Unless you install additional web browsers (Firefox, Chrome), you're going to be using Safari by Apple.
Warning Messages from Virus Protection Software When Coming to AzB Website
- Thread starter JAM
- Start date
I'm using Norton and didn't get any warnings..Oh well, at least it's better than using Kaspersky. https://www.bloomberg.com/news/arti...ab-has-been-working-with-russian-intelligence
If you know how, check to see if Anti-Virus definitions are up to date. You may have a different version of AV definition from your brother's machine.
Norton, Symantec, and others have occasionally been known to goof up and put false positives. They usually catch on, and send a corrected AV definition later.
Norton, Symantec, and others have occasionally been known to goof up and put false positives. They usually catch on, and send a corrected AV definition later.
I'm using Chrome, 64 bit on Windows 10. Haven't seen anything.
ummm ... well actually - they have one of (if not THE) strongest protection packages available. Much better than Norton or McAfee these days.
Too bad they are a hacking tool for the Russian goverment.
believe what you will.
Well, according to other news reports, Kaspersky was a hacking tool for the Israelis, our only democratic ally in the middle east. The Israelis were watching the Russians 'hack' in real time and they were the ones who tipped us off.
I think we dropped the ball by making one of the biggest faux pas in intelligence, revealing our sources. So whatever backdoor the Israelis had in, is now likely patched and Russians have no qualms killing people to prevent another opportunity for intrusion. More importantly we now lost a source of intelligence gathering on the Russians, and our ally may think twice before sharing intelligence with us in the future.
https://www.washingtonpost.com/worl...bdd1236be5d_story.html?utm_term=.63a2101ec822
I think we dropped the ball by making one of the biggest faux pas in intelligence, revealing our sources. So whatever backdoor the Israelis had in, is now likely patched and Russians have no qualms killing people to prevent another opportunity for intrusion. More importantly we now lost a source of intelligence gathering on the Russians, and our ally may think twice before sharing intelligence with us in the future.
https://www.washingtonpost.com/worl...bdd1236be5d_story.html?utm_term=.63a2101ec822
Boo! :shocked2::shocked2::shocked2:
Attachments
![Copy of P6036604[1]-HALLOWEEN.jpg](/data/attachments/346/346775-b807ce3785372650ed4fa7338548e7b1.jpg)
Enter the site using an Android smartphone, and Chrome browser. I got a message that my phone antivirus (360) crashed and I have to send more details, including IMEI to fix the problem. It's the first time I got such a message, I'm using same phone and antivirus for almost 3 years.
I'm getting a message from Malwarebytes that says it is blocking this website using Chrome and that I can add IP address 38.134.106.126 to my list of blocking exclusions. I don't get the message when using Internet Explorer.
Is anyone familiar with the above IP address?
Thanks
John
Last edited:
I installed Chrome and added the Malwarebytes extension, then browsed forums.azbilliards.com to try to replicate the issue, and nothing lit up.
JS Miner:
Quick google search indicates this is a name for a family of Java Script for Coinhive, a cryptocurrency miner (think bitcoin). Java Script runs inside your web browser, usually to provide video, audio or in this case to mine cryptocurrency.
My educated guess is the script isn't coming from AZ, but one of the ad sites is infected, which is likely hosted on IP 38.134.106.64. So, this could explain why some of us are seeing it, and not everyone. One possible tell is if loading pages takes longer than usual. If one of the advertisers pages are compromised, AZ staff can simply block it, if they haven't already done so.
:IP 38.134.106.64
rwhois V-1.5:0010b0:00 rwhois.cogentco.com (CGNT rwhoisd 0.0.0)
network:ID:NET4-26866A401A
network:Network-Name:NET4-26866A401A
network:IP-Network:38.134.106.64/26
network:Org-Name: Danidin LLC
network:Street-Address:9651 Hornbaker Road
network:City:Manassas
network
ostal-Code:20109
network:Tech-Contact:ZC108-ARIN
network:Updated:2016-08-09 14:32:18
%ok
This is a web hosting service, likely hosting on of the AZ sponsor banners, which could be infected with JS Miner.
JS Miner:
Quick google search indicates this is a name for a family of Java Script for Coinhive, a cryptocurrency miner (think bitcoin). Java Script runs inside your web browser, usually to provide video, audio or in this case to mine cryptocurrency.
My educated guess is the script isn't coming from AZ, but one of the ad sites is infected, which is likely hosted on IP 38.134.106.64. So, this could explain why some of us are seeing it, and not everyone. One possible tell is if loading pages takes longer than usual. If one of the advertisers pages are compromised, AZ staff can simply block it, if they haven't already done so.
