Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Unknown_html malcode, wrong parameters on site.
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Unknown_html malcode, wrong parameters on site. (Read 1190 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34054
malware fighter
Unknown_html malcode, wrong parameters on site.
«
on:
March 19, 2014, 04:10:04 PM »
Bitdefender TrafficLight flags as with malware:
https://www.virustotal.com/nl/url/120baf6b1e8205ba19d5bfc2a9adb9676206923ed6ca2818169bd3ef6f83d166/analysis/1395239707/
Nothing here:
http://urlquery.net/report.php?id=1395239883555
nor here:
http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fservices.twins-solutions.com%2Fstatistics%2Fevents.php
<response status="failed"><error code="5"><message>Missing parameters</message></error></response>
http://zulu.zscaler.com/submission/show/c84ff13c96212ed3856149df2c1b8edc-1395240302
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
!Donovan
Web Analyst
Avast Evangelist
Super Poster
Posts: 2219
Re: Unknown_html malcode, wrong parameters on site.
«
Reply #1 on:
March 22, 2014, 04:21:28 PM »
Hi Polonus,
This site with events.php was flagged as well:
https://www.virustotal.com/en/url/d62222be6e2eae4b0408a31ca387b797008900df0ac86b641421e09742c48393/analysis/
I do not believe them to be similar, however. This one was likely flagged for its relatively "hidden" iframe.
Also see:
http://urlquery.net/report.php?id=1395501501350
Redkit Exploit, so it appears.
See attached,
~!Donovan
Logged
Familiarize Yourself!
|
Educate Yourself!
|
Beautify Yourself!
|
Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."
polonus
Avast Überevangelist
Probably Bot
Posts: 34054
malware fighter
Re: Unknown_html malcode, wrong parameters on site.
«
Reply #2 on:
March 23, 2014, 04:41:38 PM »
Hi !Donovan,
Thanks for that evaluation. There are DNS issues also for the main domain:
http://www.intodns.com/twins-solutions.com
mainly SOA issues:
http://dnscheck.pingdom.com/?domain=twins-solutions.com
->
Problem record(s) are:
http://dnscheck.pingdom.com/?domain=twins-solutions.com×tamp=1395588903&view=1
74.220.195.131 ->
https://www.robtex.com/ip/74.220.195.131.html
(hundreds of hostnames)
69.89.16.8
https://www.robtex.com/ip/69.89.16.8.html
(203 hostnames)
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Unknown_html malcode, wrong parameters on site.