See: https://urlquery.net/report.php?id=1435522588936
See: https://www.virustotal.com/en-gb/url/453a67db037dcc707e28d3b583d11c13bbfc167b604e2a9e74dfaab643de7d9b/analysis/
See: http://killmalware.com/sushmagreenvista.com/#
Yandex, Quttera and Google Safe-browsing have detected malware on this site that may harm your computer or gain access to your personal informationWeb site defaced. Details: http://sucuri.net/malware/entry/MW:DEFACED:01
Hacked By Virus24 </titl
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fsushmagreenvista.com%2F
Number of sources found: 3
Number of sinks found: 14
polonus
Look what we stumbled upon here - from inside that hacked site: http://ajax.cloudflare.com/cdn-cgi/nexp/dok2v=919620257c/cloudflare.min.js"><‘+’//script>');%7D%7Dcatch(e)%7B%7D;
and then this -random example only: images/screenshots/css/scripts/ part of a phishing attack.
See e.g. randowm example: http://meadowcreekhighschool.org/wp-admin/images/screenshots/css/scripts/jquery-1.7.2.min.js
That was where the defacer landed as well on the defaced website (pol).
polonus
Damian,
I was just goofing around trying to find a malicious website last Thursday and I found one.
I got basically the same results. Now I wish I had saved them. I don’t even remember where or what
I was searching for. I learned from a very wise man to “right click” and use an add-on like “scan url with”
on Firefox or use copy/paste then run a virustotal scan. Then get the IP and go from there. I had fun
doing it. Now I wish I had saved the results. You would have had some more fun chasing down the
root of evil that lurked behind an innocent url.
Craig