Scanned pages/files
Request | Server response | Status |
http://www.segnorasque.com/ | 200 OK Content-Length: 134490 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=bf4a4223d82293dacd7ce191f926bbba#src=http%3a%2f%2fwww.segnorasque.com%2f&lang=es_es&name=segnorasquecom&avatar=http%3a%2f%2f33.media.tumblr.com%2favatar_c9b413b7f212_64.png&url=http%3a%2f%2fwww.segnorasque.com%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=bf4a4223d82293dacd7ce191f926bbba#src=http%3a%2f%2fwww.segnorasque.com%2f&lang=es_es&name=segnorasquecom&avatar=http%3a%2f%2f33.media.tumblr.com%2favatar_c9b413b7f212_64.png&url=http%3a%2f%2fwww.segnorasque.com%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> | ||
http://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=75ff60d174af47d7ea271d82d4fe1151 | 200 OK Content-Length: 3361 Content-Type: application/javascript | clean |
http://www3.smartadserver.com/config.js?nwid=1100 | HTTP/1.1 302 Found Cache-Control: private Date: Wed, 29 Jul 2015 08:50:29 GMT Location: http://r.sascdn.com/diff/js/smart.js Content-Length: 153 Content-Type: text/html; charset=utf-8 | clean |
http://r.sascdn.com/diff/js/smart.js | 200 OK Content-Length: 12594 Content-Type: application/x-javascript | clean |
http://static.tumblr.com/7n42sxj/D6cn0wcv5/jquery.js | 200 OK Content-Length: 93067 Content-Type: application/javascript | clean |
http://static.tumblr.com/7n42sxj/O8Wn0wxly/tinynav.js | 200 OK Content-Length: 835 Content-Type: application/javascript | clean |
http://static.tumblr.com/7n42sxj/d1dn1q1nc/jquery.magnific-popup.min.js | 200 OK Content-Length: 20947 Content-Type: application/javascript | clean |
http://static.tumblr.com/7n42sxj/nxNn1q18h/jflickrfeed.min.js | 200 OK Content-Length: 1731 Content-Type: application/javascript | clean |
http://static.tumblr.com/7n42sxj/Titn1q19h/fitvids.js | 200 OK Content-Length: 3197 Content-Type: application/javascript | clean |
http://static.tumblr.com/7n42sxj/BfJn1zcgb/jquery.colorbox.js | 200 OK Content-Length: 27762 Content-Type: application/javascript | clean |
http://static.tumblr.com/7n42sxj/5hfn1zcgq/jquery.photoset-grid.min.js | 200 OK Content-Length: 4470 Content-Type: application/javascript | clean |
http://assets.tumblr.com/assets/scripts/tumblelog.js?_v=93bb152582dbb408afc826f52e6676b4 | 200 OK Content-Length: 44957 Content-Type: application/javascript | clean |
http://es.ads.justpremium.com/adserve/js.php?zone=9328 | 200 OK Content-Length: 302423 Content-Type: application/x-javascript | clean |
http://www.segnorasque.com//s7.addthis.com/js/300/addthis_widget.js/ | 404 Not Found Content-Length: 88356 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=bf4a4223d82293dacd7ce191f926bbba#src=http%3a%2f%2fwww.segnorasque.com%2f%2fs7.addthis.com%2fjs%2f300%2faddthis_widget.js%2f&lang=es_es&name=segnorasquecom&avatar=http%3a%2f%2f33.media.tumblr.com%2favatar_c9b413b7f212_64.png&url=http%3a%2f%2fwww.segnorasque.com%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=bf4a4223d82293dacd7ce191f926bbba#src=http%3a%2f%2fwww.segnorasque.com%2f%2fs7.addthis.com%2fjs%2f300%2faddthis_widget.js%2f&lang=es_es&name=segnorasquecom&avatar=http%3a%2f%2f33.media.tumblr.com%2favatar_c9b413b7f212_64.png&url=http%3a%2f%2fwww.segnorasque.com%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> | ||
http://adkengage.com/pshandler.js?aid=14802&v=OLP31sXORvlM8ZFXPb8kow%3d%3d&dpid=9556 | 200 OK Content-Length: 934 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<script> var aid = 14802; var v ="OLP31sXORvlM8ZFXPb8kow%3d%3d"; var credomain = "adkengage.com"; var did = "16186"; document.write(\'<sc\'+\'ript type="text/javascript" src="http://\'+ credomain +\'/Scripts/CREReqScript.js?11252014_1402"></sc\'+\'ript>\'); </script>');document.write('<iframe name="__bkframe" height="0" width="0" frameborder="0" style="display:none;position:absolute;clip:rect(0px 0px 0px 0px)" src="about:blank"></iframe><scr Antivirus reports:
Hidden iFrame found. size: 0x0 src: http://eb2.3lift.com/xuid?mid=2699&xuid=&dongle=37a1 <iframe height="0" width="0" frameborder="0" src="http://eb2.3lift.com/xuid?mid=2699&xuid=&dongle=37a1"> | ||
http://www.segnorasque.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 404 Not Found Content-Length: 88426 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=bf4a4223d82293dacd7ce191f926bbba#src=http%3a%2f%2fwww.segnorasque.com%2f%2fpagead2.googlesyndication.com%2fpagead%2fjs%2fadsbygoogle.js%2f&lang=es_es&name=segnorasquecom&avatar=http%3a%2f%2f33.media.tumblr.com%2favatar_c9b413b7f212_64.png&url=http%3a%2f%2fwww.segnorasque.com%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=bf4a4223d82293dacd7ce191f926bbba#src=http%3a%2f%2fwww.segnorasque.com%2f%2fpagead2.googlesyndication.com%2fpagead%2fjs%2fadsbygoogle.js%2f&lang=es_es&name=segnorasquecom&avatar=http%3a%2f%2f33.media.tumblr.com%2favatar_c9b413b7f212_64.png&url=http%3a%2f%2fwww.segnorasque.com%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: segnorasque.com
Result:
GET / HTTP/1.1
Host: segnorasque.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: segnorasque.com
Referer: http://www.google.com/search?q=segnorasque.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: segnorasque.com
Referer: http://www.google.com/search?q=segnorasque.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=segnorasque.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://segnorasque.com/
Result: segnorasque.com is not infected or malware details are not published yet.
Result: segnorasque.com is not infected or malware details are not published yet.