Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://hudochlaser.se/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: hudochlaser.se Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Cache-Control: public, max-age=10800 Connection: close Date: Wed, 24 Sep 2014 00:15:23 GMT Location: http://www.daugavkrasts.lv/includes/domit/1.php Server: Apache/2.2.3 (CentOS) Content-Encoding: none Content-Length: 0 Content-Type: text/html Expires: Wed, 24 Sep 2014 03:15:23 GMT Last-Modified: Sat, 05 Mar 2011 20:40:00 GMT Set-Cookie: CMSSESSID3e0404bc=b69bfe50d78066381c539ed4d0297fc4; path=/ X-Powered-By: PleskLin | malicious |
Scanned pages/files
Request | Server response | Status |
http://hudochlaser.se/ | 200 OK Content-Length: 7037 Content-Type: text/html | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 145774 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso Antivirus reports:
| ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js | 200 OK Content-Length: 70843 Content-Type: text/javascript | clean |
http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.2.74.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 24 Sep 2014 00:15:27 GMT Via: 1.1 4270faf2ddda87dd57c4102c07d61fc7.cloudfront.net (CloudFront) Location: https://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.2.74.js Server: CloudFront Content-Length: 183 Content-Type: text/html X-Amz-Cf-Id: P8Kc79E7R95U5f6wOSHnRv6GZRGq5RgnYBbx__m9aXy2q15QbwEUpw== X-Cache: Redirect from cloudfront | clean |
https://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.2.74.js | 403 Forbidden Content-Length: 243 Content-Type: application/xml | clean |
http://cloud.github.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 24 Sep 2014 00:15:28 GMT Via: 1.1 954e53c2911d47d729ae27754b6408a8.cloudfront.net (CloudFront) Location: https://cloud.github.com/test404page.js Server: CloudFront Content-Length: 183 Content-Type: text/html X-Amz-Cf-Id: qoChYy_R--_ktT2_qAoyCNy7rm9TGgKzulAXyk7TY-FBt2agznHWJA== X-Cache: Redirect from cloudfront | clean |
https://cloud.github.com/test404page.js | 403 Forbidden Content-Length: 243 Content-Type: application/xml | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hudochlaser.se
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hudochlaser.se/
Result: hudochlaser.se is not infected or malware details are not published yet.
Result: hudochlaser.se is not infected or malware details are not published yet.