Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=alexm.vrazrabotke.com.ua
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://alexm.vrazrabotke.com.ua/ | 200 OK Content-Length: 1731 Content-Type: text/html | clean |
http://alexm.vrazrabotke.com.ua/js/jquery.js | 200 OK Content-Length: 60440 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(G(){9(1m E!="W")H w=E;H E=18.15=G(a,b){I 6 7u E?6.5N(a,b):1u E(a,b)};9(1m $!="W")H D=$;18.$=E;H u=/^[^<]*(<(.|\\s)+& ...[4008 bytes skipped]... Antivirus reports:
| ||
http://alexm.vrazrabotke.com.ua/js/jquery.pngFix.js | 404 Not Found Content-Length: 336 Content-Type: text/html | clean |
http://alexm.vrazrabotke.com.ua/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://alexm.vrazrabotke.com.ua/js/style.js | 200 OK Content-Length: 34491 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function(){ if ($.browser.msie && parseInt($.browser.version) <= 6) { $('.rightside .m_home').mouseover(function(){ $(this).css('backgroundPosition', '0 -67px'); $(this).css('cursor', 'pointer'); }); $('.rightside .m_about').mouseover(function(){ $(this).css('backgroundPosition', '0 -36px'); ...[4122 bytes skipped]... Antivirus reports:
| ||
http://hamiltonmortgage.org/images/hoemeowners-insurance.php | 500 Can't connect to hamiltonmortgage.org:80 Content-Length: 195 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: alexm.vrazrabotke.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Dec 2014 01:12:25 GMT
Pragma: no-cache
Server: Apache
Content-Length: 1731
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=84c329f2c2379ddf7816bed843b3a808; path=/
X-Powered-By: PHP/5.2.17
...1731 bytes of data.
GET / HTTP/1.1
Host: alexm.vrazrabotke.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Dec 2014 01:12:25 GMT
Pragma: no-cache
Server: Apache
Content-Length: 1731
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=84c329f2c2379ddf7816bed843b3a808; path=/
X-Powered-By: PHP/5.2.17
...1731 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: alexm.vrazrabotke.com.ua
Referer: http://www.google.com/search?q=alexm.vrazrabotke.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: alexm.vrazrabotke.com.ua
Referer: http://www.google.com/search?q=alexm.vrazrabotke.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.