From c04ad609a91427dfa4719de09596e2ee7b115270 Mon Sep 17 00:00:00 2001
From: nnposter <nnposter@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 8 May 2025 16:55:07 +0000
Subject: [PATCH] Mitigate false-positives when Nmap files are getting scanned.
 Fix #3088

---
 scripts/http-malware-host.nse | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/http-malware-host.nse b/scripts/http-malware-host.nse
index f578b4a9e..32bfb3ffd 100644
--- a/scripts/http-malware-host.nse
+++ b/scripts/http-malware-host.nse
@@ -24,7 +24,7 @@ technique!
 -- |_ http-malware-host: Host appears to be clean
 -- 8080/tcp open  http-proxy syn-ack
 -- | http-malware-host:
--- |   Host appears to be infected (/ts/in.cgi?open2 redirects to http://last-another-life.ru:8080/index.php)
+-- |   Host appears to be infected (/ts/in.cgi?open2 redirects to http://evil-example.ru:8080/index.php)
 -- |_  See: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/
 --