Author Topic: How to remove my website from your blacklist?  (Read 257994 times)

0 Members and 1 Guest are viewing this topic.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76232
  • Urlaub/Vacation
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: How to remove my website from your blacklist?
« Reply #690 on: July 08, 2021, 09:09:45 AM »
Hello everybody, I'm webmaster of hxxps://wxw.pornhat.com/ (attention! adult content) Recently we've got messages from our users that Avast have flaged our domain as URL:scam. We've check our site on virustotal, urlvoid and google safebrowsing and see no security issues. Also our admin scanned servers for viruses and file changes and we are 100% sure that we was not hacked. We are pretty sure this is false positive report. Could someone from avast team remove our url from suspicious list?
https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438
Hello
How long does site will be reviewed?
You should get a reply within 48 hours.
The report was sent more than 48 hours, but did not receive a response (
Nothing much I/we can do on the forum, only the guys from threat lab can unblock it.
W8.1 [x64] - Avast PremSec 22.7.7366.BC [UI.713] - Firefox ESR 91.11 [NS/uBO/PB] - Thunderbird 91.11
Avast-Tools: Secure Browser 102.1 - Cleanup 22.2 - SecureLine 5.18 - DriverUpdater 22.2 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline calhounken

  • Newbie
  • *
  • Posts: 2
Re: How to remove my website from your blacklist?
« Reply #691 on: October 23, 2021, 09:27:26 PM »
Hi  can you remove my trademastery.com url from your blacklist?  Shows clean on virustotal etc... thx

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86662
  • No support PMs thanks
Re: How to remove my website from your blacklist?
« Reply #692 on: October 23, 2021, 09:58:37 PM »
Hi  can you remove my trademastery.com url from your blacklist?  Shows clean on virustotal etc... thx

Virustotal is a pretty basic check and you will probably have noted that Avast doesn't take part in the URL scan checks.

And the check on VT is 5 months old, though it is still the same when I refreshed the scan.
Considered a Low Security Risk here - https://sitecheck.sucuri.net/results/trademastery.com - but there are some hardening improvements listed.
Outdated software listed here - https://awesometechstack.com/analysis/website/trademastery.com/ - this could leave the site open to exploit.
-  This may or may not be what Avast is alerting for - but you should certainly address this.

Your first port of call might have been using this link given several times in this topic.
Reporting a Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php.
You should get a response in a day or two.

Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33628
  • malware fighter
Re: How to remove my website from your blacklist?
« Reply #693 on: October 23, 2021, 11:02:12 PM »
Hi calhounken,

In addition to the info you already achieved from my forum friend, DavidR, I report accordingly:

Nothing out of the ordinairy, blacklists and threat intell are to produce an all green:

DShield    CLEAN
AlienVault OTX      CLEAN
Cisco Talos    CLEAN
abuse.ch (Feodo)    CLEAN
URLhaus    CLEAN
Spamhaus (Drop / eDrop)    CLEAN

Your CMS (WordPress seems correctly been configured), furthermore no cloaking, no spammy looking links,
status codes all the same.

But one should consider the various vulnerabilities mentioned here for that particular IP,
you share with 84 other sites at your hoster, see: https://www.shodan.io/host/96.30.47.152

This related site kicks up an insecure connection: -http://kencalhoun.com/ -> -http://kencalhoun.com
with links to the following External Domains: ==>-KenCalhoun.jpg

So wait for a final verdict from an Avast Team Member, as they are the only ones to come and eventually unblock.
This as a response after you used the reporting link DavidR provided to you.

Have a nice day, stay safe and secure, both online and offline, that is the wish of,

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline calhounken

  • Newbie
  • *
  • Posts: 2
Re: How to remove my website from your blacklist?
« Reply #694 on: October 24, 2021, 03:08:55 PM »
Thanks, much appreciated

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86662
  • No support PMs thanks
Re: How to remove my website from your blacklist?
« Reply #695 on: October 24, 2021, 04:48:37 PM »
You're welcome.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline ilGolem72

  • Newbie
  • *
  • Posts: 1
Re: How to remove my website from your blacklist?
« Reply #696 on: February 12, 2022, 12:40:19 AM »
Hi, my two website were reported as blacklisted, can you tell me why?
hxtps://blog.versanteripido.it
hxtps://fanzine.versanteripido.it

If they were clean, can you remove them from blacklist?

