Remove conhecendooceara.com.br from Avast Blacklist

[REDACTED]

Hi!

Could you please remove my site from your blacklist?

Scaned by virustotal.com:

URL:   http://conhecendooceara.com.br/
Detection ratio:   0 / 68
Analysis date:   2016-08-29 18:59:15 UTC ( 1 minute ago )

Regards,

Cláudio Dodt

[Eddy]

VirusTotal does not scan websites.

Old plugins detected :
wordpress-social-login 2.2.3   latest release (2.3.0) Update required
http://miled.github.io/wordpress-social-login/
wordpress-seo 1.7.1   latest release (3.4.2) Update required
https://yoast.com/wordpress/plugins/seo/

Vulnerable library used :
http://retire.insecurity.today/#!/scan/ae1dec14618095af9e781f8a75d2dc593dfdaa72448fd9d9e9ba338e37b7bee5

4 problems found :
spf   conhecendooceara.com.br   No records found
dns   conhecendooceara.com.br   Name Servers are on the Same Subnet
dns   conhecendooceara.com.br   SOA Serial Number Format is Invalid
dns   conhecendooceara.com.br   SOA Expire Value out of recommended range

[REDACTED]

So, what kind of evidence do you need to remove the site from the blacklist?

I know virus total does not scan the site, but it does colect information for several other blacklists:

ADMINUSLabs   Clean site
AegisLab WebGuard   Clean site
AlienVault   Clean site
Antiy-AVL   Clean site
Avira   Clean site
Baidu-International   Clean site
BitDefender   Clean site
Blueliv   Clean site
C-SIRT   Clean site
Certly   Clean site
CLEAN MX   Clean site
Comodo Site Inspector   Clean site
CRDF   Clean site
CyberCrime   Clean site
desenmascara.me   Clean site
Dr.Web   Clean site
Emsisoft   Clean site
ESET   Clean site
Fortinet   Clean site
FraudScore   Clean site
FraudSense   Clean site
G-Data   Clean site
Google Safebrowsing   Clean site
K7AntiVirus   Clean site
Kaspersky   Clean site
Malc0de Database   Clean site
Malekal   Clean site
Malware Domain Blocklist   Clean site
Malwarebytes hpHosts   Clean site
Malwared   Clean site
MalwareDomainList   Clean site
MalwarePatrol   Clean site
malwares.com URL checker   Clean site
Nucleon   Clean site
OpenPhish   Clean site
Opera   Clean site
PalevoTracker   Clean site
ParetoLogic   Clean site
Phishtank   Clean site
Quttera   Clean site
Rising   Clean site
SCUMWARE.org   Clean site
SecureBrain   Clean site
securolytics   Clean site
Spam404   Clean site
SpyEyeTracker   Clean site
Sucuri SiteCheck   Clean site
Tencent   Clean site
ThreatHive   Clean site
Trustwave   Clean site
URLQuery   Clean site
VX Vault   Clean site
Web Security Guard   Clean site
Webutation   Clean site
Wepawet   Clean site
Yandex Safebrowsing   Clean site
ZCloudsec   Clean site
ZDB Zeus   Clean site
ZeroCERT   Clean site
Zerofox   Clean site
ZeusTracker   Clean site
zvelo   Clean site
AutoShun   Unrated site
Netcraft   Unrated site
PhishLabs   Unrated site
Sophos   Unrated site
StopBadware   Unrated site
Websense ThreatSeeker   Unrated site

[jefferson sant]

Hi  Claudio Dodt

I do not see the warning from avast block? but because
this is perhaps this infection hxxp://conhecendooceara.com.br/fuck.php

https://www.virustotal.com/en/file/ce944fdb0729c187e506041a9b3aa86677a75b401da25cd859b6e65959430ee1/analysis/

[REDACTED]

Hi there!

Thanks for the quick reply! The aforementioned file is been excluded, and we are also working on updating/correcting the mentioned vulnerabilities.

Regards,

Claudio

[Pondus]

code was alive 5min ago

https://virustotal.com/nb/file/3ca18e451919284e0fcdcc89ca8b753cb77946af8476111fd2350cc0afc615b9/analysis/1472500281/

[polonus]

Code still active: -http://www.domxssscanner.com/scan?url=http%3A%2F%2Fconhecendooceara.com.br%2Ffuck.php
Another insecurity: HTTP only cookies: Warning

Requested URL: http://conhecendooceara.com.br/ | Response URL: http://conhecendooceara.com.br/ | Page title: Conhecendo o Ceará | HTTP status code: 200 (OK) | Response size: 56,661 bytes (gzip'd) | Duration: 4,046 ms
Overview
Cookies not flagged as "HttpOnly" may be read by client side script and are at risk of being interpreted by a cross site scripting (XSS) attack. Whilst there are times where a cookie set by the server may be legitimately read by client script, most times the "HttpOnly" flag is missing it is due to oversight rather than by design.

Result
It looks like 2 cookies are being set without the "HttpOnly" flag being set (name : value):

PHPSESSID : t982cqg8sbk56jue2k0djvfad6
qtrans_cookie_test : 1
Unless the cookie legitimately needs to be read by JavaScript on the client, the "HttpOnly" flag should always be set to ensure it cannot be read by the client and used in an XSS attack.

polonus

[HonzaZ]

conhecendooceara[.]com.br/fuck.php seem to be removed, so I unblocked the URL. I hope the vulnerabilities are already patched, or it might be blocked in the future again.