Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=2010camaro.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://2010camaro.org/ | 200 OK Content-Length: 16728 Content-Type: text/html | clean |
http://2010camaro.org/wp-content/themes/iblog/dbx.js | 200 OK Content-Length: 18991 Content-Type: application/javascript | clean |
http://2010camaro.org/wp-content/themes/iblog/dbx-key.js | 200 OK Content-Length: 1534 Content-Type: application/javascript | clean |
http://we-faw.cz.cc/media.js | HTTP/1.1 302 Found Connection: close Date: Fri, 10 Oct 2014 01:09:11 GMT Location: http://p.r.im Server: Apache/2.4.6 (Linux/SUSE) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 | clean |
http://p.r.im/ | 200 OK Content-Length: 4122 Content-Type: text/html | clean |
http://p.r.im/js/ignition-current.min.js | 200 OK Content-Length: 145668 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) "object"!==typeof JSON&&(JSON={}); (function(){function e(f){return 10>f?"0"+f:f}function f(f){s.lastIndex=0;return s.test(f)?'"'+f.replace(s,function(f){var e=j[f];return"string"===typeof e?e:"\\u"+("0000"+f.charCodeAt(0).toString(16)).slice(-4)})+'"':'"'+f+'"'}function p(e,j){var l,B,q,s,Z=t,L,x=j[e];x&&("object"===typeof x&&"function"===typeof x.toJSON)&&(x=x.toJSON(e));"function"===typeof m&&(x=m.call(j,e,x));switch(typeof x){case "string":retur $.each(f,function(e,f){p(f)});e.empty()}})};window.IgnitionInstance=e;$("#lr-widget").each(function(){var f={};$(this).attr("rel")?f.site_id=$(this).attr("rel"):f.domain=window.location.hostname;$(this).attr("data-unlaunched")&&(f.useUnlaunchedInfo=!0);var j=new e($(this),f);j.initLive(function(){window.lrInitCallback&&window.lrInitCallback(j,this)});window.lrIgnition=j})})}(); Antivirus reports:
| ||
http://we-faw.cz.cc/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 10 Oct 2014 01:09:13 GMT Location: http://p.r.im Server: Apache/2.4.6 (Linux/SUSE) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 | clean |
http://p.r.im/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://nw-cpm.cz.cc/media.js | HTTP/1.1 302 Found Connection: close Date: Fri, 10 Oct 2014 01:09:14 GMT Location: http://p.r.im Server: Apache/2.4.6 (Linux/SUSE) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 | clean |
http://news-cmps.cz.cc/media.js | HTTP/1.1 302 Found Connection: close Date: Fri, 10 Oct 2014 01:09:14 GMT Location: http://p.r.im Server: Apache/2.4.6 (Linux/SUSE) Content-Length: 281 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 2010camaro.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 01:10:39 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
X-Pingback: http://2010camaro.org/xmlrpc.php
GET / HTTP/1.1
Host: 2010camaro.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 01:10:39 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
X-Pingback: http://2010camaro.org/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: 2010camaro.org
Referer: http://www.google.com/search?q=2010camaro.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 2010camaro.org
Referer: http://www.google.com/search?q=2010camaro.org
Result:
The result is similar to the first query. There are no suspicious redirects found.