« previous next »
Pages: [1]   Go Down

Author Topic: Website with malware?  (Read 1575 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34054
  • malware fighter
Website with malware?
« on: November 28, 2014, 01:01:14 AM »
See malicious redirects to this site: http://evuln.com/labs/redirect/onotiw.dnset.com/
Missed as such: http://killmalware.com/onotiw.dnset.com/#
But detected here: http://sitecheck.sucuri.net/results/onotiw.dnset.com/
See: https://asafaweb.com/Scan?Url=june26.com 1 error & 2 warnings
A suspicious code wasloading content from a blacklisted domain
-> http://fetch.scritch.org/%2Bfetch/?url=onotiw.dnset.com%2F&useragent=Fetch+useragent&accept_encoding=
IP general badness history: https://www.virustotal.com/en/ip-address/69.6.223.30/information/
Embedded content, images
htxp://t1.extreme-dm.com/i.gif (eXTReMe Tracker)
htxp://e1.extreme-dm.com/s10.g?login=stevewit&j=n&jv=n (http://e1.extreme-dm.com/s10.g?login=stevewit&j=n&jv=n)
Embedded malware site: https://www.virustotal.com/en/url/3e21bf8c8f5f6d824094235750c0070d031c3cac5ac94d3941836e450f62f395/analysis/
They think highly of the counter/tracker: http://www.frihost.com/forums/vt-81783.html
metalink here: http://sitecheck.sucuri.net/results/june26.com (benign).

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34054
  • malware fighter
Re: Website with malware?
« Reply #1 on: November 28, 2014, 01:39:54 AM »
Also reported here: https://www.mywot.com/en/scorecard/onotiw.dnset.com#view
(luntrus is an alter ego)

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »