« previous next »
Pages: [1]   Go Down

Author Topic: [Fixed]AVAST block SITE CyberLocker http://www.idup.in/  (Read 2496 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
[Fixed]AVAST block SITE CyberLocker http://www.idup.in/
« on: March 02, 2015, 11:29:16 PM »
« Last Edit: July 02, 2015, 03:00:39 AM by monarcaV »
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33897
  • malware fighter
Re: AVAST block SITE http://www.idup.in/
« Reply #1 on: March 02, 2015, 11:47:45 PM »
This is the object I tracked:    scheme   host   path   type   query   aid   cid   date   patterns   objects   name   affilition
htxp://xch.directrev.com/js/gb.min.js?s=S0006198   htxp   xch.directrev.com   /js/gb.min.js   ad   s=S0006198   1405   2398   2015-03-02 23:35:42   \.directrev\.com   htxp://xch.directrev.com/js/gb.min.js?s=S0006198   DirectREV   
This link checked: htxps://adrich.cash/
Reverse Entries for MX records issue. WARNING: MX records duplicates (same IP address):
38.113.116.213: [mx1.mail.name.com. mx3.mail.name.com.]
Tries to prove it is above board: http://adrich.cash.webstatsdomain.org/ it might well be, but because it is down it might well be abused on -ns3sxz.name.com . -adrich.cash,50.62.194.71,-ns3sxz.name.com,Parked/expired,

I think the block is legit,

polonus (volunteer website security analyst and website error-hunter)
« Last Edit: March 02, 2015, 11:59:13 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33897
  • malware fighter
Re: AVAST block SITE http://www.idup.in/
« Reply #2 on: March 03, 2015, 12:00:49 AM »
Also consider: http://www.antispam.ru/cgi-bin/1/whois?query=ns3sxz.name.com&targetnic=auto
IP followed by -http://anti-hacker-alliance.com/index.php?details=98.124.246.2

Damian
« Last Edit: March 03, 2015, 12:02:30 AM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

REDACTED

  • Guest
Re: AVAST block SITE CyberLocker http://www.idup.in/
« Reply #3 on: March 03, 2015, 01:37:28 AM »
This CyberLocker is pretty DECENT, barely have ADS, DOES NOT ask to download "download managers" or any .EXE what so EVER, just straight UP DIRECT LINK for file download, with FULL SPEED.

I am worry cuz it is USED by TOP release groups like GANOOL and OTHERS. That's how TORRENT uploaders get the files and MAKE available for everyone ELSE

AVAST team, please HELP the site be available AGAIN for us AVAST fans.

PS: @ polonus
Hello friend, hope you are WELL.
Thanks for drop by, hopefully we'll get this issue straighten out as well with the SITE back ON for AVAST users everywhere.
Logged

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: AVAST block SITE CyberLocker http://www.idup.in/
« Reply #4 on: March 03, 2015, 03:18:58 AM »
Quote
This a CyberLocker of great quality used by several release groups.
Sure... 100.000's of Lemmings can't be wrong as they jump of a cliff ::)
Quote
barely have ADS
So it is addware(!)

http://www.urlvoid.com/scan/idup.in/
http://zulu.zscaler.com/submission/show/ee8b484676d4fad500682a8be275c078-1425348460

Ganool is offering illegal downloads(!)

VT is not scanning websites(!)

It is time you stop visiting malicious websites and do illegal things.

https://www.virustotal.com/pt/url/ed0db0b9f577500012f27838b97c493e424e432e4e5e532db807aed00d3317cf/analysis/1425335247/
That is not a download link, it is a html page.
Logged
Pages: [1]   Go Up
« previous next »