Hi
Report for this site: Norton Safe Web gives it as clean: sonsofanarchyforever.com/forum/index.php
Web server details
Scan for: htxp://sonsofanarchyforever.com/forum/index.php
Hostname: sonsofanarchyforever.com
IP Address: 97.74.215.38 (p3nlh199.shr.prod.phx3.secureserver.net)
Date: 29-05-2010 06:51
Running on: Apache
Remote Javascript included: htxp://holasionweb.com/oo.php
Local or adserver Javascript included: ./styles/prosilver_sesons/template/styleswitcher.js
Local or adserver Javascript included: ./styles/prosilver_sesons/template/forum_fn.js
Local or adserver Javascript included: ./styles/prosilver_sesons/theme/jquery-1.3.2.js
Local or adserver Javascript included: ./styles/prosilver_sesons/theme/images/loader.gif
holasionweb is suspicious and maybe malicious: the last time suspicious content was found on this site was on 2010-05-20.
Malicious software includes 109 scripting exploit(s), 1 trojan(s).
This site was hosted on 3 network(s) including AS50108 (KALUGANET), AS16276 (OVH), AS2588 (LATNETSERVISS).
Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, holasionweb.com appeared to function as an intermediary for the infection of 3 site(s) including ffl.org/, cosmicbooknews.com/, 365dailynews.com/.
Has this site hosted malware?
Yes, this site has hosted malicious software over the past 90 days. It infected 35 domain(s), including moomha.com/, venciclopedia.com/, pattonwebz.com/, WOT flags it as a malware distribution site: http://www.mywot.com/en/scorecard/holasionweb.com
Malware there: http://tintation.com/2010/05/13/remove-holasionweb-com-virus-malware/
IFrame check:
No zeroiframes detected!
Check took 5.51 seconds
(Level: 0) Url checked:
htxp://sonsofanarchyforever.com/forum/index.php
Zeroiframes detected on this site: 0
No ad codes identified
(Level: 1) Url checked: (script source)
htxp://sonsofanarchyforever.com/forum/./styles/prosilver_sesons/template/styleswitcher.js
Zeroiframes detected on this site: 0
No ad codes identified
(Level: 1) Url checked: (script source)
htxp://sonsofanarchyforever.com/forum/./styles/prosilver_sesons/template/forum_fn.js
Zeroiframes detected on this site: 0
No ad codes identified
(Level: 1) Url checked: (script source)
htxp://sonsofanarchyforever.com/forum/./styles/prosilver_sesons/theme/jquery-1.3.2.js
Zeroiframes detected on this site: 0
No ad codes identified
(Level: 1) Url checked: (script source)
htxp://holasionweb.com/oo.php
Blank page / could not connect
No ad codes identified Could mean removed or a malicious redirect: http://www.simplemachines.org/community/index.php?topic=381265.0
polonus