« previous next »
Pages: [1]   Go Down

Author Topic: Redirect to a PHISHing attempt?  (Read 1013 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33905
  • malware fighter
Redirect to a PHISHing attempt?
« on: July 17, 2016, 01:44:45 AM »
Blocked by Bitdefender TrafficLight as just this threeat.
Seems to have been mitigated here: http://killmalware.com/tegendierenleed.nl/#
hosting site has warning for plain txt log-in.
8 vulnerable libraries detected: http://retire.insecurity.today/#!/scan/b4f4ab71df4688a10be1ca314d6cc85b06025d3fad45a2a9f8761b26537d9e25
Code analysis: https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Ftegendierenleed.nl&ref_sel=GSP2&ua_sel=ff&fs=1
-http://www.moerstaal.
Detected libraries:
Loading the site failed...in second instance 18 vulnerable libraries detected: http://retire.insecurity.today/#!/scan/927ba57d73c9ad82dea0ca2e0138e38d7cfd02dc4fdcf16f493eeac45597d099
Stylesheets 1 issues
Tag   Result
<link type="text/css" rel="stylesheet" href="http://yui.yahooapis.com/3.2.0/build/cssreset/reset-min.css">    Missing SRI hash
CSS file is hardcoded. Re: https://www.eff.org/https-everywhere/atlas/domains/yahooapis.com.html

Certificate is not installed correctly
yui.yahooapis.com
You have 1 error
Wrong certificate installed.
The domain name does not match the certificate common name or SAN.
Info
BEAST
The BEAST attack is not mitigated on this server.
Certificate information
This server uses an Organizationally Validated (OV) certificate. Information about the site owner has been validated by Symantec Corporation to help secure personal and financial information.
Common name:
 *.yimg.com
SAN:
 *.yimg.com, *.ec.yimg.com, *.staticflickr.com, *.static.flickr.com, cdn.flurry.com, yui-s.yahooapis.com, cdn.yahooapis.com
Valid from:
 2015-Aug-28 00:00:00 GMT
Valid to:
 2017-Aug-27 23:59:59 GMT
Certificate status:
 Valid
Revocation check method:
 OCSP
Organization:
 Yahoo Inc.
Organizational unit:
 
City/locality:
 Sunnyvale
State/province:
 California
Country:
 US
Certificate Transparency:
 Not embedded in certificate
Serial number:
 6db834f71cecbf0e725d0bba7b7406af
Algorithm type:
 SHA256withRSA
Key size:
 2048
Certificate chainShow details
Symantec Class 3 Secure Server CA - G4Intermediate certificate
*.yimg.comTested certificate


polonus (volunteer website security analyst and website error hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »