See: SE visitors redirects on https://www.virustotal.com/nl/url/f6a1baa41d9e0da561319e6c67a9e408466590ba10176c768e89dc75d8983d
4d/analysis/1427802697/ where detection is missed!
Visitors from search engines are redirected
to: hxtp://www.naver.com *
3 sites infected with redirects to this URL
- see basic report for naver dot com domain: https://rateip.com/domain/naver.com
See attached → http://quttera.com/detailed_report/nagoyajochi.net
IP mitigated since Febr. 24 2015
ISSUE DETECTED DEFINITION VULNERABLE HEADER
Outdated Web Server Apache Found Vulnerabilities on Apache 2.4 Apache/2.4.7
Site doesn’t have a title / domain on smtp .secureserver .net
DNS report with various warnings: http://www.dnsinspect.com/nagoyajochi.net/1427803513
MX records duplicates for MAIL - so domain may not longer resolve.
Nameservers are on the same Class C IP range. This is very bad if you want to be found in the case of outage, or even worst, problems! → http://www.dnsqueries.com/en/domain_check.php
All the IPs of your MX records have PTR entries, meaning it is possible to know their hostnames from the IP address. Many mailservers, accordingly to RFC1912 2.1, will not accept mail from mailservers with no PTR (reverse DNS) entry. The reverse DNS entries are
smtp.secureserver.net. → 68.178.213.203 → p3plibsmtp03-v01.prod.phx3.secureserver.net
mailstore1.secureserver.net. → 68.178.213.37 → p3plibsmtp02-v01.prod.phx3.secureserver.net
There is one or more CNAMEs record pointing to www.nagoyajochi.net… This can cause extra bandwidth usage since the resolution of www.nagoyajochi.net. is done in multiple steps. However this is only a warning!
polonus