false positive for our site !!!!!!!

We are the Sunny Inch company based in France. We noticed that our site has been hacked on Monday 13/03/2017. We have already solved this problem. But, the extension avast Online Security always indicates our site is an danger. It concerns the extension downlowded in google web chrome (avast online secutity).

Could you please again analyse our site and update the new information in your system that our site is not dangerous anymore?

We contacted the customer service 4 days ago! We did not receive any news! Your system already blocs our site, please solve this probleme right now. Our customers lost the confidence in our website, also the logg-in in their costumer account isn’t possible !!!

For your information, we also contacted the Norton company (the extension: Norton Safe Search as default Chromium), they have already updated and confirmed our site is now safe.

Our site : www.sunny-inch.fr

Looking forward to reading to you.

You can report a URL here: https://www.avast.com/report-a-url.php

URL has been removed from blacklist.

I have already report it in this URL. But not have any new…

See Reply #2. :wink:

what it means? Red icon is disappearing ? when ?

run manual update and reboot computer

any change?

That isn’t the virus definitions, if it was you wouldn’t be able to visit your site without an avast alert.

That is the avast Browser security extension (AOS), I’m not sure what avast has to do to counter that. Or whether a VPS update would do that also.

There was a phishing in the site. Then I had to remove site from blacklist and after it we waited for updating AOS.

Some improvements could be made:
https://urlscan.io/result/856c2e8d-97c3-47c1-955e-eedb71f83335#summary
and
https://observatory.mozilla.org/analyze.html?host=www.sunny-inch.fr
vuln:
http://www.domxssscanner.com/scan?url=https%3A%2F%2Fwww.sunny-inch.fr%2F
2 vulnerable libraries:
http://retire.insecurity.today/#!/scan/b54c388f819da0a78912aa0b0afd054cb2d0ae199cfb5dd7a9e471c78e41acec
Most users block -https://tracking.veille-referencement.com/TAG/TAG_passage.js?idsite=12848
because it is in the EasyPrivacy list. → http://www.domxssscanner.com/scan?url=https%3A%2F%2Ftracking.veille-referencement.com%2FTAG%2FTAG_passage.js%3Fidsite%3D12848 (also missing SRI-hash detected for this script)

B-Status two script issues: https://sritest.io/#report/8266ba73-ec79-4f6c-b2eb-0014553c6fd2

polonus (volunteer website security analyst and website error-hunter)