-
-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Malware domain #190
Comments
Add domain from iam-py-test/my_filters_001@b0b68fb and DandelionSprout/adfilt#190
It looks like the official website of some sort of organization to me. Which part of the site is malicious? Is there a specific page?
|
I looked at the Facebook link and it looked official. The whole thing is in another language so I am not sure what it says.
The scans flagged the homepage as having malware but most reported the host as malware too |
Looking at the code, it seems like maybe it was flagged because of this:
Or this
|
@llacb47 @DandelionSprout should I close this issue or do you think further investigation is needed? |
It looks like the CoinHive script at
|
Closing issue |
Fun fact: Microsoft Defender on my PC seemingly detects the scripts and script-lines above, as if my GitHub E-mail notifications with them are themselves |
The site seems to be quasi-safe after Troy Hunt was able to deactivate As such, I at least presume that there's no immediate need to add |
Yes. I am sorry for the error; I did not realize that |
Which entry/entries are you submitting?
aahora.org$all
Which things do they block, hide, or unbreak?
Malware.
See these for more information:
https://www.virustotal.com/gui/url/c5e388bc7c4f32f038e1ffaf055368c55b197251a9969c746a5f5ed7852f4ec4/detection
https://www.fortiguard.com/webfilter?q=aahora.org
https://safeweb.norton.com/report/show?url=aahora.org
https://www.urlvoid.com/scan/aahora.org/
https://quttera.com/detailed_report/aahora.org
https://sitecheck.sucuri.net/results/aahora.org
iam-py-test/my_filters_001@b0b68fb
https://quttera.com/detailed_report/coin-hive.com
https://www.virustotal.com/gui/url/993da527c38d30523da34f9bcf14e3b3b82ef7ce0c1a90604fedcff7587c7ecc/detection
https://www.virustotal.com/gui/domain/aahora.org/detection
https://www.virustotal.com/gui/domain/www.aahora.org/detection
https://www.virustotal.com/gui/url/9ff23b338f715e4c8ebeb2429c9145c3f433a9eb9d2a72fe3d62f3b80d133b27/detection
https://www.scumware.org/search.php (Complete the captcha and enter
aahora.org
to get results; strangely does not allow report to be linked)The response: https://github.com/iam-py-test/Badware-Reports-1/blob/main/malware_page_content/malware_web20aahora.org.txt
Which of my lists are you submitting it to?
Antimalware
Which adblocker(s) and version did you use when writing and testing the entries?
Other(s):
Adblocker version(s): uBlock Origin development build v1.35.3b7
Which filterlists did you use? Failing to tell this will temporarily close the report until it has been told.
(Optional) Which browser(s) and version did you use?
Edge Version 91.0.864.37
The text was updated successfully, but these errors were encountered: