Help! The website Cake-Store.ru in the black list!

A year ago I registered the domain Cake-Store.ru and made it a new website. Unfortunately up to this time apparently it had viruses, and I didn’t think to check when buying a domain. Cake-Store.ru even before my website is included in the black list of some anti virus including Avast, which in Russia is a lot of people. Support not answering me, the site itself I downloaded and checked as Avast and other antiviruses, viruses were found. Tell me what I need to do to Avast updated blacklist and deleted my website from it. Sorry for my bad English.

Blacklisted :
http://www.urlvoid.com/scan/cake-store.ru/
https://sitecheck.sucuri.net/results/cake-store.ru
https://www.virustotal.com/en/url/c94fde2b17b15d70d7158472ff30664e683d587e9d8577028ce51739066bd1f9/analysis/1484228364/

Suspicious 404 and javascript :
https://www.websicherheit.at/website-malware-viren-scanner/?url=Cake-Store.ru

Reported as spammer :
https://cleantalk.org/blacklists/185.26.122.58

100/100 (!) malicious :
http://zulu.zscaler.com/submission/show/4a56c27f81fdc63874570fddbc1c1c0e-1484228378

Outdated software used :
https://sitecheck.sucuri.net/results/cake-store.ru

Obfuscated code used :
https://quttera.com/detailed_report/Cake-Store.ru

Drive-by downloads :
https://safeweb.norton.com/report/show?url=cake-store.ru

Link to blacklisted site :
https://virustotal.com/en/url/bd18dc75c60f9516858d70a3fb41f77f06d062102ddd5586b6756ee1fe534829/analysis/1484228683/

Huge amount of blacklistings and malious files/activities on that IP :
https://www.virustotal.com/en/ip-address/185.26.122.58/information/

Vulnerable libraries used :
http://retire.insecurity.today/#!/scan/2032932e62c94ad997c5917efddbcca2075eccf6942c8498727f836737de9440

Insecure headers :
https://securityheaders.io/?q=cake-store.ru&followRedirects=on

Huge amount of domains on that IP and most are blacklisted :
http://viewdns.info/reverseip/?host=185.26.122.58&t=1

I fully agree with you that IP is really a lot of malicious actions as well as my scripts are not the most recent version, but will object! Firstly in one of my inspections indicated that the site was blacklisted back in 2013, I bought the domain and made a website already in 2016. Most of the data that you cite are based on the fact that the domain is already in the black sheet, and therefore see his low rating and threat data. But the website itself, which is made only in 2016 your data checks are not related, except that scripts are used not the latest version, but it’s not forbidden! I downloaded the website on the computer and checked it 7 well-known anti-virus software and have not seen a single virus!

Contain redirect to blacklisted URL
https://virustotal.com/nb/file/4d6353cbf46c99e205672aecbdcd4b8e4366669a69c34a39e246b780a28644b2/analysis/1484231537/

possible this
https://virustotal.com/nb/url/cb1ce0994b9f61010eb874d50fb24069c29ccb1b3a3808497931c384936724c5/analysis/1484232029/

Norton safe web > https://safeweb.norton.com/report/show?url=cake-store.ru

A quick look showed me already two links to blacklisted sites.

Advise :

  • Update all software to the most recent version (CMS, JQuery, Plugins etc)
  • Get (dedicated) hosting at a decent host
  • Remove all links/redirects to blacklisted domains/IP’s

Hi Pondus, Eddy & leoniduwka,

But that particular hoster isn’t free of spreading malcode all sorts either:
http://www.malwareurl.com/ns_listing.php?as=AS62082

That is a nice collection for fishing, injectingh and trojaning ;D (baba jaga & baba jitka collection)

polonus

Thank you guys that responded to my problem. Pondus wrote: “Contain the URL to redirect blacklisted!!!” I was running a scan now on their own and you won’t believe Avast is blocking for one line of code “” this is a link to a malicious website! My malicious website! Line where the site refers to itself is malicious. If it is removed from the blacklist problem will disappear as such! Thanks also to Eddy for the tips, really on my IP neighbors create chaos and urgent need to change hoster

You’re welcome and good luck solving the things.

Update:

Here the blacklisting was being removed: https://safeweb.norton.com/report/show?url=cake-store.ru
But all has not stopped flagging as suspicious: https://www.virustotal.com/nl/url/c94fde2b17b15d70d7158472ff30664e683d587e9d8577028ce51739066bd1f9/analysis/1484527421/

polonus