Zscaler misses the conditional redirect here: http://zulu.zscaler.com/submission/show/eca6f4a4e763c39f0a6c2db930b2d46b-1396387424
But sucuri gives the warning: http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fxn--k5caa.com%2F
and http://sucuri.net/malware/entry/MW:HTA:7
See: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fxn--k5caa.com%2F&useragent=Fetch+useragent&accept_encoding=
Quttera also flags the suspicious redirect: index
Severity: Suspicious
Reason: Detected suspicious redirection to external web resources at HTTP level.
Details: Detected HTTP redirection to htxp://dietprescriptioninc.net/. About that campaign: http://evuln.com/labs/dietprescriptioninc.net/
→ http://domain-kb.com/www/dietprescriptioninc.net
DNS check - errors and warnings: http://dnscheck.pingdom.com/?domain=dietprescriptioninc.net+×tamp=1396388156&view=1
File size[byte]: 18446744073709551615
File type: Unknown
Malware history for IP: http://support.clean-mx.de/clean-mx/viruses.php?ip=46.235.44.82&sort=id%20desc
Nothing here: http://urlquery.net/report.php?id=1396388315497
MD5: 00000000000000000000000000000000
Scan duration[sec]: 0.001000
kraken’s Virus Tracker comes up with the following status: xn–k5caa dot com,46.235.44.82,ns3.webreus dot nl,Criminals,
this means that site has active malware up.
Hoster webreus dot nl had malware infections recently and server abuse:
http://webwereld.nl/datacenter/54341-sidn-roept-hoster-webreus-op-het-matje (link article author - webwereld editors)
polonus