« previous next »
Pages: [1]   Go Down

Author Topic: Malicious redirects or cleansed - Google Safebrowsing still blocks?  (Read 1246 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33939
  • malware fighter
Malicious redirects or cleansed - Google Safebrowsing still blocks?
« on: November 25, 2014, 01:46:04 PM »
See: http://killmalware.com/navalny.org/#
SE visitors redirects
Visitors from search engines are redirected
to: htxp://digi-mail.ru/snipe/index.php
Detected suspicious redirection to external web resources at HTTP level.
Google Safebrowsing blocks: htxp://navalny.org/

3 sites infected with redirects to this URL,
but cannot connect, see: http://www.site-scan.com/eng/show_headers.php?REQUEST=GET&URL=http://digi-mail.ru/snipe/index.php&MODIFIED=0
Therefore nothing here: https://www.virustotal.com/nl/url/34b002cd887d94e56cb9ba3dbda4211a58eec8a46e1c75e562ba80a6755fc970/analysis/1416918809/
But still detected here: http://sitecheck.sucuri.net/results/navalny.org
Blocked by Google Safebrowsing: htxp://digi-mail.ru/
Website Malware   malware-entry-mwhta7?v3   htxp://navalny.org/404testpage4525d2fdc
Website Malware   malware-entry-mwhta7?v3   htxp://navalny.org/404javascript.js
Website Malware   MW:HTA:7   htxp://navalny.org
Known javascript malware. Details: http://sucuri.net/malware/malware-entry-mwhta7?v3
Location: htxp://digi-mail.ru/snipe/index.php

Extensive header info prolifereation (insecure) Apache/2.2.25 (FreeBSD) mod_wsgi/2.8 Python/2.6.6 PHP/5.3.28 with Suhosin-Patch mod_ssl/2.2.25 OpenSSL/1.0.1g DAV/2 ?
System Details:
Running on: Apache/2.2.25
Outdated Web Server Apache Found: Apache/2.2.25

pol
« Last Edit: November 25, 2014, 01:47:57 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »