Author Topic: Insecurity on jino dot ru parked domain  (Read 730 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Insecurity on jino dot ru parked domain
« on: April 22, 2019, 12:02:34 AM »
See: https://urlquery.net/report/b9d87b94-cdac-400d-8491-63d45536ffd0
See vulnerability of server with OpenSSH service: https://www.shodan.io/host/81.177.140.54

This is why parked domains could mean ongoing threats.
Original domain wont resolve: a problem with the SSL that prevented the page from being retrieved!
|_http-server-header: nginx
|_http-title: 400 The plain HTTP request was sent to HTTPS port...

Cannot even scan it at Netcraft's, returning an error.
Has been reported earlier to-day by -ns02.rtcomm.ru
Quarantined - error and warning: https://mxtoolbox.com/SuperTool.aspx?action=mx%3aRTComm.RU&run=toolpage

Insecurity of page connection: This website is insecure.
0% of the trackers on this site could be protecting you from NSA snooping.

 All trackers
At least 2 third parties know you are on this webpage.

 -parking-static.jino.ru
-81.177.140.54 81.177.140.54
Legend

 Tracker could be tracking safely if this site was secure.

 Tracker does not support secure transmission.

On Client Unknown 0.0 DOES NOT SUPPORT JAVASCRIPT   
User Agent
Amazon CloudFront

What insecurity-> https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=cHx9a1tuZy1zdHx0W14ualtuXS59dQ%3D%3D~enc   (see suspicious script)
See: https://www.shodan.io/host/195.161.41.160  (also consider all vulnerabilities listed there!).

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

« Last Edit: April 22, 2019, 12:18:11 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!