Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on July 05, 2020, 06:37:28 PM

Title: Access to site limited by owner because of location?
Post by: polonus on July 05, 2020, 06:37:28 PM

Word fence: Access from your area has been temporarily limited for security reasons.
for: -https://assistancedogregistry.com/
Vulnerability on page: mod_perl, headers - 2.0.4
10
CVE-2011-2767
mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.
More vulnerabilities on IP hoster: https://www.shodan.io/host/104.130.172.90

Also consider: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=fHNzW3N0fG5eeyNdZ317Z1tzdH15Ll5dbWA%3D~enc

Script links found OK:

Quote

   JS Link   Hosting / Company Netblock   Country
  -https://assistancedogregistry.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp   RACKSPACE   
  -https://assistancedogregistry.com/wp-content/themes/ada_2018/js/functions.js?ver=1.0.15   RACKSPACE   
  -https://assistancedogregistry.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.2.2   RACKSPACE   
  -https://assistancedogregistry.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4   RACKSPACE   
  -https://assistancedogregistry.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.18   RACKSPACE   
  -https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js   CLOUDFLARENET   
  -https://assistancedogregistry.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1   RACKSPACE   
  -https://assistancedogregistry.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ve…   RACKSPACE   
  -https://www.googletagmanager.com/gtag/js?id=UA-130775270-1   GOOGLE   
  -https://www.googletagmanager.com/gtag/js?id=AW-970015685   GOOGLE   
  -https://assistancedogregistry.com/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.4.18   RACKSPACE   
  -https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js   HIGHWINDS3   
  -https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js   CLOUDFLARENET   
  -https://assistancedogregistry.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.18   RACKSPACE   
  -https://assistancedogregistry.com/wp-content/plugins/woocommerce-variation-swatches-and-photos/assets/js/swatches-…   RACKSPACE   
  -https://assistancedogregistry.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.2.2   RACKSPACE   
  -https://assistancedogregistry.com/wp-includes/js/wp-embed.min.js?ver=5.4.2https://assistancedogregistry.com/wp-includes/js/wp-embed.min.js?ver=5.4.2   RACKSPACE   

polonus