Outdated WP plug-in software and counter malcode on Russian website!

polonus · 2015-10-21T14:13:30.000Z

See: http://urlquery.net/report.php?id=1445435832773
Fortinet alerts twice for counter malware.
66% of the trackers on website are insecurely sent.
Like id-tracking by -VKontakte, -w.uptolike.com, -0.gravatar.com , -Automattic, -Automattic, -Google & -LiveInternet.
Outdated WordPress plug-in software detected: featured-posts-grid 1.3 latest release (1.7) Update required
-http://chasepettit.com
SPOF check: Possible Frontend SPOF from:

-vk.com - Whitelist
(76%) -

Badtrackers and counter tracking all blocked by Disconnect for me inside the Google Chrome browser!
website Netcraft risk status: http://toolbar.netcraft.com/site_report?url=http://webrecepty.info

AOS allows the Web Analysis scripts there ??? Consider: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwebrecepty.info
Going here is insecure by default qua tracking -https://feedburner.google.com/fb/a/myfeeds?gsessionid=ebfUTvmfKM88-P_0ioLWBA

polonus (volunteer website security analyst and website error-hunter)

polonus · 2015-10-21T15:06:18.000Z

Website has outdated PHP code: PHP Version: 5.3.29 (Outdated)
Quttera detects a potentially suspicious file on that site: /pageear/pageear.js
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Too low entropy detected in string [[‘C%FFFFFFC1%FFFFFF83%FFFFFFE0%FFFFFF81%FFFFFF83l%FFFFFFC1%FFFFFFAC%FFFFFFE0%FFFFFF81%FFFFFFACo%FFFFFF’]] of length 230 which may point to obfuscation or shellcode.
Threat dump: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwebrecepty.info%2Fpageear%2Fpageear.js
Threat dump MD5: 81C8E301F48970801439DD362107F360
File size[byte]: 8436
File type: ASCII
Page/File MD5: 04532F5049858F56D80C6CD6AA9FDA8F
Scan duration[sec]: 0.090000

Request see: /pageear/pageear_s.swf?pagearSmallImg=-http%3A//webrecepty.info/pageear/pageear_s.jpg&pagearBigImg=http%3A//webrecepty.info/pageear/pageear_b.jpg&pageearColor=ffffff&jumpTo=http%3A//webrecepty.info/kuplju-vashi-recepty/&openLink=new&mirror=true&copyright=Webpicasso%20Media%2C%20www.webpicasso.de&speedSmall=1&openOnLoad=3&closeOnLoad=3&setDirection=rt&softFadeIn=1&playSound=false&playOpenSound=false&playCloseSound=false&closeOnClick=false&closeOnClickText=Close&lcKey=0.5864989017332484&bigWidth=297&thumbWidth=85 HTTP/1.1
Host: webrecepty.info
IP malcode history: https://www.virustotal.com/nl/ip-address/46.30.40.95/information/

polonus

Announcements