Author Topic: Safe to Open and Quttera flag as potentially suspicious.  (Read 793 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Safe to Open and Quttera flag as potentially suspicious.
« on: November 22, 2023, 05:43:58 PM »
See: https://quttera.com/detailed_report/www.frontnieuws.com
Has: PS.JS.Obfuscantion.gen  (Is it being (ab)used for privacy washing?) *.

Safe to Open extension gives: https[://]wXw[.]frontnieuws.com/   11/22/2023 17:23:56 (you visited an unsafe webpage).

See: https://www.virustotal.com/gui/url/5d5153e77ad856b64313a243a60d2f8e164e4cd4c1392ed4a40bdc7b6d7d6154?nocache=1
where only Quttera flags it as being suspicious.

Outgoing links (given at VT)
-https://vk.com/id571225876  * ->
* this address flagged at URLHaus  -> https://urlhaus.abuse.ch/browse/ PrivateLoader encrypted Redline abuse.
-https://t.me/frontnieuwscom
-https://www.cookieyes.com/

Avast safebrowsing does not flag menstioned website.

polonus (volunteer 3rd party cld recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: Safe to Open and Quttera flag as potentially suspicious.
« Reply #1 on: November 22, 2023, 10:31:53 PM »
Another example why glype proxies may have bad configuration and can be script-abused. Be aware and be cautious.

Re: https://www.virustotal.com/gui/url/704f08a6e3a30b7064ff574c7b89d593fc136235602e7633b051e8ce02e6bd62?nocache=1

Via -proxy -https://proxy.batmite.com:443  involved - -https://www.acint.net/
See: https://www.virustotal.com/gui/url/6e1beaeaf17c2a7b263f6f87ca06cdec17fb65764708e7d71298a6f547d55e0e

Quote
Analysis of the traffic (at acint dot net) statistics helps largest Russian companies understand the particularity of the behavior of visitors of websites.
This is done through the use of Artificial Computation Intelligence via a counter software.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!