My first posting here and I have tried my level best to find the correct section, If wrong, I am sorry…
Issue: I am business owner of xww.webhostings.in and When we try to open the website xww.webhostings.in, Avast is showing a false alarm as a phishing website. Actually we are a hosting company and we are aware of the Phishing Issues/problems, so we have double checked it for any such a issues. There is no such a script or issues, Then we are wondering how Avast is showing a false alarm.
Please find the attached screenshot for the same.
As it is affecting our business, It will really helpful if Avast team takes prompt action.
There are others that don’t like it either, http://www.urlvoid.com/scan/webhostings.in/, the hpHosts info (from that link) shows a warning the IP doesn’t resolve, image1. The Trend Micro is also more severe.
The software on the site is also out of date making it more vulnerable to hacking, image2.
There is an on-line contact form, http://www.avast.com/contact-form.php?loadStyles for: * Sales inquiries; Technical issues; Website issues; Report false virus alert in file; Report false virus alert on website; Undetected Malware; Press (Media), issues.
If you are reporting an FP, then you get another input field open, enter the web URL for the site you wish to submit for review (Phishing), etc. A link to this topic also wouldn’t hurt.
This part of the code also suspicous:
wXw.webhostings.in/media/system/js/mootools-core.js suspicious
[suspicious:2] (ipaddr:182.18.129.230) (script) wXw.webhostings.in/media/system/js/mootools-core.js
status: (referer=wXw.webhostings.in/)saved 140305 bytes 4bb0768ca15bd2afb90c1843dc35e4b6e3415948
info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
info: [decodingLevel=0] found JavaScript
error: undefined function document.createElement(“input”).getAttribute
suspicious:
BrightClous gives the site a rep index yellow 50: There is some probability that the user will be exposed to malicious links or payloads…
WOT add-on says engaged in “astroturfing” http://www.mywot.com/en/scorecard/webhostings.in?src=addon-popup-donuts
Avast flags it as a phishing site
Thank you very much for everyone.
mootools is a popular javascript framework and we are using it. And also in our website there is no script or any program, which is doing any phishing and we are very confident about that. We have ensured it many times by doing various testing.
Now, We have raised a ticket to avast and we are waiting for their reply.
I will keep posted the progress, Thanks to all of you.
If any avast support team is there in forum, if they can help to speed up the process that will be very much appreciated.
Please find the Ticket details: RGF-160174
Just an FYI, they were blacklisted in the hpHosts database due to their constant spamming (my blog being one of those they decided to spam). Hence the GRM classification