Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Blacklisted website and for a reason!
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Blacklisted website and for a reason! (Read 1239 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33905
malware fighter
Blacklisted website and for a reason!
«
on:
May 05, 2015, 06:50:57 PM »
See 12 alerts from Fortinet's Webfilter:
http://urlquery.net/report.php?id=1430843577133
Google safe browse check
WARNING
Google finds the site to be potentially dangerous:
http://killmalware.com/autofocusstudios.com/
See:
http://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fautofocusstudios.com&hl=en
See:
https://www.virustotal.com/nl/url/3b9bd12faf304822303ddb51bb2c4c4fab4b69a5d75a688ffefdad26f2623e0a/analysis/1430843887/
IP badness history:
https://www.virustotal.com/nl/ip-address/108.60.19.145/information/
Also listed as a PHISH site: 108.60.19.145 ->
http://permalink.gmane.org/gmane.comp.security.phishings/53252
WordPress pug-ins on site:
-mailchimp-for-wp
-jetpack
-download-manager
-All in One SEO Pack * All in One SEO Pack version: 2.2.6.2
* Read:
https://wordpress.org/support/topic/warning-from-host-for-a-resent-hack
Theme : photolux
Version 2.3.1 – 23 April 2015:
- Fixed: Security fix: escaped the URLs every time the add_query_arg() function is used to fix the recently found XSS vulnerability of the add_query_arg() function
- Fixed: editor buttons lightbox dialog – media window displayed behind the dialog on Chrome
- Fixed: the navigation button display of the Simple Google Map widget
Stay up to date:
http://www.wordpressexploit.com/
Included javascripts:
-http://autofocusstudios.com/wp-includes/js/jquery/jquery.js
-http://autofocusstudios.com/wp-includes/js/jquery/jquery-migrate.min.js
-http://autofocusstudios.com/wp-content/themes/photolux/js/main.js
-http://autofocusstudios.com/wp-content/themes/photolux/js/cufon-yui.js
-http://autofocusstudios.com/wp-content/themes/photolux/js/fonts/charis_sil.js
-http://autofocusstudios.com/wp-content/themes/photolux/js/grid-gallery.js
-http://autofocusstudios.com/wp-content/plugins/download-manager/bootstrap/js/bootstrap.min.js
-http://autofocusstudios.com/wp-content/plugins/download-manager/js/front.js
-http://autofocusstudios.com/wp-content/plugins/download-manager/js/chosen.jquery.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/ui/core.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/ui/widget.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/ui/mouse.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/ui/draggable.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/jquery.form.min.js
-http://s0.wp.com/wp-content/js/devicepx-jetpack.js
-http://s.gravatar.com/js/gprofiles.js
-http://autofocusstudios.com/wp-content/plugins/jetpack/modules/wpgroho.js
-http://autofocusstudios.com/wp-includes/js/comment-reply.min.js
-http://stats.wp.com/e-201519.js
-gtranslate
Site malicious:
http://zulu.zscaler.com/submission/show/86fbd6c12be04e473f987cd7a726f88a-1430843740
See atatched tracker tracker report - do not open links inside a browser - info provided for security research purposes only.
polonus (volunteer website security analyst and website error-hunter)
«
Last Edit: May 05, 2015, 07:00:21 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Blacklisted website and for a reason!