Malicious site undetected?

See: http://zulu.zscaler.com/submission/show/097083d18a7c649caa376f6219d53ce4-1385738777
See: https://www.virustotal.com/nl/url/f88a1ab2fd579835d07fe08da5c4e1ba6d98fe6f21053b151359ea8b75f61854/analysis/1385738625/

Missed: http://quttera.com/detailed_report/sportstvasia.com & http://evuln.com/tools/malware-scanner/sportstvasia.com/
Unable to properly scan your site. Site returning error (40x): HTTP/1.1 404 Not Found
Fortinet flags as Fortinet JS/.BBDZ!tr
Safe virus viewer report: http://support.clean-mx.de/clean-mx/view_virusescontent.php?url=http%3A%2F%2Fsportstvasia.com%2F

Recent finds SimpleTDS go.php IDS on same IP,

pol

This site is not being blocked either: http://maldb.com/usse-sarl.com/
and http://evuln.com/tools/malware-scanner/usse-sarl.com/
completely missed: https://www.virustotal.com/nl/url/48ad7d3a2da0df384917d3aee46e54cc395f693b3083b5859e1c2b1eb6f10be5/analysis/1385741516/
see: http://jsunpack.jeek.org/?report=f5899924431796deb7ea36939b73cf2cfcabd950
Joomla update required: http://sitecheck.sucuri.net/results/usse-sarl.com
Joomla Version 1.5.18 - 1.5.26 for: htxp://usse-sarl.com/media/system/js/caption.js
Joomla Version 1.5.18 to 1.5.26 for: htxp://usse-sarl.com/language/en-GB/en-GB.ini
Joomla version outdated: Upgrade required.
Not been detected here: http://zulu.zscaler.com/submission/show/73824bbd262bd2ab877344ac739f4792-1385741707
nor here: http://urlquery.net/report.php?id=8061114

The chain of redirects found:
to: htxp://yahoo.com
Redirect to this URL found in 3823 sites
to: htxp://www.bolltec.com/media/jce/mediaplayer/license.php
Redirect to this URL found in 1672 sites
to: httx://www.haphuongfoundation.net/vietnam/language/pdf_fonts/www/all2.php
Redirect to this URL found in 4880 sites
Also see: http://evuln.com/tools/malware-scanner/usse-sarl.com/

Consider also: http://sameid.net/ip/217.160.236.94/

polonus

Your first post … site is dead :wink: http://www.downforeveryoneorjustme.com/http://sportstvasia.com/

Hi Pondus,

That was a rather complicated way to arrive at that conclusion of the site status as “down for everyone and me”.
At least at the time this was still up and active the threat was being flagged.
How many suspicious scanned website results did we encounter here on the forums, Pondus?
We can almost sniff them out, so to say,
Again thanks for your continuing assistance,

polonus