Site Blocked - URL:Phishing

[Janet112]

@DavidR - I assume the post was directed at me. When I go to that site it asks me to upload a file or enter a website. What file should I upload/website URL? I tried submitting without uploading, but it wouldn't let me.

[DavidR]

Yes, as it was directly under your post, other wise I would have quoted your post.

I only quoted Asyn's post after mentioning it to save you finding it.

[polonus]

I see errors for the links given (net-work errors, slow responding, could have been an Akamai Technologies Inc hick-up)

Re: https://www.virustotal.com/gui/url/0df74fa30274a9d6aa83363d432409d1dead9485c2090508a3d08a1fd3995e09/detection

Wait for a final verdict from avast team.

polonus

[linhvu.vn]

Hello I have the same problem with website: https://www.langkingdom.com/
I am learning English here,
And I also want to turn on the web shield
Can you unlock URL?

[Pondus]

Hello I have the same problem with website: https://www.langkingdom.com/
I am learning English here,
And I also want to turn on the web shield
Can you unlock URL?

Report a false positive (select file or website)

Click this link  >>  https://www.avast.com/false-positive-file-form.php

[polonus]

Hi linhvu.vn,

I do not see that site blocked by avast's.

Vulnerabilities on website in AngularJS, headers - 1.5.3
5
GHSA-89MQ-4X47-5V83
Prototype Pollution in angular
5
GHSA-MHP6-PXH8-R675
Cross site scripting in Angular
3.5
GHSA-5CP4-XMRW-59WF
XSS via JQLite DOM manipulation functions in AngularJS

JavaScript error

SyntaxError: Invalid regular expression flags
  eval ()()
  :3:98()
  Object.c [as F_c] (:2:146)()
  Object.E_u (:3:267)()
  la (eval at exec_fn (:1:147), :60:53)()
  Object.create (eval at exec_fn (:1:147), :71:325)()
  d (eval at exec_fn (:1:147), :13:89)()

Retirable library as mentioned earlier:

angularjs   1.5.3   Found in -https://www.langkingdom.com/js/015c29d6.libs.js<br>Vulnerability info:
Medium   angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. CVE-2020-7676   
Medium   Prototype pollution   
Low   XSS through SVG if enableSvg is set   
Medium   Universal CSP bypass via add-on in Firefox   
Medium   DOS in $sanitize   
Low   XSS in $sanitize in Safari/Firefox

10% tracking blocked in ZenMate.

Source code oversight:

HTML
-www.langkingdom.com/en
34,384 bytes, 287 nodes

Javascript 21   (external 8, inline 13)
-connect.facebook.net/en_US/​sdk.js
-www.youtube.com/​iframe_api
INLINE: self['tp_sPBfBGPDhmS_func'] = function(frame){ if (frame === null) { co
3,872 bytes

INLINE: self['tp_dwmbwJVRTPx_func'] = function(frame){ if (frame === null) { co
2,226 bytes

INLINE: self['tp_ZJXcuOlAhoA_func'] = function(frame){ if (frame === null) { co
2,614 bytes

INLINE: self['tp_OPsHMEhhPlo_func'] = function(frame){ if (frame === null) { co
2,424 bytes

INLINE: self['tp_rEMdWWaNAOJ_func'] = function(frame){ if (frame === null) { co
5,433 bytes

INLINE: /* * This entire block is wrapped in an IIFE to prevent polluting the scope of
34,624 bytes

INLINE: function log(msg) { if (typeof window.console == "undefined
424 bytes

INLINE: var html5Mode = true;
21 bytes

INLINE: (function () { if (!navigator.userAgent.match(/IEMobile/))
417 bytes

INLINE: var ENV, FB_ID, BASE_URL, APP_VERSION, NATIVE_APP_VERSION; NATI
4,604 bytes

INLINE: (function (w, d, s, l, i) { w[l] = w[l] || []; w[l].push({
492 bytes

INLINE: var siteLoadingInterval = null; setTimeout(function () {
2,654 bytes

-www.langkingdom.com/js/conditional-resource/howler/​howler.custom.js
-www.langkingdom.com/js/​015c29d6.libs.js
-www.langkingdom.com/js/​d2bcda8f.langkingdom.js
-www.langkingdom.com/js/​dba99705.firechat.js
-www.langkingdom.com/js/conditional-resource/opentip/​opentip-jquery.min.js
-www.google.com/recaptcha/​api.js?render=explicit&onload=vcRecaptchaApiLoaded
INLINE: $(document).ready(function () { angular.bootstrap(document,
430 bytes

