Hi,
Can you please check to see if there is a false positive on the following URL / Server:
http://www.want2race.co.uk / 185.17.181.14
We don’t seem to have issues with some of our other domains on the same server.
Thanks
The problem seems to be with cutwel-tools.co.uk
http://i.imgur.com/yTbMscF.png
Mcafee This link is suspicious
http://www.siteadvisor.com/sites/want2race.co.uk
ip in blacklist
http://www.ipvoid.com/scan/78.129.250.40/
http://support.clean-mx.de/clean-mx/viruses.php
it seems like"hxxp://want2race.co.uk/ebaca1bbdbc21f3da9e1cda26c0b83fb/q.php" blackhole exploit kit
can you confirm that this clean ?
Sorry, I’m not sure what this means?
The /q.php definitely doesn’t exist.
The IP Address on ipvoid is also wrong, the IP is:
Address lookup
canonical name want2race.co.uk.
aliases
addresses 185.17.181.14
I’ll check the McAfee thing and get that sorted.
Hello.
please
The URL was unblocked in update VPS 140426-0.
Hi 185.17.181.14 is not flagged at urlquery dot net → http://urlquery.net/report.php?id=1398521749908
Badness history of IP: https://www.virustotal.com/nl/ip-address/185.17.181.14/information/
When I scan the site I get a server redirect status: Code: 404, Content cannot be read!
Extensive header ifo spread: apache/2.2.25 (unix) mod_ssl/2.2.25 openssl/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 frontpage/5.0.2.2635
→ Unable to properly scan your site. Site returning error (40x): HTTP/1.1 404 Not Found
pol
Looks like it was not cleaned not is clean server
will remain blocked until you solve
Reporting for vírus analyst
This was the vulnerability that was exploited on mentioned site: http://security.stackexchange.com/questions/44705/is-requestid-vulnerable-to-sql-injection
info credits go to zer0fl4g, bobnince & HamZa,
I gave the vulnerable script as an attached image.
pol