Author Topic: How to remove: URL: Blacklist ?  (Read 27163 times)

0 Members and 2 Guests are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33373
  • malware fighter
Re: How to remove: URL: Blacklist ?
« Reply #15 on: January 28, 2021, 02:30:17 PM »
Website has 4 Word Press issues:
Word Press version outdated. Version does not appear to be latest.

Outdated plug-ins:    cookie-law-info 1.7.6   Warning   latest release (1.9.5)
https://www.webtoffee.com/product/gdpr-cookie-consent/
wp-paginate 2.0.7   Warning   latest release (2.1.4)
https://wordpress.org/plugins/wp-paginate/
page-list 5.1   Warning   latest release (5.2)
http://wordpress.org/plugins/page-list/

One engine to give it as suspicious: https://www.virustotal.com/gui/url/77caeba4c930c6c882db54555984789832b6d0a660295467bf864f63980c0c31/detection

Wait for a final verdict from avast team. Only avast team members can come and unblock or state it is an FP,
we here have relevant knowledge but cannot.

Question therefore remains is that site still being compromised?

F-status here: https://observatory.mozilla.org/analyze/blacksea-cbc.net

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline meserow150

  • Newbie
  • *
  • Posts: 2
Re: How to remove: URL: Blacklist ?
« Reply #16 on: February 07, 2021, 02:25:42 PM »
Can you remove www.kurina.vip . From URL Black list . Its so annoying to use website without antivirus .

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37129
Re: How to remove: URL: Blacklist ?
« Reply #17 on: February 07, 2021, 03:05:35 PM »

Offline meserow150

  • Newbie
  • *
  • Posts: 2
Re: How to remove: URL: Blacklist ?
« Reply #18 on: February 07, 2021, 11:03:33 PM »
Sent it already . I am now waiting to see what will happen.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85947
  • No support PMs thanks
Re: How to remove: URL: Blacklist ?
« Reply #19 on: February 08, 2021, 01:33:26 AM »
Well it is still alerting, over the weekend there is likely to be a skeleton staff in the virus labs (or working remotely from home).

Scans at these sites
Medium Security risk, https://sitecheck.sucuri.net/results/kurina.vipnsidered
Some security hints that could be considered https://webhint.io/scanner/8d8a01d3-b2a3-492d-931f-bc54ac154a39

Whilst these may not be why avast is alerting but something that should be considered.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33373
  • malware fighter
Re: How to remove: URL: Blacklist ?
« Reply #20 on: February 08, 2021, 11:58:40 AM »
L.S.

References found on Virus Total may contain live malware
Results from scanning URL: -https://www.kurina.vip
Number of sources found: 207
Number of sinks found: 352

Results from scanning URL: -https://www.kurina.vip/wp-content/litespeed/cssjs/996f4.js?be9da
Number of sources found: 396
Number of sinks found: 223

Apart from what DavidR has commented,
see various suspicious javascript.based64 scripts being loaded: https://retire.insecurity.today/#!/scan/f45f3f30f55b9edf54b98a09a257ed4ca993c5859634818df6f8b0c987065dbb

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: February 08, 2021, 12:25:25 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline luis.temple.valdes

  • Newbie
  • *
  • Posts: 1
How to remove: URL: Blacklist ?
« Reply #21 on: March 21, 2021, 02:54:10 AM »
Please remove my site: elcanaldeluisaguilera.cl

I did all the analysis of my site and there are no problems ... Mcafee ... Google ...

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72818
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Win 8.1 [x64] - Avast PremSec 21.10.6772.IBC [UI.679] - EEK - Firefox ESR 91.3 [NS/uBO/PB] - TB 91.3.2
Avast-Tools: Secure Browser 96.0 - Cleanup 21.3 - SecureLine 5.14 - Driver Updater 21.3 - CCleaner 5.87
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 46288
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: How to remove: URL: Blacklist ?
« Reply #23 on: March 21, 2021, 01:55:00 PM »
Please remove my site: elcanaldeluisaguilera.cl

I did all the analysis of my site and there are no problems ... Mcafee ... Google ...
Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, AvastOmni 21.6, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33373
  • malware fighter
Re: How to remove: URL: Blacklist ?
« Reply #24 on: March 21, 2021, 02:52:48 PM »
Hi bob3160,

This is not avast that flags. This should be taken up with the hoster, as this website at IP 186.64.114.65 won't resolve, so cannot be scanned: https://sitecheck.sucuri.net/results/elcanaldeluisaguilera.cl
Re: https://www.shodan.io/host/186.64.114.65 
luis.temple.valdes should take it up with ZAM LTDA, the hoster of this website,
@ blue135.dnsmisitio dot net, mail.blue135.dnsmisitio dot net

Site has been parked -aguilera.cl. En Construcción. Servicio de parking proporcionado por CDmon.com -
Hosting y dominios.

So it is out of avast team's hands,

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline avakashvedh

  • Newbie
  • *
  • Posts: 2
Re: How to remove: URL: Blacklist ?
« Reply #25 on: October 04, 2021, 12:10:44 PM »
Please remove my website URL from your Blocked database URLs.

https://kaambesh.com/

It's showing Phishing because of IP address, later I moved website to another server. Now everything is okay but still because of old IP address it shows Phishing warning by Avast.


« Last Edit: October 04, 2021, 12:12:28 PM by avakashvedh »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72818
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Win 8.1 [x64] - Avast PremSec 21.10.6772.IBC [UI.679] - EEK - Firefox ESR 91.3 [NS/uBO/PB] - TB 91.3.2
Avast-Tools: Secure Browser 96.0 - Cleanup 21.3 - SecureLine 5.14 - Driver Updater 21.3 - CCleaner 5.87
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33373
  • malware fighter
Re: How to remove: URL: Blacklist ?
« Reply #27 on: October 04, 2021, 10:24:30 PM »
There are three Word Press CMS related issues with this site, that needs addressing:

1. & 2. Outdated Word Press plug-ins detected:
   -accordions 2.2.32   Warning   latest release (2.2.34)
https://www.pickplugins.com/item/accordions-html-css3-responsive-accordion-grid-for-wordpress/

strong-testimonials 2.51.5   Warning   latest release (2.51.6)
https://strongtestimonials.com

3. User Enumeration
The first two user ID's were tested to determine if user enumeration is possible.

Username   Name
ID: 1   admin   admin
ID: 2   not found   
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. Take note that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Site speed is under par.

A more extensive report here: https://www.immuniweb.com/websec/kaambesh.com/0krSxIs4/

Virus Total relations states that AS was involved in mail.phishing and Trickbot abuse.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: October 04, 2021, 10:44:47 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!