Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Known infection source not blocked! Also spam domain!
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Known infection source not blocked! Also spam domain! (Read 1811 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Known infection source not blocked! Also spam domain!
«
on:
December 06, 2013, 06:42:46 PM »
See:
https://www.virustotal.com/nl/url/e1aa88b8bb9ae4e684b78eb0068f3d3c95d6c82e473a1b843b73472c04711d1c/analysis/1386341685/
IDS alerts:
http://urlquery.net/report.php?id=8203974
blocked by WOT web rep and listed here:
http://investexpo.ru/
is in Dr.Web malicious sites list!
Malware from site now seems dead:
http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=82.98.86.172
Is this part of Mitglieder hell? ->
https://isc.sans.edu/forums/diary/Mitglieder+hell/722
link article author = William Salusky
Bitdefender alerts this parked domain, WOT frowns on it:
https://www.mywot.com/en/scorecard/investexpo.ru?utm_source=addon&utm_content=popup-donuts
IP leads to
http://sedoparking.com/?path=home
Known as a bad webhost:
http://www.projecthoneypot.org/ip_82.98.86.172
history: installs.in ns1.sedoparking dot com => 91.195.240.162
ns2.sedoparking dot com => 217.160.208.235
(AS12306) PLUSLINE
82.98.86.172 Trojan Zbot drop zone 2010-06-29
gradon dot info ns1.dnsexit dot com => 69.57.160.118
ns2.dnsexit dot com => 64.182.102.188
(AS12306) PLUSLINE
82.98.86.172 Trojan TDSS / Rogue Antivirus downloader 2010-04-26
Known spam source:
http://knujon.com/ips/82.98.86.172.html
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Known infection source not blocked! Also spam domain!