Avast WEBforum

Other => Viruses and worms => Topic started by: Cheuk Pong on October 18, 2019, 09:10:33 AM

Title: Please release my company website. (Phishing site)
Post by: Cheuk Pong on October 18, 2019, 09:10:33 AM
My company website is: hxtps://milton-exhibits.com
I am been blocked the infected url at htaccess which are found in virustotal on https://www.virustotal.com/gui/domain/milton-exhibits.com/relations (https://www.virustotal.com/gui/domain/milton-exhibits.com/relations).
01
hxtps://milton-exhibits.com/website/earthllnk/69a373fed4973cb3a3e7a510728e4899
02
hxtp://milton-exhibits.com/website/earthllnk/75c5c586fb642a959f79e4ae29e67572
03
hxtps://milton-exhibits.com/website/earthllnk/75c5c586fb642a959f79e4ae29e67572/CustomerBillingUpdate.htm
04
hxtp://milton-exhibits.com/website/earthllnk/69a373fed4973cb3a3e7a510728e4899
05
hxtps://milton-exhibits.com/website/earthllnk/69a373fed4973cb3a3e7a510728e4899/CustomerBillingUpdate.htm
06
hxtps://www.milton-exhibits.com/website/earthllnk/
07
hxtp://milton-exhibits.com/website/earthllnk/025cdcd368fba4d7f15ae831284c22e7/CustomerBillingUpdate.htm
08
hxtp://milton-exhibits.com/website/app_rackspace
09
hxtps://milton-exhibits.com/assets/images/home/j/nomade
10
hxtps://milton-exhibits.com/assets/images/home/h

Would you please release my company website? Thanks.
Title: Re: Please release my company website. (Phishing site)
Post by: Pondus on October 18, 2019, 09:27:12 AM
Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438



Title: Re: Please release my company website. (Phishing site)
Post by: polonus on October 18, 2019, 01:58:46 PM
Do not see the site being blocked. Has sacn problems - https://sitecheck.sucuri.net/results/milton-exhibits.com/website/earthllnk

Retirable jQuery libfraries: Retire.js
angularjs   1.3.11   Found in -https://milton-exhibits.com/themes/milton_exhibits/js/cdn/angular.min.js
Vulnerability info:
Medium   The attribute usemap can be used as a security exploit   
Medium   Universal CSP bypass via add-on in Firefox   
Medium   DOS in $sanitize
Low   XSS in $sanitize in Safari/Firefox   
jquery   2.1.3   Found in -https://milton-exhibits.com/themes/milton_exhibits/js/cdn/jquery.min.js
Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution

10 immediate threats threatening your website: https://webscan.upguard.com/#/https://milton-exhibits.com/en/index.html

Found through linting 314 recommendations for improvement:
https://webhint.io/scanner/7924919b-d0b9-4c3b-a882-d943940d847e

polonus (3rd party cold recon website security analyst and website error-hunter)
Title: Re: Please release my company website. (Phishing site)
Post by: polonus on October 18, 2019, 07:42:04 PM
Error report
Quote
FATAL:  terminating connection due to conflict with recovery
DETAIL:  User query might have needed to see row versions that must be removed.
CONTEXT:  PL/pgSQL function web_apis(text,text[],text[]) line 3603 at FOR over EXECUTE statement
ERROR:  server conn crashed?
server closed the connection unexpectedly
   This probably means the server terminated abnormally
   before or while processing the request.

pol
Title: Re: Please release my company website. (Phishing site)
Post by: Michael (alan1998) on October 18, 2019, 09:20:21 PM
Also blacklisted by Fortinet.