:IP 38.134.106.64
rwhois V-1.5:0010b0:00 rwhois.cogentco.com (CGNT rwhoisd 0.0.0)
network:ID:NET4-26866A401A
network:Network-Name:NET4-26866A401A
network:IP-Network:38.134.106.64/26
network:Org-Name: Danidin LLC
network:Street-Address:9651 Hornbaker Road
network:City:Manassas
network
ostal-Code:20109network:Tech-Contact:ZC108-ARIN
network:Updated:2016-08-09 14:32:18
%ok
This is a web hosting service, likely hosting on of the AZ sponsor banners, which could be infected with JS Miner.
Last edited:
I installed Chrome and added the Malwarebytes extension, then browsed forums.azbilliards.com to try to replicate the issue, and nothing lit up.
JS Miner:
Quick google search indicates this is a name for a family of Java Script for Coinhive, a cryptocurrency miner (think bitcoin). Java Script runs inside your web browser, usually to provide video, audio or in this case to mine cryptocurrency.
My educated guess is the script isn't coming from AZ, but one of the ad sites is infected, which is likely hosted on IP 38.134.106.64. So, this could explain why some of us are seeing it, and not everyone. One possible tell is if loading pages takes longer than usual. If one of the advertisers pages are compromised, AZ staff can simply block it, if they haven't already done so.
:IP 38.134.106.64
rwhois V-1.5:0010b0:00 rwhois.cogentco.com (CGNT rwhoisd 0.0.0)
network:ID:NET4-26866A401A
network:Network-Name:NET4-26866A401A
network:IP-Network:38.134.106.64/26
network:Org-Name: Danidin LLC
network:Street-Address:9651 Hornbaker Road
network:City:Manassas
network
network:Tech-Contact:ZC108-ARIN
network:Updated:2016-08-09 14:32:18
%ok
This is a web hosting service, likely hosting on of the AZ sponsor banners, which could be infected with JS Miner.
Thanks for great info. :smile:
Oddly only some of the forum threads produce the warning, most don't ?
I get a warning when trying to visit the the thread below, I have been browsing the forums most the morning. When I previously got the warning, it was just on one particular thread as well. Sorry I don't remember which it was.
I have malwarebytes, and windows 10. my flatmate also gets warning when trying to visit the link below on a different computer with different antivirus.
Does anyone else get this warning?
Hope that helps you guys in diagnosing the issue.
https://forums.azbilliards.com/showthread.php?t=351101
I get a warning when trying to visit the the thread below, I have been browsing the forums most the morning. When I previously got the warning, it was just on one particular thread as well. Sorry I don't remember which it was.
I have malwarebytes, and windows 10. my flatmate also gets warning when trying to visit the link below on a different computer with different antivirus.
Does anyone else get this warning?
Hope that helps you guys in diagnosing the issue.
https://forums.azbilliards.com/showthread.php?t=351101
Oddly only some of the forum threads produce the warning, most don't ?
I get a warning when trying to visit the the thread below, I have been browsing the forums most the morning. When I previously got the warning, it was just on one particular thread as well. Sorry I don't remember which it was.
I have malwarebytes, and windows 10. my flatmate also gets warning when trying to visit the link below on a different computer with different antivirus.
Does anyone else get this warning?
Hope that helps you guys in diagnosing the issue.
https://forums.azbilliards.com/showthread.php?t=351101
I just tried it and am also getting that warning. I've checked out dozens of other threads and it doesn't happen. I am also using Windows 10, not sure what security is on this computer since it is my companies but I'm sure it's pretty decent.
Last edited:
AFAIK, AZ has not enabled this browser communication protocol (https), so you will get that warning on az or any site that has not enable https.
In layman's, imagine this was World War II and HTTPS is Navajo. You're asking azbilliards to talk to your in Navajo. AZ doesn't have Navajo speaker.
There is another thread on pushing AZ to go https. https is just one tool in security. Just like playing the ghost only measure your offensive skill.
If AZ were to go this route, they would also need to shop for a SSL certificate and do their homework. An SSL certificate vouches for AZ identity. Not unlike looking up a person's in Mike Page's fargogate database, to vouch for the skill range.
In layman's, imagine this was World War II and HTTPS is Navajo. You're asking azbilliards to talk to your in Navajo. AZ doesn't have Navajo speaker.
There is another thread on pushing AZ to go https. https is just one tool in security. Just like playing the ghost only measure your offensive skill.
If AZ were to go this route, they would also need to shop for a SSL certificate and do their homework. An SSL certificate vouches for AZ identity. Not unlike looking up a person's in Mike Page's fargogate database, to vouch for the skill range.