Author Topic: How my website can reach Avast approval mark?  (Read 24945 times)

0 Members and 1 Guest are viewing this topic.

Offline plenoal15

  • Newbie
  • *
  • Posts: 4
Re: How my website can reach Avast approval mark?
« Reply #15 on: March 23, 2019, 01:34:24 AM »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83031
  • No support PMs thanks
Re: How my website can reach Avast approval mark?
« Reply #16 on: March 23, 2019, 01:48:57 AM »
Thank you. But what is AOS and where is it ? thanks you.
-> https://support.avast.com/article/18/
Article no available.

For me the Article is there (using Firefox), but it is a slight language redirection from that URL https://support.avast.com/en-ww/article/18/, which I believe is en(English)-ww(World Wide).
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.2.2401 (build 20.2.5130.570) UI-1.0.505/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Sentra

  • Newbie
  • *
  • Posts: 1
Re: How my website can reach Avast approval mark?
« Reply #17 on: October 05, 2019, 09:45:55 PM »
hi iam owner of https://sentracon.co.id can you help me to approval mark my website beton ?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83031
  • No support PMs thanks
Re: How my website can reach Avast approval mark?
« Reply #18 on: October 05, 2019, 11:25:16 PM »
hi iam owner of sentracon.co.id can you help me to approval mark my website beton ?

Essentially there is nothing you can do.

Only Avast Users who are using the Avast Online Security browser add on can actually see this information if it is available.  Only those users using the Avast Online Security browser add on can actually vote on your site.

As has been said in this post and others.
Users need to vote your site.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.2.2401 (build 20.2.5130.570) UI-1.0.505/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Elie8

  • Newbie
  • *
  • Posts: 1
Re: How my website can reach Avast approval mark?
« Reply #19 on: December 06, 2019, 12:36:29 PM »
Hello,

Same for me my website is juts informative and no payment at all in it, so how to get it the green Avast sign? www.tocsjardat.com that is my website thank you in advance

Elie
 

Hello, forum. I am owner of website on Wordpress https://unidecorvrn.ru . My site have licensed SSL certificate and good avast statistic. What should I do to reach Avast approval mark on my site in web search results? In advance, thanks for your answers :).

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83031
  • No support PMs thanks
Re: How my website can reach Avast approval mark?
« Reply #20 on: December 06, 2019, 04:22:33 PM »
Hello,

Same for me my website is juts informative and no payment at all in it, so how to get it the green Avast sign? tocsjardat.com that is my website thank you in advance

Elie
<snip quote>

As mentioned in the post right above yours
Quote from: DavidR
Only Avast Users who are using the Avast Online Security browser add on can actually see this information if it is available.  Only those users using the Avast Online Security browser add on can actually vote on your site.

And above that:
Users need to vote your site.

And

But is there a possibility to advertise my site for voting?
Not here. But you could ask the visitors of your site to vote.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.2.2401 (build 20.2.5130.570) UI-1.0.505/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32441
  • malware fighter
Re: How my website can reach Avast approval mark?
« Reply #21 on: December 10, 2019, 03:15:54 PM »
L.S.

See: https://www.virustotal.com/gui/ip-address/34.198.45.144/relations  various detections not for your domain.
See: https://www.virustotal.com/gui/url/f471347af5ececeeb028ec6a6c4317f6b24795d513a7d1cfb7b116a6b8e02a80/details
See: https://sitecheck.sucuri.net/results/www.tocsjardat.com
HTTPS version of this website is not accessible: TLS certificate expired. Please consider setting up HTTPS to avoid the "Not Secure" browser warning.

See various security improvement tips found through linting: https://webhint.io/scanner/d3b030fb-502a-404d-92a4-f48877a28a32#category-security   disown-opener: 3 hints / https-only: 9 hints / x-content-type-options: 23 hints /
no-vulnerable-javascript-libraries: 1 hints / ssllabs: 1 hints -> 3 vuln. libraries:
https://retire.insecurity.today/#!/scan/0b0a77cd04a1973314421edd7ade8ce48e8147d48b5fe24364dbe7dc0f82cd0c

This website is insecure.
50% of the trackers on this site could be protecting you from NSA snooping. Tell -tocsjardat.com to fix it.

 All trackers
At least 2 third parties know you are on this webpage.

 Adobe
-www.tocsjardat.com -www.tocsjardat.com 

Data sent to / received from this site is transmitted in plaintext.

Wait for an avast team member to give a final verdict, we are just volunteers with relative knowledge, but cannot unblock.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline luki widjaja

  • Newbie
  • *
  • Posts: 2
Re: How my website can reach Avast approval mark?
« Reply #22 on: May 16, 2020, 09:10:56 PM »
hello all.. i'am owner of https://asiacon.co.id can you help me to approval mark for my website precast beton?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83031
  • No support PMs thanks
Re: How my website can reach Avast approval mark?
« Reply #23 on: May 16, 2020, 09:45:06 PM »
hello all.. i'am owner of asiacon.co.id can you help me to approval mark for my website precast beton?

Short answer your can't, it is avast users that have to vote for your site as mentioned many times already in this topic.

