Author Topic: Problem (Read 5148 times)

DeeMooZ · « **on:** March 02, 2014, 08:21:38 PM »

Hi....

Why my site is blocked
Please lift the ban on my site
xww.r-x0.com
xww.r-x0.com/vb
xww.r-x0.com/dir

?

AdrianH · « **Reply #1 on:** March 02, 2014, 08:32:28 PM »

http://www.avast.com/contact-form.php

Secondmineboy · « **Reply #2 on:** March 02, 2014, 08:41:19 PM »

Suspicious by McAfee: http://www.siteadvisor.com/sites/r-x0.com
URLQuery: http://urlquery.net/report.php?id=9744041
Suspicious javascript and redirection: http://www.quttera.com/detailed_report/www.r-x0.com

Para-Noid · « **Reply #3 on:** March 02, 2014, 08:48:34 PM »

r-x0.com doesn't seem as safe as you want to think.
http://dnscheck.sidn.nl/?time=1393788913&id=1738546&view=basic&test=standard
http://zulu.zscaler.com/submission/show/d564bf5151d5d644f268c94c13e0012b-1393788471
http://quttera.com/detailed_report/r-x0.com
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fr-x0.com
Cross site scripting explained here.

With all due respect, I would not visit that website.

CraigB · « **Reply #4 on:** March 02, 2014, 09:11:22 PM »

I suppose this is still continued on from one of your original posts about the same problem, three separate threads on the same issue is very confusing for any one wishing to help.

http://forum.avast.com/index.php?topic=146622.msg1064618

http://forum.avast.com/index.php?topic=146624.msg1064398#msg1064398

DeeMooZ · « **Reply #5 on:** March 02, 2014, 09:42:21 PM »

http://urlquery.net/report.php?id=9744443

There are threats
my lanuage very poor

DeeMooZ · « **Reply #6 on:** March 02, 2014, 09:48:18 PM »

For I have not found a solution

polonus · « **Reply #7 on:** March 02, 2014, 09:57:28 PM »

Your flagged problems are injection check: Suspicious Text before HTML ï»¿
Javascript check: Suspicious

script type="text/javascript">document.write(unescape("%3cscript src=%27hxtp://s10.histats.com/js15.js%27 type=%27text/javascript%27%3e%3c/script%3e"));</script> <a href="http://ww...

You could go here for help (not free): http://www.websicherheit.at/

polonus

jefferson sant · « **Reply #8 on:** March 02, 2014, 11:04:27 PM »

in the past this site was attacked with reports avg

http://www.avgthreatlabs.com/website-safety-reports/domain/histats.com/

http://quttera.com/detailed_report/www.histats.com

also a report

http://www.google.com/safebrowsing/diagnostic?site=histats.com

http://wepawet.iseclab.org/view.php?hash=569103fd51ed06f48992d2bdbc267b3c&t=1393348824&type=js

reporting to the virus analyst

DeeMooZ · « **Reply #9 on:** March 02, 2014, 11:06:35 PM »

Where there is here...؟

Pondus · « **Reply #10 on:** March 02, 2014, 11:12:14 PM »

see your previous topic about this http://forum.avast.com/index.php?topic=146622

polonus · « **Reply #11 on:** March 02, 2014, 11:19:15 PM »

Hi DeeMooZ,

Why you want to be associated with or hosted on a server that gets an IDS alert of " ET CNC Zeus Tracker Reported CnC Server group 1",
that is part of or infested by a cyber-criminal botnet?

polonus

DeeMooZ · « **Reply #12 on:** March 02, 2014, 11:29:23 PM »

Modified and delete this code
heelp me

polonus · « **Reply #13 on:** March 02, 2014, 11:53:03 PM »

We cannot help you, the unblocking is up to an avast! team member, and we are not.
So report http://www.avast.com/contact-form.php
Your site has a general URL:Mal block, that could be a general IP block for 87.98.175.141 but I think it is not.

The IP block could also be for malware from the other two sites with that IP address: http://sameid.net/ip/87.98.175.141/
but these two sites are clean: http://www.meto-d.com/vb/ is not being blocked nor is site http://www.9up9.com/ blocked
see: http://urlquery.net/report.php?id=9745592 & http://urlquery.net/report.php?id=9745599

You also have serious DNS problems: see http://dnscheck.pingdom.com/?domain=www.r-x0.com&timestamp=1393800206&view=1
Too few IPv4 name servers (1).
You have to take that up with your hoster. Misconfiguration at nameserver: No SOA record found for wXw.r-x0.com.
Could not find reverse address for 87.98.175.141 (141.175.98.87.in-addr.arpa.).

This is the report for the Autonomous System where your site is hosted: http://sitevet.com/db/asn/AS16276
Hosts...
...malicious URLs? Yes
...badware? Yes
...botnet C&C servers? Yes
...exploit servers? Yes
...Zeus botnet servers? Yes
...Current Events? Yes
...phishing servers? Yes
...spam servers? Yes
...spam activity? Yes

Total number of Blacklisted URLs there : 11946
So you are certainly not alone out there, being one of the 11946 blacklisted

polonus

P.S. If I cannot convince you of this being a dangerous host, read here: http://graphiclineweb.wordpress.com/2013/06/11/roubaix-ovh-systems/
link article author = Mike Otgaar

DeeMooZ · « **Reply #14 on:** March 03, 2014, 03:38:44 AM »

Why only do this from Avast
Why does this other antivirus ..?
Is Avast weak and unable to distinguish the risk of security ..?

Author Topic: Problem (Read 5148 times)

DeeMooZ

Problem

AdrianH

Re: Problem

Secondmineboy

Re: Problem

Para-Noid

Re: Problem

CraigB

Re: Problem

DeeMooZ

Re: Problem

DeeMooZ

Re: Problem

polonus

Re: Problem

jefferson sant

Re: Problem

DeeMooZ

Re: Problem

Pondus

Re: Problem

polonus

Re: Problem

DeeMooZ

Re: Problem

polonus

Re: Problem

DeeMooZ

Re: Problem