Site with
SE visitors redirects
Visitors from search engines are redirected
to: htxp://hecodat.de/zwmd.html?h=1320559
374 sites infected with redirects to this URL
See the conflicting scan results between Quttera’s and Scanner.pcrisk:
http://www.webpagescreenshot.info/img/5516bbac0515f9-87018918 Quttera scan results
http://www.webpagescreenshot.info/img/5516bb77644228-54441560 PCrisk scan results
Compare to VT scan results: https://www.virustotal.com/en/url/a800417363ad332a5735e8064e4ed22a487af8c7e980df090b73670d386873ae/analysis/#additional-info
Quttera: List of blacklisted external links: 29
List of referenced blacklisted domains/hosts: 2
nmsbaseball.com
heyy.net
Sucuri detects:
ISSUE DETECTED DEFINITION INFECTED URL
Website Malware MW:HTA:7 htxp://hecodat.de/zfpv.html?h=959172
Website Malware MW:HTA:7 htxp://hecodat.de/zfpv.html?h=959263
Website Malware MW:HTA:7 htxp://hecodat.de/zlfy.html?h=2599670
Domain detected on spam or phishing campaigns. Details: http://sucuri.net/malware/entry/MW:HTA:7
This specific URL was identified in malicious campaigns to disseminate malware.
General IP badness situation: https://www.virustotal.com/en/ip-address/82.165.96.199/information/
polonus