Scanned pages/files
Request | Server response | Status |
http://tv2next.com/ | HTTP/1.1 200 OK Connection: close Date: Fri, 16 May 2014 21:08:30 GMT Accept-Ranges: bytes ETag: "3d8129-185-4bc283d0fc500" Server: Apache/2.2.14 (Ubuntu) Vary: Accept-Encoding Content-Length: 389 Content-Type: text/html Last-Modified: Mon, 26 Mar 2012 16:55:16 GMT | clean |
http://wwwtv2next.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 16 May 2014 21:08:00 GMT Location: http://www.wwwtv2next.com/ Server: ghs Content-Length: 223 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.wwwtv2next.com/ | 200 OK Content-Length: 62628 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://d2c8yne9ot06t4.cloudfront.net/static/jslib/jquery-ui.min.js | 200 OK Content-Length: 210832 Content-Type: application/x-javascript | clean |
http://d2c8yne9ot06t4.cloudfront.net/static/sttc/jquery.form.js | 200 OK Content-Length: 28038 Content-Type: application/x-javascript | clean |
http://d2c8yne9ot06t4.cloudfront.net/static/sttc/contact.js | 200 OK Content-Length: 2531 Content-Type: application/x-javascript | clean |
http://d2c8yne9ot06t4.cloudfront.net/static/js/Skins/Menu/minimalDropdown.js | 200 OK Content-Length: 10758 Content-Type: application/x-javascript | clean |
http://d2c8yne9ot06t4.cloudfront.net/static/js/Skins/Item/itemDesign.js | 200 OK Content-Length: 456 Content-Type: application/x-javascript | clean |
http://d2c8yne9ot06t4.cloudfront.net/static/js/Skins/Item/slideDesign.js | 200 OK Content-Length: 8846 Content-Type: application/x-javascript | clean |
http://d2c8yne9ot06t4.cloudfront.net/static/sttc/slideshow_186.js | 200 OK Content-Length: 37093 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var slideshow = {
rootUrl: "http://d2c8yne9ot06t4.cloudfront.net/static", currentSlideShowBox: "", down_x: 0, up_x: 0, paginatorCheck: false, ScrollToPosition: function (target_to_scroll) { var scrollable = $(window) var container = scrollable var kkk = $("."+target_to_scroll); $.scrollTo( kkk, 800 ); }, vAlign: function(thiss) { child.css("height", heightt); child.find(".inner-visible").css("width", widthh); child.find(".inner-visible").css("height", heightt); var VertCentering = (heightt - newChildHeight) / 2 child.find("img").css("position", "relative"); child.find("img").css("top", VertCentering+"px"); child.find("img").css("left", "0px"); } }) } } Antivirus reports:
| ||
http://d2c8yne9ot06t4.cloudfront.net/static/sttc/jquery.scrollTo-min.js | 200 OK Content-Length: 2262 Content-Type: application/x-javascript | clean |
http://tv2next.com/hard.html | 404 Not Found Content-Length: 284 Content-Type: text/html | clean |
http://tv2next.com/test404page.js | 404 Not Found Content-Length: 289 Content-Type: text/html | clean |
http://tv2next.com/soft.html | 404 Not Found Content-Length: 284 Content-Type: text/html | clean |
http://tv2next.com/cases.html | 404 Not Found Content-Length: 285 Content-Type: text/html | clean |
http://tv2next.com/contact.html | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tv2next.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 16 May 2014 21:08:30 GMT
Accept-Ranges: bytes
ETag: "3d8129-185-4bc283d0fc500"
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 389
Content-Type: text/html
Last-Modified: Mon, 26 Mar 2012 16:55:16 GMT
...389 bytes of data.
GET / HTTP/1.1
Host: tv2next.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 16 May 2014 21:08:30 GMT
Accept-Ranges: bytes
ETag: "3d8129-185-4bc283d0fc500"
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 389
Content-Type: text/html
Last-Modified: Mon, 26 Mar 2012 16:55:16 GMT
...389 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tv2next.com
Referer: http://www.google.com/search?q=tv2next.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tv2next.com
Referer: http://www.google.com/search?q=tv2next.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tv2next.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tv2next.com/
Result: tv2next.com is not infected or malware details are not published yet.
Result: tv2next.com is not infected or malware details are not published yet.