Author Topic: Unknown html malware on website...  (Read 1511 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33932
  • malware fighter
Unknown html malware on website...
« on: January 28, 2015, 04:39:03 PM »
See: https://www.virustotal.com/nl/url/31a22d8ce3e9335496d599ebebfadbf0088d9fbdbd84a40397fedf5f8831d2f9/analysis/1422458659/
See: Outdated Web Server Nginx Found   Vulnerabilities on nginx   Vulnerable header: nginx/1.1.19
Security header situation: https://www.uploady.com/#!/download/U9T_QDX9QBh/x61FbawJZxmpiOkq
Unable to properly scan your site. Site returning error (40x): HTTP/1.1 403 Forbidden
IP badness history: https://www.virustotal.com/nl/ip-address/46.19.32.231/information/
External link to: https://www.virustotal.com/nl/domain/g.symcd.com/information/ -> https://forum.avast.com/index.php?topic=152820.0
Checking certicate stus via -clients1.google.com
Quttera blacklist
Could not get domain's name servers from parent servers: http://www.dnsinspect.com/gamazers.com/1422459400Name servers software versions are exposed:
164.138.27.45: "9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6"
46.19.34.254: "Served by PowerDNS - http://www.powerdns.com"
Exposing name server's versions may be risky, when a new vulnerability is found your name servers may be automatically exploited by script kiddies until you patch the system. Go hide version!


polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!