See:
https://urlquery.net/report.php?id=1443720805697Various scripts blacklisted there. e.g.
2015-10-01 2 -happyhouse.be/media/system/js/core.js Malware
2015-10-01 2 -happyhouse.be/media/system/js/caption.js Malware
2015-10-01 2 -happyhouse.be/media/system/js/mootools-core.js Malware
2015-10-01 2 -happyhouse.be/templates/beez_20/javascript/md_stylechanger.js Malware
2015-10-01 2 -happyhouse.be/media/system/js/mootools-more.js Malware
2015-10-01 2 -happyhouse.be/modules/mod_AutsonSlideShow/js/jquery.easing.1.3.js Malware
2015-10-01 2 -happyhouse.be/modules/mod_AutsonSlideShow/js/jquery.animate-colors-min.js Malware
2015-10-01 2 -happyhouse.be/modules/mod_AutsonSlideShow/js/jquery.skitter.min.js Malware
2015-10-01 2 -happyhouse.be/modules/mod_AutsonSlideShow/js/jquery-1.5.2.min.js Malware
2015-10-01 2 -happyhouse.be/index.php/en/ Malware
jQuery Skitter Slideshow malware -> coming from
https://www.virustotal.com/nl/ip-address/178.33.130.20/information/PHISHing going on there. The website infection is dynamically generated from multiple files and code snippets scattered throughout legit files. It is done this way on purpose. Backdoors may left there to hack in again. Incomplete hidden iframe tag may come detected as one of the infection elements.
Likewise malware flagged here:
http://sakrare.ikyon.se/?ip=195.74.38.18 Google browser difference:
Not identical
Google: 17308 bytes Firefox: 17411 bytes
Diff: 103 bytes
First difference:
<link rel="stylesheet" href="/templates/beez_20/css/general_mozilla.css" type="text/css" /> </head> <body> <div class="core"> <div class="logo"> <a hr...
litespeed
Vulnerabilities in php/5.4.42
Joomla Version 2.5.14 found at:
http://happyhouse.be/administrator/manifests/files/joomla.xmlJoomla Modules, Components and Plugins
The following modules were detected from the HTML source of the Joomla front page.
mod_autsonslideshow
mod_ea_search
The following components were detected from the HTML source of the Joomla front page.
estateagent
Compromised sites will often be linked to malicious javascript in an attempt to attack users of your Joomla installation. Look over the listed javascript, you should be familiar with all scripts and investigate ones you are not sure. In addition removal of unneeded javascript will speed up your website.
Known javascript malware. Details:
http://sucuri.net/malware/entry/MW:SPAM:SEO?g12t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'}</'+x[0]+'>');}dnnViewState();
Re:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fhappyhouse.be%2Fadministrator%2Fmanifests%2Ffiles%2Fjoomla.xmllanding at a.o. htxp://static.pokerist.com/admin/sign-in - Insecure: Pokerist - SignIn AdminBlog padlock icon
static.pokerist.com
Alerts (1)
Insecure login (1)
Password will be transmited in clear to htxp://static.pokerist.com/admin/sign-in
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted and on outdated Software: HTTP Server: nginx; PHP Version: 5.4.30 (Outdated)
another Amazon Data center glitch:
http://toolbar.netcraft.com/site_report?url=http://static.pokerist.comhtxp://www.jogosnet.com.br/ --> 'jogos' redirecting to -Hijogos.Com
polonus (volunteer website security analyst and website error-hunter)
