Hi,
what I was trying to say (apparently unsuccessfully) was that there are many independent algorithms which block URLs based on many factors. Even if I told you each algorithm in detail (which would take at least a two day seminar), it can be changed in the future anyway, so there is no incentive to do that.
Just as polonus said, the best way to avoid detection is to "behave normally", have no vulnerabilities, serve no malicious code etc. But even then there can be false positives.