Hello, I’m having problems with my website - wxw.shiny.ae whenever I try to access it from any computer that has Avast installed it does not allow access and the attachment popup appears which states that the website is infected with URL:Phishing.
Hi, I am a web developer and have recently bought 2 new domain names and installed exactly the same way I have installed the other 100 sites I have built. Within a couple of hours, the first site was blocked with the alert ’ Threat Blocked, we’ve safely aborted www. because it was infected with URL:Phishing.’
My client needs his website online quickly so we bought another domain, I did report this to Avast - as a false positive - and have heard nothing back! So today I did a fresh install with the new domain (never used before) and within 3 hours of installation, it has been blocked the same as the first.
These are standard WordPress sites, no ecommerce, valid SSL and once scanned no malware was found. How can I get this block removed and why is it happening so quickly, can it be an IP address? Ive never had this issue before, and my client is getting annoyed! Thanks for any help
Hello, I’m having problems with our company website - you.com. whenever our users to access it from any computer that has Avast installed it does not allow access and the attachment popup appears which states that the website is infected with URL:Phishing.
3rd party cold recon passive Analysis of WordPress Site(s)
Valid Target(s)
www.example.com
https://example.com/
192.16.1.1
Passive Analysis
.
Automated analysis of http://you.com that redirected to https://you.com/
SERVER DETAILS
Web Server:
cloudflare
IP Address:
172.66.43.199
Hosting Provider:
CLOUDFLARENET
Shared Hosting:
451 sites found (use Reverse IP to download list)
Title:
Please Wait… | Cloudflare
0
issues
A check of threat intelligence sources and blacklists was performed against the hostname and IP address of the target. The findings will identify reputation issues or even the presence of malicious code.
Google Safe Browsing is maintained by Google and used to by Chrome to warn users that they are about to visit a malicious site. Use the link to perform a live check of the target site.
Virus Total is a powerful analysis engine that uses threat intelligence and antivirus to help researchers track malware. References found on Virus Total may contain live malware. Use with caution.
If the IP address of a shared hosting server is listed in a blacklist, it may simply indicate one of the hosted websites has been compromised. It does not neccessarily indicate an immediate threat to another site on the same host, but should be investigated. Multiple listings from a shared hosting server may indicate a hosting service with poor reputation or poor security practices.
Take care visiting the listed threat intelligence resources. Links, hosts and references found on these sites contain live malware and should be treated with caution unless you know what you are doing.
There are likely more plugins installed than those listed here as the detection method used here is passive. While these results give an indication of the status of plugin updates, a more comprehensive assessment should be undertaken by brute forcing the plugin paths using a dedicated tool.
Linked Sites
Reputation checks have been performed on the IP address for each of the linked sites. Hosts found on blacklists with poor reputation may be a threat to users of the site. Hosting and locations are also included in the results.
Externally Linked Host Hosting / Company Netblock Country chrome.google.com GOOGLE www.cloudflare.com CLOUDFLARENET
Login for WordPress Enumeration & Vulnerability Scanners
Aggressive enumeration of plugins, themes, version and interesting urls.