How my website can reach Avast approval mark?

[plenoal15]

Thank you. But what is AOS and where is it ? thanks you.

-> https://support.avast.com/article/18/

Article no available.

[DavidR]

Thank you. But what is AOS and where is it ? thanks you.

-> https://support.avast.com/article/18/

Article no available.

For me the Article is there (using Firefox), but it is a slight language redirection from that URL https://support.avast.com/en-ww/article/18/, which I believe is en(English)-ww(World Wide).

[Sentra]

hi iam owner of https://sentracon.co.id can you help me to approval mark my website beton ?

[DavidR]

hi iam owner of sentracon.co.id can you help me to approval mark my website beton ?

Essentially there is nothing you can do.

Only Avast Users who are using the Avast Online Security browser add on can actually see this information if it is available.  Only those users using the Avast Online Security browser add on can actually vote on your site.

As has been said in this post and others.

Users need to vote your site.

[Elie8]

Hello,

Same for me my website is juts informative and no payment at all in it, so how to get it the green Avast sign? www.tocsjardat.com that is my website thank you in advance

Elie
 

Hello, forum. I am owner of website on Wordpress https://unidecorvrn.ru . My site have licensed SSL certificate and good avast statistic. What should I do to reach Avast approval mark on my site in web search results? In advance, thanks for your answers .

[DavidR]

Hello,

Same for me my website is juts informative and no payment at all in it, so how to get it the green Avast sign? tocsjardat.com that is my website thank you in advance

Elie
<snip quote>

As mentioned in the post right above yours

Only Avast Users who are using the Avast Online Security browser add on can actually see this information if it is available.  Only those users using the Avast Online Security browser add on can actually vote on your site.

And above that:

Users need to vote your site.

And

But is there a possibility to advertise my site for voting?

Not here. But you could ask the visitors of your site to vote.

[polonus]

L.S.

See: https://www.virustotal.com/gui/ip-address/34.198.45.144/relations  various detections not for your domain.
See: https://www.virustotal.com/gui/url/f471347af5ececeeb028ec6a6c4317f6b24795d513a7d1cfb7b116a6b8e02a80/details
See: https://sitecheck.sucuri.net/results/www.tocsjardat.com
HTTPS version of this website is not accessible: TLS certificate expired. Please consider setting up HTTPS to avoid the "Not Secure" browser warning.

See various security improvement tips found through linting: https://webhint.io/scanner/d3b030fb-502a-404d-92a4-f48877a28a32#category-security   disown-opener: 3 hints / https-only: 9 hints / x-content-type-options: 23 hints /
no-vulnerable-javascript-libraries: 1 hints / ssllabs: 1 hints -> 3 vuln. libraries:
https://retire.insecurity.today/#!/scan/0b0a77cd04a1973314421edd7ade8ce48e8147d48b5fe24364dbe7dc0f82cd0c

This website is insecure.
50% of the trackers on this site could be protecting you from NSA snooping. Tell -tocsjardat.com to fix it.

 All trackers
At least 2 third parties know you are on this webpage.

 Adobe
-www.tocsjardat.com -www.tocsjardat.com 

Data sent to / received from this site is transmitted in plaintext.

Wait for an avast team member to give a final verdict, we are just volunteers with relative knowledge, but cannot unblock.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

[luki widjaja]

hello all.. i'am owner of https://asiacon.co.id can you help me to approval mark for my website precast beton?

[DavidR]

hello all.. i'am owner of asiacon.co.id can you help me to approval mark for my website precast beton?

Short answer your can't, it is avast users that have to vote for your site as mentioned many times already in this topic.

With your active link to your site (I have broken the link in my quote you should do the same) and given the many replies "it is avast users that have to vote for your site" I have to wonder if this isn't link spamming. 

We take a hard view on spamming/link spamming in the forums.

[polonus]

Hi luki widjaja,

Nothing to worry about, avast online security extension does not as yet have enough thumbs up scored, unknown site for now. I gave it the tumbs up, as the site is OK (i.m.h.o.).

Your website is found not to be malicious nor suspicious.
Checking -https://asiacon.co.id/

Checking for cloaking
Looks cool.

