Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.conceptinfra.com.br/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.conceptinfra.com.br Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 28 Sep 2014 10:25:33 GMT Location: http://tinyurl.com/cndvxfp Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.conceptinfra.com.br/ | 200 OK Content-Length: 51414 Content-Type: text/html | clean |
http://www.conceptinfra.com.br/cache/js-d41d8cd98f00b204e9800998ecf8427e.php | 200 OK Content-Length: 131851 Content-Type: application/x-javascript | clean |
http://www.conceptinfra.com.br/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://www.conceptinfra.com.br/plugins/system/rokbox/rokbox.js | 200 OK Content-Length: 22076 Content-Type: application/javascript | clean |
http://www.conceptinfra.com.br/plugins/system/rokbox/themes/light/rokbox-config.js | 200 OK Content-Length: 2598 Content-Type: application/javascript | clean |
http://www.conceptinfra.com.br/cache/js-b42eda50b80e2c48dbf9d9611d732a37.php | 200 OK Content-Length: 22896 Content-Type: application/x-javascript | clean |
http://www.conceptinfra.com.br/modules/mod_rokajaxsearch/js/rokajaxsearch.js | 200 OK Content-Length: 15933 Content-Type: application/javascript | clean |
http://www.google.com/jsapi?key=ABQIAAAAInSihsI_Oi4FC2SD-uElXxRHy2gFqsjPkDNdZ2BdwcIb_oNKxBThGCtCY_475sV8q0zjw0zqjcNjpA | 200 OK Content-Length: 24627 Content-Type: text/javascript | clean |
http://www.conceptinfra.com.br/modules/mod_rokfeaturetable/tmpl/js/rokfeaturetable.js | 200 OK Content-Length: 1054 Content-Type: application/javascript | clean |
http://www.conceptinfra.com.br/modules/mod_roktabs/tmpl/roktabs.js | 200 OK Content-Length: 6169 Content-Type: application/javascript | clean |
http://www.conceptinfra.com.br/modules/mod_rokstories/tmpl/js/rokstories.js | 200 OK Content-Length: 7410 Content-Type: application/javascript | clean |
http://www.conceptinfra.com.br/hosting.html | 200 OK Content-Length: 62273 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var rokboxPath = '/plugins/system/rokbox/';
window.addEvent('domready', function() { var modules = ['rt-block']; var header = ['h3','h2','h1']; GantryBuildSpans(modules, header); }); InputsExclusion.push('.content_vote','#rt-popup','#rt-popuplogin','#vmMainPage','#community-wrap') window.addEvent('domready', function() {new GantrySmartLoad({'offset': {'x': 200, 'y': 200}, 'placeholder': '/templates/rt_omnicron_j15/images/blank.gif', 'exclusion': ['ul 'limit': '10', 'perpage': '3', 'ordering': 'newest', 'phrase': 'any', 'hidedivs': '', 'includelink': 1, 'viewall': ' View all results', 'estimated': ' estimated', 'showestimated': 1, 'showpagination': 1, 'showcategory': 1, 'showreadmore': 1, 'showdescription': 1 }); }); google.load('search', '1.0', {nocss: true}); Antivirus reports:
| ||
http://www.conceptinfra.com.br/concept-facil.html | 200 OK Content-Length: 39079 Content-Type: text/html | clean |
http://www.conceptinfra.com.br/concept-mega.html | 200 OK Content-Length: 40008 Content-Type: text/html | clean |
http://www.conceptinfra.com.br/concept-turbo.html | 200 OK Content-Length: 40043 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=conceptinfra.com.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://conceptinfra.com.br/
Result: conceptinfra.com.br is not infected or malware details are not published yet.
Result: conceptinfra.com.br is not infected or malware details are not published yet.