my website is wxw.shinewatch.com and avast is not responding to my emails on why it was blocked.
network shield seems to block it, scanned for viruses but found none.
There are off site connections to stallionw.com (your webdeveloper ?), which redirects to stallioni.com so I don’t know if that might have something to do with it or not.
When using the contact form link given ask for a Network Shield review and give a link to this topic might help.
I get a Firekeeper triggered alert for *: === Triggered rule ===
alert(url_content:“%3C”; url_content:“%22”; url_content:“%3E”; msg:“Suspicious looking GET request containing %3C, %3E, and %22. Suspiciously HTML-like.”; reference:url,http://ha.ckers.org/xss.html; reference:url,http://en.wikipedia.org/wiki/Cross-site_scripting;) to be used as a cloud attack
=== Request URL ===
////broken by me/////+for%28var+i%3D0%3Bi%3Cs%3E%3Ca+rel%3D%22%2B+i+%2B%22+href%3D%22%22%3E%27%2B+%28i%2B1%29+%2B%27%3C%2Fa%3E%27%29&ie=utf-8&oe=utf-8&aq=t
furthermore:
yes currently is pointing to other domain because it is in the midst of editing…
but when i hosted it on another server it had the same problems as well. how do i solve this?
there is no avast warning pop up, but i can see it is blocked in the network shield in my avast, when i turn the network and web shield on, i cannot access the website, i have to off these shields to access my website
A domain at the same IP had S/Meta.A.1 malware that is now dead: htxp://www.penguinguru.org/wp-content/themes/pixeled/yahoolinksus.html
known as a foxnews dot com, a known PHISH. This might have had a role in the blocking…
But I think it is because this: Application: shopping cart program by Zen Cart®, htxp://www.zen-cart.com eCommerce is open to attack!
Cross site script exploit authentiction bypass… in combination with WorddPress; see redirects mentioned below…
Avast Webshield flags the site and a gzip file there is flagged by the Network shield, but does not flag this site>: http://www.shinewatches.com/&oe=utf-8&hl=en&spell=1 which domain is at sale now.
What is the relation between this domain and yours? Is there a historic link?
All point now here: http://stallionw.com/shinewatch/includes/templates/cambridge_pro/jscript/jscript_jquery_1-4-4.js etc.
with a redirect - You are now being directed to wXw.stallioni.com → http://wepawet.iseclab.org/view.php?hash=90b4b924d4444cf35df02ea672c5fef5&t=1356893435&type=js originating here: http://stallioni.com/portfolio-types/oscommerce (same IP as had the S/Meta.A.1 malware) on this Malaysian site.
You probably also have nameserver issues on: ns33 dot domaincontrol dot com. They should be as listed in your account!
If the avast alert is MAL:URL then that means that either the domain name or IP address is on the malicious sites list. This can happen for a number of reason, previous domain/s on this IP address which were infected or previous alerts on the site, which after time would escalate and be included in the malicious sites list.
If the site has had this suspect code removed, etc. then you should follow up on the request fro site review as based on the information in Reply #2 & 3 above. So it will take a little time to review but if successful the site should be removed from the list relatively quickly after that.
I think the important thing in requesting site review is to give the link to this topic; not only does it give much more information than can be included in the report, it also gives them something to respond to (which has happened on occasion before).