• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

H.B.’s Security Round-up 7-4-19.

Hello,

Upon entrance to: hxxps://redheadbouquet.wordpress.com/ i was immediately prompted to either open or save mysterious file: sp.js.  For fun, i decided to save it.  Scans with both Norton and MBAM revealed nothing, however, i wanted to see what encoding was behind this.  Therefore, i changed the file format to .txt to gain safe entry.  Upon examination, it looks as though it is a facilitator for the following domain: hxxps://service-dev.sp.advertising.com/.  Safe Web’s community rates that site as ‘suspicious or annoying’.  Please see:

https://safeweb.norton.com/report/show?url=service-dev.sp.advertising.com

In any event, i did not like the fact that, upon entrance to a site, i’m immediately hit with something to download and submitted it directly to Symantec at: https://submit.symantec.com/websubmit/retail.cgi

Please also note- When you attempt to put in the full extension for the questionable WordPress domain i.e., “redheadbouquet.wordpress.com” into Safe Web, it just defaults to wordpress.com.  Again, this is one of my historical contentions with Safe Web.  It needs to become more intuitive to perceive add-ons in the title of a site.  If i could rate the specific site, i would give it 3 bars for annoying, as i shouldn’t be prompted with a download the minute i arrive on the Homepage….

Have a Happy and Safe 4th,  

H.B. 

Replies

Kudos1 Stats

Re: H.B.’s Security Round-up 7-4-19.

Hammer_Bro:

Upon entrance to: hxxps://redheadbouquet.wordpress.com/ i was immediately prompted to either open or save mysterious file: sp.js. 

 Upon examination, it looks as though it is a facilitator for the following domain: hxxps://service-dev.sp.advertising.com/. 

Kudos1 Stats

Re: H.B.’s Security Round-up 7-4-19.

FWIW!! IE11.

"From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Home / Professional x 64 version 1903 / build 18362.295 / N360 Deluxe 22.18.0.213 / Norton Core v.282 on Android 2.00
Kudos2 Stats

Re: H.B.’s Security Round-up 7-4-19.

Hello H B

I will notify the Safe Web Team about this.

Have a Good Day and

Thanks.

Success always occurs in private and failure in full view. Windows 10 Pro 64 bit Norton Core Security Plus 22.18.0.213 Core Firmware 282 I E 11 Chrome latest version.
Kudos1 Stats

Re: H.B.’s Security Round-up 7-4-19.

Hi bjm_,

I mean, it is a javascript file, if executed, not sure the full scope of what it would do, even if the actual site is down.  Perhaps it would insert annoying inline ads on pages, not 100% sure, and didn't want to take a chance, so, directly submitted it for eval. 

Hi Soul,

Yep.  That's what i saw, and sounded the alarm. 

Hi Flo,

Thanks so much. 

Regards,

H.B. 

Kudos1 Stats

Re: H.B.’s Security Round-up 7-4-19.

Oh, you run Internet Explorer. 

Kudos1 Stats

Re: H.B.’s Security Round-up 7-4-19.

Indeed. Can't deal with the constant changes in FF and Chrome. Edge is worse than a soup sandwich. IE, has been a staple for years. Easy to manage, settings right where I can find them. I almost never have an issue with it, sites seem to have the larger part of rendering but hey, if a site doesn't load, I more than likely don't need to be there in the first place.

Cheers

"From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Home / Professional x 64 version 1903 / build 18362.295 / N360 Deluxe 22.18.0.213 / Norton Core v.282 on Android 2.00
Kudos1 Stats

Re: H.B.’s Security Round-up 7-4-19.

All: This article may explain the sp.js name space issue being seen.

Cheers

"From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Home / Professional x 64 version 1903 / build 18362.295 / N360 Deluxe 22.18.0.213 / Norton Core v.282 on Android 2.00
Kudos1 Stats

Re: H.B.’s Security Round-up 7-4-19.

Thanks to all, who took time to join this discussion

Soul, i completely echo your sentiments with respect to IE. 

Best,

H.B. 

This thread is closed from further comment. Please visit the forum to start a new thread.