See: http://zulu.zscaler.com/submission/show/ec59b2288b62d11c4ec37ac07693048e-1355005188
and
http://sitecheck.sucuri.net/results/clinicasdentalesvalrod.com/
What was the generic abuse? Domains that recently used CloudFlare?
polonus
See: http://zulu.zscaler.com/submission/show/ec59b2288b62d11c4ec37ac07693048e-1355005188
and
http://sitecheck.sucuri.net/results/clinicasdentalesvalrod.com/
What was the generic abuse? Domains that recently used CloudFlare?
polonus
The url in question http://clinicasdentalesvalrod.com/components/com_ag_google_analytics2/aicpataxcompl.html got 404 not found, It is just a parked domain.
Hi blakenz,
I also found that out, because of this: http://labs.sucuri.net/db/malware/web-site-disabled
But we wanted to know if the site became disabled because of abuse (security reasons) or payment reasons.
Malware had been active from that domain from 2012-12-08 02:02:46 to 2012-12-08 20:07:49
when the generic malware was probably a PHISH detection and is now dead!
Offensive action from that IP → “attacker congestion/support site, wXw.asflower.net/id.txt” (so-called “quiet” botnet attack)
asflower dot net had a history of unfixed XSS vulnerabilties, that apparentlywere being abused…
polonus