Closed iam-py-test closed 3 years ago
@VernonStow A spam domain I found on https://adblockplus.org/forum/viewtopic.php?f=10&t=82319
(a spam post that got taken down).
I don't know if you will accept it without verification & with the post removed, but thought I'd post it anyway.
Domain: unitedmedicines.com
None are currently listed as malicious at urlvoid.com, but oddly enough, Firefox 89 warns on joesandbox.com.
Thanks anyway, and best regards.
ETA: today (June 12) AdGuard DNS now blocks joesandbox.com with this message:
None are currently listed as malicious at urlvoid.com, but oddly enough, Firefox 89 warns on joesandbox.com.
Thanks anyway, and best regards.
ETA: today (June 12) AdGuard DNS now blocks joesandbox.com with this message:
Weird. I have visited joesandbox many times and it’s pretty popular.
https://www.virustotal.com/gui/domain/joesandbox.com/community & https://www.virustotal.com/gui/url/891dec033b1e5eb48b16a91442e66ef3d2dcb78431dfe61696a5fb13ab1cb52e/detection. Maybe it is flagged because it contains malware, but it is just used for malware analysis.
Also, maybe it’s just me, but urlvoid seems like it’s broken. Sites are flagged by something like Google or Fortuniguard but Urlvoid shows no detections. Personally, I use VirusTotal combined with Norton
I had no problem visiting joesandbox.com today on FF 89 with Quad9 DNS, so it was probably a false positive from Ad Guard. (I can't access Virus Total because it strangely requires me to solve an unsolvable CAPTCHA every time, probably because I use a shared IP address.)
Malware domains from https://www.joesandbox.com/analysis/431924/0/html#domains:
Malware domain used to infect other sites:
2677.in
See https://blog.sucuri.net/2010/06/mass-infection-of-iisasp-sites-2677-inyahoo-js.html, https://www.mywot.com/en/scorecard/2677.in, https://www.virustotal.com/gui/url/f507e6a0a01f24299ff14722397af662bf0ec9cdcf111af4a378c0be9696d3ac/detection