Author Topic: Remove from Blacklist  (Read 1730 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Remove from Blacklist
« on: February 12, 2016, 11:12:00 PM »
Hi guys, i'm new here.

Our new client has it's URL blacklisted: www.uma.com.ar

There was an old Wordpress there and now switched to other platform.

Can you review the block?

Thanks in advance


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Remove from Blacklist
« Reply #1 on: February 12, 2016, 11:24:02 PM »
Hi Matias48,

The reason Avast flags and blocks your site is because it is hosted at afraid dot org, see: http://www.dnsinspect.com/uma.com.ar/1455315297
Whenever you steer away from afraid dot org, your site may become unblocked by an Avast Team Member,
as we here are only volunteers with relevant knowledge. The unblocking by an Avast Team Member when the site is no longer being hosted there, could be as soon as with an upcoming update.
We also found FAIL: We found blacklisted mail servers:
190.245.91.49
zen.spamhaus.org. → https://www.spamhaus.org/query/ip/190.245.91.49

By the way also retire this vulnerable library (zip file for later reference and mitigate)
-http://www.uma.com.ar
Detected libraries:
jquery - 1.4.2 : -http://www.uma.com.ar/skin/frontend/uma/febrero2016/js/jquery-1.4.2.min.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 2.1.1 : (active1) -http://www.uma.com.ar/skin/frontend/uma/febrero2016/js/jquery-2.1.1.min.js
jquery - 1.10.2 : -http://www.uma.com.ar/skin/frontend/base/default/js/plumrocket/pslogin/jquery-1.10.2.min.js
prototypejs - 1.7 : (active1) -http://www.uma.com.ar
(active) - the library was also found to be active by running code
1 vulnerable library detected

17 script SRI issues reported here: https://sritest.io/#report/3e804c13-b00d-4f76-92cb-2f51b7b17d44

kindly reported by,

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.

REDACTED

  • Guest
Re: Remove from Blacklist
« Reply #3 on: February 13, 2016, 07:04:58 AM »
Thank you for your responses!

I'll take care of these issues.

Best regards

Offline HonzaZ

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1038
Re: Remove from Blacklist
« Reply #4 on: February 13, 2016, 07:35:43 AM »
I do not see any malicious subdomain active right now, so I am unblocking your domain, but you should definitely either pay for the stealth account at afraid.org (so a subdomain cannot be created without your consent) or change the DNS host altogether.