This PHISH detected yet? TrojanSpy:JS/Phish.E

[polonus]

See: https://www.virustotal.com/nl/url/c9bff48c12d20e5789ad7633a9f2acfa3abcc8e1d6078c6cfeb2df79c0d48063/analysis/1420584983/
Detected hidden reference to external web resource. Detected hidden iframe tag to '-gator4189.hostgator.com'

Code: [Select]

<iframe sandbox="allow-same-origin allow-scripts allow-top-navigation" id="preferedMethod" src="htxps://gator4189.hostgator.com:2096/unprotected/loader.html?random=8jBpeRd88FBG9McSFii2IJmjuie3AlF1aVWqVQ53RfiPeAr7FRAeKKSI9P1vudD1" style="display:none;">Blacklisted links: -cmathss.com//cpanel
-cmathss.com//a
-cmathss.com/about:blank
-cmathss.com/javascript:void(0)%3B
-cmathss.com//webmail
-cmathss.com/#
Warning for PHISH-ing attacks by Norton's: http://safeweb.norton.com/report/show?url=cmathss.com
-> https://www.virustotal.com/nl/file/404a4e8aa7287686d4bb61fd6edf63b021b6debc8960caf363d08842906c6fa9/analysis/
IP badness history: https://www.virustotal.com/nl/ip-address/108.167.180.186/information/

pol

[polonus]

Seems that Hostgator Domain Redirect Feature was worked on this site.
Re: http://wphostingdiscount.com/how-to-use-301-domain-redirection-using-hostgator-cpanel/

polonus

P.S. Pondus, thank you for pointing this out to me, another day where something was learnt.

D

[Pondus]

your welcome

the full  hxxp://cmathss.com/xxl/yourmailbox/index.html goes to a HostGator ERROR 404 - PAGE NOT FOUND  message

[polonus]

Pondus,

Anyway WOT blocks site as well, even before redirecting: https://www.mywot.com/en/scorecard/cmathss.com
as a PHISH.

pol