In case of the following malware-(emotet)spreading Word Press website, which is being blacklisted,
even access to directory listing is prohibited by the Sucuri WebSite Firewall.
See reported website:
https://urlhaus.abuse.ch/url/734220/SERVER DETAILS
Web Server:
LiteSpeed
IP Address:
45.252.248.20
Hosting Provider:
AZDIGI-AS-VN AZDIGI Corporation, VN
Shared Hosting:
500 sites found (use Reverse IP to download list)
Title:
Index of /wp-includes/
No configuration setting issues, but
directory listing enabled.path = /wp-includes/Overview/ct5u1XXXXXhbd/">ct5uXXXXXwhbd</a> 22-Oct-2020 10:55 - which is kicking up that malware -> and Spamhouse and Trustwave detect:
https://www.virustotal.com/gui/url/be6ee9e4ecdf9e8d6f0daea6fa70f4c5493e6d40a0f83a63ad9de0fc4902a0fc/detection10 detected files with this IP address:
https://www.virustotal.com/gui/ip-address/45.252.248.20/relationsSee all the vulnerabilities on that hoster of IP:
https://www.shodan.io/host/45.252.248.20Malware link also opens up to URL: -https://i5cdnimg-a.akamaihd.net/__media__/js/min.js?v2.2
Medianet Advertising.
avascript 6 (external 0, inline 6)
INLINE: // Catch errors if signal is already set by user agent or other extensi...
402 bytes
INLINE: // Catch errors if signal is already set by user agent or other extensi...
402 bytes
INLINE: try { Object.defineProperty(screen, "availTop", { value:
4,253 bytes
INLINE: (function() { let alreadyInsertedMetaTag = false function __insertDappDete...
1,238 bytes
INLINE: /* * This entire block is wrapped in an IIFE to prevent polluting the scope of
38,144 bytes
INLINE: try { Object.defineProperty(screen, "availTop", { value:
4,253 bytes
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)