Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tv-net.co
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tv-net.co/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://tv-net.co/ | 200 OK Content-Length: 6201 Content-Type: text/html | clean |
http://tv-net.co/jquery.js | 200 OK Content-Length: 91671 Content-Type: application/x-javascript | clean |
http://tv-net.co/script.js | 200 OK Content-Length: 7040 Content-Type: application/x-javascript | clean |
http://tv-net.co/channels-frequency/ | 200 OK Content-Length: 37931 Content-Type: text/html | clean |
http://tv-net.co/channels-frequency/jscripts/global.js | 200 OK Content-Length: 9797 Content-Type: application/x-javascript | clean |
http://tv-net.co/channels-frequency/jscripts/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/x-javascript | clean |
http://ads.aljayyash.net/all.php | 500 Can't connect to ads.aljayyash.net:80 (Bad hostname) Content-Length: 166 Content-Type: text/plain | clean |
http://ads.aljayyash.net/test404page.js | 500 Can't connect to ads.aljayyash.net:80 (Bad hostname) Content-Length: 166 Content-Type: text/plain | clean |
http://www.tab3hd.com/up.js | 200 OK Content-Length: 13276 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!--
var interstitialBox={ ie7: window.XMLHttpRequest && document.all && !window.opera, ie7offline: this.ie7 && window.location.href.indexOf("http")==-1, launch:false, scrollbarwidth: 16, loadpage:function(url){ page_request = url document.getElementById("interContent").innerHTML='<iframe src="'+ page_request +'" style="width: 100%; height: 600px" marginwidth="0" marginheight="0" frameborder="0" vspace="0" hspac } var pppid='pppid142'; document.write("<object style='display:block;width:1px;height:1px;position:absolute;left:0px;top:500px' id='"+pppid+"'></object>"); if (usingObject) {setupObject();} if (usingEditor) {startObject();} loadingPop(); self.focus(); --> Antivirus reports:
| ||
http://tv-net.co/channels-frequency/channels-frequency-2-1.html | 200 OK Content-Length: 38836 Content-Type: text/html | clean |
http://tv-net.co/channels-frequency/links.php | 200 OK Content-Length: 11748 Content-Type: text/html | clean |
http://tv-net.co/channels-frequency/contact.php | 200 OK Content-Length: 12610 Content-Type: text/html | clean |
http://tv-net.co/channels-frequency/channels-frequency-1-1.html | 200 OK Content-Length: 38448 Content-Type: text/html | clean |
http://tv-net.co/channels-frequency/channels-frequency-1-2.html | 200 OK Content-Length: 37066 Content-Type: text/html | clean |
http://tv-net.co/channels-frequency/channels-frequency-1-3.html | 200 OK Content-Length: 40033 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tv-net.co
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 06:35:47 GMT
Accept-Ranges: bytes
ETag: "c0d01f-1839-4bad4ad0d3680"
Server: nginx
Content-Length: 6201
Content-Type: text/html
Last-Modified: Fri, 09 Mar 2012 19:48:26 GMT
...6201 bytes of data.
GET / HTTP/1.1
Host: tv-net.co
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 06:35:47 GMT
Accept-Ranges: bytes
ETag: "c0d01f-1839-4bad4ad0d3680"
Server: nginx
Content-Length: 6201
Content-Type: text/html
Last-Modified: Fri, 09 Mar 2012 19:48:26 GMT
...6201 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tv-net.co
Referer: http://www.google.com/search?q=tv-net.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tv-net.co
Referer: http://www.google.com/search?q=tv-net.co
Result:
The result is similar to the first query. There are no suspicious redirects found.