Thank you very much.
Regards
« Last Edit: April 22, 2022, 09:39:07 AM by Milos »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86662
  • No support PMs thanks
Re: How to remove my website from your blacklist?
« Reply #697 on: February 12, 2022, 02:52:16 AM »
Avast isn't alone in this detection, two others on this check.
https://www.virustotal.com/gui/url/b6a8f574139a9c9381da86b13972efba5b5acd4ae6dbefd57c18ec76d3e15434?nocache=1

Some points raised here, but considered a low security risk.
https://sitecheck.sucuri.net/results/versanteripido.it

Use the information given 4 posts above yours.
Quote from: DavidR
Reporting a Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php.
You should get a response in a day or two.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33628
  • malware fighter
Re: How to remove my website from your blacklist?
« Reply #698 on: February 12, 2022, 01:41:27 PM »
Hi ilGolem72,

Additionally to what DavidR has reported, I like to ask to pay attention to the following issues.

There are two issues with your CSM.
User Enumeration
The first two user ID's were tested to determine if user enumeration is possible.

Username   Name
ID: 1   adminvr   
ID: 2   claudiazironi   

It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. Take note that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

The theme has been found by examining the path /wp-content/themes/ *theme name* /

Path   Theme Details   Developer (URL)
/twentytwentyone/   Twenty Twenty-One 1.5   
While plugins get a lot of attention when it comes to security vulnerabilities, themes are another source of security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers theme page for information about security related updates and fixes.

Also consider: https://quttera.com/detailed_report/versanteripido.it  (2 x 301 redirect detected)
Also see: https://www.shodan.io/host/185.19.184.188

Wait for a final verdict from avast team, but user enumeration should be set to disabled a.s.a.p.

Also consider these results here: https://snyk.io/test/website-scanner/?test=220212_BiDcF4_AAJ&utm_medium=referral&utm_source=webpagetest&utm_campaign=website-scanner  -> https://webpagetest.org/result/220212_BiDcF4_AAJ/
see the Waterfall view.

polonus (3rd party cold recon website security analyst and website error-hunter)
« Last Edit: February 12, 2022, 09:39:39 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33628
  • malware fighter
Re: How to remove my website from your blacklist?
« Reply #699 on: February 14, 2022, 12:10:48 PM »
Wait for the final avast verdict, in the mean time I present the following server scan results.
Quote
C-grade security.
Server Details:
WordPress 5.9
nginx

Google and Web-Browser Content different!
Google: 486584 bytes       Firefox: 488665 bytes,    Diff:   2081 bytes

cookie-notice-front-css' href='-https://blog.versanteripido.it/wp-content/plugins/cookie-notice/includes/../css/front.min.css?ver=5.9' type='text/css' media='all' /> <link rel='stylesheet' id='cyclone-template-style-dark-...

Suspicious links found
-https://www.versanteripido.it/about/ --> 'vr chi siamo'
-http://www.versanteripido.it --> 'vr fanzine ->'
-https://www.versanteripido.it/about/ --> 'vr chi siamo'
-http://www.versanteripido.it --> 'vr fanzine ->'
-https://antonellasica.me/2022/02/09/lira-notturna-penelope-n --> '"l'ira notturna di penelope": una nota d'
-https://www.argonline.it/novissime-rassegna-stampa-fuori-bol --> 'novissime ⥀ la rassegna stampa fuori b'
-https://www.versanteripido.it --> ''
-https://www.andersnoren.se --> 'anders noren'
-https://www.versanteripido.it/maggiori-informazioni-sui-cook --> 'privacy policy'

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline info92

  • Newbie
  • *
  • Posts: 1
Re: How to remove my website from your blacklist?
« Reply #700 on: April 21, 2022, 01:22:59 PM »
Hi,

our website were reported as blacklisted, can you tell me why or remove them from blacklist?

hxtps://zukunft-jetzt.at

Thank you very much.
Regards


« Last Edit: April 22, 2022, 09:38:46 AM by Milos »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76232
  • Urlaub/Vacation
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast PremSec 22.7.7366.BC [UI.713] - Firefox ESR 91.11 [NS/uBO/PB] - Thunderbird 91.11
Avast-Tools: Secure Browser 102.1 - Cleanup 22.2 - SecureLine 5.18 - DriverUpdater 22.2 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0