Avast Started Blocking my Website

So, Avast suddenly started blocking one of my websites. In fact, it was a URL shortener, which made this whole story even funnier.

It’s very strange how Avast decides to block a website. Your competitor goes and reports your website; and suddenly you’re on the blacklist?

How can I unblock the URL? Thanks for the help.

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

What is being blacklisted for?

To my knowledge there is no category for “URL:YourCompetitorReportedYou”.

Can you DM me a link, and/or post it here so we can have a look?


But there is a category URL:Blacklisted and it is pretty much the same!

I am not allowed to send DM since I am a new member I guess :slight_smile:

Pretty much the same doesn’t help others to help you, a screenshot of the avast alert may help. Or the URL as Michael requested.

A competitor reporting your site simply doesn’t cut it, Avast does its own analysis based on its own criteria.


VirusTotal reports Clean >> https://www.virustotal.com/gui/url/02886be3eb40c42f2472af8f7fa7ef61d43d3b89a666738f60b72f2006b33111/detection

Outdated PHP Versions Detected however >> PHP/5.6.40. Stable release is version 7.3.11, with Preview in 7.4.0RC4
JQuery is old as well - stable version 3.4.1
HTML5Shiv is also outdated, current stable version 3.7.3 (Not quite as severe though)

URLScan (Clean) >> https://urlscan.io/result/c6b7f202-a08e-422d-9d26-4547569fb93c
URLVoid (Clean) >> https://www.urlvoid.com/scan/fileto.host/
CheckPhish (Clean) >> https://checkphish.ai/insights/url/1573590673605/02886be3eb40c42f2472af8f7fa7ef61d43d3b89a666738f60b72f2006b33111
Zulu (Clean) >> https://zulu.zscaler.com/submission/9a9e30fb-e240-4d5c-8fa1-42842c4e78b4
Nothing much on Aw-Snap! >> https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=Zltse3RdLmhdc3Q%3D~enc
No TLS/SSL >> https://sitecheck.sucuri.net/results/fileto.host

Avast! has been reached out to to investigate.

On same IP you find these detections …. see Attached screenshot



Next to the thorough scan report by Michael (alan1998) and the IP relation VT results, Pondus provided,
just some remarks below.

But this particular domain is not flagged at https://www.virustotal.com/gui/ip-address/
Here are 69 hints for improvement of mentioned website:

Especially I hint at the 30 security recommendations there:

So we wait for a final verdict from an avast team member, as they are the only ones to come and unblock.
We here are just volunteers with relative knowledge of 3rd party cold recon website security analysis
and website security error-hunting.

P.S. also consider the vulnerabilities at the webserver host: https://www.shodan.io/host/
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
But it has SSH-2.0-OpenSSH_7.4. For this version: https://www.cvedetails.com/vulnerability-list.php?vendor_id=97&product_id=585&version_id=228285&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&cweid=0&order=1&trc=2&sha=1879224e96a541c7743ee7c89bb9adf4f047ac22


None of these domains is mine except the one that has 0 red flag detections.
Also, the domain no longer appears in the blacklist section. Maybe it’s not blacklisted anymore?
Thanks for the help guys, I really appreciate it! ;D

The concern with leaving your domain on an IP Address that is hosting other malicious domains os that sometimes AV’s chose to block the IP Address as a whole, even if that means someone gets caught in the crossfire.