Hello,

Our website is reported as being in the arvast blacklist. Here is the domain name: https://vcbgroup.vn
We are sure that our website is clean, therefore we would like you to take a look at it and remove it from your blacklist.
(We removed the old web completely, redone the new web)
We tried contact to be removed from the blacklist, but did not receive a response.
Sincerely,
Nguyen Manh

→ https://sitecheck.sucuri.net/results/https/vcbgroup.vn
→ https://www.virustotal.com/gui/url/f86e598bdc325eab0f9681f041188db0f0056ea75f3a43df331b9fc90f214e90/detection

Misconfiguration of the Website’s CMS Word Press settings:

User Enumeration
The first two user ID’s were tested to determine if user enumeration is possible.

ID User Login
1 None vcb-group
2 None None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

On VPSSIM read: https://yeutrithuc.com/bat-email-thong-bao-login-vpssim/ and block exploits: https://community.vpssim.vn/viewtopic.php?t=297

Are you aware of existing vulners here: https://www.shodan.io/host/45.32.123.122
see raw data: https://www.shodan.io/host/45.32.123.122/raw

Retirable jQuery vulnerable library: found via Retire.js

jquery 1.12.4 Found in -https://vcbgroup.vn/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS,
and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution

Recommendations found through linting: https://webhint.io/scanner/83de51f2-c0af-41f1-a913-7ab817dcb24b
especially the 43 hints found up here: https://webhint.io/scanner/83de51f2-c0af-41f1-a913-7ab817dcb24b#category-security

B-grade scan results: https://observatory.mozilla.org/analyze/vcbgroup.vn

Did you report a FP to avast team? They are the only ones to come and unblock.
Seems your site isn’t flagged by avast’s in the first place, but blacklisted by McAfee’s.

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Detection has already removed

The provided URL doesn't seem to be detected by Avast. Could you please send us a screenshot of the detection message you're getting? https://support.avast.com/en-ww/article/100/