Status codes
These should normally all be the same.

Google Chrome returned code 0
GoogleBot returned code 0

Spammy looking links
Any links with funky anchor text? Nothing scary here!

iframes
Any iframes? Nope!

Blacklist Checks
Google Safe Browse reports not in malware database
Phishtank reports URL not found

There is still some room for improvement.
Retirable code:

jquery   1.12.4   Found in -https://asiacon.co.id/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp<br>Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
Medium   Regex in its jQuery.htmlPrefilter sometimes may introduce XSS

Where it is being hosted: https://www.shodan.io/host/77.104.142.197
Secure connection: This website is secured
100% of the trackers on this site are helping protect you from NSA snooping. Why not thank -asiacon.co.id for being secure?

Identifiers | All Trackers
 Secure Identifiers
Unique IDs about your web browsing habits have been securely sent to third parties.

 -maps.google.comnid
d4331122808579XXXXXXXXXXXXXb1103a1589633106 -Lockerz__cfduid

 Tracking IDs are sent with some safety measures.

Results from linting: https://webhint.io/scanner/f231c9e9-de70-46f7-b1fa-16c5f7466559

Adjust Word Press settings: User Enumeration
  The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   administrator   administrator
2   None                   None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Externally Linked Host       Hosting Provider                  Country   
    -pavingblock.co.id       Cloudflare.                             United-States    
    -indonusa-conblock.com   SoftLayer Technologies Inc.   Bulgaria    
    -uditchbeton.com        SoftLayer Technologies Inc.   Bulgaria    
    -bit.ly   Bitly Inc                                                           United-States    
    -www.facebook.com        Facebook.                           Ireland    
    -twitter.com                Twitter Inc.                           United-States    
    -www.instagram.com        Facebook.                           Ireland    
    -www.youtube.com        Google LLC                           United-States    
    -id.linkedin.com                LinkedIn Corporation           United-States

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

[luki widjaja]

Hi luki widjaja,

Nothing to worry about, avast online security extension does not as yet have enough thumbs up scored, unknown site for now. I gave it the tumbs up, as the site is OK (i.m.h.o.).

Your website is found not to be malicious nor suspicious.
Checking -https://asiacon.co.id/

Checking for cloaking
Looks cool.

Status codes
These should normally all be the same.

Google Chrome returned code 0
GoogleBot returned code 0

Spammy looking links
Any links with funky anchor text? Nothing scary here!

iframes
Any iframes? Nope!

Blacklist Checks
Google Safe Browse reports not in malware database
Phishtank reports URL not found

There is still some room for improvement.
Retirable code:

jquery   1.12.4   Found in -https://asiacon.co.id/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp<br>Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
Medium   Regex in its jQuery.htmlPrefilter sometimes may introduce XSS

Where it is being hosted: https://www.shodan.io/host/77.104.142.197
Secure connection: This website is secured
100% of the trackers on this site are helping protect you from NSA snooping. Why not thank -asiacon.co.id for being secure?

Identifiers | All Trackers
 Secure Identifiers
Unique IDs about your web browsing habits have been securely sent to third parties.

 -maps.google.comnid
d4331122808579XXXXXXXXXXXXXb1103a1589633106 -Lockerz__cfduid

 Tracking IDs are sent with some safety measures.

Results from linting: https://webhint.io/scanner/f231c9e9-de70-46f7-b1fa-16c5f7466559

Adjust Word Press settings: User Enumeration
  The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   administrator   administrator
2   None                   None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Externally Linked Host       Hosting Provider                  Country   
    -pavingblock.co.id       Cloudflare.                             United-States    
    -indonusa-conblock.com   SoftLayer Technologies Inc.   Bulgaria    
    -uditchbeton.com        SoftLayer Technologies Inc.   Bulgaria    
    -bit.ly   Bitly Inc                                                           United-States    
    -www.facebook.com        Facebook.                           Ireland    
    -twitter.com                Twitter Inc.                           United-States    
    -www.instagram.com        Facebook.                           Ireland    
    -www.youtube.com        Google LLC                           United-States    
    -id.linkedin.com                LinkedIn Corporation           United-States

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Thank you my friend... i will try to following your all suggestions.