CSS 13   (external 3, inline 10)
INLINE: @charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.
237 bytes INJECTED

INLINE: .video-js { width: 300px; height: 150px; } .
132 bytes INJECTED

-fonts.googleapis.com/​css?family=Roboto&display=swap
INJECTED

INLINE: @-ms-viewport{width:device-width}
33 bytes INJECTED

INLINE: @-webkit-keyframes siteLoading { from { -we
6,493 bytes INJECTED

INLINE: .vjs-youtube .vjs-iframe-blocker { display: none; }.vjs-youtube.vjs-user-inactiv
232 bytes INJECTED

INLINE: .vs-repeat-debug-element { top: 50%; left: 0; right
435 bytes INJECTED

-www.langkingdom.com/css/​fontface.css
INJECTED

INLINE: -a.gootranslink:link {color: #0000FF !important; text-decoration: underline !impo
2,944 bytes INJECTED

INLINE: .BDTLL_icon_ok { background-image: url(data:image/png;base64,iVBORw0KGgoAAAA
26,787 bytes INJECTED

INLINE: .BDTLL_status { cursor: pointer; display: inline; margin-right: 3px;
276 bytes INJECTED

INLINE: -a.gootranslink:link {color: #0000FF !important; text-decoration: underline !impo
2,944 bytes INJECTED

-www.langkingdom.com/css/​45371c49.langkingdom.css
INJECTED

No alerts here: https://www.virustotal.com/gui/ip-address/13.228.173.6/relations

So wait for the final verdict by an avast team member, as they are the only ones to come and unblock,
we here are just volunteers with relative knowledge in website security intelligence.

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

[DavidR]

I'm always suspicious when someone posts a link Avast supposedly isn't alerting on it, I'm a trusting sort NOT.  That said Avast is actually alerting on it, an alert on the api. domain auth token, see attached image.

Like my forum friend polonus there are other things at issue with this site.
But this site is considered a Medium Security Risk https://sitecheck.sucuri.net/results/langkingdom.com

Plus other issues here https://webhint.io/scanner/8e75f61b-63e2-40f4-813c-92ae894ca73f

[linhvu.vn]

Hi everybody
The first, I sorry because I use google translate
I cannot enter a password from the keyboard after I set up password
My keyboard still works for other things

Let me known what can I do

[rocksteady]

Which password do you mean?
Is it the password to lock Avast settings?

Also state which operating system and whether paid or free Avast.

[linhvu.vn]

After I update version Avast, I fixed it
Thanks

[mallomar]

Hope I'm posting this in the right place.

Avast (I use the free version) is blocking access to my bank's website. I've tried on 2 different computers, and I get this message:

Threat secured

We've safely aborted connection on [secure.bankofamerica.com] because it was infected with HTML:PhishingBank-COV [Phish}

Can someone please tell me what I need to do?

Thanks.

[Asyn]

Hope I'm posting this in the right place.
Avast (I use the free version) is blocking access to my bank's website. I've tried on 2 different computers, and I get this message:
Threat secured
We've safely aborted connection on [secure.bankofamerica.com] because it was infected with HTML:PhishingBank-COV [Phish}
Can someone please tell me what I need to do?
Thanks.

Hi, this has been fixed already, see: https://forum.avast.com/index.php?topic=238078.0

[mallomar]

Hope I'm posting this in the right place.
Avast (I use the free version) is blocking access to my bank's website. I've tried on 2 different computers, and I get this message:
Threat secured
We've safely aborted connection on [secure.bankofamerica.com] because it was infected with HTML:PhishingBank-COV [Phish}
Can someone please tell me what I need to do?
Thanks.

Hi, this has been fixed already, see: https://forum.avast.com/index.php?topic=238078.0

Thanks. It does work now.

[Asyn]

You're welcome.

[thekalakarz]

Hello, I'm having problems with my website (manhealth.com.pk)  website is marked url:phishing by Avast