Author Topic: Outdated webserver software.found and what avast blocks with URL;Mal  (Read 1657 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Kaspersky flags: https://www.virustotal.com/nl/url/c999c15ca28d9edf04cd16404eb74816e23f6806e08a96372a0fd6218d6942fc/analysis/1412269422/
Quttera does not have it: http://quttera.com/detailed_report/ddbfii1ue.lichniy.pp.ua
Sucuri finds outdated software: ISSUE DETECTED       DEFINITION   VULNERABLE HEADER
Outdated Web Server Nginx Found   Vulnerabilities on nginx           nginx/1.2.3
Not particularly helping towards security is, re: http://sameid.net/ip/91.202.63.43/
IP badness history: https://www.virustotal.com/nl/ip-address/91.202.63.43/information/
for instance see: http://mobile.urlquery.net/report.php?id=1412192769687

Multiple XSS vulnerabilities: http://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-142898/PHP-PHP-5.4.6.html

var formUrl = '/get_access/?ajax=1';   nested Objects arrays vulnerable to SQL injection.

Google browser difference: Not identical

Google: 38471 bytes       Firefox: 35408 bytes
Diff:         3063 bytes

First difference:
"/media/1/6/82/14/143/14363332.png" alt="" height="270"> </div> <a href="/?q=%d0%a2%d0%b0%d0%b9%d0%bd%d0%b0+%d0%bf%d0%b5%d1%80%d0%b5%d0%b2%d0%b0%d0%bb

External link from code blocked by avast! Webshield as with URL:Mal -> htxp://ddbfii1ue.lichniy.pp.ua/js
see: http://jsunpack.jeek.org/?report=4586bdbd3b78d6524bd85e4185cfd8c310da27d3

This test for site returned 9 Not So Happy Findings for HTTP Header Security: https://securityheaders.com/test-http-headers.php

DNS check:
Delegation failed: http://dnscheck.pingdom.com/?domain=ddbfii1ue.lichniy.pp.ua&timestam
Only no errors for main domain: http://dnscheck.pingdom.com/?domain=pp.ua&timestamp=1412271135&view=1

Registration not dosclosed  :o -> http://whois.domaintools.com/lichniy.pp.ua
Sponsoring Registrar:ФОП Сєдінкін О.В. (thehost-mnt-cunic)
SEDINKIN ALEKSANDR VALERIEVICH currently owns 2858 domain names

Good avast! blocks this site.

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!