The domain name is www.leaderpesca.com
I cannot see anything malicious , We need unblocking our domain.
Hello,
Our website is reported as being in the avast blacklist. Here is the domain name: www.leaderpesca.com
We are sure that our website is clean, therefore we would like you to take a look at it and remove it from your blacklist.
Sincerely,
Santiago Perdomo
URL:Mal = Domain and/or IP is blacklisted and that is true.
Blacklisted :
https://www.virustotal.com/en/url/3d62b1e96da80a5655dcc8c9c62efff5cbcbfe670949a2a2abfeeacce5d23518/analysis/1482402560/
https://www.virustotal.com/en/ip-address/94.247.31.247/information/
Suspicious :
http://zulu.zscaler.com/submission/show/31224256fc0c14dcf4a1a370489b9809-1482402719
Vulnerable library :
http://retire.insecurity.today/#!/scan/56c0767c30e011635c6b0dfdc85fa6ce38fe34e880d700fb3496bd9fe79ed722
DNS problems :
https://zonemaster.net/test/8d39e5c08556c2b5
https://www.avast.com/report-a-url.php
Very likely the IP is blocked because of you bad neighbors.
Don’t use shared hosting on GoDaddy.
You can report a URL here: https://www.avast.com/report-a-url.php
quettera tells us, we are clean:
https://quttera.com/detailed_report/www.leaderpesca.com
As I said
- if avast detects it as URL:Mal it means that the Domain and/or IP is blacklisted/blocked.
- there are blacklistings on that IP
Is there anything you don’t understand about that?
Whether that domain could be excluded from a general IP block, is up to an Avast Team Member, they are the only ones to unblock.
We here are just volunteers with relevant knowledge.
Additionally to what Eddy says, why they went in so much trouble to clear that IP address web rep:
http://ipindetail.com/ip-blacklist-checker/94.247.31.247.html
There certainly is insecurity to be mitigated at ELB Servers in Sevilla.
WARNING: Found mail servers which are not accepting emails to abuse@leaderpesca.com address:
mail.leaderpesca.com.→ http://toolbar.netcraft.com/site_report?url=www.leaderpesca.comMAIL FROM: dnsreport@dnsinspect.com
<< 250 2.1.0 Ok
RCPT TO: abuse@leaderpesca.com
<< 550 5.1.1 abuse@leaderpesca.com: Recipient address rejected: User unknown in virtual mailbox table
Excessive header proliferation: X-Powered-By: PHP/5.5.38, PleskLin
Configuring the application to not return unnecessary headers keeps this information silent and makes it significantly more difficult to identify the underlying frameworks.
Overview
Cookies not flagged as “HttpOnly” may be read by client side script and are at risk of being interpreted by a cross site scripting (XSS) attack. Whilst there are times where a cookie set by the server may be legitimately read by client script, most times the “HttpOnly” flag is missing it is due to oversight rather than by design.
Result
It looks like a cookie is being set without the “HttpOnly” flag being set (name : value):
PHPSESSID : ap9dcitt0jhcvjvn54u4g5ade5
Unless the cookie legitimately needs to be read by JavaScript on the client, the “HttpOnly” flag should always be set to ensure it cannot be read by the client and used in an XSS attack.
→ F-status: https://observatory.mozilla.org/analyze.html?host=www.leaderpesca.com
Warning: Overview
Websites are at risk of a clickjacking attack when they allow content to be embedded within a frame. An attacker may use this risk to invisibly load the target website into their own site and trick users into clicking on links which they never intended to. An “X-Frame-Options” header should be sent by the server to either deny framing of content, only allow it from the same origin or allow it from a trusted URIs.
Result
It doesn’t look like an X-Frame-Options header was returned from the server which means that this website could be at risk of a clickjacking attack. Add a header to explicitly describe the acceptable framing practices (if any) for this site.
3 problems with domain health: https://mxtoolbox.com/domain/leaderpesca.com/
Insecure tracking detected: This website is insecure.
66% of the trackers on this site could be protecting you from NSA snooping. Tell leaderpesca.com to fix it.
All trackers
At least 3 third parties know you are on this webpage.
-shaaaaaaaaaaaaa.com
-Google
-www.leaderpesca.com -www.leaderpesca.com
Some links vulnerability escape to: htxp://js.users.51.la/17809351.js -See: > http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.leaderpesca.com%2Fpublic%2Fjs%2Fjquery.cookiecuttr.js
There is a javascript error in that cookiecuttr.js jQuery code for “undefined variable jQuery”. “undefined” in the jQuery code is actually an undefined parameter of a function wrapping the whole code, info credits StackOverflow’s arnaud576875.
polonus (volunteer website security analyst and website error-hunter)
Hi,
We have already unblocked leaderpesca[.]com today, 11:54 (CET)
Hi HonzaZ,
Thanks for your reaction and have a great seasonal holidays, my friend,
polonus
Thank vey much everybody