AVAST blocked my website

General Topics
1

According virustotal.com my website had malicious code (some hacker put the malicious code through an outdated plugin wordpress). But I removed the malicious code and apparently now everything is clean:
http://sitecheck.sucuri.net/results/caehost.com
http://www.urlvoid.com/scan/caehost.com
http://quttera.com/sitescan/caehost.com

Only avast is blocking my domain caehost.com. We use this domain to create websites with a Website Builder for my clients (we create their sites with .caehost.com subdomain).

Please help us.

Thank You,
Carlos Vargas

2
  • Even with avast disabled, the site is not opening.
  • There are multiple problems on the same ASN.
  • DNS problems
  • Server Key and Certificate problems
  • SSL 3 (INSECURE) protocol enabled
  • Insecure Cipher Suites
  • No, TLS_FALLBACK_SCSV not supported
  • Problem with Forward Secrecy
  • Vulnerable to POODLE attack
  • Domain is blacklisted and yellow listed
3

IP history, multiple domains on IP and many blacklisted https://www.virustotal.com/nb/ip-address/209.59.165.100/information/
click more button under list(s) for more info

IP void http://www.urlvoid.com/ip/209.59.165.100

[b]IP ADDRESS: 209.59.165.100[/b]

We have found in our database of already analyzed websites that there are 80 websites hosted in the same web server with IP address 209.59.165.100 and IP hostname caehost.com. Remember that it is not good to have too many websites located in the same web server because if a website gets infected by malware, it can easily affect the online reputation of the IP address and also of all the other websites.

IP blacklists http://multirbl.valli.org/lookup/209.59.165.100.html

so seems like a IP block

if you think it is wrong, report it here https://support.avast.com/ > avast virus lab

4

Thanks for your quick response.

Maybe you can not access the website because we have blocked for several countries. Our customers are from Latin America, USA and Spain. Because of hackers we have disabled access from various countries. I think you’re in Holland, we have had many attempts to attacks from your country and we had to block it, so why not have access.

Please could you tell me where I can see that my domain is blacklisted and yellow list?

If I clean sites in this list:
http://www.urlvoid.com/ip/209.59.165.100

Will remove the lock, of my domain? caehost.com

Thank You and please excuse my english,

5

I think the problem is not in the IP, but a blacklist.

I have another website that uses the same IP:
http://www.tienda2.facilmedia.com/

But avast does not block it.

So it’s not by IP problem but the domain is blacklisted (caehost.com), I wonder what blacklist.

Thank You,
Carlos

6

if you think it is wrong, report it here https://support.avast.com/ > avast virus lab

7

I have a lot of online test tools for websites, files and other things:
http://www.ache.nl > Scans and Tests

It really doesn’t make sense to block countries.
Any bit of a decent attacker/hacker can mislead you and making it look like he is operating from a certain country.
You should setup your security properly.

And no, I’m not living in Holland.

8

There is PHISHING going on from there - HTML:Phishing-Q [Trj] and Mal/Phish-A detected.

polonus

9

I’ve cleaned the virus from my website. Some hacker injected malicious code, but I removed it.

What can I do to remove my domain from the blacklist of avast?
Domain: caehost.com

Thank you,
Carlos

10

For a start, fix all the problems I mentioned.
For some you will have to contact your host and have them change things.

11

Thanks Eddy,

But I’m sure the problem is that the domain is blacklisted.

I have cloned the website in another domain and Avast does not detect virus there (using the same server and the same IP).

Is there any way to know exactly why avast has my domain blacklisted?

Thank you very much,
Carlos

12

Submit it to Avast as requested here:
https://forum.avast.com/index.php?topic=167944.msg1194280#msg1194280

13

The real problem is not the blacklisting, but the things that caused it to being blacklisted.

14

Also the other non-blocked website has software issues:
HTTP Server: Apache HTTP Server 2.2.27 (Outdated)
Operating System: Unix
PHP Version: 5.4.30 (Outdated)
OpenSSL Version: 1.0.1e-fips
Control Panel: cPanel

polonus

15

Hello my website

masdiseno.com can be loaded by my customers why is blocked?

I did write in the support form but you didn’t answer me.

16

probably because you use afraid.org as host … evrything from afraid.org is blocked

17

https://forum.avast.com/index.php?topic=148018.msg1075293#msg1075293