Another domain to look for in SQL injection attacks is dbrgf.ru, still calling script.js. Checking your proxy logs for ".ru/script.js" is a good idea at the moment.
It might also be worth checking for the string "google-analitycs" as the attacks redirect through a subdomain containing that mis-spelled phrase.
No comments:
Post a Comment