« previous next »
Pages: [1]   Go Down

Author Topic: Is this PHISH flagged?  (Read 972 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33897
  • malware fighter
Is this PHISH flagged?
« on: March 20, 2017, 07:12:23 PM »
See: https://urlscan.io/result/a24aa861-32bd-4557-9eae-af8de77ee865/#summary
and http://urlquery.net/report.php?id=1490032329408
See: https://www.abuseipdb.com/check/41.218.189.97
Site Advisor reports This link might be dangerous. We tested it and found security risks. Beware.
link: -http://ban.go2cloud.org/aff_c?offer_id=277&aff_id=7473
See: https://urlscan.io/result/6d4ebe35-a26d-487a-ac89-443481cc00c6#summary
Redirects traffic path: whois:-http://ban.go2cloud.org/aff_c?offer_id=277&aff_id=7473 and then going onto:
whois:-http://profitmaximizer.co/de/?ot=*snip*&token=*snip*&clickid=*snip*&aff=ud&ct=*snip*
Also consider: https://webcookies.org/cookies/profitmaximizer.co/3142421
Re: -http://profitmaximizer.co/de
Detected libraries:
jquery - 1.11.3 : (active1) http://code.jquery.com/jquery-1.11.3.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
1 vulnerable library detected
And then consider this: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fprofitmaximizer.co%2Fde%2Fjs%2Fscripts.js%3F2
Is this all just junk for their docs?  InnerHTML and innerdata ???
Read this discussion from the pro's at StackOverflow's:
http://stackoverflow.com/questions/8318581/html-vs-innerhtml-jquery-javascript-xss-attacks

polonus
« Last Edit: March 20, 2017, 07:32:40 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »