Author Topic: Trying to watch movie online and it came back as security threat  (Read 1480 times)

0 Members and 1 Guest are viewing this topic.

Offline Anthony397

  • Newbie
  • *
  • Posts: 2
I was trying to watch a movie and the error "We've safely aborted connection on vidto.me because it was infected with JS:ScriptIP-inf[trj]."

The website was
http://cafehulu.com/watch/dBrgZekd-rise-of-the-planet-of-the-apes/vidto.html

Since that popup none of the video links work anymore but the first one and that one is so lagged up i cannot even watch the movie. I uninstalled all previous versions of java and installed the newest edition and the same error popped up again.

Online polonus

  • Avast √úberevangelist
  • Maybe Bot
  • *****
  • Posts: 31879
  • malware fighter
Re: Trying to watch movie online and it came back as security threat
« Reply #1 on: June 17, 2019, 09:22:56 AM »
hints from linter service: https://webhint.io/scanner/eabdcae3-8fbf-46da-896a-031b9583c2f3
I can normally visit site now on an avast protected device inside avast secure browser...

Re: HTTP/1.1 503 Service Temporarily Unavailable
Note: It looks like your site has returned a 503 Error. In some cases the firewall or a bad bot utility will block the use of this tool.
Detection IP related to: https://otx.alienvault.com/indicator/domain/crrepo.com
consider: https://sitecheck.sucuri.net/results/cafehulu.com/watch/dbrgzekd-rise-of-the-planet-of-the-apes/vidto.html
See detected in relations, CloudFlare abuse: https://www.virustotal.com/gui/ip-address/172.64.203.30/relations
It is an old G-Data detection.
Retirable -
jquery   1.11.1.min   Found in -http://cafehulu.com/js/jquery-1.11.1.min.js
Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Medium   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
Forcepoint ThreatSeeker   gives it as hacking site. 1 malicious flag: https://www.virustotal.com/gui/url/82f14e90e9ecd53d7d5e9da461d436859f9d08eb3c588c96dcad01659363e090/detection
client is insecure...

polonus
« Last Edit: June 17, 2019, 09:27:40 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Anthony397

  • Newbie
  • *
  • Posts: 2
Re: Trying to watch movie online and it came back as security threat
« Reply #2 on: June 17, 2019, 10:42:35 PM »
Not sure i understand what half of what you were talking about or linking means

Online polonus

  • Avast √úberevangelist
  • Maybe Bot
  • *****
  • Posts: 31879
  • malware fighter
Re: Trying to watch movie online and it came back as security threat
« Reply #3 on: June 18, 2019, 06:21:30 PM »
Howdy Anthony397,

The information is meant for those that maintain that website.
I could well understand it is outside your scope as you are neither a website developer, website hoster or cloud service.
But you as an end-user came at the wrong end of the stick.

The configuration of that site at that time you met problems was questionable and created problems,
which resulted in an alert for you.
When your device is giving your problems, a qualified malware remover here on our forums should dive into it,
as you provide us with some dataas required here, see: https://forum.avast.com/index.php?topic=194892.0

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline HonzaZ

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1128
Re: Trying to watch movie online and it came back as security threat
« Reply #4 on: June 19, 2019, 09:20:23 AM »
We block loralana[.]com, which is the cause of this popup. I advise not watching movies at that domain.