Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Website with spammy links and hidden iFrames......
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Website with spammy links and hidden iFrames...... (Read 2462 times)
0 Members and 2 Guests are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34062
malware fighter
Website with spammy links and hidden iFrames......
«
on:
August 16, 2016, 07:17:03 PM »
See:
http://killmalware.com/towne3.com/
Spammy looking link? Any links with funky anchor text? Yes there are.
<a href="mailto:info@towne3 dot com">info@towne3 dot com</a>
Any iframes? Yes there is one.
<iframe src="-https://gem.godaddy.com/signups/194250/iframe" scrolling="no" frameborder="0" height="186" style="max-width: 400px; width: 100%;"></iframe>
Vuln. jQuery library detected:
http://retire.insecurity.today/#!/scan/b4f7037b55860d43651b8c379274024eb6f621402a8680e979e98a5888e940ce
Blocked is external link to: -https://bam.nr-data.net/ etc.
Phishing link:
https://www.virustotal.com/en-gb/domain/js-agent.newrelic.com/information/
GoDaddy abuse:
http://toolbar.netcraft.com/site_report?url=http://towne3.com
Bad web rep for hosting reverse DNS:
https://www.mywot.com/en/scorecard/p3nlhg634c1634.shr.prod.phx3.secureserver.net?utm_source=addon&utm_content=rw-viewsc
- server suspicious, may contain malware
polonus (volunteer website security anlyst and website error-hunbter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Lotan
Sr. Member
Posts: 289
Re: Website with spammy links and hidden iFrames......
«
Reply #1 on:
August 17, 2016, 04:25:01 PM »
ive been seeing that newrelic and bam.nr-data.net pop up on tumblr every now and again
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 34062
malware fighter
Re: Website with spammy links and hidden iFrames......
«
Reply #2 on:
August 18, 2016, 07:30:43 PM »
Hi Lotan,
The external link was flagged by avira, but is now given as probably harmless.
Also get: Unable to properly scan your site. Site returning error (40x): HTTP/1.1 400 Bad Request
->
http://toolbar.netcraft.com/site_report?url=http://162.247.242.19
It is/was for New Relic Browser monitoring for RUM injections for their Browser monitoring 2.4k product.
How security is handled.
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Lotan
Sr. Member
Posts: 289
Re: Website with spammy links and hidden iFrames......
«
Reply #3 on:
August 18, 2016, 09:22:06 PM »
good to know newrelic is safe but i will keep it blocked by privacy badger unless theres a need to unblock it
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 34062
malware fighter
Re: Website with spammy links and hidden iFrames......
«
Reply #4 on:
August 19, 2016, 12:04:07 PM »
Hi Lotan,
Agree, but when we reckon with insecurity we'd better block half of the Interwebs, and we rather do not, just right out malcode!
In this case there is some reason for doubt, so better take no risks. Curiosity killed the poor proverbial animal.
According to these WOT reports being cautious to block it seems a wise decision:
https://www.mywot.com/en/scorecard/bam.nr-data.net?utm_source=addon&utm_content=contextmenu
polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Website with spammy links and hidden iFrames......