Suspicious website - mal-content removed?

See: http://killmalware.com/getsapp.ru/#
4 instances of malware were flagged in historical reports here: https://urlquery.net/report.php?id=1438891133927
with external links to -pix-001.tizerbank.com (Avast detects there: https://www.virustotal.com/nl/file/01d97f388e5e9af4b3dcc027a60ccb6d96ed93c97abd6484e26b7b72d8dd0d79/analysis/ )
See this report: http://webcookies.org/cookies/pix-001.tizerbank.com/2177609/ see the HTTP security related header report there! This website sets permissive cross-domain policy, see how this can be abused!
Adguard, ABP and uBlock Origin block this destination.
Various exploits known for uServ/3.2.2.
Malicious file: stat/dspixel.js?ab=uc&cl=
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain pix-00.tizerbank.com
File size[byte]: 346
File type: ASCII
Page/File MD5: 646469DFD960604E3FAF94C757A94A26
Scan duration[sec]: 0.041000
Blacklisted = htxp://pix-00.tizerbank.com/pixel/tz/6yt9k? URL cannot be fetched…invalid index Bitdefender TrafficLight blocks main site: htxp://pix-00.tizerbank.com-> http://toolbar.netcraft.com/site_report?url=http://pix-00.tizerbank.com
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fgetsapp.ru%2Findex%2F3

HTTP headers: 

HTTP/1.1 404 Not Found
Content-Type: text
Access-Control-Allow-Origin: *
Content-Length: 13 

→ Dutch Leaseweb hosted: http://toolbar.netcraft.com/site_report?url=http://37.48.111.104
Netcraft Website Security Risk 9 red out of 10. Potentially risky methods: PUT proxy-authentication on
OpenSSH 6.6.1p1 Ubuntu 2ubuntu2 (Ubuntu Linux; protocol 2.0 (Netcraft returns unknown).

polonus (volunteer website security analyst and website error-hunter)

no detection from McAfee now or any other
https://www.virustotal.com/nb/file/19b431e446be9ac63bf6f2948361d89bfc50c746bb90f809923de8d8ed09d7c3/analysis/1438968293/
https://www.virustotal.com/nb/file/923863d0bda61f13e98c047a370383394e773a682e17ec6f7c947ab1aa4938e5/analysis/1438968410/

seems those AV detections reported at Killmalware are old cached results

Hi Pondus,

I always check the scan results for the most recent update and against other scans.
It is the only scanner that provides defacement on website detection and SEO redirections for that matter.
When accurate detection Sucuri is found to miss most of such detections, Quttera’s is known to detect more.
Website Security Check finds defacements but often flags them as kind of spam.
All of the above are not reported by VT. As I also report malicious and suspicious websites at WOT
they have some, but also do not flag malicious defacements.

polonus