
Object: http://www.sliptalk.com/
Infection: URL:Mal
Process: c:\.....

Our website is www.sliptalk.com is clean according to https://www.virustotal.com/en/url/7b0e5633fea9e32dfd86d5f91cd3ef0fb4946999abfd531ba69531232ee4ec5a/analysis/.

Please let me know what we can do to unblock our site.

Thank you.

Dan

[Pondus]

Our website is sliptalk.com is clean according to

Virustotal does not scan the site for infections, it check URL against blacklists

URL:Mal means URL or IP is blacklisted for whatever reason, there can be many......

if you think it is wrong, report it to avast lab here  https://support.avast.com

[Eddy]

http://sitecheck.sucuri.net/
Unable to properly scan your site. Site returning error (40x): HTTP/1.1 403 Forbidden

https://www.webhostinghero.com/who-is-hosting/
Nameservers: n/a

http://multirbl.valli.org/lookup/104.20.27.80.html
IP is blacklisted

[Pondus]

My Website Is Reporting A False Negative

and it is called False Poitive if a clean file is detected as malware ..... False Negative is a malware file not detected

[Pondus]

http://sitecheck.sucuri.net/
Unable to properly scan your site. Site returning error (40x): HTTP/1.1 403 Forbidden

works fine here Eddy  http://sitecheck.sucuri.net/results/www.sliptalk.com/

http://multirbl.valli.org/lookup/104.20.27.80.html
IP is blacklisted

wrong IP ... the one given by VT is  104.20.25.80    http://multirbl.valli.org/lookup/104.20.25.80.html

[Eddy]

IP seems to keep changing.
Now Zulu says: 104.20.26.80

[Pondus]

IP seems to keep changing.
Now Zulu says: 104.20.26.80

Yea.....now VT give the same?....click additional information
https://www.virustotal.com/en/url/7b0e5633fea9e32dfd86d5f91cd3ef0fb4946999abfd531ba69531232ee4ec5a/analysis/1417641798/

[polonus]

See Javascript check: Suspicious

It is a multiple IP site. wXw.sliptalk.com,104.20.28.80,,Multiple IPs,
:none}.ngfb-buttons iframe{max-width:none}.ngfb-buttons>div{display:inline-block;vertical-align:bottom;text-align:left;line-height:20px;padd
See changing IP: 104.20.28.80 -> 100 different results here: https://www.robtex.com/q/x1?q=www.sliptalk.com%2F&l=go
Resolution failed: http://hosts-file.net/default.asp?s=www.sliptalk.com%2F -> issues: http://www.dnsinspect.com/sliptalk.com/1417643646
Web rep external link: cdn.taboola dot com -> https://www.mywot.com/en/scorecard/taboola.com?utm_source=addon&utm_content=popup
error in CDN Plug-in: cdn-cgi/styles/cf.errors.ie.css
Here again we have 190.93.250.192 is hosted on a dedicated server -> P History   32 changes on 21 unique IP addresses over 9 years
> http://whois.domaintools.com/sliptalk.com -> reported as open proxy: http://www.liveipmap.com/190.93.250.192
-> http://network-tools.com/default.asp?prog=express&host=www.sliptalk.com/
Jarida plug-in exploitable: http://nakedsecurity.com/exploit/226894.htm & http://www.exploit4arab.net/exploits/1044
Vuln. -> -http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.sliptalk.com
Blocked by extension external code-link to: htxps://cas.criteo.com/delivery/ajs.php?

polonus

[Milos]

Hello,
domain will be unblocked in next stream update.

Milos

[REDACTED]

Thanks Milos,
Do you know when the next stream update will happen?

[Asyn]

Stream updates happen every few minutes.