Suspicious website blacklisted by Yandex.

Viruses and worms
1

Re: http://killmalware.com/forum.4x4kam.ru/#
Suspicious"http://zulu.zscaler.com/submission/show/22fc671809671a84cc4708eddbc65f74-1423350853
System Details:
Running on: nginx/1.4.1
Powered by: PHP/5.2.11
Outdated Web Server Nginx Found: nginx/1.4.1
Blacklisted and contains an exploit according to Yandex: http://www.yandex.com/infected?url=forum.4x4kam.ru&l10n=en
Blacklisted by Quttera’s List of blacklisted external links: 100 and blacklisted domain: forum.4x4kam.ru
Suspicious code: info: [script] -mc.yandex.ru/metrika/watch.js
info: [img] -mc.yandex.ru/watch/10487221
info: [decodingLevel=0] found JavaScript
suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes
error: line:3: SyntaxError: missing = in XML attribute:
error: line:3:
error: line:3: …^

IP.Board - Bulletin Board System

403: IP.Board -> Forbidden

You have reached this page in error, please use your back button to return to the forum.
IP.Board line:147: SyntaxError: missing ; before statement: error: line:147: ipb.templates['popup'] = "x"; error: line:147: ..................................................^ error: line:3: SyntaxError: missing = in XML attribute: error: line:3: error: line:3: ..............^ file: f93b4cf25e28f98c50a5589539b556a73e52d7c1: 80385 bytes This comprehensive website check reports most malware and / or spam in real-time.

Bad web rep: https://www.mywot.com/en/scorecard/forum.4x4kam.ru?utm_source=addon&utm_content=contextmenu

polonus

2

html scan
https://www.virustotal.com/en/file/b3a10d6a63394812e5b47e0b2a193bc4006d4f0e8b142e8014df8545fec1b3cc/analysis/1423352195/

3

Yep, my good friend Pondus, I have seen that as well and it made me wonder…
But zulu zscaler scan is clear about this site, with this external link also flagged by Sucuri’s as with vulnerable server software:
http://sitecheck.sucuri.net/results/zulu.zscaler.com
And this latter site has exploitable phusion: http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/
and outdated server software as such: outdated Web Server Apache Found: Apache/2.2.14
Some work to be done security wise that is there ;D

polonus