Website only blacklisted or also with malware? 

polonus · 2015-04-30T11:17:28.000Z

See: http://killmalware.com/sprinthotspot.com/
See: https://www.virustotal.com/nl/url/797bcc24f011b60835cfb77fa5efff82ae1ea621653c1ccfd85035d394cf2177/analysis/#additional-info
See: index.html
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain wX1.sprinthotspot.com
File size[byte]: 1148
File type: HTML
Page/File MD5: E493DEA8771DA5E830352E5A694893BA
Scan duration[sec]: 0.048000

5 alerts for malware from Fortinet’s Filter: http://urlquery.net/report.php?id=1430392368251

Outdated software: Outdated Web Server Nginx Found: nginx/1.0.15

Included link: htxp://ww1.sprinthotspot.com/?fp=w7R%2BlBsw5Brdd61vRskWriLG8eWio77zBwUGUw8r6muSTEOyontp1SKyKZgSAuIBHsYBMc6dQSND1JEX3p%2BHvA%3D%3D&prvtof=ILCkpvump8PpsGzXE56mcstw2owoKMxxJ7LETtC7utPHqxMpCNnSDHQWYJgzzZcI&poru=%2Bo6sahXAHhumdzxOBn9SeXzm%2FjFEr%2Bw8tJRXQyVBLN2XaL9XyrqjWHaBBp%2BZah8K&
counter.yadro.ru malcode detected.

polonus

Pondus · 2015-04-30T16:31:48.000Z

Sucuri https://sitecheck.sucuri.net/results/sprinthotspot.com/

Malware entry: MW:HTA:7 http://labs.sucuri.net/db/malware/malware-entry-mwhta7

polonus · 2015-04-30T16:56:48.000Z

A description of the malware at hand: https://productforums.google.com/forum/#!topic/webmasters/fR-7w0R9lOg
This is a classic sign of a compromised website: https://raam.org/2013/cleaning-evalbase64_decode-from-a-hacked-wordpress-website-via-ssh/ link article author = Raam Dev - wp-config.php file compromised.

polonus

Pondus · 2015-05-01T10:30:40.000Z

F-Secure and Norman/BlueCoat added to URL blocker

Announcements