Review my client site

system · 2017-08-27T07:39:12.000Z

Hi,

Can I have my client site reviewed? Why was the following site blacklisted from Avast?

craiglaundy.com.au

If the above site has no issue, can we have it removed from your blacklist?

Thanks,

Eddy · 2017-08-27T07:51:12.000Z

vulnerable library detected :
http://retire.insecurity.today/#!/scan/3e190e5292723344b8e8710dfd2c69d6f534dcd7dfeb454e09255beab3ca3faf

Malicious activity on that IP :
https://www.virustotal.com/#/ip-address/104.28.10.251

Possible links to blacklisted domains :
https://www.websicherheit.at/website-malware-viren-scanner/?url=craiglaundy.com.au

Problems on that ASN :
https://urlquery.net/report/2cced40b-7364-44c9-a3f6-a44c13264a54

polonus · 2017-08-27T10:19:37.000Z

Consider what Eddy reports, but there are additional issues:

On CMS - check whether all plug-ins were updated and fully patched: WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.

easy-columns 2.1.3
http://www.patrickfriedl.com/
revslider
digg-digg 5.3.6
jquery-mega-menu 1.3.10 latest release (1.3.10)
http://www.designchemical.com/blog/index.php/wordpress-plugins/wordpress-plugin-jquery-mega-menu-widget/
kebo-twitter-feed 1.5.12 latest release (1.5.12)
http://wordpress.org/plugins/kebo-twitter-feed/
wp-lightbox-2 latest release (3.0.6.2)
http://wpdevart.com/wordpress-lightbox-plugin
lazy-load 0.6.1 latest release (0.6.1)
mappress-google-maps-for-wordpress 2.45.1 latest release (2.45.1)
http://www.wphostreviews.com/mappress
gravityforms
wp-pagenavi 2.92 latest release (2.92)
http://lesterchan.net/portfolio/programming/php/
si-captcha-for-wordpress 3.0.2 latest release (3.0.2)
https://wordpress.org/plugins/si-captcha-for-wordpress/
latest-twitter-sidebar-widget 0.120328

No reverse dns for CloudFlare given…Potentially dangerous scripts
Iframes detected Detected
New window opening scripts Detected

Sender Policy Framework check Warning SPF record for the domain not found. An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain. Mail sent from the servers without SPF record could get into spam folder.
DMARC check Warning Domain-based Message Authentication, Reporting and Conformance (DMARC) record not found for the domain. DMARC is an email-validation system designed to detect and prevent email spoofing. It is intended to combat certain techniques often used in phishing and email spam, such as emails with forged sender addresses that appear to originate from legitimate organizations.

F-Grade status and recommendation: https://observatory.mozilla.org/analyze.html?host=craiglaundy.com.au

We here are just volunteers with relevant knowledge, but wait for the final verdict from an Avast Team Member as they are the only ones to unblock your domain. That will be over the weekend I presume.

polonus (volunteer website security analyst and website error-hunter)

Announcements