Hi scanning folks,

The scan site is still offline and only available via: htxp://91.213.203.142/
but cannot be used as the avast! Web Shield alerts on [quote}/…report.php?id=7014494|(gzip) as infested with HTML:Ifame-ZZ[Trj]
[/quote]
What apparently happened there?
Someone tried to log on with superuser rights and exploited /usr/bin/lft: Option ‘-T’ is not implemented in this wrapper
/usr/bin/lft: Option ‘-E’ is not implemented in this wrapper.
This to obtain DEBUG output created by Wget 1.12 on linux-gnu there.

Just because of the excessive response info from that server for:
System Details:
Running on: Apache/2.2.22
System info: (Ubuntu)
Powered by: PHP/5.4.6-1ubuntu1.1I
Furthermore…

It was discovered that PHP did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
References CVE-2013-4248

The website status now:

The Quttera scanner flags

/report.php?id=5918947
Severity: Suspicious
Reason: Detected encoded JavaScript code commonly used to hide suspicious behaviour.
Details: Malicious obfuscated JavaScript threat (failure: nonnumeric por)
Offset: 19350
Threat dump: see: http://jsunpack.jeek.org/?report=888941bf0e286929cd84b071151c2073a4b03c6c (view thesejsunpack results)
File size[byte]: 147666
File type: ASCII
MD5: CC073E10DD540A66A3A61EC487C81937
Scan duration[sec]: 0.487000 my remark in italics, pol

While reported as dead here: http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=91.213.203.%

[i]On quite another line:

I grossly miss the urlquery dot net scanner,
because it presents IDS alert results from Suricata’s and EmergingThreats,
and in this respect is rather unique and these IDS results are/were very helpful.

Is there another online scanner that comes up with such similar IDS threat alerts when uri scanning?[/i]

Damian