Author Topic: Site Blocked - URL:Phishing  (Read 122206 times)

0 Members and 2 Guests are viewing this topic.

Offline Janet112

  • Newbie
  • *
  • Posts: 2
Re: Site Blocked - URL:Phishing
« Reply #570 on: September 14, 2020, 02:54:06 AM »
@DavidR - I assume the post was directed at me. When I go to that site it asks me to upload a file or enter a website. What file should I upload/website URL? I tried submitting without uploading, but it wouldn't let me.
« Last Edit: September 14, 2020, 02:59:44 AM by Janet112 »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 84110
  • No support PMs thanks
Re: Site Blocked - URL:Phishing
« Reply #571 on: September 14, 2020, 03:00:19 AM »
Yes, as it was directly under your post, other wise I would have quoted your post.

I only quoted Asyn's post after mentioning it to save you finding it.
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.9.2437 (build 20.9.5758.0) UI-1.0.579/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32808
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #572 on: September 14, 2020, 11:16:08 AM »
I see errors for the links given (net-work errors, slow responding, could have been an Akamai Technologies Inc hick-up)

Re: https://www.virustotal.com/gui/url/0df74fa30274a9d6aa83363d432409d1dead9485c2090508a3d08a1fd3995e09/detection

Wait for a final verdict from avast team.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline linhvu.vn

  • Newbie
  • *
  • Posts: 3
Re: Site Blocked - URL:Phishing
« Reply #573 on: September 16, 2020, 10:41:01 PM »
Hello I have the same problem with website: https://www.langkingdom.com/
I am learning English here,
And I also want to turn on the web shield
Can you unlock URL?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36793
Re: Site Blocked - URL:Phishing
« Reply #574 on: September 16, 2020, 10:46:06 PM »
Hello I have the same problem with website: https://www.langkingdom.com/
I am learning English here,
And I also want to turn on the web shield
Can you unlock URL?


Report a false positive (select file or website)

Click this link  >>  https://www.avast.com/false-positive-file-form.php







Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32808
  • malware fighter
Re: Site Blocked - URL:Phishing
« Reply #575 on: September 16, 2020, 11:56:34 PM »
Hi linhvu.vn,

I do not see that site blocked by avast's.

Vulnerabilities on website in AngularJS, headers - 1.5.3
5
GHSA-89MQ-4X47-5V83
Prototype Pollution in angular
5
GHSA-MHP6-PXH8-R675
Cross site scripting in Angular
3.5
GHSA-5CP4-XMRW-59WF
XSS via JQLite DOM manipulation functions in AngularJS

JavaScript error
Quote
SyntaxError: Invalid regular expression flags
  eval ()()
  :3:98()
  Object.c [as F_c] (:2:146)()
  Object.E_u (:3:267)()
  la (eval at exec_fn (:1:147), :60:53)()
  Object.create (eval at exec_fn (:1:147), :71:325)()
  d (eval at exec_fn (:1:147), :13:89)()

Retirable library as mentioned earlier:
Quote
angularjs   1.5.3   Found in -https://www.langkingdom.com/js/015c29d6.libs.js<br>Vulnerability info:
Medium   angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. CVE-2020-7676   
Medium   Prototype pollution   
Low   XSS through SVG if enableSvg is set   
Medium   Universal CSP bypass via add-on in Firefox   
Medium   DOS in $sanitize   
Low   XSS in $sanitize in Safari/Firefox

10% tracking blocked in ZenMate.

Source code oversight:
Quote
HTML
-www.langkingdom.com/en
34,384 bytes, 287 nodes

Javascript 21   (external 8, inline 13)
-connect.facebook.net/en_US/​sdk.js
-www.youtube.com/​iframe_api
INLINE: self['tp_sPBfBGPDhmS_func'] = function(frame){ if (frame === null) { co
3,872 bytes

INLINE: self['tp_dwmbwJVRTPx_func'] = function(frame){ if (frame === null) { co
2,226 bytes

INLINE: self['tp_ZJXcuOlAhoA_func'] = function(frame){ if (frame === null) { co
2,614 bytes

INLINE: self['tp_OPsHMEhhPlo_func'] = function(frame){ if (frame === null) { co
2,424 bytes

INLINE: self['tp_rEMdWWaNAOJ_func'] = function(frame){ if (frame === null) { co
5,433 bytes

INLINE: /* * This entire block is wrapped in an IIFE to prevent polluting the scope of
34,624 bytes

INLINE: function log(msg) { if (typeof window.console == "undefined
424 bytes

INLINE: var html5Mode = true;
21 bytes

INLINE: (function () { if (!navigator.userAgent.match(/IEMobile/))
417 bytes

INLINE: var ENV, FB_ID, BASE_URL, APP_VERSION, NATIVE_APP_VERSION; NATI
4,604 bytes

INLINE: (function (w, d, s, l, i) { w[l] = w[l] || []; w[l].push({
492 bytes

INLINE: var siteLoadingInterval = null; setTimeout(function () {
2,654 bytes

-www.langkingdom.com/js/conditional-resource/howler/​howler.custom.js
-www.langkingdom.com/js/​015c29d6.libs.js
-www.langkingdom.com/js/​d2bcda8f.langkingdom.js
-www.langkingdom.com/js/​dba99705.firechat.js
-www.langkingdom.com/js/conditional-resource/opentip/​opentip-jquery.min.js
-www.google.com/recaptcha/​api.js?render=explicit&onload=vcRecaptchaApiLoaded
INLINE: $(document).ready(function () { angular.bootstrap(document,
430 bytes

CSS 13   (external 3, inline 10)
INLINE: @charset "UTF-8";[ng\:cloak],[ng-cloak],[data-ng-cloak],[x-ng-cloak],.ng-cloak,.
237 bytes INJECTED

