ioc[.]one - OSINT Cyber Threat Intelligence Database

XSS Injection Campaign Exploits WordPress AMP Plugin

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Model Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Browser Extensions - T1176 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	9af8fa8b-0ce5-4f78-bbeb-ad7cb32740ed
Fingerprint	2450981989f3a7db
Analysis status	DONE
Considered CTI value	0
Text language
Published	Nov. 20, 2018, 3:11 p.m.
Added to db	Jan. 19, 2023, 12:02 a.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	XSS Injection Campaign Exploits WordPress AMP Plugin
Title	XSS Injection Campaign Exploits WordPress AMP Plugin
Detected Hints/Tags/Attributes	50/2/16

Source URLs

	Redirection	Url
Details	Source	https://www.wordfence.com/blog/2018/11/xss-injection-campaign-exploits-wordpress-amp-plugin/

URL Provider

Details	Provider	Source level domain
Details	wordfence.com	www.wordfence.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		sslapis.com
Details	Domain	3		ukrnames.com
Details	File	1206		index.php
Details	File	5		stat.js
Details	IPv4	1		0.9.97.20
Details	IPv4	1		181.215.147.23
Details	IPv4	1		193.112.161.204
Details	IPv4	1		219.145.170.23
Details	IPv4	1		192.169.198.104
Details	IPv4	1		193.112.65.16
Details	IPv4	1		46.101.156.232
Details	IPv4	1		193.112.91.155
Details	IPv4	1		218.92.252.230
Details	IPv4	1		208.109.53.224
Details	IPv4	1		41.139.45.78
Details	Url	1		https://sslapis.com/assets/si/stat.js