Scanned pages/files
| Request | Server response | Status |
http://hound.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 22 Jun 2014 09:55:07 GMT Location: http://www.hound.com/ Server: Apache Content-Length: 229 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: Coyote-2-4a78f871=c0a81e82:0; path=/ | clean |
http://www.hound.com/ | 200 OK Content-Length: 50240 Content-Type: text/html | clean |
http://assets.hound.com/script/general.js | 200 OK Content-Length: 19381 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function terms(a){window.open(a+"gjtos.php?popup=1","houndtos","height=600,width=500,toolbar=no,scrollbars=yes,top=50,left=100,resizable=no");return!1}function newwindow(a){window.open(a,"NewWindow","height=500,width=800,scrollbars=yes,toolbar=yes,menubar=yes,top=50,left=100,resizable=yes")}function cartoon(){window.open("http://"+window.location.hostname+"/omarchives.html","Cartoon","height=345,width=258,scrollbars=no,toolbar=no,menubar=no,top=50,left=100,resizable=no")} function summers(){wind Antivirus reports:
| ||
http://hound.com//ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 22 Jun 2014 09:55:10 GMT Location: http://www.hound.com/ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js/ Server: Apache Content-Length: 286 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: Coyote-2-4a78f871=c0a81eaf:0; path=/ | clean |
http://www.hound.com/ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js/ | 404 Not Found Content-Length: 37180 Content-Type: text/html | clean |
http://www.hound.com/script/general.js | 200 OK Content-Length: 19381 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function terms(a){window.open(a+"gjtos.php?popup=1","houndtos","height=600,width=500,toolbar=no,scrollbars=yes,top=50,left=100,resizable=no");return!1}function newwindow(a){window.open(a,"NewWindow","height=500,width=800,scrollbars=yes,toolbar=yes,menubar=yes,top=50,left=100,resizable=yes")}function cartoon(){window.open("http://"+window.location.hostname+"/omarchives.html","Cartoon","height=345,width=258,scrollbars=no,toolbar=no,menubar=no,top=50,left=100,resizable=no")} function summers(){wind Antivirus reports:
| ||
http://assets.hound.com/script/jquery.autocomplete.js | 200 OK Content-Length: 8874 Content-Type: application/x-javascript | clean |
http://assets.hound.com/script/popup.js | 200 OK Content-Length: 4091 Content-Type: application/x-javascript | clean |
http://www.googleadservices.com/pagead/conversion.js | 200 OK Content-Length: 9216 Content-Type: text/javascript | clean |
http://hound.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 22 Jun 2014 09:55:14 GMT Location: http://www.hound.com/test404page.js Server: Apache Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: Coyote-2-4a78f871=c0a81e82:0; path=/ | clean |
http://www.hound.com/test404page.js | 404 Not Found Content-Length: 37120 Content-Type: text/html | clean |
http://www.hound.com//ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js/ | 404 Not Found Content-Length: 37181 Content-Type: text/html | clean |
http://www.hound.com/gjtestimonial.php | 200 OK Content-Length: 52179 Content-Type: text/html | clean |
http://www.hound.com/gjreferal.php | 200 OK Content-Length: 33117 Content-Type: text/html | clean |
http://www.hound.com/gjforgotpass.php | 200 OK Content-Length: 34205 Content-Type: text/html | clean |
http://www.hound.com/gjvideo.php | 200 OK Content-Length: 23439 Content-Type: text/html | clean |
http://d23blu8u3585km.cloudfront.net/script/jquery.js | 200 OK Content-Length: 42887 Content-Type: application/x-javascript | clean |
http://www.hound.com/gjlogin.php | 200 OK Content-Length: 24267 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hound.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 22 Jun 2014 09:55:07 GMT
Location: http://www.hound.com/
Server: Apache
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: Coyote-2-4a78f871=c0a81e82:0; path=/
...229 bytes of data.
GET / HTTP/1.1
Host: hound.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 22 Jun 2014 09:55:07 GMT
Location: http://www.hound.com/
Server: Apache
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: Coyote-2-4a78f871=c0a81e82:0; path=/
...229 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hound.com
Referer: http://www.google.com/search?q=hound.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hound.com
Referer: http://www.google.com/search?q=hound.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hound.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hound.com/
Result: hound.com is not infected or malware details are not published yet.
Result: hound.com is not infected or malware details are not published yet.