Please remove my website the Avast blacklist

[TylerTrowbridge]

Hi,

Please remove my website paintspecial.com from the Avast blacklist.

This is a false-positive and there is 0 malicious/phishing code on this website, domain, or IP.

I have already submitted this website in https://www.avast.com/en-us/false-positive-file-form.php

This is defaming and causing harm to my business and this is not acceptable. We are not a harmful phishing or a malicious website.

My email is tylerstrowbridge at gmail d0t com

Thank you

Tyler Trowbridge

[Pondus]

Outdated Software Detected ( Wordpress ) https://sitecheck.sucuri.net/results/paintspecial.com

[polonus]

Also update the CMS plug-ins, a liability allways:
WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.

wordpress-seo 9.3   latest release (12.8.1)
https://yoa.st/1uj
js_composer_theme   
revslider   
contact-form-7 5.1.6   latest release (5.1.6)
https://contactform7.com/
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.

There are likely more plugins installed than those listed here as the detection method used here is passive. While these results give an indication of the status of plugin updates, a more comprehensive assessment should be undertaken by brute forcing the plugin paths  using a dedicated tool.

Mitigate with recommendations here: https://webhint.io/scanner/eb9a39fb-89bc-4768-ac0d-34df6815e53e

JQuery library to retire:
jquery   1.12.4   Found in -https://paintspecial.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution

JS error -
ReferenceError: grecaptcha is not defined
 /:1414

Adblockers block 25% of ads on website...

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

[Michael (alan1998)]

Quote from one of the other threads.

22/tcp  open  ssh      OpenSSH 6.7p1 Debian 5+deb8u8 (protocol 2.0)

PaintSpecial[.]com

Code: [Select]

Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-16 20:52 Atlantic Standard Time
NSE: Loaded 151 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 20:52
Completed NSE at 20:52, 0.00s elapsed
Initiating NSE at 20:52
Completed NSE at 20:52, 0.00s elapsed
Initiating NSE at 20:52
Completed NSE at 20:52, 0.00s elapsed
Initiating Ping Scan at 20:52
Scanning paintspecial.com (167.99.176.242) [4 ports]
Completed Ping Scan at 20:52, 0.13s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 20:52
Completed Parallel DNS resolution of 1 host. at 20:52, 0.01s elapsed
Initiating SYN Stealth Scan at 20:52
Scanning paintspecial.com (167.99.176.242) [1000 ports]
Discovered open port 80/tcp on 167.99.176.242
Discovered open port 443/tcp on 167.99.176.242
Discovered open port 22/tcp on 167.99.176.242
Completed SYN Stealth Scan at 20:52, 4.61s elapsed (1000 total ports)
Initiating Service scan at 20:52
Scanning 3 services on paintspecial.com (167.99.176.242)
Completed Service scan at 20:52, 12.14s elapsed (3 services on 1 host)
Initiating OS detection (try #1) against paintspecial.com (167.99.176.242)
Initiating Traceroute at 20:52
Completed Traceroute at 20:52, 3.03s elapsed
Initiating Parallel DNS resolution of 12 hosts. at 20:52
Completed Parallel DNS resolution of 12 hosts. at 20:52, 0.04s elapsed
NSE: Script scanning 167.99.176.242.
Initiating NSE at 20:52
Completed NSE at 20:53, 43.51s elapsed
Initiating NSE at 20:53
Completed NSE at 20:53, 0.96s elapsed
Initiating NSE at 20:53
Completed NSE at 20:53, 0.00s elapsed
Nmap scan report for paintspecial.com (167.99.176.242)
Host is up (0.021s latency).
rDNS record for 167.99.176.242: 180321.cloudwaysapps.com
Not shown: 997 filtered ports
PORT    STATE SERVICE  VERSION
[b]22/tcp  open  ssh      OpenSSH 6.7p1 Debian 5+deb8u8 (protocol 2.0)[/b]
| ssh-hostkey:
|   1024 6e:8b:22:0c:3e:63:6d:dd:59:80:9e:49:ed:84:67:b8 (DSA)
|_  2048 fc:c3:ae:4a:53:e7:ec:33:c6:5b:42:d8:c6:4f:d9:f3 (RSA)
80/tcp  open  http     nginx
|_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
| http-methods:
|_  Supported Methods: POST OPTIONS
|_http-title: Did not follow redirect to https://paintspecial.com/
443/tcp open  ssl/http nginx
|_http-generator: Powered by WPBakery Page Builder - drag and drop page builder for WordPress.
| http-methods:
|_  Supported Methods: GET HEAD
|_http-title: House Painters | $375 Residential Paint Special
| ssl-cert: Subject: commonName=paintspecial.com
| Subject Alternative Name: DNS:paintspecial.com
| Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2020-01-07T19:10:09
| Not valid after:  2020-04-06T19:10:09
| MD5:   a50b 8238 7267 6977 9b03 37aa c747 f2a9
|_SHA-1: ca38 8d8e 0c56 b852 cc31 8ea2 2f8c 310c 00b2 5b5f
|_ssl-date: TLS randomness does not represent time
| tls-alpn:
|   h2
|_  http/1.1
| tls-nextprotoneg:
|   h2
|_  http/1.1
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3.13 cpe:/o:linux:linux_kernel:4.2
OS details: Linux 3.13 or 4.2
Uptime guess: 44.171 days (since Tue Dec 03 16:47:30 2019)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel



