Scanned pages/files
Request | Server response | Status |
http://manualidadesnavidenas.net/ | 200 OK Content-Length: 132532 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. <!-- HTML Encrypt By DarK-Mirror.org --> <!-- document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6 ...[3569 bytes skipped]... Decoded script: ...[3425 bytes skipped]... 99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div> <embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi ...[1274 bytes skipped]... Deface/Content modification. The following signature was found: Hacked By H3X KH4N <html> <head> <title>Hacked By H3X KH4N</title> <meta content="H3X KH4N Was Here" name="description"/> <meta content="H3X KH4N" name="keywords"/> <meta content="Cyb3r Gangst3r J i H" name="Abstract"/> </head> <Script Language='Javascript'> <!-- HTML Encrypt By DarK-Mirror.org --> <!-- document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%6 ...[151927 bytes skipped]... | ||
http://manualidadesnavidenas.net/wp-includes/js/jquery/jquery.js?ver=1.11.2 | 200 OK Content-Length: 95952 Content-Type: application/javascript | clean |
http://manualidadesnavidenas.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://manualidadesnavidenas.net/wp-content/themes/suffusion/scripts/jquery.bgiframe.min.js?ver=1.0 | 200 OK Content-Length: 1517 Content-Type: application/javascript | clean |
http://manualidadesnavidenas.net/wp-content/themes/suffusion/scripts/suffusion.js?ver=1.0 | 200 OK Content-Length: 4811 Content-Type: application/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 27376 Content-Type: text/javascript | clean |
http://www.google.com/afsonline/show_afs_search.js | 200 OK Content-Length: 3366 Content-Type: text/javascript | clean |
http://www.google.es/coop/cse/brand?form=cse-search-box&lang=es | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Sun, 20 Dec 2015 02:47:39 GMT Location: https://cse.google.es/coop/cse/brand?form=cse-search-box&lang=es Server: sffe Content-Length: 265 Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://cse.google.es/coop/cse/brand?form=cse-search-box&lang=es | 200 OK Content-Length: 2499 Content-Type: text/javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 87641 Content-Type: application/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 13354 Content-Type: application/javascript | clean |
http://manualidadesnavidenas.net/2013/09/como-hacer-adornos-navidenos-caseros-2.html | 200 OK Content-Length: 83224 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. <!-- HTML Encrypt By DarK-Mirror.org --> <!-- document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6 ...[3569 bytes skipped]... Decoded script: ...[3425 bytes skipped]... 99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div> <embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi ...[1274 bytes skipped]... | ||
http://manualidadesnavidenas.net/wp-includes/js/comment-reply.min.js?ver=4.2.2 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://manualidadesnavidenas.net/2013/09/angeles-navidenos-para-colgar.html | 200 OK Content-Length: 83465 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. <!-- HTML Encrypt By DarK-Mirror.org --> <!-- document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6 ...[3569 bytes skipped]... Decoded script: ...[3425 bytes skipped]... 99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div> <embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi ...[1274 bytes skipped]... | ||
http://manualidadesnavidenas.net/2013/08/como-hacer-duendes-de-navidad.html | 200 OK Content-Length: 86937 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. <!-- HTML Encrypt By DarK-Mirror.org --> <!-- document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6 ...[3569 bytes skipped]... Decoded script: ...[3425 bytes skipped]... 99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div> <embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi ...[1274 bytes skipped]... | ||
http://manualidadesnavidenas.net/2013/08/como-hacer-angeles-de-navidad-vestidos.html | 200 OK Content-Length: 85824 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. <!-- HTML Encrypt By DarK-Mirror.org --> <!-- document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6 ...[3569 bytes skipped]... Decoded script: ...[3425 bytes skipped]... 99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div> <embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi ...[1274 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: manualidadesnavidenas.net
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: close
Date: Sun, 20 Dec 2015 02:47:36 GMT
Pragma: no-cache
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 PHP/5.3.25
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.25
GET / HTTP/1.1
Host: manualidadesnavidenas.net
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: close
Date: Sun, 20 Dec 2015 02:47:36 GMT
Pragma: no-cache
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 PHP/5.3.25
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: manualidadesnavidenas.net
Referer: http://www.google.com/search?q=manualidadesnavidenas.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: manualidadesnavidenas.net
Referer: http://www.google.com/search?q=manualidadesnavidenas.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=manualidadesnavidenas.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://manualidadesnavidenas.net/
Result: manualidadesnavidenas.net is not infected or malware details are not published yet.
Result: manualidadesnavidenas.net is not infected or malware details are not published yet.