Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=venomrxs.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://venomrxs.com/ | 200 OK Content-Length: 16263 Content-Type: text/html | clean |
http://venomrxs.com/cache/js-1d8b3362a00fef97d077bd5a24d9c0ca.php | 200 OK Content-Length: 300719 Content-Type: application/x-javascript | clean |
http://venomrxs.com/components/com_k2/js/k2.js | 200 OK Content-Length: 3083 Content-Type: application/javascript | clean |
http://venomrxs.com/plugins/system/JCH_Optimize/jscss.php?f=6d2395b80723fad5f486f4a3c3d9cdf0&type=js | 200 OK Content-Length: 86952 Content-Type: text/javascript | clean |
http://venomrxs.com/cache/js-9a9e54acf56fe46469348df394edeff8.php | 200 OK Content-Length: 16556 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var GantryBuildSpans=function(g,j,k){(g.length).times(function(i){var e="."+g[i];var f=function(a){a.setStyle('visibility','visible');var b=a.getText();var c=b.split(" ");first=c[0];rest=c.slice(1).join(" ");html=a.innerHTML;if(rest.length>0){var d=a.clone().setText(' '+rest),span=new Element('span').setText(first);span.inject(d,'top');a.replaceWith(d)}};$$(e).each(function(c){j.each(function(h){c.getElements(h).each(function(b){var a=b.getFirst();if(a&&a.getTag()=='a')f(a);else f(b)} Antivirus reports:
| ||
http://venomrxs.com/components/com_jxtcprimetime/jxtcswfobject.js | 200 OK Content-Length: 9845 Content-Type: application/javascript | clean |
http://svhs4.com/cqJ3CImv.php?id= | 200 OK Content-Length: 328 Content-Type: text/html | clean |
http://svhs4.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: venomrxs.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 01 Apr 2014 18:31:06 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 01 Apr 2014 18:31:06 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6df119204f4161a1064513dc7db0acf2=rc2preqgpb5pr5k27oov60r6k3; path=/
X-Powered-By: PHP/5.3.10-1ubuntu3.4
GET / HTTP/1.1
Host: venomrxs.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 01 Apr 2014 18:31:06 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 01 Apr 2014 18:31:06 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6df119204f4161a1064513dc7db0acf2=rc2preqgpb5pr5k27oov60r6k3; path=/
X-Powered-By: PHP/5.3.10-1ubuntu3.4
Second query (visit from search engine):
GET / HTTP/1.1
Host: venomrxs.com
Referer: http://www.google.com/search?q=venomrxs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: venomrxs.com
Referer: http://www.google.com/search?q=venomrxs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.