malware site??
[/size]
[/size]hxxp://socialcam.com/v/gorCwlFH
[/size]
[/size]virustotal https://www.virustotal.com/url/538a11904bf864a1bb4dfdbd1b65f0634cf9177a08b930c20fe4cbe0bb5f79ec/analysis/1338216328/
[/size]
[/size]anubis http://anubis.iseclab.org/?action=result&task_id=1efb93996337ef0e48de0254d6b5bf7ff&format=html
[/size]
[/size]http://zulu.zscaler.com/submission/show/c3283837564cd709c8a5359021c7ff6f-1338216430
[/size]
[/size]eset detected cahe poised, thanks,
Malicious Obfuscated content found for that URL
Obfuscation could be de-obfuscated as: “document.write(‘<a href="mailto:webcontactATsocialcam dot com">Email Us</a>’);”
polonus
So any kind of obfuscated content will alert Zulu’s Scanner?
Quote: “Malicious Obfuscated content found”
Also, if the webmaster wanted to prevent his email from being harvested, he could’ve used @ which decodes to @
Resource: http://www.asciitable.com/index/asciifull.gif
Hi !Donovan,
For me it is just also a foolproof anti-spam measure, but it can also be used reversely,
eset detected cache poised for that site…
Conditional compilation used here to sniff: /@cc_on!@/ false
The alternative would naturally be: var isMSIE = /@cc_on!@/!1;
polonus
This page seems to be 1 suspicious inline script found.
http://www.UnmaskParasites.com/security-report/?page=socialcam.com/v/gorCwlFH
wepawet
http://wepawet.iseclab.org/view.php?hash=805de6ee72be18c415e481e66b7d81b1&t=1338222377&type=js
Hi Pondus & !Donovan,
That means that the Zcaler flag is because of the inline script flagged by Google Safebrowsing, but I think that was just obfuscation taken as a potential XSS problem, see: htxp://apidock.com/rails/ActionView/Helpers/UrlHelper/mail_to#355-Javascript-encoding-DOES-work- (poster Bounga on Flowdock blog gives the same encoded script). So I would say, verdict: false positive,
polonus