finding real source from where the adware cookie got downloaded

Status
Not open for further replies.
O

ohanotherissue

New Member
Thread author
Nov 29, 2019
3
Our proxy are bombarded with a lot of outbound traffic which is denied because of bad reputation.
hxxttps://sync.adkernel.com:443/user-sync?zone=79804&t=image&r=https://sync.springserve.com/usersync?aid=631&uuid={UID} -

the above is the URL which gets denied , and its because proxy finds it as malwarish or adware-ish in nature which is true. many computers in the network are reaching out to this url, because those PCs has some information in cookie to do so. My question is how do we identify which websites are pushing these cookies down to user PCs?
or in other words How can we find out retrospective from where it came originally.
 
Last edited by a moderator:
  • Like
Reactions: [correlate]
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

hxxttps://sync.adkernel.com/user-sync?zone=79804&t=image&r=https%3A%2F%2Fsync.adkernel.com%2Fusersync%3Faid%3D631%26uuid%3D%7BUID%7D

Two domains are listed in the link.
adkernel.com
springserve.com

These sites can be block using this Hosts file.

Blocking Unwanted Connections with a Hosts File

This article provides details on blocking Ads, Banners, Parasites, and Hijackers, web bugs, possibly unwanted programs etc. with a custom HOSTS file
winhelp2002.mvps.org

Read the instructions on the page before using it.

Hope that helps
 
  • Like
Reactions: [correlate], Venustus and harlan4096
O

ohanotherissue

New Member
Thread author
Nov 29, 2019
3
Proxies are already blocking the traffic. my query is on how to identify the original website from where i downloaded the cookie ?
 
  • Like
Reactions: [correlate]
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hi

Any site you visit will try to install cookies.
How may time did you see a popup suggesting you to enable the cookies to serve you better.

What I do here I do not need them.
If the site is not available unless I enable them I do not and close the topic.

Search this string in your Default browser "cookie search" you may find a tool that you need.
 
  • Like
Reactions: [correlate]
Status
Not open for further replies.

Similar threads

Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion Decoding the Trend Micro Components and Protection Model
Replies
24
Views
2,993
Other security for Windows, Mac, Linux
Mahesh Sudula
Mahesh Sudula
Victor M
New Update Chrome 124 Ubuntu 24.04 LTS Apparmor profile
Replies
1
Views
863
ChromeOS & Linux
Victor M
Victor M
Trident
    • Like
    • +Reputation
    • Hundred Points
Serious Discussion Harmony Endpoint by Check Point
Replies
685
Views
59,237
Other security for Windows, Mac, Linux
simmerskool
simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top