Remove site from blacklist

Viruses and worms
1

Hello everyone.

I added a long time ago some ADS with malicious code to my website so Avast put it in his blacklist. I’ve removed those ads after that but my site is still on the blacklist. Can you remove from there? the website is www.juegosychorradas.com

I made some analysis in with some tools and everyone is OK.

virustotal
https://virustotal.com/es/url/b0adf0a955495d98bb9fd0d261deff82b8d9526b2623e83f92d83598a1d7fcbc/analysis/1467214916/

unmaskparasites
http://www.unmaskparasites.com/security-report/?page=juegosychorradas.com

bitdeffender
http://trafficlight.bitdefender.com/info?url=http%3A%2F%2Fjuegosychorradas.com%2F&language=en_US

fortiguard
http://fortiguard.com/iprep?data=juegosychorradas.com

netcraft
http://toolbar.netcraft.com/site_report?url=+www.juegosychorradas.com

Thanks in advice

2

Listed by McAfee https://sitecheck.sucuri.net/results/www.juegosychorradas.com
http://www.siteadvisor.com/sites/juegosychorradas.com

IP history https://virustotal.com/nb/ip-address/66.6.44.4/information/
Many domains on same IP and many are blacklisted.
Click more button under list(s) for more info. you need to click it several times

@HonzaZ is notified and will pobably reply tomorrow :wink:

3

There is also this that need to be solved :
http://retire.insecurity.today/#!/scan/b57aa1defd70815fbceefcca83d0b036fcb93dd60f9b35e3d0b87eb93ef37590

4

I removed juegosychorradas.com from our blacklist :wink:
Please do update the vulnerable libraries Eddy pointed out - in case of an infection, the domain will be blacklisted again.

5

The problems about IP and old scripts are because that’s a tumblr site and I can’t change my IP and also I can’t modify the template to update those scripts with vulnerabilities. I will look for something tomorrow to see if i can fix the vulnerabilities you’ve found.

Thanks for everything.

6

Seems to me it is time to get a better host, perhaps even dedicated hosting.
It is not good when you can’t even update libraries especially since they can be the cause of infections on your site.

7

Also consider the vulnerabilities detected here: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.juegosychorradas.com
and how this works out versus: Results from scanning URL: -http://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=f218a6f6fc718910a31115ce98167c5e
Number of sources found: 8
Number of sinks found: 5

found JavaScript
     error: line:4: SyntaxError: missing ; before statement:
          error: line:4: Error: Supplied URL could not be fetched.
          error: line:4: .......^

I did not hear a remark there from HonzaZ, but your nameserver is at -ns1.afraid.org
It is always better to try and steer clear from afraid dot org. This also while the servers from the Nameserver organization (whois.pir.org)
are DROWn vulnerable: https://test.drownattack.com/?site=whois.pir.org

5 issues detected that makes your script situation even worse: https://sritest.io/#report/bcb7e670-ab0a-4b75-88e8-d33f5da0f4bb
See that a SRI HASH generator is presented here: https://www.srihash.org/

Meagre F-Status: https://securityheaders.io/?q=juegosychorradas.com&followRedirects=on

polonus (volunteer website security analyst and website error-hunter)