Scanned pages/files
| Request | Server response | Status |
http://cib.uab.ae/ | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/ Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/ | 200 OK Content-Length: 37885 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var theForm = document.forms['LoginForm']; if (!theForm) { theForm = document.LoginForm; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit || (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } Antivirus reports:
| ||
https://cib.uab.ae/colorbox/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: application/x-javascript | clean |
http://cib.uab.ae/colorbox/jquery.colorbox.js | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/colorbox/jquery.colorbox.js Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/colorbox/jquery.colorbox.js | 200 OK Content-Length: 27813 Content-Type: application/x-javascript | clean |
http://cib.uab.ae/WebResource.axd?d=GthhHYEMq5LJt2BFlhuAvQ2&t=634652491236316025 | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/WebResource.axd?d=GthhHYEMq5LJt2BFlhuAvQ2&t=634652491236316025 Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/webresource.axd?d=gthhhyemq5ljt2bflhuavq2&t=634652491236316025 | 200 OK Content-Length: 500 Content-Type: text/html | clean |
http://cib.uab.ae/test404page.js | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/test404page.js Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/test404page.js | 200 OK Content-Length: 500 Content-Type: text/html | clean |
http://cib.uab.ae/WebResource.axd?d=EDEM4jy1_kGBEcXy_7c6jw2&t=634652491236316025 | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/WebResource.axd?d=EDEM4jy1_kGBEcXy_7c6jw2&t=634652491236316025 Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/webresource.axd?d=edem4jy1_kgbecxy_7c6jw2&t=634652491236316025 | 200 OK Content-Length: 500 Content-Type: text/html | clean |
http://cib.uab.ae/WebResource.axd?d=LBnwbsgjjkyE1cFFWsHGXnUpWNreTKferAqfxBsdeC7aDp8a8NblzKWlenhTFIzajz1eQtt1lEtQOL38fKPQj3GaLFRu_zdnEgWOomO1AQA1&t=633050678440000000 | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/WebResource.axd?d=LBnwbsgjjkyE1cFFWsHGXnUpWNreTKferAqfxBsdeC7aDp8a8NblzKWlenhTFIzajz1eQtt1lEtQOL38fKPQj3GaLFRu_zdnEgWOomO1AQA1&t=633050678440000000 Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/webresource.axd?d=lbnwbsgjjkye1cffwshgxnupwnretkferaqfxbsdec7adp8a8nblzkwlenhtfizajz1eqtt1letqol38fkpqj3galfru_zdnegwoomo1aqa1&t=633050678440000000 | 200 OK Content-Length: 500 Content-Type: text/html | clean |
http://cib.uab.ae/WebResource.axd?d=LBnwbsgjjkyE1cFFWsHGXnUpWNreTKferAqfxBsdeC7aDp8a8NblzKWlenhTFIzanjKilvceSpG9lqCRvwzB6aYVjmi-9T5Ot18EqeuzIcI1&t=633050678440000000 | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/WebResource.axd?d=LBnwbsgjjkyE1cFFWsHGXnUpWNreTKferAqfxBsdeC7aDp8a8NblzKWlenhTFIzanjKilvceSpG9lqCRvwzB6aYVjmi-9T5Ot18EqeuzIcI1&t=633050678440000000 Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/webresource.axd?d=lbnwbsgjjkye1cffwshgxnupwnretkferaqfxbsdec7adp8a8nblzkwlenhtfizanjkilvcespg9lqcrvwzb6ayvjmi-9t5ot18eqeuzici1&t=633050678440000000 | 200 OK Content-Length: 500 Content-Type: text/html | clean |
http://cib.uab.ae/WebResource.axd?d=LBnwbsgjjkyE1cFFWsHGXnUpWNreTKferAqfxBsdeC7vjHZ3DzsDLRP1c44Ul3-dUees_W1UUTm7rEWeoNFa77ypCH6SAkK1zotZW9FdO3g1&t=633050678440000000 | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/WebResource.axd?d=LBnwbsgjjkyE1cFFWsHGXnUpWNreTKferAqfxBsdeC7vjHZ3DzsDLRP1c44Ul3-dUees_W1UUTm7rEWeoNFa77ypCH6SAkK1zotZW9FdO3g1&t=633050678440000000 Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/webresource.axd?d=lbnwbsgjjkye1cffwshgxnupwnretkferaqfxbsdec7vjhz3dzsdlrp1c44ul3-duees_w1uutm7reweonfa77ypch6sakk1zotzw9fdo3g1&t=633050678440000000 | 200 OK Content-Length: 500 Content-Type: text/html | clean |
http://cib.uab.ae/WebResource.axd?d=LBnwbsgjjkyE1cFFWsHGXnUpWNreTKferAqfxBsdeC7vjHZ3DzsDLRP1c44Ul3-dUees_W1UUTm7rEWeoNFa79LtsIbhyr7ywlmGjTCoAyY1&t=633050678440000000 | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://cib.uab.ae/WebResource.axd?d=LBnwbsgjjkyE1cFFWsHGXnUpWNreTKferAqfxBsdeC7vjHZ3DzsDLRP1c44Ul3-dUees_W1UUTm7rEWeoNFa79LtsIbhyr7ywlmGjTCoAyY1&t=633050678440000000 Server: BigIP Content-Length: 0 | clean |
https://cib.uab.ae/webresource.axd?d=lbnwbsgjjkye1cffwshgxnupwnretkferaqfxbsdec7vjhz3dzsdlrp1c44ul3-duees_w1uutm7reweonfa79ltsibhyr7ywlmgjtcoayy1&t=633050678440000000 | 200 OK Content-Length: 500 Content-Type: text/html | clean |
https://seal.thawte.com/getthawteseal?host_name=cib.uab.ae&size=S&lang=en | 200 OK Content-Length: 3026 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cib.uab.ae
Result:
HTTP/1.1 302 Found
Connection: Keep-Alive
Location: https://cib.uab.ae/
Server: BigIP
Content-Length: 0
...0 bytes of data.
GET / HTTP/1.1
Host: cib.uab.ae
Result:
HTTP/1.1 302 Found
Connection: Keep-Alive
Location: https://cib.uab.ae/
Server: BigIP
Content-Length: 0
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cib.uab.ae
Referer: http://www.google.com/search?q=cib.uab.ae
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cib.uab.ae
Referer: http://www.google.com/search?q=cib.uab.ae
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cib.uab.ae
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cib.uab.ae/
Result: cib.uab.ae is not infected or malware details are not published yet.
Result: cib.uab.ae is not infected or malware details are not published yet.