system
June 27, 2017, 4:41am
1
Hi,
Since this morning, our customer can’t access crashzone[.]com.au because avast blocked it.
I’ve double checked my website on :
http://www.urlvoid.com/scan/crashzone.com.au/
https://www.virustotal.com/en/url/8c86c190aa532fa4099da5391130193a4689c9e5bd73f1f91cd5ab98275b48eb/analysis/1498538315/
It’s totally clean. The error I got with Avast is: “Threat blocked hxxp://101.0.121[.]114 - Infection: URL:Mal”
Please help remove our website from your blacklist. Thanks a lot
Eddy
June 27, 2017, 5:15am
2
VirusTotal does not scan sites.
URL:Mal means the the domain and/or IP is blocked and/or that you are linking to something that is blacklisted.
And here is already your first problem :
https://sitecheck.sucuri.net/results/www.crashzone.com.au
IP block probably because of phishing performed from that particular IP: http://urlquery.net/report.php?id=1496633775196
Wait to see whether avast could exclude that domain from general IP block, wait for an avast team member,
as we here are volunteers with relevant knowledge, and only avast team members may unblock.
Consider the inconsitencies and issues here: http://www.dnsinspect.com/crashzone.com.au/10138716
polonus (volunteer website security analyst and website error-hunter)
Eddy
June 27, 2017, 5:24am
4
Blacklistings on that IP/ASN :
https://www.virustotal.com/en/ip-address/101.0.121.114/information/
http://urlquery.net/report.php?id=1498538615412
And here are more problems :
https://quttera.com/detailed_report/www.crashzone.com.au
Wordpress issues that need to be solved :
clean-login 1.7.9 latest release (1.8.1) Update required
http://cleanlogin.codection.com
profile-builder 2.5.1 latest release (2.6.4) Update required
https://www.cozmoslabs.com/wordpress-profile-builder/
login-with-ajax 3.1.6 latest release (3.1.7) Update required
http://wordpress.org/extend/plugins/login-with-ajax/
contact-form-7 4.6 latest release (4.8) Update required
https://contactform7.com/
easy-load-more 1.0 latest release (1.0.2) Update required
Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.
ID User Login
1 admin admin
2 winston@crashzone.com.au winstoncrashzone-com-au
Vulnerable libraries :
http://retire.insecurity.today/#!/scan/0b90b93bf88f81549d2e89de54a6931b33827f9153e9ddf4a137ad38c61bb348
HonzaZ
June 28, 2017, 8:28am
5
Hi,
This was a false positive detection on 101.0.121.114, it was unblocked yesterday, 15:25 CEST. Sorry for the inconvenience!