See here: http://sitecheck.sucuri.net/results/goldcentre.ru and go to website details to see it redirects users to:http://www.google.com/images/url so to
Set-Cookie: GSID=31c8d28f1a2396284f32b691be92a850; expires=Tue, 01-Oct-2013 21:57:34 GMT; path=/; domain=goldcentre dot ru
Location: htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2
Note: This line has redirected the request to htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2
The location line in the header above has redirected the request to: htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2
( If this redirect is not what you expected it has to be cleared.) http://labs.sucuri.net/db/malware/malware-entry-mwhta7
http://sucuri.net Quttera gets Normalized URL:
-http://goldcentre.ru
Last scan date:
30-9-2013 23:41:05
Current status:
Unreachable
See: http://urlquery.net/report.php?id=6124380 (also IP history with ET TROJAN W32/Sality Executable Pack Digital Signature ASCII Marker IDS alert)
Malware closed or dead according to: http://support.clean-mx.de/clean-mx/viruses.php?ip=78.140.165.153&sort=id%20DESC
Any comments?
polonus