INLINE: .video-js { width: 300px; height: 150px; } .
132 bytes INJECTED

-fonts.googleapis.com/​css?family=Roboto&display=swap
INJECTED

INLINE: @-ms-viewport{width:device-width}
33 bytes INJECTED

INLINE: @-webkit-keyframes siteLoading { from { -we
6,493 bytes INJECTED

INLINE: .vjs-youtube .vjs-iframe-blocker { display: none; }.vjs-youtube.vjs-user-inactiv
232 bytes INJECTED

INLINE: .vs-repeat-debug-element { top: 50%; left: 0; right
435 bytes INJECTED

-www.langkingdom.com/css/​fontface.css
INJECTED

INLINE: -a.gootranslink:link {color: #0000FF !important; text-decoration: underline !impo
2,944 bytes INJECTED

INLINE: .BDTLL_icon_ok { background-image: url(data:image/png;base64,iVBORw0KGgoAAAA
26,787 bytes INJECTED

INLINE: .BDTLL_status { cursor: pointer; display: inline; margin-right: 3px;
276 bytes INJECTED

INLINE: -a.gootranslink:link {color: #0000FF !important; text-decoration: underline !impo
2,944 bytes INJECTED

-www.langkingdom.com/css/​45371c49.langkingdom.css
INJECTED

No alerts here: https://www.virustotal.com/gui/ip-address/13.228.173.6/relations

So wait for the final verdict by an avast team member, as they are the only ones to come and unblock,
we here are just volunteers with relative knowledge in website security intelligence.

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)


Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 84110
  • No support PMs thanks
Re: Site Blocked - URL:Phishing
« Reply #576 on: September 17, 2020, 12:51:35 AM »
I'm always suspicious when someone posts a link Avast supposedly isn't alerting on it, I'm a trusting sort NOT.  That said Avast is actually alerting on it, an alert on the api. domain auth token, see attached image.

Like my forum friend polonus there are other things at issue with this site.
But this site is considered a Medium Security Risk https://sitecheck.sucuri.net/results/langkingdom.com

Plus other issues here https://webhint.io/scanner/8e75f61b-63e2-40f4-813c-92ae894ca73f

Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.9.2437 (build 20.9.5758.0) UI-1.0.579/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline linhvu.vn

  • Newbie
  • *
  • Posts: 3
Re: Site Blocked - URL:Phishing
« Reply #577 on: September 17, 2020, 04:14:34 AM »
Hi everybody
The first, I sorry because I use google translate
I cannot enter a password from the keyboard after I set up password
My keyboard still works for other things

Let me known what can I do

Offline rocksteady

  • Advanced Poster
  • **
  • Posts: 932
Re: Site Blocked - URL:Phishing
« Reply #578 on: September 17, 2020, 10:29:58 AM »
Which password do you mean?
Is it the password to lock Avast settings?

Also state which operating system and whether paid or free Avast.

Offline linhvu.vn

  • Newbie
  • *
  • Posts: 3
Re: Site Blocked - URL:Phishing
« Reply #579 on: September 17, 2020, 10:33:08 AM »
After I update version Avast, I fixed it
Thanks

Offline mallomar

  • Newbie
  • *
  • Posts: 17
Re: Site Blocked - URL:Phishing
« Reply #580 on: September 17, 2020, 12:22:55 PM »
Hope I'm posting this in the right place.

Avast (I use the free version) is blocking access to my bank's website. I've tried on 2 different computers, and I get this message:

Threat secured

We've safely aborted connection on [secure.bankofamerica.com] because it was infected with HTML:PhishingBank-COV [Phish}


Can someone please tell me what I need to do?

Thanks.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 67918
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Site Blocked - URL:Phishing
« Reply #581 on: September 17, 2020, 12:29:10 PM »
Hope I'm posting this in the right place.
Avast (I use the free version) is blocking access to my bank's website. I've tried on 2 different computers, and I get this message:
Threat secured
We've safely aborted connection on [secure.bankofamerica.com] because it was infected with HTML:PhishingBank-COV [Phish}

Can someone please tell me what I need to do?
Thanks.
Hi, this has been fixed already, see: https://forum.avast.com/index.php?topic=238078.0
Win 8.1 [x64] - Avast PremSec 20.10.2440.Beta#3 [UI.580] - CC 5.74 - EEK - FF ESR 78.5 [NS/AOS/uBO/PB] - TB 78.5 - SB/CP/SL/DU.B
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline mallomar

  • Newbie
  • *
  • Posts: 17
Re: Site Blocked - URL:Phishing
« Reply #582 on: September 17, 2020, 03:13:15 PM »
Hope I'm posting this in the right place.
Avast (I use the free version) is blocking access to my bank's website. I've tried on 2 different computers, and I get this message:
Threat secured
We've safely aborted connection on [secure.bankofamerica.com] because it was infected with HTML:PhishingBank-COV [Phish}

Can someone please tell me what I need to do?
Thanks.
Hi, this has been fixed already, see: https://forum.avast.com/index.php?topic=238078.0

Thanks. It does work now.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 67918
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Site Blocked - URL:Phishing
« Reply #583 on: September 17, 2020, 03:15:26 PM »
You're welcome.
Win 8.1 [x64] - Avast PremSec 20.10.2440.Beta#3 [UI.580] - CC 5.74 - EEK - FF ESR 78.5 [NS/AOS/uBO/PB] - TB 78.5 - SB/CP/SL/DU.B
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline thekalakarz

  • Newbie
  • *
  • Posts: 1
Re: Site Blocked - URL:Phishing
« Reply #584 on: September 23, 2020, 09:14:59 AM »
Hello, I'm having problems with my website (manhealth.com.pk)  website is marked url:phishing by Avast