L.S.

References found on Virus Total may contain live malware
Results from scanning URL: -https://www.kurina.vip
Number of sources found: 207
Number of sinks found: 352

Results from scanning URL: -https://www.kurina.vip/wp-content/litespeed/cssjs/996f4.js?be9da
Number of sources found: 396
Number of sinks found: 223

Apart from what DavidR has commented,
see various suspicious javascript.based64 scripts being loaded: https://retire.insecurity.today/#!/scan/f45f3f30f55b9edf54b98a09a257ed4ca993c5859634818df6f8b0c987065dbb

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Please remove my site: elcanaldeluisaguilera.cl

I did all the analysis of my site and there are no problems … Mcafee … Google …

→ https://www.virustotal.com/gui/url/31aee123ae5a10747e995a7694dc1569cfd77f08f4bc0ef0f5513aadb103e9c2/detection

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

Hi bob3160,

This is not avast that flags. This should be taken up with the hoster, as this website at IP 186.64.114.65 won’t resolve, so cannot be scanned: https://sitecheck.sucuri.net/results/elcanaldeluisaguilera.cl
Re: https://www.shodan.io/host/186.64.114.65
luis.temple.valdes should take it up with ZAM LTDA, the hoster of this website,
@ blue135.dnsmisitio dot net, mail.blue135.dnsmisitio dot net

Site has been parked -aguilera.cl. En Construcción. Servicio de parking proporcionado por CDmon.com -
Hosting y dominios.

So it is out of avast team’s hands,

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Please remove my website URL from your Blocked database URLs.

https://kaambesh.com/

It’s showing Phishing because of IP address, later I moved website to another server. Now everything is okay but still because of old IP address it shows Phishing warning by Avast.

https://snipboard.io/kdlrDK.jpg

→ https://sitecheck.sucuri.net/results/kaambesh.com
→ https://www.virustotal.com/gui/url/b77930b92f3e3dbeeac207ae5d5f79fe17df1e1d1801c9a8b6870dfa95082e35?nocache=1

There are three Word Press CMS related issues with this site, that needs addressing:

1. & 2. Outdated Word Press plug-ins detected:
   -accordions 2.2.32 Warning latest release (2.2.34)
   https://www.pickplugins.com/item/accordions-html-css3-responsive-accordion-grid-for-wordpress/

strong-testimonials 2.51.5 Warning latest release (2.51.6)
https://strongtestimonials.com

3. User Enumeration
   The first two user ID’s were tested to determine if user enumeration is possible.

Username Name
ID: 1 admin admin
ID: 2 not found
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. Take note that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Site speed is under par.

A more extensive report here: https://www.immuniweb.com/websec/kaambesh.com/0krSxIs4/

Virus Total relations states that AS was involved in mail.phishing and Trickbot abuse.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Hello, avast has added our site to the blacklist. I don’t know how long this has been. There is nothing negative about the site. I left a record to be removed from the blacklist but no response. What should I do? site: snewstr.com

You should get a reply within 48 hours.

Hello.
The domain of our company (hxtps://level2.webhmi.com.ua/) was added to the blacklist for no known reason. Other site aliases are fine.
Checked by:
https://sitecheck.sucuri.net/results/level2.webhmi.com.ua
https://zulu.zscaler.com/report/69b966a9-c506-447c-a49e-926fd2d081b7
Please remove it from the blacklist.

Use the link given in an earlier post.

Witam WebHMI,

Good to report this issue and then get a final verdict from avast team, whether this is indeed an FP.
Also consider there are at least two more vendors that flag that website as malicious:
https://www.virustotal.com/gui/url/58d860b4ea97461b9ac8489264fd0b7c7fa33e0319049667167dd73f982082cb

However the following retire.js library issues should be looked into:

bootstrap 3.3.7 Found in -https://level2.webhmi.com.ua/public/js/libs/bootstrap.js?85a31cf4 _____Vulnerability info: Medium 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331 1 Medium 20184 XSS in data-target property of scrollspy CVE-2018-14041 Medium 20184 XSS in collapse data-parent attribute CVE-2018-14040 Medium 20184 XSS in data-container property of tooltip CVE-2018-14042 Medium XSS is possible in the data-target attribute. CVE-2016-10735 handlebars 4.0.11 Found in -https://level2.webhmi.com.ua/public/js/main.js?0952e4e0 _____Vulnerability info: High A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template High A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template Low Disallow calling helperMissing and blockHelperMissing directly Medium Prototype pollution jquery 1.10.2.min Found in -https://level2.webhmi.com.ua/assets/js/vendor/jquery-1.10.2.min.js _____Vulnerability info: Medium 2432 3rd party CORS request may execute CVE-2015-9251 Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution 123 Medium CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS Medium CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS moment.js 2.15.1 Found in -https://level2.webhmi.com.ua/public/js/libs/moment.js?6a270a2f _____Vulnerability info: Medium Regular Expression Denial of Service (ReDoS) Low Regular Expression Denial of Service (ReDoS) CVE-2017-18214

pozdrawiam,

polonus (volunteer 3rd party cold recon website security-analyst and website error-hunter)

Good afternoon, my site http://бупик.рф / was blacklisted, at the moment the site is completely cleaned, I ask you to assist in excluding it from the blacklist.

→ https://sitecheck.sucuri.net/results/xn--90aogst.xn--p1ai
→ https://www.virustotal.com/gui/url/460203373c10c4102d8d628ecd10f2396316f1d0d29d3a4d37b3c0cb8054bec5?nocache=1

Apparently Avast isn’t the only one that tags the site.

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

please help. My website newsnet.ro os in blacklist, avast blocked

Use the link already given above your post to report it - However some issues you need to address, see below.

Nothing found here, but this is a basic check - https://www.virustotal.com/gui/url/ff93432f213226bf006bf8b7ce08cafc5554ea158f2f4d9c2edbfebd0b8c1e07?nocache=1

Aside from this, there are lots of things you need to address to improve security. Outdated software and security issues could put your site at risk:
Security issues reported here - https://en.internet.nl/site/newsnet.ro/1709938/

No malware but hardening improvements - https://sitecheck.sucuri.net/results/newsnet.ro

More outdated software reported here - https://awesometechstack.com/analysis/website/newsnet.ro/

Webpage Security Score F JavaScript Libraries with vulnerabilities - https://snyk.io/test/website-scanner/?test=220917_BiDcD2_9EH&utm_medium=referral&utm_source=webpagetest&utm_campaign=website-scanner

Hello.
The domain of our company (https://www.twilead.com) was added to the blacklist for no known reason except a breach in our security last June where someone could create a fake account on our platform and sent some phishy-looking emails. We have right away identified the issue, banned the user and hardened our security which makes it totally impossible to do so again ever since. Btw Other sites are fine.
Could you please remove us from blacklist and recategorize us as “marketing software” or “business cloud apps” ?
Thank you!!

Report Suspicious File or URL: https://www.avast.com/false-positive-file-form.php