Scanned pages/files
Request | Server response | Status |
http://www.thevalleystudio.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 22 Apr 2014 17:41:42 GMT Location: index2.php Server: nginx/1.4.7 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.2.17 | clean |
http://www.thevalleystudio.com/index2.php | 200 OK Content-Length: 9098 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function setSize(){ var win_w = $(window).width(); var win_h = $(window).height(); var max_h = 800; var max_w = 1050; if (win_w > max_w){ $("#website").width(win_w); } else { $("#website").width(max_w); } if (win_h > max_h){ $("#website").height(win_h); } else { $("#website").height(max_h); } } function openLikeBox(){ var fb_div = $("#fb_div"); var fb_close_btn = $("#fb_close_btn"); left: xpos + "px" }); content_div.css({visibility: "hidden"}); video_div.show(); } function closeVideo(){ $("#video_div").hide(); $("#video_div").empty(); $("#content").css({visibility: "visible"}); } var popUp; function openW(theURL,features) { popUp = window.open(theURL,'videoPopup',features); } function closeW() { popUp.close(); videoPopup.close(); } Antivirus reports:
| ||
http://www.thevalleystudio.com/bluadmin/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://www.thevalleystudio.com/swfobject/swfobject.js | 200 OK Content-Length: 6758 Content-Type: application/javascript | clean |
http://www.thevalleystudio.com/swfaddress/swfaddress.js | 200 OK Content-Length: 13041 Content-Type: application/javascript | clean |
http://www.thevalleystudio.com/swfobject/swfmacmousewheel.js | 200 OK Content-Length: 1816 Content-Type: application/javascript | clean |
http://www.thevalleystudio.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 22 Apr 2014 17:41:47 GMT Location: index2.php Server: nginx/1.4.7 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.2.17 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thevalleystudio.com
Result:
GET / HTTP/1.1
Host: thevalleystudio.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: thevalleystudio.com
Referer: http://www.google.com/search?q=thevalleystudio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thevalleystudio.com
Referer: http://www.google.com/search?q=thevalleystudio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thevalleystudio.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thevalleystudio.com/
Result: thevalleystudio.com is not infected or malware details are not published yet.
Result: thevalleystudio.com is not infected or malware details are not published yet.