Author Topic: What is with domain htxp://garagedoorwrap.com/  (Read 723 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
What is with domain htxp://garagedoorwrap.com/
« on: August 09, 2015, 02:30:28 PM »
Code: [Select]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html> <head> <title>Index of /</title> </head> <body> <h1>Index of /</h1> <pre> <a href="?C=N;O=D">Name</a> <a href="?C=M;O=A">Last modified</a> <a href="?C=S;O=A">Size</a> <a href="?C=D;O=A">Description</a><hr> <a href="favicon.gif">favicon.gif</a> 08-Jun-2009 14:49 0  <a href="favicon.ico">favicon.ico</a> 08-Jun-2009 14:49 0  <a href="robots.txt">robots.txt</a> 08-Jun-2009 14:49 0  <hr></pre> </body></html>
See: https://urlquery.net/report.php?id=1439120884929
On there
Quote
Index of /

      Name                    Last modified      Size  Description
      favicon.gif               08-Jun-2009 14:49      0   
      favicon.ico              08-Jun-2009 14:49       0   
      robots.txt              08-Jun-2009 14:49       0   
Re: http://toolbar.netcraft.com/site_report?url=http://garagedoorwrap.com
Re: http://www.dnsinspect.com/garagedoorwrap.com/1439120757  no private IPs found.

Re: http://whois.domaintools.com/garagedoorwrap.com
Hostname:    apache2-argon.laphroaig.dreamhost.com
Site not found · DreamHost
Service Info: Host: laphroaig.dreamhost.com; OS: Linux; CPE: cpe:/o:linux:linux_kernel

91 domains hosted on 1 and same IP. Earlier hack of domain on that IP: http://www.zone-h.org/mirror/id/24490393?zh=1
and here: http://dark-mirror.org/450.html & http://www.zone-h.org/mirror/id/24490366
See: http://wsowner.com/ip/69.163.129.111
Now website is here: http://www.americandoor.com/  but again with Outdated server software:
HTTP Server: Apache HTTP Server 2.2.29
mod_perl Version: 2.0.8
Operating System: Unix
Perl Version: 5.10.1 (Outdated)
OpenSSL Version: 1.0.1e-fips
Control Panel: cPanel
Extended Server Header Info Proliferation: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.8 Perl/v5.10.1
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.americandoor.com%2F
uMatrix has prevented the following page from loading:
-http://srv2.wa.marketingsolutions.yahoo.com/ this is a scriptservlet
Link that goes here could have been blocked on demand by many users: -https://get.adobe.com/shockwave/ risky!
-/download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0   1
one lands there via -fpdownload2.macromedia.com

Issue: /support.cms-guide.com/entries/20692293-zend-optimizer-is-not-installed   1
EXTRAL -http://support.cms-guide.com/entries/20694667-please-verify-your-server-configuration-make-sure-that-extension-is-enabled   1
EXTRA LINK -mailto:support@cms-guide.com   3

EXTRA LINK -http://www.zend.com/products/zend_guard (targeting solution)
Vuln.: Results from scanning URL: htxp://static.zend.com/cmsdata/static-assets/js/bootstrap.min.js
Number of sources found: 290
Number of sinks found: 14
&
Results from scanning URL:-//app-ab03.marketo.com/js/forms2/js/forms2.min.js
Number of sources found: 25
Number of sinks found: 9  -> uMatrix has prevented the following page from loading:
htxp://app-ab03.marketo.com/  enabling reps iHance Tracking! via Python pv.aspx? CID

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!