Consider DOM-XSS flaws: Results from scanning URL: -https://ksbshipyard.co.id/js/all.js
Number of sources found: 41
Number of sinks found: 17
&
Number of sources found: 48
Number of sinks found: 16
This is exactly where avast blacklist URL detection reacts according to my websniffer extension - 3731 main_frame 23:27:54(285ms) net::ERR_CONNECTION_RESET GET -ksbshipyard.co.id That’s it, folks, this is all there is
Wait for an avast team member to give a final verdict,
as we here are just volunteers witrh relative knowledge,
but only avast team members can come and unblock.
Thank you very much for the feedback. Appreciate it lots.
I have tried to delete all these virus files inside the hosting based on the feedback you gave. But still couldn’t accessed the ksbshipyard.co.id. I guess the domain is already getting blocked by Avast Team. I am really looking forward for their replies so much!
And that is all you can do, just wait for the final verdict of an avast team member,
as they are the only ones to come and unblock,
while we here are voluntuurs with releative knowledge,
just to advise you on glitches, flaws and give advice towards improved website security
and maintanance,
We have the weekend behind us now, so avast team members may act. Up to them.
Still see this retirable code:
jquery 1.10.2.min Found in -https://ksbshipyard.co.id/js/fancybox/jquery-1.10.2.min.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution
Quite some implementations missing found through the Page, Header & Cookie Security Analyser - RECX.
Website is insecure by default
100% of the trackers on this site could be protecting you from NSA snooping. Tell -ksbshipyard.co.id to fix it.
Identifiers | All Trackers
Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.