Author Topic: Please release my company website. (Phishing site) (Read 1675 times)

Cheuk Pong · « **on:** October 18, 2019, 09:10:33 AM »

My company website is: hxtps://milton-exhibits.com
I am been blocked the infected url at htaccess which are found in virustotal on https://www.virustotal.com/gui/domain/milton-exhibits.com/relations.
01
hxtps://milton-exhibits.com/website/earthllnk/69a373fed4973cb3a3e7a510728e4899
02
hxtp://milton-exhibits.com/website/earthllnk/75c5c586fb642a959f79e4ae29e67572
03
hxtps://milton-exhibits.com/website/earthllnk/75c5c586fb642a959f79e4ae29e67572/CustomerBillingUpdate.htm
04
hxtp://milton-exhibits.com/website/earthllnk/69a373fed4973cb3a3e7a510728e4899
05
hxtps://milton-exhibits.com/website/earthllnk/69a373fed4973cb3a3e7a510728e4899/CustomerBillingUpdate.htm
06
hxtps://www.milton-exhibits.com/website/earthllnk/
07
hxtp://milton-exhibits.com/website/earthllnk/025cdcd368fba4d7f15ae831284c22e7/CustomerBillingUpdate.htm
08
hxtp://milton-exhibits.com/website/app_rackspace
09
hxtps://milton-exhibits.com/assets/images/home/j/nomade
10
hxtps://milton-exhibits.com/assets/images/home/h

Would you please release my company website? Thanks.

Pondus · « **Reply #1 on:** October 18, 2019, 09:27:12 AM »

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

polonus · « **Reply #2 on:** October 18, 2019, 01:58:46 PM »

Do not see the site being blocked. Has sacn problems - https://sitecheck.sucuri.net/results/milton-exhibits.com/website/earthllnk

Retirable jQuery libfraries: Retire.js
angularjs   1.3.11   Found in -https://milton-exhibits.com/themes/milton_exhibits/js/cdn/angular.min.js
Vulnerability info:
Medium   The attribute usemap can be used as a security exploit
Medium   Universal CSP bypass via add-on in Firefox
Medium   DOS in $sanitize
Low   XSS in $sanitize in Safari/Firefox
jquery   2.1.3   Found in -https://milton-exhibits.com/themes/milton_exhibits/js/cdn/jquery.min.js
Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution

10 immediate threats threatening your website: https://webscan.upguard.com/#/https://milton-exhibits.com/en/index.html

Found through linting 314 recommendations for improvement:
https://webhint.io/scanner/7924919b-d0b9-4c3b-a882-d943940d847e

polonus (3rd party cold recon website security analyst and website error-hunter)

polonus · « **Reply #3 on:** October 18, 2019, 07:42:04 PM »

Error report

Quote

FATAL: terminating connection due to conflict with recovery
DETAIL: User query might have needed to see row versions that must be removed.
CONTEXT: PL/pgSQL function web_apis(text,text[],text[]) line 3603 at FOR over EXECUTE statement
ERROR: server conn crashed?
server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.

pol

Michael (alan1998) · « **Reply #4 on:** October 18, 2019, 09:20:21 PM »

Also blacklisted by Fortinet.

Author Topic: Please release my company website. (Phishing site) (Read 1675 times)

Cheuk Pong

Please release my company website. (Phishing site)

Pondus

Re: Please release my company website. (Phishing site)

polonus

Re: Please release my company website. (Phishing site)

polonus

Re: Please release my company website. (Phishing site)

Michael (alan1998)

Re: Please release my company website. (Phishing site)