See: Scan for: htxp://64.26.139.42
Hostname: 64.26.139.42
IP address: 64.26.139.42
System Details:
Running on: Zeus/4.3
Powered by: PHP/5.2.9-20090427
PHP error: Parse error : syntax error, unexpected T_LNUMBER in /magma/users/u71/sillwork/public_html/index.php on line 261
Yandex blacklisted site: http://www.yandex.com/infected?url=64.26.139.42&l10n=en
Redkit exploit code flagged: http://urlquery.net/report.php?id=1414384877266
malhost: Host: podilovy-fond dot eu
suspicion of Trojan.Script.Generic aka JS/Iframe.JE trojan - HTML:Iframe-BSP [Trj] (avast detection)
polonus
polonus
November 25, 2014, 2:07pm
2
This is a suspicious page
Result for 2014-11-25 13:59:58 UTC
Website: htxp://64.26.139.42
Checked URL: htxp://64.26.139.42/shopping_cart.php?PHPSESSID=1146700d26194a1d79f7745aa47 …
Trojans detected:
Object: htxp://64.26.139.42/shopping_cart.php?PHPSESSID=1146700d26194a1d79f7745aa47b562e
SHA1: 0526e9376cff75ffffc6f41907fd08edec54f62b
Name: TrojWare.HTML.iFrame.TWTR
See Recent Reports here: http://urlquery.net/report.php?id=1416924172341
See: https://www.virustotal.com/nl/url/65ab21872a78cd5e55db73e5f74427bfc531df81df3cde3f9f0770ed80ffb02a/analysis/1416924073/
Blacklisted: http://quttera.com/detailed_report/64.26.139.42 IP Badness: https://www.virustotal.com/nl/ip-address/64.26.139.42/information/
See: http://www.scumware.org/report/64.26.139.42.html & http://www.nictasoft.com/ace/malware-urls/16087119/
& http://www.malware.pl/report/64.26.139.42
pol