Scanned pages/files
Request | Server response | Status |
http://valeaaurie.ro/ | 200 OK Content-Length: 81956 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ pwebFBLikeBox128 = new pwebFBLikeBox({ id: 128, prefix: 'pwebfblikebox128', open: 'click', close: 'click', position: 'left', top: -1, layout: 'slidebox' }); })(); Antivirus reports:
| ||
http://valeaaurie.ro/media/system/js/mootools-core.js | 200 OK Content-Length: 83893 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/media/jui/js/jquery.min.js | 200 OK Content-Length: 96381 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/media/jui/js/jquery-noconflict.js | 200 OK Content-Length: 21 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/media/jui/js/jquery-migrate.min.js | 200 OK Content-Length: 7199 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/media/system/js/core.js | 200 OK Content-Length: 4000 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/media/system/js/mootools-more.js | 200 OK Content-Length: 236825 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/media/system/js/modal.js | 200 OK Content-Length: 9732 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/components/com_k2/js/k2.js?v2.6.8&sitepath=/ | 200 OK Content-Length: 8011 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/templates/shaper_news_iii/js/tools.js | 200 OK Content-Length: 740 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/plugins/system/helix/js/dropline.js | 200 OK Content-Length: 1969 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/plugins/system/helix/js/menu.js | 200 OK Content-Length: 5178 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/plugins/system/helix/js/totop.js | 200 OK Content-Length: 989 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/media/mod_pwebfblikebox/js/mootools.likebox.js | 200 OK Content-Length: 2472 Content-Type: application/x-javascript | clean |
http://valeaaurie.ro/media/mod_joomimg/js/slideshow.js | 200 OK Content-Length: 32605 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: valeaaurie.ro
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 23 Jun 2014 04:33:48 GMT
Server: Apache
Content-Type: text/html
Set-Cookie: a4627f8f913d080d60beba8b9350ad74=99fb2d4aefc68cba1f61e242472ccdaf; path=/; HttpOnly
X-Powered-By: PHP/5.4.29
GET / HTTP/1.1
Host: valeaaurie.ro
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 23 Jun 2014 04:33:48 GMT
Server: Apache
Content-Type: text/html
Set-Cookie: a4627f8f913d080d60beba8b9350ad74=99fb2d4aefc68cba1f61e242472ccdaf; path=/; HttpOnly
X-Powered-By: PHP/5.4.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: valeaaurie.ro
Referer: http://www.google.com/search?q=valeaaurie.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: valeaaurie.ro
Referer: http://www.google.com/search?q=valeaaurie.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=valeaaurie.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://valeaaurie.ro/
Result: valeaaurie.ro is not infected or malware details are not published yet.
Result: valeaaurie.ro is not infected or malware details are not published yet.