Our SAAS platform blocked by Avast

Viruses and worms
1

Hi team,

Our SAAS platform at https://mylogin.site/application (Previously hosted on https://survay.io/application) which is a survey/appointment tool has been blocked by avast with a URL.mal message and several of our users and their customers are having issues accessing our tool.

I ran our website URL on multiple virus checker tools and none of them reported any issues.

Can you please help me figure out why it is blacklisted and help me in getting it delisted as our platform hosts a lot of surveys and appointments and we don’t want our customers to lose their customers because of this issue.

Thanks,
Anuroop

2

URL:Mal mean Blacklisted URL or IP

Reported to avast. Check back tomorrow for a reply

3

Awesome, Thanks!

4

Wait for an avast team member to unblock, we are just users with relevant knowledge,
as only avast team members can give the final verdict.

Your website has several redirects, wwll if expected that means 'no sweat".

Server vulnerable to an information leakage vulnerability that can reveal sensitive info -
for Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Netcraft risk grade 9 red out of 10: http://toolbar.netcraft.com/site_report?url=https%3A%2F%2Fmylogin.site

Vulnerable jQuery library detected: -https://mylogin.site/
Detected libraries:
bootstrap - 3.3.6 : -https://mylogin.site/application/assets/global/plugins/bootstrap/js/bootstrap.min.js
Info: Severity: medium
https://github.com/twbs/bootstrap/issues/20184
jquery - 1.12.1 : (active1)- https://mylogin.site/application/assets/global/plugins/jquery.min.js
(active) - the library was also found to be active by running code
1 vulnerable library detected

This here seems OK: https://sritest.io/#report/db951fb3-3027-4427-b00e-da44176f7987

Info proliferation on the webhub nameserver → http://toolbar.netcraft.com/site_report?url=http://ns2.ihot.com

Comodo CPanel cert installed correctly. No HSTST however.

polonus (volunteer website security analyst and website error-hunter)

5

I have removed mylogin[.]site from our blacklist ;)!

6

Thank you so much! :slight_smile: