Re: https://urlhaus.abuse.ch/url/205569/
A is sgiven there: https://www.virustotal.com/gui/file/63be234b92c49bb8ccd19b4308f625da023a9a906c8cffdd9e4a4b43d9a9c7b3/detection
various weaknesses at IP and Hostwinds: https://www.shodan.io/host/23.254.132.182
Malcode file links to:
Results from scanning URL: -http://gierek.eu/wp-includes/js/comment-reply.min.js?ver=5.2.1
Number of sources found: 0
Number of sinks found: 3
&
Results from scanning URL: -http://gierek.eu/wp-includes/js/comment-reply.min.js?ver=5.2.1
Number of sources found: 0
Number of sinks found: 3
See also -https://censys.io/ipv4/23.254.132.182 → autonomous_system.asn:54290
Also hosted there: -https://www.ezprepaidcards.com
Threats - Security Checks for -https://www.ezprepaidcards.com
(4) Domain at risk of being hijacked
(2) Emails can be fraudulently sent
(2) Unnecessary open ports
DNS is susceptible to man-in-the-middle attacks
Unable to properly scan your site. TLS certificate expired: 9 Apr 2019 - https://sitecheck.sucuri.net/results/https/www.ezprepaidcards.com error cert date invalid - not secure…
https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-
cache=&fs=1&tgt=d3d3Lnt6cH17cHxbI158fSNzLl5dbWA%3D~enc
Re: https://www.shodan.io/host/104.168.143.5
https://www.cvedetails.com/version/73629/Filezilla-Filezilla-Server-0.9.6.html vuln.
F.-risk score: https://observatory.mozilla.org/analyze/www.ezprepaidcards.com
problems: https://observatory.mozilla.org/analyze/www.ezprepaidcards.com#tls
bad T results: https://observatory.mozilla.org/analyze/www.ezprepaidcards.com#tls
Site’s certificate no longer trusted…Tue, 09 Apr 2019 23:59:59 UTC (expired 1 month and 23 days ago) EXPIRED
SSL3 insecure protocol found.
I would not trust anyone behind that site with Mastercard data, that is a sure thing,
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)