Avast is blocking my website on any computer that has it installed.
Has anyone else had a similar experience, and how can this be fixed?
Avast is blocking my website on any computer that has it installed.
Has anyone else had a similar experience, and how can this be fixed?
You will need to give some information for any one to hazard a guess or investigate (URL and a screenshot of the alert would be helpful).
When posting the URL break the link us hXXp not http so the link isn’t active.
This really should be in the viruses and worms sub-forum https://forum.avast.com/index.php?board=4.0.
Has anyone else had a similar experienceMany
and how can this be fixed?Depends on why, and to answer that we need more info
Hey DavidR and Pondus, thanks for your quick replies. The url is:
hxxp://www.calcul8ors.com.au
Every time someone with Avast running on their machine tries to go to my website, they get a 404 error.
Turning Avast off allows them to visit without any problems. No other virus scanner has a problem with my site, and I stopped using Avast a couple of years ago specifically because of this problem, which I thought at the time was specific to the machine I was using at the time.
I was told by a client that they couldn’t access my site today, which makes me wonder how many others have been turned away because of this issue!
Please let me know if you need any other details to help me sort this out.
Thanks for your help!
→ https://sitecheck.sucuri.net/results/www.calcul8ors.com.au
→ http://zulu.zscaler.com/submission/show/5525bb321efea32b88bad6ab850fa2ae-1490528378
You can report a URL here: https://www.avast.com/report-a-url.php
I don’t get a 404 error, but an avast Web Shield alert URL:Mal, followed by firefox not being able to load the page as avast aborts the connection.
This is normally an indication that your site has external links to an infected site or the domain name or IP address is blacklisted, commonly when one IP has multiple domains on that IP with some of them being infected.
Based on Asyn’s post I would submit it for analysis, for additional info on your reporting it, give the link back to this topic.
It is not only avast that has blacklisted your site: https://www.ip-finder.me/110.232.141.222/
Terms.php and Privacy.php return a 404 nocontent.
Insecurity: https://observatory.mozilla.org/analyze.html?host=www.calcul8ors.com.au
See: -https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=www.calcul8ors.com.au&ref_sel=GSP2&ua_sel=ff&fs=1
polonus
Wow! Thanks so much, everyone. So here’s the action I’ve taken:
So, I’ll wait for Avast to get back to me and take it from there, I guess.
Thank you all so very much for your replies. It’s really helped, and could even resolve the issues I’m having. You guys are awesome!
You’re welcome.
If you gave a link back to this topic, you may well receive a reply here from avast.
My website seltecuae[.]com is blocked by Avast as blacklisted.
I ran a Sucuri site check and found it as blacklisted in PhishTank: https://sitecheck.sucuri.net/results/www.seltecuae.com
But the submission is OFFLINE after I sent a request to PhishTank: https://www.phishtank.com/phish_detail.php?phish_id=6045830
But still Avast and other antivirus programs blocks access to my site,
Please help me out here. :-[
Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php
https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438
Still get an unknown verdict here: https://urlscan.io/result/01991281-9f2e-46c3-a922-329e2785e2be
and here: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3LnN7bHR7XnV8ey5eXW0%3D~enc
Detection might have been based on these findings: https://otx.alienvault.com/indicator/domain/www.seltecuae.com
Re - nothing found: https://www.urlvoid.com/scan/seltecuae.com/
See: https://toolbar.netcraft.com/site_report?url=webcluster21.webpod9-cph3.one.com
10 detected URLs under this IP address: https://www.virustotal.com/gui/ip-address/77.111.240.20/details
Multiple flags: https://www.virustotal.com/gui/ip-address/77.111.240.20/relations
avast detected HTML:Script-inf [Susp] on that IP,
polonus
Detection has been removed in 10/09/2019 13:16 PM
Our virus specialists have now cleared its reputation in our database..With URLs this change should be instant, but it might take up to 24 hours with files
[quote author=polonus link=topic=199595.msg1518568#msg1518568 date=1568040539]
[quote author=Pondus link=topic=199595.msg1518523#msg1518523 date=1568018629]
[quote author=jefferson sant link=topic=199595.msg1518722#msg1518722 date=1568158431]
Man you guys are awesome. Very informative feedback… You guys rock 8) ;D
Appreciate it.
[quote author=irfanmkunhi link=topic=199595.msg1518522#msg1518522 date=1568018430]
My website seltecuae[.]com is blocked by Avast as blacklisted.
I ran a Sucuri site check and found it as blacklisted in PhishTank: https://sitecheck.sucuri.net/results/www.seltecuae.com
But the submission is OFFLINE after I sent a request to PhishTank: https://www.phishtank.com/phish_detail.php?phish_id=6045830
But still Avast and other antivirus programs blocks access to my site,
Please help me out here. :-[
Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php
https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438
It was reported that the detection was back.We were unable to reach contact due to a link problem.
Detection has been removed by AVG in 17.09.2019 at 04:10 AM.
The detection by AVG was incorrect and was removed in a recent AVG update, please wait at least 24 hours.
Avast has been confirmed not to be blocked anymore.
-http://www.seltecuae.com/ now no longer seen being blocked,
polonus
hxtps://squeezecreative.eu
please help me, i can not understand why you are blocking my site, sururi test is ok, which scanner you are using in obtaining the info which lead you blocking my site?
thank you in advance
simeon
It is not only avast that blocks this website because of PHISHING, it is also MBAM that blocks it and other vendors.
And another three to flag, see in the VT scan results: https://www.virustotal.com/gui/url/27f132e6926f7407de18fbf6bc5cfcfa8921acd2e704372a1a771ebe93bb451e/detection
Re: Unable to parse page. Check your target is accessible and try again…
OK here: http://isithacked.com/check/https%3A%2F%2Fsqueezecreative.eu%2F
Word Press CMS has an outdated version: https://sitecheck.sucuri.net/results/https/squeezecreative.eu
More detection on this same IP: https://www.virustotal.com/gui/ip-address/213.169.137.237/relations
Nelly’s linting improvement recommendations: https://webhint.io/scanner/fabf7621-dfa0-4c97-9d30-7b49b50bd05b
0 passed as linter is unable to scan & parse site…
DOM-XSS issues sources and sinks → Results from scanning URL: -https://squeezecreative.eu/
Number of sources found: 10
Number of sinks found: 109
Results from scanning URL: -https://squeezecreative.eu/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.4
Number of sources found: 0
Number of sinks found: 3
Results from scanning URL: -https://squeezecreative.eu/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.4
Number of sources found: 41
Number of sinks found: 17
Results from scanning URL: -https://squeezecreative.eu/wp-includes/js/wp-embed.min.js?ver=4.9.10
Number of sources found: 17
Number of sinks found: 2
Results from scanning URL: -https://squeezecreative.eu/wp-includes/js/wp-embed.min.js?ver=4.9.10
Number of sources found: 46
Number of sinks found: 9
With combinations of sources (input that can be controlled) like window.name 1.455 & sessionStorage 1/2
and sinks (methods to be abused) like eval 31/50 Function 1/5 059 & setTimeout 1/103 just to name a few.
This in the context of two vulnerable retirable jQuery libraries detected:
https://retire.insecurity.today/#!/scan/d0eca830111fdd9d1136a5d98c5b7897cfe2ace2c58a341bca47ddd21fc95ff5
See: https://snyk.io/vuln/npm:jquery:20150627 = SNYK DB for DOM-XSS exploitable flaws etc.
Convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents.
Could be obfuscated code is flagged after ;eval(function(p,a,c,k,e,r), but that is only a fair guess on my part.
Wait for an Avast Team Member for a final verdict and an eventual green light.
They are the only ones to come and unblock, as we here are just volunteers with relative knowledge.
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Hello,
you can report it here: https://www.avast.com/false-positive-file-form.php
Milos