Hi, Avast keeps on blocking this website openload.pw with an “URL:Phishing” message.

I’ve checked with https://sitecheck.sucuri.net/results/openload.pw and https://www.virustotal.com/it/url/88cb7284dc77a7bf834cb43cbbd48823db441c8d18250ea1f34302348b9da61d/analysis/1548325572/

Everything looks green (malware/blacklist), just there is no HTTPS encryption.

Thanks.

Checked at PHISHcheck: {“sid”: 172585, “is_success”: true}

polonus

Quttera: https://quttera.com/detailed_report/openload.pw

Have you implemented any of the hardening steps recommended for free by Sucuri? (See link above posted in your OP.)

Yeah, if I go for the https version, Avast let me browse the site so I already sent an email to the administrator. Thanks.

A http version should not exist next to a https or should redirect there.

File name: /assets/js/typed.min.js is the code that Sucuri’s is flagging and has been abused since 2005 henceon,
Potentially malicious JavaScript contexts
And it is also flagged by SNYK and here: https://retire.insecurity.today/#!/scan/35110fca543262031700b8d0feee7070dc119cd675e9e6760ac1c4751ae536f3
DOM-XSS related issues like sources and sinks for URL: htxp://openload.pw/assets/js/jquery.min.js
Number of sources found: 43 ; number of sinks found: 19

Various (28) best policy hints given here: https://webhint.io/scanner/06db7313-1212-4f96-8f0d-d254c3d5a8e9

polonus (volunteer website security analyst and website error-hunter)

L.S.

Inherent when vulnerable javascript is being used on PHP-driven CMS,
sometimes such potential insecurity could lead to malcode like crypto-PHP-malware.

See this way to remove such malware:
https://github.com/shieldfy/CryptoPHP-malware-removal/blob/master/cryptophp_removal.php

Info credits for these github contributions go to “netcode” → shieldfy seems left since 2014,
which is quite long in the digital time-frame as we know it,

Maybe some remover here may put this contribution to a good purpose

I just link to it for what it is worth,

Damian aka polonus