Translate

4/10/2014

Potentially MALICIOUS ADs:
bellroy.com (IP: 54.236.92.225)
risking with
HIDDEN Iframes (W32.HfsIframe)
and Microsoft Internet Explorer remote code execution via option element


FOR WEBMASTERS & BLOGGERS
If you own a Website or a Blog and are affiliated with Google AdSense, in order to your own Reputation, should block the Domain bellroy.com in your AdSense Dashboard. See the following Report why:


MALICIOUS ADVERTISER: 
HIDDEN IFRAME(s) & 
Microsoft Internet Explorer remote code execution via option element

DOMAIN:
http://bellroy.com/
  • https://www.virustotal.com/de/url/c98b0274361f078ffe11c672882a44deea265179edb5c6fa0602d63080855968/analysis/
W32.HfsIframe
  • https://www.virustotal.com/de/file/67b5a8555f0660f5cea968abbbe32c48a92b6c0cb1782c682a0bb7d35f2439cd/analysis/1397146549/
<--- iframe src="//www.googletagmanager.com/ns.html?id=GTM-MF9C"height="0" width="0" style="display:none;visibility:hidden" --->

AD-LINK:
http://www.googleadservices.com/pagead/aclk?sa=L&ai=CGfswyL9GU6j-NIuoiga4sYDQCouup8sGi_S0sYgBo5WpvzgQASCOwJQjUJeJzE5guwOgAd3f68sDyAECqQI_TRhS36CvPqgDAcgDwQSqBIsBT9BrjS7o2Hx01Y0JFiIuwvJ1xe9IjZ3AaQviQnug8Np1m1Lub00UCac2hzu_KqEdA3aCF6v0DESTEaRR-1SjYlNxE2mKIljXjfcmAgj4IJnE_mEbmdov7A_Top1ov2PE0Cm3JltzAOkli0GYOFPDLlmdDDZfXT2fFSIbEi-AgySr64NOLCIbYqODF4gGAaAGAoAHi6CUNA&num=1&cid=5GjrqWA5Hr9KASVQwZCWupTr&sig=AOD64_1_pgpU0nS6Jm4kbl0tCan3rcz2HA&client=ca-pub-5585202032329389&adurl=http://bellroy.com/wallets/note-sleeve-wallet&nm=2&mb=2&bg=!A0RJckn2eYHUnAIAAABGUgAAACcqAPHBZ1R_GZZ-qskVhAC1RCaSH8E7P1WWZC0O5x_RfOeSlUkxeJvIMszsmy3sXPqRsDlNy8wF68FONASqnu6VRxJ-s-NpHWsQ1GS7blV93HhI3unMwwLWf3jO_ggQ1uDpL5_XK5lofwEA5P2icYwOYX-diVH7uhcjdcVDH0WnnUDwsfalxoHuio6rkHLlVZEw0K_n8FBECRILAC_D7YNm3YixQnPoAup1vg7QEcYLoGraugw_6A2qJro2Z8bmpX0mbatP_HXSBMdhAiO9S4pffic21NrkmjGVx-d_c9TBhi1Tj4BMHIOEuAFJr7PX2F7yuuWu
  • https://www.virustotal.com/de/url/95f54e683c7aa90bcff2516c4203b1eab34ab0773398e57f1df39494d6bfa9da/analysis/1397146003/
W32.HfsIframe
  • https://www.virustotal.com/de/file/5a84faf5f6aca07d4390a9b5cfccc29512b29edb295113d7a6f81dd8c85e0028/analysis/1397146289/
<--- iframe src="//www.googletagmanager.com/ns.html?id=GTM-MF9C"height="0" width="0" style="display:none;visibility:hidden" --->
Microsoft Internet Explorer remote code execution via option element
  • https://urlquery.net/report.php?id=1397146071040
  • https://urlquery.net/report.php?id=1397146084651
--->
http://bellroy.com/wallets/note-sleeve-wallet?gclid=CJGghbqm1r0CFbFFMgodI1QA3w
  • https://www.virustotal.com/de/url/415b1b40a688e6db53001d576b04991a469967e8b17f5327f591942b0ec5b423/analysis/
W32.HfsIframe
  • https://www.virustotal.com/de/file/fbf1f3b0f36895ff64f2ed8270a6058d912395b6fe94a596b7f0e04381422a90/analysis/1397147003/
<--- iframe src="//www.googletagmanager.com/ns.html?id=GTM-MF9C"height="0" width="0" style="display:none;visibility:hidden" --->
Microsoft Internet Explorer remote code execution via option element
  • https://urlquery.net/report.php?id=1397146245634
  • https://urlquery.net/report.php?id=1397146261020
  • https://urlquery.net/report.php?id=1397146282006

IP:
http://54.236.92.225/
  • https://www.virustotal.com/de/url/17c875d298cbb4a685465b5dfbd5f3ae5097b78a8fa58184f224a872eec7d4f3/analysis/1397147591/
  • https://www.virustotal.com/de/ip-address/54.236.92.225/information/

HIDDEN LINK TO:
http://carryology.com/
  • https://www.virustotal.com/de/url/85e70248597bc714f3eac0644ff669c2680af8b6a50b23d34420e54e0f9bd902/analysis/1397147301/

Keine Kommentare:

Kommentar veröffentlichen