With your active link to your site (I have broken the link in my quote you should do the same) and given the many replies "it is avast users that have to vote for your site" I have to wonder if this isn't link spamming. 

We take a hard view on spamming/link spamming in the forums.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.2.2401 (build 20.2.5130.570) UI-1.0.505/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32441
  • malware fighter
Re: How my website can reach Avast approval mark?
« Reply #24 on: May 18, 2020, 10:26:44 PM »
Hi luki widjaja,

Nothing to worry about, avast online security extension does not as yet have enough thumbs up scored, unknown site for now. I gave it the tumbs up, as the site is OK (i.m.h.o.).

Your website is found not to be malicious nor suspicious.
Checking -https://asiacon.co.id/

Checking for cloaking
Looks cool.

Status codes
These should normally all be the same.

Google Chrome returned code 0
GoogleBot returned code 0

Spammy looking links
Any links with funky anchor text? Nothing scary here!

iframes
Any iframes? Nope!

Blacklist Checks
Google Safe Browse reports not in malware database
Phishtank reports URL not found

There is still some room for improvement.
Retirable code:
Quote
jquery   1.12.4   Found in -https://asiacon.co.id/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp<br>Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
Medium   Regex in its jQuery.htmlPrefilter sometimes may introduce XSS

Where it is being hosted: https://www.shodan.io/host/77.104.142.197
Secure connection: This website is secured
100% of the trackers on this site are helping protect you from NSA snooping. Why not thank -asiacon.co.id for being secure?

Identifiers | All Trackers
 Secure Identifiers
Unique IDs about your web browsing habits have been securely sent to third parties.

 -maps.google.comnid
d4331122808579XXXXXXXXXXXXXb1103a1589633106 -Lockerz__cfduid

 Tracking IDs are sent with some safety measures.

Results from linting: https://webhint.io/scanner/f231c9e9-de70-46f7-b1fa-16c5f7466559

Adjust Word Press settings: User Enumeration
  The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   administrator   administrator
2   None                   None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Externally Linked Host       Hosting Provider                  Country   
    -pavingblock.co.id       Cloudflare.                             United-States    
    -indonusa-conblock.com   SoftLayer Technologies Inc.   Bulgaria    
    -uditchbeton.com        SoftLayer Technologies Inc.   Bulgaria    
    -bit.ly   Bitly Inc                                                           United-States    
    -www.facebook.com        Facebook.                           Ireland    
    -twitter.com                Twitter Inc.                           United-States    
    -www.instagram.com        Facebook.                           Ireland    
    -www.youtube.com        Google LLC                           United-States    
    -id.linkedin.com                LinkedIn Corporation           United-States

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: May 18, 2020, 10:31:06 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline luki widjaja

  • Newbie
  • *
  • Posts: 2
Re: How my website can reach Avast approval mark?
« Reply #25 on: May 22, 2020, 11:29:13 AM »
Hi luki widjaja,

Nothing to worry about, avast online security extension does not as yet have enough thumbs up scored, unknown site for now. I gave it the tumbs up, as the site is OK (i.m.h.o.).

Your website is found not to be malicious nor suspicious.
Checking -https://asiacon.co.id/

Checking for cloaking
Looks cool.

Status codes
These should normally all be the same.

Google Chrome returned code 0
GoogleBot returned code 0

Spammy looking links
Any links with funky anchor text? Nothing scary here!

iframes
Any iframes? Nope!

Blacklist Checks
Google Safe Browse reports not in malware database
Phishtank reports URL not found

There is still some room for improvement.
Retirable code:
Quote
jquery   1.12.4   Found in -https://asiacon.co.id/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp<br>Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
Medium   Regex in its jQuery.htmlPrefilter sometimes may introduce XSS

Where it is being hosted: https://www.shodan.io/host/77.104.142.197
Secure connection: This website is secured
100% of the trackers on this site are helping protect you from NSA snooping. Why not thank -asiacon.co.id for being secure?

Identifiers | All Trackers
 Secure Identifiers
Unique IDs about your web browsing habits have been securely sent to third parties.

 -maps.google.comnid
d4331122808579XXXXXXXXXXXXXb1103a1589633106 -Lockerz__cfduid

 Tracking IDs are sent with some safety measures.

Results from linting: https://webhint.io/scanner/f231c9e9-de70-46f7-b1fa-16c5f7466559

Adjust Word Press settings: User Enumeration
  The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   administrator   administrator
2   None                   None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Externally Linked Host       Hosting Provider                  Country   
    -pavingblock.co.id       Cloudflare.                             United-States    
    -indonusa-conblock.com   SoftLayer Technologies Inc.   Bulgaria    
    -uditchbeton.com        SoftLayer Technologies Inc.   Bulgaria    
    -bit.ly   Bitly Inc                                                           United-States    
    -www.facebook.com        Facebook.                           Ireland    
    -twitter.com                Twitter Inc.                           United-States    
    -www.instagram.com        Facebook.                           Ireland    
    -www.youtube.com        Google LLC                           United-States    
    -id.linkedin.com                LinkedIn Corporation           United-States

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)


Thank you my friend... i will try to following your all suggestions.