Still being given as infested here to-day: Up(nil): unknown_html_RFI_shell ARIN US arin-contact at google.com 173.194.70.121 to 173.194.70.121 bagas31 dot com htxp://www.bagas31.com/search/label/windows
Given as clean here: http://urlquery.net/report.php?id=8226912 & http://evuln.com/tools/malware-scanner/bagas31.com/
Quttera’s flags 2 suspicious files:
/search/label/Anti%20Virus
Severity: Suspicious
Reason: Detected hidden reference to external web resource.
Details: Detected hidden iframe tag to ‘jcdc.gov.jm’ → htxp://www.jcdc.gov.jm/uploads/firefox.exe is in Dr.Web malicious sites list!
Offset: 71333
Threat dump: View code
File size[byte]: 214687
File type: ASCII
MD5: B1043836EA6DEBB47777BFF129F9B283
Scan duration[sec]: 0.569000
/search/label/Security?max-results=4
Severity: Suspicious
Reason: Detected hidden reference to external web resource. [What’s this?]
Details: Detected hidden iframe tag to ‘jcdc.gov.jm’ → htxp://www.jcdc.gov.jm/uploads/firefox.exe is in Dr.Web malicious sites list!
External link blocked → htxp://s50.sitemeter.com/stats.asp?site=s50bagas31
also blocked is → https://safelinking.net/d/6cddcfab0a
This link cannot be resolved → htxp://on.fb.me/ibpqkb
Offset: 45332
Threat dump: View code
File size[byte]: 130449
File type: ASCII
MD5: 17E54702BA2CEBED0DF23B41747FB764
Scan duration[sec]: 0.419000
Active and live malcode on IP: http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=173.194.74.%
→ recent reports: http://urlquery.net/report.php?id=3644958
IDS alert for ETPRO WEB_CLIENT Microsoft Internet Explorer remote code execution via option element - Mobile malware rule
polonuis