Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Ransomeware IP address and sedo parked malware....
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Ransomeware IP address and sedo parked malware.... (Read 1860 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33895
malware fighter
Ransomeware IP address and sedo parked malware....
«
on:
May 20, 2017, 10:26:08 PM »
See:
http://urlquery.net/report.php?id=1495308994259
and on IP:
https://ransomwaretracker.abuse.ch/ip/70.32.1.32/
PHISH...related is Results from scanning URL: -http://www.google.com/adsense/domains/caf.js
Number of sources found: 115
Number of sinks found: 157
hxtp://www.google.com/adsense
Detected libraries:
angularjs - 1.5.9 : (active1) -https://ajax.googleapis.com/ajax/libs/angularjs/1.5.9/angular.min.js
Info: Severity: medium
https://github.com/mozilla/addons-linter/issues/1000#issuecomment-282083435
http://pastebin.com/raw/kGrdaypP
Info: Severity: medium
https://github.com/angular/angular.js/blob/master/CHANGELOG.md
(active) - the library was also found to be active by running code
1 vulnerable library detected ->
http://www.domxssscanner.com/scan?url=https%3A%2F%2Fajax.googleapis.com%2Fajax%2Flibs%2Fangularjs%2F1.5.9%2Fangular.min.js
(vulnerable to injection exploits and stealing of session tokens).
polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33895
malware fighter
Re: Ransomeware IP address and sedo parked malware....
«
Reply #1 on:
December 11, 2018, 12:12:05 PM »
Update - recent example -
https://urlquery.net/report/9b5b5eb1-bfbe-444f-8dcc-dbb5c51ecba5
Re:
https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=cHx9a1tuZ159e3cubnt0YHxzc3t0c2BzXn1bcHRzYGpzMy5qcw%3D%3D~enc
Re:
https://www.virustotal.com/#/url/c16f2301b6b606f60fb5b037c9301d66d0451a99fe6c88ec19591989a4025a75/detection
Consider:
https://www.virustotal.com/#/file/a606134e35db97024d04789609660c94f87f660dc259d91db5180e32787d4dad/details
XSS - 15 sources and 20 sinks inside -http://parkingcrew.net/assets/scripts/js3.js
Re:
https://www.virustotal.com/#/domain/parkingcrew.net
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Ransomeware IP address and sedo parked malware....