is this link safe or not

hello yesterday i visit a website to watch some video. here’s the link hxxp://kshowonline(.)com/kshow/7751-[engsub]-running-man-ep.379
there are a lot of server to choose there but i chose VIP 3. after i chose VIP 3, i click to play the video player then pop up show up and open new tab. then i close the new tab.

after that i click again on the video to pause/play it again but another pop up show again(this time its pop up window and its hidden behind taskbar/clock)

no antivirus detection but the behavior of pop up window kinda like this https://blog(.)malwarebytes(.)com/cybercrime/2017/11/persistent-drive-by-cryptomining-coming-to-a-browser-near-you/

the pop up windows link on firefox is hxxp://azvideo(.)net/embed/tOLW2J2lzmPD19xgrZlss6Si6Gg , the page is white blank page tho
the pop up windows on chrome dont have link it only show about:blank
the pop up window hidden behind my taskbar if i open using chrome. if i using firefox its open on top of clock on taskbar. ill attack the picture for better view

  1. Break that link. hxxp://wxw(dot)example(dot)com

  2. Your question is: “Is streaming video dangerous?”

Yes, yes it is. It’s also illegal. (Not sure if you’re Japanese/Chinese/Korean. I don’t think it matters though. Japan outlaws it. (S.) Korea is in step with the USA… I doubt you’re from N. Korea… and China bans a lot of things on the internet.) Just going off the thumbnail subtitles there.

Not that these laws actually do anything.

It is extremely common for illegal websites to have these forms of ads. It’s almost mandatory. (How else do they make money to pay for the TB’s of hosting they require?)

Avoid these websites. All of them. Some are more “reputable” then others, but at the end of the day, they’re all illegal. Don’t torrent either, it’s just as bad. (This includes using VPN’s to connect to the webservers of other nations for the purposes of watching their content.)

Hello sorry if the title and the description is misleading but what i want to is not wether streaming is dangerous or not.

But is the link that open on pop up window malicious or not. Since its behave like the one in mbam blog post but my antivirus didnt detect it. I will edit the title and the link inside.

https://forum.avast.com/index.php?topic=211084.msg1431948#msg1431948

Main Website: https://urlquery.net/report/cf675ee5-9a80-4911-854b-45187e4ddd93

The short answer. Is that “specific” ad safe? Possibly, I don’t know enough about websites to make that determination.

However, what I can tell you is – Asking if one site is “safe” (and then presuming the others are as well) is equivalent to having your doctor check one growth (All good), but not the other nine (9) – (which are cancerous growths.)

I hope this answers your question to how you intended it.

Edit: Evidently, what we tell you (likely) won’t stop you from doing it anyways. So here’s some common advice (good advice for anything really).

  1. Use Adblocker. (or uOrigin or some equivalent)
  2. Use NoScript.
  3. Limited Access User Account. Don’t do it on an Admin account.

Hi Michael (alan 1998) & erick.pomada,

This is fishy (podejrzany): Header returned by request for: htxp://creative.wwwpromoter.com/ → -172.93.4.204 * (* = a Las Vegas Rack911 addresss, certified as :-wwwpromoter.com but site does not have a title. Service: Linux; CPE: cpe:/o:linux:linux_kernel)

HTTP/1.1 404 Not Found
Server: nginx/1.6.2
Date: Tue, 05 Dec 2017 22:10:24 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 14
Connection: close
X-User-Agent: Device(type=‘Desktop’, browser=‘IE’, os=‘Windows’, ip=‘-198.71.230.24’ *, connection_type=‘Wi-Fi’)
X-ASN: 26496 (GoDaddy Peering DB)

That’s all we know now, and should be reason enough for me to stay away from this “monitoring tracer”. :smiley:

pozdrawiam,

polonus (volunteer website security analyst and website error-hunter)

hello, sorry for the late reply

@ Michael Alan i already use ublock origin at default setting, i read about noscript and found out about umatrix too, which one of them is better? i read that some people use noscript and set globally allowed for script and use it only for xss and clickjacking protection while using umatrix to block all

@ polonus i kinda didnt know how do you get that htxp://creative.wwwpromoter.com/ and the rest of the result. i dont really understand about this kind of things anyway. is those link came from main website or from azvideo?

Hi to you, erick.pomada,

That is the information for/from that hoster that is hosting this sh*t (forgive my french there) on their server racks.

Well it is what I do for a pastime to keep me very young at heart while being of an age to be retired. :wink:

And some appreciate what I’m doing here in the line of relevant support
with voluntarily cold reconnaissance website security scanning service.

These malware spreaders are still at it, and it is Pony Crimeware that is reported on tracker, see:
https://app.cymon.io/search/url/http%3A%2F%2Fkshowonline.com%2F

You know what a tracker is? It is some third party tracking code, that can also be abused to have malcode on

:frowning: (better that all users block the nasty ones).

Isn’t this wonderful, how it is being detected now for you,
but not so nice for those that fell victims to it of course :frowning:

Have a nice day, my friend,

polonus

hello polonus

so i think you mean the website (kshowonline) hosting this htxp://creative.wwwpromoter.com/ ? am i understanding it right or not?

so the hoster kshowonline is hosting htxp://creative.wwwpromoter.com/ right?
the tracker is htxp://creative.wwwpromoter.com/ i think?

so its better to avoid the kshowonline i assume by what you mean?
and are those tracker can be blocked if i using add on like ublock origin?

please tell me if i misunderstood something since i dont really good at this and sorry about my bad english xD

You grasped that right, that is what Cymon reports for that domain. hxtp://kshowonline.com

So let us see how they handle you and other’s privacy. I know that is a term that does not mean much now to modern-day Americans, but we still have to consider it at times not to be biten in the parts where it hurts by it, as all free things comes with a certain price tag.

So here the results: https://privacyscore.org/site/35427/
The site uses a total of 34 third parties, of which 16 track you and where 8 are known trackers.
What is this tracker doing: -shulhanafuh.com?

Damian

For your convenience in such cases there is a browser extension to do that job and to do what you like to do:
HTTP Request Blocker
https://chrome.google.com/webstore/detail/http-request-blocker/eckpjmeijpoipmldfbckahppeonkoeko
Source code available here: Source code is available at: https://github.com/wolfascu/ChromeHttpRequestBlocker

polonus