Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on February 04, 2019, 04:50:16 PM

Title: Malware detected on Word Press content website...
Post by: polonus on February 04, 2019, 04:50:16 PM

Re: https://urlhaus.abuse.ch/url/116879/
and

Quote

Reputation Check
PASSED
Google Safe Browse: OK
Spamhaus Check: OK
Compromised Hosts: OK
Dshield Blocklist: OK
Shadowserver C&C: OK
Web Server:
None
X-Powered-By:
None
IP Address:
65.39.193.60
Hosting Provider:
Cogeco Peer 1 
Shared Hosting:
2616 sites found on 65.39.193.60

User Enumeration disabled, directory listing disabled - OK.

Detection see: https://www.virustotal.com/#/url/403f8ca39d6469256f08ffb6a64583e9574789274b6ad63cc38b37d0b496b011/detection
and https://www.virustotal.com/#/file/1096af47e1405b8a4e103ecb344e774b85df0a40bddf25e60603e2dddd2893b2/detection
and https://www.virustotal.com/#/file/1096af47e1405b8a4e103ecb344e774b85df0a40bddf25e60603e2dddd2893b2/detection

Potential problems: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3Lm1te2ZddW4jfHRbXW4uXX1n~enc

Re: Results from scanning URL: -http://mmefoundation.org/wp-includes/js/jquery/jquery-migrate.min.js
Number of sources found: 41 ; number of sinks found: 17

101 hints towards best policies: https://webhint.io/scanner/818b0c0d-d187-491b-b57f-490491d3857b
'jQuery@1.12.4' has 1 known vulnerability (1 medium). See 'https://snyk.io/vuln/npm:jquery' for more information
and https://retire.insecurity.today/#!/scan/7fef606d45cd40a5d78d315caca366b0f5ec8523e8fab6275a025483f1fa0f60

polonus (volunteer website security analyst and website error-hunter)