Avast WEBforum
Other => Viruses and worms => Topic started by: polonus on January 12, 2019, 11:11:04 PM
-
See blacklisted for that reason: https://urlquery.net/report/1c5d4ff4-3f4c-4897-b45e-453e73fdf138
What is bootstrap.js doing here? -> https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=bXtudF19Zn17W2dodC5eXS56fGA%3D~enc
263 hints for improvement of that site: https://webhint.io/scanner/82d5060c-bb8f-41bd-abae-bd98a864a297
Main threats reported here: https://webscan.upguard.com/#/http://mentorfreight.co.za
Vulnerable with bootstrap v.3.3.4 - Scan results of URL: htxp://localtimes.info/world_clock2.html?&cp1_Hex=000000&cp2_Hex=FFFFFF&cp3_Hex=000000&fwdt=110&ham=0&hbg=1&hfg=0&sid=0&mon=0&wek=0&wkf=0&sep=0&widget_number=11000&lcid=UKXX0085,CHXX0008,FRXX0076,USCA0638,USNY0996,INXX0087,ASXX0112
Number of sources found: 46 ; number of sinks found: 33 Just like we assumed,
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
-
On the XSS in data-target attribute for bootstrap.js:
Bootstrap.js is vulnerable here because of return $(target)
in the code.
Read: https://github.com/twbs/bootstrap/issues/20184
See: https://retire.insecurity.today/#!/scan/9727271311f3e7c1d9a71eac683bb7705dd1518e842ced17c5001162e16d6db0
Bootstrap v3.3.4 is no longer developed or supported. All work has moved onto next major release, v4. (info credits go to mdo&team)
polonus (volunteer website security analyst and website error-hunter)
-
Another PHISH according to some confirming scan sites:
https://urlquery.net/report/5eee54e7-badd-4899-93bb-5a79d44b3f06
and via phishcheck {"sid": 167824, "is_success": true}
On AS: https://radar.qrator.net/as31624
and https://www.malwareurl.com/ns_listing.php?as=AS31624
and https://checkphish.ai/asn/AS31624
on IP: https://otx.alienvault.com/indicator/ip/195.20.47.121
polonus