TRACEROUTE (using port 443/tcp)
HOP RTT      ADDRESS
1   1.00 ms  mynetwork (192.168.2.1)
2   1.00 ms  loop0.38w.ba07.fctn.nb.aliant.net (142.166.182.17)
3   1.00 ms  be14-181.dr01.fctn.nb.aliant.net (142.176.208.49)
4   1.00 ms  ae3-50.dr02.fctn.nb.aliant.net (142.166.185.154)
5   3.00 ms  ae7.cr02.stjh.nb.aliant.net (142.166.185.145)
6   21.00 ms ae0.bx01.toro.on.aliant.net (207.231.227.53)
7   24.00 ms bx2-torontoxn_ae3 (184.150.187.56)
8   23.00 ms tcore4-torontoxn_hundredgige0-6-0-0.net.bell.ca (64.230.97.146)
9   22.00 ms bx1-torontoxn_et1-0-0.net.bell.ca (64.230.97.157)
10  22.00 ms ix-ae-9-0.tcore2.tnk-toronto.as6453.net (63.243.172.25)
11  21.00 ms 63.243.172.34
12  ... 13
14  21.00 ms 180321.cloudwaysapps.com (167.99.176.242)



NSE: Script Post-scanning.
Initiating NSE at 20:53
Completed NSE at 20:53, 0.00s elapsed
Initiating NSE at 20:53
Completed NSE at 20:53, 0.00s elapsed
Initiating NSE at 20:53
Completed NSE at 20:53, 0.00s elapsed
Read data files from: C:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 67.65 seconds
           Raw packets sent: 2068 (93.488KB) | Rcvd: 299 (19.603KB)

You're running on Debian 5?! We're into Debian 11. Your operating system was released in 2009. It's not fit to be public facing, under ANY circumstance. It's old, outdated and EXTREMELY vulnerable to attack. The same issues are present on the other sites, which isn't surprising.. given they're on the same box. Take the website down, and update the host. You are asking to be hacked with an OS like that. We don't see OSes that out of date in HackTheBox.

There are literal pages of local priv esc for your host on exploit-DB that would be used in combination with an outdated WP install and plugins. Let me rephrase, you're not asking, you're on your knees begging for an attacker to come along and abuse the websites.

[jefferson sant]

Site paintspecial.com not being blocked.

The URL provided does not appear to be detected by Avast. Could you send us a screenshot of the detection message you are receiving?

https://support.avast.com/en-us/article/Create-screenshot/