Author Topic: How to qualify this site? Scam or junkware?  (Read 1401 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
How to qualify this site? Scam or junkware?
« on: February 01, 2014, 03:21:17 PM »
Dear forum friends,

Not being flagged here or anywhere as far as I know: htxp://www.datafakegenerator.com/generador.php
Scamvoid does not flag - all green, WOT does not flag.
Site has some strange "contradictio-in-situ" on it as some intelligible users of these forums pointed out to me. Thanks  ;)
Car types that are only known to exist within the borders of the US of A., etc. etc.
Why has this site not been flagged before? Why is not it blocked? Why has it been taken down?
Why does not it run from an offline tool?
Questions, questions, questions for the website analysts among us.
By the way anyone here to comment?

The other legit use could be to generate fake data to be tested within a particular legit website environment, just for testing purposes.
Or is that just to come up with a sort of lame excuse to keep it online?
Abuse could be round the corner?
A really weird site - this wXw.datafakegenerator.com,,,Ghosted,
Host.cabi is a bad hoster that has been seen to host other weird/malicious sites -> https://www.virustotal.com/nl/ip-address/50.62.108.1/information/

Furthermore the site is not exactly secure: http://sitecheck2.sucuri.net/results/www.datafakegenerator.com/generador.php (not website firewalled as one should expect) - also see: http://www.penguinscan.com/index.php scan results (all green)
unsupported google apis -> http://jsunpack.jeek.org/?report=d9f8f70dc9c4d77fbb9fdab61290db5c73364881 - site vulnerable to clickjacking!

polonus

« Last Edit: February 01, 2014, 03:38:37 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37589
  • Not a avast user
Re: How to qualify this site? Scam or junkware?
« Reply #1 on: February 01, 2014, 04:33:35 PM »
IP (50.62.108.1) is on one blacklist  http://www.apews.org/

Quote
CASE: C-131
Unallocated CIDR, no traffic until allocated,
or allocated to bad reputation provider
or allocated but dynamic / generically named IPs,
or bogons, see www.cidr-report.org,
or orphaned IP / CIDR in routing table


Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: How to qualify this site? Scam or junkware?
« Reply #2 on: February 01, 2014, 06:04:42 PM »
With some 2825 other websites on one and the same IP, these are not very encouraging results to put it mildly.
Re: http://sameid.net/ip/50.62.108.1/

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!