Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=appgame.darkzphone.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://appgame.darkzphone.com/ | HTTP/1.1 302 Found Connection: close Date: Sun, 27 Apr 2014 05:05:06 GMT Location: http://appgame.darkzphone.com/activity.php?s=6e57ee3d7294867c324a78668cc2370f Server: nginx Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html Set-Cookie: bb_sessionhash=6e57ee3d7294867c324a78668cc2370f; path=/; HttpOnly Set-Cookie: bb_lastvisit=1398575106; expires=Mon, 27-Apr-2015 05:05:06 GMT; path=/ Set-Cookie: bb_lastactivity=0; expires=Mon, 27-Apr-2015 05:05:06 GMT; path=/ X-Powered-By: PHP/5.3.27 | clean |
http://appgame.darkzphone.com/activity.php?s=6e57ee3d7294867c324a78668cc2370f | 200 OK Content-Length: 24919 Content-Type: text/html | malicious |
Malicious iFrame found. The same iFrame was found in 14 websites. size: 0x0 src: http://meziamussucemaqueue.su/phpmiadmin/cache.php This URL is marked by Google as suspicious <iframe src="http://meziamussucemaqueue.su/phpmiadmin/cache.php" width="0" height="0" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://spravca-inf.ru/google.php <iframe width='0' height='0' frameborder='0' scrolling='no' style='position:absolute;' src='http://spravca-inf.ru/google.php'> | ||
http://appgame.darkzphone.com/clientscript/vbulletin-core.js?v=420 | 200 OK Content-Length: 51945 Content-Type: application/javascript | clean |
http://appgame.darkzphone.com/clientscript/vbulletin_activitystream.js?v=420 | 200 OK Content-Length: 8234 Content-Type: application/javascript | clean |
http://appgame.darkzphone.com/clientscript/vbulletin_md5.js?v=420 | 200 OK Content-Length: 5464 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var hexcase=0;var b64pad="";var chrsz=8;function hex_md5(A){return binl2hex(core_md5(str2binl(A),A.length*chrsz))}function b64_md5(A){return binl2b64(core_md5(str2binl(A),A.length*chrsz))}function str_md5(A){return binl2str(core_md5(str2binl(A),A.length*chrsz))}function hex_hmac_md5(A,B){return binl2hex(core_hmac_md5(A,B))}function b64_hmac_md5(A,B){return binl2b64(core_hmac_md5(A,B))}function str_hmac_md5(A,B){return binl2str(core_hmac_md5(A,B))}function core_md5(K,F){K[F>>5]|=128<< Antivirus reports:
| ||
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21987 Content-Type: text/javascript | clean |
http://appgame.darkzphone.com/forum.php?s=6e57ee3d7294867c324a78668cc2370f | 200 OK Content-Length: 150994 Content-Type: text/html | malicious |
Malicious iFrame found. The same iFrame was found in 14 websites. size: 0x0 src: http://meziamussucemaqueue.su/phpmiadmin/cache.php This URL is marked by Google as suspicious <iframe src="http://meziamussucemaqueue.su/phpmiadmin/cache.php" width="0" height="0" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://spravca-inf.ru/google.php <iframe width='0' height='0' frameborder='0' scrolling='no' style='position:absolute;' src='http://spravca-inf.ru/google.php'> | ||
http://appgame.darkzphone.com/clientscript/vbulletin_read_marker.js?v=420 | 200 OK Content-Length: 4460 Content-Type: application/javascript | clean |
http://appgame.darkzphone.com/external.php?type=js | 200 OK Content-Length: 241 Content-Type: text/html | clean |
http://appgame.darkzphone.com/test404page.js | 500 Internal Server Error Content-Length: 749 Content-Type: text/html | clean |
http://appgame.darkzphone.com/register.php?s=6e57ee3d7294867c324a78668cc2370f | 200 OK Content-Length: 36333 Content-Type: text/html | malicious |
Malicious iFrame found. The same iFrame was found in 14 websites. size: 0x0 src: http://meziamussucemaqueue.su/phpmiadmin/cache.php This URL is marked by Google as suspicious <iframe src="http://meziamussucemaqueue.su/phpmiadmin/cache.php" width="0" height="0" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://spravca-inf.ru/google.php <iframe width='0' height='0' frameborder='0' scrolling='no' style='position:absolute;' src='http://spravca-inf.ru/google.php'> | ||
