Scanned pages/files
Request | Server response | Status |
http://www.thesfo.org/ | 200 OK Content-Length: 9040 Content-Type: text/html | clean |
http://www.thesfo.org/js/jquery.min.js | 200 OK Content-Length: 93107 Content-Type: application/javascript | clean |
http://www.thesfo.org/js/config.js | 200 OK Content-Length: 3598 Content-Type: application/javascript | clean |
http://www.thesfo.org/js/skel.min.js | 200 OK Content-Length: 21439 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var skel=function(){var a={config:{prefix:null,preloadStyleSheets:!1,pollOnce:!1,resetCSS:!1,normalizeCSS:!1,boxModel:null,useOrientation:!1,useRTL:!1,pollOnLock:!1,usePerpetualLock:!0,useDomainLock:!0,containers:960,grid:{collapse:!1,gutters:40},breakpoints:{all:{range:"*",hasStyleSheet:!1}},events:{}},isConfigured:!1,isInit:!1,lockState:null,stateId:"",me:null,breakpoints:[],breakpointList:[],events:[],plugins:{},cache:{elements:{},states:{}},locations:{html:null,head:null,body:null},vars:{},l !0;a.isConfigured&&a.init()}};a.preInit();return a}(); Antivirus reports:
| ||
http://www.thesfo.org/js/skel-panels.min.js | 200 OK Content-Length: 16835 Content-Type: application/javascript | clean |
http://www.thesfo.org/ein-gutes-koerpergefuehl-bekommen.html | 200 OK Content-Length: 3879 Content-Type: text/html | clean |
http://www.thesfo.org/das-wahre-ding.html | 200 OK Content-Length: 3929 Content-Type: text/html | clean |
http://www.thesfo.org/masturbation-im-sex-tv.html | 200 OK Content-Length: 5361 Content-Type: text/html | clean |
http://www.thesfo.org/test404page.js | HTTP/1.1 302 Found Connection: close Date: Wed, 09 Apr 2014 03:22:40 GMT Location: http://www.thesfo.org Server: Apache Content-Length: 269 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thesfo.org
Result:
GET / HTTP/1.1
Host: thesfo.org
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: thesfo.org
Referer: http://www.google.com/search?q=thesfo.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thesfo.org
Referer: http://www.google.com/search?q=thesfo.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thesfo.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thesfo.org/
Result: thesfo.org is not infected or malware details are not published yet.
Result: thesfo.org is not infected or malware details are not published yet.