Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=compinfo.ge
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://compinfo.ge/ | 200 OK Content-Length: 65601 Content-Type: text/html | clean |
http://compinfo.ge/templates/standard/js/dynapi.js | 200 OK Content-Length: 20609 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function MWJ_findObj( oName, oFrame, oDoc ) { if( !oDoc ) { if( oFrame ) { oDoc = oFrame.document; } else { oDoc = window.document; } } if( oDoc[oName] ) { return oDoc[oName]; } if( oDoc.all && oDoc.all[oName] ) { return oDoc.all[oName]; } if( oDoc.getElementById && oDoc.getElementById(oName) ) { return o oOb['on'+oEvent.toLowerCase()] = function (e) { if( !e ) { e = window.event; } if( !e ) { return; } var oHandler = this['MWJ_'+e.type.toLowerCase()]; if( typeof( e.which ) == 'number' ) { e = e.which; } else { e = e.button; } if( oHandler ) { oHandler( arguments[0], e, ( ( e < 2 ) ? 'left' : 'right' ), this ); } }; oOb['MWJ_'+oEvent.toLowerCase()] = oHandler; } Antivirus reports:
| ||
http://compinfo.ge/templates/standard/js/func.js | 200 OK Content-Length: 17794 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function SymError(){return true;} window.onerror = SymError; function drucke(id,theme){ var html = document.getElementById(id).innerHTML; html = html.replace(/src="/gi, 'src="../' ); html = html.replace(/</gi, '<' ); html = html.replace(/>/gi, '>' ); var pFenster = window.open( '', null, 'height=600,width=780,toolbar=yes,location=yes,status=yes,menubar=yes,scrollbars=yes,resizable=yes' ) ; var HTML = '<html><head></head> var e = fmobj.elements[i]; if ((e.type=='hidden') && (e.value == 1) && (! isNaN(e.name) )) { eval("fmobj.msgid_" + e.name + ".checked=true;"); high(e); } } } function desel() { var fmobj = document.kform; for (var i=0;i<fmobj.elements.length;i++) { var e = fmobj.elements[i]; if (e.type=='checkbox') { e.checked=false; off(e); } } } Antivirus reports:
| ||
http://compinfo.ge/../../../Scripts/AC_RunActiveContent.js | 400 Bad Request Content-Length: 497 Content-Type: text/html | clean |
http://compinfo.ge/test404page.js | 404 Not Found Content-Length: 481 Content-Type: text/html | clean |
http://compinfo.ge/c4/kgeo.js | 200 OK Content-Length: 8681 Content-Type: application/javascript | clean |
http://counter.top.ge/cgi-bin/cod?100+1176 | 200 OK Content-Length: 368 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: compinfo.ge
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 27 Apr 2014 22:02:52 GMT
Pragma: no-cache
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
Vary: Accept-Encoding,User-Agent
Content-Length: 65601
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=f8710131a6238f4f81b236460914fe8a; path=/
Set-Cookie: real=1
X-Powered-By: PHP/5.2.17
...65601 bytes of data.
GET / HTTP/1.1
Host: compinfo.ge
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 27 Apr 2014 22:02:52 GMT
Pragma: no-cache
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
Vary: Accept-Encoding,User-Agent
Content-Length: 65601
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=f8710131a6238f4f81b236460914fe8a; path=/
Set-Cookie: real=1
X-Powered-By: PHP/5.2.17
...65601 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: compinfo.ge
Referer: http://www.google.com/search?q=compinfo.ge
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: compinfo.ge
Referer: http://www.google.com/search?q=compinfo.ge
Result:
The result is similar to the first query. There are no suspicious redirects found.