Hello again!

Today one of my friends linked me some stuff found on Eurobricks Lego forum, the link that seemed to be made using URL shortener called “ow-ly” showing off some new Lego Doctor Who teasers.

The link itself can be found on this topic (fourth post): http://www.eurobricks.com/forum/index.php?showtopic=105473&st=925

However, Sucuri showed that the said URl shortener site would be malicious (I’m usually careful with shorted URL links and only link them if it comes from reliable source), but most other websites show it to be clean (Virustotal only has Sucuri blacklist). Siteadvisor has plenty of comments about some spam campaings.

https://sitecheck.sucuri.net/results/ow.ly

http://www.scamadviser.com/check-website/ow.ly

https://www.siteadvisor.com/sites/msgpage/ow.ly
I’m pretty aware that some URl shortener sites by themselves seem to be blacklisted sometimes, Sucuri even shows goo.gl to be suspicious, but often I like to be certain about stuff like this. :-[

But there is also spamming going on from this script link there: Results from scanning URL: - https://ws.areyouahuman.com/ws/script/9c23d8d067c270d618274dd8efa605efe4ce7a09
Number of sources found: 98
Number of sinks found: 60
landing at: Results from scanning URL: -http://www.hyperfxsupplements.com/wp-content/themes/catalyst/lib/js/catalyst-responsive.js?ver=1.5.4
Number of sources found: 0
Number of sinks found: 3
and
Results from scanning URL: -http://www.hyperfxsupplements.com/wp-content/themes/catalyst/lib/js/catalyst-responsive.js?ver=1.5.4
Number of sources found: 2
Number of sinks found: 2
and
Results from scanning URL: -http://www.hyperfxsupplements.com/wp-content/themes/catalyst/lib/js/catalyst-responsive.js?ver=1.5.4
Number of sources found: 2
Number of sinks found: 2
and
Results from scanning URL: -http://www.hyperfxsupplements.com/wp-content/themes/catalyst/lib/js/catalyst-responsive.js?ver=1.5.4
Number of sources found: 0
Number of sinks found: 0
WordPress issues:
WordPress Version
4.2.5
Version does not appear to be latest 4.3.1 - update now.
The following plugins were detected by reading the HTML source of the WordPress sites front page.

wp-super-cache latest release (1.4.5)
http://wordpress.org/plugins/wp-super-cache/
wordpress-seo latest release (2.3.5)
https://yoast.com/wordpress/plugins/seo/

Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

ID User Login
1 Shawn829 shawn829
2 None

Warning Directory Indexing Enabled
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.

/wp-content/uploads/ enabled
/wp-content/plugins/ disabled

Re: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.hyperfxsupplements.com%2Fwp-content%2Fthemes%2Fcatalyst%2Flib%2Fjs%2Fnavbars%2Fsuperfish.js%3Fver%3D1.5.4

polonus

as Sucuri say: This specific URL was identified in malicious campaigns to disseminate malware.

Sorry about off-topic, but I tried visiting Sucuri Sitecheck again and it gave me some kind of Sucuri Website Firewall - CloudProxy error message:

What is going on? Why here? The site you are visiting is using Sucuri CloudProxy. And for some reason it is not configured properly. If you are a client, please open a ticket here asap for us to look at it for you: https://support.sucuri.net. You can also email us at cloudproxy@sucuri.net if you just wish to report this error. Error details

URL: https://sitecheck.sucuri.net/
Error ID: DEF102
Error reason: Domain name not configured.
Server ID: cp15007</blockquote>

I tried with Chrome and it showed “Your connection is not private” error message. Same thing with both mobile Firefox & Chrome. so I guess it’s not just because of my computer… Sucuri home page works fine.

EDIT: nevermind, it seemed to be just temporary error.