Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Is this IP being blocked? BOGONNETS 2 warning
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Is this IP being blocked? BOGONNETS 2 warning (Read 1777 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33891
malware fighter
Is this IP being blocked? BOGONNETS 2 warning
«
on:
January 24, 2014, 11:35:25 PM »
See:
http://domain-kb.com/ipv4/185.12.111.245
Hitting with 01/21 01/21 Virut.AX deny ip host 185.12.111.245 any log
sesligabile dot com,,,Not in namespace,
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33891
malware fighter
Re: Is this IP being blocked? BOGONNETS 2 warning
«
Reply #1 on:
January 24, 2014, 11:48:34 PM »
Also consider this scan:
https://asafaweb.com/Scan?Url=185.12.111.245
Custom error Fail, Excessive Header info, Clickjacking warning.
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33891
malware fighter
Re: Is this IP being blocked? BOGONNETS 2 warning
«
Reply #2 on:
January 25, 2014, 12:14:49 AM »
And also what about this Zeus C$C address: htxp://185.24.233.224/app/compress.php?m=login
3 av to detect:
https://www.virustotal.com/nl/url/0c23cdc3c30293ff0059c2b59fd00bfee73485a8ce2a5868e0c8da9c341609d7/analysis/
185.24.233.224,185.24.233.224,,IPv4 address,ZeuS
Not detected here:
http://urlquery.net/report.php?id=8960293
Zulu Zscaler does a better job:
http://zulu.zscaler.com/submission/show/cc3e00c9a82a51997aeb2ac8392a0d57-1390604522
And here we get an error:
https://zeustracker.abuse.ch/monitor.php?search=http%3A%2F%2F185.24.233.224%2Fapp%2Fcompress.php%3Fm%3Dlogin
Method Not Implemented
GET to /monitor.php not supported.
And here when we finally succeed, we get an unknown status:
https://zeustracker.abuse.ch/monitor.php?search=185.24.233.224
also see:
https://zeustracker.abuse.ch/monitor.php?host=185.24.233.224
See:
https://malwr.com/analysis/NzFhMjY2OGFhZGJlNGRiNDhjMDI0ODdkODM3NjcwOTk/
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Is this IP being blocked? BOGONNETS 2 warning