Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on December 17, 2018, 02:45:25 PM

Title: 7 flag, so a sure PHISH...
Post by: polonus on December 17, 2018, 02:45:25 PM
Re: https://urlquery.net/report/88404b03-faa5-4df4-9edc-782b9bae69b6
Re: https://urlscan.io/result/c50023a0-91c1-4b1c-bfe2-4ae91711f42c
Re: https://sitecheck.sucuri.net/results/https/uni1.jango-online.de
Re: https://toolbar.netcraft.com/site_report?url=https%3A%2F%2Funi1.jango-online.de%2F+
Re: https://www.virustotal.com/#/url/7f1b1823124d91940934745279590853698e504e9b9267ce3f81d314e2a4d8bd/detection
Re: https://www.virustotal.com/#/domain/uni1.jango-online.de
Re: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=aHVuWzEuanxuZ10tXW5sW257LiN7YA%3D%3D~enc
F-grade security: https://observatory.mozilla.org/analyze/uni1.jango-online.de

polonus (volunteer website security analyst and website error-hunter)
Title: Re: 7 flag, so a sure PHISH...
Post by: polonus on December 17, 2018, 06:21:47 PM
Another one flagged: https://urlscan.io/result/3d59da26-8148-442e-8eed-4153932b8615/dom/
Re: https://toolbar.netcraft.com/site_report?url=planting.in.net
1 to flag: https://www.virustotal.com/#/url/3ac1b6a235d534d85f1e067a2b0f921ad4b12d0ca5fa7605f9c576be9ac74333/detection
Not alerted: https://urlquery.net/report/bdd26f8b-9ebe-4b73-a886-fd8f01735b7d
In this uri detected two sources and two sinks: -http://planting.in.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Flagged by Google Safebrowsing: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=cGx8bnRbbmcuW24ubnt0YF4jbi1eZ1tgc159W3B0c2A1XjUjIzcyOGBebF11I2ZsfH17LXN0fHRbXmB7bXxbbC0je15dI3subVtuLmpz~enc   and confirmed here: https://checkphish.ai/ip/104.31.87.17

polonus (volunteer website security analyst and website error-hunter)