Re: ISSUE DETECTED DEFINITION INFECTED URL
Website Malware MW:HTA:7 htxp://www.wetteronline.de/cgi-bin/hpweather?PLZ=02727 ( View Payload )
Domain detected on spam or phishing campaigns. Details:
http://sucuri.net/malware/entry/MW:HTA:7This specific URL was identified in malicious campaigns to disseminate malware.
8 suspicious files: Severity: Suspicious
Reason: Detected encoded JavaScript code commonly used to hide suspicious behaviour.
Details: Detected encoded JavaScript code used to hide suspicious activity
[[ WO.metadata = {}; WO.metadata.p_radar_map = { "today": { "labelweekday": "Sa", "label": [ "09:25","09:15","09:10","09:00","08:55","08:50","08:45","08:40","08:35","08:30","08:20","08:15","08:10","08:05","08:00","07:55","07:50","07:45","07:40","07:35","07:30","07:25","07:20","07:15","07:10","07:05","07:00","06:55","06:50","06:45","06:40","06:35","06:30","06:20","06:15","06:10","06:05","06:00","05:55","05:50","05:45","05:40","05:35","05:30","05:25","05:20","05:15","05:10","05:00","04:55","04:45","04:40","04:35","04:30","04:25","04:20","04:15","04:10","04:05","04:00","03:55","03:50","03:45","03:40","03:35","03:30","03:25","03:20","03:15","03:10","03:05","03:00","02:55","02:50","02:45","02:40","02:35","02:30","02:25","02:20","02:15","02:10","02:05","02:00","01:55","01:50","01:45","01:35","01:30","01:20","01:15","01:10","01:05","01:00","00:55","00:50","00:45","00:40","00:35","00:30","00:25","00:20","00:15","00:10","00:05","00:00" ], "year": etc. etc. Blocked by uBlock is htxps://script.ioam.de/iam.js ->
Re:
http://toolbar.netcraft.com/site_report?url=http://wodas.wetteronline.deand
http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fwetteronline.de%2Fwetter%2Fkelkheimpolonus (volunteer website security analyst and website error-hunter)
