See: http://malwareurls.joxeankoret.com/grayarea.txt
polonus
See: http://malwareurls.joxeankoret.com/grayarea.txt
polonus
Hi Pondus,
Well all given there have some issues: http://toolbar.netcraft.com/site_report/?url=http%3A%2F%2Fallseasship.com%2F (Netcraft Risk - 1 red out of 10.
Name-server version exposed: http://www.dnsinspect.com/allseasship.com/1427317100
Unable to properly scan website. Over 400 domains on one and the same IP address.
IP badness history: https://www.virustotal.com/en/ip-address/121.241.242.38/information/
Spam report: http://knujon.com/ips/121.241.242.38.html & also here: http://www.projecthoneypot.org/ip_121.241.242.38 (host = relay22.mailserve dot net)
Anonymous FTP login via Pure-FTPd - QuantumLink Communications Pvt. Ltd.
→ https://www.mywot.com/en/scorecard/qlc.co.in?utm_source=addon&utm_content=popup
errors on the https link - Services on the Server are under Survelliance.
polonus
Another one with exploitable code ‘wp-includes/js/wp-ajax-response.js’ => ‘316dc6a88af5010df7bee09c481950e8’, → http://www.backgroundtask.eu/Systeemtaken/taakinfo/113396/wp-ajax-response.js/316DC6A88AF5010DF7BEE09C481950E8/ (toggle for english version)
Nothing here: https://www.virustotal.com/en/url/72af6ed4c90389ce0caed551186f379811dc8e6024e91f58be087bea8653d72f/analysis/
Not given here either: http://sitecheck.sucuri.net/results/www.elmar-bhp.pl
Checked via these resources → https://github.com/philipjohn/exploit-scanner-hashes/blob/master/hashes-4.0.php
Again where Sucuri fails to-day, Quttera detects: /wp-content/themes/jupiter/js/min/scripts-vendors-ck.js?ver=4.1.1
Severity: Malicious
Reason: Detected encoded JavaScript code commonly used to hide malicious behaviour.
Details: Malicious obfuscated JavaScript threat
Offset: 98870
Threat dump: htxp://linkeddata.informatik.hu-berlin.de/uridbg/index.php?url=http%3A%2F%2Fwww.elmar-bhp.pl%2F%2Fwp-content%2Fthemes%2Fjupiter%2Fjs%2Fmin%2Fscripts-vendors-ck.js%3Fver%3D4.1.1&useragentheader=&acceptheader=
Threat dump MD5: 6E37D1335AC6577626BD773B0CDB63D8
File size[byte]: 448233
File type: ASCII
Page/File MD5: C4E0C198295ED447F17FA4B2BB8E74E9
Scan duration[sec]: 4.185000
Same file as we pointed at earlier has Wordpress Version 3.8
polonus