« previous next »
Pages: [1]   Go Down

Author Topic: PUP detections here? Terraclicks flagged?  (Read 1858 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33902
  • malware fighter
PUP detections here? Terraclicks flagged?
« on: March 23, 2019, 12:11:32 AM »
See: https://www.virustotal.com/pl/file/34c0719de0c2a33e3a6f8bc3c2c401ac3238334b4b22a2789e6c1841b41f3d22/analysis/1553294416/
where detected: https://urlhaus.abuse.ch/url/164361/
See redirects to malware spreading campaign address:
https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=MTM0LjI0OS4xMTYuNzhgW24je3gucGhw~enc
Hostinger International Limited abuse.
Passed as OK: -http://sd5doozry8.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d

Reputation Check
PASSED
Google Safe Browse: OK
Spamhaus Check: OK
Compromised Hosts: OK
Dshield Blocklist: OK
Shadowserver C&C: OK
Web Server:
nginx/1.15.1
X-Powered-By:
None
IP Address:
198.134.112.241
Hosting Provider:
Webair Internet Development Company Inc. 
Shared Hosting:
2295 sites found on 198.134.112.241

Externally linked host: -terraclicks.com   Webair Internet Development Company Inc.   United-States
Content after the < /html> tag should be considered suspicious. Fake netbot activity.
Redacted organisation info "for privacy". Re: https://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fterraclicks.com%2F
= PUP.Optional.TerraClicks.ShrtCln. (monitors you as a tricky adware).

polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »