Author Topic: Sedo-parked website with adblockkey and with graphical image malcode *  (Read 929 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
See DOM-XSS scan results with results from scanning URL: -http://capitalonellc.com/
Number of sources found: 1
Number of sinks found: 4 
img.sedoparking.com  adblockkey=
js
str_repeat  (-capitalonellc.com/search/redirect.php?)
Re: https://www.virustotal.com/gui/url/66e4f2730988abfbbb2755a924b95e5767000e124aa732462d15cbe76fe91357/details
and detection *: https://www.virustotal.com/gui/ip-address/205.234.175.175/relations

Worked in the code through
Quote
capitalonellc dot com/' + 's' + 'earch/tsc.php?200=Mjg1OTU3MTI3&21=MzUuMTg3LjEzMi4xNDI=&681=MTU5NDYXXXXXXXXXXzdlMWQwZDU0YTg3NThhOTJlMjk1ZTUwMDY4YWQz&crc=448c512c9f4fa1XXXXXXXXXX4f4ea5dd8a3ed7a25&cv=1',success:jsLocRed})

Somehow end-users should be aware whenever they stumble onto vulnerable sedo-parked websites.
Who is going to alert them to websites that have expired
and still earn money via sedo-parking even beyond their real lifespan for the owner of the site?
It all seems a bit like a "sink-holing for profits" scheme actually.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: July 13, 2020, 03:29:36 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!