Conditional redirect or SEO spam?

polonus · July 25, 2014, 8:57pm

Site vulnerable: System Details:
Running on: Apache/2.2.22
System info: (Debian)
Powered by: ASP.NET
Outdated Web Server Apache Found: Apache/2.2.22
Flagged: http://killmalware.com/westvillerecleague.net/#

Some things can be verified in the Cookiepedia: http://cookiepedia.co.uk/host/ct1.addthis.com

ASP.Net issues flagged by asafaweb scanner: https://asafaweb.com/Scan?Url=westvillerecleague.net
Custom errors:Fail is a serious issue, also excessive headers warning Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319

and clickjacking & http-only cookies warning as general insecurity warnings.

So site fell victim to this SE redirect campaign (1275 sites): http://evuln.com/labs/redirect/leaguelineup.com/

polonus

Secondmineboy · July 26, 2014, 1:31pm

polonus · July 26, 2014, 1:41pm

redirect uri still there, see attached, confirmed here: http://maldb.com/westvillerecleague.net/
report created less than minute ago

pol

Announcements