« previous next »
Pages: [1]   Go Down

Author Topic: Has this now suspended site being sinkholed?  (Read 1317 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33903
  • malware fighter
Has this now suspended site being sinkholed?
« on: July 12, 2018, 10:25:04 PM »
Alerted by IDS Suricata /w Emerging Threats Pro as
Quote
ET TROJAN Possible Compromised Host Sinkhole Cookie Value Snkz

The reverse DNS address main domain resolved here: hxtps://www.dominios.pt/
See: https://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fhoarafushionline.net%2Fcgi-sys%2Fsuspendedpage.cgi

Re: https://urlquery.net/report/ec68eb89-172a-439c-aa28-5a0a6750110d

Consider: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=hoarafushionline.net&ref_sel=GSP2&ua_sel=ff&fs=1

and https://www.virustotal.com/#/domain/hoarafushionline.net   community score -29

Sources and sinks -> http://www.domxssscanner.com/scan?url=https%3A%2F%2Fwww.dominios.pt%2F
F-grade security status -> https://www.htbridge.com/websec/?id=z2J805bZ

Third party content (such as images, JavaScript, or CSS) is loaded from external resources. Despite that for some web applications it can significantly improve loading time, it may also put website visitor's privacy at risk, as information about website visitors become accessible to these third-party content providers. ​Moreover, third-party content delivered via the HTTP channel and not HTTPS may expose your privacy.
-fonts.googleapis.com
A
-https://fonts.googleapis.com/cssfamily=Roboto:400,100,100italic,300,300italic,500,700,800
-maxcdn.bootstrapcdn.com
A+
-https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
A+
-https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css
A+
-https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js
A+
-https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2v=4.3.0
A+
-https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woffv=4.3.0
A+
-https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.ttfv=4.3.0
-ajax.googleapis.com
A
-https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.j

Quote
A non-intrusive CMS fingerprinting technology thoroughly crawls some parts of the CMS to fingerprint its version in the most accurate manner.

polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »