Avast WEBforum
Other => Viruses and worms => Topic started by: Secondmineboy on October 24, 2013, 10:39:25 PM
-
URL is: wxw.mrappolt.de/
Contains a Drive-by-download according to Norton: hxtp://safeweb.norton.com/report/show?url=mrappolt.de
High risk by McAfee: hxtp://www.mcafee.com/threat-intelligence/domain/?domain=mrappolt.de
Sucuri: htxp://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fwww.mrappolt.de%2F
Virustotal: htxps://www.virustotal.com/en/url/dabfd9b0fbebdc5cd9b7b86c9a96844c6ea803b7878e868e1ef65c8ba816b053/analysis/
Quettra: htxp://www.quttera.com/detailed_report/www.mrappolt.de
Why is Avast not blocking this?
-
Well done, Steven Winderlich and good find. Thanks for the heads-up on this site ;)
There is even a special Spam report on this one: http://cbnetsecurity.com/colors/archives/2899
It is in the ESCROW Fraud-Prevention list
It is in Malware Domain List and we have a Bitdefender TrafficLight alert for being malicious
and a very clear WOT report: http://www.mywot.com/en/scorecard/mrappolt.de?utm_source=addon&utm_content=popup-donuts
There are more that miss it as it is not in the DrWeb malicious site list and given all green at the URL check scan.
This multi-scanner is clear in its verdict: http://scanurl.net/?u=www.mrappolt.de&uesb=Check+This+URL#results
We recommend that you do not visit the specified website/URL (or do so with caution). One or more services we checked with below report that it may be suspicious.
Steven Winderlich's findings are being supported here: http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fwww.mrappolt.de
Site also has been compromised.
These scan results are clear as clear can be - re-scanned so it is actual: http://zulu.zscaler.com/submission/show/9ccd3c021573e6f4faa1c821af50cf5e-1382652977
We also have to check on this [iframe] healthicloud.com/esd.php which seems benign.
polonus
-
Still not blocked by Avast.