malware site?

malware site??
[/size]
[/size]hxxp://socialcam.com/v/gorCwlFH
[/size]
[/size]virustotal https://www.virustotal.com/url/538a11904bf864a1bb4dfdbd1b65f0634cf9177a08b930c20fe4cbe0bb5f79ec/analysis/1338216328/
[/size]
[/size]anubis http://anubis.iseclab.org/?action=result&task_id=1efb93996337ef0e48de0254d6b5bf7ff&format=html
[/size]
[/size]http://zulu.zscaler.com/submission/show/c3283837564cd709c8a5359021c7ff6f-1338216430
[/size]
[/size]eset detected cahe poised, thanks,

Malicious Obfuscated content found for that URL
Obfuscation could be de-obfuscated as: “document.write(‘<a href="mailto:webcontactATsocialcam dot com">Email Us</a>’);”

polonus

So any kind of obfuscated content will alert Zulu’s Scanner?
Quote: “Malicious Obfuscated content found”

Also, if the webmaster wanted to prevent his email from being harvested, he could’ve used @ which decodes to @
Resource: http://www.asciitable.com/index/asciifull.gif

Hi !Donovan,

For me it is just also a foolproof anti-spam measure, but it can also be used reversely,
eset detected cache poised for that site…
Conditional compilation used here to sniff: /@cc_on!@/ false
The alternative would naturally be: var isMSIE = /@cc_on!@/!1;

polonus

VirusTotal
https://www.virustotal.com/file/0399184a71e1a03b130cf79012d13e7db8d9d38f21b5fa3619ac5ad469ece8a5/analysis/1338222246/

This page seems to be 1 suspicious inline script found.
http://www.UnmaskParasites.com/security-report/?page=socialcam.com/v/gorCwlFH

wepawet
http://wepawet.iseclab.org/view.php?hash=805de6ee72be18c415e481e66b7d81b1&t=1338222377&type=js

Hi Pondus & !Donovan,

That means that the Zcaler flag is because of the inline script flagged by Google Safebrowsing, but I think that was just obfuscation taken as a potential XSS problem, see: htxp://apidock.com/rails/ActionView/Helpers/UrlHelper/mail_to#355-Javascript-encoding-DOES-work- (poster Bounga on Flowdock blog gives the same encoded script). So I would say, verdict: false positive,

polonus