Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on April 17, 2018, 05:16:29 PM

Title: Phising site and BitDefender TrafficLight flags malware..
Post by: polonus on April 17, 2018, 05:16:29 PM

Modified "var _gaq = _gaq" remarketing pushing...

Server blocks a #?-s, but here it works: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fdocumentsign.cf%2F%23%3F-s (X-Powered-By: PHP/7.1.16);
See: https://www.virustotal.com/#/url/d2c568daf281df469bd2396c5ebd39bfff648a8383c56f5b83251ab900e105a8/detection
See: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=britprecisiongroup.com%2Fsigner%2Fdocusign%2Fdocusign%2Fdoc%2Fsign%2Fdocument%2Ffile%2Fauthenticate%2Faccess&ref_sel=GSP2&ua_sel=ff&fs=1
and 2 vulnerable jQuery libraries detected: https://retire.insecurity.today/#!/scan/7057b7b176a0d1a0db744c763cc7af6c7b9206b8f8ee296993d7fbab232f9adb
Flagged: https://urlquery.net/report/35fe24fa-c8e4-45ac-84bb-e35b657993c4

polonus (volunteer website security analyst and website error-hunter)