Hi!
Could you please remove my site from your blacklist?
Scaned by virustotal.com:
URL: http://conhecendooceara.com.br/
Detection ratio: 0 / 68
Analysis date: 2016-08-29 18:59:15 UTC ( 1 minute ago )
Regards,
Cláudio Dodt
VirusTotal does not scan websites.
Old plugins detected :
wordpress-social-login 2.2.3 latest release (2.3.0) Update required
http://miled.github.io/wordpress-social-login/
wordpress-seo 1.7.1 latest release (3.4.2) Update required
https://yoast.com/wordpress/plugins/seo/
Vulnerable library used :
http://retire.insecurity.today/#!/scan/ae1dec14618095af9e781f8a75d2dc593dfdaa72448fd9d9e9ba338e37b7bee5
4 problems found :
spf conhecendooceara.com.br No records found
dns conhecendooceara.com.br Name Servers are on the Same Subnet
dns conhecendooceara.com.br SOA Serial Number Format is Invalid
dns conhecendooceara.com.br SOA Expire Value out of recommended range
So, what kind of evidence do you need to remove the site from the blacklist?
I know virus total does not scan the site, but it does colect information for several other blacklists:
ADMINUSLabs Clean site
AegisLab WebGuard Clean site
AlienVault Clean site
Antiy-AVL Clean site
Avira Clean site
Baidu-International Clean site
BitDefender Clean site
Blueliv Clean site
C-SIRT Clean site
Certly Clean site
CLEAN MX Clean site
Comodo Site Inspector Clean site
CRDF Clean site
CyberCrime Clean site
desenmascara.me Clean site
Dr.Web Clean site
Emsisoft Clean site
ESET Clean site
Fortinet Clean site
FraudScore Clean site
FraudSense Clean site
G-Data Clean site
Google Safebrowsing Clean site
K7AntiVirus Clean site
Kaspersky Clean site
Malc0de Database Clean site
Malekal Clean site
Malware Domain Blocklist Clean site
Malwarebytes hpHosts Clean site
Malwared Clean site
MalwareDomainList Clean site
MalwarePatrol Clean site
malwares.com URL checker Clean site
Nucleon Clean site
OpenPhish Clean site
Opera Clean site
PalevoTracker Clean site
ParetoLogic Clean site
Phishtank Clean site
Quttera Clean site
Rising Clean site
SCUMWARE.org Clean site
SecureBrain Clean site
securolytics Clean site
Spam404 Clean site
SpyEyeTracker Clean site
Sucuri SiteCheck Clean site
Tencent Clean site
ThreatHive Clean site
Trustwave Clean site
URLQuery Clean site
VX Vault Clean site
Web Security Guard Clean site
Webutation Clean site
Wepawet Clean site
Yandex Safebrowsing Clean site
ZCloudsec Clean site
ZDB Zeus Clean site
ZeroCERT Clean site
Zerofox Clean site
ZeusTracker Clean site
zvelo Clean site
AutoShun Unrated site
Netcraft Unrated site
PhishLabs Unrated site
Sophos Unrated site
StopBadware Unrated site
Websense ThreatSeeker Unrated site
Hi Claudio Dodt
I do not see the warning from avast block? but because
this is perhaps this infection hxxp://conhecendooceara.com.br/fuck.php
Hi there!
Thanks for the quick reply! The aforementioned file is been excluded, and we are also working on updating/correcting the mentioned vulnerabilities.
Regards,
Claudio
code was alive 5min ago
Code still active: -http://www.domxssscanner.com/scan?url=http%3A%2F%2Fconhecendooceara.com.br%2Ffuck.php
Another insecurity: HTTP only cookies: Warning
Requested URL: http://conhecendooceara.com.br/ | Response URL: http://conhecendooceara.com.br/ | Page title: Conhecendo o Ceará | HTTP status code: 200 (OK) | Response size: 56,661 bytes (gzip’d) | Duration: 4,046 ms
Overview
Cookies not flagged as “HttpOnly” may be read by client side script and are at risk of being interpreted by a cross site scripting (XSS) attack. Whilst there are times where a cookie set by the server may be legitimately read by client script, most times the “HttpOnly” flag is missing it is due to oversight rather than by design.
Result
It looks like 2 cookies are being set without the “HttpOnly” flag being set (name : value):
PHPSESSID : t982cqg8sbk56jue2k0djvfad6
qtrans_cookie_test : 1
Unless the cookie legitimately needs to be read by JavaScript on the client, the “HttpOnly” flag should always be set to ensure it cannot be read by the client and used in an XSS attack.
polonus
conhecendooceara[.]com.br/fuck.php seem to be removed, so I unblocked the URL. I hope the vulnerabilities are already patched, or it might be blocked in the future again.