Dear Avast support!
My website has been flagged by Avast as dangerous.
http://hhwforum.hu
Could you please unblock it?
Thank you!
Zoltán Kálmánczi
No, avast doesn’t say it is dangerous (although it can be)
URL:Mal = IP and/or domain is blacklisted
Browser difference / Links to possible blacklisted domains :
http://www.web-malware-removal.com/website-malware-virus-scanner/?url=www.hhwforum.hu
Blacklisted IP and other problems :
http://zulu.zscaler.com/submission/show/413e43898a4801e699eaca218405fc65-1465722031
http://urlquery.net/report.php?id=1465721186979
http://urlquery.net/report.php?id=1465721313264
Connection and certificate problems :
https://www.ssllabs.com/ssltest/analyze.html?d=www.hhwforum.hu
Huge amount of vulnerable libraries (several rated high!) :
http://retire.insecurity.today/#!/scan/18a8f0b150f57f013841e05b7592fa1e99d82d8715517118b859c1839ab3b9d9
Hi Zoltán17,
The issues that my forum friend Eddy alerts for should be mitigated.
But there is more allthough direct malware is not being flagged but by the Web Shield,
and AOS gives the site as all clean in the search results.
However I get an object threat alert from Avast Web Shield for that your IP address:
https://www.virustotal.com/en/ip-address/78.46.178.164/information/
kicking up the so-called service link problem.
There has been problems with this since 2010, see: http://support.clean-mx.de/clean-mx/viruses?id=675843
Web rep = OK
https://www.mywot.com/en/scorecard/hhwforum.hu?utm_source=addon&utm_content=popup
The script issues that Eddy mentions are worsened with non-same-origin SRI missing tag hashes,
see here: https://sritest.io/#report/e8a6e2f6-d21f-4d4b-a561-2f57be02a889 (overall B-Status).
And here we even have a meagre F-Status: https://securityheaders.io/?q=http%3A%2F%2Fhhwforum.hu for the security header situation.
Now let us do a crawl with the old Redleg Fileviewer and we will get these scan results: https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fhhwforum.hu&ref_sel=GSP2&ua_sel=ff&fs=1
Re: The scan has detected some potential problems in the following file. First scroll down through the code listed out after the list of links, this is the code returned by the request for the URL you entered and check for any problem(s). Next, these link(s) will open the individual URL(s) in this tool, check through the code that is returned, compare the code being returned to a known clean copy, etc.
1 → /clientscript/vbulletin-core.js?v=423
Here it was blocked inside the code:
< script type="text/javascript" src=hxxp://hhwforum.hu/clientscript/vbulletin-core.js?v=423"> < / script >
See this being scanned here: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fhhwforum.hu%2Fclientscript%2Fvbulletin-core.js%3Fv%3D423 landing for me here:
Results from scanning URL: -http://revboosts.com/wp-content/cache/autoptimize/js/autoptimize_b7bf957339cd2bcd567cd379c359ad1d.js
Number of sources found: 84
Number of sinks found: 39
core.js analysed with a javascript decoder gives errors:
script
info: [decodingLevel=0] found JavaScript
error: line:3: SyntaxError: missing ) in parenthetical:
error: line:3: op>A.bottom||B.bottom<A.top)?false:true}function info(A){if(info==null||A){info={x:YAHOO.util.Dom.getDocumentScrollLeft(),y:YAHOO.util.Dom.getDocumentScrollTop(),w:YAHOO.util.Dom.getViewportWidth(),h:YAHOO.util.Dom.getV
error: line:3: .....^
- Use CSS selector code to mitigate this.
- On the control flow issue: https://www.codecademy.com/forum_questions/5447609a7c82ca24a50017b9
polonus (volunteer website analyst and website error-hunter)
P.S. Lengyel, magyar – két jó barát, együtt harcol, s issza borát
Damian
Köszönöm lengyel barátom a részletes leírást! 
Analizálom…
Hi, I unblocked the IP that it was on (78.46.178.164)