Scanned pages/files
| Request | Server response | Status |
http://buzzpress.tv/ | 200 OK Content-Length: 21646 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 style: hidden src: http://www.superfish.com/ws/userdata.jsp?dlsource=sfrvzr&userid=ntbcntbc&ver=14.09.12.01 <iframe src="http://www.superfish.com/ws/userdata.jsp?dlsource=sfrvzr&userid=ntbcntbc&ver=14.09.12.01" style="position: absolute; top: -100px; left: -100px; z-index: -10; border: none; visibility: hidden; width: 1px; height: 1px;"> Hidden iFrame found. size: 1x1 src: http://www.superfish.com/ws/sf_alive.jsp?dlsrc=sfrvzr&uid=ntbc2a1bbc9789c3216bntbc <iframe src="http://www.superfish.com/ws/sf_alive.jsp?dlsrc=sfrvzr&uid=ntbc2a1bbc9789c3216bntbc" style="position: absolute; top: -20px; left: -20px; width: 1px; height: 1px;" id="sfalive"> Deface/Content modification. The following signature was found: Hacked By mrfikou39 <html dir="rtl"><head>
<meta http-equiv="Content-Language" content="en-us"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>Hacked By mrfikou39 </title> <style> <!-- .style2 {color: #666666} --> </style> <script id="2A1BBC9789C3216B"></script><script type="text/javascript" src="http://www.superfish.com/ws/sf_preloader.jsp?dlsource=sfrvzr&partnername=VeriBrowse&userId=2A1BBC9789C3216B&CTID=rvzr5010_1021&ver=14.09.12.01"></script><script type="text/javascript" ...[22798 bytes skipped]... | ||
http://www.superfish.com/ws/sf_preloader.jsp?dlsource=sfrvzr&partnername=VeriBrowse&userId=2A1BBC9789C3216B&CTID=rvzr5010_1021&ver=14.09.12.01 | 200 OK Content-Length: 89027 Content-Type: text/javascript | clean |
http://www.superfish.com/ws/sf_code.jsp?dlsource=sfrvzr&partnername=VeriBrowse&userid=3f0acc7a-61cd-22b0-0ff5-08810454f233-eb8&CTID=rvzr5010_1021&ver=14.09.12.01 | 200 OK Content-Length: 215496 Content-Type: text/javascript | clean |
http://www.superfish.com/ws/slideup2/main.js?ver=14.09.12.01 | 200 OK Content-Length: 14273 Content-Type: application/x-javascript | clean |
http://www.superfish.com/ws/side_slider/main.js?ver=14.09.12.01 | 200 OK Content-Length: 11068 Content-Type: application/x-javascript | clean |
http://www.superfish.com/ws/js/base_single_icon.js?ver=14.09.12.01 | 200 OK Content-Length: 91507 Content-Type: application/x-javascript | clean |
http://i.vizejs.info/izer/javascript.js?channel=rvzr9500_1021_dz&appTitle=VeriBrowse&plink=luu.lightquartrate.com%2Fsd%2Fapps%2Fadinfo-1.1-p%2Findex.html%3Fbj1WZXJpQnJvd3NlJmg9ZmFkLmxpYmZhc3QuY29tJm89ZHAmYT05NTAwJnM9MTAyMSZjPWdyZWVuJnc9Y29sbGFiLnRoZXZpcmFsbmV0d29yay5jb20%3D | 200 OK Content-Length: 7339 Content-Type: application/x-javascript | clean |
http://i.vizejs.info/opt_content.js?v=opt_1409773010939&partner=izer&channel=izerrvzr9500_1021_dz&sset=8&appTitle=VeriBrowse&sset=8&ip=197.200.106.79 | 200 OK Content-Length: 300806 Content-Type: application/x-javascript | clean |
http://www.superfish.com/ws/sf_main.jsp?dlsource=sfrvzr&partnername=VeriBrowse&userId=2A1BBC9789C3216B&CTID=rvzr5010_1021 | 200 OK Content-Length: 12868 Content-Type: text/html | clean |
http://www.superfish.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sat, 20 Sep 2014 14:27:34 GMT Pragma: no-cache Location: http://wwws.superfish.com/test404page.js Server: nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-Cache-Status: MISS CF-RAY: 16ceb4597feb0291-SJC ClientCountry: LT Set-Cookie: __cfduid=d8948a71daf748ac0506f799eeb7fd1201411223253996; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/test404page.js | 404 Not Found Content-Length: 28298 Content-Type: text/html | clean |
http://wwws.superfish.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93661 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.cycle.all.min.js?ver=3.5.1 | 200 OK Content-Length: 31614 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.flexslider.js?ver=1.0 | 200 OK Content-Length: 41062 Content-Type: application/x-javascript | clean |
http://www.superfish.com//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sat, 20 Sep 2014 14:27:36 GMT Pragma: no-cache Location: http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ Server: nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-RAY: 16ceb46b12420291-SJC ClientCountry: LT Set-Cookie: __cfduid=dffa7b6f47217cefbc6dc7e9167f85bdf1411223256818; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ | 404 Not Found Content-Length: 28330 Content-Type: text/html | clean |
http://wwws.superfish.com//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sat, 20 Sep 2014 14:27:38 GMT Pragma: no-cache Location: http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ Server: cloudflare-nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-RAY: 16ceb4747ab00f51-FRA Set-Cookie: __cfduid=d5bc147ead1135043c2fee719ac234ff91411223258311; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.36.0-2013.06.16 | 200 OK Content-Length: 14510 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: buzzpress.tv
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Sep 2014 14:27:24 GMT
Accept-Ranges: bytes
ETag: "680155-548e-4f8b81fdb9dc0"
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Content-Length: 21646
Content-Type: text/html
Last-Modified: Tue, 06 May 2014 09:46:39 GMT
...21646 bytes of data.
GET / HTTP/1.1
Host: buzzpress.tv
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Sep 2014 14:27:24 GMT
Accept-Ranges: bytes
ETag: "680155-548e-4f8b81fdb9dc0"
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Content-Length: 21646
Content-Type: text/html
Last-Modified: Tue, 06 May 2014 09:46:39 GMT
...21646 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: buzzpress.tv
Referer: http://www.google.com/search?q=buzzpress.tv
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: buzzpress.tv
Referer: http://www.google.com/search?q=buzzpress.tv
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=buzzpress.tv
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://buzzpress.tv/
Result: buzzpress.tv is not infected or malware details are not published yet.
Result: buzzpress.tv is not infected or malware details are not published yet.