http://appgame.darkzphone.com/clientscript/vbulletin_ajax_nameverif.js?v=420 | 200 OK Content-Length: 2502 Content-Type: application/javascript | clean |
http://appgame.darkzphone.com/clientscript/vbulletin_ajax_suggest.js?v=420 | 200 OK Content-Length: 8155 Content-Type: application/javascript | clean |
http://appgame.darkzphone.com/faq.php?s=6e57ee3d7294867c324a78668cc2370f | 200 OK Content-Length: 26398 Content-Type: text/html | malicious |
Malicious iFrame found. The same iFrame was found in 14 websites. size: 0x0 src: http://meziamussucemaqueue.su/phpmiadmin/cache.php This URL is marked by Google as suspicious <iframe src="http://meziamussucemaqueue.su/phpmiadmin/cache.php" width="0" height="0" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://spravca-inf.ru/google.php <iframe width='0' height='0' frameborder='0' scrolling='no' style='position:absolute;' src='http://spravca-inf.ru/google.php'> | ||
http://appgame.darkzphone.com/search.php?s=6e57ee3d7294867c324a78668cc2370f&do=getnew&contenttype=vBForum_Post | 200 OK Content-Length: 31801 Content-Type: text/html | malicious |
Malicious iFrame found. The same iFrame was found in 14 websites. size: 0x0 src: http://meziamussucemaqueue.su/phpmiadmin/cache.php This URL is marked by Google as suspicious <iframe src="http://meziamussucemaqueue.su/phpmiadmin/cache.php" width="0" height="0" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://spravca-inf.ru/google.php <iframe width='0' height='0' frameborder='0' scrolling='no' style='position:absolute;' src='http://spravca-inf.ru/google.php'> | ||
http://appgame.darkzphone.com/search.php?s=6e57ee3d7294867c324a78668cc2370f&do=getnew&contenttype=vBCms_Article | 200 OK Content-Length: 31559 Content-Type: text/html | malicious |
Malicious iFrame found. The same iFrame was found in 14 websites. size: 0x0 src: http://meziamussucemaqueue.su/phpmiadmin/cache.php This URL is marked by Google as suspicious <iframe src="http://meziamussucemaqueue.su/phpmiadmin/cache.php" width="0" height="0" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://spravca-inf.ru/google.php <iframe width='0' height='0' frameborder='0' scrolling='no' style='position:absolute;' src='http://spravca-inf.ru/google.php'> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: appgame.darkzphone.com
Result:
HTTP/1.1 302 Found
Connection: close
Date: Sun, 27 Apr 2014 05:05:06 GMT
Location: http://appgame.darkzphone.com/activity.php?s=6e57ee3d7294867c324a78668cc2370f
Server: nginx
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html
Set-Cookie: bb_sessionhash=6e57ee3d7294867c324a78668cc2370f; path=/; HttpOnly
Set-Cookie: bb_lastvisit=1398575106; expires=Mon, 27-Apr-2015 05:05:06 GMT; path=/
Set-Cookie: bb_lastactivity=0; expires=Mon, 27-Apr-2015 05:05:06 GMT; path=/
X-Powered-By: PHP/5.3.27
...0 bytes of data.
GET / HTTP/1.1
Host: appgame.darkzphone.com
Result:
HTTP/1.1 302 Found
Connection: close
Date: Sun, 27 Apr 2014 05:05:06 GMT
Location: http://appgame.darkzphone.com/activity.php?s=6e57ee3d7294867c324a78668cc2370f
Server: nginx
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html
Set-Cookie: bb_sessionhash=6e57ee3d7294867c324a78668cc2370f; path=/; HttpOnly
Set-Cookie: bb_lastvisit=1398575106; expires=Mon, 27-Apr-2015 05:05:06 GMT; path=/
Set-Cookie: bb_lastactivity=0; expires=Mon, 27-Apr-2015 05:05:06 GMT; path=/
X-Powered-By: PHP/5.3.27
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: appgame.darkzphone.com
Referer: http://www.google.com/search?q=appgame.darkzphone.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: appgame.darkzphone.com
Referer: http://www.google.com/search?q=appgame.darkzphone.com
Result:
The result is similar to the first query. There are no suspicious redirects found.