This one NOT detected by avast? Website is sleeping.
Website owners can wake website from sleep in members area
000webhost
Wake website from sleep ->
https://urlquery.net/report/d00c449e-a515-410c-9dee-998b00f5fcf9Re: vuln. to MiM attack:
https://app.upguard.com/#/http://dolphinsolutionnal.000webhostapp.com/notificationn.php?email=kmiller@fleckens.hu PHISHING
On IP ->
https://www.virustotal.com/#/ip-address/145.14.145.158 see:
https://www.shodan.io/host/145.14.145.158Netcraft risk 7 red out of 10:
https://toolbar.netcraft.com/site_report?url=http://dolphinsolutionnal.000webhostapp.com/notificationn.php?email=kmiller@fleckens.huI get:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-api.opmnstr.com/v1/optin/13439/673828:1 Failed to load resource: the server responded with a status of 410 ()
-api.min.js:2 [OptinMonster] The campaign could not be retrieved. The following error was returned: A campaign with the ID 673828 does not exist.
Pt.error @ -api.min.js:2
(index):1 Failed to load resource: the server responded with a status of 403 (Forbidden)
Hostinger abuse -https://www.000webhost.com/cpanel-login?utm_source=000&utm_medium=website-sleeping&utm_campaign=pages
There: Retire.js
jquery 3.3.1.min Found in -https://code.jquery.com/jquery-3.3.1.min.js
Vulnerability info:
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
jquery 3.3.1.min Found in -https://code.jquery.com/jquery-3.3.1.min.js
Vulnerability info:
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
Suricata IDS alert " ET INFO Observed Free Hosting Domain (*.000webhostapp .com in DNS Lookup) "
Exploitable plug-in:
https://www.pluginvulnerabilities.com/tag/optinmonster/Re:
https://www.hybrid-analysis.com/sample/1ef7cdc06a770692a679999fa02ede2d39f3036fb4fbf75196b18ceb4d4caede?environmentId=100Also consider for awex web server:
https://www.openbugbounty.org/reports/154459/ shellshock vuln?
polonus