Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=securecall.co.za
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://securecall.co.za/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://securecall.co.za/ | 200 OK Content-Length: 30966 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.addEvent('load', function() { new JCaption('img.caption'); }); var rokboxPath = '/plugins/system/rokbox/'; window.addEvent("domready", function() { new ScrollModules('rt-showcase', {duration: 600, transition: Fx.Transitions.Expo.easeInOut, autoplay: 0, delay: 5000}); new ScrollModules('rt-feature', {duration: 600, transition: Fx.Transitions.Expo.easeInOut, autoplay: 0, delay: 5000}); }); window.addEvent('domready', function() {new GantrySmartLoad({'offset pillFx: {duration: 200, transition: Fx.Transitions.Quad.easeOut} }); }); window.addEvent('domready', function() { }); window.addEvent('load', function() { }); function keepAlive() { var myAjax = new Request({method: "get", url: "index.php"}).send();} window.addEvent("domready", function(){ keepAlive.periodical(840000); }); Antivirus reports:
| ||
http://securecall.co.za/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/x-javascript | clean |
http://securecall.co.za/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/x-javascript | clean |
http://securecall.co.za/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/x-javascript | clean |
http://securecall.co.za/media/widgetkit/js/jquery.js | 200 OK Content-Length: 91037 Content-Type: application/x-javascript | clean |
http://securecall.co.za/cache/widgetkit/widgetkit-7fea7b93.js | 200 OK Content-Length: 103686 Content-Type: application/x-javascript | clean |
http://securecall.co.za/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/x-javascript | clean |
http://securecall.co.za/plugins/system/rokbox/rokbox.js | 200 OK Content-Length: 21801 Content-Type: application/x-javascript | clean |
http://securecall.co.za/plugins/system/rokbox/themes/light/rokbox-config.js | 200 OK Content-Length: 2598 Content-Type: application/x-javascript | clean |
http://securecall.co.za/libraries/gantry/js/gantry-totop.js | 200 OK Content-Length: 378 Content-Type: application/x-javascript | clean |
http://securecall.co.za/templates/rt_tachyon_j16/js/gantry-module-scroller-mt1.2.js | 200 OK Content-Length: 2646 Content-Type: application/x-javascript | clean |
http://securecall.co.za/libraries/gantry/js/gantry-smartload.js | 200 OK Content-Length: 2815 Content-Type: application/x-javascript | clean |
http://securecall.co.za/libraries/gantry/js/gantry-date.js | 200 OK Content-Length: 2933 Content-Type: application/x-javascript | clean |
http://securecall.co.za/libraries/gantry/js/gantry-inputs.js | 200 OK Content-Length: 3831 Content-Type: application/x-javascript | clean |
http://securecall.co.za/templates/rt_tachyon_j16/js/rt-fixedheader.js | 200 OK Content-Length: 970 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: securecall.co.za
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 21 Aug 2014 07:20:29 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: cf5130bc2ad974fcbda430520502ac1e=5qcvoet7ue4a1ebrolr6dbfue6; path=/
X-Powered-By: PHP/5.4.4-14+deb7u12
GET / HTTP/1.1
Host: securecall.co.za
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 21 Aug 2014 07:20:29 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: cf5130bc2ad974fcbda430520502ac1e=5qcvoet7ue4a1ebrolr6dbfue6; path=/
X-Powered-By: PHP/5.4.4-14+deb7u12
Second query (visit from search engine):
GET / HTTP/1.1
Host: securecall.co.za
Referer: http://www.google.com/search?q=securecall.co.za
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: securecall.co.za
Referer: http://www.google.com/search?q=securecall.co.za
Result:
The result is similar to the first query. There are no suspicious redirects found.