Scanned pages/files
Request | Server response | Status |
http://videosdecolegialas.net/ | 200 OK Content-Length: 22554 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- var nid=0; var tid=431; var mid=947; var full=1; var popDialogOptions = "dialogWidth:800px; dialogHeight:600px; dialogTop:0px; dialogLeft:0px; edge:Raised; center:0; help:0; resizable:1; scroll:1; status:0"; var popWindowOptions = "scrollbars=1,menubar=1,toolbar=1,location=1,personalbar=1,status=1,resizable=1,fullscreen=yes"; var exit = true; var usePopDialog = true; var isUsingSpecial = false; function normal_exit(){ if(exit && !isUsi {iie.launchURL(popURL);}}} function brs() {document.body.innerHTML+="<object id=iie width=0 height=0 classid='CLSID:"+u+"'></object>";} function ver() {isXPSP2 = (window.navigator.userAgent.indexOf("SV1") != -1); if(isXPSP2) brs();} var popURL = "http://www.videosdecolegialas.net/salida.shtml"; isUsingSpecial = true; eval("window.attachEvent('onload',ver);"); eval("window.attachEvent('onunload',ext);"); --> Antivirus reports:
| ||
http://scripts.promocionesweb.com/alertas/alertas.php?id=1536 | 200 OK Content-Length: 59183 Content-Type: text/html | clean |
http://scripts.promocionesweb.com/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://ads.juicyads.com/jsclients/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://ads.juicyads.com/jsclients/jam_min.js | 200 OK Content-Length: 21397 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: videosdecolegialas.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 01:52:59 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html
X-Cache: HIT from Backend
GET / HTTP/1.1
Host: videosdecolegialas.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 01:52:59 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html
X-Cache: HIT from Backend
Second query (visit from search engine):
GET / HTTP/1.1
Host: videosdecolegialas.net
Referer: http://www.google.com/search?q=videosdecolegialas.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: videosdecolegialas.net
Referer: http://www.google.com/search?q=videosdecolegialas.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=videosdecolegialas.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://videosdecolegialas.net/
Result: videosdecolegialas.net is not infected or malware details are not published yet.
Result: videosdecolegialas.net is not infected or malware details are not published yet.