Plse unblock My website

Hi team,

Plse unblock my website http://hackfgt.com/ because it’s false blocked there are no harmful content or virus in my website

thanks
Raj

You can check your site with:
https://www.virustotal.com
http://zulu.zscaler.com
http://dnscheck.pingdom.com
http://www.siteadvisor.com

To check if a website is hosted on afraid.org, go to http://freedns.afraid.org/ and enter URL in the box you see in top right box and then click Trace button. Any domain hosted on afraid.org can be used by other persons for dns hosting without your control. If it happened for your domain, it was misused for malicious purposes - in that case, when nobody has control on subdomains of domain (DNS hijacking), we block the whole domain in order to protect our users. For you, the solution is most probably only changing the dns hosting and letting us know later (www.avast.com/contact-form.php).

Not infected (probably), but blocked for the content. We do not tolerate any websites that encourage hacking into gmail/facebook/other accounts.

all contents removed from site now can you please unblock http://hackfgt.com from block list

thanks
raj

If there is no content, it doesn’t matter if we block it or not… I wonder what content would you post to such a specific domain name?

I wonder what content would you post to such a specific domain name?
;D

It took 5 months to remove the content ?
There should be a huge penalty for slow webmasters/-owners ;D

Standard Wordpress installation.
If you can’t already set that up correctly, you should not be running a website.

Vulnerable library :
http://retire.insecurity.today/#!/scan/d4eb94c8bed7610a7bd9277f925c97949cbfbd46ec3475d823ff4cc338dd268a

Bad Wordpress setup :
Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.
ID User Login
1 Anga Puto renchodas1
2 None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Only the first two user ID’s were tested with this scan, use the Nmap NSE enumeration scripts (use your own Nmap installation or try the adanced membership option ) to discover additional user ID’s.

Warning Directory Indexing Enabled
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.
/wp-content/uploads/ enabled
/wp-content/plugins/ disabled

No matter what is removed from the site it wont be unblocked, as HonzaZ stated Avast doesn’t tolerate websites who’s purpose is to hack private information from personal accounts.

When i am trying to update my site every time avast antivirus blocked me to open website.so i had requested to unblock it so i can update my website.
I am not encourage to any site visitor to hack personal account just educate them how to protect their account from hacking (tips). contents are only for education purpose. All content is only for tips to prevent hacking and how they can get back their hacked account.

@Eddy

Thanks for your advice.i’ll applied your tips on my website.

Thanks
Raj

Ok, I am unblocking it. I have set reminders to random times in the future to check what the contents of your website are, so be careful about posting guides on hacking. Furthermore, we have automated systems as well as people all around the world who submit such pages.
Also, the phrase “all viruses and hacks are for educational purposes only” is as shallow as “I do not own this video” on youtube. In both ways, you are misbehaving, and explicitly typing otherwise does not void your responsibility :P.

Thanks HonzaZ,

i’ll extra careful to post any contents on my website.

and how they can get back their hacked account.
That is easy to tell. Tell the people to contact the owner(s) of the official website(s). Give them a link to the contact information.

Thanks Eddy for your advice

@Eddy

Now i have updated my WP site as per your suggestion. Below is latest Vulnerable library check:

http://retire.insecurity.today/#!/scan/1c104479e7ce1e45017f0cb0f3a0ee4ea416b68ac69fa41c3a31a707fb5f9ff8

Also try to avoid possibility of brute force attacks on my site.

once again thanks for your suggestions.
if you still found any issue on my site I would appreciate your advice.

Thanks
Raj

Appears to resolve to two different countries:

  • Netherlands
  • Japan

http://urlquery.net/report.php?id=1473883623721
http://zulu.zscaler.com/submission/show/fc678f8b646af4bf742e6e906aa9f96a-1473883589

No clue where zscaler is getting it from, but Japan is wrong.