Author Topic: Redirect shown to be suspicious by Virus Total. Is it?  (Read 1662 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Redirect shown to be suspicious by Virus Total. Is it?
« on: January 23, 2021, 02:39:18 PM »
Re: https://urlscan.io/result/10589aed-3513-4ce8-9caa-9d2867f3b49b/
Then: https://www.virustotal.com/gui/url/b3fe0e2efe74e418f5d9eebf0936efaf27437f6056ea9cd04ce57555db458bd0/detection
(one to flag) and 2 negative community votes:
https://www.virustotal.com/gui/ip-address/185.128.34.116/detection
Various apk android malcode detections: https://www.virustotal.com/gui/ip-address/185.128.34.116/relations
and script issues: -> Results from scanning URL: hxtps://code.jquery.com/jquery-3.3.1.min.js
Number of sources found: 436
Number of sinks found: 80

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Redirect shown to be suspicious by Virus Total. Is it?
« Reply #2 on: January 23, 2021, 02:58:59 PM »
Thanks Asyn, helpful, better to steer away from all xyz ending domains.

This script seems active there: https://urlscan.io/result/39f013b3-c138-4bcc-9ae0-a90efb763abf/
Nothing found there, but any other use of this Amazon CloudFront dot net script is strictly forbidden.

Relation with Results from scanning URL: -https://jakethijaber.xyz/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Number of sources found: 2
Number of sinks found: 1  (warning on connection time-out

So what is really going on at the other side of your screen  :-[

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
« Last Edit: January 23, 2021, 06:09:17 PM by Pondus »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Redirect shown to be suspicious by Virus Total. Is it?
« Reply #5 on: January 23, 2021, 06:19:13 PM »
Gigantic spammer been taken down,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!